Home Explore Help
Sign In
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
csu3_am335x
/
EVSE
/
GPL
/
php-8.1.12
/
ext
/
hash
/
hash_sha3.c

hash_sha3.c 10 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354 
  1. /*
    2. 

  2.    +----------------------------------------------------------------------+
    3. 

  3.    | Copyright (c) The PHP Group                                          |
    4. 

  4.    +----------------------------------------------------------------------+
    5. 

  5.    | This source file is subject to version 3.01 of the PHP license,      |
    6. 

  6.    | that is bundled with this package in the file LICENSE, and is        |
    7. 

  7.    | available through the world-wide-web at the following url:           |
    8. 

  8.    | https://www.php.net/license/3_01.txt                                 |
    9. 

  9.    | If you did not receive a copy of the PHP license and are unable to   |
    10. 

  10.    | obtain it through the world-wide-web, please send a note to          |
    11. 

  11.    | license@php.net so we can mail you a copy immediately.               |
    12. 

  12.    +----------------------------------------------------------------------+
    13. 

  13.    | Author: Sara Golemon <pollita@php.net>                               |
    14. 

  14.    +----------------------------------------------------------------------+
    15. 

  15. */
    16. 

  16. 

  17. #include "php_hash.h"
    18. 

  18. #include "php_hash_sha3.h"
    19. 

  19. 

  20. #ifdef HAVE_SLOW_HASH3
    21. 

  21. // ================= slow algo ==============================================
    22. 

  22. 

  23. #if (defined(__APPLE__) || defined(__APPLE_CC__)) && \
    24. 

  24.     (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__))
    25. 

  25. # if defined(__LITTLE_ENDIAN__)
    26. 

  26. #  undef WORDS_BIGENDIAN
    27. 

  27. # else
    28. 

  28. #  if defined(__BIG_ENDIAN__)
    29. 

  29. #   define WORDS_BIGENDIAN
    30. 

  30. #  endif
    31. 

  31. # endif
    32. 

  32. #endif
    33. 

  33. 

  34. static inline uint64_t rol64(uint64_t v, unsigned char b) {
    35. 

  35. 	return (v << b) | (v >> (64 - b));
    36. 

  36. }
    37. 

  37. static inline unsigned char idx(unsigned char x, unsigned char y) {
    38. 

  38. 	return x + (5 * y);
    39. 

  39. }
    40. 

  40. 

  41. #ifdef WORDS_BIGENDIAN
    42. 

  42. static inline uint64_t load64(const unsigned char* x) {
    43. 

  43. 	signed char i;
    44. 

  44. 	uint64_t ret = 0;
    45. 

  45. 	for (i = 7; i >= 0; --i) {
    46. 

  46. 		ret <<= 8;
    47. 

  47. 		ret |= x[i];
    48. 

  48. 	}
    49. 

  49. 	return ret;
    50. 

  50. }
    51. 

  51. static inline void store64(unsigned char* x, uint64_t val) {
    52. 

  52. 	size_t i;
    53. 

  53. 	for (i = 0; i < 8; ++i) {
    54. 

  54. 		x[i] = val & 0xFF;
    55. 

  55. 		val >>= 8;
    56. 

  56. 	}
    57. 

  57. }
    58. 

  58. static inline void xor64(unsigned char* x, uint64_t val) {
    59. 

  59. 	size_t i;
    60. 

  60. 	for (i = 0; i < 8; ++i) {
    61. 

  61. 		x[i] ^= val & 0xFF;
    62. 

  62. 		val >>= 8;
    63. 

  63. 	}
    64. 

  64. }
    65. 

  65. # define readLane(x, y)     load64(ctx->state+sizeof(uint64_t)*idx(x, y))
    66. 

  66. # define writeLane(x, y, v) store64(ctx->state+sizeof(uint64_t)*idx(x, y), v)
    67. 

  67. # define XORLane(x, y, v)   xor64(ctx->state+sizeof(uint64_t)*idx(x, y), v)
    68. 

  68. #else
    69. 

  69. # define readLane(x, y)     (((uint64_t*)ctx->state)[idx(x,y)])
    70. 

  70. # define writeLane(x, y, v) (((uint64_t*)ctx->state)[idx(x,y)] = v)
    71. 

  71. # define XORLane(x, y, v)   (((uint64_t*)ctx->state)[idx(x,y)] ^= v)
    72. 

  72. #endif
    73. 

  73. 

  74. static inline char LFSR86540(unsigned char* pLFSR)
    75. 

  75. {
    76. 

  76. 	unsigned char LFSR = *pLFSR;
    77. 

  77. 	char result = LFSR & 0x01;
    78. 

  78. 	if (LFSR & 0x80) {
    79. 

  79. 		// Primitive polynomial over GF(2): x^8+x^6+x^5+x^4+1
    80. 

  80. 		LFSR = (LFSR << 1) ^ 0x71;
    81. 

  81. 	} else {
    82. 

  82. 		LFSR <<= 1;
    83. 

  83. 	}
    84. 

  84. 	*pLFSR = LFSR;
    85. 

  85. 	return result;
    86. 

  86. }
    87. 

  87. 

  88. static void permute(PHP_SHA3_CTX* ctx) {
    89. 

  89. 	unsigned char LFSRstate = 0x01;
    90. 

  90. 	unsigned char round;
    91. 

  91. 

  92. 	for (round = 0; round < 24; ++round) {
    93. 

  93. 		{ // Theta step (see [Keccak Reference, Section 2.3.2])
    94. 

  94. 			uint64_t C[5], D;
    95. 

  95. 			unsigned char x, y;
    96. 

  96. 			for (x = 0; x < 5; ++x) {
    97. 

  97. 				C[x] = readLane(x, 0) ^ readLane(x, 1) ^
    98. 

  98. 				readLane(x, 2) ^ readLane(x, 3) ^ readLane(x, 4);
    99. 

  99. 			}
    100. 

  100. 			for (x = 0; x < 5; ++x) {
    101. 

  101. 				D = C[(x+4)%5] ^ rol64(C[(x+1)%5], 1);
    102. 

  102. 				for (y = 0; y < 5; ++y) {
    103. 

  103. 					XORLane(x, y, D);
    104. 

  104. 				}
    105. 

  105. 			}
    106. 

  106. 		}
    107. 

  107. 

  108. 		{ // p and Pi steps (see [Keccak Reference, Sections 2.3.3 and 2.3.4])
    109. 

  109. 			unsigned char x = 1, y = 0, t;
    110. 

  110. 			uint64_t current = readLane(x, y);
    111. 

  111. 			for (t = 0; t < 24; ++t) {
    112. 

  112. 				unsigned char r = ((t + 1) * (t + 2) / 2) % 64;
    113. 

  113. 				unsigned char Y = (2*x + 3*y) % 5;
    114. 

  114. 				uint64_t temp;
    115. 

  115. 				x = y;
    116. 

  116. 				y = Y;
    117. 

  117. 				temp = readLane(x, y);
    118. 

  118. 				writeLane(x, y, rol64(current, r));
    119. 

  119. 				current = temp;
    120. 

  120. 			}
    121. 

  121. 		}
    122. 

  122. 

  123. 		{ // X step (see [Keccak Reference, Section 2.3.1])
    124. 

  124. 			unsigned char x, y;
    125. 

  125. 			for (y = 0; y < 5; ++y) {
    126. 

  126. 				uint64_t temp[5];
    127. 

  127. 				for (x = 0; x < 5; ++x) {
    128. 

  128. 					temp[x] = readLane(x, y);
    129. 

  129. 				}
    130. 

  130. 				for (x = 0; x < 5; ++x) {
    131. 

  131. 					writeLane(x, y, temp[x] ^((~temp[(x+1)%5]) & temp[(x+2)%5]));
    132. 

  132. 				}
    133. 

  133. 			}
    134. 

  134. 		}
    135. 

  135. 

  136. 		{ // i step (see [Keccak Reference, Section 2.3.5])
    137. 

  137. 			unsigned char j;
    138. 

  138. 			for (j = 0; j < 7; ++j) {
    139. 

  139. 				if (LFSR86540(&LFSRstate)) {
    140. 

  140. 					uint64_t bitPos = (1<<j) - 1;
    141. 

  141. 					XORLane(0, 0, (uint64_t)1 << bitPos);
    142. 

  142. 				}
    143. 

  143. 			}
    144. 

  144. 		}
    145. 

  145. 	}
    146. 

  146. }
    147. 

  147. 

  148. // ==========================================================================
    149. 

  149. 

  150. static void PHP_SHA3_Init(PHP_SHA3_CTX* ctx,
    151. 

  151.                           int bits) {
    152. 

  152. 	memset(ctx, 0, sizeof(PHP_SHA3_CTX));
    153. 

  153. }
    154. 

  154. 

  155. static void PHP_SHA3_Update(PHP_SHA3_CTX* ctx,
    156. 

  156.                             const unsigned char* buf,
    157. 

  157.                             size_t count,
    158. 

  158.                             size_t block_size) {
    159. 

  159. 	while (count > 0) {
    160. 

  160. 		size_t len = block_size - ctx->pos;
    161. 

  161. 

  162. 		if (len > count) {
    163. 

  163. 			len = count;
    164. 

  164. 		}
    165. 

  165. 

  166. 		count -= len;
    167. 

  167. 

  168. 		while (len-- > 0) {
    169. 

  169. 			ctx->state[ctx->pos++] ^= *(buf++);
    170. 

  170. 		}
    171. 

  171. 

  172. 		if (ctx->pos >= block_size) {
    173. 

  173. 			permute(ctx);
    174. 

  174. 			ctx->pos = 0;
    175. 

  175. 		}
    176. 

  176. 	}
    177. 

  177. }
    178. 

  178. 

  179. static void PHP_SHA3_Final(unsigned char* digest,
    180. 

  180.                            PHP_SHA3_CTX* ctx,
    181. 

  181.                            size_t block_size,
    182. 

  182.                            size_t digest_size) {
    183. 

  183. 	size_t len = digest_size;
    184. 

  184. 

  185. 	// Pad state to finalize
    186. 

  186. 	ctx->state[ctx->pos++] ^= 0x06;
    187. 

  187. 	ctx->state[block_size-1] ^= 0x80;
    188. 

  188. 	permute(ctx);
    189. 

  189. 

  190. 	// Square output for digest
    191. 

  191. 	for(;;) {
    192. 

  192. 		int bs = (len < block_size) ? len : block_size;
    193. 

  193. 		memcpy(digest, ctx->state, bs);
    194. 

  194. 		digest += bs;
    195. 

  195. 		len -= bs;
    196. 

  196. 		if (!len) break;
    197. 

  197. 		permute(ctx);
    198. 

  198. 	}
    199. 

  199. 

  200. 	// Zero out context
    201. 

  201. 	ZEND_SECURE_ZERO(ctx, sizeof(PHP_SHA3_CTX));
    202. 

  202. }
    203. 

  203. 

  204. static int php_sha3_unserialize(php_hashcontext_object *hash,
    205. 

  205. 				zend_long magic,
    206. 

  206. 				const zval *zv,
    207. 

  207. 				size_t block_size)
    208. 

  208. {
    209. 

  209. 	PHP_SHA3_CTX *ctx = (PHP_SHA3_CTX *) hash->context;
    210. 

  210. 	int r = FAILURE;
    211. 

  211. 	if (magic == PHP_HASH_SERIALIZE_MAGIC_SPEC
    212. 

  212. 		&& (r = php_hash_unserialize_spec(hash, zv, PHP_SHA3_SPEC)) == SUCCESS
    213. 

  213. 		&& ctx->pos < block_size) {
    214. 

  214. 		return SUCCESS;
    215. 

  215. 	} else {
    216. 

  216. 		return r != SUCCESS ? r : -2000;
    217. 

  217. 	}
    218. 

  218. }
    219. 

  219. 

  220. // ==========================================================================
    221. 

  221. 

  222. #define DECLARE_SHA3_OPS(bits) \
    223. 

  223. void PHP_SHA3##bits##Init(PHP_SHA3_##bits##_CTX* ctx, ZEND_ATTRIBUTE_UNUSED HashTable *args) { \
    224. 

  224. 	PHP_SHA3_Init(ctx, bits); \
    225. 

  225. } \
    226. 

  226. void PHP_SHA3##bits##Update(PHP_SHA3_##bits##_CTX* ctx, \
    227. 

  227.                             const unsigned char* input, \
    228. 

  228.                             size_t inputLen) { \
    229. 

  229. 	PHP_SHA3_Update(ctx, input, inputLen, \
    230. 

  230.                     (1600 - (2 * bits)) >> 3); \
    231. 

  231. } \
    232. 

  232. void PHP_SHA3##bits##Final(unsigned char* digest, \
    233. 

  233.                            PHP_SHA3_##bits##_CTX* ctx) { \
    234. 

  234. 	PHP_SHA3_Final(digest, ctx, \
    235. 

  235.                    (1600 - (2 * bits)) >> 3, \
    236. 

  236.                    bits >> 3); \
    237. 

  237. } \
    238. 

  238. static int php_sha3##bits##_unserialize(php_hashcontext_object *hash, \
    239. 

  239. 					zend_long magic, \
    240. 

  240. 					const zval *zv) { \
    241. 

  241. 	return php_sha3_unserialize(hash, magic, zv, (1600 - (2 * bits)) >> 3); \
    242. 

  242. } \
    243. 

  243. const php_hash_ops php_hash_sha3_##bits##_ops = { \
    244. 

  244. 	"sha3-" #bits, \
    245. 

  245. 	(php_hash_init_func_t) PHP_SHA3##bits##Init, \
    246. 

  246. 	(php_hash_update_func_t) PHP_SHA3##bits##Update, \
    247. 

  247. 	(php_hash_final_func_t) PHP_SHA3##bits##Final, \
    248. 

  248. 	php_hash_copy, \
    249. 

  249. 	php_hash_serialize, \
    250. 

  250. 	php_sha3##bits##_unserialize, \
    251. 

  251. 	PHP_SHA3_SPEC, \
    252. 

  252. 	bits >> 3, \
    253. 

  253. 	(1600 - (2 * bits)) >> 3, \
    254. 

  254. 	sizeof(PHP_SHA3_##bits##_CTX), \
    255. 

  255. 	1 \
    256. 

  256. }
    257. 

  257. 

  258. #else
    259. 

  259. 

  260. // ================= fast algo ==============================================
    261. 

  261. 

  262. #define SUCCESS SHA3_SUCCESS /* Avoid conflict between KeccacHash.h and zend_types.h */
    263. 

  263. #include "KeccakHash.h"
    264. 

  264. 

  265. /* KECCAK SERIALIZATION
    266. 

  266. 

  267.    Keccak_HashInstance consists of:
    268. 

  268. 	KeccakWidth1600_SpongeInstance {
    269. 

  269. 		unsigned char state[200];
    270. 

  270. 		unsigned int rate;         -- fixed for digest size
    271. 

  271. 		unsigned int byteIOIndex;  -- in range [0, rate/8)
    272. 

  272. 		int squeezing;             -- 0 normally, 1 only during finalize
    273. 

  273. 	} sponge;
    274. 

  274. 	unsigned int fixedOutputLength;    -- fixed for digest size
    275. 

  275. 	unsigned char delimitedSuffix;     -- fixed for digest size
    276. 

  276. 

  277.    NB If the external sha3/ library is updated, the serialization code
    278. 

  278.    may need to be updated.
    279. 

  279. 

  280.    The simpler SHA3 code's serialization states are not interchangeable with
    281. 

  281.    Keccak. Furthermore, the Keccak sponge state is sensitive to architecture
    282. 

  282.    -- 32-bit and 64-bit implementations produce different states. It does not
    283. 

  283.    appear that the state is sensitive to endianness. */
    284. 

  284. 

  285. #if Keccak_HashInstance_ImplType == 64
    286. 

  286. /* corresponds to sha3/generic64lc */
    287. 

  287. # define PHP_HASH_SERIALIZE_MAGIC_KECCAK 100
    288. 

  288. #elif Keccak_HashInstance_ImplType == 32
    289. 

  289. /* corresponds to sha3/generic32lc */
    290. 

  290. # define PHP_HASH_SERIALIZE_MAGIC_KECCAK 101
    291. 

  291. #else
    292. 

  292. # error "Unknown Keccak_HashInstance_ImplType"
    293. 

  293. #endif
    294. 

  294. #define PHP_KECCAK_SPEC "b200IiIIB"
    295. 

  295. 

  296. static int php_keccak_serialize(const php_hashcontext_object *hash, zend_long *magic, zval *zv)
    297. 

  297. {
    298. 

  298. 	*magic = PHP_HASH_SERIALIZE_MAGIC_KECCAK;
    299. 

  299. 	return php_hash_serialize_spec(hash, zv, PHP_KECCAK_SPEC);
    300. 

  300. }
    301. 

  301. 

  302. static int php_keccak_unserialize(php_hashcontext_object *hash, zend_long magic, const zval *zv)
    303. 

  303. {
    304. 

  304. 	Keccak_HashInstance *ctx = (Keccak_HashInstance *) hash->context;
    305. 

  305. 	int r = FAILURE;
    306. 

  306. 	if (magic == PHP_HASH_SERIALIZE_MAGIC_KECCAK
    307. 

  307. 		&& (r = php_hash_unserialize_spec(hash, zv, PHP_KECCAK_SPEC)) == SUCCESS
    308. 

  308. 		&& ctx->sponge.byteIOIndex < ctx->sponge.rate / 8) {
    309. 

  309. 		return SUCCESS;
    310. 

  310. 	} else {
    311. 

  311. 		return r != SUCCESS ? r : -2000;
    312. 

  312. 	}
    313. 

  313. }
    314. 

  314. 

  315. // ==========================================================================
    316. 

  316. 

  317. #define DECLARE_SHA3_OPS(bits) \
    318. 

  318. void PHP_SHA3##bits##Init(PHP_SHA3_##bits##_CTX* ctx, ZEND_ATTRIBUTE_UNUSED HashTable *args) { \
    319. 

  319. 	ZEND_ASSERT(sizeof(Keccak_HashInstance) <= sizeof(PHP_SHA3_##bits##_CTX)); \
    320. 

  320. 	Keccak_HashInitialize_SHA3_##bits((Keccak_HashInstance *)ctx); \
    321. 

  321. } \
    322. 

  322. void PHP_SHA3##bits##Update(PHP_SHA3_##bits##_CTX* ctx, \
    323. 

  323.                             const unsigned char* input, \
    324. 

  324.                             size_t inputLen) { \
    325. 

  325. 	Keccak_HashUpdate((Keccak_HashInstance *)ctx, input, inputLen * 8); \
    326. 

  326. } \
    327. 

  327. void PHP_SHA3##bits##Final(unsigned char* digest, \
    328. 

  328.                            PHP_SHA3_##bits##_CTX* ctx) { \
    329. 

  329. 	Keccak_HashFinal((Keccak_HashInstance *)ctx, digest); \
    330. 

  330. } \
    331. 

  331. const php_hash_ops php_hash_sha3_##bits##_ops = { \
    332. 

  332. 	"sha3-" #bits, \
    333. 

  333. 	(php_hash_init_func_t) PHP_SHA3##bits##Init, \
    334. 

  334. 	(php_hash_update_func_t) PHP_SHA3##bits##Update, \
    335. 

  335. 	(php_hash_final_func_t) PHP_SHA3##bits##Final, \
    336. 

  336. 	php_hash_copy, \
    337. 

  337. 	php_keccak_serialize, \
    338. 

  338. 	php_keccak_unserialize, \
    339. 

  339. 	PHP_KECCAK_SPEC, \
    340. 

  340. 	bits >> 3, \
    341. 

  341. 	(1600 - (2 * bits)) >> 3, \
    342. 

  342. 	sizeof(PHP_SHA3_CTX), \
    343. 

  343. 	1 \
    344. 

  344. }
    345. 

  345. 

  346. #endif
    347. 

  347. // ================= both algo ==============================================
    348. 

  348. 

  349. DECLARE_SHA3_OPS(224);
    350. 

  350. DECLARE_SHA3_OPS(256);
    351. 

  351. DECLARE_SHA3_OPS(384);
    352. 

  352. DECLARE_SHA3_OPS(512);
    353. 

  353. 

  354. #undef DECLARE_SHA3_OPS
    355.