tools/../../3rdparty/rfc6234/sha384-512.c

Source codeSwitch to Preprocessed file
LineSource CodeCoverage
1/************************* sha384-512.c ************************/ -
2/***************** See RFC 6234 for details. *******************/ -
3/* Copyright (c) 2011 IETF Trust and the persons identified as */ -
4/* authors of the code. All rights reserved. */ -
5/* See sha.h for terms of use and redistribution. */ -
6 -
7/* -
8 * Description: -
9 * This file implements the Secure Hash Algorithms SHA-384 and -
10 * SHA-512 as defined in the U.S. National Institute of Standards -
11 * and Technology Federal Information Processing Standards -
12 * Publication (FIPS PUB) 180-3 published in October 2008 -
13 * and formerly defined in its predecessors, FIPS PUB 180-1 -
14 * and FIP PUB 180-2. -
15 * -
16 * A combined document showing all algorithms is available at -
17 * http://csrc.nist.gov/publications/fips/ -
18 * fips180-3/fips180-3_final.pdf -
19 * -
20 * The SHA-384 and SHA-512 algorithms produce 384-bit and 512-bit -
21 * message digests for a given data stream. It should take about -
22 * 2**n steps to find a message with the same digest as a given -
23 * message and 2**(n/2) to find any two messages with the same -
24 * digest, when n is the digest size in bits. Therefore, this -
25 * algorithm can serve as a means of providing a -
26 * "fingerprint" for a message. -
27 * -
28 * Portability Issues: -
29 * SHA-384 and SHA-512 are defined in terms of 64-bit "words", -
30 * but if USE_32BIT_ONLY is #defined, this code is implemented in -
31 * terms of 32-bit "words". This code uses <stdint.h> (included -
32 * via "sha.h") to define the 64-, 32- and 8-bit unsigned integer -
33 * types. If your C compiler does not support 64-bit unsigned -
34 * integers and you do not #define USE_32BIT_ONLY, this code is -
35 * not appropriate. -
36 * -
37 * Caveats: -
38 * SHA-384 and SHA-512 are designed to work with messages less -
39 * than 2^128 bits long. This implementation uses SHA384/512Input() -
40 * to hash the bits that are a multiple of the size of an 8-bit -
41 * octet, and then optionally uses SHA384/256FinalBits() -
42 * to hash the final few bits of the input. -
43 * -
44 */ -
45 -
46#include "sha.h" -
47 -
48#ifdef USE_32BIT_ONLY -
49/* -
50 * Define 64-bit arithmetic in terms of 32-bit arithmetic. -
51 * Each 64-bit number is represented in a 2-word array. -
52 * All macros are defined such that the result is the last parameter. -
53 */ -
54 -
55/* -
56 * Define shift, rotate left, and rotate right functions -
57 */ -
58#define SHA512_SHR(bits, word, ret) ( \ -
59 /* (((uint64_t)((word))) >> (bits)) */ \ -
60 (ret)[0] = (((bits) < 32) && ((bits) >= 0)) ? \ -
61 ((word)[0] >> (bits)) : 0, \ -
62 (ret)[1] = ((bits) > 32) ? ((word)[0] >> ((bits) - 32)) : \ -
63 ((bits) == 32) ? (word)[0] : \ -
64 ((bits) >= 0) ? \ -
65 (((word)[0] << (32 - (bits))) | \ -
66 ((word)[1] >> (bits))) : 0 ) -
67 -
68#define SHA512_SHL(bits, word, ret) ( \ -
69 /* (((uint64_t)(word)) << (bits)) */ \ -
70 (ret)[0] = ((bits) > 32) ? ((word)[1] << ((bits) - 32)) : \ -
71 ((bits) == 32) ? (word)[1] : \ -
72 ((bits) >= 0) ? \ -
73 (((word)[0] << (bits)) | \ -
74 ((word)[1] >> (32 - (bits)))) : \ -
75 0, \ -
76 (ret)[1] = (((bits) < 32) && ((bits) >= 0)) ? \ -
77 ((word)[1] << (bits)) : 0 ) -
78 -
79/* -
80 * Define 64-bit OR -
81 */ -
82#define SHA512_OR(word1, word2, ret) ( \ -
83 (ret)[0] = (word1)[0] | (word2)[0], \ -
84 (ret)[1] = (word1)[1] | (word2)[1] ) -
85 -
86/* -
87 * Define 64-bit XOR -
88 */ -
89#define SHA512_XOR(word1, word2, ret) ( \ -
90 (ret)[0] = (word1)[0] ^ (word2)[0], \ -
91 (ret)[1] = (word1)[1] ^ (word2)[1] ) -
92 -
93/* -
94 * Define 64-bit AND -
95 */ -
96#define SHA512_AND(word1, word2, ret) ( \ -
97 (ret)[0] = (word1)[0] & (word2)[0], \ -
98 (ret)[1] = (word1)[1] & (word2)[1] ) -
99 -
100/* -
101 * Define 64-bit TILDA -
102 */ -
103#define SHA512_TILDA(word, ret) \ -
104 ( (ret)[0] = ~(word)[0], (ret)[1] = ~(word)[1] ) -
105 -
106/* -
107 * Define 64-bit ADD -
108 */ -
109#define SHA512_ADD(word1, word2, ret) ( \ -
110 (ret)[1] = (word1)[1], (ret)[1] += (word2)[1], \ -
111 (ret)[0] = (word1)[0] + (word2)[0] + ((ret)[1] < (word1)[1]) ) -
112 -
113/* -
114 * Add the 4word value in word2 to word1. -
115 */ -
116static uint32_t ADDTO4_temp, ADDTO4_temp2; -
117#define SHA512_ADDTO4(word1, word2) ( \ -
118 ADDTO4_temp = (word1)[3], \ -
119 (word1)[3] += (word2)[3], \ -
120 ADDTO4_temp2 = (word1)[2], \ -
121 (word1)[2] += (word2)[2] + ((word1)[3] < ADDTO4_temp), \ -
122 ADDTO4_temp = (word1)[1], \ -
123 (word1)[1] += (word2)[1] + ((word1)[2] < ADDTO4_temp2), \ -
124 (word1)[0] += (word2)[0] + ((word1)[1] < ADDTO4_temp) ) -
125 -
126/* -
127 * Add the 2word value in word2 to word1. -
128 */ -
129static uint32_t ADDTO2_temp; -
130#define SHA512_ADDTO2(word1, word2) ( \ -
131 ADDTO2_temp = (word1)[1], \ -
132 (word1)[1] += (word2)[1], \ -
133 (word1)[0] += (word2)[0] + ((word1)[1] < ADDTO2_temp) ) -
134 -
135/* -
136 * SHA rotate ((word >> bits) | (word << (64-bits))) -
137 */ -
138static uint32_t ROTR_temp1[2], ROTR_temp2[2]; -
139#define SHA512_ROTR(bits, word, ret) ( \ -
140 SHA512_SHR((bits), (word), ROTR_temp1), \ -
141 SHA512_SHL(64-(bits), (word), ROTR_temp2), \ -
142 SHA512_OR(ROTR_temp1, ROTR_temp2, (ret)) ) -
143 -
144/* -
145 * Define the SHA SIGMA and sigma macros -
146 * -
147 * SHA512_ROTR(28,word) ^ SHA512_ROTR(34,word) ^ SHA512_ROTR(39,word) -
148 */ -
149static uint32_t SIGMA0_temp1[2], SIGMA0_temp2[2], -
150 SIGMA0_temp3[2], SIGMA0_temp4[2]; -
151#define SHA512_SIGMA0(word, ret) ( \ -
152 SHA512_ROTR(28, (word), SIGMA0_temp1), \ -
153 SHA512_ROTR(34, (word), SIGMA0_temp2), \ -
154 SHA512_ROTR(39, (word), SIGMA0_temp3), \ -
155 SHA512_XOR(SIGMA0_temp2, SIGMA0_temp3, SIGMA0_temp4), \ -
156 SHA512_XOR(SIGMA0_temp1, SIGMA0_temp4, (ret)) ) -
157 -
158/* -
159 * SHA512_ROTR(14,word) ^ SHA512_ROTR(18,word) ^ SHA512_ROTR(41,word) -
160 */ -
161static uint32_t SIGMA1_temp1[2], SIGMA1_temp2[2], -
162 SIGMA1_temp3[2], SIGMA1_temp4[2]; -
163#define SHA512_SIGMA1(word, ret) ( \ -
164 SHA512_ROTR(14, (word), SIGMA1_temp1), \ -
165 SHA512_ROTR(18, (word), SIGMA1_temp2), \ -
166 SHA512_ROTR(41, (word), SIGMA1_temp3), \ -
167 SHA512_XOR(SIGMA1_temp2, SIGMA1_temp3, SIGMA1_temp4), \ -
168 SHA512_XOR(SIGMA1_temp1, SIGMA1_temp4, (ret)) ) -
169 -
170/* -
171 * (SHA512_ROTR( 1,word) ^ SHA512_ROTR( 8,word) ^ SHA512_SHR( 7,word)) -
172 */ -
173static uint32_t sigma0_temp1[2], sigma0_temp2[2], -
174 sigma0_temp3[2], sigma0_temp4[2]; -
175#define SHA512_sigma0(word, ret) ( \ -
176 SHA512_ROTR( 1, (word), sigma0_temp1), \ -
177 SHA512_ROTR( 8, (word), sigma0_temp2), \ -
178 SHA512_SHR( 7, (word), sigma0_temp3), \ -
179 SHA512_XOR(sigma0_temp2, sigma0_temp3, sigma0_temp4), \ -
180 SHA512_XOR(sigma0_temp1, sigma0_temp4, (ret)) ) -
181 -
182/* -
183 * (SHA512_ROTR(19,word) ^ SHA512_ROTR(61,word) ^ SHA512_SHR( 6,word)) -
184 */ -
185static uint32_t sigma1_temp1[2], sigma1_temp2[2], -
186 sigma1_temp3[2], sigma1_temp4[2]; -
187#define SHA512_sigma1(word, ret) ( \ -
188 SHA512_ROTR(19, (word), sigma1_temp1), \ -
189 SHA512_ROTR(61, (word), sigma1_temp2), \ -
190 SHA512_SHR( 6, (word), sigma1_temp3), \ -
191 SHA512_XOR(sigma1_temp2, sigma1_temp3, sigma1_temp4), \ -
192 SHA512_XOR(sigma1_temp1, sigma1_temp4, (ret)) ) -
193 -
194#ifndef USE_MODIFIED_MACROS -
195/* -
196 * These definitions are the ones used in FIPS 180-3, section 4.1.3 -
197 * Ch(x,y,z) ((x & y) ^ (~x & z)) -
198 */ -
199static uint32_t Ch_temp1[2], Ch_temp2[2], Ch_temp3[2]; -
200#define SHA_Ch(x, y, z, ret) ( \ -
201 SHA512_AND(x, y, Ch_temp1), \ -
202 SHA512_TILDA(x, Ch_temp2), \ -
203 SHA512_AND(Ch_temp2, z, Ch_temp3), \ -
204 SHA512_XOR(Ch_temp1, Ch_temp3, (ret)) ) -
205 -
206/* -
207 * Maj(x,y,z) (((x)&(y)) ^ ((x)&(z)) ^ ((y)&(z))) -
208 */ -
209static uint32_t Maj_temp1[2], Maj_temp2[2], -
210 Maj_temp3[2], Maj_temp4[2]; -
211#define SHA_Maj(x, y, z, ret) ( \ -
212 SHA512_AND(x, y, Maj_temp1), \ -
213 SHA512_AND(x, z, Maj_temp2), \ -
214 SHA512_AND(y, z, Maj_temp3), \ -
215 SHA512_XOR(Maj_temp2, Maj_temp3, Maj_temp4), \ -
216 SHA512_XOR(Maj_temp1, Maj_temp4, (ret)) ) -
217#else /* !USE_MODIFIED_MACROS */ -
218/* -
219 * These definitions are potentially faster equivalents for the ones -
220 * used in FIPS 180-3, section 4.1.3. -
221 * ((x & y) ^ (~x & z)) becomes -
222 * ((x & (y ^ z)) ^ z) -
223 */ -
224#define SHA_Ch(x, y, z, ret) ( \ -
225 (ret)[0] = (((x)[0] & ((y)[0] ^ (z)[0])) ^ (z)[0]), \ -
226 (ret)[1] = (((x)[1] & ((y)[1] ^ (z)[1])) ^ (z)[1]) ) -
227 -
228/* -
229 * ((x & y) ^ (x & z) ^ (y & z)) becomes -
230 * ((x & (y | z)) | (y & z)) -
231 */ -
232#define SHA_Maj(x, y, z, ret) ( \ -
233 ret[0] = (((x)[0] & ((y)[0] | (z)[0])) | ((y)[0] & (z)[0])), \ -
234 ret[1] = (((x)[1] & ((y)[1] | (z)[1])) | ((y)[1] & (z)[1])) ) -
235#endif /* USE_MODIFIED_MACROS */ -
236 -
237/* -
238 * Add "length" to the length. -
239 * Set Corrupted when overflow has occurred. -
240 */ -
241static uint32_t addTemp[4] = { 0, 0, 0, 0 }; -
242#define SHA384_512AddLength(context, length) ( \ -
243 addTemp[3] = (length), SHA512_ADDTO4((context)->Length, addTemp), \ -
244 (context)->Corrupted = (((context)->Length[3] < (length)) && \ -
245 ((context)->Length[2] == 0) && ((context)->Length[1] == 0) && \ -
246 ((context)->Length[0] == 0)) ? shaInputTooLong : \ -
247 (context)->Corrupted ) -
248 -
249/* Local Function Prototypes */ -
250static int SHA384_512Reset(SHA512Context *context, -
251 uint32_t H0[SHA512HashSize/4]); -
252static void SHA384_512ProcessMessageBlock(SHA512Context *context); -
253static void SHA384_512Finalize(SHA512Context *context, -
254 uint8_t Pad_Byte); -
255static void SHA384_512PadMessage(SHA512Context *context, -
256 uint8_t Pad_Byte); -
257static int SHA384_512ResultN( SHA512Context *context, -
258 uint8_t Message_Digest[ ], int HashSize); -
259 -
260/* Initial Hash Values: FIPS 180-3 sections 5.3.4 and 5.3.5 */ -
261static uint32_t SHA384_H0[SHA512HashSize/4] = { -
262 0xCBBB9D5D, 0xC1059ED8, 0x629A292A, 0x367CD507, 0x9159015A, -
263 0x3070DD17, 0x152FECD8, 0xF70E5939, 0x67332667, 0xFFC00B31, -
264 0x8EB44A87, 0x68581511, 0xDB0C2E0D, 0x64F98FA7, 0x47B5481D, -
265 0xBEFA4FA4 -
266}; -
267static uint32_t SHA512_H0[SHA512HashSize/4] = { -
268 0x6A09E667, 0xF3BCC908, 0xBB67AE85, 0x84CAA73B, 0x3C6EF372, -
269 0xFE94F82B, 0xA54FF53A, 0x5F1D36F1, 0x510E527F, 0xADE682D1, -
270 0x9B05688C, 0x2B3E6C1F, 0x1F83D9AB, 0xFB41BD6B, 0x5BE0CD19, -
271 0x137E2179 -
272}; -
273 -
274#else /* !USE_32BIT_ONLY */ -
275 -
276#include "sha-private.h" -
277 -
278/* Define the SHA shift, rotate left and rotate right macros */ -
279#define SHA512_SHR(bits,word) (((uint64_t)(word)) >> (bits)) -
280#define SHA512_ROTR(bits,word) ((((uint64_t)(word)) >> (bits)) | \ -
281 (((uint64_t)(word)) << (64-(bits)))) -
282 -
283/* -
284 * Define the SHA SIGMA and sigma macros -
285 * -
286 * SHA512_ROTR(28,word) ^ SHA512_ROTR(34,word) ^ SHA512_ROTR(39,word) -
287 */ -
288#define SHA512_SIGMA0(word) \ -
289 (SHA512_ROTR(28,word) ^ SHA512_ROTR(34,word) ^ SHA512_ROTR(39,word)) -
290#define SHA512_SIGMA1(word) \ -
291 (SHA512_ROTR(14,word) ^ SHA512_ROTR(18,word) ^ SHA512_ROTR(41,word)) -
292#define SHA512_sigma0(word) \ -
293 (SHA512_ROTR( 1,word) ^ SHA512_ROTR( 8,word) ^ SHA512_SHR( 7,word)) -
294#define SHA512_sigma1(word) \ -
295 (SHA512_ROTR(19,word) ^ SHA512_ROTR(61,word) ^ SHA512_SHR( 6,word)) -
296 -
297/* -
298 * Add "length" to the length. -
299 * Set Corrupted when overflow has occurred. -
300 */ -
301/* addTemp commented out by Nokia, static variables are not thread-safe */ -
302/* static uint64_t addTemp; */ -
303/* 'M' appended to Macro name by Nokia */ -
304#define SHA384_512AddLengthM(context, length) \ -
305 (addTemp = context->Length_Low, context->Corrupted = \ -
306 ((context->Length_Low += length) < addTemp) && \ -
307 (++context->Length_High == 0) ? shaInputTooLong : \ -
308 (context)->Corrupted) -
309 -
310/* Local Function Prototypes */ -
311static int SHA384_512Reset(SHA512Context *context, -
312 uint64_t H0[SHA512HashSize/8]); -
313static void SHA384_512ProcessMessageBlock(SHA512Context *context); -
314static void SHA384_512Finalize(SHA512Context *context, -
315 uint8_t Pad_Byte); -
316static void SHA384_512PadMessage(SHA512Context *context, -
317 uint8_t Pad_Byte); -
318static int SHA384_512ResultN(SHA512Context *context, -
319 uint8_t Message_Digest[ ], int HashSize); -
320 -
321/* Initial Hash Values: FIPS 180-3 sections 5.3.4 and 5.3.5 */ -
322static uint64_t SHA384_H0[ ] = { -
323 0xCBBB9D5DC1059ED8ll, 0x629A292A367CD507ll, 0x9159015A3070DD17ll, -
324 0x152FECD8F70E5939ll, 0x67332667FFC00B31ll, 0x8EB44A8768581511ll, -
325 0xDB0C2E0D64F98FA7ll, 0x47B5481DBEFA4FA4ll -
326}; -
327static uint64_t SHA512_H0[ ] = { -
328 0x6A09E667F3BCC908ll, 0xBB67AE8584CAA73Bll, 0x3C6EF372FE94F82Bll, -
329 0xA54FF53A5F1D36F1ll, 0x510E527FADE682D1ll, 0x9B05688C2B3E6C1Fll, -
330 0x1F83D9ABFB41BD6Bll, 0x5BE0CD19137E2179ll -
331}; -
332 -
333#endif /* USE_32BIT_ONLY */ -
334 -
335/* -
336 * SHA384Reset -
337 * -
338 * Description: -
339 * This function will initialize the SHA384Context in preparation -
340 * for computing a new SHA384 message digest. -
341 * -
342 * Parameters: -
343 * context: [in/out] -
344 * The context to reset. -
345 * -
346 * Returns: -
347 * sha Error Code. -
348 * -
349 */ -
350int SHA384Reset(SHA384Context *context) -
351{ -
352 return SHA384_512Reset(context, SHA384_H0);
executed: return SHA384_512Reset(context, SHA384_H0);
Execution Count:4
4
353} -
354 -
355/* -
356 * SHA384Input -
357 * -
358 * Description: -
359 * This function accepts an array of octets as the next portion -
360 * of the message. -
361 * -
362 * Parameters: -
363 * context: [in/out] -
364 * The SHA context to update. -
365 * message_array[ ]: [in] -
366 * An array of octets representing the next portion of -
367 * the message. -
368 * length: [in] -
369 * The length of the message in message_array. -
370 * -
371 * Returns: -
372 * sha Error Code. -
373 * -
374 */ -
375int SHA384Input(SHA384Context *context, -
376 const uint8_t *message_array, unsigned int length) -
377{ -
378 return SHA512Input(context, message_array, length);
executed: return SHA512Input(context, message_array, length);
Execution Count:4
4
379} -
380 -
381/* -
382 * SHA384FinalBits -
383 * -
384 * Description: -
385 * This function will add in any final bits of the message. -
386 * -
387 * Parameters: -
388 * context: [in/out] -
389 * The SHA context to update. -
390 * message_bits: [in] -
391 * The final bits of the message, in the upper portion of the -
392 * byte. (Use 0b###00000 instead of 0b00000### to input the -
393 * three bits ###.) -
394 * length: [in] -
395 * The number of bits in message_bits, between 1 and 7. -
396 * -
397 * Returns: -
398 * sha Error Code. -
399 * -
400 */ -
401int SHA384FinalBits(SHA384Context *context, -
402 uint8_t message_bits, unsigned int length) -
403{ -
404 return SHA512FinalBits(context, message_bits, length);
never executed: return SHA512FinalBits(context, message_bits, length);
0
405} -
406 -
407/* -
408 * SHA384Result -
409 * -
410 * Description: -
411 * This function will return the 384-bit message digest -
412 * into the Message_Digest array provided by the caller. -
413 * NOTE: -
414 * The first octet of hash is stored in the element with index 0, -
415 * the last octet of hash in the element with index 47. -
416 * -
417 * Parameters: -
418 * context: [in/out] -
419 * The context to use to calculate the SHA hash. -
420 * Message_Digest[ ]: [out] -
421 * Where the digest is returned. -
422 * -
423 * Returns: -
424 * sha Error Code. -
425 * -
426 */ -
427int SHA384Result(SHA384Context *context, -
428 uint8_t Message_Digest[SHA384HashSize]) -
429{ -
430 return SHA384_512ResultN(context, Message_Digest, SHA384HashSize);
executed: return SHA384_512ResultN(context, Message_Digest, SHA384HashSize);
Execution Count:4
4
431} -
432 -
433/* -
434 * SHA512Reset -
435 * -
436 * Description: -
437 * This function will initialize the SHA512Context in preparation -
438 * for computing a new SHA512 message digest. -
439 * -
440 * Parameters: -
441 * context: [in/out] -
442 * The context to reset. -
443 * -
444 * Returns: -
445 * sha Error Code. -
446 * -
447 */ -
448int SHA512Reset(SHA512Context *context) -
449{ -
450 return SHA384_512Reset(context, SHA512_H0);
executed: return SHA384_512Reset(context, SHA512_H0);
Execution Count:4
4
451} -
452 -
453/* -
454 * SHA512Input -
455 * -
456 * Description: -
457 * This function accepts an array of octets as the next portion -
458 * of the message. -
459 * -
460 * Parameters: -
461 * context: [in/out] -
462 * The SHA context to update. -
463 * message_array[ ]: [in] -
464 * An array of octets representing the next portion of -
465 * the message. -
466 * length: [in] -
467 * The length of the message in message_array. -
468 * -
469 * Returns: -
470 * sha Error Code. -
471 * -
472 */ -
473int SHA512Input(SHA512Context *context, -
474 const uint8_t *message_array, -
475 unsigned int length) -
476{ -
477 if (!context) return shaNull;
never executed: return shaNull;
partially evaluated: !context
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
478 if (!length) return shaSuccess;
never executed: return shaSuccess;
partially evaluated: !length
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
479 if (!message_array) return shaNull;
never executed: return shaNull;
partially evaluated: !message_array
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
480 if (context->Computed) return context->Corrupted = shaStateError;
never executed: return context->Corrupted = shaStateError;
partially evaluated: context->Computed
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
481 if (context->Corrupted) return context->Corrupted;
never executed: return context->Corrupted;
partially evaluated: context->Corrupted
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
482 -
483 while (length--) {
evaluated: length--
TRUEFALSE
yes
Evaluation Count:24
yes
Evaluation Count:8
8-24
484 context->Message_Block[context->Message_Block_Index++] =
executed (the execution status of this line is deduced): context->Message_Block[context->Message_Block_Index++] =
-
485 *message_array;
executed (the execution status of this line is deduced): *message_array;
-
486 -
487 if ((SHA384_512AddLength(context, 8) == shaSuccess) &&
partially evaluated: (SHA384_512AddLength(context, 8) == shaSuccess)
TRUEFALSE
yes
Evaluation Count:24
no
Evaluation Count:0
0-24
488 (context->Message_Block_Index == SHA512_Message_Block_Size))
partially evaluated: (context->Message_Block_Index == SHA512_Message_Block_Size)
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:24
0-24
489 SHA384_512ProcessMessageBlock(context);
never executed: SHA384_512ProcessMessageBlock(context);
0
490 -
491 message_array++;
executed (the execution status of this line is deduced): message_array++;
-
492 }
executed: }
Execution Count:24
24
493 -
494 return context->Corrupted;
executed: return context->Corrupted;
Execution Count:8
8
495} -
496 -
497/* -
498 * SHA512FinalBits -
499 * -
500 * Description: -
501 * This function will add in any final bits of the message. -
502 * -
503 * Parameters: -
504 * context: [in/out] -
505 * The SHA context to update. -
506 * message_bits: [in] -
507 * The final bits of the message, in the upper portion of the -
508 * byte. (Use 0b###00000 instead of 0b00000### to input the -
509 * three bits ###.) -
510 * length: [in] -
511 * The number of bits in message_bits, between 1 and 7. -
512 * -
513 * Returns: -
514 * sha Error Code. -
515 * -
516 */ -
517int SHA512FinalBits(SHA512Context *context, -
518 uint8_t message_bits, unsigned int length) -
519{ -
520 static uint8_t masks[8] = { -
521 /* 0 0b00000000 */ 0x00, /* 1 0b10000000 */ 0x80, -
522 /* 2 0b11000000 */ 0xC0, /* 3 0b11100000 */ 0xE0, -
523 /* 4 0b11110000 */ 0xF0, /* 5 0b11111000 */ 0xF8, -
524 /* 6 0b11111100 */ 0xFC, /* 7 0b11111110 */ 0xFE -
525 }; -
526 static uint8_t markbit[8] = { -
527 /* 0 0b10000000 */ 0x80, /* 1 0b01000000 */ 0x40, -
528 /* 2 0b00100000 */ 0x20, /* 3 0b00010000 */ 0x10, -
529 /* 4 0b00001000 */ 0x08, /* 5 0b00000100 */ 0x04, -
530 /* 6 0b00000010 */ 0x02, /* 7 0b00000001 */ 0x01 -
531 }; -
532 -
533 if (!context) return shaNull;
never executed: return shaNull;
never evaluated: !context
0
534 if (!length) return shaSuccess;
never executed: return shaSuccess;
never evaluated: !length
0
535 if (context->Corrupted) return context->Corrupted;
never executed: return context->Corrupted;
never evaluated: context->Corrupted
0
536 if (context->Computed) return context->Corrupted = shaStateError;
never executed: return context->Corrupted = shaStateError;
never evaluated: context->Computed
0
537 if (length >= 8) return context->Corrupted = shaBadParam;
never executed: return context->Corrupted = shaBadParam;
never evaluated: length >= 8
0
538 -
539 SHA384_512AddLength(context, length);
never executed (the execution status of this line is deduced): SHA384_512AddLength(context, length);
-
540 SHA384_512Finalize(context, (uint8_t)
never executed (the execution status of this line is deduced): SHA384_512Finalize(context, (::quint8)
-
541 ((message_bits & masks[length]) | markbit[length]));
never executed (the execution status of this line is deduced): ((message_bits & masks[length]) | markbit[length]));
-
542 -
543 return context->Corrupted;
never executed: return context->Corrupted;
0
544} -
545 -
546/* -
547 * SHA512Result -
548 * -
549 * Description: -
550 * This function will return the 512-bit message digest -
551 * into the Message_Digest array provided by the caller. -
552 * NOTE: -
553 * The first octet of hash is stored in the element with index 0, -
554 * the last octet of hash in the element with index 63. -
555 * -
556 * Parameters: -
557 * context: [in/out] -
558 * The context to use to calculate the SHA hash. -
559 * Message_Digest[ ]: [out] -
560 * Where the digest is returned. -
561 * -
562 * Returns: -
563 * sha Error Code. -
564 * -
565 */ -
566int SHA512Result(SHA512Context *context, -
567 uint8_t Message_Digest[SHA512HashSize]) -
568{ -
569 return SHA384_512ResultN(context, Message_Digest, SHA512HashSize);
executed: return SHA384_512ResultN(context, Message_Digest, SHA512HashSize);
Execution Count:4
4
570} -
571 -
572/* -
573 * SHA384_512Reset -
574 * -
575 * Description: -
576 * This helper function will initialize the SHA512Context in -
577 * preparation for computing a new SHA384 or SHA512 message -
578 * digest. -
579 * -
580 * Parameters: -
581 * context: [in/out] -
582 * The context to reset. -
583 * H0[ ]: [in] -
584 * The initial hash value array to use. -
585 * -
586 * Returns: -
587 * sha Error Code. -
588 * -
589 */ -
590#ifdef USE_32BIT_ONLY -
591static int SHA384_512Reset(SHA512Context *context, -
592 uint32_t H0[SHA512HashSize/4]) -
593#else /* !USE_32BIT_ONLY */ -
594static int SHA384_512Reset(SHA512Context *context, -
595 uint64_t H0[SHA512HashSize/8]) -
596#endif /* USE_32BIT_ONLY */ -
597{ -
598 int i;
executed (the execution status of this line is deduced): int i;
-
599 if (!context) return shaNull;
never executed: return shaNull;
partially evaluated: !context
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
600 -
601 context->Message_Block_Index = 0;
executed (the execution status of this line is deduced): context->Message_Block_Index = 0;
-
602 -
603#ifdef USE_32BIT_ONLY -
604 context->Length[0] = context->Length[1] = -
605 context->Length[2] = context->Length[3] = 0; -
606 -
607 for (i = 0; i < SHA512HashSize/4; i++) -
608 context->Intermediate_Hash[i] = H0[i]; -
609#else /* !USE_32BIT_ONLY */ -
610 context->Length_High = context->Length_Low = 0;
executed (the execution status of this line is deduced): context->Length_High = context->Length_Low = 0;
-
611 -
612 for (i = 0; i < SHA512HashSize/8; i++)
evaluated: i < SHA512HashSize/8
TRUEFALSE
yes
Evaluation Count:64
yes
Evaluation Count:8
8-64
613 context->Intermediate_Hash[i] = H0[i];
executed: context->Intermediate_Hash[i] = H0[i];
Execution Count:64
64
614#endif /* USE_32BIT_ONLY */ -
615 -
616 context->Computed = 0;
executed (the execution status of this line is deduced): context->Computed = 0;
-
617 context->Corrupted = shaSuccess;
executed (the execution status of this line is deduced): context->Corrupted = shaSuccess;
-
618 -
619 return shaSuccess;
executed: return shaSuccess;
Execution Count:8
8
620} -
621 -
622/* -
623 * SHA384_512ProcessMessageBlock -
624 * -
625 * Description: -
626 * This helper function will process the next 1024 bits of the -
627 * message stored in the Message_Block array. -
628 * -
629 * Parameters: -
630 * context: [in/out] -
631 * The SHA context to update. -
632 * -
633 * Returns: -
634 * Nothing. -
635 * -
636 * Comments: -
637 * Many of the variable names in this code, especially the -
638 * single character names, were used because those were the -
639 * names used in the Secure Hash Standard. -
640 * -
641 * -
642 */ -
643static void SHA384_512ProcessMessageBlock(SHA512Context *context) -
644{ -
645#ifdef USE_32BIT_ONLY -
646 /* Constants defined in FIPS 180-3, section 4.2.3 */ -
647 static const uint32_t K[80*2] = { -
648 0x428A2F98, 0xD728AE22, 0x71374491, 0x23EF65CD, 0xB5C0FBCF, -
649 0xEC4D3B2F, 0xE9B5DBA5, 0x8189DBBC, 0x3956C25B, 0xF348B538, -
650 0x59F111F1, 0xB605D019, 0x923F82A4, 0xAF194F9B, 0xAB1C5ED5, -
651 0xDA6D8118, 0xD807AA98, 0xA3030242, 0x12835B01, 0x45706FBE, -
652 0x243185BE, 0x4EE4B28C, 0x550C7DC3, 0xD5FFB4E2, 0x72BE5D74, -
653 0xF27B896F, 0x80DEB1FE, 0x3B1696B1, 0x9BDC06A7, 0x25C71235, -
654 0xC19BF174, 0xCF692694, 0xE49B69C1, 0x9EF14AD2, 0xEFBE4786, -
655 0x384F25E3, 0x0FC19DC6, 0x8B8CD5B5, 0x240CA1CC, 0x77AC9C65, -
656 0x2DE92C6F, 0x592B0275, 0x4A7484AA, 0x6EA6E483, 0x5CB0A9DC, -
657 0xBD41FBD4, 0x76F988DA, 0x831153B5, 0x983E5152, 0xEE66DFAB, -
658 0xA831C66D, 0x2DB43210, 0xB00327C8, 0x98FB213F, 0xBF597FC7, -
659 0xBEEF0EE4, 0xC6E00BF3, 0x3DA88FC2, 0xD5A79147, 0x930AA725, -
660 0x06CA6351, 0xE003826F, 0x14292967, 0x0A0E6E70, 0x27B70A85, -
661 0x46D22FFC, 0x2E1B2138, 0x5C26C926, 0x4D2C6DFC, 0x5AC42AED, -
662 0x53380D13, 0x9D95B3DF, 0x650A7354, 0x8BAF63DE, 0x766A0ABB, -
663 0x3C77B2A8, 0x81C2C92E, 0x47EDAEE6, 0x92722C85, 0x1482353B, -
664 0xA2BFE8A1, 0x4CF10364, 0xA81A664B, 0xBC423001, 0xC24B8B70, -
665 0xD0F89791, 0xC76C51A3, 0x0654BE30, 0xD192E819, 0xD6EF5218, -
666 0xD6990624, 0x5565A910, 0xF40E3585, 0x5771202A, 0x106AA070, -
667 0x32BBD1B8, 0x19A4C116, 0xB8D2D0C8, 0x1E376C08, 0x5141AB53, -
668 0x2748774C, 0xDF8EEB99, 0x34B0BCB5, 0xE19B48A8, 0x391C0CB3, -
669 0xC5C95A63, 0x4ED8AA4A, 0xE3418ACB, 0x5B9CCA4F, 0x7763E373, -
670 0x682E6FF3, 0xD6B2B8A3, 0x748F82EE, 0x5DEFB2FC, 0x78A5636F, -
671 0x43172F60, 0x84C87814, 0xA1F0AB72, 0x8CC70208, 0x1A6439EC, -
672 0x90BEFFFA, 0x23631E28, 0xA4506CEB, 0xDE82BDE9, 0xBEF9A3F7, -
673 0xB2C67915, 0xC67178F2, 0xE372532B, 0xCA273ECE, 0xEA26619C, -
674 0xD186B8C7, 0x21C0C207, 0xEADA7DD6, 0xCDE0EB1E, 0xF57D4F7F, -
675 0xEE6ED178, 0x06F067AA, 0x72176FBA, 0x0A637DC5, 0xA2C898A6, -
676 0x113F9804, 0xBEF90DAE, 0x1B710B35, 0x131C471B, 0x28DB77F5, -
677 0x23047D84, 0x32CAAB7B, 0x40C72493, 0x3C9EBE0A, 0x15C9BEBC, -
678 0x431D67C4, 0x9C100D4C, 0x4CC5D4BE, 0xCB3E42B6, 0x597F299C, -
679 0xFC657E2A, 0x5FCB6FAB, 0x3AD6FAEC, 0x6C44198C, 0x4A475817 -
680 }; -
681 int t, t2, t8; /* Loop counter */ -
682 uint32_t temp1[2], temp2[2], /* Temporary word values */ -
683 temp3[2], temp4[2], temp5[2]; -
684 uint32_t W[2*80]; /* Word sequence */ -
685 uint32_t A[2], B[2], C[2], D[2], /* Word buffers */ -
686 E[2], F[2], G[2], H[2]; -
687 -
688 /* Initialize the first 16 words in the array W */ -
689 for (t = t2 = t8 = 0; t < 16; t++, t8 += 8) { -
690 W[t2++] = ((((uint32_t)context->Message_Block[t8 ])) << 24) | -
691 ((((uint32_t)context->Message_Block[t8 + 1])) << 16) | -
692 ((((uint32_t)context->Message_Block[t8 + 2])) << 8) | -
693 ((((uint32_t)context->Message_Block[t8 + 3]))); -
694 W[t2++] = ((((uint32_t)context->Message_Block[t8 + 4])) << 24) | -
695 ((((uint32_t)context->Message_Block[t8 + 5])) << 16) | -
696 ((((uint32_t)context->Message_Block[t8 + 6])) << 8) | -
697 ((((uint32_t)context->Message_Block[t8 + 7]))); -
698 } -
699 -
700 for (t = 16; t < 80; t++, t2 += 2) { -
701 /* W[t] = SHA512_sigma1(W[t-2]) + W[t-7] + -
702 SHA512_sigma0(W[t-15]) + W[t-16]; */ -
703 uint32_t *Wt2 = &W[t2-2*2]; -
704 uint32_t *Wt7 = &W[t2-7*2]; -
705 uint32_t *Wt15 = &W[t2-15*2]; -
706 uint32_t *Wt16 = &W[t2-16*2]; -
707 SHA512_sigma1(Wt2, temp1); -
708 SHA512_ADD(temp1, Wt7, temp2); -
709 SHA512_sigma0(Wt15, temp1); -
710 SHA512_ADD(temp1, Wt16, temp3); -
711 SHA512_ADD(temp2, temp3, &W[t2]); -
712 } -
713 -
714 A[0] = context->Intermediate_Hash[0]; -
715 A[1] = context->Intermediate_Hash[1]; -
716 B[0] = context->Intermediate_Hash[2]; -
717 B[1] = context->Intermediate_Hash[3]; -
718 C[0] = context->Intermediate_Hash[4]; -
719 C[1] = context->Intermediate_Hash[5]; -
720 D[0] = context->Intermediate_Hash[6]; -
721 D[1] = context->Intermediate_Hash[7]; -
722 E[0] = context->Intermediate_Hash[8]; -
723 E[1] = context->Intermediate_Hash[9]; -
724 F[0] = context->Intermediate_Hash[10]; -
725 F[1] = context->Intermediate_Hash[11]; -
726 G[0] = context->Intermediate_Hash[12]; -
727 G[1] = context->Intermediate_Hash[13]; -
728 H[0] = context->Intermediate_Hash[14]; -
729 H[1] = context->Intermediate_Hash[15]; -
730 -
731 for (t = t2 = 0; t < 80; t++, t2 += 2) { -
732 /* -
733 * temp1 = H + SHA512_SIGMA1(E) + SHA_Ch(E,F,G) + K[t] + W[t]; -
734 */ -
735 SHA512_SIGMA1(E,temp1); -
736 SHA512_ADD(H, temp1, temp2); -
737 SHA_Ch(E,F,G,temp3); -
738 SHA512_ADD(temp2, temp3, temp4); -
739 SHA512_ADD(&K[t2], &W[t2], temp5); -
740 SHA512_ADD(temp4, temp5, temp1); -
741 /* -
742 * temp2 = SHA512_SIGMA0(A) + SHA_Maj(A,B,C); -
743 */ -
744 SHA512_SIGMA0(A,temp3); -
745 SHA_Maj(A,B,C,temp4); -
746 SHA512_ADD(temp3, temp4, temp2); -
747 H[0] = G[0]; H[1] = G[1]; -
748 G[0] = F[0]; G[1] = F[1]; -
749 F[0] = E[0]; F[1] = E[1]; -
750 SHA512_ADD(D, temp1, E); -
751 D[0] = C[0]; D[1] = C[1]; -
752 C[0] = B[0]; C[1] = B[1]; -
753 B[0] = A[0]; B[1] = A[1]; -
754 SHA512_ADD(temp1, temp2, A); -
755 } -
756 -
757 SHA512_ADDTO2(&context->Intermediate_Hash[0], A); -
758 SHA512_ADDTO2(&context->Intermediate_Hash[2], B); -
759 SHA512_ADDTO2(&context->Intermediate_Hash[4], C); -
760 SHA512_ADDTO2(&context->Intermediate_Hash[6], D); -
761 SHA512_ADDTO2(&context->Intermediate_Hash[8], E); -
762 SHA512_ADDTO2(&context->Intermediate_Hash[10], F); -
763 SHA512_ADDTO2(&context->Intermediate_Hash[12], G); -
764 SHA512_ADDTO2(&context->Intermediate_Hash[14], H); -
765 -
766#else /* !USE_32BIT_ONLY */ -
767 /* Constants defined in FIPS 180-3, section 4.2.3 */ -
768 static const uint64_t K[80] = { -
769 0x428A2F98D728AE22ll, 0x7137449123EF65CDll, 0xB5C0FBCFEC4D3B2Fll, -
770 0xE9B5DBA58189DBBCll, 0x3956C25BF348B538ll, 0x59F111F1B605D019ll, -
771 0x923F82A4AF194F9Bll, 0xAB1C5ED5DA6D8118ll, 0xD807AA98A3030242ll, -
772 0x12835B0145706FBEll, 0x243185BE4EE4B28Cll, 0x550C7DC3D5FFB4E2ll, -
773 0x72BE5D74F27B896Fll, 0x80DEB1FE3B1696B1ll, 0x9BDC06A725C71235ll, -
774 0xC19BF174CF692694ll, 0xE49B69C19EF14AD2ll, 0xEFBE4786384F25E3ll, -
775 0x0FC19DC68B8CD5B5ll, 0x240CA1CC77AC9C65ll, 0x2DE92C6F592B0275ll, -
776 0x4A7484AA6EA6E483ll, 0x5CB0A9DCBD41FBD4ll, 0x76F988DA831153B5ll, -
777 0x983E5152EE66DFABll, 0xA831C66D2DB43210ll, 0xB00327C898FB213Fll, -
778 0xBF597FC7BEEF0EE4ll, 0xC6E00BF33DA88FC2ll, 0xD5A79147930AA725ll, -
779 0x06CA6351E003826Fll, 0x142929670A0E6E70ll, 0x27B70A8546D22FFCll, -
780 0x2E1B21385C26C926ll, 0x4D2C6DFC5AC42AEDll, 0x53380D139D95B3DFll, -
781 0x650A73548BAF63DEll, 0x766A0ABB3C77B2A8ll, 0x81C2C92E47EDAEE6ll, -
782 0x92722C851482353Bll, 0xA2BFE8A14CF10364ll, 0xA81A664BBC423001ll, -
783 0xC24B8B70D0F89791ll, 0xC76C51A30654BE30ll, 0xD192E819D6EF5218ll, -
784 0xD69906245565A910ll, 0xF40E35855771202All, 0x106AA07032BBD1B8ll, -
785 0x19A4C116B8D2D0C8ll, 0x1E376C085141AB53ll, 0x2748774CDF8EEB99ll, -
786 0x34B0BCB5E19B48A8ll, 0x391C0CB3C5C95A63ll, 0x4ED8AA4AE3418ACBll, -
787 0x5B9CCA4F7763E373ll, 0x682E6FF3D6B2B8A3ll, 0x748F82EE5DEFB2FCll, -
788 0x78A5636F43172F60ll, 0x84C87814A1F0AB72ll, 0x8CC702081A6439ECll, -
789 0x90BEFFFA23631E28ll, 0xA4506CEBDE82BDE9ll, 0xBEF9A3F7B2C67915ll, -
790 0xC67178F2E372532Bll, 0xCA273ECEEA26619Cll, 0xD186B8C721C0C207ll, -
791 0xEADA7DD6CDE0EB1Ell, 0xF57D4F7FEE6ED178ll, 0x06F067AA72176FBAll, -
792 0x0A637DC5A2C898A6ll, 0x113F9804BEF90DAEll, 0x1B710B35131C471Bll, -
793 0x28DB77F523047D84ll, 0x32CAAB7B40C72493ll, 0x3C9EBE0A15C9BEBCll, -
794 0x431D67C49C100D4Cll, 0x4CC5D4BECB3E42B6ll, 0x597F299CFC657E2All, -
795 0x5FCB6FAB3AD6FAECll, 0x6C44198C4A475817ll -
796 }; -
797 int t, t8; /* Loop counter */
executed (the execution status of this line is deduced): int t, t8;
-
798 uint64_t temp1, temp2; /* Temporary word value */
executed (the execution status of this line is deduced): ::quint64 temp1, temp2;
-
799 uint64_t W[80]; /* Word sequence */
executed (the execution status of this line is deduced): ::quint64 W[80];
-
800 uint64_t A, B, C, D, E, F, G, H; /* Word buffers */
executed (the execution status of this line is deduced): ::quint64 A, B, C, D, E, F, G, H;
-
801 -
802 /* -
803 * Initialize the first 16 words in the array W -
804 */ -
805 for (t = t8 = 0; t < 16; t++, t8 += 8)
evaluated: t < 16
TRUEFALSE
yes
Evaluation Count:128
yes
Evaluation Count:8
8-128
806 W[t] = ((uint64_t)(context->Message_Block[t8 ]) << 56) |
executed: W[t] = ((::quint64)(context->Message_Block[t8 ]) << 56) | ((::quint64)(context->Message_Block[t8 + 1]) << 48) | ((::quint64)(context->Message_Block[t8 + 2]) << 40) | ((::quint64)(context->Message_Block[t8 + 3]) << 32) | ((::quint64)(context->Message_Block[t8 + 4]) << 24) | ((::quint64)(context->Message_Block[t8 + 5]) << 16) | ((::quint64)(context->Message_Block[t8 + 6]) << 8) | ((::quint64)(context->Message_Block[t8 + 7]));
Execution Count:128
128
807 ((uint64_t)(context->Message_Block[t8 + 1]) << 48) |
executed: W[t] = ((::quint64)(context->Message_Block[t8 ]) << 56) | ((::quint64)(context->Message_Block[t8 + 1]) << 48) | ((::quint64)(context->Message_Block[t8 + 2]) << 40) | ((::quint64)(context->Message_Block[t8 + 3]) << 32) | ((::quint64)(context->Message_Block[t8 + 4]) << 24) | ((::quint64)(context->Message_Block[t8 + 5]) << 16) | ((::quint64)(context->Message_Block[t8 + 6]) << 8) | ((::quint64)(context->Message_Block[t8 + 7]));
Execution Count:128
128
808 ((uint64_t)(context->Message_Block[t8 + 2]) << 40) |
executed: W[t] = ((::quint64)(context->Message_Block[t8 ]) << 56) | ((::quint64)(context->Message_Block[t8 + 1]) << 48) | ((::quint64)(context->Message_Block[t8 + 2]) << 40) | ((::quint64)(context->Message_Block[t8 + 3]) << 32) | ((::quint64)(context->Message_Block[t8 + 4]) << 24) | ((::quint64)(context->Message_Block[t8 + 5]) << 16) | ((::quint64)(context->Message_Block[t8 + 6]) << 8) | ((::quint64)(context->Message_Block[t8 + 7]));
Execution Count:128
128
809 ((uint64_t)(context->Message_Block[t8 + 3]) << 32) |
executed: W[t] = ((::quint64)(context->Message_Block[t8 ]) << 56) | ((::quint64)(context->Message_Block[t8 + 1]) << 48) | ((::quint64)(context->Message_Block[t8 + 2]) << 40) | ((::quint64)(context->Message_Block[t8 + 3]) << 32) | ((::quint64)(context->Message_Block[t8 + 4]) << 24) | ((::quint64)(context->Message_Block[t8 + 5]) << 16) | ((::quint64)(context->Message_Block[t8 + 6]) << 8) | ((::quint64)(context->Message_Block[t8 + 7]));
Execution Count:128
128
810 ((uint64_t)(context->Message_Block[t8 + 4]) << 24) |
executed: W[t] = ((::quint64)(context->Message_Block[t8 ]) << 56) | ((::quint64)(context->Message_Block[t8 + 1]) << 48) | ((::quint64)(context->Message_Block[t8 + 2]) << 40) | ((::quint64)(context->Message_Block[t8 + 3]) << 32) | ((::quint64)(context->Message_Block[t8 + 4]) << 24) | ((::quint64)(context->Message_Block[t8 + 5]) << 16) | ((::quint64)(context->Message_Block[t8 + 6]) << 8) | ((::quint64)(context->Message_Block[t8 + 7]));
Execution Count:128
128
811 ((uint64_t)(context->Message_Block[t8 + 5]) << 16) |
executed: W[t] = ((::quint64)(context->Message_Block[t8 ]) << 56) | ((::quint64)(context->Message_Block[t8 + 1]) << 48) | ((::quint64)(context->Message_Block[t8 + 2]) << 40) | ((::quint64)(context->Message_Block[t8 + 3]) << 32) | ((::quint64)(context->Message_Block[t8 + 4]) << 24) | ((::quint64)(context->Message_Block[t8 + 5]) << 16) | ((::quint64)(context->Message_Block[t8 + 6]) << 8) | ((::quint64)(context->Message_Block[t8 + 7]));
Execution Count:128
128
812 ((uint64_t)(context->Message_Block[t8 + 6]) << 8) |
executed: W[t] = ((::quint64)(context->Message_Block[t8 ]) << 56) | ((::quint64)(context->Message_Block[t8 + 1]) << 48) | ((::quint64)(context->Message_Block[t8 + 2]) << 40) | ((::quint64)(context->Message_Block[t8 + 3]) << 32) | ((::quint64)(context->Message_Block[t8 + 4]) << 24) | ((::quint64)(context->Message_Block[t8 + 5]) << 16) | ((::quint64)(context->Message_Block[t8 + 6]) << 8) | ((::quint64)(context->Message_Block[t8 + 7]));
Execution Count:128
128
813 ((uint64_t)(context->Message_Block[t8 + 7]));
executed: W[t] = ((::quint64)(context->Message_Block[t8 ]) << 56) | ((::quint64)(context->Message_Block[t8 + 1]) << 48) | ((::quint64)(context->Message_Block[t8 + 2]) << 40) | ((::quint64)(context->Message_Block[t8 + 3]) << 32) | ((::quint64)(context->Message_Block[t8 + 4]) << 24) | ((::quint64)(context->Message_Block[t8 + 5]) << 16) | ((::quint64)(context->Message_Block[t8 + 6]) << 8) | ((::quint64)(context->Message_Block[t8 + 7]));
Execution Count:128
128
814 -
815 for (t = 16; t < 80; t++)
evaluated: t < 80
TRUEFALSE
yes
Evaluation Count:512
yes
Evaluation Count:8
8-512
816 W[t] = SHA512_sigma1(W[t-2]) + W[t-7] +
executed: W[t] = (((((::quint64)(W[t-2])) >> (19)) | (((::quint64)(W[t-2])) << (64-(19)))) ^ ((((::quint64)(W[t-2])) >> (61)) | (((::quint64)(W[t-2])) << (64-(61)))) ^ (((::quint64)(W[t-2])) >> (6))) + W[t-7] + (((((::quint64)(W[t-15])) >> (1)) | (((::quint64)(W[t-15])) << (64-(1)))) ^ ((((::quint64)(W[t-15])) >> (8)) | (((::quint64)(W[t-15])) << (64-(8)))) ^ (((::quint64)(W[t-15])) >> (7))) + W[t-16];
Execution Count:512
512
817 SHA512_sigma0(W[t-15]) + W[t-16];
executed: W[t] = (((((::quint64)(W[t-2])) >> (19)) | (((::quint64)(W[t-2])) << (64-(19)))) ^ ((((::quint64)(W[t-2])) >> (61)) | (((::quint64)(W[t-2])) << (64-(61)))) ^ (((::quint64)(W[t-2])) >> (6))) + W[t-7] + (((((::quint64)(W[t-15])) >> (1)) | (((::quint64)(W[t-15])) << (64-(1)))) ^ ((((::quint64)(W[t-15])) >> (8)) | (((::quint64)(W[t-15])) << (64-(8)))) ^ (((::quint64)(W[t-15])) >> (7))) + W[t-16];
Execution Count:512
512
818 A = context->Intermediate_Hash[0];
executed (the execution status of this line is deduced): A = context->Intermediate_Hash[0];
-
819 B = context->Intermediate_Hash[1];
executed (the execution status of this line is deduced): B = context->Intermediate_Hash[1];
-
820 C = context->Intermediate_Hash[2];
executed (the execution status of this line is deduced): C = context->Intermediate_Hash[2];
-
821 D = context->Intermediate_Hash[3];
executed (the execution status of this line is deduced): D = context->Intermediate_Hash[3];
-
822 E = context->Intermediate_Hash[4];
executed (the execution status of this line is deduced): E = context->Intermediate_Hash[4];
-
823 F = context->Intermediate_Hash[5];
executed (the execution status of this line is deduced): F = context->Intermediate_Hash[5];
-
824 G = context->Intermediate_Hash[6];
executed (the execution status of this line is deduced): G = context->Intermediate_Hash[6];
-
825 H = context->Intermediate_Hash[7];
executed (the execution status of this line is deduced): H = context->Intermediate_Hash[7];
-
826 -
827 for (t = 0; t < 80; t++) {
evaluated: t < 80
TRUEFALSE
yes
Evaluation Count:640
yes
Evaluation Count:8
8-640
828 temp1 = H + SHA512_SIGMA1(E) + SHA_Ch(E,F,G) + K[t] + W[t];
executed (the execution status of this line is deduced): temp1 = H + (((((::quint64)(E)) >> (14)) | (((::quint64)(E)) << (64-(14)))) ^ ((((::quint64)(E)) >> (18)) | (((::quint64)(E)) << (64-(18)))) ^ ((((::quint64)(E)) >> (41)) | (((::quint64)(E)) << (64-(41))))) + (((E) & (F)) ^ ((~(E)) & (G))) + K[t] + W[t];
-
829 temp2 = SHA512_SIGMA0(A) + SHA_Maj(A,B,C);
executed (the execution status of this line is deduced): temp2 = (((((::quint64)(A)) >> (28)) | (((::quint64)(A)) << (64-(28)))) ^ ((((::quint64)(A)) >> (34)) | (((::quint64)(A)) << (64-(34)))) ^ ((((::quint64)(A)) >> (39)) | (((::quint64)(A)) << (64-(39))))) + (((A) & (B)) ^ ((A) & (C)) ^ ((B) & (C)));
-
830 H = G;
executed (the execution status of this line is deduced): H = G;
-
831 G = F;
executed (the execution status of this line is deduced): G = F;
-
832 F = E;
executed (the execution status of this line is deduced): F = E;
-
833 E = D + temp1;
executed (the execution status of this line is deduced): E = D + temp1;
-
834 D = C;
executed (the execution status of this line is deduced): D = C;
-
835 C = B;
executed (the execution status of this line is deduced): C = B;
-
836 B = A;
executed (the execution status of this line is deduced): B = A;
-
837 A = temp1 + temp2;
executed (the execution status of this line is deduced): A = temp1 + temp2;
-
838 }
executed: }
Execution Count:640
640
839 -
840 context->Intermediate_Hash[0] += A;
executed (the execution status of this line is deduced): context->Intermediate_Hash[0] += A;
-
841 context->Intermediate_Hash[1] += B;
executed (the execution status of this line is deduced): context->Intermediate_Hash[1] += B;
-
842 context->Intermediate_Hash[2] += C;
executed (the execution status of this line is deduced): context->Intermediate_Hash[2] += C;
-
843 context->Intermediate_Hash[3] += D;
executed (the execution status of this line is deduced): context->Intermediate_Hash[3] += D;
-
844 context->Intermediate_Hash[4] += E;
executed (the execution status of this line is deduced): context->Intermediate_Hash[4] += E;
-
845 context->Intermediate_Hash[5] += F;
executed (the execution status of this line is deduced): context->Intermediate_Hash[5] += F;
-
846 context->Intermediate_Hash[6] += G;
executed (the execution status of this line is deduced): context->Intermediate_Hash[6] += G;
-
847 context->Intermediate_Hash[7] += H;
executed (the execution status of this line is deduced): context->Intermediate_Hash[7] += H;
-
848#endif /* USE_32BIT_ONLY */ -
849 -
850 context->Message_Block_Index = 0;
executed (the execution status of this line is deduced): context->Message_Block_Index = 0;
-
851}
executed: }
Execution Count:8
8
852 -
853/* -
854 * SHA384_512Finalize -
855 * -
856 * Description: -
857 * This helper function finishes off the digest calculations. -
858 * -
859 * Parameters: -
860 * context: [in/out] -
861 * The SHA context to update. -
862 * Pad_Byte: [in] -
863 * The last byte to add to the message block before the 0-padding -
864 * and length. This will contain the last bits of the message -
865 * followed by another single bit. If the message was an -
866 * exact multiple of 8-bits long, Pad_Byte will be 0x80. -
867 * -
868 * Returns: -
869 * sha Error Code. -
870 * -
871 */ -
872static void SHA384_512Finalize(SHA512Context *context, -
873 uint8_t Pad_Byte) -
874{ -
875 int_least16_t i;
executed (the execution status of this line is deduced): ::qint16 i;
-
876 SHA384_512PadMessage(context, Pad_Byte);
executed (the execution status of this line is deduced): SHA384_512PadMessage(context, Pad_Byte);
-
877 /* message may be sensitive, clear it out */ -
878 for (i = 0; i < SHA512_Message_Block_Size; ++i)
evaluated: i < SHA512_Message_Block_Size
TRUEFALSE
yes
Evaluation Count:1024
yes
Evaluation Count:8
8-1024
879 context->Message_Block[i] = 0;
executed: context->Message_Block[i] = 0;
Execution Count:1024
1024
880#ifdef USE_32BIT_ONLY /* and clear length */ -
881 context->Length[0] = context->Length[1] = 0; -
882 context->Length[2] = context->Length[3] = 0; -
883#else /* !USE_32BIT_ONLY */ -
884 context->Length_High = context->Length_Low = 0;
executed (the execution status of this line is deduced): context->Length_High = context->Length_Low = 0;
-
885#endif /* USE_32BIT_ONLY */ -
886 context->Computed = 1;
executed (the execution status of this line is deduced): context->Computed = 1;
-
887}
executed: }
Execution Count:8
8
888 -
889/* -
890 * SHA384_512PadMessage -
891 * -
892 * Description: -
893 * According to the standard, the message must be padded to the next -
894 * even multiple of 1024 bits. The first padding bit must be a '1'. -
895 * The last 128 bits represent the length of the original message. -
896 * All bits in between should be 0. This helper function will -
897 * pad the message according to those rules by filling the -
898 * Message_Block array accordingly. When it returns, it can be -
899 * assumed that the message digest has been computed. -
900 * -
901 * Parameters: -
902 * context: [in/out] -
903 * The context to pad. -
904 * Pad_Byte: [in] -
905 * The last byte to add to the message block before the 0-padding -
906 * and length. This will contain the last bits of the message -
907 * followed by another single bit. If the message was an -
908 * exact multiple of 8-bits long, Pad_Byte will be 0x80. -
909 * -
910 * Returns: -
911 * Nothing. -
912 * -
913 */ -
914static void SHA384_512PadMessage(SHA512Context *context, -
915 uint8_t Pad_Byte) -
916{ -
917 /* -
918 * Check to see if the current message block is too small to hold -
919 * the initial padding bits and length. If so, we will pad the -
920 * block, process it, and then continue padding into a second -
921 * block. -
922 */ -
923 if (context->Message_Block_Index >= (SHA512_Message_Block_Size-16)) {
partially evaluated: context->Message_Block_Index >= (SHA512_Message_Block_Size-16)
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
924 context->Message_Block[context->Message_Block_Index++] = Pad_Byte;
never executed (the execution status of this line is deduced): context->Message_Block[context->Message_Block_Index++] = Pad_Byte;
-
925 while (context->Message_Block_Index < SHA512_Message_Block_Size)
never evaluated: context->Message_Block_Index < SHA512_Message_Block_Size
0
926 context->Message_Block[context->Message_Block_Index++] = 0;
never executed: context->Message_Block[context->Message_Block_Index++] = 0;
0
927 -
928 SHA384_512ProcessMessageBlock(context);
never executed (the execution status of this line is deduced): SHA384_512ProcessMessageBlock(context);
-
929 } else
never executed: }
0
930 context->Message_Block[context->Message_Block_Index++] = Pad_Byte;
executed: context->Message_Block[context->Message_Block_Index++] = Pad_Byte;
Execution Count:8
8
931 -
932 while (context->Message_Block_Index < (SHA512_Message_Block_Size-16))
evaluated: context->Message_Block_Index < (SHA512_Message_Block_Size-16)
TRUEFALSE
yes
Evaluation Count:858
yes
Evaluation Count:8
8-858
933 context->Message_Block[context->Message_Block_Index++] = 0;
executed: context->Message_Block[context->Message_Block_Index++] = 0;
Execution Count:858
858
934 -
935 /* -
936 * Store the message length as the last 16 octets -
937 */ -
938#ifdef USE_32BIT_ONLY -
939 context->Message_Block[112] = (uint8_t)(context->Length[0] >> 24); -
940 context->Message_Block[113] = (uint8_t)(context->Length[0] >> 16); -
941 context->Message_Block[114] = (uint8_t)(context->Length[0] >> 8); -
942 context->Message_Block[115] = (uint8_t)(context->Length[0]); -
943 context->Message_Block[116] = (uint8_t)(context->Length[1] >> 24); -
944 context->Message_Block[117] = (uint8_t)(context->Length[1] >> 16); -
945 context->Message_Block[118] = (uint8_t)(context->Length[1] >> 8); -
946 context->Message_Block[119] = (uint8_t)(context->Length[1]); -
947 -
948 context->Message_Block[120] = (uint8_t)(context->Length[2] >> 24); -
949 context->Message_Block[121] = (uint8_t)(context->Length[2] >> 16); -
950 context->Message_Block[122] = (uint8_t)(context->Length[2] >> 8); -
951 context->Message_Block[123] = (uint8_t)(context->Length[2]); -
952 context->Message_Block[124] = (uint8_t)(context->Length[3] >> 24); -
953 context->Message_Block[125] = (uint8_t)(context->Length[3] >> 16); -
954 context->Message_Block[126] = (uint8_t)(context->Length[3] >> 8); -
955 context->Message_Block[127] = (uint8_t)(context->Length[3]); -
956#else /* !USE_32BIT_ONLY */ -
957 context->Message_Block[112] = (uint8_t)(context->Length_High >> 56);
executed (the execution status of this line is deduced): context->Message_Block[112] = (::quint8)(context->Length_High >> 56);
-
958 context->Message_Block[113] = (uint8_t)(context->Length_High >> 48);
executed (the execution status of this line is deduced): context->Message_Block[113] = (::quint8)(context->Length_High >> 48);
-
959 context->Message_Block[114] = (uint8_t)(context->Length_High >> 40);
executed (the execution status of this line is deduced): context->Message_Block[114] = (::quint8)(context->Length_High >> 40);
-
960 context->Message_Block[115] = (uint8_t)(context->Length_High >> 32);
executed (the execution status of this line is deduced): context->Message_Block[115] = (::quint8)(context->Length_High >> 32);
-
961 context->Message_Block[116] = (uint8_t)(context->Length_High >> 24);
executed (the execution status of this line is deduced): context->Message_Block[116] = (::quint8)(context->Length_High >> 24);
-
962 context->Message_Block[117] = (uint8_t)(context->Length_High >> 16);
executed (the execution status of this line is deduced): context->Message_Block[117] = (::quint8)(context->Length_High >> 16);
-
963 context->Message_Block[118] = (uint8_t)(context->Length_High >> 8);
executed (the execution status of this line is deduced): context->Message_Block[118] = (::quint8)(context->Length_High >> 8);
-
964 context->Message_Block[119] = (uint8_t)(context->Length_High);
executed (the execution status of this line is deduced): context->Message_Block[119] = (::quint8)(context->Length_High);
-
965 -
966 context->Message_Block[120] = (uint8_t)(context->Length_Low >> 56);
executed (the execution status of this line is deduced): context->Message_Block[120] = (::quint8)(context->Length_Low >> 56);
-
967 context->Message_Block[121] = (uint8_t)(context->Length_Low >> 48);
executed (the execution status of this line is deduced): context->Message_Block[121] = (::quint8)(context->Length_Low >> 48);
-
968 context->Message_Block[122] = (uint8_t)(context->Length_Low >> 40);
executed (the execution status of this line is deduced): context->Message_Block[122] = (::quint8)(context->Length_Low >> 40);
-
969 context->Message_Block[123] = (uint8_t)(context->Length_Low >> 32);
executed (the execution status of this line is deduced): context->Message_Block[123] = (::quint8)(context->Length_Low >> 32);
-
970 context->Message_Block[124] = (uint8_t)(context->Length_Low >> 24);
executed (the execution status of this line is deduced): context->Message_Block[124] = (::quint8)(context->Length_Low >> 24);
-
971 context->Message_Block[125] = (uint8_t)(context->Length_Low >> 16);
executed (the execution status of this line is deduced): context->Message_Block[125] = (::quint8)(context->Length_Low >> 16);
-
972 context->Message_Block[126] = (uint8_t)(context->Length_Low >> 8);
executed (the execution status of this line is deduced): context->Message_Block[126] = (::quint8)(context->Length_Low >> 8);
-
973 context->Message_Block[127] = (uint8_t)(context->Length_Low);
executed (the execution status of this line is deduced): context->Message_Block[127] = (::quint8)(context->Length_Low);
-
974#endif /* USE_32BIT_ONLY */ -
975 -
976 SHA384_512ProcessMessageBlock(context);
executed (the execution status of this line is deduced): SHA384_512ProcessMessageBlock(context);
-
977}
executed: }
Execution Count:8
8
978 -
979/* -
980 * SHA384_512ResultN -
981 * -
982 * Description: -
983 * This helper function will return the 384-bit or 512-bit message -
984 * digest into the Message_Digest array provided by the caller. -
985 * NOTE: -
986 * The first octet of hash is stored in the element with index 0, -
987 * the last octet of hash in the element with index 47/63. -
988 * -
989 * Parameters: -
990 * context: [in/out] -
991 * The context to use to calculate the SHA hash. -
992 * Message_Digest[ ]: [out] -
993 * Where the digest is returned. -
994 * HashSize: [in] -
995 * The size of the hash, either 48 or 64. -
996 * -
997 * Returns: -
998 * sha Error Code. -
999 * -
1000 */ -
1001static int SHA384_512ResultN(SHA512Context *context, -
1002 uint8_t Message_Digest[ ], int HashSize) -
1003{ -
1004 int i;
executed (the execution status of this line is deduced): int i;
-
1005#ifdef USE_32BIT_ONLY -
1006 int i2; -
1007#endif /* USE_32BIT_ONLY */ -
1008 -
1009 if (!context) return shaNull;
never executed: return shaNull;
partially evaluated: !context
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
1010 if (!Message_Digest) return shaNull;
never executed: return shaNull;
partially evaluated: !Message_Digest
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
1011 if (context->Corrupted) return context->Corrupted;
never executed: return context->Corrupted;
partially evaluated: context->Corrupted
TRUEFALSE
no
Evaluation Count:0
yes
Evaluation Count:8
0-8
1012 -
1013 if (!context->Computed)
partially evaluated: !context->Computed
TRUEFALSE
yes
Evaluation Count:8
no
Evaluation Count:0
0-8
1014 SHA384_512Finalize(context, 0x80);
executed: SHA384_512Finalize(context, 0x80);
Execution Count:8
8
1015 -
1016#ifdef USE_32BIT_ONLY -
1017 for (i = i2 = 0; i < HashSize; ) { -
1018 Message_Digest[i++]=(uint8_t)(context->Intermediate_Hash[i2]>>24); -
1019 Message_Digest[i++]=(uint8_t)(context->Intermediate_Hash[i2]>>16); -
1020 Message_Digest[i++]=(uint8_t)(context->Intermediate_Hash[i2]>>8); -
1021 Message_Digest[i++]=(uint8_t)(context->Intermediate_Hash[i2++]); -
1022 Message_Digest[i++]=(uint8_t)(context->Intermediate_Hash[i2]>>24); -
1023 Message_Digest[i++]=(uint8_t)(context->Intermediate_Hash[i2]>>16); -
1024 Message_Digest[i++]=(uint8_t)(context->Intermediate_Hash[i2]>>8); -
1025 Message_Digest[i++]=(uint8_t)(context->Intermediate_Hash[i2++]); -
1026 } -
1027#else /* !USE_32BIT_ONLY */ -
1028 for (i = 0; i < HashSize; ++i)
evaluated: i < HashSize
TRUEFALSE
yes
Evaluation Count:448
yes
Evaluation Count:8
8-448
1029 Message_Digest[i] = (uint8_t)
executed: Message_Digest[i] = (::quint8) (context->Intermediate_Hash[i>>3] >> 8 * ( 7 - ( i % 8 ) ));
Execution Count:448
448
1030 (context->Intermediate_Hash[i>>3] >> 8 * ( 7 - ( i % 8 ) ));
executed: Message_Digest[i] = (::quint8) (context->Intermediate_Hash[i>>3] >> 8 * ( 7 - ( i % 8 ) ));
Execution Count:448
448
1031#endif /* USE_32BIT_ONLY */ -
1032 -
1033 return shaSuccess;
executed: return shaSuccess;
Execution Count:8
8
1034} -
1035 -
Source codeSwitch to Preprocessed file
Generated by Squish Coco Non-Commercial