Public Types |
Public Member Functions |
Static Public Member Functions |
Static Public Attributes |
List of all members
Botan::SHA_1 Class Referencefinal
#include <sha1.h>
Inheritance diagram for Botan::SHA_1:
Public Types | |
| using | digest_type = secure_vector<uint32_t> |
Public Member Functions | |
| void | clear () override |
| HashFunction * | clone () const |
| std::unique_ptr< HashFunction > | copy_state () const override |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | final () |
| void | final (std::span< uint8_t > out) |
| template<concepts::resizable_byte_buffer T> | |
| void | final (T &out) |
| void | final (uint8_t out[]) |
| std::vector< uint8_t > | final_stdvec () |
| size_t | hash_block_size () const override |
| std::string | name () const override |
| std::unique_ptr< HashFunction > | new_object () const override |
| size_t | output_length () const override |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | process (const uint8_t in[], size_t length) |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | process (std::span< const uint8_t > in) |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | process (std::string_view in) |
| std::string | provider () const override |
| void | update (const uint8_t in[], size_t length) |
| void | update (std::span< const uint8_t > in) |
| void | update (std::string_view str) |
| void | update (uint8_t in) |
| void | update_be (uint16_t val) |
| void | update_be (uint32_t val) |
| void | update_be (uint64_t val) |
| void | update_le (uint16_t val) |
| void | update_le (uint32_t val) |
| void | update_le (uint64_t val) |
Static Public Member Functions | |
| static void | compress_n (digest_type &digest, std::span< const uint8_t > input, size_t blocks) |
| static std::unique_ptr< HashFunction > | create (std::string_view algo_spec, std::string_view provider="") |
| static std::unique_ptr< HashFunction > | create_or_throw (std::string_view algo_spec, std::string_view provider="") |
| static void | init (digest_type &digest) |
| static std::vector< std::string > | providers (std::string_view algo_spec) |
| static void | sha1_armv8_compress_n (digest_type &digest, std::span< const uint8_t > blocks, size_t block_count) |
| static void | sha1_compress_x86 (digest_type &digest, std::span< const uint8_t > blocks, size_t block_count) |
Static Public Attributes | |
| static constexpr MD_Endian | bit_endianness = MD_Endian::Big |
| static constexpr size_t | block_bytes = 64 |
| static constexpr MD_Endian | byte_endianness = MD_Endian::Big |
| static constexpr size_t | ctr_bytes = 8 |
| static constexpr size_t | output_bytes = 20 |
Detailed Description
Member Typedef Documentation
◆ digest_type
| using Botan::SHA_1::digest_type = secure_vector<uint32_t> |
Member Function Documentation
◆ clear()
|
inlineoverridevirtual |
Reset the state.
Implements Botan::HashFunction.
Definition at line 44 of file sha1.h.
44{ m_md.clear(); }
◆ clone()
|
inlineinherited |
- Returns
- new object representing the same algorithm as *this
Definition at line 85 of file hash.h.
virtual std::unique_ptr< HashFunction > new_object() const =0
References new_object().
◆ compress_n()
|
static |
Definition at line 25 of file sha1.cpp.
25 {
26 using namespace SHA1_F;
27
28#if defined(BOTAN_HAS_SHA1_X86_SHA_NI)
31 }
32#endif
33
34#if defined(BOTAN_HAS_SHA1_ARMV8)
37 }
38#endif
39
40#if defined(BOTAN_HAS_SHA1_AVX2)
42 return avx2_compress_n(digest, input, blocks);
43 }
44#endif
45
46#if defined(BOTAN_HAS_SHA1_SIMD_4X32)
48 return simd_compress_n(digest, input, blocks);
49 }
50#endif
51
52 uint32_t A = digest[0];
53 uint32_t B = digest[1];
54 uint32_t C = digest[2];
55 uint32_t D = digest[3];
56 uint32_t E = digest[4];
57 std::array<uint32_t, 80> W{};
59
60 BufferSlicer in(input);
61
62 for(size_t i = 0; i != blocks; ++i) {
64
65 // clang-format off
66
67 for(size_t j = 16; j != 80; j += 8) {
68 W[j + 0] = rotl<1>(W[j - 3] ^ W[j - 8] ^ W[j - 14] ^ W[j - 16]);
69 W[j + 1] = rotl<1>(W[j - 2] ^ W[j - 7] ^ W[j - 13] ^ W[j - 15]);
70 W[j + 2] = rotl<1>(W[j - 1] ^ W[j - 6] ^ W[j - 12] ^ W[j - 14]);
71 W[j + 3] = rotl<1>(W[j ] ^ W[j - 5] ^ W[j - 11] ^ W[j - 13]);
72 W[j + 4] = rotl<1>(W[j + 1] ^ W[j - 4] ^ W[j - 10] ^ W[j - 12]);
73 W[j + 5] = rotl<1>(W[j + 2] ^ W[j - 3] ^ W[j - 9] ^ W[j - 11]);
74 W[j + 6] = rotl<1>(W[j + 3] ^ W[j - 2] ^ W[j - 8] ^ W[j - 10]);
75 W[j + 7] = rotl<1>(W[j + 4] ^ W[j - 1] ^ W[j - 7] ^ W[j - 9]);
76 }
77
78 // clang-format on
79
80 F1(A, B, C, D, E, W[0] + K1);
81 F1(E, A, B, C, D, W[1] + K1);
82 F1(D, E, A, B, C, W[2] + K1);
83 F1(C, D, E, A, B, W[3] + K1);
84 F1(B, C, D, E, A, W[4] + K1);
85 F1(A, B, C, D, E, W[5] + K1);
86 F1(E, A, B, C, D, W[6] + K1);
87 F1(D, E, A, B, C, W[7] + K1);
88 F1(C, D, E, A, B, W[8] + K1);
89 F1(B, C, D, E, A, W[9] + K1);
90 F1(A, B, C, D, E, W[10] + K1);
91 F1(E, A, B, C, D, W[11] + K1);
92 F1(D, E, A, B, C, W[12] + K1);
93 F1(C, D, E, A, B, W[13] + K1);
94 F1(B, C, D, E, A, W[14] + K1);
95 F1(A, B, C, D, E, W[15] + K1);
96 F1(E, A, B, C, D, W[16] + K1);
97 F1(D, E, A, B, C, W[17] + K1);
98 F1(C, D, E, A, B, W[18] + K1);
99 F1(B, C, D, E, A, W[19] + K1);
100
101 F2(A, B, C, D, E, W[20] + K2);
102 F2(E, A, B, C, D, W[21] + K2);
103 F2(D, E, A, B, C, W[22] + K2);
104 F2(C, D, E, A, B, W[23] + K2);
105 F2(B, C, D, E, A, W[24] + K2);
106 F2(A, B, C, D, E, W[25] + K2);
107 F2(E, A, B, C, D, W[26] + K2);
108 F2(D, E, A, B, C, W[27] + K2);
109 F2(C, D, E, A, B, W[28] + K2);
110 F2(B, C, D, E, A, W[29] + K2);
111 F2(A, B, C, D, E, W[30] + K2);
112 F2(E, A, B, C, D, W[31] + K2);
113 F2(D, E, A, B, C, W[32] + K2);
114 F2(C, D, E, A, B, W[33] + K2);
115 F2(B, C, D, E, A, W[34] + K2);
116 F2(A, B, C, D, E, W[35] + K2);
117 F2(E, A, B, C, D, W[36] + K2);
118 F2(D, E, A, B, C, W[37] + K2);
119 F2(C, D, E, A, B, W[38] + K2);
120 F2(B, C, D, E, A, W[39] + K2);
121
122 F3(A, B, C, D, E, W[40] + K3);
123 F3(E, A, B, C, D, W[41] + K3);
124 F3(D, E, A, B, C, W[42] + K3);
125 F3(C, D, E, A, B, W[43] + K3);
126 F3(B, C, D, E, A, W[44] + K3);
127 F3(A, B, C, D, E, W[45] + K3);
128 F3(E, A, B, C, D, W[46] + K3);
129 F3(D, E, A, B, C, W[47] + K3);
130 F3(C, D, E, A, B, W[48] + K3);
131 F3(B, C, D, E, A, W[49] + K3);
132 F3(A, B, C, D, E, W[50] + K3);
133 F3(E, A, B, C, D, W[51] + K3);
134 F3(D, E, A, B, C, W[52] + K3);
135 F3(C, D, E, A, B, W[53] + K3);
136 F3(B, C, D, E, A, W[54] + K3);
137 F3(A, B, C, D, E, W[55] + K3);
138 F3(E, A, B, C, D, W[56] + K3);
139 F3(D, E, A, B, C, W[57] + K3);
140 F3(C, D, E, A, B, W[58] + K3);
141 F3(B, C, D, E, A, W[59] + K3);
142
143 F4(A, B, C, D, E, W[60] + K4);
144 F4(E, A, B, C, D, W[61] + K4);
145 F4(D, E, A, B, C, W[62] + K4);
146 F4(C, D, E, A, B, W[63] + K4);
147 F4(B, C, D, E, A, W[64] + K4);
148 F4(A, B, C, D, E, W[65] + K4);
149 F4(E, A, B, C, D, W[66] + K4);
150 F4(D, E, A, B, C, W[67] + K4);
151 F4(C, D, E, A, B, W[68] + K4);
152 F4(B, C, D, E, A, W[69] + K4);
153 F4(A, B, C, D, E, W[70] + K4);
154 F4(E, A, B, C, D, W[71] + K4);
155 F4(D, E, A, B, C, W[72] + K4);
156 F4(C, D, E, A, B, W[73] + K4);
157 F4(B, C, D, E, A, W[74] + K4);
158 F4(A, B, C, D, E, W[75] + K4);
159 F4(E, A, B, C, D, W[76] + K4);
160 F4(D, E, A, B, C, W[77] + K4);
161 F4(C, D, E, A, B, W[78] + K4);
162 F4(B, C, D, E, A, W[79] + K4);
163
164 A = (digest[0] += A);
165 B = (digest[1] += B);
166 C = (digest[2] += C);
167 D = (digest[3] += D);
168 E = (digest[4] += E);
169 }
170}
static void sha1_compress_x86(digest_type &digest, std::span< const uint8_t > blocks, size_t block_count)
Definition sha1_x86.cpp:58
static void sha1_armv8_compress_n(digest_type &digest, std::span< const uint8_t > blocks, size_t block_count)
Definition sha1_armv8.cpp:21
void F2(uint32_t A, uint32_t &B, uint32_t C, uint32_t D, uint32_t &E, uint32_t M)
Definition sha1_f.h:26
void F4(uint32_t A, uint32_t &B, uint32_t C, uint32_t D, uint32_t &E, uint32_t M)
Definition sha1_f.h:37
void F3(uint32_t A, uint32_t &B, uint32_t C, uint32_t D, uint32_t &E, uint32_t M)
Definition sha1_f.h:31
void F1(uint32_t A, uint32_t &B, uint32_t C, uint32_t D, uint32_t &E, uint32_t M)
Definition sha1_f.h:21
References Botan::CPUFeature::AVX2, block_bytes, Botan::CPUFeature::BMI, Botan::CPUID::has(), Botan::load_be(), Botan::rotl(), Botan::CPUFeature::SHA, Botan::CPUFeature::SHA1, sha1_armv8_compress_n(), sha1_compress_x86(), Botan::CPUFeature::SIMD_4X32, and Botan::BufferSlicer::take().
◆ copy_state()
|
overridevirtual |
Return a new hash object with the same state as *this. This allows computing the hash of several messages with a common prefix more efficiently than would otherwise be possible.
This function should be called clone but that was already used for the case of returning an uninitialized object.
- Returns
- new hash object
Implements Botan::HashFunction.
Definition at line 211 of file sha1.cpp.
211 {
212 return std::make_unique<SHA_1>(*this);
213}
◆ create()
|
staticinherited |
Create an instance based on a name, or return null if the algo/provider combination cannot be found. If provider is empty then best available is chosen.
Definition at line 107 of file hash.cpp.
107 {
108#if defined(BOTAN_HAS_COMMONCRYPTO)
111 return hash;
112
114 return nullptr;
115 }
116#endif
117
119 return nullptr; // unknown provider
120 }
121
122#if defined(BOTAN_HAS_SHA1)
123 if(algo_spec == "SHA-1") {
124 return std::make_unique<SHA_1>();
125 }
126#endif
127
128#if defined(BOTAN_HAS_SHA2_32)
129 if(algo_spec == "SHA-224") {
130 return std::make_unique<SHA_224>();
131 }
132
133 if(algo_spec == "SHA-256") {
134 return std::make_unique<SHA_256>();
135 }
136#endif
137
138#if defined(BOTAN_HAS_SHA2_64)
139 if(algo_spec == "SHA-384") {
140 return std::make_unique<SHA_384>();
141 }
142
143 if(algo_spec == "SHA-512") {
144 return std::make_unique<SHA_512>();
145 }
146
147 if(algo_spec == "SHA-512-256") {
148 return std::make_unique<SHA_512_256>();
149 }
150#endif
151
152#if defined(BOTAN_HAS_RIPEMD_160)
153 if(algo_spec == "RIPEMD-160") {
154 return std::make_unique<RIPEMD_160>();
155 }
156#endif
157
158#if defined(BOTAN_HAS_WHIRLPOOL)
159 if(algo_spec == "Whirlpool") {
160 return std::make_unique<Whirlpool>();
161 }
162#endif
163
164#if defined(BOTAN_HAS_MD5)
165 if(algo_spec == "MD5") {
166 return std::make_unique<MD5>();
167 }
168#endif
169
170#if defined(BOTAN_HAS_MD4)
171 if(algo_spec == "MD4") {
172 return std::make_unique<MD4>();
173 }
174#endif
175
176#if defined(BOTAN_HAS_GOST_34_11)
177 if(algo_spec == "GOST-R-34.11-94" || algo_spec == "GOST-34.11") {
178 return std::make_unique<GOST_34_11>();
179 }
180#endif
181
182#if defined(BOTAN_HAS_ADLER32)
183 if(algo_spec == "Adler32") {
184 return std::make_unique<Adler32>();
185 }
186#endif
187
188#if defined(BOTAN_HAS_CRC24)
189 if(algo_spec == "CRC24") {
190 return std::make_unique<CRC24>();
191 }
192#endif
193
194#if defined(BOTAN_HAS_CRC32)
195 if(algo_spec == "CRC32") {
196 return std::make_unique<CRC32>();
197 }
198#endif
199
200#if defined(BOTAN_HAS_STREEBOG)
201 if(algo_spec == "Streebog-256") {
202 return std::make_unique<Streebog>(256);
203 }
204 if(algo_spec == "Streebog-512") {
205 return std::make_unique<Streebog>(512);
206 }
207#endif
208
209#if defined(BOTAN_HAS_SM3)
210 if(algo_spec == "SM3") {
211 return std::make_unique<SM3>();
212 }
213#endif
214
215 const SCAN_Name req(algo_spec);
216
217#if defined(BOTAN_HAS_SKEIN_512)
218 if(req.algo_name() == "Skein-512") {
219 return std::make_unique<Skein_512>(req.arg_as_integer(0, 512), req.arg(1, ""));
220 }
221#endif
222
223#if defined(BOTAN_HAS_BLAKE2B)
224 if(req.algo_name() == "Blake2b" || req.algo_name() == "BLAKE2b") {
225 return std::make_unique<BLAKE2b>(req.arg_as_integer(0, 512));
226 }
227#endif
228
229#if defined(BOTAN_HAS_BLAKE2S)
230 if(req.algo_name() == "Blake2s" || req.algo_name() == "BLAKE2s") {
231 return std::make_unique<BLAKE2s>(req.arg_as_integer(0, 256));
232 }
233#endif
234
235#if defined(BOTAN_HAS_KECCAK)
236 if(req.algo_name() == "Keccak-1600") {
237 return std::make_unique<Keccak_1600>(req.arg_as_integer(0, 512));
238 }
239#endif
240
241#if defined(BOTAN_HAS_SHA3)
242 if(req.algo_name() == "SHA-3") {
243 return std::make_unique<SHA_3>(req.arg_as_integer(0, 512));
244 }
245#endif
246
247#if defined(BOTAN_HAS_SHAKE)
248 if(req.algo_name() == "SHAKE-128" && req.arg_count() == 1) {
249 return std::make_unique<SHAKE_128>(req.arg_as_integer(0));
250 }
251 if(req.algo_name() == "SHAKE-256" && req.arg_count() == 1) {
252 return std::make_unique<SHAKE_256>(req.arg_as_integer(0));
253 }
254#endif
255
256#if defined(BOTAN_HAS_PARALLEL_HASH)
257 if(req.algo_name() == "Parallel") {
258 std::vector<std::unique_ptr<HashFunction>> hashes;
259
260 for(size_t i = 0; i != req.arg_count(); ++i) {
262 if(!h) {
263 return nullptr;
264 }
265 hashes.push_back(std::move(h));
266 }
267
268 return std::make_unique<Parallel>(hashes);
269 }
270#endif
271
272#if defined(BOTAN_HAS_TRUNCATED_HASH)
273 if(req.algo_name() == "Truncated" && req.arg_count() == 2) {
275 if(!hash) {
276 return nullptr;
277 }
278
279 return std::make_unique<Truncated_Hash>(std::move(hash), req.arg_as_integer(1));
280 }
281#endif
282
283#if defined(BOTAN_HAS_COMB4P)
284 if(req.algo_name() == "Comb4P" && req.arg_count() == 2) {
287
288 if(h1 && h2) {
289 return std::make_unique<Comb4P>(std::move(h1), std::move(h2));
290 }
291 }
292#endif
293
294 return nullptr;
295}
static std::unique_ptr< HashFunction > create(std::string_view algo_spec, std::string_view provider="")
Definition hash.cpp:107
std::unique_ptr< HashFunction > make_commoncrypto_hash(std::string_view name)
Definition commoncrypto_hash.cpp:80
References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), create(), Botan::make_commoncrypto_hash(), and provider().
Referenced by botan_hash_init(), Botan::BlockCipher::create(), Botan::EME::create(), create(), Botan::KDF::create(), Botan::MessageAuthenticationCode::create(), Botan::PasswordHashFamily::create(), Botan::PBKDF::create(), Botan::SignaturePaddingScheme::create(), create_or_throw(), Botan::Certificate_Store_In_Memory::find_cert_by_pubkey_sha1(), and Botan::Certificate_Store_In_Memory::find_cert_by_raw_subject_dn_sha256().
◆ create_or_throw()
|
staticinherited |
Create an instance based on a name If provider is empty then best available is chosen.
- Parameters
-
algo_spec algorithm name provider provider implementation to use Throws Lookup_Error if not found.
Definition at line 298 of file hash.cpp.
298 {
300 return hash;
301 }
303}
References create(), and provider().
Referenced by botan_pubkey_fingerprint(), botan_pubkey_sm2_compute_za(), Botan::OCSP::CertID::CertID(), Botan::create_hex_fingerprint(), Botan::Sodium::crypto_hash_sha256(), Botan::Sodium::crypto_hash_sha512(), Botan::Bcrypt_PBKDF::derive_key(), Botan::ed25519_gen_keypair(), Botan::ed25519_sign(), Botan::ed25519_verify(), Botan::expand_message_xmd(), Botan::TLS::Handshake_Hash::final(), Botan::generate_dsa_primes(), Botan::LMOTS_Params::hash(), Botan::LMS_Params::hash(), Botan::Classic_McEliece_Parameters::hash_func(), Botan::OCSP::CertID::is_id_for(), Botan::TLS::make_hello_random(), Botan::Roughtime::nonce_from_blind(), Botan::PKCS1v15_Raw_SignaturePaddingScheme::PKCS1v15_Raw_SignaturePaddingScheme(), Botan::TLS::Transcript_Hash_State::set_algorithm(), Botan::RTSS_Share::split(), Botan::srp6_client_agree(), Botan::srp6_generate_verifier(), Botan::SRP6_Server_Session::step1(), Botan::SRP6_Server_Session::step2(), Botan::Cert_Extension::Subject_Key_ID::Subject_Key_ID(), and Botan::PK_Ops::Verification_with_Hash::Verification_with_Hash().
◆ final() [1/4]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
|
inlineinherited |
Complete the computation and retrieve the final result as a container of your choice.
- Returns
- a contiguous container holding the result
Definition at line 77 of file buf_comp.h.
77 {
78 T output(output_length());
79 final_result(output);
80 return output;
81 }
virtual size_t output_length() const =0
References output_length().
◆ final() [2/4]
|
inherited |
Definition at line 54 of file buf_comp.cpp.
54 {
55 BOTAN_ARG_CHECK(out.size() >= output_length(), "provided output buffer has insufficient capacity");
56 final_result(out);
57}
References BOTAN_ARG_CHECK, and output_length().
◆ final() [3/4]
template<concepts::resizable_byte_buffer T>
|
inlineinherited |
Definition at line 88 of file buf_comp.h.
References output_length().
◆ final() [4/4]
|
inlineinherited |
Complete the computation and retrieve the final result.
- Parameters
-
out The byte array to be filled with the result. Must be of length output_length()
Definition at line 69 of file buf_comp.h.
69{ final_result({out, output_length()}); }
References output_length().
Referenced by final_stdvec(), Botan::PseudorandomKeyGeneration::gen(), Botan::TPM2::Verification_Operation::is_valid_signature(), Botan::mgf1_mask(), Botan::KMAC::operator=(), Botan::pbkdf2(), Botan::Sphincs_Hash_Functions_Sha2::PRF_msg(), process(), process(), process(), Botan::TPM2::Signature_Operation::sign(), and Botan::sm2_compute_za().
◆ final_stdvec()
|
inlineinherited |
◆ hash_block_size()
|
inlineoverridevirtual |
- Returns
- hash block size as defined for this algorithm
Reimplemented from Botan::HashFunction.
Definition at line 36 of file sha1.h.
References block_bytes.
◆ init()
|
static |
◆ name()
|
inlineoverridevirtual |
- Returns
- the hash function name
Implements Botan::HashFunction.
Definition at line 32 of file sha1.h.
32{ return "SHA-1"; }
◆ new_object()
|
overridevirtual |
- Returns
- new object representing the same algorithm as *this
Implements Botan::HashFunction.
Definition at line 207 of file sha1.cpp.
207 {
208 return std::make_unique<SHA_1>();
209}
◆ output_length()
|
inlineoverridevirtual |
- Returns
- length of the output of this function in bytes
Implements Botan::Buffered_Computation.
Definition at line 34 of file sha1.h.
34{ return 20; }
◆ process() [1/3]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
|
inlineinherited |
Update and finalize computation. Does the same as calling update() and final() consecutively.
- Parameters
-
in the input to process as a byte array length the length of the byte array
- Returns
- the result of the call to final()
Definition at line 101 of file buf_comp.h.
101 {
102 update(in, length);
104 }
void update(const uint8_t in[], size_t length)
Definition buf_comp.h:34
References final(), and update().
Referenced by Botan::Kyber_Symmetric_Primitives::H(), Botan::Kyber_Symmetric_Primitives::H(), and Botan::Kyber_Symmetric_Primitives::H().
◆ process() [2/3]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
|
inlineinherited |
Update and finalize computation. Does the same as calling update() and final() consecutively.
- Parameters
-
in the input to process as a contiguous container
- Returns
- the result of the call to final()
Definition at line 125 of file buf_comp.h.
◆ process() [3/3]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
|
inlineinherited |
Update and finalize computation. Does the same as calling update() and final() consecutively.
- Parameters
-
in the input to process as a string
- Returns
- the result of the call to final()
Definition at line 113 of file buf_comp.h.
◆ provider()
|
overridevirtual |
- Returns
- provider information about this implementation. Default is "base", might also return "sse2", "avx2", "openssl", or some other arbitrary string.
Reimplemented from Botan::HashFunction.
Definition at line 179 of file sha1.cpp.
179 {
180#if defined(BOTAN_HAS_SHA1_X86_SHA_NI)
182 return *feat;
183 }
184#endif
185
186#if defined(BOTAN_HAS_SHA1_ARMV8)
188 return *feat;
189 }
190#endif
191
192#if defined(BOTAN_HAS_SHA1_AVX2)
194 return *feat;
195 }
196#endif
197
198#if defined(BOTAN_HAS_SHA1_SIMD_4X32)
200 return *feat;
201 }
202#endif
203
204 return "base";
205}
static std::optional< std::string > check(CPUID::Feature feat)
Definition cpuid.h:67
References Botan::CPUFeature::AVX2, Botan::CPUFeature::BMI, Botan::CPUID::check(), Botan::CPUFeature::SHA, Botan::CPUFeature::SHA1, and Botan::CPUFeature::SIMD_4X32.
◆ providers()
|
staticinherited |
- Returns
- list of available providers for this algorithm, empty if not available
- Parameters
-
algo_spec algorithm name
Definition at line 305 of file hash.cpp.
305 {
307}
std::vector< std::string > probe_providers_of(std::string_view algo_spec, const std::vector< std::string > &possible={"base"})
Definition scan_name.h:105
References Botan::probe_providers_of().
◆ sha1_armv8_compress_n()
|
static |
Definition at line 21 of file sha1_armv8.cpp.
23 {
24 uint32x4_t ABCD;
25 uint32_t E0;
26
27 // Load magic constants
28 const uint32x4_t C0 = vdupq_n_u32(0x5A827999);
29 const uint32x4_t C1 = vdupq_n_u32(0x6ED9EBA1);
30 const uint32x4_t C2 = vdupq_n_u32(0x8F1BBCDC);
31 const uint32x4_t C3 = vdupq_n_u32(0xCA62C1D6);
32
33 ABCD = vld1q_u32(&digest[0]);
34 E0 = digest[4];
35
36 // Intermediate void* cast due to https://llvm.org/bugs/show_bug.cgi?id=20670
37 const uint32_t* input32 = reinterpret_cast<const uint32_t*>(reinterpret_cast<const void*>(input8.data()));
38
39 while(blocks) {
40 // Save current hash
41 const uint32x4_t ABCD_SAVED = ABCD;
42 const uint32_t E0_SAVED = E0;
43
44 uint32x4_t MSG0, MSG1, MSG2, MSG3;
45 uint32x4_t TMP0, TMP1;
46 uint32_t E1;
47
48 MSG0 = vld1q_u32(input32 + 0);
49 MSG1 = vld1q_u32(input32 + 4);
50 MSG2 = vld1q_u32(input32 + 8);
51 MSG3 = vld1q_u32(input32 + 12);
52
53 MSG0 = vreinterpretq_u32_u8(vrev32q_u8(vreinterpretq_u8_u32(MSG0)));
54 MSG1 = vreinterpretq_u32_u8(vrev32q_u8(vreinterpretq_u8_u32(MSG1)));
55 MSG2 = vreinterpretq_u32_u8(vrev32q_u8(vreinterpretq_u8_u32(MSG2)));
56 MSG3 = vreinterpretq_u32_u8(vrev32q_u8(vreinterpretq_u8_u32(MSG3)));
57
58 TMP0 = vaddq_u32(MSG0, C0);
59 TMP1 = vaddq_u32(MSG1, C0);
60
61 // Rounds 0-3
62 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
63 ABCD = vsha1cq_u32(ABCD, E0, TMP0);
64 TMP0 = vaddq_u32(MSG2, C0);
65 MSG0 = vsha1su0q_u32(MSG0, MSG1, MSG2);
66
67 // Rounds 4-7
68 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
69 ABCD = vsha1cq_u32(ABCD, E1, TMP1);
70 TMP1 = vaddq_u32(MSG3, C0);
71 MSG0 = vsha1su1q_u32(MSG0, MSG3);
72 MSG1 = vsha1su0q_u32(MSG1, MSG2, MSG3);
73
74 // Rounds 8-11
75 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
76 ABCD = vsha1cq_u32(ABCD, E0, TMP0);
77 TMP0 = vaddq_u32(MSG0, C0);
78 MSG1 = vsha1su1q_u32(MSG1, MSG0);
79 MSG2 = vsha1su0q_u32(MSG2, MSG3, MSG0);
80
81 // Rounds 12-15
82 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
83 ABCD = vsha1cq_u32(ABCD, E1, TMP1);
84 TMP1 = vaddq_u32(MSG1, C1);
85 MSG2 = vsha1su1q_u32(MSG2, MSG1);
86 MSG3 = vsha1su0q_u32(MSG3, MSG0, MSG1);
87
88 // Rounds 16-19
89 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
90 ABCD = vsha1cq_u32(ABCD, E0, TMP0);
91 TMP0 = vaddq_u32(MSG2, C1);
92 MSG3 = vsha1su1q_u32(MSG3, MSG2);
93 MSG0 = vsha1su0q_u32(MSG0, MSG1, MSG2);
94
95 // Rounds 20-23
96 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
97 ABCD = vsha1pq_u32(ABCD, E1, TMP1);
98 TMP1 = vaddq_u32(MSG3, C1);
99 MSG0 = vsha1su1q_u32(MSG0, MSG3);
100 MSG1 = vsha1su0q_u32(MSG1, MSG2, MSG3);
101
102 // Rounds 24-27
103 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
104 ABCD = vsha1pq_u32(ABCD, E0, TMP0);
105 TMP0 = vaddq_u32(MSG0, C1);
106 MSG1 = vsha1su1q_u32(MSG1, MSG0);
107 MSG2 = vsha1su0q_u32(MSG2, MSG3, MSG0);
108
109 // Rounds 28-31
110 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
111 ABCD = vsha1pq_u32(ABCD, E1, TMP1);
112 TMP1 = vaddq_u32(MSG1, C1);
113 MSG2 = vsha1su1q_u32(MSG2, MSG1);
114 MSG3 = vsha1su0q_u32(MSG3, MSG0, MSG1);
115
116 // Rounds 32-35
117 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
118 ABCD = vsha1pq_u32(ABCD, E0, TMP0);
119 TMP0 = vaddq_u32(MSG2, C2);
120 MSG3 = vsha1su1q_u32(MSG3, MSG2);
121 MSG0 = vsha1su0q_u32(MSG0, MSG1, MSG2);
122
123 // Rounds 36-39
124 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
125 ABCD = vsha1pq_u32(ABCD, E1, TMP1);
126 TMP1 = vaddq_u32(MSG3, C2);
127 MSG0 = vsha1su1q_u32(MSG0, MSG3);
128 MSG1 = vsha1su0q_u32(MSG1, MSG2, MSG3);
129
130 // Rounds 40-43
131 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
132 ABCD = vsha1mq_u32(ABCD, E0, TMP0);
133 TMP0 = vaddq_u32(MSG0, C2);
134 MSG1 = vsha1su1q_u32(MSG1, MSG0);
135 MSG2 = vsha1su0q_u32(MSG2, MSG3, MSG0);
136
137 // Rounds 44-47
138 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
139 ABCD = vsha1mq_u32(ABCD, E1, TMP1);
140 TMP1 = vaddq_u32(MSG1, C2);
141 MSG2 = vsha1su1q_u32(MSG2, MSG1);
142 MSG3 = vsha1su0q_u32(MSG3, MSG0, MSG1);
143
144 // Rounds 48-51
145 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
146 ABCD = vsha1mq_u32(ABCD, E0, TMP0);
147 TMP0 = vaddq_u32(MSG2, C2);
148 MSG3 = vsha1su1q_u32(MSG3, MSG2);
149 MSG0 = vsha1su0q_u32(MSG0, MSG1, MSG2);
150
151 // Rounds 52-55
152 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
153 ABCD = vsha1mq_u32(ABCD, E1, TMP1);
154 TMP1 = vaddq_u32(MSG3, C3);
155 MSG0 = vsha1su1q_u32(MSG0, MSG3);
156 MSG1 = vsha1su0q_u32(MSG1, MSG2, MSG3);
157
158 // Rounds 56-59
159 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
160 ABCD = vsha1mq_u32(ABCD, E0, TMP0);
161 TMP0 = vaddq_u32(MSG0, C3);
162 MSG1 = vsha1su1q_u32(MSG1, MSG0);
163 MSG2 = vsha1su0q_u32(MSG2, MSG3, MSG0);
164
165 // Rounds 60-63
166 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
167 ABCD = vsha1pq_u32(ABCD, E1, TMP1);
168 TMP1 = vaddq_u32(MSG1, C3);
169 MSG2 = vsha1su1q_u32(MSG2, MSG1);
170 MSG3 = vsha1su0q_u32(MSG3, MSG0, MSG1);
171
172 // Rounds 64-67
173 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
174 ABCD = vsha1pq_u32(ABCD, E0, TMP0);
175 TMP0 = vaddq_u32(MSG2, C3);
176 MSG3 = vsha1su1q_u32(MSG3, MSG2);
177 MSG0 = vsha1su0q_u32(MSG0, MSG1, MSG2);
178
179 // Rounds 68-71
180 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
181 ABCD = vsha1pq_u32(ABCD, E1, TMP1);
182 TMP1 = vaddq_u32(MSG3, C3);
183 MSG0 = vsha1su1q_u32(MSG0, MSG3);
184
185 // Rounds 72-75
186 E1 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
187 ABCD = vsha1pq_u32(ABCD, E0, TMP0);
188
189 // Rounds 76-79
190 E0 = vsha1h_u32(vgetq_lane_u32(ABCD, 0));
191 ABCD = vsha1pq_u32(ABCD, E1, TMP1);
192
193 // Add state back
194 E0 += E0_SAVED;
195 ABCD = vaddq_u32(ABCD_SAVED, ABCD);
196
197 input32 += 64 / 4;
198 blocks--;
199 }
200
201 // Save digest
202 vst1q_u32(&digest[0], ABCD);
203 digest[4] = E0;
204}
Referenced by compress_n().
◆ sha1_compress_x86()
|
static |
Definition at line 58 of file sha1_x86.cpp.
60 {
61 const uint8_t* input = input_span.data();
62
64 SIMD_4x32 E0 = SIMD_4x32(0, 0, 0, digest[4]);
65
66 while(blocks > 0) {
67 // Save current hash
68 const auto ABCD_SAVE = ABCD;
69 const auto E0_SAVE = E0;
70
75
76 auto E1 = ABCD;
77 ABCD = SIMD_4x32(_mm_sha1rnds4_epu32(ABCD.raw(), _mm_add_epi32(E0.raw(), W0.raw()), 0));
78
79 E0 = ABCD;
80 ABCD = SIMD_4x32(_mm_sha1rnds4_epu32(ABCD.raw(), _mm_sha1nexte_epu32(E1.raw(), W1.raw()), 0));
81
82 sha1_x86_rnds8<0>(ABCD, E0, W2, W3);
83
84 W0 = sha1_x86_msg1(W0, W1);
85 W1 = sha1_x86_msg1(W1, W2);
86 W0 ^= W2;
87
88 sha1_x86_next_msg(W3, W0, W1, W2);
89 sha1_x86_next_msg(W0, W1, W2, W3);
90 sha1_x86_rnds8<0, 1>(ABCD, E0, W0, W1);
91
92 sha1_x86_next_msg(W1, W2, W3, W0);
93 sha1_x86_next_msg(W2, W3, W0, W1);
94 sha1_x86_rnds8<1>(ABCD, E0, W2, W3);
95
96 sha1_x86_next_msg(W3, W0, W1, W2);
97 sha1_x86_next_msg(W0, W1, W2, W3);
98 sha1_x86_rnds8<1>(ABCD, E0, W0, W1);
99
100 sha1_x86_next_msg(W1, W2, W3, W0);
101 sha1_x86_next_msg(W2, W3, W0, W1);
102 sha1_x86_rnds8<2>(ABCD, E0, W2, W3);
103
104 sha1_x86_next_msg(W3, W0, W1, W2);
105 sha1_x86_next_msg(W0, W1, W2, W3);
106 sha1_x86_rnds8<2>(ABCD, E0, W0, W1);
107
108 sha1_x86_next_msg(W1, W2, W3, W0);
109 sha1_x86_next_msg(W2, W3, W0, W1);
110 sha1_x86_rnds8<2, 3>(ABCD, E0, W2, W3);
111
112 sha1_x86_next_msg(W3, W0, W1, W2);
113 sha1_x86_next_msg(W0, W1, W2, W3);
114 sha1_x86_rnds8<3>(ABCD, E0, W0, W1);
115
116 sha1_x86_next_msg(W1, W2, W3, W0);
117 sha1_x86_next_msg(W2, W3, W0, W1);
118 sha1_x86_rnds8<3>(ABCD, E0, W2, W3);
119
120 ABCD += ABCD_SAVE;
121 E0 = sha1_x86_nexte(E0, E0_SAVE);
122
123 input += 64;
124 blocks--;
125 }
126
127 rev_words(ABCD).store_le(&digest[0]); // NOLINT(*-container-data-pointer)
128 digest[4] = _mm_extract_epi32(E0.raw(), 3);
129}
static SIMD_4x32 BOTAN_FN_ISA_SIMD_4X32 load_be(const void *in) noexcept
Definition simd_4x32.h:174
static SIMD_4x32 load_le(const void *in) noexcept
Definition simd_4x32.h:149
References Botan::SIMD_4x32::load_be(), Botan::SIMD_4x32::load_le(), and Botan::SIMD_4x32::raw().
Referenced by compress_n().
◆ update() [1/4]
|
inlineinherited |
Add new input to process.
- Parameters
-
in the input to process as a byte array length of param in in bytes
Definition at line 34 of file buf_comp.h.
34{ add_data({in, length}); }
Referenced by Botan::PseudorandomKeyGeneration::gen(), Botan::LMOTS_Public_Key::LMOTS_Public_Key(), Botan::mgf1_mask(), Botan::pbkdf2(), Botan::Sphincs_Hash_Functions_Sha2::PRF_msg(), process(), process(), process(), Botan::TLS::TLS_NULL_HMAC_AEAD_Mode::set_associated_data_n(), and Botan::sm2_compute_za().
◆ update() [2/4]
|
inlineinherited |
Add new input to process.
- Parameters
-
in the input to process as a contiguous data range
Definition at line 40 of file buf_comp.h.
40{ add_data(in); }
◆ update() [3/4]
|
inherited |
Add new input to process.
- Parameters
-
str the input to process as a std::string_view. Will be interpreted as a byte array based on the strings encoding.
Definition at line 14 of file buf_comp.cpp.
14 {
15 add_data(as_span_of_bytes(str));
16}
std::span< const uint8_t > as_span_of_bytes(const char *s, size_t len)
Definition mem_utils.h:28
References Botan::as_span_of_bytes().
◆ update() [4/4]
|
inlineinherited |
Process a single byte.
- Parameters
-
in the byte to process
Definition at line 61 of file buf_comp.h.
61{ add_data({&in, 1}); }
◆ update_be() [1/3]
|
inherited |
Definition at line 18 of file buf_comp.cpp.
References Botan::store_be().
Referenced by Botan::mgf1_mask(), and Botan::pbkdf2().
◆ update_be() [2/3]
|
inherited |
Definition at line 24 of file buf_comp.cpp.
References Botan::store_be().
◆ update_be() [3/3]
|
inherited |
Definition at line 30 of file buf_comp.cpp.
References Botan::store_be().
◆ update_le() [1/3]
|
inherited |
Definition at line 36 of file buf_comp.cpp.
References Botan::store_le().
◆ update_le() [2/3]
|
inherited |
Definition at line 42 of file buf_comp.cpp.
References Botan::store_le().
◆ update_le() [3/3]
|
inherited |
Definition at line 48 of file buf_comp.cpp.
References Botan::store_le().
Member Data Documentation
◆ bit_endianness
|
staticconstexpr |
◆ block_bytes
|
staticconstexpr |
Definition at line 24 of file sha1.h.
Referenced by compress_n(), and hash_block_size().
◆ byte_endianness
|
staticconstexpr |
◆ ctr_bytes
◆ output_bytes
The documentation for this class was generated from the following files:
- src/lib/hash/sha1/sha1.h
- src/lib/hash/sha1/sha1.cpp
- src/lib/hash/sha1/sha1_armv8/sha1_armv8.cpp
- src/lib/hash/sha1/sha1_x86/sha1_x86.cpp
Generated by
1.14.0