diff options
Diffstat (limited to 'gba')
-rw-r--r-- | gba/source/blake2.c | 322 | ||||
-rw-r--r-- | gba/source/blake2.h | 74 | ||||
-rw-r--r-- | gba/source/serialize.c | 51 | ||||
-rw-r--r-- | gba/source/sha2.c | 471 | ||||
-rw-r--r-- | gba/source/sha2.h | 74 |
5 files changed, 416 insertions, 576 deletions
diff --git a/gba/source/blake2.c b/gba/source/blake2.c new file mode 100644 index 0000000..4a09c71 --- /dev/null +++ b/gba/source/blake2.c | |||
@@ -0,0 +1,322 @@ | |||
1 | /* | ||
2 | BLAKE2 reference source code package - reference C implementations | ||
3 | |||
4 | Copyright 2012, Samuel Neves <sneves@dei.uc.pt>. You may use this under the | ||
5 | terms of the CC0, the OpenSSL Licence, or the Apache Public License 2.0, at | ||
6 | your option. The terms of these licenses can be found at: | ||
7 | |||
8 | - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0 | ||
9 | - OpenSSL license : https://www.openssl.org/source/license.html | ||
10 | - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0 | ||
11 | |||
12 | More information about the BLAKE2 hash function can be found at | ||
13 | https://blake2.net. | ||
14 | */ | ||
15 | |||
16 | #include <stdint.h> | ||
17 | #include <string.h> | ||
18 | #include <stdio.h> | ||
19 | |||
20 | #include "blake2.h" | ||
21 | |||
22 | #define BLAKE2_INLINE | ||
23 | |||
24 | static BLAKE2_INLINE uint32_t load32( const void *src ) | ||
25 | { | ||
26 | uint32_t w; | ||
27 | memcpy(&w, src, sizeof w); | ||
28 | return w; | ||
29 | } | ||
30 | |||
31 | static BLAKE2_INLINE void store16( void *dst, uint16_t w ) | ||
32 | { | ||
33 | memcpy(dst, &w, sizeof w); | ||
34 | } | ||
35 | |||
36 | static BLAKE2_INLINE void store32( void *dst, uint32_t w ) | ||
37 | { | ||
38 | memcpy(dst, &w, sizeof w); | ||
39 | } | ||
40 | |||
41 | static BLAKE2_INLINE uint32_t rotr32( const uint32_t w, const unsigned c ) | ||
42 | { | ||
43 | return ( w >> c ) | ( w << ( 32 - c ) ); | ||
44 | } | ||
45 | |||
46 | /* prevents compiler optimizing out memset() */ | ||
47 | static BLAKE2_INLINE void secure_zero_memory(void *v, size_t n) | ||
48 | { | ||
49 | static void *(*const volatile memset_v)(void *, int, size_t) = &memset; | ||
50 | memset_v(v, 0, n); | ||
51 | } | ||
52 | |||
53 | static const uint32_t blake2s_IV[8] = | ||
54 | { | ||
55 | 0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL, | ||
56 | 0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL | ||
57 | }; | ||
58 | |||
59 | static const uint8_t blake2s_sigma[10][16] = | ||
60 | { | ||
61 | { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , | ||
62 | { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } , | ||
63 | { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } , | ||
64 | { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } , | ||
65 | { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } , | ||
66 | { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } , | ||
67 | { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } , | ||
68 | { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } , | ||
69 | { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } , | ||
70 | { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } , | ||
71 | }; | ||
72 | |||
73 | static void blake2s_set_lastnode( blake2s_state *S ) | ||
74 | { | ||
75 | S->f[1] = (uint32_t)-1; | ||
76 | } | ||
77 | |||
78 | /* Some helper functions, not necessarily useful */ | ||
79 | static int blake2s_is_lastblock( const blake2s_state *S ) | ||
80 | { | ||
81 | return S->f[0] != 0; | ||
82 | } | ||
83 | |||
84 | static void blake2s_set_lastblock( blake2s_state *S ) | ||
85 | { | ||
86 | if( S->last_node ) blake2s_set_lastnode( S ); | ||
87 | |||
88 | S->f[0] = (uint32_t)-1; | ||
89 | } | ||
90 | |||
91 | static void blake2s_increment_counter( blake2s_state *S, const uint32_t inc ) | ||
92 | { | ||
93 | S->t[0] += inc; | ||
94 | S->t[1] += ( S->t[0] < inc ); | ||
95 | } | ||
96 | |||
97 | static void blake2s_init0( blake2s_state *S ) | ||
98 | { | ||
99 | size_t i; | ||
100 | memset( S, 0, sizeof( blake2s_state ) ); | ||
101 | |||
102 | for( i = 0; i < 8; ++i ) S->h[i] = blake2s_IV[i]; | ||
103 | } | ||
104 | |||
105 | /* init2 xors IV with input parameter block */ | ||
106 | int blake2s_init_param( blake2s_state *S, const blake2s_param *P ) | ||
107 | { | ||
108 | const unsigned char *p = ( const unsigned char * )( P ); | ||
109 | size_t i; | ||
110 | |||
111 | blake2s_init0( S ); | ||
112 | |||
113 | /* IV XOR ParamBlock */ | ||
114 | for( i = 0; i < 8; ++i ) | ||
115 | S->h[i] ^= load32( &p[i * 4] ); | ||
116 | |||
117 | S->outlen = P->digest_length; | ||
118 | return 0; | ||
119 | } | ||
120 | |||
121 | |||
122 | /* Sequential blake2s initialization */ | ||
123 | int blake2s_init( blake2s_state *S, size_t outlen ) | ||
124 | { | ||
125 | blake2s_param P[1]; | ||
126 | |||
127 | /* Move interval verification here? */ | ||
128 | if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1; | ||
129 | |||
130 | P->digest_length = (uint8_t)outlen; | ||
131 | P->key_length = 0; | ||
132 | P->fanout = 1; | ||
133 | P->depth = 1; | ||
134 | store32( &P->leaf_length, 0 ); | ||
135 | store32( &P->node_offset, 0 ); | ||
136 | store16( &P->xof_length, 0 ); | ||
137 | P->node_depth = 0; | ||
138 | P->inner_length = 0; | ||
139 | /* memset(P->reserved, 0, sizeof(P->reserved) ); */ | ||
140 | memset( P->salt, 0, sizeof( P->salt ) ); | ||
141 | memset( P->personal, 0, sizeof( P->personal ) ); | ||
142 | return blake2s_init_param( S, P ); | ||
143 | } | ||
144 | |||
145 | int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen ) | ||
146 | { | ||
147 | blake2s_param P[1]; | ||
148 | |||
149 | if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1; | ||
150 | |||
151 | if ( !key || !keylen || keylen > BLAKE2S_KEYBYTES ) return -1; | ||
152 | |||
153 | P->digest_length = (uint8_t)outlen; | ||
154 | P->key_length = (uint8_t)keylen; | ||
155 | P->fanout = 1; | ||
156 | P->depth = 1; | ||
157 | store32( &P->leaf_length, 0 ); | ||
158 | store32( &P->node_offset, 0 ); | ||
159 | store16( &P->xof_length, 0 ); | ||
160 | P->node_depth = 0; | ||
161 | P->inner_length = 0; | ||
162 | /* memset(P->reserved, 0, sizeof(P->reserved) ); */ | ||
163 | memset( P->salt, 0, sizeof( P->salt ) ); | ||
164 | memset( P->personal, 0, sizeof( P->personal ) ); | ||
165 | |||
166 | if( blake2s_init_param( S, P ) < 0 ) return -1; | ||
167 | |||
168 | { | ||
169 | uint8_t block[BLAKE2S_BLOCKBYTES]; | ||
170 | memset( block, 0, BLAKE2S_BLOCKBYTES ); | ||
171 | memcpy( block, key, keylen ); | ||
172 | blake2s_update( S, block, BLAKE2S_BLOCKBYTES ); | ||
173 | secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */ | ||
174 | } | ||
175 | return 0; | ||
176 | } | ||
177 | |||
178 | #define G(r,i,a,b,c,d) \ | ||
179 | do { \ | ||
180 | a = a + b + m[blake2s_sigma[r][2*i+0]]; \ | ||
181 | d = rotr32(d ^ a, 16); \ | ||
182 | c = c + d; \ | ||
183 | b = rotr32(b ^ c, 12); \ | ||
184 | a = a + b + m[blake2s_sigma[r][2*i+1]]; \ | ||
185 | d = rotr32(d ^ a, 8); \ | ||
186 | c = c + d; \ | ||
187 | b = rotr32(b ^ c, 7); \ | ||
188 | } while(0) | ||
189 | |||
190 | #define ROUND(r) \ | ||
191 | do { \ | ||
192 | G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \ | ||
193 | G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \ | ||
194 | G(r,2,v[ 2],v[ 6],v[10],v[14]); \ | ||
195 | G(r,3,v[ 3],v[ 7],v[11],v[15]); \ | ||
196 | G(r,4,v[ 0],v[ 5],v[10],v[15]); \ | ||
197 | G(r,5,v[ 1],v[ 6],v[11],v[12]); \ | ||
198 | G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \ | ||
199 | G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \ | ||
200 | } while(0) | ||
201 | |||
202 | static void blake2s_compress( blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBYTES] ) | ||
203 | { | ||
204 | uint32_t m[16]; | ||
205 | uint32_t v[16]; | ||
206 | size_t i; | ||
207 | |||
208 | for( i = 0; i < 16; ++i ) { | ||
209 | m[i] = load32( in + i * sizeof( m[i] ) ); | ||
210 | } | ||
211 | |||
212 | for( i = 0; i < 8; ++i ) { | ||
213 | v[i] = S->h[i]; | ||
214 | } | ||
215 | |||
216 | v[ 8] = blake2s_IV[0]; | ||
217 | v[ 9] = blake2s_IV[1]; | ||
218 | v[10] = blake2s_IV[2]; | ||
219 | v[11] = blake2s_IV[3]; | ||
220 | v[12] = S->t[0] ^ blake2s_IV[4]; | ||
221 | v[13] = S->t[1] ^ blake2s_IV[5]; | ||
222 | v[14] = S->f[0] ^ blake2s_IV[6]; | ||
223 | v[15] = S->f[1] ^ blake2s_IV[7]; | ||
224 | |||
225 | ROUND( 0 ); | ||
226 | ROUND( 1 ); | ||
227 | ROUND( 2 ); | ||
228 | ROUND( 3 ); | ||
229 | ROUND( 4 ); | ||
230 | ROUND( 5 ); | ||
231 | ROUND( 6 ); | ||
232 | ROUND( 7 ); | ||
233 | ROUND( 8 ); | ||
234 | ROUND( 9 ); | ||
235 | |||
236 | for( i = 0; i < 8; ++i ) { | ||
237 | S->h[i] = S->h[i] ^ v[i] ^ v[i + 8]; | ||
238 | } | ||
239 | } | ||
240 | |||
241 | #undef G | ||
242 | #undef ROUND | ||
243 | |||
244 | int blake2s_update( blake2s_state *S, const void *pin, size_t inlen ) | ||
245 | { | ||
246 | const unsigned char * in = (const unsigned char *)pin; | ||
247 | if( inlen > 0 ) | ||
248 | { | ||
249 | size_t left = S->buflen; | ||
250 | size_t fill = BLAKE2S_BLOCKBYTES - left; | ||
251 | if( inlen > fill ) | ||
252 | { | ||
253 | S->buflen = 0; | ||
254 | memcpy( S->buf + left, in, fill ); /* Fill buffer */ | ||
255 | blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES ); | ||
256 | blake2s_compress( S, S->buf ); /* Compress */ | ||
257 | in += fill; inlen -= fill; | ||
258 | while(inlen > BLAKE2S_BLOCKBYTES) { | ||
259 | blake2s_increment_counter(S, BLAKE2S_BLOCKBYTES); | ||
260 | blake2s_compress( S, in ); | ||
261 | in += BLAKE2S_BLOCKBYTES; | ||
262 | inlen -= BLAKE2S_BLOCKBYTES; | ||
263 | } | ||
264 | } | ||
265 | memcpy( S->buf + S->buflen, in, inlen ); | ||
266 | S->buflen += inlen; | ||
267 | } | ||
268 | return 0; | ||
269 | } | ||
270 | |||
271 | int blake2s_final( blake2s_state *S, void *out, size_t outlen ) | ||
272 | { | ||
273 | uint8_t buffer[BLAKE2S_OUTBYTES] = {0}; | ||
274 | size_t i; | ||
275 | |||
276 | if( out == NULL || outlen < S->outlen ) | ||
277 | return -1; | ||
278 | |||
279 | if( blake2s_is_lastblock( S ) ) | ||
280 | return -1; | ||
281 | |||
282 | blake2s_increment_counter( S, ( uint32_t )S->buflen ); | ||
283 | blake2s_set_lastblock( S ); | ||
284 | memset( S->buf + S->buflen, 0, BLAKE2S_BLOCKBYTES - S->buflen ); /* Padding */ | ||
285 | blake2s_compress( S, S->buf ); | ||
286 | |||
287 | for( i = 0; i < 8; ++i ) // Output full hash to temp buffer | ||
288 | store32( buffer + sizeof( S->h[i] ) * i, S->h[i] ); | ||
289 | |||
290 | memcpy( out, buffer, outlen ); | ||
291 | //secure_zero_memory(buffer, sizeof(buffer)); | ||
292 | return 0; | ||
293 | } | ||
294 | |||
295 | int blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen ) | ||
296 | { | ||
297 | blake2s_state S[1]; | ||
298 | |||
299 | /* Verify parameters */ | ||
300 | if ( NULL == in && inlen > 0 ) return -1; | ||
301 | |||
302 | if ( NULL == out ) return -1; | ||
303 | |||
304 | if ( NULL == key && keylen > 0) return -1; | ||
305 | |||
306 | if( !outlen || outlen > BLAKE2S_OUTBYTES ) return -1; | ||
307 | |||
308 | if( keylen > BLAKE2S_KEYBYTES ) return -1; | ||
309 | |||
310 | if( keylen > 0 ) | ||
311 | { | ||
312 | if( blake2s_init_key( S, outlen, key, keylen ) < 0 ) return -1; | ||
313 | } | ||
314 | else | ||
315 | { | ||
316 | if( blake2s_init( S, outlen ) < 0 ) return -1; | ||
317 | } | ||
318 | |||
319 | blake2s_update( S, ( const uint8_t * )in, inlen ); | ||
320 | blake2s_final( S, out, outlen ); | ||
321 | return 0; | ||
322 | } | ||
diff --git a/gba/source/blake2.h b/gba/source/blake2.h new file mode 100644 index 0000000..ead399e --- /dev/null +++ b/gba/source/blake2.h | |||
@@ -0,0 +1,74 @@ | |||
1 | /* | ||
2 | BLAKE2 reference source code package - reference C implementations | ||
3 | |||
4 | Copyright 2012, Samuel Neves <sneves@dei.uc.pt>. You may use this under the | ||
5 | terms of the CC0, the OpenSSL Licence, or the Apache Public License 2.0, at | ||
6 | your option. The terms of these licenses can be found at: | ||
7 | |||
8 | - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0 | ||
9 | - OpenSSL license : https://www.openssl.org/source/license.html | ||
10 | - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0 | ||
11 | |||
12 | More information about the BLAKE2 hash function can be found at | ||
13 | https://blake2.net. | ||
14 | */ | ||
15 | #ifndef BLAKE2_H | ||
16 | #define BLAKE2_H | ||
17 | |||
18 | #include <stddef.h> | ||
19 | #include <stdint.h> | ||
20 | |||
21 | #define BLAKE2_PACKED(x) x __attribute__((packed)) | ||
22 | |||
23 | enum blake2s_constant | ||
24 | { | ||
25 | BLAKE2S_BLOCKBYTES = 64, | ||
26 | BLAKE2S_OUTBYTES = 32, | ||
27 | BLAKE2S_KEYBYTES = 32, | ||
28 | BLAKE2S_SALTBYTES = 8, | ||
29 | BLAKE2S_PERSONALBYTES = 8 | ||
30 | }; | ||
31 | |||
32 | typedef struct blake2s_state__ | ||
33 | { | ||
34 | uint32_t h[8]; | ||
35 | uint32_t t[2]; | ||
36 | uint32_t f[2]; | ||
37 | uint8_t buf[BLAKE2S_BLOCKBYTES]; | ||
38 | size_t buflen; | ||
39 | size_t outlen; | ||
40 | uint8_t last_node; | ||
41 | } blake2s_state; | ||
42 | |||
43 | BLAKE2_PACKED(struct blake2s_param__ | ||
44 | { | ||
45 | uint8_t digest_length; /* 1 */ | ||
46 | uint8_t key_length; /* 2 */ | ||
47 | uint8_t fanout; /* 3 */ | ||
48 | uint8_t depth; /* 4 */ | ||
49 | uint32_t leaf_length; /* 8 */ | ||
50 | uint32_t node_offset; /* 12 */ | ||
51 | uint16_t xof_length; /* 14 */ | ||
52 | uint8_t node_depth; /* 15 */ | ||
53 | uint8_t inner_length; /* 16 */ | ||
54 | /* uint8_t reserved[0]; */ | ||
55 | uint8_t salt[BLAKE2S_SALTBYTES]; /* 24 */ | ||
56 | uint8_t personal[BLAKE2S_PERSONALBYTES]; /* 32 */ | ||
57 | }); | ||
58 | |||
59 | typedef struct blake2s_param__ blake2s_param; | ||
60 | |||
61 | /* Padded structs result in a compile-time error */ | ||
62 | enum { | ||
63 | BLAKE2_DUMMY_1 = 1/(sizeof(blake2s_param) == BLAKE2S_OUTBYTES) | ||
64 | }; | ||
65 | |||
66 | int blake2s_init( blake2s_state *S, size_t outlen ); | ||
67 | int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen ); | ||
68 | int blake2s_init_param( blake2s_state *S, const blake2s_param *P ); | ||
69 | int blake2s_update( blake2s_state *S, const void *in, size_t inlen ); | ||
70 | int blake2s_final( blake2s_state *S, void *out, size_t outlen ); | ||
71 | |||
72 | int blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen ); | ||
73 | |||
74 | #endif \ No newline at end of file | ||
diff --git a/gba/source/serialize.c b/gba/source/serialize.c index ddb156c..5c4ff8d 100644 --- a/gba/source/serialize.c +++ b/gba/source/serialize.c | |||
@@ -10,21 +10,7 @@ | |||
10 | #include "basestats.h" | 10 | #include "basestats.h" |
11 | #include "exptables.h" | 11 | #include "exptables.h" |
12 | #include "dexorder.h" | 12 | #include "dexorder.h" |
13 | #include "sha2.h" | 13 | #include "blake2.h" |
14 | |||
15 | // See pokemon.h for more information about this. | ||
16 | struct HashDeterminer { | ||
17 | u32 otId; | ||
18 | u32 personality; | ||
19 | u32 hpIV:5; | ||
20 | u32 attackIV:5; | ||
21 | u32 defenseIV:5; | ||
22 | u32 speedIV:5; | ||
23 | u32 spAttackIV:5; | ||
24 | u32 spDefenseIV:5; | ||
25 | u32 isShedinja:1; | ||
26 | u32 zero:1; | ||
27 | }; | ||
28 | 14 | ||
29 | u32 CalculateStat( | 15 | u32 CalculateStat( |
30 | u8 base, | 16 | u8 base, |
@@ -64,22 +50,25 @@ void PokemonIntermediateInit( | |||
64 | struct PokemonSubstruct2* sub2 = GetBoxPokemonSubstruct2(bpkm); | 50 | struct PokemonSubstruct2* sub2 = GetBoxPokemonSubstruct2(bpkm); |
65 | struct PokemonSubstruct3* sub3 = GetBoxPokemonSubstruct3(bpkm); | 51 | struct PokemonSubstruct3* sub3 = GetBoxPokemonSubstruct3(bpkm); |
66 | 52 | ||
67 | struct HashDeterminer identifier; | 53 | u8 identifier[16]; |
68 | identifier.otId = bpkm->otId; | 54 | identifier[0] = bpkm->otId & 0x000000FF; |
69 | identifier.personality = bpkm->personality; | 55 | identifier[1] = (bpkm->otId >> 8) & 0x000000FF; |
70 | identifier.hpIV = sub3->hpIV; | 56 | identifier[2] = (bpkm->otId >> 16) & 0x000000FF; |
71 | identifier.attackIV = sub3->attackIV; | 57 | identifier[3] = (bpkm->otId >> 24) & 0x000000FF; |
72 | identifier.defenseIV = sub3->defenseIV; | 58 | identifier[4] = bpkm->personality & 0x000000FF; |
73 | identifier.speedIV = sub3->speedIV; | 59 | identifier[5] = (bpkm->personality >> 8) & 0x000000FF; |
74 | identifier.spAttackIV = sub3->spAttackIV; | 60 | identifier[6] = (bpkm->personality >> 16) & 0x000000FF; |
75 | identifier.spDefenseIV = sub3->spDefenseIV; | 61 | identifier[7] = (bpkm->personality >> 24) & 0x000000FF; |
76 | identifier.isShedinja = (sub0->species == SHEDINJA_SPECIES_INDEX) ? 1 : 0; | 62 | identifier[8] = sub3->hpIV; |
77 | identifier.zero = 0; | 63 | identifier[9] = sub3->attackIV; |
78 | 64 | identifier[10] = sub3->defenseIV; | |
79 | sha224( | 65 | identifier[11] = sub3->speedIV; |
80 | (const unsigned char*)&identifier, | 66 | identifier[12] = sub3->spAttackIV; |
81 | 12, | 67 | identifier[13] = sub3->spDefenseIV; |
82 | (unsigned char*)pki->key); | 68 | identifier[14] = (sub0->species == SHEDINJA_SPECIES_INDEX) ? 1 : 0; |
69 | identifier[15] = 0; | ||
70 | |||
71 | blake2s((u8*)pki->key, 28, identifier, 16, 0, 0); | ||
83 | 72 | ||
84 | const struct SmallBaseStats* baseStats = BaseStatsForSpecies(sub0->species); | 73 | const struct SmallBaseStats* baseStats = BaseStatsForSpecies(sub0->species); |
85 | 74 | ||
diff --git a/gba/source/sha2.c b/gba/source/sha2.c deleted file mode 100644 index 149c043..0000000 --- a/gba/source/sha2.c +++ /dev/null | |||
@@ -1,471 +0,0 @@ | |||
1 | /* | ||
2 | * FIPS 180-2 SHA-224/256/384/512 implementation | ||
3 | * Last update: 02/02/2007 | ||
4 | * Issue date: 04/30/2005 | ||
5 | * | ||
6 | * Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch> | ||
7 | * All rights reserved. | ||
8 | * | ||
9 | * Redistribution and use in source and binary forms, with or without | ||
10 | * modification, are permitted provided that the following conditions | ||
11 | * are met: | ||
12 | * 1. Redistributions of source code must retain the above copyright | ||
13 | * notice, this list of conditions and the following disclaimer. | ||
14 | * 2. Redistributions in binary form must reproduce the above copyright | ||
15 | * notice, this list of conditions and the following disclaimer in the | ||
16 | * documentation and/or other materials provided with the distribution. | ||
17 | * 3. Neither the name of the project nor the names of its contributors | ||
18 | * may be used to endorse or promote products derived from this software | ||
19 | * without specific prior written permission. | ||
20 | * | ||
21 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND | ||
22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | ||
25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
31 | * SUCH DAMAGE. | ||
32 | */ | ||
33 | |||
34 | #if 0 | ||
35 | #define UNROLL_LOOPS /* Enable loops unrolling */ | ||
36 | #endif | ||
37 | |||
38 | #include <string.h> | ||
39 | |||
40 | #include "sha2.h" | ||
41 | |||
42 | #define SHFR(x, n) (x >> n) | ||
43 | #define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n))) | ||
44 | #define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n))) | ||
45 | #define CH(x, y, z) ((x & y) ^ (~x & z)) | ||
46 | #define MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z)) | ||
47 | |||
48 | #define SHA256_F1(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22)) | ||
49 | #define SHA256_F2(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25)) | ||
50 | #define SHA256_F3(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHFR(x, 3)) | ||
51 | #define SHA256_F4(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHFR(x, 10)) | ||
52 | |||
53 | #define SHA512_F1(x) (ROTR(x, 28) ^ ROTR(x, 34) ^ ROTR(x, 39)) | ||
54 | #define SHA512_F2(x) (ROTR(x, 14) ^ ROTR(x, 18) ^ ROTR(x, 41)) | ||
55 | #define SHA512_F3(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHFR(x, 7)) | ||
56 | #define SHA512_F4(x) (ROTR(x, 19) ^ ROTR(x, 61) ^ SHFR(x, 6)) | ||
57 | |||
58 | #define UNPACK32(x, str) \ | ||
59 | { \ | ||
60 | *((str) + 3) = (uint8) ((x) ); \ | ||
61 | *((str) + 2) = (uint8) ((x) >> 8); \ | ||
62 | *((str) + 1) = (uint8) ((x) >> 16); \ | ||
63 | *((str) + 0) = (uint8) ((x) >> 24); \ | ||
64 | } | ||
65 | |||
66 | #define PACK32(str, x) \ | ||
67 | { \ | ||
68 | *(x) = ((uint32) *((str) + 3) ) \ | ||
69 | | ((uint32) *((str) + 2) << 8) \ | ||
70 | | ((uint32) *((str) + 1) << 16) \ | ||
71 | | ((uint32) *((str) + 0) << 24); \ | ||
72 | } | ||
73 | |||
74 | #define UNPACK64(x, str) \ | ||
75 | { \ | ||
76 | *((str) + 7) = (uint8) ((x) ); \ | ||
77 | *((str) + 6) = (uint8) ((x) >> 8); \ | ||
78 | *((str) + 5) = (uint8) ((x) >> 16); \ | ||
79 | *((str) + 4) = (uint8) ((x) >> 24); \ | ||
80 | *((str) + 3) = (uint8) ((x) >> 32); \ | ||
81 | *((str) + 2) = (uint8) ((x) >> 40); \ | ||
82 | *((str) + 1) = (uint8) ((x) >> 48); \ | ||
83 | *((str) + 0) = (uint8) ((x) >> 56); \ | ||
84 | } | ||
85 | |||
86 | #define PACK64(str, x) \ | ||
87 | { \ | ||
88 | *(x) = ((uint64) *((str) + 7) ) \ | ||
89 | | ((uint64) *((str) + 6) << 8) \ | ||
90 | | ((uint64) *((str) + 5) << 16) \ | ||
91 | | ((uint64) *((str) + 4) << 24) \ | ||
92 | | ((uint64) *((str) + 3) << 32) \ | ||
93 | | ((uint64) *((str) + 2) << 40) \ | ||
94 | | ((uint64) *((str) + 1) << 48) \ | ||
95 | | ((uint64) *((str) + 0) << 56); \ | ||
96 | } | ||
97 | |||
98 | /* Macros used for loops unrolling */ | ||
99 | |||
100 | #define SHA256_SCR(i) \ | ||
101 | { \ | ||
102 | w[i] = SHA256_F4(w[i - 2]) + w[i - 7] \ | ||
103 | + SHA256_F3(w[i - 15]) + w[i - 16]; \ | ||
104 | } | ||
105 | |||
106 | #define SHA512_SCR(i) \ | ||
107 | { \ | ||
108 | w[i] = SHA512_F4(w[i - 2]) + w[i - 7] \ | ||
109 | + SHA512_F3(w[i - 15]) + w[i - 16]; \ | ||
110 | } | ||
111 | |||
112 | #define SHA256_EXP(a, b, c, d, e, f, g, h, j) \ | ||
113 | { \ | ||
114 | t1 = wv[h] + SHA256_F2(wv[e]) + CH(wv[e], wv[f], wv[g]) \ | ||
115 | + sha256_k[j] + w[j]; \ | ||
116 | t2 = SHA256_F1(wv[a]) + MAJ(wv[a], wv[b], wv[c]); \ | ||
117 | wv[d] += t1; \ | ||
118 | wv[h] = t1 + t2; \ | ||
119 | } | ||
120 | |||
121 | #define SHA512_EXP(a, b, c, d, e, f, g ,h, j) \ | ||
122 | { \ | ||
123 | t1 = wv[h] + SHA512_F2(wv[e]) + CH(wv[e], wv[f], wv[g]) \ | ||
124 | + sha512_k[j] + w[j]; \ | ||
125 | t2 = SHA512_F1(wv[a]) + MAJ(wv[a], wv[b], wv[c]); \ | ||
126 | wv[d] += t1; \ | ||
127 | wv[h] = t1 + t2; \ | ||
128 | } | ||
129 | |||
130 | uint32 sha224_h0[8] = | ||
131 | {0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, | ||
132 | 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4}; | ||
133 | |||
134 | uint32 sha256_h0[8] = | ||
135 | {0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, | ||
136 | 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19}; | ||
137 | |||
138 | uint32 sha256_k[64] = | ||
139 | {0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, | ||
140 | 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, | ||
141 | 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, | ||
142 | 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, | ||
143 | 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, | ||
144 | 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, | ||
145 | 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, | ||
146 | 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, | ||
147 | 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, | ||
148 | 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, | ||
149 | 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, | ||
150 | 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, | ||
151 | 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, | ||
152 | 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, | ||
153 | 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, | ||
154 | 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2}; | ||
155 | |||
156 | /* SHA-256 functions */ | ||
157 | |||
158 | void sha256_transf(sha256_ctx *ctx, const unsigned char *message, | ||
159 | unsigned int block_nb) | ||
160 | { | ||
161 | uint32 w[64]; | ||
162 | uint32 wv[8]; | ||
163 | uint32 t1, t2; | ||
164 | const unsigned char *sub_block; | ||
165 | int i; | ||
166 | |||
167 | #ifndef UNROLL_LOOPS | ||
168 | int j; | ||
169 | #endif | ||
170 | |||
171 | for (i = 0; i < (int) block_nb; i++) { | ||
172 | sub_block = message + (i << 6); | ||
173 | |||
174 | #ifndef UNROLL_LOOPS | ||
175 | for (j = 0; j < 16; j++) { | ||
176 | PACK32(&sub_block[j << 2], &w[j]); | ||
177 | } | ||
178 | |||
179 | for (j = 16; j < 64; j++) { | ||
180 | SHA256_SCR(j); | ||
181 | } | ||
182 | |||
183 | for (j = 0; j < 8; j++) { | ||
184 | wv[j] = ctx->h[j]; | ||
185 | } | ||
186 | |||
187 | for (j = 0; j < 64; j++) { | ||
188 | t1 = wv[7] + SHA256_F2(wv[4]) + CH(wv[4], wv[5], wv[6]) | ||
189 | + sha256_k[j] + w[j]; | ||
190 | t2 = SHA256_F1(wv[0]) + MAJ(wv[0], wv[1], wv[2]); | ||
191 | wv[7] = wv[6]; | ||
192 | wv[6] = wv[5]; | ||
193 | wv[5] = wv[4]; | ||
194 | wv[4] = wv[3] + t1; | ||
195 | wv[3] = wv[2]; | ||
196 | wv[2] = wv[1]; | ||
197 | wv[1] = wv[0]; | ||
198 | wv[0] = t1 + t2; | ||
199 | } | ||
200 | |||
201 | for (j = 0; j < 8; j++) { | ||
202 | ctx->h[j] += wv[j]; | ||
203 | } | ||
204 | #else | ||
205 | PACK32(&sub_block[ 0], &w[ 0]); PACK32(&sub_block[ 4], &w[ 1]); | ||
206 | PACK32(&sub_block[ 8], &w[ 2]); PACK32(&sub_block[12], &w[ 3]); | ||
207 | PACK32(&sub_block[16], &w[ 4]); PACK32(&sub_block[20], &w[ 5]); | ||
208 | PACK32(&sub_block[24], &w[ 6]); PACK32(&sub_block[28], &w[ 7]); | ||
209 | PACK32(&sub_block[32], &w[ 8]); PACK32(&sub_block[36], &w[ 9]); | ||
210 | PACK32(&sub_block[40], &w[10]); PACK32(&sub_block[44], &w[11]); | ||
211 | PACK32(&sub_block[48], &w[12]); PACK32(&sub_block[52], &w[13]); | ||
212 | PACK32(&sub_block[56], &w[14]); PACK32(&sub_block[60], &w[15]); | ||
213 | |||
214 | SHA256_SCR(16); SHA256_SCR(17); SHA256_SCR(18); SHA256_SCR(19); | ||
215 | SHA256_SCR(20); SHA256_SCR(21); SHA256_SCR(22); SHA256_SCR(23); | ||
216 | SHA256_SCR(24); SHA256_SCR(25); SHA256_SCR(26); SHA256_SCR(27); | ||
217 | SHA256_SCR(28); SHA256_SCR(29); SHA256_SCR(30); SHA256_SCR(31); | ||
218 | SHA256_SCR(32); SHA256_SCR(33); SHA256_SCR(34); SHA256_SCR(35); | ||
219 | SHA256_SCR(36); SHA256_SCR(37); SHA256_SCR(38); SHA256_SCR(39); | ||
220 | SHA256_SCR(40); SHA256_SCR(41); SHA256_SCR(42); SHA256_SCR(43); | ||
221 | SHA256_SCR(44); SHA256_SCR(45); SHA256_SCR(46); SHA256_SCR(47); | ||
222 | SHA256_SCR(48); SHA256_SCR(49); SHA256_SCR(50); SHA256_SCR(51); | ||
223 | SHA256_SCR(52); SHA256_SCR(53); SHA256_SCR(54); SHA256_SCR(55); | ||
224 | SHA256_SCR(56); SHA256_SCR(57); SHA256_SCR(58); SHA256_SCR(59); | ||
225 | SHA256_SCR(60); SHA256_SCR(61); SHA256_SCR(62); SHA256_SCR(63); | ||
226 | |||
227 | wv[0] = ctx->h[0]; wv[1] = ctx->h[1]; | ||
228 | wv[2] = ctx->h[2]; wv[3] = ctx->h[3]; | ||
229 | wv[4] = ctx->h[4]; wv[5] = ctx->h[5]; | ||
230 | wv[6] = ctx->h[6]; wv[7] = ctx->h[7]; | ||
231 | |||
232 | SHA256_EXP(0,1,2,3,4,5,6,7, 0); SHA256_EXP(7,0,1,2,3,4,5,6, 1); | ||
233 | SHA256_EXP(6,7,0,1,2,3,4,5, 2); SHA256_EXP(5,6,7,0,1,2,3,4, 3); | ||
234 | SHA256_EXP(4,5,6,7,0,1,2,3, 4); SHA256_EXP(3,4,5,6,7,0,1,2, 5); | ||
235 | SHA256_EXP(2,3,4,5,6,7,0,1, 6); SHA256_EXP(1,2,3,4,5,6,7,0, 7); | ||
236 | SHA256_EXP(0,1,2,3,4,5,6,7, 8); SHA256_EXP(7,0,1,2,3,4,5,6, 9); | ||
237 | SHA256_EXP(6,7,0,1,2,3,4,5,10); SHA256_EXP(5,6,7,0,1,2,3,4,11); | ||
238 | SHA256_EXP(4,5,6,7,0,1,2,3,12); SHA256_EXP(3,4,5,6,7,0,1,2,13); | ||
239 | SHA256_EXP(2,3,4,5,6,7,0,1,14); SHA256_EXP(1,2,3,4,5,6,7,0,15); | ||
240 | SHA256_EXP(0,1,2,3,4,5,6,7,16); SHA256_EXP(7,0,1,2,3,4,5,6,17); | ||
241 | SHA256_EXP(6,7,0,1,2,3,4,5,18); SHA256_EXP(5,6,7,0,1,2,3,4,19); | ||
242 | SHA256_EXP(4,5,6,7,0,1,2,3,20); SHA256_EXP(3,4,5,6,7,0,1,2,21); | ||
243 | SHA256_EXP(2,3,4,5,6,7,0,1,22); SHA256_EXP(1,2,3,4,5,6,7,0,23); | ||
244 | SHA256_EXP(0,1,2,3,4,5,6,7,24); SHA256_EXP(7,0,1,2,3,4,5,6,25); | ||
245 | SHA256_EXP(6,7,0,1,2,3,4,5,26); SHA256_EXP(5,6,7,0,1,2,3,4,27); | ||
246 | SHA256_EXP(4,5,6,7,0,1,2,3,28); SHA256_EXP(3,4,5,6,7,0,1,2,29); | ||
247 | SHA256_EXP(2,3,4,5,6,7,0,1,30); SHA256_EXP(1,2,3,4,5,6,7,0,31); | ||
248 | SHA256_EXP(0,1,2,3,4,5,6,7,32); SHA256_EXP(7,0,1,2,3,4,5,6,33); | ||
249 | SHA256_EXP(6,7,0,1,2,3,4,5,34); SHA256_EXP(5,6,7,0,1,2,3,4,35); | ||
250 | SHA256_EXP(4,5,6,7,0,1,2,3,36); SHA256_EXP(3,4,5,6,7,0,1,2,37); | ||
251 | SHA256_EXP(2,3,4,5,6,7,0,1,38); SHA256_EXP(1,2,3,4,5,6,7,0,39); | ||
252 | SHA256_EXP(0,1,2,3,4,5,6,7,40); SHA256_EXP(7,0,1,2,3,4,5,6,41); | ||
253 | SHA256_EXP(6,7,0,1,2,3,4,5,42); SHA256_EXP(5,6,7,0,1,2,3,4,43); | ||
254 | SHA256_EXP(4,5,6,7,0,1,2,3,44); SHA256_EXP(3,4,5,6,7,0,1,2,45); | ||
255 | SHA256_EXP(2,3,4,5,6,7,0,1,46); SHA256_EXP(1,2,3,4,5,6,7,0,47); | ||
256 | SHA256_EXP(0,1,2,3,4,5,6,7,48); SHA256_EXP(7,0,1,2,3,4,5,6,49); | ||
257 | SHA256_EXP(6,7,0,1,2,3,4,5,50); SHA256_EXP(5,6,7,0,1,2,3,4,51); | ||
258 | SHA256_EXP(4,5,6,7,0,1,2,3,52); SHA256_EXP(3,4,5,6,7,0,1,2,53); | ||
259 | SHA256_EXP(2,3,4,5,6,7,0,1,54); SHA256_EXP(1,2,3,4,5,6,7,0,55); | ||
260 | SHA256_EXP(0,1,2,3,4,5,6,7,56); SHA256_EXP(7,0,1,2,3,4,5,6,57); | ||
261 | SHA256_EXP(6,7,0,1,2,3,4,5,58); SHA256_EXP(5,6,7,0,1,2,3,4,59); | ||
262 | SHA256_EXP(4,5,6,7,0,1,2,3,60); SHA256_EXP(3,4,5,6,7,0,1,2,61); | ||
263 | SHA256_EXP(2,3,4,5,6,7,0,1,62); SHA256_EXP(1,2,3,4,5,6,7,0,63); | ||
264 | |||
265 | ctx->h[0] += wv[0]; ctx->h[1] += wv[1]; | ||
266 | ctx->h[2] += wv[2]; ctx->h[3] += wv[3]; | ||
267 | ctx->h[4] += wv[4]; ctx->h[5] += wv[5]; | ||
268 | ctx->h[6] += wv[6]; ctx->h[7] += wv[7]; | ||
269 | #endif /* !UNROLL_LOOPS */ | ||
270 | } | ||
271 | } | ||
272 | |||
273 | void sha256(const unsigned char *message, unsigned int len, unsigned char *digest) | ||
274 | { | ||
275 | sha256_ctx ctx; | ||
276 | |||
277 | sha256_init(&ctx); | ||
278 | sha256_update(&ctx, message, len); | ||
279 | sha256_final(&ctx, digest); | ||
280 | } | ||
281 | |||
282 | void sha256_init(sha256_ctx *ctx) | ||
283 | { | ||
284 | #ifndef UNROLL_LOOPS | ||
285 | int i; | ||
286 | for (i = 0; i < 8; i++) { | ||
287 | ctx->h[i] = sha256_h0[i]; | ||
288 | } | ||
289 | #else | ||
290 | ctx->h[0] = sha256_h0[0]; ctx->h[1] = sha256_h0[1]; | ||
291 | ctx->h[2] = sha256_h0[2]; ctx->h[3] = sha256_h0[3]; | ||
292 | ctx->h[4] = sha256_h0[4]; ctx->h[5] = sha256_h0[5]; | ||
293 | ctx->h[6] = sha256_h0[6]; ctx->h[7] = sha256_h0[7]; | ||
294 | #endif /* !UNROLL_LOOPS */ | ||
295 | |||
296 | ctx->len = 0; | ||
297 | ctx->tot_len = 0; | ||
298 | } | ||
299 | |||
300 | void sha256_update(sha256_ctx *ctx, const unsigned char *message, | ||
301 | unsigned int len) | ||
302 | { | ||
303 | unsigned int block_nb; | ||
304 | unsigned int new_len, rem_len, tmp_len; | ||
305 | const unsigned char *shifted_message; | ||
306 | |||
307 | tmp_len = SHA256_BLOCK_SIZE - ctx->len; | ||
308 | rem_len = len < tmp_len ? len : tmp_len; | ||
309 | |||
310 | memcpy(&ctx->block[ctx->len], message, rem_len); | ||
311 | |||
312 | if (ctx->len + len < SHA256_BLOCK_SIZE) { | ||
313 | ctx->len += len; | ||
314 | return; | ||
315 | } | ||
316 | |||
317 | new_len = len - rem_len; | ||
318 | block_nb = new_len / SHA256_BLOCK_SIZE; | ||
319 | |||
320 | shifted_message = message + rem_len; | ||
321 | |||
322 | sha256_transf(ctx, ctx->block, 1); | ||
323 | sha256_transf(ctx, shifted_message, block_nb); | ||
324 | |||
325 | rem_len = new_len % SHA256_BLOCK_SIZE; | ||
326 | |||
327 | memcpy(ctx->block, &shifted_message[block_nb << 6], | ||
328 | rem_len); | ||
329 | |||
330 | ctx->len = rem_len; | ||
331 | ctx->tot_len += (block_nb + 1) << 6; | ||
332 | } | ||
333 | |||
334 | void sha256_final(sha256_ctx *ctx, unsigned char *digest) | ||
335 | { | ||
336 | unsigned int block_nb; | ||
337 | unsigned int pm_len; | ||
338 | unsigned int len_b; | ||
339 | |||
340 | #ifndef UNROLL_LOOPS | ||
341 | int i; | ||
342 | #endif | ||
343 | |||
344 | block_nb = (1 + ((SHA256_BLOCK_SIZE - 9) | ||
345 | < (ctx->len % SHA256_BLOCK_SIZE))); | ||
346 | |||
347 | len_b = (ctx->tot_len + ctx->len) << 3; | ||
348 | pm_len = block_nb << 6; | ||
349 | |||
350 | memset(ctx->block + ctx->len, 0, pm_len - ctx->len); | ||
351 | ctx->block[ctx->len] = 0x80; | ||
352 | UNPACK32(len_b, ctx->block + pm_len - 4); | ||
353 | |||
354 | sha256_transf(ctx, ctx->block, block_nb); | ||
355 | |||
356 | #ifndef UNROLL_LOOPS | ||
357 | for (i = 0 ; i < 8; i++) { | ||
358 | UNPACK32(ctx->h[i], &digest[i << 2]); | ||
359 | } | ||
360 | #else | ||
361 | UNPACK32(ctx->h[0], &digest[ 0]); | ||
362 | UNPACK32(ctx->h[1], &digest[ 4]); | ||
363 | UNPACK32(ctx->h[2], &digest[ 8]); | ||
364 | UNPACK32(ctx->h[3], &digest[12]); | ||
365 | UNPACK32(ctx->h[4], &digest[16]); | ||
366 | UNPACK32(ctx->h[5], &digest[20]); | ||
367 | UNPACK32(ctx->h[6], &digest[24]); | ||
368 | UNPACK32(ctx->h[7], &digest[28]); | ||
369 | #endif /* !UNROLL_LOOPS */ | ||
370 | } | ||
371 | |||
372 | /* SHA-224 functions */ | ||
373 | |||
374 | void sha224(const unsigned char *message, unsigned int len, | ||
375 | unsigned char *digest) | ||
376 | { | ||
377 | sha224_ctx ctx; | ||
378 | |||
379 | sha224_init(&ctx); | ||
380 | sha224_update(&ctx, message, len); | ||
381 | sha224_final(&ctx, digest); | ||
382 | } | ||
383 | |||
384 | void sha224_init(sha224_ctx *ctx) | ||
385 | { | ||
386 | #ifndef UNROLL_LOOPS | ||
387 | int i; | ||
388 | for (i = 0; i < 8; i++) { | ||
389 | ctx->h[i] = sha224_h0[i]; | ||
390 | } | ||
391 | #else | ||
392 | ctx->h[0] = sha224_h0[0]; ctx->h[1] = sha224_h0[1]; | ||
393 | ctx->h[2] = sha224_h0[2]; ctx->h[3] = sha224_h0[3]; | ||
394 | ctx->h[4] = sha224_h0[4]; ctx->h[5] = sha224_h0[5]; | ||
395 | ctx->h[6] = sha224_h0[6]; ctx->h[7] = sha224_h0[7]; | ||
396 | #endif /* !UNROLL_LOOPS */ | ||
397 | |||
398 | ctx->len = 0; | ||
399 | ctx->tot_len = 0; | ||
400 | } | ||
401 | |||
402 | void sha224_update(sha224_ctx *ctx, const unsigned char *message, | ||
403 | unsigned int len) | ||
404 | { | ||
405 | unsigned int block_nb; | ||
406 | unsigned int new_len, rem_len, tmp_len; | ||
407 | const unsigned char *shifted_message; | ||
408 | |||
409 | tmp_len = SHA224_BLOCK_SIZE - ctx->len; | ||
410 | rem_len = len < tmp_len ? len : tmp_len; | ||
411 | |||
412 | memcpy(&ctx->block[ctx->len], message, rem_len); | ||
413 | |||
414 | if (ctx->len + len < SHA224_BLOCK_SIZE) { | ||
415 | ctx->len += len; | ||
416 | return; | ||
417 | } | ||
418 | |||
419 | new_len = len - rem_len; | ||
420 | block_nb = new_len / SHA224_BLOCK_SIZE; | ||
421 | |||
422 | shifted_message = message + rem_len; | ||
423 | |||
424 | sha256_transf(ctx, ctx->block, 1); | ||
425 | sha256_transf(ctx, shifted_message, block_nb); | ||
426 | |||
427 | rem_len = new_len % SHA224_BLOCK_SIZE; | ||
428 | |||
429 | memcpy(ctx->block, &shifted_message[block_nb << 6], | ||
430 | rem_len); | ||
431 | |||
432 | ctx->len = rem_len; | ||
433 | ctx->tot_len += (block_nb + 1) << 6; | ||
434 | } | ||
435 | |||
436 | void sha224_final(sha224_ctx *ctx, unsigned char *digest) | ||
437 | { | ||
438 | unsigned int block_nb; | ||
439 | unsigned int pm_len; | ||
440 | unsigned int len_b; | ||
441 | |||
442 | #ifndef UNROLL_LOOPS | ||
443 | int i; | ||
444 | #endif | ||
445 | |||
446 | block_nb = (1 + ((SHA224_BLOCK_SIZE - 9) | ||
447 | < (ctx->len % SHA224_BLOCK_SIZE))); | ||
448 | |||
449 | len_b = (ctx->tot_len + ctx->len) << 3; | ||
450 | pm_len = block_nb << 6; | ||
451 | |||
452 | memset(ctx->block + ctx->len, 0, pm_len - ctx->len); | ||
453 | ctx->block[ctx->len] = 0x80; | ||
454 | UNPACK32(len_b, ctx->block + pm_len - 4); | ||
455 | |||
456 | sha256_transf(ctx, ctx->block, block_nb); | ||
457 | |||
458 | #ifndef UNROLL_LOOPS | ||
459 | for (i = 0 ; i < 7; i++) { | ||
460 | UNPACK32(ctx->h[i], &digest[i << 2]); | ||
461 | } | ||
462 | #else | ||
463 | UNPACK32(ctx->h[0], &digest[ 0]); | ||
464 | UNPACK32(ctx->h[1], &digest[ 4]); | ||
465 | UNPACK32(ctx->h[2], &digest[ 8]); | ||
466 | UNPACK32(ctx->h[3], &digest[12]); | ||
467 | UNPACK32(ctx->h[4], &digest[16]); | ||
468 | UNPACK32(ctx->h[5], &digest[20]); | ||
469 | UNPACK32(ctx->h[6], &digest[24]); | ||
470 | #endif /* !UNROLL_LOOPS */ | ||
471 | } | ||
diff --git a/gba/source/sha2.h b/gba/source/sha2.h deleted file mode 100644 index efd3059..0000000 --- a/gba/source/sha2.h +++ /dev/null | |||
@@ -1,74 +0,0 @@ | |||
1 | /* | ||
2 | * FIPS 180-2 SHA-224/256/384/512 implementation | ||
3 | * Last update: 02/02/2007 | ||
4 | * Issue date: 04/30/2005 | ||
5 | * | ||
6 | * Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch> | ||
7 | * All rights reserved. | ||
8 | * | ||
9 | * Redistribution and use in source and binary forms, with or without | ||
10 | * modification, are permitted provided that the following conditions | ||
11 | * are met: | ||
12 | * 1. Redistributions of source code must retain the above copyright | ||
13 | * notice, this list of conditions and the following disclaimer. | ||
14 | * 2. Redistributions in binary form must reproduce the above copyright | ||
15 | * notice, this list of conditions and the following disclaimer in the | ||
16 | * documentation and/or other materials provided with the distribution. | ||
17 | * 3. Neither the name of the project nor the names of its contributors | ||
18 | * may be used to endorse or promote products derived from this software | ||
19 | * without specific prior written permission. | ||
20 | * | ||
21 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND | ||
22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | ||
25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
31 | * SUCH DAMAGE. | ||
32 | */ | ||
33 | |||
34 | #ifndef SHA2_H | ||
35 | #define SHA2_H | ||
36 | |||
37 | #define SHA224_DIGEST_SIZE ( 224 / 8) | ||
38 | #define SHA256_DIGEST_SIZE ( 256 / 8) | ||
39 | |||
40 | #define SHA256_BLOCK_SIZE ( 512 / 8) | ||
41 | #define SHA224_BLOCK_SIZE SHA256_BLOCK_SIZE | ||
42 | |||
43 | #ifndef SHA2_TYPES | ||
44 | #define SHA2_TYPES | ||
45 | typedef unsigned char uint8; | ||
46 | typedef unsigned int uint32; | ||
47 | typedef unsigned long long uint64; | ||
48 | #endif | ||
49 | |||
50 | typedef struct { | ||
51 | unsigned int tot_len; | ||
52 | unsigned int len; | ||
53 | unsigned char block[2 * SHA256_BLOCK_SIZE]; | ||
54 | uint32 h[8]; | ||
55 | } sha256_ctx; | ||
56 | |||
57 | typedef sha256_ctx sha224_ctx; | ||
58 | |||
59 | void sha224_init(sha224_ctx *ctx); | ||
60 | void sha224_update(sha224_ctx *ctx, const unsigned char *message, | ||
61 | unsigned int len); | ||
62 | void sha224_final(sha224_ctx *ctx, unsigned char *digest); | ||
63 | void sha224(const unsigned char *message, unsigned int len, | ||
64 | unsigned char *digest); | ||
65 | |||
66 | void sha256_init(sha256_ctx * ctx); | ||
67 | void sha256_update(sha256_ctx *ctx, const unsigned char *message, | ||
68 | unsigned int len); | ||
69 | void sha256_final(sha256_ctx *ctx, unsigned char *digest); | ||
70 | void sha256(const unsigned char *message, unsigned int len, | ||
71 | unsigned char *digest); | ||
72 | |||
73 | #endif /* !SHA2_H */ | ||
74 | |||