#
1.28 |
|
23-Jul-2019 |
dtucker |
Fix comment typo; from OpenSSH Portable
|
#
1.27 |
|
07-Jun-2019 |
dtucker |
Cast bitcount to u_in64_t before bit shifting to prevent integer overflow on 32bit platforms which cause incorrect results when adding a block >=512M in size. sha1 patch from ante84 at gmail.com via openssh github, sha2 with djm@, ok tedu@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.26 |
|
27-May-2017 |
naddy |
move sha224_initial_hash_value[] under !SHA2_SMALL; ok deraadt@ millert@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.25 |
|
03-Sep-2016 |
tedu |
Add functions for SHA512/256. The standard says you're supposed to start with different magic numbers, so we need to add some functions instead of just asking the user to truncate as desired. Sigh. SHA512 is quite a bit faster than SHA256 on 64 bit CPUs, but 256 bit hashes are usually quite sufficient. Best of both. ok deraadt tom
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.24 |
|
11-Sep-2015 |
guenther |
Wrap blowfish, sha*, md5, and rmd160 so that internal calls go direct
ok deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.23 |
|
15-Jan-2015 |
millert |
Use explicit_bzero instead of memset in hash Final and End functions. OK deraadt@ djm@
|
#
1.22 |
|
19-Dec-2014 |
tedu |
be like the kernel and only unroll if not small
|
#
1.21 |
|
19-Dec-2014 |
deraadt |
i386 unrolling blows up the media in a big way, due to -Os for ramdisk libc builds. there has to be a better way without #ifdef's in gross places, but I don't see it yet.
|
#
1.20 |
|
18-Dec-2014 |
tedu |
only unroll on i386 and amd64 (where confirmed to be much faster). naddy found sparc64 gets a little slower when unrolled. ok deraadt
|
#
1.19 |
|
17-Dec-2014 |
tedu |
unroll loops. much faster on amd64. ok deraadt millert
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
20-Jul-2014 |
guenther |
From ISO/IEC 9899:1999 and 9899:201x, 6.11.5 - Storage-class specifiers: The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature.
Diff from Jean-Philippe Ouellet (jean-philippe (at) ouellet.biz)
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.17 |
|
08-Jan-2014 |
tedu |
calling HashFinal with a null digest should crash, not be silently ignored
|
#
1.16 |
|
08-Jan-2014 |
deraadt |
rename SHA256_ONLY to SHA2_SMALL; changing things so that sha512 support is also pulled in
|
#
1.15 |
|
22-Dec-2013 |
tedu |
remove unneeded check for null context. ok deraadt gilles millert
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.14 |
|
15-Apr-2013 |
millert |
SHA-224 is to SHA-256 as SHA-384 is to SHA-512. It was added in a later revision of FIPS-180. OK miod@ jmc@ guenther@ djm@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.13 |
|
15-Apr-2009 |
djm |
allow building without SHA384 and SHA512 (i.e. SHA256 only) with -DSHA256_ONLY in order to save space; ok deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.12 |
|
06-Sep-2008 |
djm |
Rename SHA256/384/512 API to avoid namespace collisions with forthcoming OpenSSL update.
Function names lose their underscore (SHA256_Init => SHA256Init) and the various SHA256_CTX, SHA512_CTX are merged into a single SHA2_CTX that is used for all these hashes.
ok millert@ manpage bits jmc@ "please commit" deraadt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.11 |
|
08-Aug-2005 |
espie |
zap remaining rcsid.
Kill old files that are no longer compiled.
okay theo
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE
|
#
1.10 |
|
28-May-2004 |
millert |
In the Final function, move the context zeroing into the digest != NULL scope so that passing a NULL digest is equivalent to the Pad function (like it used to be). Fixes skey w/ sha1 as noticed by David Krause.
|
#
1.9 |
|
07-May-2004 |
millert |
Simpler byte order flipping. Now the only place we explicitly check for the host byte order is when we copy the final digest (and that is just an optimization).
|
#
1.8 |
|
05-May-2004 |
millert |
Make the Transform functions match the other hash types and document them. Use sizeof() in the Init functions where it makes sense. Use weak aliases instead of wrapper functions.
Probably should have gone in before the major bump but as these are only used internally by the sha2 functions themselves there should be no problem.
|
#
1.7 |
|
03-May-2004 |
millert |
Add Pad and FileChunk functions for each family of hash functions. The Pad function does padding like in Final but does not finish processing. The FileChunk function creates a digest from a portion of a file. Also made the length parameters consistent (and size_t).
|
#
1.6 |
|
03-May-2004 |
millert |
Rev 1.4 was bogus (committed from the wrong tree), this repairs it.
|
#
1.5 |
|
02-May-2004 |
millert |
some minor KNF
|
#
1.4 |
|
29-Apr-2004 |
millert |
The data pointer passed to the transform function may not be properly aligned so copy it in a way that a) is endian indepenent and b) does not rely on alignment. Problem found and solution tested by hshoexer@
|
#
1.3 |
|
28-Apr-2004 |
millert |
KNF: function names should be at column 0 for easier grepping.
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.2 |
|
08-Sep-2003 |
millert |
Zap context correctly, from Juergen Buchmueller <pullmoll at stop1984 dot com> Same as sys/crypto/sha2.c revision 1.2
|
#
1.1 |
|
08-May-2003 |
millert |
Add sha2 routines based on code by Aaron D. Gifford with minor massaging and a man page by me. I used the phk-derived stuff for sha2hl.c instead of Aaron's for consistency with our other hash routines.
|
#
1.27 |
|
07-Jun-2019 |
dtucker |
Cast bitcount to u_in64_t before bit shifting to prevent integer overflow on 32bit platforms which cause incorrect results when adding a block >=512M in size. sha1 patch from ante84 at gmail.com via openssh github, sha2 with djm@, ok tedu@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.26 |
|
27-May-2017 |
naddy |
move sha224_initial_hash_value[] under !SHA2_SMALL; ok deraadt@ millert@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.25 |
|
03-Sep-2016 |
tedu |
Add functions for SHA512/256. The standard says you're supposed to start with different magic numbers, so we need to add some functions instead of just asking the user to truncate as desired. Sigh. SHA512 is quite a bit faster than SHA256 on 64 bit CPUs, but 256 bit hashes are usually quite sufficient. Best of both. ok deraadt tom
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.24 |
|
11-Sep-2015 |
guenther |
Wrap blowfish, sha*, md5, and rmd160 so that internal calls go direct
ok deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.23 |
|
15-Jan-2015 |
millert |
Use explicit_bzero instead of memset in hash Final and End functions. OK deraadt@ djm@
|
#
1.22 |
|
19-Dec-2014 |
tedu |
be like the kernel and only unroll if not small
|
#
1.21 |
|
19-Dec-2014 |
deraadt |
i386 unrolling blows up the media in a big way, due to -Os for ramdisk libc builds. there has to be a better way without #ifdef's in gross places, but I don't see it yet.
|
#
1.20 |
|
18-Dec-2014 |
tedu |
only unroll on i386 and amd64 (where confirmed to be much faster). naddy found sparc64 gets a little slower when unrolled. ok deraadt
|
#
1.19 |
|
17-Dec-2014 |
tedu |
unroll loops. much faster on amd64. ok deraadt millert
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
20-Jul-2014 |
guenther |
From ISO/IEC 9899:1999 and 9899:201x, 6.11.5 - Storage-class specifiers: The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature.
Diff from Jean-Philippe Ouellet (jean-philippe (at) ouellet.biz)
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.17 |
|
08-Jan-2014 |
tedu |
calling HashFinal with a null digest should crash, not be silently ignored
|
#
1.16 |
|
08-Jan-2014 |
deraadt |
rename SHA256_ONLY to SHA2_SMALL; changing things so that sha512 support is also pulled in
|
#
1.15 |
|
22-Dec-2013 |
tedu |
remove unneeded check for null context. ok deraadt gilles millert
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.14 |
|
15-Apr-2013 |
millert |
SHA-224 is to SHA-256 as SHA-384 is to SHA-512. It was added in a later revision of FIPS-180. OK miod@ jmc@ guenther@ djm@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.13 |
|
15-Apr-2009 |
djm |
allow building without SHA384 and SHA512 (i.e. SHA256 only) with -DSHA256_ONLY in order to save space; ok deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.12 |
|
06-Sep-2008 |
djm |
Rename SHA256/384/512 API to avoid namespace collisions with forthcoming OpenSSL update.
Function names lose their underscore (SHA256_Init => SHA256Init) and the various SHA256_CTX, SHA512_CTX are merged into a single SHA2_CTX that is used for all these hashes.
ok millert@ manpage bits jmc@ "please commit" deraadt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.11 |
|
08-Aug-2005 |
espie |
zap remaining rcsid.
Kill old files that are no longer compiled.
okay theo
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE
|
#
1.10 |
|
28-May-2004 |
millert |
In the Final function, move the context zeroing into the digest != NULL scope so that passing a NULL digest is equivalent to the Pad function (like it used to be). Fixes skey w/ sha1 as noticed by David Krause.
|
#
1.9 |
|
07-May-2004 |
millert |
Simpler byte order flipping. Now the only place we explicitly check for the host byte order is when we copy the final digest (and that is just an optimization).
|
#
1.8 |
|
05-May-2004 |
millert |
Make the Transform functions match the other hash types and document them. Use sizeof() in the Init functions where it makes sense. Use weak aliases instead of wrapper functions.
Probably should have gone in before the major bump but as these are only used internally by the sha2 functions themselves there should be no problem.
|
#
1.7 |
|
03-May-2004 |
millert |
Add Pad and FileChunk functions for each family of hash functions. The Pad function does padding like in Final but does not finish processing. The FileChunk function creates a digest from a portion of a file. Also made the length parameters consistent (and size_t).
|
#
1.6 |
|
03-May-2004 |
millert |
Rev 1.4 was bogus (committed from the wrong tree), this repairs it.
|
#
1.5 |
|
02-May-2004 |
millert |
some minor KNF
|
#
1.4 |
|
29-Apr-2004 |
millert |
The data pointer passed to the transform function may not be properly aligned so copy it in a way that a) is endian indepenent and b) does not rely on alignment. Problem found and solution tested by hshoexer@
|
#
1.3 |
|
28-Apr-2004 |
millert |
KNF: function names should be at column 0 for easier grepping.
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.2 |
|
08-Sep-2003 |
millert |
Zap context correctly, from Juergen Buchmueller <pullmoll at stop1984 dot com> Same as sys/crypto/sha2.c revision 1.2
|
#
1.1 |
|
08-May-2003 |
millert |
Add sha2 routines based on code by Aaron D. Gifford with minor massaging and a man page by me. I used the phk-derived stuff for sha2hl.c instead of Aaron's for consistency with our other hash routines.
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.26 |
|
27-May-2017 |
naddy |
move sha224_initial_hash_value[] under !SHA2_SMALL; ok deraadt@ millert@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.25 |
|
03-Sep-2016 |
tedu |
Add functions for SHA512/256. The standard says you're supposed to start with different magic numbers, so we need to add some functions instead of just asking the user to truncate as desired. Sigh. SHA512 is quite a bit faster than SHA256 on 64 bit CPUs, but 256 bit hashes are usually quite sufficient. Best of both. ok deraadt tom
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.24 |
|
11-Sep-2015 |
guenther |
Wrap blowfish, sha*, md5, and rmd160 so that internal calls go direct
ok deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.23 |
|
15-Jan-2015 |
millert |
Use explicit_bzero instead of memset in hash Final and End functions. OK deraadt@ djm@
|
#
1.22 |
|
19-Dec-2014 |
tedu |
be like the kernel and only unroll if not small
|
#
1.21 |
|
19-Dec-2014 |
deraadt |
i386 unrolling blows up the media in a big way, due to -Os for ramdisk libc builds. there has to be a better way without #ifdef's in gross places, but I don't see it yet.
|
#
1.20 |
|
18-Dec-2014 |
tedu |
only unroll on i386 and amd64 (where confirmed to be much faster). naddy found sparc64 gets a little slower when unrolled. ok deraadt
|
#
1.19 |
|
17-Dec-2014 |
tedu |
unroll loops. much faster on amd64. ok deraadt millert
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
20-Jul-2014 |
guenther |
From ISO/IEC 9899:1999 and 9899:201x, 6.11.5 - Storage-class specifiers: The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature.
Diff from Jean-Philippe Ouellet (jean-philippe (at) ouellet.biz)
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.17 |
|
08-Jan-2014 |
tedu |
calling HashFinal with a null digest should crash, not be silently ignored
|
#
1.16 |
|
08-Jan-2014 |
deraadt |
rename SHA256_ONLY to SHA2_SMALL; changing things so that sha512 support is also pulled in
|
#
1.15 |
|
22-Dec-2013 |
tedu |
remove unneeded check for null context. ok deraadt gilles millert
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.14 |
|
15-Apr-2013 |
millert |
SHA-224 is to SHA-256 as SHA-384 is to SHA-512. It was added in a later revision of FIPS-180. OK miod@ jmc@ guenther@ djm@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.13 |
|
15-Apr-2009 |
djm |
allow building without SHA384 and SHA512 (i.e. SHA256 only) with -DSHA256_ONLY in order to save space; ok deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.12 |
|
06-Sep-2008 |
djm |
Rename SHA256/384/512 API to avoid namespace collisions with forthcoming OpenSSL update.
Function names lose their underscore (SHA256_Init => SHA256Init) and the various SHA256_CTX, SHA512_CTX are merged into a single SHA2_CTX that is used for all these hashes.
ok millert@ manpage bits jmc@ "please commit" deraadt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.11 |
|
08-Aug-2005 |
espie |
zap remaining rcsid.
Kill old files that are no longer compiled.
okay theo
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE
|
#
1.10 |
|
28-May-2004 |
millert |
In the Final function, move the context zeroing into the digest != NULL scope so that passing a NULL digest is equivalent to the Pad function (like it used to be). Fixes skey w/ sha1 as noticed by David Krause.
|
#
1.9 |
|
07-May-2004 |
millert |
Simpler byte order flipping. Now the only place we explicitly check for the host byte order is when we copy the final digest (and that is just an optimization).
|
#
1.8 |
|
05-May-2004 |
millert |
Make the Transform functions match the other hash types and document them. Use sizeof() in the Init functions where it makes sense. Use weak aliases instead of wrapper functions.
Probably should have gone in before the major bump but as these are only used internally by the sha2 functions themselves there should be no problem.
|
#
1.7 |
|
03-May-2004 |
millert |
Add Pad and FileChunk functions for each family of hash functions. The Pad function does padding like in Final but does not finish processing. The FileChunk function creates a digest from a portion of a file. Also made the length parameters consistent (and size_t).
|
#
1.6 |
|
03-May-2004 |
millert |
Rev 1.4 was bogus (committed from the wrong tree), this repairs it.
|
#
1.5 |
|
02-May-2004 |
millert |
some minor KNF
|
#
1.4 |
|
29-Apr-2004 |
millert |
The data pointer passed to the transform function may not be properly aligned so copy it in a way that a) is endian indepenent and b) does not rely on alignment. Problem found and solution tested by hshoexer@
|
#
1.3 |
|
28-Apr-2004 |
millert |
KNF: function names should be at column 0 for easier grepping.
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.2 |
|
08-Sep-2003 |
millert |
Zap context correctly, from Juergen Buchmueller <pullmoll at stop1984 dot com> Same as sys/crypto/sha2.c revision 1.2
|
#
1.1 |
|
08-May-2003 |
millert |
Add sha2 routines based on code by Aaron D. Gifford with minor massaging and a man page by me. I used the phk-derived stuff for sha2hl.c instead of Aaron's for consistency with our other hash routines.
|