Print this page
4185 New hash algorithm support

*** 1,9 **** --- 1,12 ---- /* * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ + /* + * Copyright 2013 Saso Kiselkov. All rights reserved. + */ /* * The basic framework for this code came from the reference * implementation for MD5. That implementation is Copyright (C) * 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved.
*** 713,722 **** --- 716,745 ---- ctx->state.s64[4] = 0x510e527fade682d1ULL; ctx->state.s64[5] = 0x9b05688c2b3e6c1fULL; ctx->state.s64[6] = 0x1f83d9abfb41bd6bULL; ctx->state.s64[7] = 0x5be0cd19137e2179ULL; break; + case SHA512_224_MECH_INFO_TYPE: + ctx->state.s64[0] = 0x8C3D37C819544DA2ULL; + ctx->state.s64[1] = 0x73E1996689DCD4D6ULL; + ctx->state.s64[2] = 0x1DFAB7AE32FF9C82ULL; + ctx->state.s64[3] = 0x679DD514582F9FCFULL; + ctx->state.s64[4] = 0x0F6D2B697BD44DA8ULL; + ctx->state.s64[5] = 0x77E36F7304C48942ULL; + ctx->state.s64[6] = 0x3F9D85A86A1D36C8ULL; + ctx->state.s64[7] = 0x1112E6AD91D692A1ULL; + break; + case SHA512_256_MECH_INFO_TYPE: + ctx->state.s64[0] = 0x22312194FC2BF72CULL; + ctx->state.s64[1] = 0x9F555FA3C84C64C2ULL; + ctx->state.s64[2] = 0x2393B86B6F53B151ULL; + ctx->state.s64[3] = 0x963877195940EABDULL; + ctx->state.s64[4] = 0x96283EE2A88EFFE3ULL; + ctx->state.s64[5] = 0xBE5E1E2553863992ULL; + ctx->state.s64[6] = 0x2B0199FC2C85B8AAULL; + ctx->state.s64[7] = 0x0EB72DDC81C52CA2ULL; + break; #ifdef _KERNEL default: cmn_err(CE_PANIC, "sha2_init: failed to find a supported algorithm: 0x%x", (uint32_t)mech);
*** 899,909 **** index = (ctx->count.c32[1] >> 3) & 0x3f; Encode(bitcount_be, ctx->count.c32, sizeof (bitcount_be)); SHA2Update(ctx, PADDING, ((index < 56) ? 56 : 120) - index); SHA2Update(ctx, bitcount_be, sizeof (bitcount_be)); Encode(digest, ctx->state.s32, sizeof (ctx->state.s32)); - } else { index = (ctx->count.c64[1] >> 3) & 0x7f; Encode64(bitcount_be64, ctx->count.c64, sizeof (bitcount_be64)); SHA2Update(ctx, PADDING, ((index < 112) ? 112 : 240) - index); --- 922,931 ----
*** 910,922 **** SHA2Update(ctx, bitcount_be64, sizeof (bitcount_be64)); if (algotype <= SHA384_HMAC_GEN_MECH_INFO_TYPE) { ctx->state.s64[6] = ctx->state.s64[7] = 0; Encode64(digest, ctx->state.s64, sizeof (uint64_t) * 6); ! } else Encode64(digest, ctx->state.s64, sizeof (ctx->state.s64)); } /* zeroize sensitive information */ bzero(ctx, sizeof (*ctx)); } --- 932,960 ---- SHA2Update(ctx, bitcount_be64, sizeof (bitcount_be64)); if (algotype <= SHA384_HMAC_GEN_MECH_INFO_TYPE) { ctx->state.s64[6] = ctx->state.s64[7] = 0; Encode64(digest, ctx->state.s64, sizeof (uint64_t) * 6); ! } else if (algotype == SHA512_224_MECH_INFO_TYPE) { ! uint8_t last[sizeof (uint64_t)]; ! /* ! * Since SHA-512/224 doesn't align well to 64-bit ! * boundaries, we must do the encode in three steps: ! * 1) encode the three 64-bit words that fit neatly ! * 2) encode the last 64-bit word to a temp buffer ! * 3) chop out the lower 32-bits from the temp buffer ! * and append them to the digest ! */ ! Encode64(digest, ctx->state.s64, sizeof (uint64_t) * 3); ! Encode64(last, &ctx->state.s64[3], sizeof (uint64_t)); ! bcopy(last, (uint8_t *)digest + 24, 4); ! } else if (algotype == SHA512_256_MECH_INFO_TYPE) { ! Encode64(digest, ctx->state.s64, sizeof (uint64_t) * 4); ! } else { Encode64(digest, ctx->state.s64, sizeof (ctx->state.s64)); } + } /* zeroize sensitive information */ bzero(ctx, sizeof (*ctx)); }