sm3.c 8.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195
  1. /*
  2. * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. * Copyright 2017 Ribose Inc. All Rights Reserved.
  4. * Ported from Ribose contributions from Botan.
  5. *
  6. * Licensed under the Apache License 2.0 (the "License"). You may not use
  7. * this file except in compliance with the License. You can obtain a copy
  8. * in the file LICENSE in the source distribution or at
  9. * https://www.openssl.org/source/license.html
  10. */
  11. #include <openssl/e_os2.h>
  12. #include "sm3_local.h"
  13. int ossl_sm3_init(SM3_CTX *c)
  14. {
  15. memset(c, 0, sizeof(*c));
  16. c->A = SM3_A;
  17. c->B = SM3_B;
  18. c->C = SM3_C;
  19. c->D = SM3_D;
  20. c->E = SM3_E;
  21. c->F = SM3_F;
  22. c->G = SM3_G;
  23. c->H = SM3_H;
  24. return 1;
  25. }
  26. void ossl_sm3_block_data_order(SM3_CTX *ctx, const void *p, size_t num)
  27. {
  28. const unsigned char *data = p;
  29. register unsigned MD32_REG_T A, B, C, D, E, F, G, H;
  30. unsigned MD32_REG_T W00, W01, W02, W03, W04, W05, W06, W07,
  31. W08, W09, W10, W11, W12, W13, W14, W15;
  32. for (; num--;) {
  33. A = ctx->A;
  34. B = ctx->B;
  35. C = ctx->C;
  36. D = ctx->D;
  37. E = ctx->E;
  38. F = ctx->F;
  39. G = ctx->G;
  40. H = ctx->H;
  41. /*
  42. * We have to load all message bytes immediately since SM3 reads
  43. * them slightly out of order.
  44. */
  45. (void)HOST_c2l(data, W00);
  46. (void)HOST_c2l(data, W01);
  47. (void)HOST_c2l(data, W02);
  48. (void)HOST_c2l(data, W03);
  49. (void)HOST_c2l(data, W04);
  50. (void)HOST_c2l(data, W05);
  51. (void)HOST_c2l(data, W06);
  52. (void)HOST_c2l(data, W07);
  53. (void)HOST_c2l(data, W08);
  54. (void)HOST_c2l(data, W09);
  55. (void)HOST_c2l(data, W10);
  56. (void)HOST_c2l(data, W11);
  57. (void)HOST_c2l(data, W12);
  58. (void)HOST_c2l(data, W13);
  59. (void)HOST_c2l(data, W14);
  60. (void)HOST_c2l(data, W15);
  61. R1(A, B, C, D, E, F, G, H, 0x79CC4519, W00, W00 ^ W04);
  62. W00 = EXPAND(W00, W07, W13, W03, W10);
  63. R1(D, A, B, C, H, E, F, G, 0xF3988A32, W01, W01 ^ W05);
  64. W01 = EXPAND(W01, W08, W14, W04, W11);
  65. R1(C, D, A, B, G, H, E, F, 0xE7311465, W02, W02 ^ W06);
  66. W02 = EXPAND(W02, W09, W15, W05, W12);
  67. R1(B, C, D, A, F, G, H, E, 0xCE6228CB, W03, W03 ^ W07);
  68. W03 = EXPAND(W03, W10, W00, W06, W13);
  69. R1(A, B, C, D, E, F, G, H, 0x9CC45197, W04, W04 ^ W08);
  70. W04 = EXPAND(W04, W11, W01, W07, W14);
  71. R1(D, A, B, C, H, E, F, G, 0x3988A32F, W05, W05 ^ W09);
  72. W05 = EXPAND(W05, W12, W02, W08, W15);
  73. R1(C, D, A, B, G, H, E, F, 0x7311465E, W06, W06 ^ W10);
  74. W06 = EXPAND(W06, W13, W03, W09, W00);
  75. R1(B, C, D, A, F, G, H, E, 0xE6228CBC, W07, W07 ^ W11);
  76. W07 = EXPAND(W07, W14, W04, W10, W01);
  77. R1(A, B, C, D, E, F, G, H, 0xCC451979, W08, W08 ^ W12);
  78. W08 = EXPAND(W08, W15, W05, W11, W02);
  79. R1(D, A, B, C, H, E, F, G, 0x988A32F3, W09, W09 ^ W13);
  80. W09 = EXPAND(W09, W00, W06, W12, W03);
  81. R1(C, D, A, B, G, H, E, F, 0x311465E7, W10, W10 ^ W14);
  82. W10 = EXPAND(W10, W01, W07, W13, W04);
  83. R1(B, C, D, A, F, G, H, E, 0x6228CBCE, W11, W11 ^ W15);
  84. W11 = EXPAND(W11, W02, W08, W14, W05);
  85. R1(A, B, C, D, E, F, G, H, 0xC451979C, W12, W12 ^ W00);
  86. W12 = EXPAND(W12, W03, W09, W15, W06);
  87. R1(D, A, B, C, H, E, F, G, 0x88A32F39, W13, W13 ^ W01);
  88. W13 = EXPAND(W13, W04, W10, W00, W07);
  89. R1(C, D, A, B, G, H, E, F, 0x11465E73, W14, W14 ^ W02);
  90. W14 = EXPAND(W14, W05, W11, W01, W08);
  91. R1(B, C, D, A, F, G, H, E, 0x228CBCE6, W15, W15 ^ W03);
  92. W15 = EXPAND(W15, W06, W12, W02, W09);
  93. R2(A, B, C, D, E, F, G, H, 0x9D8A7A87, W00, W00 ^ W04);
  94. W00 = EXPAND(W00, W07, W13, W03, W10);
  95. R2(D, A, B, C, H, E, F, G, 0x3B14F50F, W01, W01 ^ W05);
  96. W01 = EXPAND(W01, W08, W14, W04, W11);
  97. R2(C, D, A, B, G, H, E, F, 0x7629EA1E, W02, W02 ^ W06);
  98. W02 = EXPAND(W02, W09, W15, W05, W12);
  99. R2(B, C, D, A, F, G, H, E, 0xEC53D43C, W03, W03 ^ W07);
  100. W03 = EXPAND(W03, W10, W00, W06, W13);
  101. R2(A, B, C, D, E, F, G, H, 0xD8A7A879, W04, W04 ^ W08);
  102. W04 = EXPAND(W04, W11, W01, W07, W14);
  103. R2(D, A, B, C, H, E, F, G, 0xB14F50F3, W05, W05 ^ W09);
  104. W05 = EXPAND(W05, W12, W02, W08, W15);
  105. R2(C, D, A, B, G, H, E, F, 0x629EA1E7, W06, W06 ^ W10);
  106. W06 = EXPAND(W06, W13, W03, W09, W00);
  107. R2(B, C, D, A, F, G, H, E, 0xC53D43CE, W07, W07 ^ W11);
  108. W07 = EXPAND(W07, W14, W04, W10, W01);
  109. R2(A, B, C, D, E, F, G, H, 0x8A7A879D, W08, W08 ^ W12);
  110. W08 = EXPAND(W08, W15, W05, W11, W02);
  111. R2(D, A, B, C, H, E, F, G, 0x14F50F3B, W09, W09 ^ W13);
  112. W09 = EXPAND(W09, W00, W06, W12, W03);
  113. R2(C, D, A, B, G, H, E, F, 0x29EA1E76, W10, W10 ^ W14);
  114. W10 = EXPAND(W10, W01, W07, W13, W04);
  115. R2(B, C, D, A, F, G, H, E, 0x53D43CEC, W11, W11 ^ W15);
  116. W11 = EXPAND(W11, W02, W08, W14, W05);
  117. R2(A, B, C, D, E, F, G, H, 0xA7A879D8, W12, W12 ^ W00);
  118. W12 = EXPAND(W12, W03, W09, W15, W06);
  119. R2(D, A, B, C, H, E, F, G, 0x4F50F3B1, W13, W13 ^ W01);
  120. W13 = EXPAND(W13, W04, W10, W00, W07);
  121. R2(C, D, A, B, G, H, E, F, 0x9EA1E762, W14, W14 ^ W02);
  122. W14 = EXPAND(W14, W05, W11, W01, W08);
  123. R2(B, C, D, A, F, G, H, E, 0x3D43CEC5, W15, W15 ^ W03);
  124. W15 = EXPAND(W15, W06, W12, W02, W09);
  125. R2(A, B, C, D, E, F, G, H, 0x7A879D8A, W00, W00 ^ W04);
  126. W00 = EXPAND(W00, W07, W13, W03, W10);
  127. R2(D, A, B, C, H, E, F, G, 0xF50F3B14, W01, W01 ^ W05);
  128. W01 = EXPAND(W01, W08, W14, W04, W11);
  129. R2(C, D, A, B, G, H, E, F, 0xEA1E7629, W02, W02 ^ W06);
  130. W02 = EXPAND(W02, W09, W15, W05, W12);
  131. R2(B, C, D, A, F, G, H, E, 0xD43CEC53, W03, W03 ^ W07);
  132. W03 = EXPAND(W03, W10, W00, W06, W13);
  133. R2(A, B, C, D, E, F, G, H, 0xA879D8A7, W04, W04 ^ W08);
  134. W04 = EXPAND(W04, W11, W01, W07, W14);
  135. R2(D, A, B, C, H, E, F, G, 0x50F3B14F, W05, W05 ^ W09);
  136. W05 = EXPAND(W05, W12, W02, W08, W15);
  137. R2(C, D, A, B, G, H, E, F, 0xA1E7629E, W06, W06 ^ W10);
  138. W06 = EXPAND(W06, W13, W03, W09, W00);
  139. R2(B, C, D, A, F, G, H, E, 0x43CEC53D, W07, W07 ^ W11);
  140. W07 = EXPAND(W07, W14, W04, W10, W01);
  141. R2(A, B, C, D, E, F, G, H, 0x879D8A7A, W08, W08 ^ W12);
  142. W08 = EXPAND(W08, W15, W05, W11, W02);
  143. R2(D, A, B, C, H, E, F, G, 0x0F3B14F5, W09, W09 ^ W13);
  144. W09 = EXPAND(W09, W00, W06, W12, W03);
  145. R2(C, D, A, B, G, H, E, F, 0x1E7629EA, W10, W10 ^ W14);
  146. W10 = EXPAND(W10, W01, W07, W13, W04);
  147. R2(B, C, D, A, F, G, H, E, 0x3CEC53D4, W11, W11 ^ W15);
  148. W11 = EXPAND(W11, W02, W08, W14, W05);
  149. R2(A, B, C, D, E, F, G, H, 0x79D8A7A8, W12, W12 ^ W00);
  150. W12 = EXPAND(W12, W03, W09, W15, W06);
  151. R2(D, A, B, C, H, E, F, G, 0xF3B14F50, W13, W13 ^ W01);
  152. W13 = EXPAND(W13, W04, W10, W00, W07);
  153. R2(C, D, A, B, G, H, E, F, 0xE7629EA1, W14, W14 ^ W02);
  154. W14 = EXPAND(W14, W05, W11, W01, W08);
  155. R2(B, C, D, A, F, G, H, E, 0xCEC53D43, W15, W15 ^ W03);
  156. W15 = EXPAND(W15, W06, W12, W02, W09);
  157. R2(A, B, C, D, E, F, G, H, 0x9D8A7A87, W00, W00 ^ W04);
  158. W00 = EXPAND(W00, W07, W13, W03, W10);
  159. R2(D, A, B, C, H, E, F, G, 0x3B14F50F, W01, W01 ^ W05);
  160. W01 = EXPAND(W01, W08, W14, W04, W11);
  161. R2(C, D, A, B, G, H, E, F, 0x7629EA1E, W02, W02 ^ W06);
  162. W02 = EXPAND(W02, W09, W15, W05, W12);
  163. R2(B, C, D, A, F, G, H, E, 0xEC53D43C, W03, W03 ^ W07);
  164. W03 = EXPAND(W03, W10, W00, W06, W13);
  165. R2(A, B, C, D, E, F, G, H, 0xD8A7A879, W04, W04 ^ W08);
  166. R2(D, A, B, C, H, E, F, G, 0xB14F50F3, W05, W05 ^ W09);
  167. R2(C, D, A, B, G, H, E, F, 0x629EA1E7, W06, W06 ^ W10);
  168. R2(B, C, D, A, F, G, H, E, 0xC53D43CE, W07, W07 ^ W11);
  169. R2(A, B, C, D, E, F, G, H, 0x8A7A879D, W08, W08 ^ W12);
  170. R2(D, A, B, C, H, E, F, G, 0x14F50F3B, W09, W09 ^ W13);
  171. R2(C, D, A, B, G, H, E, F, 0x29EA1E76, W10, W10 ^ W14);
  172. R2(B, C, D, A, F, G, H, E, 0x53D43CEC, W11, W11 ^ W15);
  173. R2(A, B, C, D, E, F, G, H, 0xA7A879D8, W12, W12 ^ W00);
  174. R2(D, A, B, C, H, E, F, G, 0x4F50F3B1, W13, W13 ^ W01);
  175. R2(C, D, A, B, G, H, E, F, 0x9EA1E762, W14, W14 ^ W02);
  176. R2(B, C, D, A, F, G, H, E, 0x3D43CEC5, W15, W15 ^ W03);
  177. ctx->A ^= A;
  178. ctx->B ^= B;
  179. ctx->C ^= C;
  180. ctx->D ^= D;
  181. ctx->E ^= E;
  182. ctx->F ^= F;
  183. ctx->G ^= G;
  184. ctx->H ^= H;
  185. }
  186. }