diff --git a/sys/crypto/sha256.c b/sys/crypto/sha256.c
index 098bf649e573d74c5b6e50a8d0a2ebe8f34e3ed2..1723a629c5e6d791a997a0c545361542abdb14fa 100644
--- a/sys/crypto/sha256.c
+++ b/sys/crypto/sha256.c
@@ -33,29 +33,25 @@
#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
/* Copy a vector of big-endian uint32_t into a vector of bytes */
-#define be32enc_vect(dst, src, len) \
- memcpy((void *)dst, (const void *)src, (size_t)len)
+#define be32enc_vect memcpy
/* Copy a vector of bytes into a vector of big-endian uint32_t */
-#define be32dec_vect(dst, src, len) \
- memcpy((void *)dst, (const void *)src, (size_t)len)
+#define be32dec_vect memcpy
#else /* __BYTE_ORDER__ != __ORDER_BIG_ENDIAN__ */
static void be32enc(void *pp, uint32_t u)
{
- unsigned char *p = (unsigned char *) pp;
-
+ unsigned char *p = pp;
p[0] = (u >> 24) & 0xff;
p[1] = (u >> 16) & 0xff;
- p[2] = (u >> 8) & 0xff;
- p[3] = u & 0xff;
+ p[2] = (u >> 8) & 0xff;
+ p[3] = (u >> 0) & 0xff;
}
static uint32_t be32dec(const void *pp)
{
- unsigned char const *p = (unsigned char const *) pp;
-
+ unsigned char const *p = pp;
return ((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
}
@@ -65,9 +61,7 @@ static uint32_t be32dec(const void *pp)
*/
static void be32enc_vect(unsigned char *dst, const uint32_t *src, size_t len)
{
- size_t i;
-
- for (i = 0; i < len / 4; i++) {
+ for (size_t i = 0; i < len / 4; i++) {
be32enc(dst + i * 4, src[i]);
}
}
@@ -78,9 +72,7 @@ static void be32enc_vect(unsigned char *dst, const uint32_t *src, size_t len)
*/
static void be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len)
{
- size_t i;
-
- for (i = 0; i < len / 4; i++) {
+ for (size_t i = 0; i < len / 4; i++) {
dst[i] = be32dec(src + i * 4);
}
}
@@ -97,22 +89,7 @@ static void be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len)
#define s0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHR(x, 3))
#define s1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHR(x, 10))
-/* SHA256 round function */
-#define RND(a, b, c, d, e, f, g, h, k) \
- t0 = h + S1(e) + Ch(e, f, g) + k; \
- t1 = S0(a) + Maj(a, b, c); \
- d += t0; \
- h = t0 + t1;
-
-/* Adjusted round function for rotating state */
-#define RNDr(S, W, i, k) \
- RND(S[(64 - i) % 8], S[(65 - i) % 8], \
- S[(66 - i) % 8], S[(67 - i) % 8], \
- S[(68 - i) % 8], S[(69 - i) % 8], \
- S[(70 - i) % 8], S[(71 - i) % 8], \
- W[i] + k)
-
-static const uint32_t ks[64] = {
+static const uint32_t K[64] = {
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
@@ -139,13 +116,10 @@ static void SHA256_Transform(uint32_t *state, const unsigned char block[64])
{
uint32_t W[64];
uint32_t S[8];
- uint32_t t0, t1;
- int i;
/* 1. Prepare message schedule W. */
be32dec_vect(W, block, 64);
-
- for (i = 16; i < 64; i++) {
+ for (int i = 16; i < 64; i++) {
W[i] = s1(W[i - 2]) + W[i - 7] + s0(W[i - 15]) + W[i - 16];
}
@@ -153,36 +127,45 @@ static void SHA256_Transform(uint32_t *state, const unsigned char block[64])
memcpy(S, state, 32);
/* 3. Mix. */
- for (i = 0; i < 64; ++i) {
- RNDr(S, W, i, ks[i]);
+ for (int i = 0; i < 64; ++i) {
+ uint32_t e = S[(68 - i) % 8], f = S[(69 - i) % 8];
+ uint32_t g = S[(70 - i) % 8], h = S[(71 - i) % 8];
+ uint32_t t0 = h + S1(e) + Ch(e, f, g) + W[i] + K[i];
+
+ uint32_t a = S[(64 - i) % 8], b = S[(65 - i) % 8];
+ uint32_t c = S[(66 - i) % 8], d = S[(67 - i) % 8];
+ uint32_t t1 = S0(a) + Maj(a, b, c);
+
+ S[(67 - i) % 8] = d + t0;
+ S[(71 - i) % 8] = t0 + t1;
}
/* 4. Mix local working variables into global state */
- for (i = 0; i < 8; i++) {
+ for (int i = 0; i < 8; i++) {
state[i] += S[i];
}
}
-static unsigned char PAD[64] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0 };
+static unsigned char PAD[64] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+};
/* Add padding and terminating bit-count. */
static void SHA256_Pad(SHA256_CTX *ctx)
{
- unsigned char len[8];
- uint32_t r, plen;
-
/*
* Convert length to a vector of bytes -- we do this now rather
* than later because the length will change after we pad.
*/
+ unsigned char len[8];
be32enc_vect(len, ctx->count, 8);
/* Add 1--64 bytes so that the resulting length is 56 mod 64 */
- r = (ctx->count[1] >> 3) & 0x3f;
- plen = (r < 56) ? (56 - r) : (120 - r);
+ uint32_t r = (ctx->count[1] >> 3) & 0x3f;
+ uint32_t plen = (r < 56) ? (56 - r) : (120 - r);
SHA256_Update(ctx, PAD, (size_t) plen);
/* Add the terminating bit-count */
@@ -192,7 +175,6 @@ static void SHA256_Pad(SHA256_CTX *ctx)
/* SHA-256 initialization. Begins a SHA-256 operation. */
void SHA256_Init(SHA256_CTX *ctx)
{
-
/* Zero bits processed so far */
ctx->count[0] = ctx->count[1] = 0;
@@ -210,31 +192,29 @@ void SHA256_Init(SHA256_CTX *ctx)
/* Add bytes into the hash */
void SHA256_Update(SHA256_CTX *ctx, const void *in, size_t len)
{
- uint32_t bitlen[2];
- uint32_t r;
- const unsigned char *src = in;
-
/* Number of bytes left in the buffer from previous updates */
- r = (ctx->count[1] >> 3) & 0x3f;
+ uint32_t r = (ctx->count[1] >> 3) & 0x3f;
/* Convert the length into a number of bits */
- bitlen[1] = ((uint32_t) len) << 3;
- bitlen[0] = (uint32_t)(len >> 29);
+ uint32_t bitlen1 = ((uint32_t) len) << 3;
+ uint32_t bitlen0 = ((uint32_t) len) >> 29;
/* Update number of bits */
- if ((ctx->count[1] += bitlen[1]) < bitlen[1]) {
+ if ((ctx->count[1] += bitlen1) < bitlen1) {
ctx->count[0]++;
}
- ctx->count[0] += bitlen[0];
+ ctx->count[0] += bitlen0;
/* Handle the case where we don't need to perform any transforms */
if (len < 64 - r) {
- memcpy(&ctx->buf[r], src, len);
+ memcpy(&ctx->buf[r], in, len);
return;
}
/* Finish the current block */
+ const unsigned char *src = in;
+
memcpy(&ctx->buf[r], src, 64 - r);
SHA256_Transform(ctx->state, ctx->buf);
src += 64 - r;
@@ -257,7 +237,6 @@ void SHA256_Update(SHA256_CTX *ctx, const void *in, size_t len)
*/
void SHA256_Final(unsigned char digest[32], SHA256_CTX *ctx)
{
-
/* Add padding */
SHA256_Pad(ctx);