/* * Copyright (c) 2019 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef included_sha2_h #define included_sha2_h #include #define SHA224_DIGEST_SIZE 28 #define SHA224_BLOCK_SIZE 64 #define SHA256_DIGEST_SIZE 32 #define SHA256_BLOCK_SIZE 64 #define SHA256_ROTR(x, y) ((x >> y) | (x << (32 - y))) #define SHA256_CH(a, b, c) ((a & b) ^ (~a & c)) #define SHA256_MAJ(a, b, c) ((a & b) ^ (a & c) ^ (b & c)) #define SHA256_CSIGMA0(x) (SHA256_ROTR(x, 2) ^ \ SHA256_ROTR(x, 13) ^ \ SHA256_ROTR(x, 22)); #define SHA256_CSIGMA1(x) (SHA256_ROTR(x, 6) ^ \ SHA256_ROTR(x, 11) ^ \ SHA256_ROTR(x, 25)); #define SHA256_SSIGMA0(x) (SHA256_ROTR (x, 7) ^ \ SHA256_ROTR (x, 18) ^ \ (x >> 3)) #define SHA256_SSIGMA1(x) (SHA256_ROTR (x, 17) ^ \ SHA256_ROTR (x, 19) ^ \ (x >> 10)) #define SHA256_MSG_SCHED(w, j) \ { \ w[j] = w[j - 7] + w[j - 16]; \ w[j] += SHA256_SSIGMA0 (w[j - 15]); \ w[j] += SHA256_SSIGMA1 (w[j - 2]); \ } #define SHA256_TRANSFORM(s, w, i, k) \ { \ __typeof__(s[0]) t1, t2; \ t1 = k + w[i] + s[7]; \ t1 += SHA256_CSIGMA1 (s[4]); \ t1 += SHA256_CH (s[4], s[5], s[6]); \ t2 = SHA256_CSIGMA0 (s[0]); \ t2 += SHA256_MAJ (s[0], s[1], s[2]); \ s[7] = s[6]; \ s[6] = s[5]; \ s[5] = s[4]; \ s[4] = s[3] + t1; \ s[3] = s[2]; \ s[2] = s[1]; \ s[1] = s[0]; \ s[0] = t1 + t2; \ } #define SHA512_224_DIGEST_SIZE 28 #define SHA512_224_BLOCK_SIZE 128 #define SHA512_256_DIGEST_SIZE 32 #define SHA512_256_BLOCK_SIZE 128 #define SHA384_DIGEST_SIZE 48 #define SHA384_BLOCK_SIZE 128 #define SHA512_DIGEST_SIZE 64 #define SHA512_BLOCK_SIZE 128 #define SHA512_ROTR(x, y) ((x >> y) | (x << (64 - y))) #define SHA512_CH(a, b, c) ((a & b) ^ (~a & c)) #define SHA512_MAJ(a, b, c) ((a & b) ^ (a & c) ^ (b & c)) #define SHA512_CSIGMA0(x) (SHA512_ROTR (x, 28) ^ \ SHA512_ROTR (x, 34) ^ \ SHA512_ROTR (x, 39)) #define SHA512_CSIGMA1(x) (SHA512_ROTR (x, 14) ^ \ SHA512_ROTR (x, 18) ^ \ SHA512_ROTR (x, 41)) #define SHA512_SSIGMA0(x) (SHA512_ROTR (x, 1) ^ \ SHA512_ROTR (x, 8) ^ \ (x >> 7)) #define SHA512_SSIGMA1(x) (SHA512_ROTR (x, 19) ^ \ SHA512_ROTR (x, 61) ^ \ (x >> 6)) #define SHA512_MSG_SCHED(w, j) \ { \ w[j] = w[j - 7] + w[j - 16]; \ w[j] += SHA512_SSIGMA0 (w[j - 15]); \ w[j] += SHA512_SSIGMA1 (w[j - 2]); \ } #define SHA512_TRANSFORM(s, w, i, k) \ { \ __typeof__(s[0]) t1, t2; \ t1 = k + w[i] + s[7]; \ t1 += SHA512_CSIGMA1 (s[4]); \ t1 += SHA512_CH (s[4], s[5], s[6]); \ t2 = SHA512_CSIGMA0 (s[0]); \ t2 += SHA512_MAJ (s[0], s[1], s[2]); \ s[7] = s[6]; \ s[6] = s[5]; \ s[5] = s[4]; \ s[4] = s[3] + t1; \ s[3] = s[2]; \ s[2] = s[1]; \ s[1] = s[0]; \ s[0] = t1 + t2; \ } static const u32 sha224_h[8] = { 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4 }; static const u32 sha256_h[8] = { 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 }; static const u32 sha256_k[64] = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 }; static const u64 sha384_h[8] = { 0xcbbb9d5dc1059ed8, 0x629a292a367cd507, 0x9159015a3070dd17, 0x152fecd8f70e5939, 0x67332667ffc00b31, 0x8eb44a8768581511, 0xdb0c2e0d64f98fa7, 0x47b5481dbefa4fa4 }; static const u64 sha512_h[8] = { 0x6a09e667f3bcc908, 0xbb67ae8584caa73b, 0x3c6ef372fe94f82b, 0xa54ff53a5f1d36f1, 0x510e527fade682d1, 0x9b05688c2b3e6c1f, 0x1f83d9abfb41bd6b, 0x5be0cd19137e2179 }; static const u64 sha512_224_h[8] = { 0x8c3d37c819544da2, 0x73e1996689dcd4d6, 0x1dfab7ae32ff9c82, 0x679dd514582f9fcf, 0x0f6d2b697bd44da8, 0x77e36f7304c48942, 0x3f9d85a86a1d36c8, 0x1112e6ad91d692a1 }; static const u64 sha512_256_h[8] = { 0x22312194fc2bf
/*
 * Copyright (c) 2015 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
vxlan_error (DECAPSULATED, "good packets decapsulated")
vxlan_error (NO_SUCH_TUNNEL, "no such tunnel packets")
vxlan_error (BAD_FLAGS, "packets with bad flags field in vxlan header")
clib_sha2_init (ctx, type); n_words = ctx->block_size / sizeof (uword); /* key */ if (key_len > ctx->block_size) { /* key is longer than block, calculate hash of key */ clib_sha2_update (ctx, key, key_len); for (i = (ctx->digest_size / sizeof (uword)) / 2; i < n_words; i++) key_data[i] = 0; clib_sha2_final (ctx, (u8 *) key_data); clib_sha2_init (ctx, type); } else { for (i = 0; i < n_words; i++) key_data[i] = 0; clib_memcpy_fast (key_data, key, key_len); } /* ipad */ for (i = 0; i < n_words; i++) ctx->pending.as_uword[i] = key_data[i] ^ (uword) 0x3636363636363636; if (ctx->block_size == SHA512_BLOCK_SIZE) clib_sha512_block (ctx, ctx->pending.as_u8, 1); else clib_sha256_block (ctx, ctx->pending.as_u8, 1); ctx->total_bytes += ctx->block_size; /* message */ clib_sha2_update (ctx, msg, len); clib_sha2_final (ctx, i_digest); /* opad */ clib_sha2_init (ctx, type); for (i = 0; i < n_words; i++) ctx->pending.as_uword[i] = key_data[i] ^ (uword) 0x5c5c5c5c5c5c5c5c; if (ctx->block_size == SHA512_BLOCK_SIZE) clib_sha512_block (ctx, ctx->pending.as_u8, 1); else clib_sha256_block (ctx, ctx->pending.as_u8, 1); ctx->total_bytes += ctx->block_size; /* digest */ clib_sha2_update (ctx, i_digest, ctx->digest_size); clib_sha2_final (ctx, digest); } #define clib_hmac_sha224(...) clib_hmac_sha2 (CLIB_SHA2_224, __VA_ARGS__) #define clib_hmac_sha256(...) clib_hmac_sha2 (CLIB_SHA2_256, __VA_ARGS__) #define clib_hmac_sha384(...) clib_hmac_sha2 (CLIB_SHA2_384, __VA_ARGS__) #define clib_hmac_sha512(...) clib_hmac_sha2 (CLIB_SHA2_512, __VA_ARGS__) #define clib_hmac_sha512_224(...) clib_hmac_sha2 (CLIB_SHA2_512_224, __VA_ARGS__) #define clib_hmac_sha512_256(...) clib_hmac_sha2 (CLIB_SHA2_512_256, __VA_ARGS__) #endif /* included_sha2_h */ /* * fd.io coding-style-patch-verification: ON * * Local Variables: * eval: (c-set-style "gnu") * End: */