| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
This is a minimal and readable SHA3 implementation.
ok tb@
|
|
This adds support for SHA512/224 and SHA512/256, as specified in FIPS
FIPS 180-4. These are truncated versions of the SHA512 hash.
ok tb@
|
|
ok tb@
|
|
|
|
Various code in libcrypto needs bitwise rotation - rather than defining
different versions across the code base, provide a common set that can
be reused. Any sensible compiler optimises these to a single instruction
where the architecture supports it, which means we can ditch the inline
assembly.
On the chance that we need to provide a platform specific versions, this
follows the approach used in BN where a MD crypto_arch.h header could be
added in the future, which would then provide more specific versions of
these functions.
ok tb@
|
|
It is common to need to store data in a specific endianness - rather than
handrolling and deduplicating code to do this, provide a
crypto_store_htobe64() function that converts from host endian to big
endian, before storing the data to a location with unknown alignment.
ok tb@
|
|
Use htobe64() instead of testing BYTE_ORDER and then handrolling htobe64().
Thanks to tobhe for providing most of the fix via openiked-portable
|
|
ok jsing
|
|
|
|
Rather than sprinkling BYTE_ORDER checks throughout the implementation,
always define PULL64 - on big endian platforms it just becomes a no-op.
ok tb@
|
|
ok tb@
|
|
In the case that the pure C implementation of SHA512 is being used, the
prototype is unnecessary as the function is declared static and exists
in dependency order. Simply omit the prototype rather than using #ifndef
to toggle the static prefix.
ok tb@
|
|
ok tb@
|
|
Another set of mechnical replacements for "a,b" with "a, b".
No change in generated assembly.
|
|
Mechanically replace "a,b" with "a, b".
No change to generated assembly.
|
|
Mechanically replace "a,b" with "a, b", followed with some manual
indentation clean up.
No change in generated assembly.
|
|
No change in generated assembly.
|
|
MD32_XARRAY (formerly SHA_XARRAY) was added as a workaround for a broken
HP C compiler (circa 1999). Clean it up to simplify the code.
No change in generated assembly.
ok miod@ tb@
|
|
This follows what is done for other SHA implementations.
ok miod@ tb@
|
|
No intended functional change.
|
|
|
|
The only reason to use HASH_BLOCK_DATA_ORDER in the implementation is to
make the code harder to read.
|
|
|
|
|
|
|
|
|
|
Nothing other than sha1dst.c uses this header - pull it in to sha1dgst.c
directly (sha_local.h will be removed at a later date).
|
|
|
|
No change to generated assembly.
|
|
|
|
|
|
No change in generated assembly.
|
|
ok miod
|
|
At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws
Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to
make it happy.
ok deraadt miod
|
|
|
|
|
|
responsible from getting the proper address of those blocks.
|
|
responsible from getting the proper address of those blocks.
ok tb@ jsing@
|
|
OpenBSD/macppc will enforce xonly on PowerPC G5, then libcrypto's
sha256 would crash by SIGSEGV, because it can't read text.
Use ELF relocations "@ha" and "@l" to find the table in rodata. This
might break the PowerPC asm on a not-ELF platform (like AIX or Mac OS)
if someone would try it there.
ok kettenis@ deraadt@
|
|
|
|
These are just creating clutter and cause grep noise.
ok miod@
|
|
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
|
fetch them correctly when building PIC. Also drop unused data, and remove
--no-execute-only from linker flags.
ok kettenis@
|
|
fetch them correctly when building PIC. Also drop unused data, and remove
--no-execute-only from linker flags.
ok jsing@ kettenis@
|
|
|
|
i removed the arithmetics -> arithmetic changes, as i felt they
were not clearly correct
ok tb
|
|
|
