mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-02-14 18:27:54 +00:00
f4f4caab0e
I wanted a tiny scriptable meltdown proof way to run userspace programs and visualize how program execution impacts memory. It helps to explain how things like Actually Portable Executable works. It can show you how the GCC generated code is going about manipulating matrices and more. I didn't feel fully comfortable with Qemu and Bochs because I'm not smart enough to understand them. I wanted something like gVisor but with much stronger levels of assurances. I wanted a single binary that'll run, on all major operating systems with an embedded GPL barrier ZIP filesystem that is tiny enough to transpile to JavaScript and run in browsers too. https://justine.storage.googleapis.com/emulator625.mp4
135 lines
4.3 KiB
C
135 lines
4.3 KiB
C
/*********************************************************************
|
|
* Filename: sha256.c
|
|
* Author: Brad Conte (brad AT bradconte.com)
|
|
* Copyright:
|
|
* Disclaimer: This code is presented "as is" without any guarantees.
|
|
* Details: Implementation of the SHA-256 hashing algorithm.
|
|
SHA-256 is one of the three algorithms in the SHA2
|
|
specification. The others, SHA-384 and SHA-512, are not
|
|
offered in this implementation.
|
|
Algorithm specification can be found here:
|
|
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
|
|
This implementation uses little endian byte order.
|
|
*********************************************************************/
|
|
#include "libc/bits/safemacros.h"
|
|
#include "libc/dce.h"
|
|
#include "libc/nexgen32e/x86feature.h"
|
|
#include "libc/str/internal.h"
|
|
#include "libc/str/str.h"
|
|
|
|
#define ROTLEFT(a, b) (((a) << (b)) | ((a) >> (32 - (b))))
|
|
#define ROTRIGHT(a, b) (((a) >> (b)) | ((a) << (32 - (b))))
|
|
#define CH(x, y, z) (((x) & (y)) ^ (~(x) & (z)))
|
|
#define MAJ(x, y, z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
|
|
#define EP0(x) (ROTRIGHT(x, 2) ^ ROTRIGHT(x, 13) ^ ROTRIGHT(x, 22))
|
|
#define EP1(x) (ROTRIGHT(x, 6) ^ ROTRIGHT(x, 11) ^ ROTRIGHT(x, 25))
|
|
#define SIG0(x) (ROTRIGHT(x, 7) ^ ROTRIGHT(x, 18) ^ ((x) >> 3))
|
|
#define SIG1(x) (ROTRIGHT(x, 17) ^ ROTRIGHT(x, 19) ^ ((x) >> 10))
|
|
|
|
static void sha256_transform(uint32_t state[hasatleast 8],
|
|
const uint8_t data[hasatleast 64]) {
|
|
size_t i;
|
|
uint32_t a, b, c, d, e, f, g, h, t1, t2, m[64];
|
|
for (i = 0; i < 16; ++i, data += 4) {
|
|
m[i] = (uint32_t)data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3];
|
|
}
|
|
for (; i < 64; ++i) {
|
|
m[i] = SIG1(m[i - 2]) + m[i - 7] + SIG0(m[i - 15]) + m[i - 16];
|
|
}
|
|
a = state[0];
|
|
b = state[1];
|
|
c = state[2];
|
|
d = state[3];
|
|
e = state[4];
|
|
f = state[5];
|
|
g = state[6];
|
|
h = state[7];
|
|
for (i = 0; i < 64; ++i) {
|
|
t1 = h + EP1(e) + CH(e, f, g) + kSha256Tab[i] + m[i];
|
|
t2 = EP0(a) + MAJ(a, b, c);
|
|
h = g;
|
|
g = f;
|
|
f = e;
|
|
e = d + t1;
|
|
d = c;
|
|
c = b;
|
|
b = a;
|
|
a = t1 + t2;
|
|
}
|
|
state[0] += a;
|
|
state[1] += b;
|
|
state[2] += c;
|
|
state[3] += d;
|
|
state[4] += e;
|
|
state[5] += f;
|
|
state[6] += g;
|
|
state[7] += h;
|
|
}
|
|
|
|
void sha256_init(struct Sha256Ctx *ctx) {
|
|
ctx->datalen = 0;
|
|
ctx->bitlen = 0;
|
|
ctx->state[0] = 0x6a09e667;
|
|
ctx->state[1] = 0xbb67ae85;
|
|
ctx->state[2] = 0x3c6ef372;
|
|
ctx->state[3] = 0xa54ff53a;
|
|
ctx->state[4] = 0x510e527f;
|
|
ctx->state[5] = 0x9b05688c;
|
|
ctx->state[6] = 0x1f83d9ab;
|
|
ctx->state[7] = 0x5be0cd19;
|
|
}
|
|
|
|
void sha256_update(struct Sha256Ctx *ctx, const uint8_t *data, size_t size) {
|
|
size_t i;
|
|
i = 0;
|
|
#if 0
|
|
if (!IsTiny() && size >= 64 &&
|
|
(X86_HAVE(SHA) && X86_HAVE(SSE4_1) && X86_HAVE(SSSE3))) {
|
|
sha256$x86(ctx->state, data, size);
|
|
i += rounddown(size, 16);
|
|
}
|
|
#endif
|
|
for (; i < size; ++i) {
|
|
ctx->data[ctx->datalen] = data[i];
|
|
ctx->datalen++;
|
|
if (ctx->datalen == 64) {
|
|
sha256_transform(ctx->state, ctx->data);
|
|
ctx->bitlen += 512;
|
|
ctx->datalen = 0;
|
|
}
|
|
}
|
|
}
|
|
|
|
void sha256_final(struct Sha256Ctx *ctx, uint8_t *hash) {
|
|
size_t i;
|
|
i = ctx->datalen;
|
|
if (ctx->datalen < 56) {
|
|
ctx->data[i++] = 0x80;
|
|
while (i < 56) ctx->data[i++] = 0x00;
|
|
} else {
|
|
ctx->data[i++] = 0x80;
|
|
while (i < 64) ctx->data[i++] = 0x00;
|
|
sha256_transform(ctx->state, ctx->data);
|
|
memset(ctx->data, 0, 56);
|
|
}
|
|
ctx->bitlen += ctx->datalen * 8;
|
|
ctx->data[63] = ctx->bitlen;
|
|
ctx->data[62] = ctx->bitlen >> 8;
|
|
ctx->data[61] = ctx->bitlen >> 16;
|
|
ctx->data[60] = ctx->bitlen >> 24;
|
|
ctx->data[59] = ctx->bitlen >> 32;
|
|
ctx->data[58] = ctx->bitlen >> 40;
|
|
ctx->data[57] = ctx->bitlen >> 48;
|
|
ctx->data[56] = ctx->bitlen >> 56;
|
|
sha256_transform(ctx->state, ctx->data);
|
|
for (i = 0; i < 4; ++i) {
|
|
hash[i] = (ctx->state[0] >> (24 - i * 8)) & 0x000000ff;
|
|
hash[i + 4] = (ctx->state[1] >> (24 - i * 8)) & 0x000000ff;
|
|
hash[i + 8] = (ctx->state[2] >> (24 - i * 8)) & 0x000000ff;
|
|
hash[i + 12] = (ctx->state[3] >> (24 - i * 8)) & 0x000000ff;
|
|
hash[i + 16] = (ctx->state[4] >> (24 - i * 8)) & 0x000000ff;
|
|
hash[i + 20] = (ctx->state[5] >> (24 - i * 8)) & 0x000000ff;
|
|
hash[i + 24] = (ctx->state[6] >> (24 - i * 8)) & 0x000000ff;
|
|
hash[i + 28] = (ctx->state[7] >> (24 - i * 8)) & 0x000000ff;
|
|
}
|
|
}
|