| sha256.c (177698) | sha256.c (185029) |
|---|---|
| 1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the | 1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the |
| 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. | 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. |
| 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22/* | 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* |
| 23 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. | 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. |
| 24 * Use is subject to license terms. 25 */ 26 27#pragma ident "%Z%%M% %I% %E% SMI" 28 29#include <sys/zfs_context.h> 30#include <sys/zio.h> 31#include <sys/zio_checksum.h> 32 33/* | 23 * Use is subject to license terms. 24 */ 25 26#pragma ident "%Z%%M% %I% %E% SMI" 27 28#include <sys/zfs_context.h> 29#include <sys/zio.h> 30#include <sys/zio_checksum.h> 31 32/* |
| 34 * SHA-256 checksum, as specified in FIPS 180-2, available at: 35 * http://csrc.nist.gov/cryptval | 33 * SHA-256 checksum, as specified in FIPS 180-3, available at: 34 * http://csrc.nist.gov/publications/PubsFIPS.html |
| 36 * 37 * This is a very compact implementation of SHA-256. 38 * It is designed to be simple and portable, not to be fast. 39 */ 40 41/* | 35 * 36 * This is a very compact implementation of SHA-256. 37 * It is designed to be simple and portable, not to be fast. 38 */ 39 40/* |
| 42 * The literal definitions according to FIPS180-2 would be: | 41 * The literal definitions of Ch() and Maj() according to FIPS 180-3 are: |
| 43 * | 42 * |
| 44 * Ch(x, y, z) (((x) & (y)) ^ ((~(x)) & (z))) 45 * Maj(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) | 43 * Ch(x, y, z) (x & y) ^ (~x & z) 44 * Maj(x, y, z) (x & y) ^ (x & z) ^ (y & z) |
| 46 * | 45 * |
| 47 * We use logical equivalents which require one less op. | 46 * We use equivalent logical reductions here that require one less op. |
| 48 */ 49#define Ch(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) 50#define Maj(x, y, z) (((x) & (y)) ^ ((z) & ((x) ^ (y)))) 51#define Rot32(x, s) (((x) >> s) | ((x) << (32 - s))) 52#define SIGMA0(x) (Rot32(x, 2) ^ Rot32(x, 13) ^ Rot32(x, 22)) 53#define SIGMA1(x) (Rot32(x, 6) ^ Rot32(x, 11) ^ Rot32(x, 25)) 54#define sigma0(x) (Rot32(x, 7) ^ Rot32(x, 18) ^ ((x) >> 3)) 55#define sigma1(x) (Rot32(x, 17) ^ Rot32(x, 19) ^ ((x) >> 10)) --- 44 unchanged lines hidden (view full) --- 100} 101 102void 103zio_checksum_SHA256(const void *buf, uint64_t size, zio_cksum_t *zcp) 104{ 105 uint32_t H[8] = { 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 106 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 }; 107 uint8_t pad[128]; | 47 */ 48#define Ch(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) 49#define Maj(x, y, z) (((x) & (y)) ^ ((z) & ((x) ^ (y)))) 50#define Rot32(x, s) (((x) >> s) | ((x) << (32 - s))) 51#define SIGMA0(x) (Rot32(x, 2) ^ Rot32(x, 13) ^ Rot32(x, 22)) 52#define SIGMA1(x) (Rot32(x, 6) ^ Rot32(x, 11) ^ Rot32(x, 25)) 53#define sigma0(x) (Rot32(x, 7) ^ Rot32(x, 18) ^ ((x) >> 3)) 54#define sigma1(x) (Rot32(x, 17) ^ Rot32(x, 19) ^ ((x) >> 10)) --- 44 unchanged lines hidden (view full) --- 99} 100 101void 102zio_checksum_SHA256(const void *buf, uint64_t size, zio_cksum_t *zcp) 103{ 104 uint32_t H[8] = { 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 105 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 }; 106 uint8_t pad[128]; |
| 108 int padsize = size & 63; 109 int i; | 107 int i, padsize; |
| 110 | 108 |
| 111 for (i = 0; i < size - padsize; i += 64) | 109 for (i = 0; i < (size & ~63ULL); i += 64) |
| 112 SHA256Transform(H, (uint8_t *)buf + i); 113 | 110 SHA256Transform(H, (uint8_t *)buf + i); 111 |
| 114 for (i = 0; i < padsize; i++) 115 pad[i] = ((uint8_t *)buf)[i]; | 112 for (padsize = 0; i < size; i++) 113 pad[padsize++] = *((uint8_t *)buf + i); |
| 116 117 for (pad[padsize++] = 0x80; (padsize & 63) != 56; padsize++) 118 pad[padsize] = 0; 119 | 114 115 for (pad[padsize++] = 0x80; (padsize & 63) != 56; padsize++) 116 pad[padsize] = 0; 117 |
| 120 for (i = 0; i < 8; i++) 121 pad[padsize++] = (size << 3) >> (56 - 8 * i); | 118 for (i = 56; i >= 0; i -= 8) 119 pad[padsize++] = (size << 3) >> i; |
| 122 123 for (i = 0; i < padsize; i += 64) 124 SHA256Transform(H, pad + i); 125 126 ZIO_SET_CHECKSUM(zcp, 127 (uint64_t)H[0] << 32 | H[1], 128 (uint64_t)H[2] << 32 | H[3], 129 (uint64_t)H[4] << 32 | H[5], 130 (uint64_t)H[6] << 32 | H[7]); 131} | 120 121 for (i = 0; i < padsize; i += 64) 122 SHA256Transform(H, pad + i); 123 124 ZIO_SET_CHECKSUM(zcp, 125 (uint64_t)H[0] << 32 | H[1], 126 (uint64_t)H[2] << 32 | H[3], 127 (uint64_t)H[4] << 32 | H[5], 128 (uint64_t)H[6] << 32 | H[7]); 129} |