lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-11-03 20:33:16 +03:00
Code Activity

Put local variables and buffers in a struct

Browse Source 
This reduces the impact of the code size increase due to the addition
of calls to mbedtls_platform_zeroize.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm
2020-08-25 19:12:01 +02:00
parent b8513fa6ac
commit 4cb56f83cb
6 changed files with 512 additions and 489 deletions
Download Patch File Download Diff File Expand all files Collapse all files

155
library/md4.c
View File

@@ -115,31 +115,34 @@ void mbedtls_md4_starts( mbedtls_md4_context *ctx )
int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
const unsigned char data[64] ) const unsigned char data[64] )
{ {
uint32_t X[16], A, B, C, D; struct
{
uint32_t X[16], A, B, C, D;
} local;
GET_UINT32_LE( X[ 0], data, 0 ); GET_UINT32_LE( local.X[ 0], data, 0 );
GET_UINT32_LE( X[ 1], data, 4 ); GET_UINT32_LE( local.X[ 1], data, 4 );
GET_UINT32_LE( X[ 2], data, 8 ); GET_UINT32_LE( local.X[ 2], data, 8 );
GET_UINT32_LE( X[ 3], data, 12 ); GET_UINT32_LE( local.X[ 3], data, 12 );
GET_UINT32_LE( X[ 4], data, 16 ); GET_UINT32_LE( local.X[ 4], data, 16 );
GET_UINT32_LE( X[ 5], data, 20 ); GET_UINT32_LE( local.X[ 5], data, 20 );
GET_UINT32_LE( X[ 6], data, 24 ); GET_UINT32_LE( local.X[ 6], data, 24 );
GET_UINT32_LE( X[ 7], data, 28 ); GET_UINT32_LE( local.X[ 7], data, 28 );
GET_UINT32_LE( X[ 8], data, 32 ); GET_UINT32_LE( local.X[ 8], data, 32 );
GET_UINT32_LE( X[ 9], data, 36 ); GET_UINT32_LE( local.X[ 9], data, 36 );
GET_UINT32_LE( X[10], data, 40 ); GET_UINT32_LE( local.X[10], data, 40 );
GET_UINT32_LE( X[11], data, 44 ); GET_UINT32_LE( local.X[11], data, 44 );
GET_UINT32_LE( X[12], data, 48 ); GET_UINT32_LE( local.X[12], data, 48 );
GET_UINT32_LE( X[13], data, 52 ); GET_UINT32_LE( local.X[13], data, 52 );
GET_UINT32_LE( X[14], data, 56 ); GET_UINT32_LE( local.X[14], data, 56 );
GET_UINT32_LE( X[15], data, 60 ); GET_UINT32_LE( local.X[15], data, 60 );
#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
A = ctx->state[0]; local.A = ctx->state[0];
B = ctx->state[1]; local.B = ctx->state[1];
C = ctx->state[2]; local.C = ctx->state[2];
D = ctx->state[3]; local.D = ctx->state[3];
#define F(x, y, z) (((x) & (y)) | ((~(x)) & (z))) #define F(x, y, z) (((x) & (y)) | ((~(x)) & (z)))
#define P(a,b,c,d,x,s) \ #define P(a,b,c,d,x,s) \
@@ -150,22 +153,22 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
} while( 0 ) } while( 0 )
P( A, B, C, D, X[ 0], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
P( D, A, B, C, X[ 1], 7 ); P( local.D, local.A, local.B, local.C, local.X[ 1], 7 );
P( C, D, A, B, X[ 2], 11 ); P( local.C, local.D, local.A, local.B, local.X[ 2], 11 );
P( B, C, D, A, X[ 3], 19 ); P( local.B, local.C, local.D, local.A, local.X[ 3], 19 );
P( A, B, C, D, X[ 4], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 4], 3 );
P( D, A, B, C, X[ 5], 7 ); P( local.D, local.A, local.B, local.C, local.X[ 5], 7 );
P( C, D, A, B, X[ 6], 11 ); P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
P( B, C, D, A, X[ 7], 19 ); P( local.B, local.C, local.D, local.A, local.X[ 7], 19 );
P( A, B, C, D, X[ 8], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 8], 3 );
P( D, A, B, C, X[ 9], 7 ); P( local.D, local.A, local.B, local.C, local.X[ 9], 7 );
P( C, D, A, B, X[10], 11 ); P( local.C, local.D, local.A, local.B, local.X[10], 11 );
P( B, C, D, A, X[11], 19 ); P( local.B, local.C, local.D, local.A, local.X[11], 19 );
P( A, B, C, D, X[12], 3 ); P( local.A, local.B, local.C, local.D, local.X[12], 3 );
P( D, A, B, C, X[13], 7 ); P( local.D, local.A, local.B, local.C, local.X[13], 7 );
P( C, D, A, B, X[14], 11 ); P( local.C, local.D, local.A, local.B, local.X[14], 11 );
P( B, C, D, A, X[15], 19 ); P( local.B, local.C, local.D, local.A, local.X[15], 19 );
#undef P #undef P
#undef F #undef F
@@ -178,22 +181,22 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
(a) = S((a),(s)); \ (a) = S((a),(s)); \
} while( 0 ) } while( 0 )
P( A, B, C, D, X[ 0], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
P( D, A, B, C, X[ 4], 5 ); P( local.D, local.A, local.B, local.C, local.X[ 4], 5 );
P( C, D, A, B, X[ 8], 9 ); P( local.C, local.D, local.A, local.B, local.X[ 8], 9 );
P( B, C, D, A, X[12], 13 ); P( local.B, local.C, local.D, local.A, local.X[12], 13 );
P( A, B, C, D, X[ 1], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 1], 3 );
P( D, A, B, C, X[ 5], 5 ); P( local.D, local.A, local.B, local.C, local.X[ 5], 5 );
P( C, D, A, B, X[ 9], 9 ); P( local.C, local.D, local.A, local.B, local.X[ 9], 9 );
P( B, C, D, A, X[13], 13 ); P( local.B, local.C, local.D, local.A, local.X[13], 13 );
P( A, B, C, D, X[ 2], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 2], 3 );
P( D, A, B, C, X[ 6], 5 ); P( local.D, local.A, local.B, local.C, local.X[ 6], 5 );
P( C, D, A, B, X[10], 9 ); P( local.C, local.D, local.A, local.B, local.X[10], 9 );
P( B, C, D, A, X[14], 13 ); P( local.B, local.C, local.D, local.A, local.X[14], 13 );
P( A, B, C, D, X[ 3], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 3], 3 );
P( D, A, B, C, X[ 7], 5 ); P( local.D, local.A, local.B, local.C, local.X[ 7], 5 );
P( C, D, A, B, X[11], 9 ); P( local.C, local.D, local.A, local.B, local.X[11], 9 );
P( B, C, D, A, X[15], 13 ); P( local.B, local.C, local.D, local.A, local.X[15], 13 );
#undef P #undef P
#undef F #undef F
@@ -206,37 +209,33 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
(a) = S((a),(s)); \ (a) = S((a),(s)); \
} while( 0 ) } while( 0 )
P( A, B, C, D, X[ 0], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
P( D, A, B, C, X[ 8], 9 ); P( local.D, local.A, local.B, local.C, local.X[ 8], 9 );
P( C, D, A, B, X[ 4], 11 ); P( local.C, local.D, local.A, local.B, local.X[ 4], 11 );
P( B, C, D, A, X[12], 15 ); P( local.B, local.C, local.D, local.A, local.X[12], 15 );
P( A, B, C, D, X[ 2], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 2], 3 );
P( D, A, B, C, X[10], 9 ); P( local.D, local.A, local.B, local.C, local.X[10], 9 );
P( C, D, A, B, X[ 6], 11 ); P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
P( B, C, D, A, X[14], 15 ); P( local.B, local.C, local.D, local.A, local.X[14], 15 );
P( A, B, C, D, X[ 1], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 1], 3 );
P( D, A, B, C, X[ 9], 9 ); P( local.D, local.A, local.B, local.C, local.X[ 9], 9 );
P( C, D, A, B, X[ 5], 11 ); P( local.C, local.D, local.A, local.B, local.X[ 5], 11 );
P( B, C, D, A, X[13], 15 ); P( local.B, local.C, local.D, local.A, local.X[13], 15 );
P( A, B, C, D, X[ 3], 3 ); P( local.A, local.B, local.C, local.D, local.X[ 3], 3 );
P( D, A, B, C, X[11], 9 ); P( local.D, local.A, local.B, local.C, local.X[11], 9 );
P( C, D, A, B, X[ 7], 11 ); P( local.C, local.D, local.A, local.B, local.X[ 7], 11 );
P( B, C, D, A, X[15], 15 ); P( local.B, local.C, local.D, local.A, local.X[15], 15 );
#undef F #undef F
#undef P #undef P
ctx->state[0] += A; ctx->state[0] += local.A;
ctx->state[1] += B; ctx->state[1] += local.B;
ctx->state[2] += C; ctx->state[2] += local.C;
ctx->state[3] += D; ctx->state[3] += local.D;
/* Zeroise variables to clear sensitive data from memory. */ /* Zeroise variables to clear sensitive data from memory. */
mbedtls_platform_zeroize( &X, sizeof( X ) ); mbedtls_platform_zeroize( &local, sizeof( local ) );
mbedtls_platform_zeroize( &A, sizeof( A ) );
mbedtls_platform_zeroize( &B, sizeof( B ) );
mbedtls_platform_zeroize( &C, sizeof( C ) );
mbedtls_platform_zeroize( &D, sizeof( D ) );
return( 0 ); return( 0 );
} }

197
library/md5.c
View File

@@ -114,135 +114,134 @@ void mbedtls_md5_starts( mbedtls_md5_context *ctx )
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
const unsigned char data[64] ) const unsigned char data[64] )
{ {
uint32_t X[16], A, B, C, D; struct
{
uint32_t X[16], A, B, C, D;
} local;
GET_UINT32_LE( X[ 0], data, 0 ); GET_UINT32_LE( local.X[ 0], data, 0 );
GET_UINT32_LE( X[ 1], data, 4 ); GET_UINT32_LE( local.X[ 1], data, 4 );
GET_UINT32_LE( X[ 2], data, 8 ); GET_UINT32_LE( local.X[ 2], data, 8 );
GET_UINT32_LE( X[ 3], data, 12 ); GET_UINT32_LE( local.X[ 3], data, 12 );
GET_UINT32_LE( X[ 4], data, 16 ); GET_UINT32_LE( local.X[ 4], data, 16 );
GET_UINT32_LE( X[ 5], data, 20 ); GET_UINT32_LE( local.X[ 5], data, 20 );
GET_UINT32_LE( X[ 6], data, 24 ); GET_UINT32_LE( local.X[ 6], data, 24 );
GET_UINT32_LE( X[ 7], data, 28 ); GET_UINT32_LE( local.X[ 7], data, 28 );
GET_UINT32_LE( X[ 8], data, 32 ); GET_UINT32_LE( local.X[ 8], data, 32 );
GET_UINT32_LE( X[ 9], data, 36 ); GET_UINT32_LE( local.X[ 9], data, 36 );
GET_UINT32_LE( X[10], data, 40 ); GET_UINT32_LE( local.X[10], data, 40 );
GET_UINT32_LE( X[11], data, 44 ); GET_UINT32_LE( local.X[11], data, 44 );
GET_UINT32_LE( X[12], data, 48 ); GET_UINT32_LE( local.X[12], data, 48 );
GET_UINT32_LE( X[13], data, 52 ); GET_UINT32_LE( local.X[13], data, 52 );
GET_UINT32_LE( X[14], data, 56 ); GET_UINT32_LE( local.X[14], data, 56 );
GET_UINT32_LE( X[15], data, 60 ); GET_UINT32_LE( local.X[15], data, 60 );
#define S(x,n) \ #define S(x,n) \
( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) )
#define P(a,b,c,d,k,s,t) \ #define P(a,b,c,d,k,s,t) \
do \ do \
{ \ { \
(a) += F((b),(c),(d)) + X[(k)] + (t); \ (a) += F((b),(c),(d)) + local.X[(k)] + (t); \
(a) = S((a),(s)) + (b); \ (a) = S((a),(s)) + (b); \
} while( 0 ) } while( 0 )
A = ctx->state[0]; local.A = ctx->state[0];
B = ctx->state[1]; local.B = ctx->state[1];
C = ctx->state[2]; local.C = ctx->state[2];
D = ctx->state[3]; local.D = ctx->state[3];
#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) #define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
P( A, B, C, D, 0, 7, 0xD76AA478 ); P( local.A, local.B, local.C, local.D, 0, 7, 0xD76AA478 );
P( D, A, B, C, 1, 12, 0xE8C7B756 ); P( local.D, local.A, local.B, local.C, 1, 12, 0xE8C7B756 );
P( C, D, A, B, 2, 17, 0x242070DB ); P( local.C, local.D, local.A, local.B, 2, 17, 0x242070DB );
P( B, C, D, A, 3, 22, 0xC1BDCEEE ); P( local.B, local.C, local.D, local.A, 3, 22, 0xC1BDCEEE );
P( A, B, C, D, 4, 7, 0xF57C0FAF ); P( local.A, local.B, local.C, local.D, 4, 7, 0xF57C0FAF );
P( D, A, B, C, 5, 12, 0x4787C62A ); P( local.D, local.A, local.B, local.C, 5, 12, 0x4787C62A );
P( C, D, A, B, 6, 17, 0xA8304613 ); P( local.C, local.D, local.A, local.B, 6, 17, 0xA8304613 );
P( B, C, D, A, 7, 22, 0xFD469501 ); P( local.B, local.C, local.D, local.A, 7, 22, 0xFD469501 );
P( A, B, C, D, 8, 7, 0x698098D8 ); P( local.A, local.B, local.C, local.D, 8, 7, 0x698098D8 );
P( D, A, B, C, 9, 12, 0x8B44F7AF ); P( local.D, local.A, local.B, local.C, 9, 12, 0x8B44F7AF );
P( C, D, A, B, 10, 17, 0xFFFF5BB1 ); P( local.C, local.D, local.A, local.B, 10, 17, 0xFFFF5BB1 );
P( B, C, D, A, 11, 22, 0x895CD7BE ); P( local.B, local.C, local.D, local.A, 11, 22, 0x895CD7BE );
P( A, B, C, D, 12, 7, 0x6B901122 ); P( local.A, local.B, local.C, local.D, 12, 7, 0x6B901122 );
P( D, A, B, C, 13, 12, 0xFD987193 ); P( local.D, local.A, local.B, local.C, 13, 12, 0xFD987193 );
P( C, D, A, B, 14, 17, 0xA679438E ); P( local.C, local.D, local.A, local.B, 14, 17, 0xA679438E );
P( B, C, D, A, 15, 22, 0x49B40821 ); P( local.B, local.C, local.D, local.A, 15, 22, 0x49B40821 );
#undef F #undef F
#define F(x,y,z) ((y) ^ ((z) & ((x) ^ (y)))) #define F(x,y,z) ((y) ^ ((z) & ((x) ^ (y))))
P( A, B, C, D, 1, 5, 0xF61E2562 ); P( local.A, local.B, local.C, local.D, 1, 5, 0xF61E2562 );
P( D, A, B, C, 6, 9, 0xC040B340 ); P( local.D, local.A, local.B, local.C, 6, 9, 0xC040B340 );
P( C, D, A, B, 11, 14, 0x265E5A51 ); P( local.C, local.D, local.A, local.B, 11, 14, 0x265E5A51 );
P( B, C, D, A, 0, 20, 0xE9B6C7AA ); P( local.B, local.C, local.D, local.A, 0, 20, 0xE9B6C7AA );
P( A, B, C, D, 5, 5, 0xD62F105D ); P( local.A, local.B, local.C, local.D, 5, 5, 0xD62F105D );
P( D, A, B, C, 10, 9, 0x02441453 ); P( local.D, local.A, local.B, local.C, 10, 9, 0x02441453 );
P( C, D, A, B, 15, 14, 0xD8A1E681 ); P( local.C, local.D, local.A, local.B, 15, 14, 0xD8A1E681 );
P( B, C, D, A, 4, 20, 0xE7D3FBC8 ); P( local.B, local.C, local.D, local.A, 4, 20, 0xE7D3FBC8 );
P( A, B, C, D, 9, 5, 0x21E1CDE6 ); P( local.A, local.B, local.C, local.D, 9, 5, 0x21E1CDE6 );
P( D, A, B, C, 14, 9, 0xC33707D6 ); P( local.D, local.A, local.B, local.C, 14, 9, 0xC33707D6 );
P( C, D, A, B, 3, 14, 0xF4D50D87 ); P( local.C, local.D, local.A, local.B, 3, 14, 0xF4D50D87 );
P( B, C, D, A, 8, 20, 0x455A14ED ); P( local.B, local.C, local.D, local.A, 8, 20, 0x455A14ED );
P( A, B, C, D, 13, 5, 0xA9E3E905 ); P( local.A, local.B, local.C, local.D, 13, 5, 0xA9E3E905 );
P( D, A, B, C, 2, 9, 0xFCEFA3F8 ); P( local.D, local.A, local.B, local.C, 2, 9, 0xFCEFA3F8 );
P( C, D, A, B, 7, 14, 0x676F02D9 ); P( local.C, local.D, local.A, local.B, 7, 14, 0x676F02D9 );
P( B, C, D, A, 12, 20, 0x8D2A4C8A ); P( local.B, local.C, local.D, local.A, 12, 20, 0x8D2A4C8A );
#undef F #undef F
#define F(x,y,z) ((x) ^ (y) ^ (z)) #define F(x,y,z) ((x) ^ (y) ^ (z))
P( A, B, C, D, 5, 4, 0xFFFA3942 ); P( local.A, local.B, local.C, local.D, 5, 4, 0xFFFA3942 );
P( D, A, B, C, 8, 11, 0x8771F681 ); P( local.D, local.A, local.B, local.C, 8, 11, 0x8771F681 );
P( C, D, A, B, 11, 16, 0x6D9D6122 ); P( local.C, local.D, local.A, local.B, 11, 16, 0x6D9D6122 );
P( B, C, D, A, 14, 23, 0xFDE5380C ); P( local.B, local.C, local.D, local.A, 14, 23, 0xFDE5380C );
P( A, B, C, D, 1, 4, 0xA4BEEA44 ); P( local.A, local.B, local.C, local.D, 1, 4, 0xA4BEEA44 );
P( D, A, B, C, 4, 11, 0x4BDECFA9 ); P( local.D, local.A, local.B, local.C, 4, 11, 0x4BDECFA9 );
P( C, D, A, B, 7, 16, 0xF6BB4B60 ); P( local.C, local.D, local.A, local.B, 7, 16, 0xF6BB4B60 );
P( B, C, D, A, 10, 23, 0xBEBFBC70 ); P( local.B, local.C, local.D, local.A, 10, 23, 0xBEBFBC70 );
P( A, B, C, D, 13, 4, 0x289B7EC6 ); P( local.A, local.B, local.C, local.D, 13, 4, 0x289B7EC6 );
P( D, A, B, C, 0, 11, 0xEAA127FA ); P( local.D, local.A, local.B, local.C, 0, 11, 0xEAA127FA );
P( C, D, A, B, 3, 16, 0xD4EF3085 ); P( local.C, local.D, local.A, local.B, 3, 16, 0xD4EF3085 );
P( B, C, D, A, 6, 23, 0x04881D05 ); P( local.B, local.C, local.D, local.A, 6, 23, 0x04881D05 );
P( A, B, C, D, 9, 4, 0xD9D4D039 ); P( local.A, local.B, local.C, local.D, 9, 4, 0xD9D4D039 );
P( D, A, B, C, 12, 11, 0xE6DB99E5 ); P( local.D, local.A, local.B, local.C, 12, 11, 0xE6DB99E5 );
P( C, D, A, B, 15, 16, 0x1FA27CF8 ); P( local.C, local.D, local.A, local.B, 15, 16, 0x1FA27CF8 );
P( B, C, D, A, 2, 23, 0xC4AC5665 ); P( local.B, local.C, local.D, local.A, 2, 23, 0xC4AC5665 );
#undef F #undef F
#define F(x,y,z) ((y) ^ ((x) | ~(z))) #define F(x,y,z) ((y) ^ ((x) | ~(z)))
P( A, B, C, D, 0, 6, 0xF4292244 ); P( local.A, local.B, local.C, local.D, 0, 6, 0xF4292244 );
P( D, A, B, C, 7, 10, 0x432AFF97 ); P( local.D, local.A, local.B, local.C, 7, 10, 0x432AFF97 );
P( C, D, A, B, 14, 15, 0xAB9423A7 ); P( local.C, local.D, local.A, local.B, 14, 15, 0xAB9423A7 );
P( B, C, D, A, 5, 21, 0xFC93A039 ); P( local.B, local.C, local.D, local.A, 5, 21, 0xFC93A039 );
P( A, B, C, D, 12, 6, 0x655B59C3 ); P( local.A, local.B, local.C, local.D, 12, 6, 0x655B59C3 );
P( D, A, B, C, 3, 10, 0x8F0CCC92 ); P( local.D, local.A, local.B, local.C, 3, 10, 0x8F0CCC92 );
P( C, D, A, B, 10, 15, 0xFFEFF47D ); P( local.C, local.D, local.A, local.B, 10, 15, 0xFFEFF47D );
P( B, C, D, A, 1, 21, 0x85845DD1 ); P( local.B, local.C, local.D, local.A, 1, 21, 0x85845DD1 );
P( A, B, C, D, 8, 6, 0x6FA87E4F ); P( local.A, local.B, local.C, local.D, 8, 6, 0x6FA87E4F );
P( D, A, B, C, 15, 10, 0xFE2CE6E0 ); P( local.D, local.A, local.B, local.C, 15, 10, 0xFE2CE6E0 );
P( C, D, A, B, 6, 15, 0xA3014314 ); P( local.C, local.D, local.A, local.B, 6, 15, 0xA3014314 );
P( B, C, D, A, 13, 21, 0x4E0811A1 ); P( local.B, local.C, local.D, local.A, 13, 21, 0x4E0811A1 );
P( A, B, C, D, 4, 6, 0xF7537E82 ); P( local.A, local.B, local.C, local.D, 4, 6, 0xF7537E82 );
P( D, A, B, C, 11, 10, 0xBD3AF235 ); P( local.D, local.A, local.B, local.C, 11, 10, 0xBD3AF235 );
P( C, D, A, B, 2, 15, 0x2AD7D2BB ); P( local.C, local.D, local.A, local.B, 2, 15, 0x2AD7D2BB );
P( B, C, D, A, 9, 21, 0xEB86D391 ); P( local.B, local.C, local.D, local.A, 9, 21, 0xEB86D391 );
#undef F #undef F
ctx->state[0] += A; ctx->state[0] += local.A;
ctx->state[1] += B; ctx->state[1] += local.B;
ctx->state[2] += C; ctx->state[2] += local.C;
ctx->state[3] += D; ctx->state[3] += local.D;
/* Zeroise variables to clear sensitive data from memory. */ /* Zeroise variables to clear sensitive data from memory. */
mbedtls_platform_zeroize( &X, sizeof( X ) ); mbedtls_platform_zeroize( &local, sizeof( local ) );
mbedtls_platform_zeroize( &A, sizeof( A ) );
mbedtls_platform_zeroize( &B, sizeof( B ) );
mbedtls_platform_zeroize( &C, sizeof( C ) );
mbedtls_platform_zeroize( &D, sizeof( D ) );
return( 0 ); return( 0 );
} }

243
library/ripemd160.c
View File

@@ -119,30 +119,33 @@ void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx )
int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
const unsigned char data[64] ) const unsigned char data[64] )
{ {
uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; struct
{
uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
} local;
GET_UINT32_LE( X[ 0], data, 0 ); GET_UINT32_LE( local.X[ 0], data, 0 );
GET_UINT32_LE( X[ 1], data, 4 ); GET_UINT32_LE( local.X[ 1], data, 4 );
GET_UINT32_LE( X[ 2], data, 8 ); GET_UINT32_LE( local.X[ 2], data, 8 );
GET_UINT32_LE( X[ 3], data, 12 ); GET_UINT32_LE( local.X[ 3], data, 12 );
GET_UINT32_LE( X[ 4], data, 16 ); GET_UINT32_LE( local.X[ 4], data, 16 );
GET_UINT32_LE( X[ 5], data, 20 ); GET_UINT32_LE( local.X[ 5], data, 20 );
GET_UINT32_LE( X[ 6], data, 24 ); GET_UINT32_LE( local.X[ 6], data, 24 );
GET_UINT32_LE( X[ 7], data, 28 ); GET_UINT32_LE( local.X[ 7], data, 28 );
GET_UINT32_LE( X[ 8], data, 32 ); GET_UINT32_LE( local.X[ 8], data, 32 );
GET_UINT32_LE( X[ 9], data, 36 ); GET_UINT32_LE( local.X[ 9], data, 36 );
GET_UINT32_LE( X[10], data, 40 ); GET_UINT32_LE( local.X[10], data, 40 );
GET_UINT32_LE( X[11], data, 44 ); GET_UINT32_LE( local.X[11], data, 44 );
GET_UINT32_LE( X[12], data, 48 ); GET_UINT32_LE( local.X[12], data, 48 );
GET_UINT32_LE( X[13], data, 52 ); GET_UINT32_LE( local.X[13], data, 52 );
GET_UINT32_LE( X[14], data, 56 ); GET_UINT32_LE( local.X[14], data, 56 );
GET_UINT32_LE( X[15], data, 60 ); GET_UINT32_LE( local.X[15], data, 60 );
A = Ap = ctx->state[0]; local.A = local.Ap = ctx->state[0];
B = Bp = ctx->state[1]; local.B = local.Bp = ctx->state[1];
C = Cp = ctx->state[2]; local.C = local.Cp = ctx->state[2];
D = Dp = ctx->state[3]; local.D = local.Dp = ctx->state[3];
E = Ep = ctx->state[4]; local.E = local.Ep = ctx->state[4];
#define F1( x, y, z ) ( (x) ^ (y) ^ (z) ) #define F1( x, y, z ) ( (x) ^ (y) ^ (z) )
#define F2( x, y, z ) ( ( (x) & (y) ) | ( ~(x) & (z) ) ) #define F2( x, y, z ) ( ( (x) & (y) ) | ( ~(x) & (z) ) )
@@ -152,12 +155,12 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
#define S( x, n ) ( ( (x) << (n) ) | ( (x) >> (32 - (n)) ) ) #define S( x, n ) ( ( (x) << (n) ) | ( (x) >> (32 - (n)) ) )
#define P( a, b, c, d, e, r, s, f, k ) \ #define P( a, b, c, d, e, r, s, f, k ) \
do \ do \
{ \ { \
(a) += f( (b), (c), (d) ) + X[r] + (k); \ (a) += f( (b), (c), (d) ) + local.X[r] + (k); \
(a) = S( (a), (s) ) + (e); \ (a) = S( (a), (s) ) + (e); \
(c) = S( (c), 10 ); \ (c) = S( (c), 10 ); \
} while( 0 ) } while( 0 )
#define P2( a, b, c, d, e, r, s, rp, sp ) \ #define P2( a, b, c, d, e, r, s, rp, sp ) \
@@ -172,22 +175,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
#define K 0x00000000 #define K 0x00000000
#define Fp F5 #define Fp F5
#define Kp 0x50A28BE6 #define Kp 0x50A28BE6
P2( A, B, C, D, E, 0, 11, 5, 8 ); P2( local.A, local.B, local.C, local.D, local.E, 0, 11, 5, 8 );
P2( E, A, B, C, D, 1, 14, 14, 9 ); P2( local.E, local.A, local.B, local.C, local.D, 1, 14, 14, 9 );
P2( D, E, A, B, C, 2, 15, 7, 9 ); P2( local.D, local.E, local.A, local.B, local.C, 2, 15, 7, 9 );
P2( C, D, E, A, B, 3, 12, 0, 11 ); P2( local.C, local.D, local.E, local.A, local.B, 3, 12, 0, 11 );
P2( B, C, D, E, A, 4, 5, 9, 13 ); P2( local.B, local.C, local.D, local.E, local.A, 4, 5, 9, 13 );
P2( A, B, C, D, E, 5, 8, 2, 15 ); P2( local.A, local.B, local.C, local.D, local.E, 5, 8, 2, 15 );
P2( E, A, B, C, D, 6, 7, 11, 15 ); P2( local.E, local.A, local.B, local.C, local.D, 6, 7, 11, 15 );
P2( D, E, A, B, C, 7, 9, 4, 5 ); P2( local.D, local.E, local.A, local.B, local.C, 7, 9, 4, 5 );
P2( C, D, E, A, B, 8, 11, 13, 7 ); P2( local.C, local.D, local.E, local.A, local.B, 8, 11, 13, 7 );
P2( B, C, D, E, A, 9, 13, 6, 7 ); P2( local.B, local.C, local.D, local.E, local.A, 9, 13, 6, 7 );
P2( A, B, C, D, E, 10, 14, 15, 8 ); P2( local.A, local.B, local.C, local.D, local.E, 10, 14, 15, 8 );
P2( E, A, B, C, D, 11, 15, 8, 11 ); P2( local.E, local.A, local.B, local.C, local.D, 11, 15, 8, 11 );
P2( D, E, A, B, C, 12, 6, 1, 14 ); P2( local.D, local.E, local.A, local.B, local.C, 12, 6, 1, 14 );
P2( C, D, E, A, B, 13, 7, 10, 14 ); P2( local.C, local.D, local.E, local.A, local.B, 13, 7, 10, 14 );
P2( B, C, D, E, A, 14, 9, 3, 12 ); P2( local.B, local.C, local.D, local.E, local.A, 14, 9, 3, 12 );
P2( A, B, C, D, E, 15, 8, 12, 6 ); P2( local.A, local.B, local.C, local.D, local.E, 15, 8, 12, 6 );
#undef F #undef F
#undef K #undef K
#undef Fp #undef Fp
@@ -197,22 +200,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
#define K 0x5A827999 #define K 0x5A827999
#define Fp F4 #define Fp F4
#define Kp 0x5C4DD124 #define Kp 0x5C4DD124
P2( E, A, B, C, D, 7, 7, 6, 9 ); P2( local.E, local.A, local.B, local.C, local.D, 7, 7, 6, 9 );
P2( D, E, A, B, C, 4, 6, 11, 13 ); P2( local.D, local.E, local.A, local.B, local.C, 4, 6, 11, 13 );
P2( C, D, E, A, B, 13, 8, 3, 15 ); P2( local.C, local.D, local.E, local.A, local.B, 13, 8, 3, 15 );
P2( B, C, D, E, A, 1, 13, 7, 7 ); P2( local.B, local.C, local.D, local.E, local.A, 1, 13, 7, 7 );
P2( A, B, C, D, E, 10, 11, 0, 12 ); P2( local.A, local.B, local.C, local.D, local.E, 10, 11, 0, 12 );
P2( E, A, B, C, D, 6, 9, 13, 8 ); P2( local.E, local.A, local.B, local.C, local.D, 6, 9, 13, 8 );
P2( D, E, A, B, C, 15, 7, 5, 9 ); P2( local.D, local.E, local.A, local.B, local.C, 15, 7, 5, 9 );
P2( C, D, E, A, B, 3, 15, 10, 11 ); P2( local.C, local.D, local.E, local.A, local.B, 3, 15, 10, 11 );
P2( B, C, D, E, A, 12, 7, 14, 7 ); P2( local.B, local.C, local.D, local.E, local.A, 12, 7, 14, 7 );
P2( A, B, C, D, E, 0, 12, 15, 7 ); P2( local.A, local.B, local.C, local.D, local.E, 0, 12, 15, 7 );
P2( E, A, B, C, D, 9, 15, 8, 12 ); P2( local.E, local.A, local.B, local.C, local.D, 9, 15, 8, 12 );
P2( D, E, A, B, C, 5, 9, 12, 7 ); P2( local.D, local.E, local.A, local.B, local.C, 5, 9, 12, 7 );
P2( C, D, E, A, B, 2, 11, 4, 6 ); P2( local.C, local.D, local.E, local.A, local.B, 2, 11, 4, 6 );
P2( B, C, D, E, A, 14, 7, 9, 15 ); P2( local.B, local.C, local.D, local.E, local.A, 14, 7, 9, 15 );
P2( A, B, C, D, E, 11, 13, 1, 13 ); P2( local.A, local.B, local.C, local.D, local.E, 11, 13, 1, 13 );
P2( E, A, B, C, D, 8, 12, 2, 11 ); P2( local.E, local.A, local.B, local.C, local.D, 8, 12, 2, 11 );
#undef F #undef F
#undef K #undef K
#undef Fp #undef Fp
@@ -222,22 +225,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
#define K 0x6ED9EBA1 #define K 0x6ED9EBA1
#define Fp F3 #define Fp F3
#define Kp 0x6D703EF3 #define Kp 0x6D703EF3
P2( D, E, A, B, C, 3, 11, 15, 9 ); P2( local.D, local.E, local.A, local.B, local.C, 3, 11, 15, 9 );
P2( C, D, E, A, B, 10, 13, 5, 7 ); P2( local.C, local.D, local.E, local.A, local.B, 10, 13, 5, 7 );
P2( B, C, D, E, A, 14, 6, 1, 15 ); P2( local.B, local.C, local.D, local.E, local.A, 14, 6, 1, 15 );
P2( A, B, C, D, E, 4, 7, 3, 11 ); P2( local.A, local.B, local.C, local.D, local.E, 4, 7, 3, 11 );
P2( E, A, B, C, D, 9, 14, 7, 8 ); P2( local.E, local.A, local.B, local.C, local.D, 9, 14, 7, 8 );
P2( D, E, A, B, C, 15, 9, 14, 6 ); P2( local.D, local.E, local.A, local.B, local.C, 15, 9, 14, 6 );
P2( C, D, E, A, B, 8, 13, 6, 6 ); P2( local.C, local.D, local.E, local.A, local.B, 8, 13, 6, 6 );
P2( B, C, D, E, A, 1, 15, 9, 14 ); P2( local.B, local.C, local.D, local.E, local.A, 1, 15, 9, 14 );
P2( A, B, C, D, E, 2, 14, 11, 12 ); P2( local.A, local.B, local.C, local.D, local.E, 2, 14, 11, 12 );
P2( E, A, B, C, D, 7, 8, 8, 13 ); P2( local.E, local.A, local.B, local.C, local.D, 7, 8, 8, 13 );
P2( D, E, A, B, C, 0, 13, 12, 5 ); P2( local.D, local.E, local.A, local.B, local.C, 0, 13, 12, 5 );
P2( C, D, E, A, B, 6, 6, 2, 14 ); P2( local.C, local.D, local.E, local.A, local.B, 6, 6, 2, 14 );
P2( B, C, D, E, A, 13, 5, 10, 13 ); P2( local.B, local.C, local.D, local.E, local.A, 13, 5, 10, 13 );
P2( A, B, C, D, E, 11, 12, 0, 13 ); P2( local.A, local.B, local.C, local.D, local.E, 11, 12, 0, 13 );
P2( E, A, B, C, D, 5, 7, 4, 7 ); P2( local.E, local.A, local.B, local.C, local.D, 5, 7, 4, 7 );
P2( D, E, A, B, C, 12, 5, 13, 5 ); P2( local.D, local.E, local.A, local.B, local.C, 12, 5, 13, 5 );
#undef F #undef F
#undef K #undef K
#undef Fp #undef Fp
@@ -247,22 +250,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
#define K 0x8F1BBCDC #define K 0x8F1BBCDC
#define Fp F2 #define Fp F2
#define Kp 0x7A6D76E9 #define Kp 0x7A6D76E9
P2( C, D, E, A, B, 1, 11, 8, 15 ); P2( local.C, local.D, local.E, local.A, local.B, 1, 11, 8, 15 );
P2( B, C, D, E, A, 9, 12, 6, 5 ); P2( local.B, local.C, local.D, local.E, local.A, 9, 12, 6, 5 );
P2( A, B, C, D, E, 11, 14, 4, 8 ); P2( local.A, local.B, local.C, local.D, local.E, 11, 14, 4, 8 );
P2( E, A, B, C, D, 10, 15, 1, 11 ); P2( local.E, local.A, local.B, local.C, local.D, 10, 15, 1, 11 );
P2( D, E, A, B, C, 0, 14, 3, 14 ); P2( local.D, local.E, local.A, local.B, local.C, 0, 14, 3, 14 );
P2( C, D, E, A, B, 8, 15, 11, 14 ); P2( local.C, local.D, local.E, local.A, local.B, 8, 15, 11, 14 );
P2( B, C, D, E, A, 12, 9, 15, 6 ); P2( local.B, local.C, local.D, local.E, local.A, 12, 9, 15, 6 );
P2( A, B, C, D, E, 4, 8, 0, 14 ); P2( local.A, local.B, local.C, local.D, local.E, 4, 8, 0, 14 );
P2( E, A, B, C, D, 13, 9, 5, 6 ); P2( local.E, local.A, local.B, local.C, local.D, 13, 9, 5, 6 );
P2( D, E, A, B, C, 3, 14, 12, 9 ); P2( local.D, local.E, local.A, local.B, local.C, 3, 14, 12, 9 );
P2( C, D, E, A, B, 7, 5, 2, 12 ); P2( local.C, local.D, local.E, local.A, local.B, 7, 5, 2, 12 );
P2( B, C, D, E, A, 15, 6, 13, 9 ); P2( local.B, local.C, local.D, local.E, local.A, 15, 6, 13, 9 );
P2( A, B, C, D, E, 14, 8, 9, 12 ); P2( local.A, local.B, local.C, local.D, local.E, 14, 8, 9, 12 );
P2( E, A, B, C, D, 5, 6, 7, 5 ); P2( local.E, local.A, local.B, local.C, local.D, 5, 6, 7, 5 );
P2( D, E, A, B, C, 6, 5, 10, 15 ); P2( local.D, local.E, local.A, local.B, local.C, 6, 5, 10, 15 );
P2( C, D, E, A, B, 2, 12, 14, 8 ); P2( local.C, local.D, local.E, local.A, local.B, 2, 12, 14, 8 );
#undef F #undef F
#undef K #undef K
#undef Fp #undef Fp
@@ -272,46 +275,36 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
#define K 0xA953FD4E #define K 0xA953FD4E
#define Fp F1 #define Fp F1
#define Kp 0x00000000 #define Kp 0x00000000
P2( B, C, D, E, A, 4, 9, 12, 8 ); P2( local.B, local.C, local.D, local.E, local.A, 4, 9, 12, 8 );
P2( A, B, C, D, E, 0, 15, 15, 5 ); P2( local.A, local.B, local.C, local.D, local.E, 0, 15, 15, 5 );
P2( E, A, B, C, D, 5, 5, 10, 12 ); P2( local.E, local.A, local.B, local.C, local.D, 5, 5, 10, 12 );
P2( D, E, A, B, C, 9, 11, 4, 9 ); P2( local.D, local.E, local.A, local.B, local.C, 9, 11, 4, 9 );
P2( C, D, E, A, B, 7, 6, 1, 12 ); P2( local.C, local.D, local.E, local.A, local.B, 7, 6, 1, 12 );
P2( B, C, D, E, A, 12, 8, 5, 5 ); P2( local.B, local.C, local.D, local.E, local.A, 12, 8, 5, 5 );
P2( A, B, C, D, E, 2, 13, 8, 14 ); P2( local.A, local.B, local.C, local.D, local.E, 2, 13, 8, 14 );
P2( E, A, B, C, D, 10, 12, 7, 6 ); P2( local.E, local.A, local.B, local.C, local.D, 10, 12, 7, 6 );
P2( D, E, A, B, C, 14, 5, 6, 8 ); P2( local.D, local.E, local.A, local.B, local.C, 14, 5, 6, 8 );
P2( C, D, E, A, B, 1, 12, 2, 13 ); P2( local.C, local.D, local.E, local.A, local.B, 1, 12, 2, 13 );
P2( B, C, D, E, A, 3, 13, 13, 6 ); P2( local.B, local.C, local.D, local.E, local.A, 3, 13, 13, 6 );
P2( A, B, C, D, E, 8, 14, 14, 5 ); P2( local.A, local.B, local.C, local.D, local.E, 8, 14, 14, 5 );
P2( E, A, B, C, D, 11, 11, 0, 15 ); P2( local.E, local.A, local.B, local.C, local.D, 11, 11, 0, 15 );
P2( D, E, A, B, C, 6, 8, 3, 13 ); P2( local.D, local.E, local.A, local.B, local.C, 6, 8, 3, 13 );
P2( C, D, E, A, B, 15, 5, 9, 11 ); P2( local.C, local.D, local.E, local.A, local.B, 15, 5, 9, 11 );
P2( B, C, D, E, A, 13, 6, 11, 11 ); P2( local.B, local.C, local.D, local.E, local.A, 13, 6, 11, 11 );
#undef F #undef F
#undef K #undef K
#undef Fp #undef Fp
#undef Kp #undef Kp
C = ctx->state[1] + C + Dp; local.C = ctx->state[1] + local.C + local.Dp;
ctx->state[1] = ctx->state[2] + D + Ep; ctx->state[1] = ctx->state[2] + local.D + local.Ep;
ctx->state[2] = ctx->state[3] + E + Ap; ctx->state[2] = ctx->state[3] + local.E + local.Ap;
ctx->state[3] = ctx->state[4] + A + Bp; ctx->state[3] = ctx->state[4] + local.A + local.Bp;
ctx->state[4] = ctx->state[0] + B + Cp; ctx->state[4] = ctx->state[0] + local.B + local.Cp;
ctx->state[0] = C; ctx->state[0] = local.C;
/* Zeroise variables to clear sensitive data from memory. */ /* Zeroise variables to clear sensitive data from memory. */
mbedtls_platform_zeroize( &A, sizeof( A ) ); mbedtls_platform_zeroize( &local, sizeof( local ) );
mbedtls_platform_zeroize( &B, sizeof( B ) );
mbedtls_platform_zeroize( &C, sizeof( C ) );
mbedtls_platform_zeroize( &D, sizeof( D ) );
mbedtls_platform_zeroize( &E, sizeof( E ) );
mbedtls_platform_zeroize( &Ap, sizeof( Ap ) );
mbedtls_platform_zeroize( &Bp, sizeof( Bp ) );
mbedtls_platform_zeroize( &Cp, sizeof( Cp ) );
mbedtls_platform_zeroize( &Dp, sizeof( Dp ) );
mbedtls_platform_zeroize( &Ep, sizeof( Ep ) );
mbedtls_platform_zeroize( &X, sizeof( X ) );
return( 0 ); return( 0 );
} }

233
library/sha1.c
View File

@@ -127,35 +127,40 @@ void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] ) const unsigned char data[64] )
{ {
uint32_t temp, W[16], A, B, C, D, E; struct
{
uint32_t temp, W[16], A, B, C, D, E;
} local;
SHA1_VALIDATE_RET( ctx != NULL ); SHA1_VALIDATE_RET( ctx != NULL );
SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); SHA1_VALIDATE_RET( (const unsigned char *)data != NULL );
GET_UINT32_BE( W[ 0], data, 0 ); GET_UINT32_BE( local.W[ 0], data, 0 );
GET_UINT32_BE( W[ 1], data, 4 ); GET_UINT32_BE( local.W[ 1], data, 4 );
GET_UINT32_BE( W[ 2], data, 8 ); GET_UINT32_BE( local.W[ 2], data, 8 );
GET_UINT32_BE( W[ 3], data, 12 ); GET_UINT32_BE( local.W[ 3], data, 12 );
GET_UINT32_BE( W[ 4], data, 16 ); GET_UINT32_BE( local.W[ 4], data, 16 );
GET_UINT32_BE( W[ 5], data, 20 ); GET_UINT32_BE( local.W[ 5], data, 20 );
GET_UINT32_BE( W[ 6], data, 24 ); GET_UINT32_BE( local.W[ 6], data, 24 );
GET_UINT32_BE( W[ 7], data, 28 ); GET_UINT32_BE( local.W[ 7], data, 28 );
GET_UINT32_BE( W[ 8], data, 32 ); GET_UINT32_BE( local.W[ 8], data, 32 );
GET_UINT32_BE( W[ 9], data, 36 ); GET_UINT32_BE( local.W[ 9], data, 36 );
GET_UINT32_BE( W[10], data, 40 ); GET_UINT32_BE( local.W[10], data, 40 );
GET_UINT32_BE( W[11], data, 44 ); GET_UINT32_BE( local.W[11], data, 44 );
GET_UINT32_BE( W[12], data, 48 ); GET_UINT32_BE( local.W[12], data, 48 );
GET_UINT32_BE( W[13], data, 52 ); GET_UINT32_BE( local.W[13], data, 52 );
GET_UINT32_BE( W[14], data, 56 ); GET_UINT32_BE( local.W[14], data, 56 );
GET_UINT32_BE( W[15], data, 60 ); GET_UINT32_BE( local.W[15], data, 60 );
#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
#define R(t) \ #define R(t) \
( \ ( \
temp = W[( (t) - 3 ) & 0x0F] ^ W[( (t) - 8 ) & 0x0F] ^ \ local.temp = local.W[( (t) - 3 ) & 0x0F] ^ \
W[( (t) - 14 ) & 0x0F] ^ W[ (t) & 0x0F], \ local.W[( (t) - 8 ) & 0x0F] ^ \
( W[(t) & 0x0F] = S(temp,1) ) \ local.W[( (t) - 14 ) & 0x0F] ^ \
local.W[ (t) & 0x0F], \
( local.W[(t) & 0x0F] = S(local.temp,1) ) \
) )
#define P(a,b,c,d,e,x) \ #define P(a,b,c,d,e,x) \
@@ -165,35 +170,35 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
(b) = S((b),30); \ (b) = S((b),30); \
} while( 0 ) } while( 0 )
A = ctx->state[0]; local.A = ctx->state[0];
B = ctx->state[1]; local.B = ctx->state[1];
C = ctx->state[2]; local.C = ctx->state[2];
D = ctx->state[3]; local.D = ctx->state[3];
E = ctx->state[4]; local.E = ctx->state[4];
#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) #define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define K 0x5A827999 #define K 0x5A827999
P( A, B, C, D, E, W[0] ); P( local.A, local.B, local.C, local.D, local.E, local.W[0] );
P( E, A, B, C, D, W[1] ); P( local.E, local.A, local.B, local.C, local.D, local.W[1] );
P( D, E, A, B, C, W[2] ); P( local.D, local.E, local.A, local.B, local.C, local.W[2] );
P( C, D, E, A, B, W[3] ); P( local.C, local.D, local.E, local.A, local.B, local.W[3] );
P( B, C, D, E, A, W[4] ); P( local.B, local.C, local.D, local.E, local.A, local.W[4] );
P( A, B, C, D, E, W[5] ); P( local.A, local.B, local.C, local.D, local.E, local.W[5] );
P( E, A, B, C, D, W[6] ); P( local.E, local.A, local.B, local.C, local.D, local.W[6] );
P( D, E, A, B, C, W[7] ); P( local.D, local.E, local.A, local.B, local.C, local.W[7] );
P( C, D, E, A, B, W[8] ); P( local.C, local.D, local.E, local.A, local.B, local.W[8] );
P( B, C, D, E, A, W[9] ); P( local.B, local.C, local.D, local.E, local.A, local.W[9] );
P( A, B, C, D, E, W[10] ); P( local.A, local.B, local.C, local.D, local.E, local.W[10] );
P( E, A, B, C, D, W[11] ); P( local.E, local.A, local.B, local.C, local.D, local.W[11] );
P( D, E, A, B, C, W[12] ); P( local.D, local.E, local.A, local.B, local.C, local.W[12] );
P( C, D, E, A, B, W[13] ); P( local.C, local.D, local.E, local.A, local.B, local.W[13] );
P( B, C, D, E, A, W[14] ); P( local.B, local.C, local.D, local.E, local.A, local.W[14] );
P( A, B, C, D, E, W[15] ); P( local.A, local.B, local.C, local.D, local.E, local.W[15] );
P( E, A, B, C, D, R(16) ); P( local.E, local.A, local.B, local.C, local.D, R(16) );
P( D, E, A, B, C, R(17) ); P( local.D, local.E, local.A, local.B, local.C, R(17) );
P( C, D, E, A, B, R(18) ); P( local.C, local.D, local.E, local.A, local.B, R(18) );
P( B, C, D, E, A, R(19) ); P( local.B, local.C, local.D, local.E, local.A, R(19) );
#undef K #undef K
#undef F #undef F
@@ -201,26 +206,26 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
#define F(x,y,z) ((x) ^ (y) ^ (z)) #define F(x,y,z) ((x) ^ (y) ^ (z))
#define K 0x6ED9EBA1 #define K 0x6ED9EBA1
P( A, B, C, D, E, R(20) ); P( local.A, local.B, local.C, local.D, local.E, R(20) );
P( E, A, B, C, D, R(21) ); P( local.E, local.A, local.B, local.C, local.D, R(21) );
P( D, E, A, B, C, R(22) ); P( local.D, local.E, local.A, local.B, local.C, R(22) );
P( C, D, E, A, B, R(23) ); P( local.C, local.D, local.E, local.A, local.B, R(23) );
P( B, C, D, E, A, R(24) ); P( local.B, local.C, local.D, local.E, local.A, R(24) );
P( A, B, C, D, E, R(25) ); P( local.A, local.B, local.C, local.D, local.E, R(25) );
P( E, A, B, C, D, R(26) ); P( local.E, local.A, local.B, local.C, local.D, R(26) );
P( D, E, A, B, C, R(27) ); P( local.D, local.E, local.A, local.B, local.C, R(27) );
P( C, D, E, A, B, R(28) ); P( local.C, local.D, local.E, local.A, local.B, R(28) );
P( B, C, D, E, A, R(29) ); P( local.B, local.C, local.D, local.E, local.A, R(29) );
P( A, B, C, D, E, R(30) ); P( local.A, local.B, local.C, local.D, local.E, R(30) );
P( E, A, B, C, D, R(31) ); P( local.E, local.A, local.B, local.C, local.D, R(31) );
P( D, E, A, B, C, R(32) ); P( local.D, local.E, local.A, local.B, local.C, R(32) );
P( C, D, E, A, B, R(33) ); P( local.C, local.D, local.E, local.A, local.B, R(33) );
P( B, C, D, E, A, R(34) ); P( local.B, local.C, local.D, local.E, local.A, R(34) );
P( A, B, C, D, E, R(35) ); P( local.A, local.B, local.C, local.D, local.E, R(35) );
P( E, A, B, C, D, R(36) ); P( local.E, local.A, local.B, local.C, local.D, R(36) );
P( D, E, A, B, C, R(37) ); P( local.D, local.E, local.A, local.B, local.C, R(37) );
P( C, D, E, A, B, R(38) ); P( local.C, local.D, local.E, local.A, local.B, R(38) );
P( B, C, D, E, A, R(39) ); P( local.B, local.C, local.D, local.E, local.A, R(39) );
#undef K #undef K
#undef F #undef F
@@ -228,26 +233,26 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
#define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) #define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define K 0x8F1BBCDC #define K 0x8F1BBCDC
P( A, B, C, D, E, R(40) ); P( local.A, local.B, local.C, local.D, local.E, R(40) );
P( E, A, B, C, D, R(41) ); P( local.E, local.A, local.B, local.C, local.D, R(41) );
P( D, E, A, B, C, R(42) ); P( local.D, local.E, local.A, local.B, local.C, R(42) );
P( C, D, E, A, B, R(43) ); P( local.C, local.D, local.E, local.A, local.B, R(43) );
P( B, C, D, E, A, R(44) ); P( local.B, local.C, local.D, local.E, local.A, R(44) );
P( A, B, C, D, E, R(45) ); P( local.A, local.B, local.C, local.D, local.E, R(45) );
P( E, A, B, C, D, R(46) ); P( local.E, local.A, local.B, local.C, local.D, R(46) );
P( D, E, A, B, C, R(47) ); P( local.D, local.E, local.A, local.B, local.C, R(47) );
P( C, D, E, A, B, R(48) ); P( local.C, local.D, local.E, local.A, local.B, R(48) );
P( B, C, D, E, A, R(49) ); P( local.B, local.C, local.D, local.E, local.A, R(49) );
P( A, B, C, D, E, R(50) ); P( local.A, local.B, local.C, local.D, local.E, R(50) );
P( E, A, B, C, D, R(51) ); P( local.E, local.A, local.B, local.C, local.D, R(51) );
P( D, E, A, B, C, R(52) ); P( local.D, local.E, local.A, local.B, local.C, R(52) );
P( C, D, E, A, B, R(53) ); P( local.C, local.D, local.E, local.A, local.B, R(53) );
P( B, C, D, E, A, R(54) ); P( local.B, local.C, local.D, local.E, local.A, R(54) );
P( A, B, C, D, E, R(55) ); P( local.A, local.B, local.C, local.D, local.E, R(55) );
P( E, A, B, C, D, R(56) ); P( local.E, local.A, local.B, local.C, local.D, R(56) );
P( D, E, A, B, C, R(57) ); P( local.D, local.E, local.A, local.B, local.C, R(57) );
P( C, D, E, A, B, R(58) ); P( local.C, local.D, local.E, local.A, local.B, R(58) );
P( B, C, D, E, A, R(59) ); P( local.B, local.C, local.D, local.E, local.A, R(59) );
#undef K #undef K
#undef F #undef F
@@ -255,44 +260,38 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
#define F(x,y,z) ((x) ^ (y) ^ (z)) #define F(x,y,z) ((x) ^ (y) ^ (z))
#define K 0xCA62C1D6 #define K 0xCA62C1D6
P( A, B, C, D, E, R(60) ); P( local.A, local.B, local.C, local.D, local.E, R(60) );
P( E, A, B, C, D, R(61) ); P( local.E, local.A, local.B, local.C, local.D, R(61) );
P( D, E, A, B, C, R(62) ); P( local.D, local.E, local.A, local.B, local.C, R(62) );
P( C, D, E, A, B, R(63) ); P( local.C, local.D, local.E, local.A, local.B, R(63) );
P( B, C, D, E, A, R(64) ); P( local.B, local.C, local.D, local.E, local.A, R(64) );
P( A, B, C, D, E, R(65) ); P( local.A, local.B, local.C, local.D, local.E, R(65) );
P( E, A, B, C, D, R(66) ); P( local.E, local.A, local.B, local.C, local.D, R(66) );
P( D, E, A, B, C, R(67) ); P( local.D, local.E, local.A, local.B, local.C, R(67) );
P( C, D, E, A, B, R(68) ); P( local.C, local.D, local.E, local.A, local.B, R(68) );
P( B, C, D, E, A, R(69) ); P( local.B, local.C, local.D, local.E, local.A, R(69) );
P( A, B, C, D, E, R(70) ); P( local.A, local.B, local.C, local.D, local.E, R(70) );
P( E, A, B, C, D, R(71) ); P( local.E, local.A, local.B, local.C, local.D, R(71) );
P( D, E, A, B, C, R(72) ); P( local.D, local.E, local.A, local.B, local.C, R(72) );
P( C, D, E, A, B, R(73) ); P( local.C, local.D, local.E, local.A, local.B, R(73) );
P( B, C, D, E, A, R(74) ); P( local.B, local.C, local.D, local.E, local.A, R(74) );
P( A, B, C, D, E, R(75) ); P( local.A, local.B, local.C, local.D, local.E, R(75) );
P( E, A, B, C, D, R(76) ); P( local.E, local.A, local.B, local.C, local.D, R(76) );
P( D, E, A, B, C, R(77) ); P( local.D, local.E, local.A, local.B, local.C, R(77) );
P( C, D, E, A, B, R(78) ); P( local.C, local.D, local.E, local.A, local.B, R(78) );
P( B, C, D, E, A, R(79) ); P( local.B, local.C, local.D, local.E, local.A, R(79) );
#undef K #undef K
#undef F #undef F
ctx->state[0] += A; ctx->state[0] += local.A;
ctx->state[1] += B; ctx->state[1] += local.B;
ctx->state[2] += C; ctx->state[2] += local.C;
ctx->state[3] += D; ctx->state[3] += local.D;
ctx->state[4] += E; ctx->state[4] += local.E;
/* Zeroise buffers and variables to clear sensitive data from memory. */ /* Zeroise buffers and variables to clear sensitive data from memory. */
mbedtls_platform_zeroize( &A, sizeof( A ) ); mbedtls_platform_zeroize( &local, sizeof( local ) );
mbedtls_platform_zeroize( &B, sizeof( B ) );
mbedtls_platform_zeroize( &C, sizeof( C ) );
mbedtls_platform_zeroize( &D, sizeof( D ) );
mbedtls_platform_zeroize( &E, sizeof( E ) );
mbedtls_platform_zeroize( &W, sizeof( W ) );
mbedtls_platform_zeroize( &temp, sizeof( temp ) );
return( 0 ); return( 0 );
} }

99
library/sha256.c
View File

@@ -181,83 +181,104 @@ static const uint32_t K[] =
#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) #define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) #define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define R(t) \ #define R(t) \
( \ ( \
W[t] = S1(W[(t) - 2]) + W[(t) - 7] + \ local.W[t] = S1(local.W[(t) - 2]) + local.W[(t) - 7] + \
S0(W[(t) - 15]) + W[(t) - 16] \ S0(local.W[(t) - 15]) + local.W[(t) - 16] \
) )
#define P(a,b,c,d,e,f,g,h,x,K) \ #define P(a,b,c,d,e,f,g,h,x,K) \
do \ do \
{ \ { \
temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \ local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
temp2 = S2(a) + F0((a),(b),(c)); \ local.temp2 = S2(a) + F0((a),(b),(c)); \
(d) += temp1; (h) = temp1 + temp2; \ (d) += local.temp1; (h) = local.temp1 + local.temp2; \
} while( 0 ) } while( 0 )
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] ) const unsigned char data[64] )
{ {
uint32_t temp1, temp2, W[64]; struct
uint32_t A[8]; {
uint32_t temp1, temp2, W[64];
uint32_t A[8];
} local;
unsigned int i; unsigned int i;
SHA256_VALIDATE_RET( ctx != NULL ); SHA256_VALIDATE_RET( ctx != NULL );
SHA256_VALIDATE_RET( (const unsigned char *)data != NULL ); SHA256_VALIDATE_RET( (const unsigned char *)data != NULL );
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
A[i] = ctx->state[i]; local.A[i] = ctx->state[i];
#if defined(MBEDTLS_SHA256_SMALLER) #if defined(MBEDTLS_SHA256_SMALLER)
for( i = 0; i < 64; i++ ) for( i = 0; i < 64; i++ )
{ {
if( i < 16 ) if( i < 16 )
GET_UINT32_BE( W[i], data, 4 * i ); GET_UINT32_BE( local.W[i], data, 4 * i );
else else
R( i ); R( i );
P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] ); P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
local.A[5], local.A[6], local.A[7], local.W[i], K[i] );
temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3]; local.temp1 = local.A[7]; local.A[7] = local.A[6];
A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1; local.A[6] = local.A[5]; local.A[5] = local.A[4];
local.A[4] = local.A[3]; local.A[3] = local.A[2];
local.A[2] = local.A[1]; local.A[1] = local.A[0];
local.A[0] = local.temp1;
} }
#else /* MBEDTLS_SHA256_SMALLER */ #else /* MBEDTLS_SHA256_SMALLER */
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
GET_UINT32_BE( W[i], data, 4 * i ); GET_UINT32_BE( local.W[i], data, 4 * i );
for( i = 0; i < 16; i += 8 ) for( i = 0; i < 16; i += 8 )
{ {
P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i+0], K[i+0] ); P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i+1], K[i+1] ); local.A[5], local.A[6], local.A[7], local.W[i+0], K[i+0] );
P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i+2], K[i+2] ); P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i+3], K[i+3] ); local.A[4], local.A[5], local.A[6], local.W[i+1], K[i+1] );
P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i+4], K[i+4] ); P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i+5], K[i+5] ); local.A[3], local.A[4], local.A[5], local.W[i+2], K[i+2] );
P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i+6], K[i+6] ); P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i+7], K[i+7] ); local.A[2], local.A[3], local.A[4], local.W[i+3], K[i+3] );
P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
local.A[1], local.A[2], local.A[3], local.W[i+4], K[i+4] );
P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
local.A[0], local.A[1], local.A[2], local.W[i+5], K[i+5] );
P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
local.A[7], local.A[0], local.A[1], local.W[i+6], K[i+6] );
P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
local.A[6], local.A[7], local.A[0], local.W[i+7], K[i+7] );
} }
for( i = 16; i < 64; i += 8 ) for( i = 16; i < 64; i += 8 )
{ {
P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], R(i+0), K[i+0] ); P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], R(i+1), K[i+1] ); local.A[5], local.A[6], local.A[7], R(i+0), K[i+0] );
P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], R(i+2), K[i+2] ); P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], R(i+3), K[i+3] ); local.A[4], local.A[5], local.A[6], R(i+1), K[i+1] );
P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], R(i+4), K[i+4] ); P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], R(i+5), K[i+5] ); local.A[3], local.A[4], local.A[5], R(i+2), K[i+2] );
P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], R(i+6), K[i+6] ); P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], R(i+7), K[i+7] ); local.A[2], local.A[3], local.A[4], R(i+3), K[i+3] );
P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
local.A[1], local.A[2], local.A[3], R(i+4), K[i+4] );
P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
local.A[0], local.A[1], local.A[2], R(i+5), K[i+5] );
P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
local.A[7], local.A[0], local.A[1], R(i+6), K[i+6] );
P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
local.A[6], local.A[7], local.A[0], R(i+7), K[i+7] );
} }
#endif /* MBEDTLS_SHA256_SMALLER */ #endif /* MBEDTLS_SHA256_SMALLER */
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
ctx->state[i] += A[i]; ctx->state[i] += local.A[i];
/* Zeroise buffers and variables to clear sensitive data from memory. */ /* Zeroise buffers and variables to clear sensitive data from memory. */
mbedtls_platform_zeroize( &A, sizeof( A ) ); mbedtls_platform_zeroize( &local, sizeof( local ) );
mbedtls_platform_zeroize( &W, sizeof( W ) );
mbedtls_platform_zeroize( &temp1, sizeof( temp1 ) );
mbedtls_platform_zeroize( &temp2, sizeof( temp2 ) );
return( 0 ); return( 0 );
} }

74
library/sha512.c
View File

@@ -234,8 +234,11 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
const unsigned char data[128] ) const unsigned char data[128] )
{ {
int i; int i;
uint64_t temp1, temp2, W[80]; struct
uint64_t A[8]; {
uint64_t temp1, temp2, W[80];
uint64_t A[8];
} local;
SHA512_VALIDATE_RET( ctx != NULL ); SHA512_VALIDATE_RET( ctx != NULL );
SHA512_VALIDATE_RET( (const unsigned char *)data != NULL ); SHA512_VALIDATE_RET( (const unsigned char *)data != NULL );
@@ -252,70 +255,79 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) #define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) #define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define P(a,b,c,d,e,f,g,h,x,K) \ #define P(a,b,c,d,e,f,g,h,x,K) \
do \ do \
{ \ { \
temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \ local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
temp2 = S2(a) + F0((a),(b),(c)); \ local.temp2 = S2(a) + F0((a),(b),(c)); \
(d) += temp1; (h) = temp1 + temp2; \ (d) += local.temp1; (h) = local.temp1 + local.temp2; \
} while( 0 ) } while( 0 )
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
A[i] = ctx->state[i]; local.A[i] = ctx->state[i];
#if defined(MBEDTLS_SHA512_SMALLER) #if defined(MBEDTLS_SHA512_SMALLER)
for( i = 0; i < 80; i++ ) for( i = 0; i < 80; i++ )
{ {
if( i < 16 ) if( i < 16 )
{ {
GET_UINT64_BE( W[i], data, i << 3 ); GET_UINT64_BE( local.W[i], data, i << 3 );
} }
else else
{ {
W[i] = S1(W[i - 2]) + W[i - 7] + local.W[i] = S1(local.W[i - 2]) + local.W[i - 7] +
S0(W[i - 15]) + W[i - 16]; S0(local.W[i - 15]) + local.W[i - 16];
} }
P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] ); P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
local.A[5], local.A[6], local.A[7], local.W[i], K[i] );
temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3]; local.temp1 = local.A[7]; local.A[7] = local.A[6];
A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1; local.A[6] = local.A[5]; local.A[5] = local.A[4];
local.A[4] = local.A[3]; local.A[3] = local.A[2];
local.A[2] = local.A[1]; local.A[1] = local.A[0];
local.A[0] = local.temp1;
} }
#else /* MBEDTLS_SHA512_SMALLER */ #else /* MBEDTLS_SHA512_SMALLER */
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
{ {
GET_UINT64_BE( W[i], data, i << 3 ); GET_UINT64_BE( local.W[i], data, i << 3 );
} }
for( ; i < 80; i++ ) for( ; i < 80; i++ )
{ {
W[i] = S1(W[i - 2]) + W[i - 7] + local.W[i] = S1(local.W[i - 2]) + local.W[i - 7] +
S0(W[i - 15]) + W[i - 16]; S0(local.W[i - 15]) + local.W[i - 16];
} }
i = 0; i = 0;
do do
{ {
P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] ); i++; P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i], K[i] ); i++; local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); i++;
P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i], K[i] ); i++; P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i], K[i] ); i++; local.A[4], local.A[5], local.A[6], local.W[i], K[i] ); i++;
P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i], K[i] ); i++; P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i], K[i] ); i++; local.A[3], local.A[4], local.A[5], local.W[i], K[i] ); i++;
P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i], K[i] ); i++; P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i], K[i] ); i++; local.A[2], local.A[3], local.A[4], local.W[i], K[i] ); i++;
P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
local.A[1], local.A[2], local.A[3], local.W[i], K[i] ); i++;
P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
local.A[0], local.A[1], local.A[2], local.W[i], K[i] ); i++;
P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
local.A[7], local.A[0], local.A[1], local.W[i], K[i] ); i++;
P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
local.A[6], local.A[7], local.A[0], local.W[i], K[i] ); i++;
} }
while( i < 80 ); while( i < 80 );
#endif /* MBEDTLS_SHA512_SMALLER */ #endif /* MBEDTLS_SHA512_SMALLER */
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
ctx->state[i] += A[i]; ctx->state[i] += local.A[i];
/* Zeroise buffers and variables to clear sensitive data from memory. */ /* Zeroise buffers and variables to clear sensitive data from memory. */
mbedtls_platform_zeroize( &A, sizeof( A ) ); mbedtls_platform_zeroize( &local, sizeof( local ) );
mbedtls_platform_zeroize( &W, sizeof( W ) );
mbedtls_platform_zeroize( &temp1, sizeof( temp1 ) );
mbedtls_platform_zeroize( &temp2, sizeof( temp2 ) );
return( 0 ); return( 0 );
} }