OpenCoverage

sha256.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/coreutils/src/gnulib/lib/sha256.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* sha256.c - Functions to compute SHA256 and SHA224 message digest of files or -

2 memory blocks according to the NIST specification FIPS-180-2. -

3 -

5 -

6 This program is free software: you can redistribute it and/or modify -

7 it under the terms of the GNU General Public License as published by -

8 the Free Software Foundation, either version 3 of the License, or -

9 (at your option) any later version. -

10 -

11 This program is distributed in the hope that it will be useful, -

12 but WITHOUT ANY WARRANTY; without even the implied warranty of -

13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -

14 GNU General Public License for more details. -

15 -

16 You should have received a copy of the GNU General Public License -

17 along with this program. If not, see <https://www.gnu.org/licenses/>. */ -

18 -

19 /* Written by David Madore, considerably copypasting from -

20 Scott G. Miller's sha1.c -

21 */ -

22 -

23 #include <config.h> -

24 -

25 #if HAVE_OPENSSL_SHA256 -

26 # define GL_OPENSSL_INLINE _GL_EXTERN_INLINE -

27 #endif -

28 #include "sha256.h" -

29 -

30 #include <stdalign.h> -

31 #include <stdint.h> -

32 #include <stdlib.h> -

33 #include <string.h> -

34 -

35 #if USE_UNLOCKED_IO -

36 # include "unlocked-io.h" -

37 #endif -

38 -

39 #ifdef WORDS_BIGENDIAN -

40 # define SWAP(n) (n) -

41 #else -

42 # define SWAP(n) \ -

43 (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) -

44 #endif -

45 -

46 #define BLOCKSIZE 32768 -

47 #if BLOCKSIZE % 64 != 0 -

48 # error "invalid BLOCKSIZE" -

49 #endif -

50 -

51 #if ! HAVE_OPENSSL_SHA256 -

52 /* This array contains the bytes used to pad the buffer to the next -

53 64-byte boundary. */ -

54 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; -

55 -

56 -

57 /* -

58 Takes a pointer to a 256 bit block of data (eight 32 bit ints) and -

59 initializes it to the start constants of the SHA256 algorithm. This -

60 must be called before using hash in the call to sha256_hash -

61 */ -

62 void -

63 sha256_init_ctx (struct sha256_ctx *ctx) -

64 { -

65 ctx->state[0] = 0x6a09e667UL; -

66 ctx->state[1] = 0xbb67ae85UL; -

67 ctx->state[2] = 0x3c6ef372UL; -

68 ctx->state[3] = 0xa54ff53aUL; -

69 ctx->state[4] = 0x510e527fUL; -

70 ctx->state[5] = 0x9b05688cUL; -

71 ctx->state[6] = 0x1f83d9abUL; -

72 ctx->state[7] = 0x5be0cd19UL; -

73 -

74 ctx->total[0] = ctx->total[1] = 0; -

75 ctx->buflen = 0; -

}

executed 7 times by 1 test: end of block

Executed by:

sha256sum

77 -

78 void -

79 sha224_init_ctx (struct sha256_ctx *ctx) -

80 { -

81 ctx->state[0] = 0xc1059ed8UL; -

82 ctx->state[1] = 0x367cd507UL; -

83 ctx->state[2] = 0x3070dd17UL; -

84 ctx->state[3] = 0xf70e5939UL; -

85 ctx->state[4] = 0xffc00b31UL; -

86 ctx->state[5] = 0x68581511UL; -

87 ctx->state[6] = 0x64f98fa7UL; -

88 ctx->state[7] = 0xbefa4fa4UL; -

89 -

90 ctx->total[0] = ctx->total[1] = 0; -

91 ctx->buflen = 0; -

}

executed 5 times by 1 test: end of block

Executed by:

sha224sum

93 -

94 /* Copy the value from v into the memory location pointed to by *cp, -

95 If your architecture allows unaligned access this is equivalent to -

96 * (uint32_t *) cp = v */ -

97 static void -

98 set_uint32 (char *cp, uint32_t v) -

99 { -

100 memcpy (cp, &v, sizeof v); -

101

}

executed 115 times by 2 tests: end of block

Executed by:

sha224sum
sha256sum

115

102 -

103 /* Put result from CTX in first 32 bytes following RESBUF. The result -

104 must be in little endian byte order. */ -

105 void * -

106 sha256_read_ctx (const struct sha256_ctx *ctx, void *resbuf) -

107 { -

108 int i; -

109 char *r = resbuf; -

110 -

111

for (i = 0; i < 8; i++)

i < 8	Description
TRUE	evaluated 56 times by 1 test Evaluated by: sha256sum
FALSE	evaluated 7 times by 1 test Evaluated by: sha256sum

7-56

112

set_uint32 (r + i * sizeof ctx->state[0], SWAP (ctx->state[i]));

executed 56 times by 1 test:

set_uint32 (r + i * sizeof ctx->state[0], (((ctx->state[i]) << 24) | (((ctx->state[i]) & 0xff00) << 8) | (((ctx->state[i]) >> 8) & 0xff00) | ((ctx->state[i]) >> 24)));

Executed by:

sha256sum

113 -

114

return resbuf;

executed 7 times by 1 test: return resbuf;

Executed by:

sha256sum

115 } -

116 -

117 void * -

118 sha224_read_ctx (const struct sha256_ctx *ctx, void *resbuf) -

119 { -

120 int i; -

121 char *r = resbuf; -

122 -

123

for (i = 0; i < 7; i++)

i < 7	Description
TRUE	evaluated 35 times by 1 test Evaluated by: sha224sum
FALSE	evaluated 5 times by 1 test Evaluated by: sha224sum

5-35

124

set_uint32 (r + i * sizeof ctx->state[0], SWAP (ctx->state[i]));

executed 35 times by 1 test:

set_uint32 (r + i * sizeof ctx->state[0], (((ctx->state[i]) << 24) | (((ctx->state[i]) & 0xff00) << 8) | (((ctx->state[i]) >> 8) & 0xff00) | ((ctx->state[i]) >> 24)));

Executed by:

sha224sum

125 -

126

return resbuf;

executed 5 times by 1 test: return resbuf;

Executed by:

sha224sum

127 } -

128 -

129 /* Process the remaining bytes in the internal buffer and the usual -

130 prolog according to the standard and write the result to RESBUF. */ -

131 static void -

132 sha256_conclude_ctx (struct sha256_ctx *ctx) -

133 { -

134 /* Take yet unprocessed bytes into account. */ -

135 size_t bytes = ctx->buflen; -

136

size_t size = (bytes < 56) ? 64 / 4 : 64 * 2 / 4;

(bytes < 56)	Description
TRUE	evaluated 10 times by 2 tests Evaluated by: sha224sum sha256sum
FALSE	evaluated 2 times by 2 tests Evaluated by: sha224sum sha256sum

2-10

137 -

138 /* Now count remaining bytes. */ -

139 ctx->total[0] += bytes; -

140

if (ctx->total[0] < bytes)

ctx->total[0] < bytes	Description
TRUE	never evaluated
FALSE	evaluated 12 times by 2 tests Evaluated by: sha224sum sha256sum

0-12

141

++ctx->total[1];

never executed: ++ctx->total[1];

142 -

143 /* Put the 64-bit file length in *bits* at the end of the buffer. -

144 Use set_uint32 rather than a simple assignment, to avoid risk of -

145 unaligned access. */ -

146 set_uint32 ((char *) &ctx->buffer[size - 2], -

147 SWAP ((ctx->total[1] << 3) | (ctx->total[0] >> 29))); -

148 set_uint32 ((char *) &ctx->buffer[size - 1], -

149 SWAP (ctx->total[0] << 3)); -

150 -

151 memcpy (&((char *) ctx->buffer)[bytes], fillbuf, (size - 2) * 4 - bytes); -

152 -

153 /* Process last bytes. */ -

154 sha256_process_block (ctx->buffer, size * 4, ctx); -

155

}

executed 12 times by 2 tests: end of block

Executed by:

sha224sum
sha256sum

156 -

157 void * -

158 sha256_finish_ctx (struct sha256_ctx *ctx, void *resbuf) -

159 { -

160 sha256_conclude_ctx (ctx); -

161

return sha256_read_ctx (ctx, resbuf);

executed 7 times by 1 test: return sha256_read_ctx (ctx, resbuf);

Executed by:

sha256sum

162 } -

163 -

164 void * -

165 sha224_finish_ctx (struct sha256_ctx *ctx, void *resbuf) -

166 { -

167 sha256_conclude_ctx (ctx); -

168

return sha224_read_ctx (ctx, resbuf);

executed 5 times by 1 test: return sha224_read_ctx (ctx, resbuf);

Executed by:

sha224sum

169 } -

170 #endif -

171 -

172 /* Compute SHA256 message digest for bytes read from STREAM. The -

173 resulting message digest number will be written into the 32 bytes -

174 beginning at RESBLOCK. */ -

175 int -

176 sha256_stream (FILE *stream, void *resblock) -

177 { -

178 struct sha256_ctx ctx; -

179 size_t sum; -

180 -

181 char *buffer = malloc (BLOCKSIZE + 72); -

182

if (!buffer)

!buffer	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: sha256sum

0-7

183

return 1;

never executed: return 1;

184 -

185 /* Initialize the computation context. */ -

186 sha256_init_ctx (&ctx); -

187 -

188 /* Iterate over full file contents. */ -

189 while (1) -

190 { -

191 /* We read the file in blocks of BLOCKSIZE bytes. One call of the -

192 computation function processes the whole buffer so that with the -

193 next round of the loop another block can be read. */ -

194 size_t n; -

195 sum = 0; -

196 -

197 /* Read block. Take care for partial reads. */ -

198 while (1) -

199 { -

200 n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream); -

201 -

202 sum += n; -

203 -

204

if (sum == BLOCKSIZE)

sum == 32768	Description
TRUE	evaluated 30 times by 1 test Evaluated by: sha256sum
FALSE	evaluated 7 times by 1 test Evaluated by: sha256sum

7-30

205

break;

executed 30 times by 1 test: break;

Executed by:

sha256sum

206 -

207

if (n == 0)

n == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: sha256sum
FALSE	evaluated 6 times by 1 test Evaluated by: sha256sum

1-6

208 { -

209 /* Check for the error flag IFF N == 0, so that we don't -

210 exit the loop after a partial read due to e.g., EAGAIN -

211 or EWOULDBLOCK. */ -

212

if (ferror (stream))

ferror_unlocked (stream)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: sha256sum

0-1

213 { -

214 free (buffer); -

215

return 1;

never executed: return 1;

216 } -

217

goto process_partial_block;

executed 1 time by 1 test: goto process_partial_block;

Executed by:

sha256sum

218 } -

219 -

220 /* We've read at least one byte, so ignore errors. But always -

221 check for EOF, since feof may be true even though N > 0. -

222 Otherwise, we could end up calling fread after EOF. */ -

223

if (feof (stream))

feof_unlocked (stream)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: sha256sum
FALSE	never evaluated

0-6

224

goto process_partial_block;

executed 6 times by 1 test: goto process_partial_block;

Executed by:

sha256sum

225

}

never executed: end of block

226 -

227 /* Process buffer with BLOCKSIZE bytes. Note that -

228 BLOCKSIZE % 64 == 0 -

229 */ -

230 sha256_process_block (buffer, BLOCKSIZE, &ctx); -

231

}

executed 30 times by 1 test: end of block

Executed by:

sha256sum

232 -

233

process_partial_block:;

code before this statement never executed: process_partial_block:

234 -

235 /* Process any remaining bytes. */ -

236

if (sum > 0)

sum > 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: sha256sum
FALSE	evaluated 1 time by 1 test Evaluated by: sha256sum

1-6

237

sha256_process_bytes (buffer, sum, &ctx);

executed 6 times by 1 test: sha256_process_bytes (buffer, sum, &ctx);

Executed by:

sha256sum

238 -

239 /* Construct result in desired memory. */ -

240 sha256_finish_ctx (&ctx, resblock); -

241 free (buffer); -

242

return 0;

executed 7 times by 1 test: return 0;

Executed by:

sha256sum

243 } -

244 -

245 /* FIXME: Avoid code duplication */ -

246 int -

247 sha224_stream (FILE *stream, void *resblock) -

248 { -

249 struct sha256_ctx ctx; -

250 size_t sum; -

251 -

252 char *buffer = malloc (BLOCKSIZE + 72); -

253

if (!buffer)

!buffer	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: sha224sum

0-5

254

return 1;

never executed: return 1;

255 -

256 /* Initialize the computation context. */ -

257 sha224_init_ctx (&ctx); -

258 -

259 /* Iterate over full file contents. */ -

260 while (1) -

261 { -

262 /* We read the file in blocks of BLOCKSIZE bytes. One call of the -

263 computation function processes the whole buffer so that with the -

264 next round of the loop another block can be read. */ -

265 size_t n; -

266 sum = 0; -

267 -

268 /* Read block. Take care for partial reads. */ -

269 while (1) -

270 { -

271 n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream); -

272 -

273 sum += n; -

274 -

275

if (sum == BLOCKSIZE)

sum == 32768	Description
TRUE	evaluated 30 times by 1 test Evaluated by: sha224sum
FALSE	evaluated 5 times by 1 test Evaluated by: sha224sum

5-30

276

break;

executed 30 times by 1 test: break;

Executed by:

sha224sum

277 -

278

if (n == 0)

n == 0	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: sha224sum

0-5

279 { -

280 /* Check for the error flag IFF N == 0, so that we don't -

281 exit the loop after a partial read due to e.g., EAGAIN -

282 or EWOULDBLOCK. */ -

283

if (ferror (stream))

ferror_unlocked (stream)	Description
TRUE	never evaluated
FALSE	never evaluated

284 { -

285 free (buffer); -

286

return 1;

never executed: return 1;

287 } -

288

goto process_partial_block;

never executed: goto process_partial_block;

289 } -

290 -

291 /* We've read at least one byte, so ignore errors. But always -

292 check for EOF, since feof may be true even though N > 0. -

293 Otherwise, we could end up calling fread after EOF. */ -

294

if (feof (stream))

feof_unlocked (stream)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: sha224sum
FALSE	never evaluated

0-5

295

goto process_partial_block;

executed 5 times by 1 test: goto process_partial_block;

Executed by:

sha224sum

296

}

never executed: end of block

297 -

298 /* Process buffer with BLOCKSIZE bytes. Note that -

299 BLOCKSIZE % 64 == 0 -

300 */ -

301 sha256_process_block (buffer, BLOCKSIZE, &ctx); -

302

}

executed 30 times by 1 test: end of block

Executed by:

sha224sum

303 -

304

process_partial_block:;

code before this statement never executed: process_partial_block:

305 -

306 /* Process any remaining bytes. */ -

307

if (sum > 0)

sum > 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: sha224sum
FALSE	never evaluated

0-5

308

sha256_process_bytes (buffer, sum, &ctx);

executed 5 times by 1 test: sha256_process_bytes (buffer, sum, &ctx);

Executed by:

sha224sum

309 -

310 /* Construct result in desired memory. */ -

311 sha224_finish_ctx (&ctx, resblock); -

312 free (buffer); -

313

return 0;

executed 5 times by 1 test: return 0;

Executed by:

sha224sum

314 } -

315 -

316 #if ! HAVE_OPENSSL_SHA256 -

317 /* Compute SHA512 message digest for LEN bytes beginning at BUFFER. The -

318 result is always in little endian byte order, so that a byte-wise -

319 output yields to the wanted ASCII representation of the message -

320 digest. */ -

321 void * -

322 sha256_buffer (const char *buffer, size_t len, void *resblock) -

323 { -

324 struct sha256_ctx ctx; -

325 -

326 /* Initialize the computation context. */ -

327 sha256_init_ctx (&ctx); -

328 -

329 /* Process whole buffer but last len % 64 bytes. */ -

330 sha256_process_bytes (buffer, len, &ctx); -

331 -

332 /* Put result in desired memory area. */ -

333

return sha256_finish_ctx (&ctx, resblock);

never executed: return sha256_finish_ctx (&ctx, resblock);

334 } -

335 -

336 void * -

337 sha224_buffer (const char *buffer, size_t len, void *resblock) -

338 { -

339 struct sha256_ctx ctx; -

340 -

341 /* Initialize the computation context. */ -

342 sha224_init_ctx (&ctx); -

343 -

344 /* Process whole buffer but last len % 64 bytes. */ -

345 sha256_process_bytes (buffer, len, &ctx); -

346 -

347 /* Put result in desired memory area. */ -

348

return sha224_finish_ctx (&ctx, resblock);

never executed: return sha224_finish_ctx (&ctx, resblock);

349 } -

350 -

351 void -

352 sha256_process_bytes (const void *buffer, size_t len, struct sha256_ctx *ctx) -

353 { -

354 /* When we already have some bits in our internal buffer concatenate -

355 both inputs first. */ -

356

if (ctx->buflen != 0)

ctx->buflen != 0	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 2 tests Evaluated by: sha224sum sha256sum

0-11

357 { -

358 size_t left_over = ctx->buflen; -

359

size_t add = 128 - left_over > len ? len : 128 - left_over;

128 - left_over > len	Description
TRUE	never evaluated
FALSE	never evaluated

360 -

361 memcpy (&((char *) ctx->buffer)[left_over], buffer, add); -

362 ctx->buflen += add; -

363 -

364

if (ctx->buflen > 64)

ctx->buflen > 64	Description
TRUE	never evaluated
FALSE	never evaluated

365 { -

366 sha256_process_block (ctx->buffer, ctx->buflen & ~63, ctx); -

367 -

368 ctx->buflen &= 63; -

369 /* The regions in the following copy operation cannot overlap, -

370 because ctx->buflen < 64 ≤ (left_over + add) & ~63. */ -

371 memcpy (ctx->buffer, -

372 &((char *) ctx->buffer)[(left_over + add) & ~63], -

373 ctx->buflen); -

374

}

never executed: end of block

375 -

376 buffer = (const char *) buffer + add; -

377 len -= add; -

378

}

never executed: end of block

379 -

380 /* Process available complete blocks. */ -

381

if (len >= 64)

len >= 64	Description
TRUE	evaluated 2 times by 2 tests Evaluated by: sha224sum sha256sum
FALSE	evaluated 9 times by 2 tests Evaluated by: sha224sum sha256sum

2-9

382 { -

383 #if !(_STRING_ARCH_unaligned || _STRING_INLINE_unaligned) -

384 # define UNALIGNED_P(p) ((uintptr_t) (p) % alignof (uint32_t) != 0) -

385 if (UNALIGNED_P (buffer)) -

386 while (len > 64) -

387 { -

388 sha256_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); -

389 buffer = (const char *) buffer + 64; -

390 len -= 64; -

391 } -

392 else -

393 #endif -

394 { -

395 sha256_process_block (buffer, len & ~63, ctx); -

396 buffer = (const char *) buffer + (len & ~63); -

397 len &= 63; -

398 } -

399

}

executed 2 times by 2 tests: end of block

Executed by:

sha224sum
sha256sum

400 -

401 /* Move remaining bytes in internal buffer. */ -

402

if (len > 0)

len > 0	Description
TRUE	evaluated 9 times by 2 tests Evaluated by: sha224sum sha256sum
FALSE	evaluated 2 times by 2 tests Evaluated by: sha224sum sha256sum

2-9

403 { -

404 size_t left_over = ctx->buflen; -

405 -

406 memcpy (&((char *) ctx->buffer)[left_over], buffer, len); -

407 left_over += len; -

408

if (left_over >= 64)

left_over >= 64	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 2 tests Evaluated by: sha224sum sha256sum

0-9

409 { -

410 sha256_process_block (ctx->buffer, 64, ctx); -

411 left_over -= 64; -

412 /* The regions in the following copy operation cannot overlap, -

413 because left_over ≤ 64. */ -

414 memcpy (ctx->buffer, &ctx->buffer[16], left_over); -

415

}

never executed: end of block

416 ctx->buflen = left_over; -

417

}

executed 9 times by 2 tests: end of block

Executed by:

sha224sum
sha256sum

418

}

executed 11 times by 2 tests: end of block

Executed by:

sha224sum
sha256sum

419 -

420 /* --- Code below is the primary difference between sha1.c and sha256.c --- */ -

421 -

422 /* SHA256 round constants */ -

423 #define K(I) sha256_round_constants[I] -

424 static const uint32_t sha256_round_constants[64] = { -

425 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, -

426 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, -

427 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, -

428 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, -

429 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, -

430 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, -

431 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, -

432 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL, -

433 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, -

434 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, -

435 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, -

436 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, -

437 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, -

438 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, -

439 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, -

440 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, -

441 }; -

442 -

443 /* Round functions. */ -

444 #define F2(A,B,C) ( ( A & B ) | ( C & ( A | B ) ) ) -

445 #define F1(E,F,G) ( G ^ ( E & ( F ^ G ) ) ) -

446 -

447 /* Process LEN bytes of BUFFER, accumulating context into CTX. -

448 It is assumed that LEN % 64 == 0. -

449 Most of this code comes from GnuPG's cipher/sha1.c. */ -

450 -

451 void -

452 sha256_process_block (const void *buffer, size_t len, struct sha256_ctx *ctx) -

453 { -

454 const uint32_t *words = buffer; -

455 size_t nwords = len / sizeof (uint32_t); -

456 const uint32_t *endp = words + nwords; -

457 uint32_t x[16]; -

458 uint32_t a = ctx->state[0]; -

459 uint32_t b = ctx->state[1]; -

460 uint32_t c = ctx->state[2]; -

461 uint32_t d = ctx->state[3]; -

462 uint32_t e = ctx->state[4]; -

463 uint32_t f = ctx->state[5]; -

464 uint32_t g = ctx->state[6]; -

465 uint32_t h = ctx->state[7]; -

466 uint32_t lolen = len; -

467 -

468 /* First increment the byte count. FIPS PUB 180-2 specifies the possible -

469 length of the file up to 2^64 bits. Here we only compute the -

470 number of bytes. Do a double word increment. */ -

471 ctx->total[0] += lolen; -

472 ctx->total[1] += (len >> 31 >> 1) + (ctx->total[0] < lolen); -

473 -

474 #define rol(x, n) (((x) << (n)) | ((x) >> (32 - (n)))) -

475 #define S0(x) (rol(x,25)^rol(x,14)^(x>>3)) -

476 #define S1(x) (rol(x,15)^rol(x,13)^(x>>10)) -

477 #define SS0(x) (rol(x,30)^rol(x,19)^rol(x,10)) -

478 #define SS1(x) (rol(x,26)^rol(x,21)^rol(x,7)) -

479 -

480 #define M(I) ( tm = S1(x[(I-2)&0x0f]) + x[(I-7)&0x0f] \ -

481 + S0(x[(I-15)&0x0f]) + x[I&0x0f] \ -

482 , x[I&0x0f] = tm ) -

483 -

484 #define R(A,B,C,D,E,F,G,H,K,M) do { t0 = SS0(A) + F2(A,B,C); \ -

485 t1 = H + SS1(E) \ -

486 + F1(E,F,G) \ -

487 + K \ -

488 + M; \ -

489 D += t1; H = t0 + t1; \ -

490 } while(0) -

491 -

492

while (words < endp)

words < endp	Description
TRUE	evaluated 31264 times by 2 tests Evaluated by: sha224sum sha256sum
FALSE	evaluated 74 times by 2 tests Evaluated by: sha224sum sha256sum

74-31264

493 { -

494 uint32_t tm; -

495 uint32_t t0, t1; -

496 int t; -

497 /* FIXME: see sha1.c for a better implementation. */ -

498

for (t = 0; t < 16; t++)

t < 16	Description
TRUE	evaluated 500224 times by 2 tests Evaluated by: sha224sum sha256sum
FALSE	evaluated 31264 times by 2 tests Evaluated by: sha224sum sha256sum

31264-500224

499 { -

500 x[t] = SWAP (*words); -

501 words++; -

502

}

executed 500224 times by 2 tests: end of block

Executed by:

sha224sum
sha256sum

500224

503 -

504 R( a, b, c, d, e, f, g, h, K( 0), x[ 0] ); -

505 R( h, a, b, c, d, e, f, g, K( 1), x[ 1] ); -

506 R( g, h, a, b, c, d, e, f, K( 2), x[ 2] ); -

507 R( f, g, h, a, b, c, d, e, K( 3), x[ 3] ); -

508 R( e, f, g, h, a, b, c, d, K( 4), x[ 4] ); -

509 R( d, e, f, g, h, a, b, c, K( 5), x[ 5] ); -

510 R( c, d, e, f, g, h, a, b, K( 6), x[ 6] ); -

511 R( b, c, d, e, f, g, h, a, K( 7), x[ 7] ); -

512 R( a, b, c, d, e, f, g, h, K( 8), x[ 8] ); -

513 R( h, a, b, c, d, e, f, g, K( 9), x[ 9] ); -

514 R( g, h, a, b, c, d, e, f, K(10), x[10] ); -

515 R( f, g, h, a, b, c, d, e, K(11), x[11] ); -

516 R( e, f, g, h, a, b, c, d, K(12), x[12] ); -

517 R( d, e, f, g, h, a, b, c, K(13), x[13] ); -

518 R( c, d, e, f, g, h, a, b, K(14), x[14] ); -

519 R( b, c, d, e, f, g, h, a, K(15), x[15] ); -

520 R( a, b, c, d, e, f, g, h, K(16), M(16) ); -

521 R( h, a, b, c, d, e, f, g, K(17), M(17) ); -

522 R( g, h, a, b, c, d, e, f, K(18), M(18) ); -

523 R( f, g, h, a, b, c, d, e, K(19), M(19) ); -

524 R( e, f, g, h, a, b, c, d, K(20), M(20) ); -

525 R( d, e, f, g, h, a, b, c, K(21), M(21) ); -

526 R( c, d, e, f, g, h, a, b, K(22), M(22) ); -

527 R( b, c, d, e, f, g, h, a, K(23), M(23) ); -

528 R( a, b, c, d, e, f, g, h, K(24), M(24) ); -

529 R( h, a, b, c, d, e, f, g, K(25), M(25) ); -

530 R( g, h, a, b, c, d, e, f, K(26), M(26) ); -

531 R( f, g, h, a, b, c, d, e, K(27), M(27) ); -

532 R( e, f, g, h, a, b, c, d, K(28), M(28) ); -

533 R( d, e, f, g, h, a, b, c, K(29), M(29) ); -

534 R( c, d, e, f, g, h, a, b, K(30), M(30) ); -

535 R( b, c, d, e, f, g, h, a, K(31), M(31) ); -

536 R( a, b, c, d, e, f, g, h, K(32), M(32) ); -

537 R( h, a, b, c, d, e, f, g, K(33), M(33) ); -

538 R( g, h, a, b, c, d, e, f, K(34), M(34) ); -

539 R( f, g, h, a, b, c, d, e, K(35), M(35) ); -

540 R( e, f, g, h, a, b, c, d, K(36), M(36) ); -

541 R( d, e, f, g, h, a, b, c, K(37), M(37) ); -

542 R( c, d, e, f, g, h, a, b, K(38), M(38) ); -

543 R( b, c, d, e, f, g, h, a, K(39), M(39) ); -

544 R( a, b, c, d, e, f, g, h, K(40), M(40) ); -

545 R( h, a, b, c, d, e, f, g, K(41), M(41) ); -

546 R( g, h, a, b, c, d, e, f, K(42), M(42) ); -

547 R( f, g, h, a, b, c, d, e, K(43), M(43) ); -

548 R( e, f, g, h, a, b, c, d, K(44), M(44) ); -

549 R( d, e, f, g, h, a, b, c, K(45), M(45) ); -

550 R( c, d, e, f, g, h, a, b, K(46), M(46) ); -

551 R( b, c, d, e, f, g, h, a, K(47), M(47) ); -

552 R( a, b, c, d, e, f, g, h, K(48), M(48) ); -

553 R( h, a, b, c, d, e, f, g, K(49), M(49) ); -

554 R( g, h, a, b, c, d, e, f, K(50), M(50) ); -

555 R( f, g, h, a, b, c, d, e, K(51), M(51) ); -

556 R( e, f, g, h, a, b, c, d, K(52), M(52) ); -

557 R( d, e, f, g, h, a, b, c, K(53), M(53) ); -

558 R( c, d, e, f, g, h, a, b, K(54), M(54) ); -

559 R( b, c, d, e, f, g, h, a, K(55), M(55) ); -

560 R( a, b, c, d, e, f, g, h, K(56), M(56) ); -

561 R( h, a, b, c, d, e, f, g, K(57), M(57) ); -

562 R( g, h, a, b, c, d, e, f, K(58), M(58) ); -

563 R( f, g, h, a, b, c, d, e, K(59), M(59) ); -

564 R( e, f, g, h, a, b, c, d, K(60), M(60) ); -

565 R( d, e, f, g, h, a, b, c, K(61), M(61) ); -

566 R( c, d, e, f, g, h, a, b, K(62), M(62) ); -

567 R( b, c, d, e, f, g, h, a, K(63), M(63) ); -

568 -

569 a = ctx->state[0] += a; -

570 b = ctx->state[1] += b; -

571 c = ctx->state[2] += c; -

572 d = ctx->state[3] += d; -

573 e = ctx->state[4] += e; -

574 f = ctx->state[5] += f; -

575 g = ctx->state[6] += g; -

576 h = ctx->state[7] += h; -

577

}

executed 31264 times by 2 tests: end of block

Executed by:

sha224sum
sha256sum

31264

578

}

executed 74 times by 2 tests: end of block

Executed by:

sha224sum
sha256sum

579 #endif -

580 -

581 /* -

582 * Hey Emacs! -

583 * Local Variables: -

584 * coding: utf-8 -

585 * End: -

586 */ -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.1.2