155714Skris/* crypto/sha/sha_locl.h */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 8280304Sjkim * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15280304Sjkim * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 22280304Sjkim * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 37280304Sjkim * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40280304Sjkim * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 52280304Sjkim * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 5855714Skris 5955714Skris#include <stdlib.h> 6055714Skris#include <string.h> 6155714Skris 6255714Skris#include <openssl/opensslconf.h> 6359191Skris#include <openssl/sha.h> 6455714Skris 6559191Skris#define DATA_ORDER_IS_BIG_ENDIAN 6655714Skris 6759191Skris#define HASH_LONG SHA_LONG 6859191Skris#define HASH_CTX SHA_CTX 6959191Skris#define HASH_CBLOCK SHA_CBLOCK 70280304Sjkim#define HASH_MAKE_STRING(c,s) do { \ 71280304Sjkim unsigned long ll; \ 72280304Sjkim ll=(c)->h0; (void)HOST_l2c(ll,(s)); \ 73280304Sjkim ll=(c)->h1; (void)HOST_l2c(ll,(s)); \ 74280304Sjkim ll=(c)->h2; (void)HOST_l2c(ll,(s)); \ 75280304Sjkim ll=(c)->h3; (void)HOST_l2c(ll,(s)); \ 76280304Sjkim ll=(c)->h4; (void)HOST_l2c(ll,(s)); \ 77280304Sjkim } while (0) 7855714Skris 7959191Skris#if defined(SHA_0) 8055714Skris 81280304Sjkim# define HASH_UPDATE SHA_Update 82280304Sjkim# define HASH_TRANSFORM SHA_Transform 83280304Sjkim# define HASH_FINAL SHA_Final 84280304Sjkim# define HASH_INIT SHA_Init 85280304Sjkim# define HASH_BLOCK_DATA_ORDER sha_block_data_order 86280304Sjkim# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id)) 8755714Skris 88280304Sjkimstatic void sha_block_data_order(SHA_CTX *c, const void *p, size_t num); 8955714Skris 9059191Skris#elif defined(SHA_1) 9155714Skris 92280304Sjkim# define HASH_UPDATE SHA1_Update 93280304Sjkim# define HASH_TRANSFORM SHA1_Transform 94280304Sjkim# define HASH_FINAL SHA1_Final 95280304Sjkim# define HASH_INIT SHA1_Init 96280304Sjkim# define HASH_BLOCK_DATA_ORDER sha1_block_data_order 9759191Skris# if defined(__MWERKS__) && defined(__MC68K__) 9859191Skris /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */ 99280304Sjkim# define Xupdate(a,ix,ia,ib,ic,id) do { (a)=(ia^ib^ic^id); \ 100280304Sjkim ix=(a)=ROTATE((a),1); \ 101280304Sjkim } while (0) 10259191Skris# else 103280304Sjkim# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \ 104280304Sjkim ix=(a)=ROTATE((a),1) \ 105280304Sjkim ) 10659191Skris# endif 10755714Skris 108280304Sjkim# ifndef SHA1_ASM 109194206Ssimonstatic 110280304Sjkim# endif 111280304Sjkimvoid sha1_block_data_order(SHA_CTX *c, const void *p, size_t num); 11255714Skris 11359191Skris#else 11459191Skris# error "Either SHA_0 or SHA_1 must be defined." 11559191Skris#endif 11655714Skris 11759191Skris#include "md32_common.h" 11855714Skris 11959191Skris#define INIT_DATA_h0 0x67452301UL 12059191Skris#define INIT_DATA_h1 0xefcdab89UL 12159191Skris#define INIT_DATA_h2 0x98badcfeUL 12259191Skris#define INIT_DATA_h3 0x10325476UL 12359191Skris#define INIT_DATA_h4 0xc3d2e1f0UL 12455714Skris 125238405Sjkim#ifdef SHA_0 126238405Sjkimfips_md_init(SHA) 127194206Ssimon#else 128238405Sjkimfips_md_init_ctx(SHA1, SHA) 129194206Ssimon#endif 130280304Sjkim{ 131280304Sjkim memset(c, 0, sizeof(*c)); 132280304Sjkim c->h0 = INIT_DATA_h0; 133280304Sjkim c->h1 = INIT_DATA_h1; 134280304Sjkim c->h2 = INIT_DATA_h2; 135280304Sjkim c->h3 = INIT_DATA_h3; 136280304Sjkim c->h4 = INIT_DATA_h4; 137280304Sjkim return 1; 138280304Sjkim} 13955714Skris 140280304Sjkim#define K_00_19 0x5a827999UL 14159191Skris#define K_20_39 0x6ed9eba1UL 14259191Skris#define K_40_59 0x8f1bbcdcUL 14359191Skris#define K_60_79 0xca62c1d6UL 14459191Skris 145280304Sjkim/* 146280304Sjkim * As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be simplified 147280304Sjkim * to the code in F_00_19. Wei attributes these optimisations to Peter 148280304Sjkim * Gutmann's SHS code, and he attributes it to Rich Schroeppel. #define 149280304Sjkim * F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) I've just become aware of another 150280304Sjkim * tweak to be made, again from Wei Dai, in F_40_59, (x&a)|(y&a) -> (x|y)&a 15155714Skris */ 152280304Sjkim#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d)) 153280304Sjkim#define F_20_39(b,c,d) ((b) ^ (c) ^ (d)) 154280304Sjkim#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d))) 155280304Sjkim#define F_60_79(b,c,d) F_20_39(b,c,d) 15655714Skris 157160814Ssimon#ifndef OPENSSL_SMALL_FOOTPRINT 158160814Ssimon 159280304Sjkim# define BODY_00_15(i,a,b,c,d,e,f,xi) \ 160280304Sjkim (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ 161280304Sjkim (b)=ROTATE((b),30); 16255714Skris 163280304Sjkim# define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \ 164280304Sjkim Xupdate(f,xi,xa,xb,xc,xd); \ 165280304Sjkim (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ 166280304Sjkim (b)=ROTATE((b),30); 16755714Skris 168280304Sjkim# define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \ 169280304Sjkim Xupdate(f,xi,xa,xb,xc,xd); \ 170280304Sjkim (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \ 171280304Sjkim (b)=ROTATE((b),30); 17255714Skris 173280304Sjkim# define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \ 174280304Sjkim Xupdate(f,xa,xa,xb,xc,xd); \ 175280304Sjkim (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \ 176280304Sjkim (b)=ROTATE((b),30); 17755714Skris 178280304Sjkim# define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \ 179280304Sjkim Xupdate(f,xa,xa,xb,xc,xd); \ 180280304Sjkim (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \ 181280304Sjkim (b)=ROTATE((b),30); 18255714Skris 183280304Sjkim# define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \ 184280304Sjkim Xupdate(f,xa,xa,xb,xc,xd); \ 185280304Sjkim (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \ 186280304Sjkim (b)=ROTATE((b),30); 18755714Skris 188280304Sjkim# ifdef X 189280304Sjkim# undef X 190280304Sjkim# endif 191280304Sjkim# ifndef MD32_XARRAY 19259191Skris /* 19359191Skris * Originally X was an array. As it's automatic it's natural 19459191Skris * to expect RISC compiler to accomodate at least part of it in 19559191Skris * the register bank, isn't it? Unfortunately not all compilers 19659191Skris * "find" this expectation reasonable:-( On order to make such 19759191Skris * compilers generate better code I replace X[] with a bunch of 19859191Skris * X0, X1, etc. See the function body below... 199280304Sjkim * <appro@fy.chalmers.se> 20059191Skris */ 201280304Sjkim# define X(i) XX##i 202280304Sjkim# else 20359191Skris /* 20459191Skris * However! Some compilers (most notably HP C) get overwhelmed by 20559191Skris * that many local variables so that we have to have the way to 20659191Skris * fall down to the original behavior. 20759191Skris */ 208280304Sjkim# define X(i) XX[i] 209280304Sjkim# endif 21059191Skris 211280304Sjkim# if !defined(SHA_1) || !defined(SHA1_ASM) 212280304Sjkimstatic void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num) 213280304Sjkim{ 214280304Sjkim const unsigned char *data = p; 215280304Sjkim register unsigned MD32_REG_T A, B, C, D, E, T, l; 216280304Sjkim# ifndef MD32_XARRAY 217280304Sjkim unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, 218280304Sjkim XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15; 219280304Sjkim# else 220280304Sjkim SHA_LONG XX[16]; 221280304Sjkim# endif 22259191Skris 223280304Sjkim A = c->h0; 224280304Sjkim B = c->h1; 225280304Sjkim C = c->h2; 226280304Sjkim D = c->h3; 227280304Sjkim E = c->h4; 22859191Skris 229280304Sjkim for (;;) { 230280304Sjkim const union { 231280304Sjkim long one; 232280304Sjkim char little; 233280304Sjkim } is_endian = { 234280304Sjkim 1 235280304Sjkim }; 236194206Ssimon 237280304Sjkim if (!is_endian.little && sizeof(SHA_LONG) == 4 238280304Sjkim && ((size_t)p % 4) == 0) { 239280304Sjkim const SHA_LONG *W = (const SHA_LONG *)data; 24059191Skris 241280304Sjkim X(0) = W[0]; 242280304Sjkim X(1) = W[1]; 243280304Sjkim BODY_00_15(0, A, B, C, D, E, T, X(0)); 244280304Sjkim X(2) = W[2]; 245280304Sjkim BODY_00_15(1, T, A, B, C, D, E, X(1)); 246280304Sjkim X(3) = W[3]; 247280304Sjkim BODY_00_15(2, E, T, A, B, C, D, X(2)); 248280304Sjkim X(4) = W[4]; 249280304Sjkim BODY_00_15(3, D, E, T, A, B, C, X(3)); 250280304Sjkim X(5) = W[5]; 251280304Sjkim BODY_00_15(4, C, D, E, T, A, B, X(4)); 252280304Sjkim X(6) = W[6]; 253280304Sjkim BODY_00_15(5, B, C, D, E, T, A, X(5)); 254280304Sjkim X(7) = W[7]; 255280304Sjkim BODY_00_15(6, A, B, C, D, E, T, X(6)); 256280304Sjkim X(8) = W[8]; 257280304Sjkim BODY_00_15(7, T, A, B, C, D, E, X(7)); 258280304Sjkim X(9) = W[9]; 259280304Sjkim BODY_00_15(8, E, T, A, B, C, D, X(8)); 260280304Sjkim X(10) = W[10]; 261280304Sjkim BODY_00_15(9, D, E, T, A, B, C, X(9)); 262280304Sjkim X(11) = W[11]; 263280304Sjkim BODY_00_15(10, C, D, E, T, A, B, X(10)); 264280304Sjkim X(12) = W[12]; 265280304Sjkim BODY_00_15(11, B, C, D, E, T, A, X(11)); 266280304Sjkim X(13) = W[13]; 267280304Sjkim BODY_00_15(12, A, B, C, D, E, T, X(12)); 268280304Sjkim X(14) = W[14]; 269280304Sjkim BODY_00_15(13, T, A, B, C, D, E, X(13)); 270280304Sjkim X(15) = W[15]; 271280304Sjkim BODY_00_15(14, E, T, A, B, C, D, X(14)); 272280304Sjkim BODY_00_15(15, D, E, T, A, B, C, X(15)); 27359191Skris 274280304Sjkim data += SHA_CBLOCK; 275280304Sjkim } else { 276280304Sjkim (void)HOST_c2l(data, l); 277280304Sjkim X(0) = l; 278280304Sjkim (void)HOST_c2l(data, l); 279280304Sjkim X(1) = l; 280280304Sjkim BODY_00_15(0, A, B, C, D, E, T, X(0)); 281280304Sjkim (void)HOST_c2l(data, l); 282280304Sjkim X(2) = l; 283280304Sjkim BODY_00_15(1, T, A, B, C, D, E, X(1)); 284280304Sjkim (void)HOST_c2l(data, l); 285280304Sjkim X(3) = l; 286280304Sjkim BODY_00_15(2, E, T, A, B, C, D, X(2)); 287280304Sjkim (void)HOST_c2l(data, l); 288280304Sjkim X(4) = l; 289280304Sjkim BODY_00_15(3, D, E, T, A, B, C, X(3)); 290280304Sjkim (void)HOST_c2l(data, l); 291280304Sjkim X(5) = l; 292280304Sjkim BODY_00_15(4, C, D, E, T, A, B, X(4)); 293280304Sjkim (void)HOST_c2l(data, l); 294280304Sjkim X(6) = l; 295280304Sjkim BODY_00_15(5, B, C, D, E, T, A, X(5)); 296280304Sjkim (void)HOST_c2l(data, l); 297280304Sjkim X(7) = l; 298280304Sjkim BODY_00_15(6, A, B, C, D, E, T, X(6)); 299280304Sjkim (void)HOST_c2l(data, l); 300280304Sjkim X(8) = l; 301280304Sjkim BODY_00_15(7, T, A, B, C, D, E, X(7)); 302280304Sjkim (void)HOST_c2l(data, l); 303280304Sjkim X(9) = l; 304280304Sjkim BODY_00_15(8, E, T, A, B, C, D, X(8)); 305280304Sjkim (void)HOST_c2l(data, l); 306280304Sjkim X(10) = l; 307280304Sjkim BODY_00_15(9, D, E, T, A, B, C, X(9)); 308280304Sjkim (void)HOST_c2l(data, l); 309280304Sjkim X(11) = l; 310280304Sjkim BODY_00_15(10, C, D, E, T, A, B, X(10)); 311280304Sjkim (void)HOST_c2l(data, l); 312280304Sjkim X(12) = l; 313280304Sjkim BODY_00_15(11, B, C, D, E, T, A, X(11)); 314280304Sjkim (void)HOST_c2l(data, l); 315280304Sjkim X(13) = l; 316280304Sjkim BODY_00_15(12, A, B, C, D, E, T, X(12)); 317280304Sjkim (void)HOST_c2l(data, l); 318280304Sjkim X(14) = l; 319280304Sjkim BODY_00_15(13, T, A, B, C, D, E, X(13)); 320280304Sjkim (void)HOST_c2l(data, l); 321280304Sjkim X(15) = l; 322280304Sjkim BODY_00_15(14, E, T, A, B, C, D, X(14)); 323280304Sjkim BODY_00_15(15, D, E, T, A, B, C, X(15)); 324280304Sjkim } 32559191Skris 326280304Sjkim BODY_16_19(16, C, D, E, T, A, B, X(0), X(0), X(2), X(8), X(13)); 327280304Sjkim BODY_16_19(17, B, C, D, E, T, A, X(1), X(1), X(3), X(9), X(14)); 328280304Sjkim BODY_16_19(18, A, B, C, D, E, T, X(2), X(2), X(4), X(10), X(15)); 329280304Sjkim BODY_16_19(19, T, A, B, C, D, E, X(3), X(3), X(5), X(11), X(0)); 33059191Skris 331280304Sjkim BODY_20_31(20, E, T, A, B, C, D, X(4), X(4), X(6), X(12), X(1)); 332280304Sjkim BODY_20_31(21, D, E, T, A, B, C, X(5), X(5), X(7), X(13), X(2)); 333280304Sjkim BODY_20_31(22, C, D, E, T, A, B, X(6), X(6), X(8), X(14), X(3)); 334280304Sjkim BODY_20_31(23, B, C, D, E, T, A, X(7), X(7), X(9), X(15), X(4)); 335280304Sjkim BODY_20_31(24, A, B, C, D, E, T, X(8), X(8), X(10), X(0), X(5)); 336280304Sjkim BODY_20_31(25, T, A, B, C, D, E, X(9), X(9), X(11), X(1), X(6)); 337280304Sjkim BODY_20_31(26, E, T, A, B, C, D, X(10), X(10), X(12), X(2), X(7)); 338280304Sjkim BODY_20_31(27, D, E, T, A, B, C, X(11), X(11), X(13), X(3), X(8)); 339280304Sjkim BODY_20_31(28, C, D, E, T, A, B, X(12), X(12), X(14), X(4), X(9)); 340280304Sjkim BODY_20_31(29, B, C, D, E, T, A, X(13), X(13), X(15), X(5), X(10)); 341280304Sjkim BODY_20_31(30, A, B, C, D, E, T, X(14), X(14), X(0), X(6), X(11)); 342280304Sjkim BODY_20_31(31, T, A, B, C, D, E, X(15), X(15), X(1), X(7), X(12)); 34359191Skris 344280304Sjkim BODY_32_39(32, E, T, A, B, C, D, X(0), X(2), X(8), X(13)); 345280304Sjkim BODY_32_39(33, D, E, T, A, B, C, X(1), X(3), X(9), X(14)); 346280304Sjkim BODY_32_39(34, C, D, E, T, A, B, X(2), X(4), X(10), X(15)); 347280304Sjkim BODY_32_39(35, B, C, D, E, T, A, X(3), X(5), X(11), X(0)); 348280304Sjkim BODY_32_39(36, A, B, C, D, E, T, X(4), X(6), X(12), X(1)); 349280304Sjkim BODY_32_39(37, T, A, B, C, D, E, X(5), X(7), X(13), X(2)); 350280304Sjkim BODY_32_39(38, E, T, A, B, C, D, X(6), X(8), X(14), X(3)); 351280304Sjkim BODY_32_39(39, D, E, T, A, B, C, X(7), X(9), X(15), X(4)); 35259191Skris 353280304Sjkim BODY_40_59(40, C, D, E, T, A, B, X(8), X(10), X(0), X(5)); 354280304Sjkim BODY_40_59(41, B, C, D, E, T, A, X(9), X(11), X(1), X(6)); 355280304Sjkim BODY_40_59(42, A, B, C, D, E, T, X(10), X(12), X(2), X(7)); 356280304Sjkim BODY_40_59(43, T, A, B, C, D, E, X(11), X(13), X(3), X(8)); 357280304Sjkim BODY_40_59(44, E, T, A, B, C, D, X(12), X(14), X(4), X(9)); 358280304Sjkim BODY_40_59(45, D, E, T, A, B, C, X(13), X(15), X(5), X(10)); 359280304Sjkim BODY_40_59(46, C, D, E, T, A, B, X(14), X(0), X(6), X(11)); 360280304Sjkim BODY_40_59(47, B, C, D, E, T, A, X(15), X(1), X(7), X(12)); 361280304Sjkim BODY_40_59(48, A, B, C, D, E, T, X(0), X(2), X(8), X(13)); 362280304Sjkim BODY_40_59(49, T, A, B, C, D, E, X(1), X(3), X(9), X(14)); 363280304Sjkim BODY_40_59(50, E, T, A, B, C, D, X(2), X(4), X(10), X(15)); 364280304Sjkim BODY_40_59(51, D, E, T, A, B, C, X(3), X(5), X(11), X(0)); 365280304Sjkim BODY_40_59(52, C, D, E, T, A, B, X(4), X(6), X(12), X(1)); 366280304Sjkim BODY_40_59(53, B, C, D, E, T, A, X(5), X(7), X(13), X(2)); 367280304Sjkim BODY_40_59(54, A, B, C, D, E, T, X(6), X(8), X(14), X(3)); 368280304Sjkim BODY_40_59(55, T, A, B, C, D, E, X(7), X(9), X(15), X(4)); 369280304Sjkim BODY_40_59(56, E, T, A, B, C, D, X(8), X(10), X(0), X(5)); 370280304Sjkim BODY_40_59(57, D, E, T, A, B, C, X(9), X(11), X(1), X(6)); 371280304Sjkim BODY_40_59(58, C, D, E, T, A, B, X(10), X(12), X(2), X(7)); 372280304Sjkim BODY_40_59(59, B, C, D, E, T, A, X(11), X(13), X(3), X(8)); 37359191Skris 374280304Sjkim BODY_60_79(60, A, B, C, D, E, T, X(12), X(14), X(4), X(9)); 375280304Sjkim BODY_60_79(61, T, A, B, C, D, E, X(13), X(15), X(5), X(10)); 376280304Sjkim BODY_60_79(62, E, T, A, B, C, D, X(14), X(0), X(6), X(11)); 377280304Sjkim BODY_60_79(63, D, E, T, A, B, C, X(15), X(1), X(7), X(12)); 378280304Sjkim BODY_60_79(64, C, D, E, T, A, B, X(0), X(2), X(8), X(13)); 379280304Sjkim BODY_60_79(65, B, C, D, E, T, A, X(1), X(3), X(9), X(14)); 380280304Sjkim BODY_60_79(66, A, B, C, D, E, T, X(2), X(4), X(10), X(15)); 381280304Sjkim BODY_60_79(67, T, A, B, C, D, E, X(3), X(5), X(11), X(0)); 382280304Sjkim BODY_60_79(68, E, T, A, B, C, D, X(4), X(6), X(12), X(1)); 383280304Sjkim BODY_60_79(69, D, E, T, A, B, C, X(5), X(7), X(13), X(2)); 384280304Sjkim BODY_60_79(70, C, D, E, T, A, B, X(6), X(8), X(14), X(3)); 385280304Sjkim BODY_60_79(71, B, C, D, E, T, A, X(7), X(9), X(15), X(4)); 386280304Sjkim BODY_60_79(72, A, B, C, D, E, T, X(8), X(10), X(0), X(5)); 387280304Sjkim BODY_60_79(73, T, A, B, C, D, E, X(9), X(11), X(1), X(6)); 388280304Sjkim BODY_60_79(74, E, T, A, B, C, D, X(10), X(12), X(2), X(7)); 389280304Sjkim BODY_60_79(75, D, E, T, A, B, C, X(11), X(13), X(3), X(8)); 390280304Sjkim BODY_60_79(76, C, D, E, T, A, B, X(12), X(14), X(4), X(9)); 391280304Sjkim BODY_60_79(77, B, C, D, E, T, A, X(13), X(15), X(5), X(10)); 392280304Sjkim BODY_60_79(78, A, B, C, D, E, T, X(14), X(0), X(6), X(11)); 393280304Sjkim BODY_60_79(79, T, A, B, C, D, E, X(15), X(1), X(7), X(12)); 39459191Skris 395280304Sjkim c->h0 = (c->h0 + E) & 0xffffffffL; 396280304Sjkim c->h1 = (c->h1 + T) & 0xffffffffL; 397280304Sjkim c->h2 = (c->h2 + A) & 0xffffffffL; 398280304Sjkim c->h3 = (c->h3 + B) & 0xffffffffL; 399280304Sjkim c->h4 = (c->h4 + C) & 0xffffffffL; 40059191Skris 401280304Sjkim if (--num == 0) 402280304Sjkim break; 40359191Skris 404280304Sjkim A = c->h0; 405280304Sjkim B = c->h1; 406280304Sjkim C = c->h2; 407280304Sjkim D = c->h3; 408280304Sjkim E = c->h4; 409160814Ssimon 410280304Sjkim } 411280304Sjkim} 412280304Sjkim# endif 413160814Ssimon 414280304Sjkim#else /* OPENSSL_SMALL_FOOTPRINT */ 415160814Ssimon 416280304Sjkim# define BODY_00_15(xi) do { \ 417280304Sjkim T=E+K_00_19+F_00_19(B,C,D); \ 418280304Sjkim E=D, D=C, C=ROTATE(B,30), B=A; \ 419280304Sjkim A=ROTATE(A,5)+T+xi; } while(0) 420160814Ssimon 421280304Sjkim# define BODY_16_19(xa,xb,xc,xd) do { \ 422280304Sjkim Xupdate(T,xa,xa,xb,xc,xd); \ 423280304Sjkim T+=E+K_00_19+F_00_19(B,C,D); \ 424280304Sjkim E=D, D=C, C=ROTATE(B,30), B=A; \ 425280304Sjkim A=ROTATE(A,5)+T; } while(0) 426160814Ssimon 427280304Sjkim# define BODY_20_39(xa,xb,xc,xd) do { \ 428280304Sjkim Xupdate(T,xa,xa,xb,xc,xd); \ 429280304Sjkim T+=E+K_20_39+F_20_39(B,C,D); \ 430280304Sjkim E=D, D=C, C=ROTATE(B,30), B=A; \ 431280304Sjkim A=ROTATE(A,5)+T; } while(0) 432160814Ssimon 433280304Sjkim# define BODY_40_59(xa,xb,xc,xd) do { \ 434280304Sjkim Xupdate(T,xa,xa,xb,xc,xd); \ 435280304Sjkim T+=E+K_40_59+F_40_59(B,C,D); \ 436280304Sjkim E=D, D=C, C=ROTATE(B,30), B=A; \ 437280304Sjkim A=ROTATE(A,5)+T; } while(0) 438160814Ssimon 439280304Sjkim# define BODY_60_79(xa,xb,xc,xd) do { \ 440280304Sjkim Xupdate(T,xa,xa,xb,xc,xd); \ 441280304Sjkim T=E+K_60_79+F_60_79(B,C,D); \ 442280304Sjkim E=D, D=C, C=ROTATE(B,30), B=A; \ 443280304Sjkim A=ROTATE(A,5)+T+xa; } while(0) 444160814Ssimon 445280304Sjkim# if !defined(SHA_1) || !defined(SHA1_ASM) 446280304Sjkimstatic void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num) 447280304Sjkim{ 448280304Sjkim const unsigned char *data = p; 449280304Sjkim register unsigned MD32_REG_T A, B, C, D, E, T, l; 450280304Sjkim int i; 451280304Sjkim SHA_LONG X[16]; 452160814Ssimon 453280304Sjkim A = c->h0; 454280304Sjkim B = c->h1; 455280304Sjkim C = c->h2; 456280304Sjkim D = c->h3; 457280304Sjkim E = c->h4; 458160814Ssimon 459280304Sjkim for (;;) { 460280304Sjkim for (i = 0; i < 16; i++) { 461280304Sjkim HOST_c2l(data, l); 462280304Sjkim X[i] = l; 463280304Sjkim BODY_00_15(X[i]); 464280304Sjkim } 465280304Sjkim for (i = 0; i < 4; i++) { 466280304Sjkim BODY_16_19(X[i], X[i + 2], X[i + 8], X[(i + 13) & 15]); 467280304Sjkim } 468280304Sjkim for (; i < 24; i++) { 469280304Sjkim BODY_20_39(X[i & 15], X[(i + 2) & 15], X[(i + 8) & 15], 470280304Sjkim X[(i + 13) & 15]); 471280304Sjkim } 472280304Sjkim for (i = 0; i < 20; i++) { 473280304Sjkim BODY_40_59(X[(i + 8) & 15], X[(i + 10) & 15], X[i & 15], 474280304Sjkim X[(i + 5) & 15]); 475280304Sjkim } 476280304Sjkim for (i = 4; i < 24; i++) { 477280304Sjkim BODY_60_79(X[(i + 8) & 15], X[(i + 10) & 15], X[i & 15], 478280304Sjkim X[(i + 5) & 15]); 479280304Sjkim } 480160814Ssimon 481280304Sjkim c->h0 = (c->h0 + A) & 0xffffffffL; 482280304Sjkim c->h1 = (c->h1 + B) & 0xffffffffL; 483280304Sjkim c->h2 = (c->h2 + C) & 0xffffffffL; 484280304Sjkim c->h3 = (c->h3 + D) & 0xffffffffL; 485280304Sjkim c->h4 = (c->h4 + E) & 0xffffffffL; 486160814Ssimon 487280304Sjkim if (--num == 0) 488280304Sjkim break; 489160814Ssimon 490280304Sjkim A = c->h0; 491280304Sjkim B = c->h1; 492280304Sjkim C = c->h2; 493280304Sjkim D = c->h3; 494280304Sjkim E = c->h4; 495160814Ssimon 496280304Sjkim } 497280304Sjkim} 498280304Sjkim# endif 499280304Sjkim 500160814Ssimon#endif 501