diff options
Diffstat (limited to 'src/hash')
59 files changed, 718 insertions, 688 deletions
diff --git a/src/hash/bmw/bmw_512.cpp b/src/hash/bmw/bmw_512.cpp new file mode 100644 index 000000000..5ccb09579 --- /dev/null +++ b/src/hash/bmw/bmw_512.cpp @@ -0,0 +1,202 @@ +/* +* Blue Midnight Wish 512 (Round 2 tweaked) +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/bmw_512.h> +#include <botan/loadstor.h> +#include <botan/rotate.h> + +namespace Botan { + +namespace { + +inline u64bit S0(u64bit X) + { + return (X >> 1) ^ (X << 3) ^ rotate_left(X, 4) ^ rotate_left(X, 37); + } + +inline u64bit S1(u64bit X) + { + return (X >> 1) ^ (X << 2) ^ rotate_left(X, 13) ^ rotate_left(X, 43); + } + +inline u64bit S2(u64bit X) + { + return (X >> 2) ^ (X << 1) ^ rotate_left(X, 19) ^ rotate_left(X, 53); + } + +inline u64bit S3(u64bit X) + { + return (X >> 2) ^ (X << 2) ^ rotate_left(X, 28) ^ rotate_left(X, 59); + } + +inline u64bit S4(u64bit X) + { + return (X >> 1) ^ X; + } + +/** +* Blue Midnight Wish 512 compression function +*/ +void BMW_512_compress(u64bit H[16], const u64bit M[16], u64bit Q[32]) + { + const u32bit EXPAND_1_ROUNDS = 2; + + for(u32bit i = 0; i != 16; ++i) + Q[i] = H[i] ^ M[i]; + + Q[16] = Q[ 5] - Q[ 7] + Q[10] + Q[13] + Q[14]; + Q[17] = Q[ 6] - Q[ 8] + Q[11] + Q[14] - Q[15]; + Q[18] = Q[ 0] + Q[ 7] + Q[ 9] - Q[12] + Q[15]; + Q[19] = Q[ 0] - Q[ 1] + Q[ 8] - Q[10] + Q[13]; + Q[20] = Q[ 1] + Q[ 2] + Q[ 9] - Q[11] - Q[14]; + Q[21] = Q[ 3] - Q[ 2] + Q[10] - Q[12] + Q[15]; + Q[22] = Q[ 4] - Q[ 0] - Q[ 3] - Q[11] + Q[13]; + Q[23] = Q[ 1] - Q[ 4] - Q[ 5] - Q[12] - Q[14]; + Q[24] = Q[ 2] - Q[ 5] - Q[ 6] + Q[13] - Q[15]; + Q[25] = Q[ 0] - Q[ 3] + Q[ 6] - Q[ 7] + Q[14]; + Q[26] = Q[ 8] - Q[ 1] - Q[ 4] - Q[ 7] + Q[15]; + Q[27] = Q[ 8] - Q[ 0] - Q[ 2] - Q[ 5] + Q[ 9]; + Q[28] = Q[ 1] + Q[ 3] - Q[ 6] - Q[ 9] + Q[10]; + Q[29] = Q[ 2] + Q[ 4] + Q[ 7] + Q[10] + Q[11]; + Q[30] = Q[ 3] - Q[ 5] + Q[ 8] - Q[11] - Q[12]; + Q[31] = Q[12] - Q[ 4] - Q[ 6] - Q[ 9] + Q[13]; + + Q[ 0] = S0(Q[16]) + H[ 1]; + Q[ 1] = S1(Q[17]) + H[ 2]; + Q[ 2] = S2(Q[18]) + H[ 3]; + Q[ 3] = S3(Q[19]) + H[ 4]; + Q[ 4] = S4(Q[20]) + H[ 5]; + Q[ 5] = S0(Q[21]) + H[ 6]; + Q[ 6] = S1(Q[22]) + H[ 7]; + Q[ 7] = S2(Q[23]) + H[ 8]; + Q[ 8] = S3(Q[24]) + H[ 9]; + Q[ 9] = S4(Q[25]) + H[10]; + Q[10] = S0(Q[26]) + H[11]; + Q[11] = S1(Q[27]) + H[12]; + Q[12] = S2(Q[28]) + H[13]; + Q[13] = S3(Q[29]) + H[14]; + Q[14] = S4(Q[30]) + H[15]; + Q[15] = S0(Q[31]) + H[ 0]; + + for(u32bit i = 16; i != 16 + EXPAND_1_ROUNDS; ++i) + { + Q[i] = S1(Q[i-16]) + S2(Q[i-15]) + S3(Q[i-14]) + S0(Q[i-13]) + + S1(Q[i-12]) + S2(Q[i-11]) + S3(Q[i-10]) + S0(Q[i- 9]) + + S1(Q[i- 8]) + S2(Q[i- 7]) + S3(Q[i- 6]) + S0(Q[i- 5]) + + S1(Q[i- 4]) + S2(Q[i- 3]) + S3(Q[i- 2]) + S0(Q[i- 1]) + + ((rotate_left(M[(i-16) % 16], ((i-16)%16) + 1) + + rotate_left(M[(i-13) % 16], ((i-13)%16) + 1) - + rotate_left(M[(i- 6) % 16], ((i-6)%16) + 1) + + (0x0555555555555555 * i)) ^ H[(i-16+7)%16]); + } + + for(u32bit i = 16 + EXPAND_1_ROUNDS; i != 32; ++i) + { + Q[i] = Q[i-16] + rotate_left(Q[i-15], 5) + + Q[i-14] + rotate_left(Q[i-13], 11) + + Q[i-12] + rotate_left(Q[i-11], 27) + + Q[i-10] + rotate_left(Q[i- 9], 32) + + Q[i- 8] + rotate_left(Q[i- 7], 37) + + Q[i- 6] + rotate_left(Q[i- 5], 43) + + Q[i- 4] + rotate_left(Q[i- 3], 53) + + S4(Q[i - 2]) + ((Q[i-1] >> 2) ^ Q[i-1]) + + ((rotate_left(M[(i-16) % 16], ((i-16)%16 + 1)) + + rotate_left(M[(i-13) % 16], ((i-13)%16 + 1)) - + rotate_left(M[(i- 6) % 16], ((i-6)%16 + 1)) + + (0x0555555555555555 * i)) ^ H[(i-16+7)%16]); + } + + u64bit XL = Q[16] ^ Q[17] ^ Q[18] ^ Q[19] ^ + Q[20] ^ Q[21] ^ Q[22] ^ Q[23]; + + u64bit XH = Q[24] ^ Q[25] ^ Q[26] ^ Q[27] ^ + Q[28] ^ Q[29] ^ Q[30] ^ Q[31]; + + XH ^= XL; + + H[ 0] = ((XH << 5) ^ (Q[16] >> 5) ^ M[0]) + (XL ^ Q[24] ^ Q[0]); + H[ 1] = ((XH >> 7) ^ (Q[17] << 8) ^ M[1]) + (XL ^ Q[25] ^ Q[1]); + H[ 2] = ((XH >> 5) ^ (Q[18] << 5) ^ M[2]) + (XL ^ Q[26] ^ Q[2]); + H[ 3] = ((XH >> 1) ^ (Q[19] << 5) ^ M[3]) + (XL ^ Q[27] ^ Q[3]); + H[ 4] = ((XH >> 3) ^ (Q[20] ) ^ M[4]) + (XL ^ Q[28] ^ Q[4]); + H[ 5] = ((XH << 6) ^ (Q[21] >> 6) ^ M[5]) + (XL ^ Q[29] ^ Q[5]); + H[ 6] = ((XH >> 4) ^ (Q[22] << 6) ^ M[6]) + (XL ^ Q[30] ^ Q[6]); + H[ 7] = ((XH >> 11) ^ (Q[23] << 2) ^ M[7]) + (XL ^ Q[31] ^ Q[7]); + + H[ 8] = rotate_left(H[4], 9) + (XH ^ Q[24] ^ M[ 8]) + ((XL << 8) ^ Q[23] ^ Q[ 8]); + H[ 9] = rotate_left(H[5], 10) + (XH ^ Q[25] ^ M[ 9]) + ((XL >> 6) ^ Q[16] ^ Q[ 9]); + H[10] = rotate_left(H[6], 11) + (XH ^ Q[26] ^ M[10]) + ((XL << 6) ^ Q[17] ^ Q[10]); + H[11] = rotate_left(H[7], 12) + (XH ^ Q[27] ^ M[11]) + ((XL << 4) ^ Q[18] ^ Q[11]); + H[12] = rotate_left(H[0], 13) + (XH ^ Q[28] ^ M[12]) + ((XL >> 3) ^ Q[19] ^ Q[12]); + H[13] = rotate_left(H[1], 14) + (XH ^ Q[29] ^ M[13]) + ((XL >> 4) ^ Q[20] ^ Q[13]); + H[14] = rotate_left(H[2], 15) + (XH ^ Q[30] ^ M[14]) + ((XL >> 7) ^ Q[21] ^ Q[14]); + H[15] = rotate_left(H[3], 16) + (XH ^ Q[31] ^ M[15]) + ((XL >> 2) ^ Q[22] ^ Q[15]); + } + +} + +void BMW_512::compress_n(const byte input[], u32bit blocks) + { + for(u32bit i = 0; i != blocks; ++i) + { + load_le(M.begin(), input, M.size()); + + BMW_512_compress(H, M, Q); + + input += HASH_BLOCK_SIZE; + } + } + +/* +* Copy out the digest +*/ +void BMW_512::copy_out(byte output[]) + { + u64bit final[16] = { + 0xAAAAAAAAAAAAAAA0, 0xAAAAAAAAAAAAAAA1, + 0xAAAAAAAAAAAAAAA2, 0xAAAAAAAAAAAAAAA3, + 0xAAAAAAAAAAAAAAA4, 0xAAAAAAAAAAAAAAA5, + 0xAAAAAAAAAAAAAAA6, 0xAAAAAAAAAAAAAAA7, + 0xAAAAAAAAAAAAAAA8, 0xAAAAAAAAAAAAAAA9, + 0xAAAAAAAAAAAAAAAA, 0xAAAAAAAAAAAAAAAB, + 0xAAAAAAAAAAAAAAAC, 0xAAAAAAAAAAAAAAAD, + 0xAAAAAAAAAAAAAAAE, 0xAAAAAAAAAAAAAAAF }; + + BMW_512_compress(final, H, Q); + + for(u32bit i = 0; i != OUTPUT_LENGTH; i += 8) + store_le(final[8 + i/8], output + i); + } + +/* +* Clear memory of sensitive data +*/ +void BMW_512::clear() + { + MDx_HashFunction::clear(); + M.clear(); + Q.clear(); + + H[ 0] = 0x8081828384858687; + H[ 1] = 0x88898A8B8C8D8E8F; + H[ 2] = 0x9091929394959697; + H[ 3] = 0x98999A9B9C9D9E9F; + H[ 4] = 0xA0A1A2A3A4A5A6A7; + H[ 5] = 0xA8A9AAABACADAEAF; + H[ 6] = 0xB0B1B2B3B4B5B6B7; + H[ 7] = 0xB8B9BABBBCBDBEBF; + H[ 8] = 0xC0C1C2C3C4C5C6C7; + H[ 9] = 0xC8C9CACBCCCDCECF; + H[10] = 0xD0D1D2D3D4D5D6D7; + H[11] = 0xD8D9DADBDCDDDEDF; + H[12] = 0xE0E1E2E3E4E5E6E7; + H[13] = 0xE8E9EAEBECEDEEEF; + H[14] = 0xF0F1F2F3F4F5F6F7; + H[15] = 0xF8F9FAFBFCFDFEFF; + } + +} diff --git a/src/hash/bmw/bmw_512.h b/src/hash/bmw/bmw_512.h new file mode 100644 index 000000000..55cd761a9 --- /dev/null +++ b/src/hash/bmw/bmw_512.h @@ -0,0 +1,32 @@ +/* +* Blue Midnight Wish 512 (Round 2 tweaked) +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_BMW_512_H__ +#define BOTAN_BMW_512_H__ + +#include <botan/mdx_hash.h> + +namespace Botan { + +class BMW_512 : public MDx_HashFunction + { + public: + void clear(); + std::string name() const { return "BMW512"; } + HashFunction* clone() const { return new BMW_512; } + BMW_512() : MDx_HashFunction(64, 128, false, true) { clear(); } + private: + void compress_n(const byte input[], u32bit blocks); + void copy_out(byte output[]); + + SecureBuffer<u64bit, 16> H, M; + SecureBuffer<u64bit, 32> Q; + }; + +} + +#endif diff --git a/src/hash/bmw/info.txt b/src/hash/bmw/info.txt new file mode 100644 index 000000000..7170223d7 --- /dev/null +++ b/src/hash/bmw/info.txt @@ -0,0 +1,5 @@ +define BMW_512 + +<requires> +mdx_hash +</requires> diff --git a/src/hash/fork256/fork256.cpp b/src/hash/fork256/fork256.cpp index f80bff43a..bd85dfd7c 100644 --- a/src/hash/fork256/fork256.cpp +++ b/src/hash/fork256/fork256.cpp @@ -66,9 +66,7 @@ void FORK_256::compress_n(const byte input[], u32bit blocks) G1 = G2 = G3 = G4 = digest[6]; H1 = H2 = H3 = H4 = digest[7]; - for(u32bit j = 0; j != 16; ++j) - M[j] = load_be<u32bit>(input, j); - input += HASH_BLOCK_SIZE; + load_be(M.begin(), input, M.size()); step(A1, B1, C1, D1, E1, F1, G1, H1, M[ 0], M[ 1], DELTA[ 0], DELTA[ 1]); step(A2, B2, C2, D2, E2, F2, G2, H2, M[14], M[15], DELTA[15], DELTA[14]); @@ -118,6 +116,8 @@ void FORK_256::compress_n(const byte input[], u32bit blocks) digest[5] += (F1 + F2) ^ (F3 + F4); digest[6] += (G1 + G2) ^ (G3 + G4); digest[7] += (H1 + H2) ^ (H3 + H4); + + input += HASH_BLOCK_SIZE; } } @@ -133,7 +133,7 @@ void FORK_256::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void FORK_256::clear() throw() +void FORK_256::clear() { MDx_HashFunction::clear(); digest[0] = 0x6A09E667; diff --git a/src/hash/fork256/fork256.h b/src/hash/fork256/fork256.h index 70d336cc9..f535370e6 100644 --- a/src/hash/fork256/fork256.h +++ b/src/hash/fork256/fork256.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL FORK_256 : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "FORK-256"; } HashFunction* clone() const { return new FORK_256; } FORK_256() : MDx_HashFunction(32, 64, true, true) { clear(); } diff --git a/src/hash/fork256/info.txt b/src/hash/fork256/info.txt index ae0c9f1a4..c2f8c47f2 100644 --- a/src/hash/fork256/info.txt +++ b/src/hash/fork256/info.txt @@ -1,14 +1,5 @@ -realname "FORK-256" - define FORK_256 -load_on auto - -<add> -fork256.cpp -fork256.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/gost_3411/gost_3411.cpp b/src/hash/gost_3411/gost_3411.cpp index 3c7f5f92b..16b1311da 100644 --- a/src/hash/gost_3411/gost_3411.cpp +++ b/src/hash/gost_3411/gost_3411.cpp @@ -1,6 +1,8 @@ /* * GOST 34.11 * (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ #include <botan/gost_3411.h> @@ -21,7 +23,7 @@ GOST_34_11::GOST_34_11() : position = 0; } -void GOST_34_11::clear() throw() +void GOST_34_11::clear() { cipher.clear(); sum.clear(); @@ -77,12 +79,8 @@ void GOST_34_11::compress_n(const byte input[], u32bit blocks) byte S[32] = { 0 }; u64bit U[4], V[4]; - - for(u32bit j = 0; j != 4; ++j) - { - U[j] = load_be<u64bit>(hash, j); - V[j] = load_be<u64bit>(input + 32*i, j); - } + load_be(U, hash, 4); + load_be(V, input + 32*i, 4); for(u32bit j = 0; j != 4; ++j) { diff --git a/src/hash/gost_3411/gost_3411.h b/src/hash/gost_3411/gost_3411.h index c69555052..7b17bdc1f 100644 --- a/src/hash/gost_3411/gost_3411.h +++ b/src/hash/gost_3411/gost_3411.h @@ -1,6 +1,8 @@ /** * GOST 34.11 * (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ #ifndef BOTAN_GOST_3411_H__ @@ -17,7 +19,7 @@ namespace Botan { class BOTAN_DLL GOST_34_11 : public HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "GOST-R-34.11-94" ; } HashFunction* clone() const { return new GOST_34_11; } diff --git a/src/hash/gost_3411/info.txt b/src/hash/gost_3411/info.txt index 65b9475e1..c4cb4e1a5 100644 --- a/src/hash/gost_3411/info.txt +++ b/src/hash/gost_3411/info.txt @@ -1,14 +1,5 @@ -realname "GOST 34.11" - define GOST_34_11 -load_on auto - -<add> -gost_3411.cpp -gost_3411.h -</add> - <requires> gost_28147 </requires> diff --git a/src/hash/has160/has160.cpp b/src/hash/has160/has160.cpp index 9a505d31d..ae45418ce 100644 --- a/src/hash/has160/has160.cpp +++ b/src/hash/has160/has160.cpp @@ -60,13 +60,12 @@ inline void F4(u32bit A, u32bit& B, u32bit C, u32bit D, u32bit& E, */ void HAS_160::compress_n(const byte input[], u32bit blocks) { + u32bit A = digest[0], B = digest[1], C = digest[2], + D = digest[3], E = digest[4]; + for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 16; ++j) - X[j] = load_le<u32bit>(input, j); - - u32bit A = digest[0], B = digest[1], C = digest[2], - D = digest[3], E = digest[4]; + load_le(X.begin(), input, 16); X[16] = X[ 0] ^ X[ 1] ^ X[ 2] ^ X[ 3]; X[17] = X[ 4] ^ X[ 5] ^ X[ 6] ^ X[ 7]; @@ -128,8 +127,13 @@ void HAS_160::compress_n(const byte input[], u32bit blocks) F4(E,A,B,C,D,X[11], 9); F4(D,E,A,B,C,X[ 6],14); F4(C,D,E,A,B,X[ 1], 5); F4(B,C,D,E,A,X[12],13); - digest[0] += A; digest[1] += B; digest[2] += C; - digest[3] += D; digest[4] += E; + A = (digest[0] += A); + B = (digest[1] += B); + C = (digest[2] += C); + D = (digest[3] += D); + E = (digest[4] += E); + + input += HASH_BLOCK_SIZE; } } @@ -145,7 +149,7 @@ void HAS_160::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void HAS_160::clear() throw() +void HAS_160::clear() { MDx_HashFunction::clear(); X.clear(); diff --git a/src/hash/has160/has160.h b/src/hash/has160/has160.h index 44bb63b9d..cae66c93a 100644 --- a/src/hash/has160/has160.h +++ b/src/hash/has160/has160.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL HAS_160 : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "HAS-160"; } HashFunction* clone() const { return new HAS_160; } HAS_160() : MDx_HashFunction(20, 64, false, true) { clear(); } diff --git a/src/hash/has160/info.txt b/src/hash/has160/info.txt index a945f3225..f862bdb20 100644 --- a/src/hash/has160/info.txt +++ b/src/hash/has160/info.txt @@ -1,14 +1,5 @@ -realname "HAS-160" - define HAS_160 -load_on auto - -<add> -has160.cpp -has160.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/hash.h b/src/hash/hash.h index a30234be0..1098951d8 100644 --- a/src/hash/hash.h +++ b/src/hash/hash.h @@ -38,7 +38,7 @@ class BOTAN_DLL HashFunction : public BufferedComputation /** * Reset the internal state of this object. */ - virtual void clear() throw() = 0; + virtual void clear() = 0; HashFunction(u32bit hash_len, u32bit block_len = 0) : BufferedComputation(hash_len), HASH_BLOCK_SIZE(block_len) {} diff --git a/src/hash/info.txt b/src/hash/info.txt index ce55f7ddc..0e45806f8 100644 --- a/src/hash/info.txt +++ b/src/hash/info.txt @@ -1,5 +1,3 @@ -realname "Hash Functions" - load_on auto <add> diff --git a/src/hash/md2/info.txt b/src/hash/md2/info.txt index ff33e1eb3..2359c5df7 100644 --- a/src/hash/md2/info.txt +++ b/src/hash/md2/info.txt @@ -1,10 +1 @@ -realname "MD2" - define MD2 - -load_on auto - -<add> -md2.cpp -md2.h -</add> diff --git a/src/hash/md2/md2.cpp b/src/hash/md2/md2.cpp index c67e72b5a..f03518ec0 100644 --- a/src/hash/md2/md2.cpp +++ b/src/hash/md2/md2.cpp @@ -97,7 +97,7 @@ void MD2::final_result(byte output[]) /** * Clear memory of sensitive data */ -void MD2::clear() throw() +void MD2::clear() { X.clear(); checksum.clear(); diff --git a/src/hash/md2/md2.h b/src/hash/md2/md2.h index 9337c43f4..0a7125759 100644 --- a/src/hash/md2/md2.h +++ b/src/hash/md2/md2.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL MD2 : public HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "MD2"; } HashFunction* clone() const { return new MD2; } MD2() : HashFunction(16, 16) { clear(); } diff --git a/src/hash/md4/info.txt b/src/hash/md4/info.txt index fc9cbe116..2b276e168 100644 --- a/src/hash/md4/info.txt +++ b/src/hash/md4/info.txt @@ -1,14 +1,5 @@ -realname "MD4" - define MD4 -load_on auto - -<add> -md4.cpp -md4.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/md4/md4.cpp b/src/hash/md4/md4.cpp index 39e3c8c41..f573dae25 100644 --- a/src/hash/md4/md4.cpp +++ b/src/hash/md4/md4.cpp @@ -51,35 +51,41 @@ void MD4::compress_n(const byte input[], u32bit blocks) for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 16; ++j) - M[j] = load_le<u32bit>(input, j); - input += HASH_BLOCK_SIZE; - - FF(A,B,C,D,M[ 0], 3); FF(D,A,B,C,M[ 1], 7); FF(C,D,A,B,M[ 2],11); - FF(B,C,D,A,M[ 3],19); FF(A,B,C,D,M[ 4], 3); FF(D,A,B,C,M[ 5], 7); - FF(C,D,A,B,M[ 6],11); FF(B,C,D,A,M[ 7],19); FF(A,B,C,D,M[ 8], 3); - FF(D,A,B,C,M[ 9], 7); FF(C,D,A,B,M[10],11); FF(B,C,D,A,M[11],19); - FF(A,B,C,D,M[12], 3); FF(D,A,B,C,M[13], 7); FF(C,D,A,B,M[14],11); - FF(B,C,D,A,M[15],19); - - GG(A,B,C,D,M[ 0], 3); GG(D,A,B,C,M[ 4], 5); GG(C,D,A,B,M[ 8], 9); - GG(B,C,D,A,M[12],13); GG(A,B,C,D,M[ 1], 3); GG(D,A,B,C,M[ 5], 5); - GG(C,D,A,B,M[ 9], 9); GG(B,C,D,A,M[13],13); GG(A,B,C,D,M[ 2], 3); - GG(D,A,B,C,M[ 6], 5); GG(C,D,A,B,M[10], 9); GG(B,C,D,A,M[14],13); - GG(A,B,C,D,M[ 3], 3); GG(D,A,B,C,M[ 7], 5); GG(C,D,A,B,M[11], 9); - GG(B,C,D,A,M[15],13); - - HH(A,B,C,D,M[ 0], 3); HH(D,A,B,C,M[ 8], 9); HH(C,D,A,B,M[ 4],11); - HH(B,C,D,A,M[12],15); HH(A,B,C,D,M[ 2], 3); HH(D,A,B,C,M[10], 9); - HH(C,D,A,B,M[ 6],11); HH(B,C,D,A,M[14],15); HH(A,B,C,D,M[ 1], 3); - HH(D,A,B,C,M[ 9], 9); HH(C,D,A,B,M[ 5],11); HH(B,C,D,A,M[13],15); - HH(A,B,C,D,M[ 3], 3); HH(D,A,B,C,M[11], 9); HH(C,D,A,B,M[ 7],11); - HH(B,C,D,A,M[15],15); + load_le(M.begin(), input, M.size()); + + FF(A,B,C,D,M[ 0], 3); FF(D,A,B,C,M[ 1], 7); + FF(C,D,A,B,M[ 2],11); FF(B,C,D,A,M[ 3],19); + FF(A,B,C,D,M[ 4], 3); FF(D,A,B,C,M[ 5], 7); + FF(C,D,A,B,M[ 6],11); FF(B,C,D,A,M[ 7],19); + FF(A,B,C,D,M[ 8], 3); FF(D,A,B,C,M[ 9], 7); + FF(C,D,A,B,M[10],11); FF(B,C,D,A,M[11],19); + FF(A,B,C,D,M[12], 3); FF(D,A,B,C,M[13], 7); + FF(C,D,A,B,M[14],11); FF(B,C,D,A,M[15],19); + + GG(A,B,C,D,M[ 0], 3); GG(D,A,B,C,M[ 4], 5); + GG(C,D,A,B,M[ 8], 9); GG(B,C,D,A,M[12],13); + GG(A,B,C,D,M[ 1], 3); GG(D,A,B,C,M[ 5], 5); + GG(C,D,A,B,M[ 9], 9); GG(B,C,D,A,M[13],13); + GG(A,B,C,D,M[ 2], 3); GG(D,A,B,C,M[ 6], 5); + GG(C,D,A,B,M[10], 9); GG(B,C,D,A,M[14],13); + GG(A,B,C,D,M[ 3], 3); GG(D,A,B,C,M[ 7], 5); + GG(C,D,A,B,M[11], 9); GG(B,C,D,A,M[15],13); + + HH(A,B,C,D,M[ 0], 3); HH(D,A,B,C,M[ 8], 9); + HH(C,D,A,B,M[ 4],11); HH(B,C,D,A,M[12],15); + HH(A,B,C,D,M[ 2], 3); HH(D,A,B,C,M[10], 9); + HH(C,D,A,B,M[ 6],11); HH(B,C,D,A,M[14],15); + HH(A,B,C,D,M[ 1], 3); HH(D,A,B,C,M[ 9], 9); + HH(C,D,A,B,M[ 5],11); HH(B,C,D,A,M[13],15); + HH(A,B,C,D,M[ 3], 3); HH(D,A,B,C,M[11], 9); + HH(C,D,A,B,M[ 7],11); HH(B,C,D,A,M[15],15); A = (digest[0] += A); B = (digest[1] += B); C = (digest[2] += C); D = (digest[3] += D); + + input += HASH_BLOCK_SIZE; } } @@ -95,7 +101,7 @@ void MD4::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void MD4::clear() throw() +void MD4::clear() { MDx_HashFunction::clear(); M.clear(); diff --git a/src/hash/md4/md4.h b/src/hash/md4/md4.h index df6f2292d..0b76a70e4 100644 --- a/src/hash/md4/md4.h +++ b/src/hash/md4/md4.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL MD4 : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "MD4"; } HashFunction* clone() const { return new MD4; } MD4() : MDx_HashFunction(16, 64, false, true) { clear(); } diff --git a/src/hash/md4_ia32/info.txt b/src/hash/md4_ia32/info.txt index fee7dd1a8..732285c56 100644 --- a/src/hash/md4_ia32/info.txt +++ b/src/hash/md4_ia32/info.txt @@ -1,15 +1,7 @@ -realname "MD4 (IA-32)" - define MD4_IA32 load_on asm_ok -<add> -md4_ia32_imp.S -md4_ia32.cpp -md4_ia32.h -</add> - <arch> ia32 </arch> diff --git a/src/hash/md5/info.txt b/src/hash/md5/info.txt index 525a45ab5..a4ad1462c 100644 --- a/src/hash/md5/info.txt +++ b/src/hash/md5/info.txt @@ -1,14 +1,5 @@ -realname "MD5" - define MD5 -load_on auto - -<add> -md5.cpp -md5.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/md5/md5.cpp b/src/hash/md5/md5.cpp index 7c280aab7..8c1e5a8e1 100644 --- a/src/hash/md5/md5.cpp +++ b/src/hash/md5/md5.cpp @@ -64,9 +64,7 @@ void MD5::compress_n(const byte input[], u32bit blocks) for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 16; ++j) - M[j] = load_le<u32bit>(input, j); - input += HASH_BLOCK_SIZE; + load_le(M.begin(), input, M.size()); FF(A,B,C,D,M[ 0], 7,0xD76AA478); FF(D,A,B,C,M[ 1],12,0xE8C7B756); FF(C,D,A,B,M[ 2],17,0x242070DB); FF(B,C,D,A,M[ 3],22,0xC1BDCEEE); @@ -108,6 +106,8 @@ void MD5::compress_n(const byte input[], u32bit blocks) B = (digest[1] += B); C = (digest[2] += C); D = (digest[3] += D); + + input += HASH_BLOCK_SIZE; } } @@ -123,7 +123,7 @@ void MD5::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void MD5::clear() throw() +void MD5::clear() { MDx_HashFunction::clear(); M.clear(); diff --git a/src/hash/md5/md5.h b/src/hash/md5/md5.h index 85f684d8b..456a02c28 100644 --- a/src/hash/md5/md5.h +++ b/src/hash/md5/md5.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL MD5 : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "MD5"; } HashFunction* clone() const { return new MD5; } MD5() : MDx_HashFunction(16, 64, false, true) { clear(); } diff --git a/src/hash/md5_ia32/info.txt b/src/hash/md5_ia32/info.txt index ad9923b26..48a8b4a10 100644 --- a/src/hash/md5_ia32/info.txt +++ b/src/hash/md5_ia32/info.txt @@ -1,15 +1,7 @@ -realname "MD5 (IA-32)" - define MD5_IA32 load_on asm_ok -<add> -md5_ia32_imp.S -md5_ia32.cpp -md5_ia32.h -</add> - <arch> ia32 </arch> diff --git a/src/hash/mdx_hash/info.txt b/src/hash/mdx_hash/info.txt index 412c93350..0c30a1a54 100644 --- a/src/hash/mdx_hash/info.txt +++ b/src/hash/mdx_hash/info.txt @@ -1,10 +1,3 @@ -realname "MDx Hash Base" - define MDX_HASH_FUNCTION load_on dep - -<add> -mdx_hash.cpp -mdx_hash.h -</add> diff --git a/src/hash/mdx_hash/mdx_hash.cpp b/src/hash/mdx_hash/mdx_hash.cpp index b630ec227..28402c2c5 100644 --- a/src/hash/mdx_hash/mdx_hash.cpp +++ b/src/hash/mdx_hash/mdx_hash.cpp @@ -28,7 +28,7 @@ MDx_HashFunction::MDx_HashFunction(u32bit hash_len, u32bit block_len, /** * Clear memory of sensitive data */ -void MDx_HashFunction::clear() throw() +void MDx_HashFunction::clear() { buffer.clear(); count = position = 0; diff --git a/src/hash/mdx_hash/mdx_hash.h b/src/hash/mdx_hash/mdx_hash.h index 0c3aa7806..2d70deed3 100644 --- a/src/hash/mdx_hash/mdx_hash.h +++ b/src/hash/mdx_hash/mdx_hash.h @@ -25,7 +25,7 @@ class BOTAN_DLL MDx_HashFunction : public HashFunction void final_result(byte output[]); virtual void compress_n(const byte block[], u32bit block_n) = 0; - void clear() throw(); + void clear(); virtual void copy_out(byte[]) = 0; virtual void write_count(byte[]); private: diff --git a/src/hash/par_hash/info.txt b/src/hash/par_hash/info.txt index 45716aac8..d641a9cee 100644 --- a/src/hash/par_hash/info.txt +++ b/src/hash/par_hash/info.txt @@ -1,10 +1 @@ -realname "Parallel Hash" - define PARALLEL_HASH - -load_on auto - -<add> -par_hash.cpp -par_hash.h -</add> diff --git a/src/hash/par_hash/par_hash.cpp b/src/hash/par_hash/par_hash.cpp index 4b0c7c466..0ba3f5a4f 100644 --- a/src/hash/par_hash/par_hash.cpp +++ b/src/hash/par_hash/par_hash.cpp @@ -77,7 +77,7 @@ HashFunction* Parallel::clone() const /* * Clear memory of sensitive data */ -void Parallel::clear() throw() +void Parallel::clear() { for(u32bit j = 0; j != hashes.size(); ++j) hashes[j]->clear(); diff --git a/src/hash/par_hash/par_hash.h b/src/hash/par_hash/par_hash.h index 7e75c27be..874e491b1 100644 --- a/src/hash/par_hash/par_hash.h +++ b/src/hash/par_hash/par_hash.h @@ -19,7 +19,7 @@ namespace Botan { class BOTAN_DLL Parallel : public HashFunction { public: - void clear() throw(); + void clear(); std::string name() const; HashFunction* clone() const; diff --git a/src/hash/rmd128/info.txt b/src/hash/rmd128/info.txt index 402271da5..11e4181f4 100644 --- a/src/hash/rmd128/info.txt +++ b/src/hash/rmd128/info.txt @@ -1,14 +1,5 @@ -realname "RIPEMD-128" - define RIPEMD_128 -load_on auto - -<add> -rmd128.cpp -rmd128.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/rmd128/rmd128.cpp b/src/hash/rmd128/rmd128.cpp index 8b2c0ccf8..7e9da3bdd 100644 --- a/src/hash/rmd128/rmd128.cpp +++ b/src/hash/rmd128/rmd128.cpp @@ -60,18 +60,16 @@ inline void F4(u32bit& A, u32bit B, u32bit C, u32bit D, */ void RIPEMD_128::compress_n(const byte input[], u32bit blocks) { + const u32bit MAGIC2 = 0x5A827999, MAGIC3 = 0x6ED9EBA1, + MAGIC4 = 0x8F1BBCDC, MAGIC5 = 0x50A28BE6, + MAGIC6 = 0x5C4DD124, MAGIC7 = 0x6D703EF3; + for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 16; ++j) - M[j] = load_le<u32bit>(input, j); - input += HASH_BLOCK_SIZE; + load_le(M.begin(), input, M.size()); u32bit A1 = digest[0], A2 = A1, B1 = digest[1], B2 = B1, - C1 = digest[2], C2 = C1, D1 = digest[3], D2 = D1; - - const u32bit MAGIC2 = 0x5A827999, MAGIC3 = 0x6ED9EBA1, - MAGIC4 = 0x8F1BBCDC, MAGIC5 = 0x50A28BE6, - MAGIC6 = 0x5C4DD124, MAGIC7 = 0x6D703EF3; + C1 = digest[2], C2 = C1, D1 = digest[3], D2 = D1; F1(A1,B1,C1,D1,M[ 0],11 ); F4(A2,B2,C2,D2,M[ 5], 8,MAGIC5); F1(D1,A1,B1,C1,M[ 1],14 ); F4(D2,A2,B2,C2,M[14], 9,MAGIC5); @@ -141,9 +139,13 @@ void RIPEMD_128::compress_n(const byte input[], u32bit blocks) F4(C1,D1,A1,B1,M[ 6], 5,MAGIC4); F1(C2,D2,A2,B2,M[10],15 ); F4(B1,C1,D1,A1,M[ 2],12,MAGIC4); F1(B2,C2,D2,A2,M[14], 8 ); - D2 = digest[1] + C1 + D2; digest[1] = digest[2] + D1 + A2; - digest[2] = digest[3] + A1 + B2; digest[3] = digest[0] + B1 + C2; + D2 = digest[1] + C1 + D2; + digest[1] = digest[2] + D1 + A2; + digest[2] = digest[3] + A1 + B2; + digest[3] = digest[0] + B1 + C2; digest[0] = D2; + + input += HASH_BLOCK_SIZE; } } @@ -159,7 +161,7 @@ void RIPEMD_128::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void RIPEMD_128::clear() throw() +void RIPEMD_128::clear() { MDx_HashFunction::clear(); M.clear(); diff --git a/src/hash/rmd128/rmd128.h b/src/hash/rmd128/rmd128.h index 031ae5746..d9cb4ebb4 100644 --- a/src/hash/rmd128/rmd128.h +++ b/src/hash/rmd128/rmd128.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL RIPEMD_128 : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "RIPEMD-128"; } HashFunction* clone() const { return new RIPEMD_128; } RIPEMD_128() : MDx_HashFunction(16, 64, false, true) { clear(); } diff --git a/src/hash/rmd160/info.txt b/src/hash/rmd160/info.txt index af4b5c230..28be6854d 100644 --- a/src/hash/rmd160/info.txt +++ b/src/hash/rmd160/info.txt @@ -1,14 +1,5 @@ -realname "RIPEMD-160" - define RIPEMD_160 -load_on auto - -<add> -rmd160.cpp -rmd160.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/rmd160/rmd160.cpp b/src/hash/rmd160/rmd160.cpp index 863de8487..5237f1e12 100644 --- a/src/hash/rmd160/rmd160.cpp +++ b/src/hash/rmd160/rmd160.cpp @@ -82,9 +82,7 @@ void RIPEMD_160::compress_n(const byte input[], u32bit blocks) for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 16; ++j) - M[j] = load_le<u32bit>(input, j); - input += HASH_BLOCK_SIZE; + load_le(M.begin(), input, M.size()); u32bit A1 = digest[0], A2 = A1, B1 = digest[1], B2 = B1, C1 = digest[2], C2 = C1, D1 = digest[3], D2 = D1, @@ -181,6 +179,8 @@ void RIPEMD_160::compress_n(const byte input[], u32bit blocks) digest[3] = digest[4] + A1 + B2; digest[4] = digest[0] + B1 + C2; digest[0] = C1; + + input += HASH_BLOCK_SIZE; } } @@ -196,7 +196,7 @@ void RIPEMD_160::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void RIPEMD_160::clear() throw() +void RIPEMD_160::clear() { MDx_HashFunction::clear(); M.clear(); diff --git a/src/hash/rmd160/rmd160.h b/src/hash/rmd160/rmd160.h index f2babc582..aee007b98 100644 --- a/src/hash/rmd160/rmd160.h +++ b/src/hash/rmd160/rmd160.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL RIPEMD_160 : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "RIPEMD-160"; } HashFunction* clone() const { return new RIPEMD_160; } RIPEMD_160() : MDx_HashFunction(20, 64, false, true) { clear(); } diff --git a/src/hash/sha1/info.txt b/src/hash/sha1/info.txt index a0ae30b4b..56403db21 100644 --- a/src/hash/sha1/info.txt +++ b/src/hash/sha1/info.txt @@ -1,14 +1,5 @@ -realname "SHA-1" - define SHA1 -load_on auto - -<add> -sha160.cpp -sha160.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/sha1/sha160.cpp b/src/hash/sha1/sha160.cpp index 45323a11b..ff44593f6 100644 --- a/src/hash/sha1/sha160.cpp +++ b/src/hash/sha1/sha160.cpp @@ -61,60 +61,71 @@ void SHA_160::compress_n(const byte input[], u32bit blocks) for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 16; j += 4) - { - W[j ] = load_be<u32bit>(input, j); - W[j+1] = load_be<u32bit>(input, j+1); - W[j+2] = load_be<u32bit>(input, j+2); - W[j+3] = load_be<u32bit>(input, j+3); - } - input += HASH_BLOCK_SIZE; + load_be(W.begin(), input, 16); - for(u32bit j = 16; j != 80; j += 4) + for(u32bit j = 16; j != 80; j += 8) { W[j ] = rotate_left((W[j-3] ^ W[j-8] ^ W[j-14] ^ W[j-16]), 1); W[j+1] = rotate_left((W[j-2] ^ W[j-7] ^ W[j-13] ^ W[j-15]), 1); W[j+2] = rotate_left((W[j-1] ^ W[j-6] ^ W[j-12] ^ W[j-14]), 1); W[j+3] = rotate_left((W[j ] ^ W[j-5] ^ W[j-11] ^ W[j-13]), 1); + W[j+4] = rotate_left((W[j+1] ^ W[j-4] ^ W[j-10] ^ W[j-12]), 1); + W[j+5] = rotate_left((W[j+2] ^ W[j-3] ^ W[j- 9] ^ W[j-11]), 1); + W[j+6] = rotate_left((W[j+3] ^ W[j-2] ^ W[j- 8] ^ W[j-10]), 1); + W[j+7] = rotate_left((W[j+4] ^ W[j-1] ^ W[j- 7] ^ W[j- 9]), 1); } - F1(A,B,C,D,E,W[ 0]); F1(E,A,B,C,D,W[ 1]); F1(D,E,A,B,C,W[ 2]); - F1(C,D,E,A,B,W[ 3]); F1(B,C,D,E,A,W[ 4]); F1(A,B,C,D,E,W[ 5]); - F1(E,A,B,C,D,W[ 6]); F1(D,E,A,B,C,W[ 7]); F1(C,D,E,A,B,W[ 8]); - F1(B,C,D,E,A,W[ 9]); F1(A,B,C,D,E,W[10]); F1(E,A,B,C,D,W[11]); - F1(D,E,A,B,C,W[12]); F1(C,D,E,A,B,W[13]); F1(B,C,D,E,A,W[14]); - F1(A,B,C,D,E,W[15]); F1(E,A,B,C,D,W[16]); F1(D,E,A,B,C,W[17]); - F1(C,D,E,A,B,W[18]); F1(B,C,D,E,A,W[19]); - - F2(A,B,C,D,E,W[20]); F2(E,A,B,C,D,W[21]); F2(D,E,A,B,C,W[22]); - F2(C,D,E,A,B,W[23]); F2(B,C,D,E,A,W[24]); F2(A,B,C,D,E,W[25]); - F2(E,A,B,C,D,W[26]); F2(D,E,A,B,C,W[27]); F2(C,D,E,A,B,W[28]); - F2(B,C,D,E,A,W[29]); F2(A,B,C,D,E,W[30]); F2(E,A,B,C,D,W[31]); - F2(D,E,A,B,C,W[32]); F2(C,D,E,A,B,W[33]); F2(B,C,D,E,A,W[34]); - F2(A,B,C,D,E,W[35]); F2(E,A,B,C,D,W[36]); F2(D,E,A,B,C,W[37]); - F2(C,D,E,A,B,W[38]); F2(B,C,D,E,A,W[39]); - - F3(A,B,C,D,E,W[40]); F3(E,A,B,C,D,W[41]); F3(D,E,A,B,C,W[42]); - F3(C,D,E,A,B,W[43]); F3(B,C,D,E,A,W[44]); F3(A,B,C,D,E,W[45]); - F3(E,A,B,C,D,W[46]); F3(D,E,A,B,C,W[47]); F3(C,D,E,A,B,W[48]); - F3(B,C,D,E,A,W[49]); F3(A,B,C,D,E,W[50]); F3(E,A,B,C,D,W[51]); - F3(D,E,A,B,C,W[52]); F3(C,D,E,A,B,W[53]); F3(B,C,D,E,A,W[54]); - F3(A,B,C,D,E,W[55]); F3(E,A,B,C,D,W[56]); F3(D,E,A,B,C,W[57]); - F3(C,D,E,A,B,W[58]); F3(B,C,D,E,A,W[59]); - - F4(A,B,C,D,E,W[60]); F4(E,A,B,C,D,W[61]); F4(D,E,A,B,C,W[62]); - F4(C,D,E,A,B,W[63]); F4(B,C,D,E,A,W[64]); F4(A,B,C,D,E,W[65]); - F4(E,A,B,C,D,W[66]); F4(D,E,A,B,C,W[67]); F4(C,D,E,A,B,W[68]); - F4(B,C,D,E,A,W[69]); F4(A,B,C,D,E,W[70]); F4(E,A,B,C,D,W[71]); - F4(D,E,A,B,C,W[72]); F4(C,D,E,A,B,W[73]); F4(B,C,D,E,A,W[74]); - F4(A,B,C,D,E,W[75]); F4(E,A,B,C,D,W[76]); F4(D,E,A,B,C,W[77]); - F4(C,D,E,A,B,W[78]); F4(B,C,D,E,A,W[79]); + F1(A, B, C, D, E, W[ 0]); F1(E, A, B, C, D, W[ 1]); + F1(D, E, A, B, C, W[ 2]); F1(C, D, E, A, B, W[ 3]); + F1(B, C, D, E, A, W[ 4]); F1(A, B, C, D, E, W[ 5]); + F1(E, A, B, C, D, W[ 6]); F1(D, E, A, B, C, W[ 7]); + F1(C, D, E, A, B, W[ 8]); F1(B, C, D, E, A, W[ 9]); + F1(A, B, C, D, E, W[10]); F1(E, A, B, C, D, W[11]); + F1(D, E, A, B, C, W[12]); F1(C, D, E, A, B, W[13]); + F1(B, C, D, E, A, W[14]); F1(A, B, C, D, E, W[15]); + F1(E, A, B, C, D, W[16]); F1(D, E, A, B, C, W[17]); + F1(C, D, E, A, B, W[18]); F1(B, C, D, E, A, W[19]); + + F2(A, B, C, D, E, W[20]); F2(E, A, B, C, D, W[21]); + F2(D, E, A, B, C, W[22]); F2(C, D, E, A, B, W[23]); + F2(B, C, D, E, A, W[24]); F2(A, B, C, D, E, W[25]); + F2(E, A, B, C, D, W[26]); F2(D, E, A, B, C, W[27]); + F2(C, D, E, A, B, W[28]); F2(B, C, D, E, A, W[29]); + F2(A, B, C, D, E, W[30]); F2(E, A, B, C, D, W[31]); + F2(D, E, A, B, C, W[32]); F2(C, D, E, A, B, W[33]); + F2(B, C, D, E, A, W[34]); F2(A, B, C, D, E, W[35]); + F2(E, A, B, C, D, W[36]); F2(D, E, A, B, C, W[37]); + F2(C, D, E, A, B, W[38]); F2(B, C, D, E, A, W[39]); + + F3(A, B, C, D, E, W[40]); F3(E, A, B, C, D, W[41]); + F3(D, E, A, B, C, W[42]); F3(C, D, E, A, B, W[43]); + F3(B, C, D, E, A, W[44]); F3(A, B, C, D, E, W[45]); + F3(E, A, B, C, D, W[46]); F3(D, E, A, B, C, W[47]); + F3(C, D, E, A, B, W[48]); F3(B, C, D, E, A, W[49]); + F3(A, B, C, D, E, W[50]); F3(E, A, B, C, D, W[51]); + F3(D, E, A, B, C, W[52]); F3(C, D, E, A, B, W[53]); + F3(B, C, D, E, A, W[54]); F3(A, B, C, D, E, W[55]); + F3(E, A, B, C, D, W[56]); F3(D, E, A, B, C, W[57]); + F3(C, D, E, A, B, W[58]); F3(B, C, D, E, A, W[59]); + + F4(A, B, C, D, E, W[60]); F4(E, A, B, C, D, W[61]); + F4(D, E, A, B, C, W[62]); F4(C, D, E, A, B, W[63]); + F4(B, C, D, E, A, W[64]); F4(A, B, C, D, E, W[65]); + F4(E, A, B, C, D, W[66]); F4(D, E, A, B, C, W[67]); + F4(C, D, E, A, B, W[68]); F4(B, C, D, E, A, W[69]); + F4(A, B, C, D, E, W[70]); F4(E, A, B, C, D, W[71]); + F4(D, E, A, B, C, W[72]); F4(C, D, E, A, B, W[73]); + F4(B, C, D, E, A, W[74]); F4(A, B, C, D, E, W[75]); + F4(E, A, B, C, D, W[76]); F4(D, E, A, B, C, W[77]); + F4(C, D, E, A, B, W[78]); F4(B, C, D, E, A, W[79]); A = (digest[0] += A); B = (digest[1] += B); C = (digest[2] += C); D = (digest[3] += D); E = (digest[4] += E); + + input += HASH_BLOCK_SIZE; } } @@ -130,7 +141,7 @@ void SHA_160::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void SHA_160::clear() throw() +void SHA_160::clear() { MDx_HashFunction::clear(); W.clear(); diff --git a/src/hash/sha1/sha160.h b/src/hash/sha1/sha160.h index 232cf0322..142c6bf17 100644 --- a/src/hash/sha1/sha160.h +++ b/src/hash/sha1/sha160.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL SHA_160 : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "SHA-160"; } HashFunction* clone() const { return new SHA_160; } SHA_160(); diff --git a/src/hash/sha1_amd64/info.txt b/src/hash/sha1_amd64/info.txt index ddbc7d380..e54b032ca 100644 --- a/src/hash/sha1_amd64/info.txt +++ b/src/hash/sha1_amd64/info.txt @@ -1,15 +1,7 @@ -realname "SHA-1 (x86-64 assembler)" - define SHA1_AMD64 load_on asm_ok -<add> -sha1_amd64_imp.S -sha1_amd64.cpp -sha1_amd64.h -</add> - <arch> amd64 </arch> diff --git a/src/hash/sha1_ia32/info.txt b/src/hash/sha1_ia32/info.txt index bfb321145..0361395fe 100644 --- a/src/hash/sha1_ia32/info.txt +++ b/src/hash/sha1_ia32/info.txt @@ -1,15 +1,7 @@ -realname "SHA-1 (IA-32)" - define SHA1_IA32 load_on asm_ok -<add> -sha1_ia32_imp.S -sha1_ia32.cpp -sha1_ia32.h -</add> - <arch> ia32 </arch> diff --git a/src/hash/sha1_sse2/info.txt b/src/hash/sha1_sse2/info.txt index b8d693b70..ee61076b4 100644 --- a/src/hash/sha1_sse2/info.txt +++ b/src/hash/sha1_sse2/info.txt @@ -1,14 +1,9 @@ -realname "SHA-1 (SSE2)" - define SHA1_SSE2 -load_on auto - -<add> -sha1_sse2_imp.cpp -sha1_sse2.cpp -sha1_sse2.h -</add> +<requires> +sha1 +simd_engine +</requires> <arch> pentium-m @@ -20,9 +15,5 @@ amd64 <cc> gcc icc +msvc </cc> - -<requires> -sha1 -sse2_eng -</requires> diff --git a/src/hash/sha1_sse2/sha1_sse2.cpp b/src/hash/sha1_sse2/sha1_sse2.cpp index dddc06b7b..fc6466dd0 100644 --- a/src/hash/sha1_sse2/sha1_sse2.cpp +++ b/src/hash/sha1_sse2/sha1_sse2.cpp @@ -1,23 +1,278 @@ /* -* SHA-160 (SSE2) -* (C) 1999-2007 Jack Lloyd +* SHA-1 using SSE2 +* (C) 2009 Jack Lloyd * * Distributed under the terms of the Botan license +* +* Based on public domain code by Dean Gaudet <[email protected]> +* Source - http://arctic.org/~dean/crypto/sha1.html */ #include <botan/sha1_sse2.h> +#include <botan/rotate.h> +#include <emmintrin.h> namespace Botan { +namespace { + +/* +First 16 bytes just need byte swapping. Preparing just means +adding in the round constants. +*/ + +#define prep00_15(P, W) \ + do { \ + W = _mm_shufflehi_epi16(W, _MM_SHUFFLE(2, 3, 0, 1)); \ + W = _mm_shufflelo_epi16(W, _MM_SHUFFLE(2, 3, 0, 1)); \ + W = _mm_or_si128(_mm_slli_epi16(W, 8), \ + _mm_srli_epi16(W, 8)); \ + P.u128 = _mm_add_epi32(W, K00_19); \ + } while(0) + +/* +for each multiple of 4, t, we want to calculate this: + +W[t+0] = rol(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16], 1); +W[t+1] = rol(W[t-2] ^ W[t-7] ^ W[t-13] ^ W[t-15], 1); +W[t+2] = rol(W[t-1] ^ W[t-6] ^ W[t-12] ^ W[t-14], 1); +W[t+3] = rol(W[t] ^ W[t-5] ^ W[t-11] ^ W[t-13], 1); + +we'll actually calculate this: + +W[t+0] = rol(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16], 1); +W[t+1] = rol(W[t-2] ^ W[t-7] ^ W[t-13] ^ W[t-15], 1); +W[t+2] = rol(W[t-1] ^ W[t-6] ^ W[t-12] ^ W[t-14], 1); +W[t+3] = rol( 0 ^ W[t-5] ^ W[t-11] ^ W[t-13], 1); +W[t+3] ^= rol(W[t+0], 1); + +the parameters are: + +W0 = &W[t-16]; +W1 = &W[t-12]; +W2 = &W[t- 8]; +W3 = &W[t- 4]; + +and on output: +prepared = W0 + K +W0 = W[t]..W[t+3] +*/ + +/* note that there is a step here where i want to do a rol by 1, which +* normally would look like this: +* +* r1 = psrld r0,$31 +* r0 = pslld r0,$1 +* r0 = por r0,r1 +* +* but instead i do this: +* +* r1 = pcmpltd r0,zero +* r0 = paddd r0,r0 +* r0 = psub r0,r1 +* +* because pcmpltd and paddd are availabe in both MMX units on +* efficeon, pentium-m, and opteron but shifts are available in +* only one unit. +*/ +#define prep(prep, XW0, XW1, XW2, XW3, K) \ + do { \ + __m128i r0, r1, r2, r3; \ + \ + /* load W[t-4] 16-byte aligned, and shift */ \ + r3 = _mm_srli_si128((XW3), 4); \ + r0 = (XW0); \ + /* get high 64-bits of XW0 into low 64-bits */ \ + r1 = _mm_shuffle_epi32((XW0), _MM_SHUFFLE(1,0,3,2)); \ + /* load high 64-bits of r1 */ \ + r1 = _mm_unpacklo_epi64(r1, (XW1)); \ + r2 = (XW2); \ + \ + r0 = _mm_xor_si128(r1, r0); \ + r2 = _mm_xor_si128(r3, r2); \ + r0 = _mm_xor_si128(r2, r0); \ + /* unrotated W[t]..W[t+2] in r0 ... still need W[t+3] */ \ + \ + r2 = _mm_slli_si128(r0, 12); \ + r1 = _mm_cmplt_epi32(r0, _mm_setzero_si128()); \ + r0 = _mm_add_epi32(r0, r0); /* shift left by 1 */ \ + r0 = _mm_sub_epi32(r0, r1); /* r0 has W[t]..W[t+2] */ \ + \ + r3 = _mm_srli_epi32(r2, 30); \ + r2 = _mm_slli_epi32(r2, 2); \ + \ + r0 = _mm_xor_si128(r0, r3); \ + r0 = _mm_xor_si128(r0, r2); /* r0 now has W[t+3] */ \ + \ + (XW0) = r0; \ + (prep).u128 = _mm_add_epi32(r0, K); \ + } while(0) + +/* +* SHA-160 F1 Function +*/ +inline void F1(u32bit A, u32bit& B, u32bit C, u32bit D, u32bit& E, u32bit msg) + { + E += (D ^ (B & (C ^ D))) + msg + rotate_left(A, 5); + B = rotate_left(B, 30); + } + /* -* SHA-160 Compression Function +* SHA-160 F2 Function */ -void SHA_160_SSE2::compress_n(const byte input[], u32bit blocks) +inline void F2(u32bit A, u32bit& B, u32bit C, u32bit D, u32bit& E, u32bit msg) { + E += (B ^ C ^ D) + msg + rotate_left(A, 5); + B = rotate_left(B, 30); + } + +/* +* SHA-160 F3 Function +*/ +inline void F3(u32bit A, u32bit& B, u32bit C, u32bit D, u32bit& E, u32bit msg) + { + E += ((B & C) | ((B | C) & D)) + msg + rotate_left(A, 5); + B = rotate_left(B, 30); + } + +/* +* SHA-160 F4 Function +*/ +inline void F4(u32bit A, u32bit& B, u32bit C, u32bit D, u32bit& E, u32bit msg) + { + E += (B ^ C ^ D) + msg + rotate_left(A, 5); + B = rotate_left(B, 30); + } + +} + +/* +* SHA-160 Compression Function using SSE for message expansion +*/ +void SHA_160_SSE2::compress_n(const byte input_bytes[], u32bit blocks) + { + const __m128i K00_19 = _mm_set1_epi32(0x5A827999); + const __m128i K20_39 = _mm_set1_epi32(0x6ED9EBA1); + const __m128i K40_59 = _mm_set1_epi32(0x8F1BBCDC); + const __m128i K60_79 = _mm_set1_epi32(0xCA62C1D6); + + u32bit A = digest[0], B = digest[1], C = digest[2], + D = digest[3], E = digest[4]; + + const __m128i* input = (const __m128i *)input_bytes; + for(u32bit i = 0; i != blocks; ++i) { - botan_sha1_sse2_compress(digest, reinterpret_cast<const u32bit*>(input)); - input += HASH_BLOCK_SIZE; + + /* I've tried arranging the SSE2 code to be 4, 8, 12, and 16 + * steps ahead of the integer code. 12 steps ahead seems to + * produce the best performance. -dean + * + * Todo: check this is still true on Barcelona and Core2 -Jack + */ + + union v4si { + u32bit u32[4]; + __m128i u128; + }; + + v4si P0, P1, P2; + + __m128i W0 = _mm_loadu_si128(&input[0]); + prep00_15(P0, W0); + + __m128i W1 = _mm_loadu_si128(&input[1]); + prep00_15(P1, W1); + + __m128i W2 = _mm_loadu_si128(&input[2]); + prep00_15(P2, W2); + + __m128i W3 = _mm_loadu_si128(&input[3]); + + F1(A, B, C, D, E, P0.u32[0]); F1(E, A, B, C, D, P0.u32[1]); + F1(D, E, A, B, C, P0.u32[2]); F1(C, D, E, A, B, P0.u32[3]); + prep00_15(P0, W3); + + F1(B, C, D, E, A, P1.u32[0]); F1(A, B, C, D, E, P1.u32[1]); + F1(E, A, B, C, D, P1.u32[2]); F1(D, E, A, B, C, P1.u32[3]); + prep(P1, W0, W1, W2, W3, K00_19); + + F1(C, D, E, A, B, P2.u32[0]); F1(B, C, D, E, A, P2.u32[1]); + F1(A, B, C, D, E, P2.u32[2]); F1(E, A, B, C, D, P2.u32[3]); + prep(P2, W1, W2, W3, W0, K20_39); + + F1(D, E, A, B, C, P0.u32[0]); F1(C, D, E, A, B, P0.u32[1]); + F1(B, C, D, E, A, P0.u32[2]); F1(A, B, C, D, E, P0.u32[3]); + prep(P0, W2, W3, W0, W1, K20_39); + + F1(E, A, B, C, D, P1.u32[0]); F1(D, E, A, B, C, P1.u32[1]); + F1(C, D, E, A, B, P1.u32[2]); F1(B, C, D, E, A, P1.u32[3]); + prep(P1, W3, W0, W1, W2, K20_39); + + F2(A, B, C, D, E, P2.u32[0]); F2(E, A, B, C, D, P2.u32[1]); + F2(D, E, A, B, C, P2.u32[2]); F2(C, D, E, A, B, P2.u32[3]); + prep(P2, W0, W1, W2, W3, K20_39); + + F2(B, C, D, E, A, P0.u32[0]); F2(A, B, C, D, E, P0.u32[1]); + F2(E, A, B, C, D, P0.u32[2]); F2(D, E, A, B, C, P0.u32[3]); + prep(P0, W1, W2, W3, W0, K20_39); + + F2(C, D, E, A, B, P1.u32[0]); F2(B, C, D, E, A, P1.u32[1]); + F2(A, B, C, D, E, P1.u32[2]); F2(E, A, B, C, D, P1.u32[3]); + prep(P1, W2, W3, W0, W1, K40_59); + + F2(D, E, A, B, C, P2.u32[0]); F2(C, D, E, A, B, P2.u32[1]); + F2(B, C, D, E, A, P2.u32[2]); F2(A, B, C, D, E, P2.u32[3]); + prep(P2, W3, W0, W1, W2, K40_59); + + F2(E, A, B, C, D, P0.u32[0]); F2(D, E, A, B, C, P0.u32[1]); + F2(C, D, E, A, B, P0.u32[2]); F2(B, C, D, E, A, P0.u32[3]); + prep(P0, W0, W1, W2, W3, K40_59); + + F3(A, B, C, D, E, P1.u32[0]); F3(E, A, B, C, D, P1.u32[1]); + F3(D, E, A, B, C, P1.u32[2]); F3(C, D, E, A, B, P1.u32[3]); + prep(P1, W1, W2, W3, W0, K40_59); + + F3(B, C, D, E, A, P2.u32[0]); F3(A, B, C, D, E, P2.u32[1]); + F3(E, A, B, C, D, P2.u32[2]); F3(D, E, A, B, C, P2.u32[3]); + prep(P2, W2, W3, W0, W1, K40_59); + + F3(C, D, E, A, B, P0.u32[0]); F3(B, C, D, E, A, P0.u32[1]); + F3(A, B, C, D, E, P0.u32[2]); F3(E, A, B, C, D, P0.u32[3]); + prep(P0, W3, W0, W1, W2, K60_79); + + F3(D, E, A, B, C, P1.u32[0]); F3(C, D, E, A, B, P1.u32[1]); + F3(B, C, D, E, A, P1.u32[2]); F3(A, B, C, D, E, P1.u32[3]); + prep(P1, W0, W1, W2, W3, K60_79); + + F3(E, A, B, C, D, P2.u32[0]); F3(D, E, A, B, C, P2.u32[1]); + F3(C, D, E, A, B, P2.u32[2]); F3(B, C, D, E, A, P2.u32[3]); + prep(P2, W1, W2, W3, W0, K60_79); + + F4(A, B, C, D, E, P0.u32[0]); F4(E, A, B, C, D, P0.u32[1]); + F4(D, E, A, B, C, P0.u32[2]); F4(C, D, E, A, B, P0.u32[3]); + prep(P0, W2, W3, W0, W1, K60_79); + + F4(B, C, D, E, A, P1.u32[0]); F4(A, B, C, D, E, P1.u32[1]); + F4(E, A, B, C, D, P1.u32[2]); F4(D, E, A, B, C, P1.u32[3]); + prep(P1, W3, W0, W1, W2, K60_79); + + F4(C, D, E, A, B, P2.u32[0]); F4(B, C, D, E, A, P2.u32[1]); + F4(A, B, C, D, E, P2.u32[2]); F4(E, A, B, C, D, P2.u32[3]); + + F4(D, E, A, B, C, P0.u32[0]); F4(C, D, E, A, B, P0.u32[1]); + F4(B, C, D, E, A, P0.u32[2]); F4(A, B, C, D, E, P0.u32[3]); + + F4(E, A, B, C, D, P1.u32[0]); F4(D, E, A, B, C, P1.u32[1]); + F4(C, D, E, A, B, P1.u32[2]); F4(B, C, D, E, A, P1.u32[3]); + + A = (digest[0] += A); + B = (digest[1] += B); + C = (digest[2] += C); + D = (digest[3] += D); + E = (digest[4] += E); + + input += (HASH_BLOCK_SIZE / 16); } } diff --git a/src/hash/sha1_sse2/sha1_sse2_imp.cpp b/src/hash/sha1_sse2/sha1_sse2_imp.cpp deleted file mode 100644 index 90a8dccd5..000000000 --- a/src/hash/sha1_sse2/sha1_sse2_imp.cpp +++ /dev/null @@ -1,331 +0,0 @@ -/* this code is public domain. - - * dean gaudet <[email protected]> - - * this code was inspired by this paper: - - * SHA: A Design for Parallel Architectures? - * Antoon Bosselaers, Ren�e Govaerts and Joos Vandewalle - * <http://www.esat.kuleuven.ac.be/~cosicart/pdf/AB-9700.pdf> - - * more information available on this implementation here: - - * http://arctic.org/~dean/crypto/sha1.html - - * version: 2 - */ - -/* - * Lightly modified for Botan, tested under GCC 4.1.1 and ICC 9.1 - * on a Linux/Core2 system. - - */ -#include <botan/sha1_sse2.h> -#include <xmmintrin.h> - -namespace Botan { - -namespace { - -typedef union { - u32bit u32[4]; - __m128i u128; - } v4si __attribute__((aligned(16))); - -static const v4si K00_19 = { { 0x5a827999, 0x5a827999, 0x5a827999, 0x5a827999 } }; -static const v4si K20_39 = { { 0x6ed9eba1, 0x6ed9eba1, 0x6ed9eba1, 0x6ed9eba1 } }; -static const v4si K40_59 = { { 0x8f1bbcdc, 0x8f1bbcdc, 0x8f1bbcdc, 0x8f1bbcdc } }; -static const v4si K60_79 = { { 0xca62c1d6, 0xca62c1d6, 0xca62c1d6, 0xca62c1d6 } }; - -#define UNALIGNED 1 -#if UNALIGNED -#define load(p) _mm_loadu_si128(p) -#else -#define load(p) (*p) -#endif - - -/* -the first 16 bytes only need byte swapping - -prepared points to 4x u32bit, 16-byte aligned - -W points to the 4 dwords which need preparing -- -and is overwritten with the swapped bytes -*/ -#define prep00_15(prep, W) do { \ - __m128i r1, r2; \ - \ - r1 = (W); \ - if (1) { \ - r1 = _mm_shufflehi_epi16(r1, _MM_SHUFFLE(2, 3, 0, 1)); \ - r1 = _mm_shufflelo_epi16(r1, _MM_SHUFFLE(2, 3, 0, 1)); \ - r2 = _mm_slli_epi16(r1, 8); \ - r1 = _mm_srli_epi16(r1, 8); \ - r1 = _mm_or_si128(r1, r2); \ - (W) = r1; \ - } \ - (prep).u128 = _mm_add_epi32(K00_19.u128, r1); \ - } while(0) - - - -/* -for each multiple of 4, t, we want to calculate this: - -W[t+0] = rol(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16], 1); -W[t+1] = rol(W[t-2] ^ W[t-7] ^ W[t-13] ^ W[t-15], 1); -W[t+2] = rol(W[t-1] ^ W[t-6] ^ W[t-12] ^ W[t-14], 1); -W[t+3] = rol(W[t] ^ W[t-5] ^ W[t-11] ^ W[t-13], 1); - -we'll actually calculate this: - -W[t+0] = rol(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16], 1); -W[t+1] = rol(W[t-2] ^ W[t-7] ^ W[t-13] ^ W[t-15], 1); -W[t+2] = rol(W[t-1] ^ W[t-6] ^ W[t-12] ^ W[t-14], 1); -W[t+3] = rol( 0 ^ W[t-5] ^ W[t-11] ^ W[t-13], 1); -W[t+3] ^= rol(W[t+0], 1); - -the parameters are: - -W0 = &W[t-16]; -W1 = &W[t-12]; -W2 = &W[t- 8]; -W3 = &W[t- 4]; - -and on output: -prepared = W0 + K -W0 = W[t]..W[t+3] -*/ - -/* note that there is a step here where i want to do a rol by 1, which -* normally would look like this: -* -* r1 = psrld r0,$31 -* r0 = pslld r0,$1 -* r0 = por r0,r1 -* -* but instead i do this: -* -* r1 = pcmpltd r0,zero -* r0 = paddd r0,r0 -* r0 = psub r0,r1 -* -* because pcmpltd and paddd are availabe in both MMX units on -* efficeon, pentium-m, and opteron but shifts are available in -* only one unit. -*/ -#define prep(prep, XW0, XW1, XW2, XW3, K) do { \ - __m128i r0, r1, r2, r3; \ - \ - /* load W[t-4] 16-byte aligned, and shift */ \ - r3 = _mm_srli_si128((XW3), 4); \ - r0 = (XW0); \ - /* get high 64-bits of XW0 into low 64-bits */ \ - r1 = _mm_shuffle_epi32((XW0), _MM_SHUFFLE(1,0,3,2)); \ - /* load high 64-bits of r1 */ \ - r1 = _mm_unpacklo_epi64(r1, (XW1)); \ - r2 = (XW2); \ - \ - r0 = _mm_xor_si128(r1, r0); \ - r2 = _mm_xor_si128(r3, r2); \ - r0 = _mm_xor_si128(r2, r0); \ - /* unrotated W[t]..W[t+2] in r0 ... still need W[t+3] */ \ - \ - r2 = _mm_slli_si128(r0, 12); \ - r1 = _mm_cmplt_epi32(r0, _mm_setzero_si128()); \ - r0 = _mm_add_epi32(r0, r0); /* shift left by 1 */ \ - r0 = _mm_sub_epi32(r0, r1); /* r0 has W[t]..W[t+2] */ \ - \ - r3 = _mm_srli_epi32(r2, 30); \ - r2 = _mm_slli_epi32(r2, 2); \ - \ - r0 = _mm_xor_si128(r0, r3); \ - r0 = _mm_xor_si128(r0, r2); /* r0 now has W[t+3] */ \ - \ - (XW0) = r0; \ - (prep).u128 = _mm_add_epi32(r0, (K).u128); \ - } while(0) - - -static inline u32bit rol(u32bit src, u32bit amt) - { - /* gcc and icc appear to turn this into a rotate */ - return (src << amt) | (src >> (32 - amt)); - } - - -static inline u32bit f00_19(u32bit x, u32bit y, u32bit z) - { - /* FIPS 180-2 says this: (x & y) ^ (~x & z) - * but we can calculate it in fewer steps. - */ - return ((y ^ z) & x) ^ z; - } - - -static inline u32bit f20_39(u32bit x, u32bit y, u32bit z) - { - return (x ^ z) ^ y; - } - - -static inline u32bit f40_59(u32bit x, u32bit y, u32bit z) - { - /* FIPS 180-2 says this: (x & y) ^ (x & z) ^ (y & z) - * but we can calculate it in fewer steps. - */ - return (x & z) | ((x | z) & y); - } - - -static inline u32bit f60_79(u32bit x, u32bit y, u32bit z) - { - return f20_39(x, y, z); - } - -#define step(nn_mm, xa, xb, xc, xd, xe, xt, input) do { \ - (xt) = (input) + f##nn_mm((xb), (xc), (xd)); \ - (xb) = rol((xb), 30); \ - (xt) += ((xe) + rol((xa), 5)); \ - } while(0) - -} - -extern "C" void botan_sha1_sse2_compress(u32bit H[5], - const u32bit* inputu) - { - const __m128i * input = (const __m128i *)inputu; - __m128i W0, W1, W2, W3; - v4si prep0, prep1, prep2; - u32bit a, b, c, d, e, t; - - a = H[0]; - b = H[1]; - c = H[2]; - d = H[3]; - e = H[4]; - - /* i've tried arranging the SSE2 code to be 4, 8, 12, and 16 - * steps ahead of the integer code. 12 steps ahead seems - * to produce the best performance. -dean - */ - W0 = load(&input[0]); - prep00_15(prep0, W0); /* prepare for 00 through 03 */ - W1 = load(&input[1]); - prep00_15(prep1, W1); /* prepare for 04 through 07 */ - W2 = load(&input[2]); - prep00_15(prep2, W2); /* prepare for 08 through 11 */ - - W3 = load(&input[3]); - step(00_19, a, b, c, d, e, t, prep0.u32[0]); /* 00 */ - step(00_19, t, a, b, c, d, e, prep0.u32[1]); /* 01 */ - step(00_19, e, t, a, b, c, d, prep0.u32[2]); /* 02 */ - step(00_19, d, e, t, a, b, c, prep0.u32[3]); /* 03 */ - prep00_15(prep0, W3); - step(00_19, c, d, e, t, a, b, prep1.u32[0]); /* 04 */ - step(00_19, b, c, d, e, t, a, prep1.u32[1]); /* 05 */ - step(00_19, a, b, c, d, e, t, prep1.u32[2]); /* 06 */ - step(00_19, t, a, b, c, d, e, prep1.u32[3]); /* 07 */ - prep(prep1, W0, W1, W2, W3, K00_19); /* prepare for 16 through 19 */ - step(00_19, e, t, a, b, c, d, prep2.u32[0]); /* 08 */ - step(00_19, d, e, t, a, b, c, prep2.u32[1]); /* 09 */ - step(00_19, c, d, e, t, a, b, prep2.u32[2]); /* 10 */ - step(00_19, b, c, d, e, t, a, prep2.u32[3]); /* 11 */ - prep(prep2, W1, W2, W3, W0, K20_39); /* prepare for 20 through 23 */ - step(00_19, a, b, c, d, e, t, prep0.u32[0]); /* 12 */ - step(00_19, t, a, b, c, d, e, prep0.u32[1]); /* 13 */ - step(00_19, e, t, a, b, c, d, prep0.u32[2]); /* 14 */ - step(00_19, d, e, t, a, b, c, prep0.u32[3]); /* 15 */ - prep(prep0, W2, W3, W0, W1, K20_39); - step(00_19, c, d, e, t, a, b, prep1.u32[0]); /* 16 */ - step(00_19, b, c, d, e, t, a, prep1.u32[1]); /* 17 */ - step(00_19, a, b, c, d, e, t, prep1.u32[2]); /* 18 */ - step(00_19, t, a, b, c, d, e, prep1.u32[3]); /* 19 */ - - prep(prep1, W3, W0, W1, W2, K20_39); - step(20_39, e, t, a, b, c, d, prep2.u32[0]); /* 20 */ - step(20_39, d, e, t, a, b, c, prep2.u32[1]); /* 21 */ - step(20_39, c, d, e, t, a, b, prep2.u32[2]); /* 22 */ - step(20_39, b, c, d, e, t, a, prep2.u32[3]); /* 23 */ - prep(prep2, W0, W1, W2, W3, K20_39); - step(20_39, a, b, c, d, e, t, prep0.u32[0]); /* 24 */ - step(20_39, t, a, b, c, d, e, prep0.u32[1]); /* 25 */ - step(20_39, e, t, a, b, c, d, prep0.u32[2]); /* 26 */ - step(20_39, d, e, t, a, b, c, prep0.u32[3]); /* 27 */ - prep(prep0, W1, W2, W3, W0, K20_39); - step(20_39, c, d, e, t, a, b, prep1.u32[0]); /* 28 */ - step(20_39, b, c, d, e, t, a, prep1.u32[1]); /* 29 */ - step(20_39, a, b, c, d, e, t, prep1.u32[2]); /* 30 */ - step(20_39, t, a, b, c, d, e, prep1.u32[3]); /* 31 */ - prep(prep1, W2, W3, W0, W1, K40_59); - step(20_39, e, t, a, b, c, d, prep2.u32[0]); /* 32 */ - step(20_39, d, e, t, a, b, c, prep2.u32[1]); /* 33 */ - step(20_39, c, d, e, t, a, b, prep2.u32[2]); /* 34 */ - step(20_39, b, c, d, e, t, a, prep2.u32[3]); /* 35 */ - prep(prep2, W3, W0, W1, W2, K40_59); - step(20_39, a, b, c, d, e, t, prep0.u32[0]); /* 36 */ - step(20_39, t, a, b, c, d, e, prep0.u32[1]); /* 37 */ - step(20_39, e, t, a, b, c, d, prep0.u32[2]); /* 38 */ - step(20_39, d, e, t, a, b, c, prep0.u32[3]); /* 39 */ - - prep(prep0, W0, W1, W2, W3, K40_59); - step(40_59, c, d, e, t, a, b, prep1.u32[0]); /* 40 */ - step(40_59, b, c, d, e, t, a, prep1.u32[1]); /* 41 */ - step(40_59, a, b, c, d, e, t, prep1.u32[2]); /* 42 */ - step(40_59, t, a, b, c, d, e, prep1.u32[3]); /* 43 */ - prep(prep1, W1, W2, W3, W0, K40_59); - step(40_59, e, t, a, b, c, d, prep2.u32[0]); /* 44 */ - step(40_59, d, e, t, a, b, c, prep2.u32[1]); /* 45 */ - step(40_59, c, d, e, t, a, b, prep2.u32[2]); /* 46 */ - step(40_59, b, c, d, e, t, a, prep2.u32[3]); /* 47 */ - prep(prep2, W2, W3, W0, W1, K40_59); - step(40_59, a, b, c, d, e, t, prep0.u32[0]); /* 48 */ - step(40_59, t, a, b, c, d, e, prep0.u32[1]); /* 49 */ - step(40_59, e, t, a, b, c, d, prep0.u32[2]); /* 50 */ - step(40_59, d, e, t, a, b, c, prep0.u32[3]); /* 51 */ - prep(prep0, W3, W0, W1, W2, K60_79); - step(40_59, c, d, e, t, a, b, prep1.u32[0]); /* 52 */ - step(40_59, b, c, d, e, t, a, prep1.u32[1]); /* 53 */ - step(40_59, a, b, c, d, e, t, prep1.u32[2]); /* 54 */ - step(40_59, t, a, b, c, d, e, prep1.u32[3]); /* 55 */ - prep(prep1, W0, W1, W2, W3, K60_79); - step(40_59, e, t, a, b, c, d, prep2.u32[0]); /* 56 */ - step(40_59, d, e, t, a, b, c, prep2.u32[1]); /* 57 */ - step(40_59, c, d, e, t, a, b, prep2.u32[2]); /* 58 */ - step(40_59, b, c, d, e, t, a, prep2.u32[3]); /* 59 */ - - prep(prep2, W1, W2, W3, W0, K60_79); - step(60_79, a, b, c, d, e, t, prep0.u32[0]); /* 60 */ - step(60_79, t, a, b, c, d, e, prep0.u32[1]); /* 61 */ - step(60_79, e, t, a, b, c, d, prep0.u32[2]); /* 62 */ - step(60_79, d, e, t, a, b, c, prep0.u32[3]); /* 63 */ - prep(prep0, W2, W3, W0, W1, K60_79); - step(60_79, c, d, e, t, a, b, prep1.u32[0]); /* 64 */ - step(60_79, b, c, d, e, t, a, prep1.u32[1]); /* 65 */ - step(60_79, a, b, c, d, e, t, prep1.u32[2]); /* 66 */ - step(60_79, t, a, b, c, d, e, prep1.u32[3]); /* 67 */ - prep(prep1, W3, W0, W1, W2, K60_79); - step(60_79, e, t, a, b, c, d, prep2.u32[0]); /* 68 */ - step(60_79, d, e, t, a, b, c, prep2.u32[1]); /* 69 */ - step(60_79, c, d, e, t, a, b, prep2.u32[2]); /* 70 */ - step(60_79, b, c, d, e, t, a, prep2.u32[3]); /* 71 */ - - step(60_79, a, b, c, d, e, t, prep0.u32[0]); /* 72 */ - step(60_79, t, a, b, c, d, e, prep0.u32[1]); /* 73 */ - step(60_79, e, t, a, b, c, d, prep0.u32[2]); /* 74 */ - step(60_79, d, e, t, a, b, c, prep0.u32[3]); /* 75 */ - /* no more input to prepare */ - step(60_79, c, d, e, t, a, b, prep1.u32[0]); /* 76 */ - step(60_79, b, c, d, e, t, a, prep1.u32[1]); /* 77 */ - step(60_79, a, b, c, d, e, t, prep1.u32[2]); /* 78 */ - step(60_79, t, a, b, c, d, e, prep1.u32[3]); /* 79 */ - /* e, t, a, b, c, d */ - H[0] += e; - H[1] += t; - H[2] += a; - H[3] += b; - H[4] += c; - } - -} diff --git a/src/hash/sha2/info.txt b/src/hash/sha2/info.txt index 9b92ff385..e12f2b694 100644 --- a/src/hash/sha2/info.txt +++ b/src/hash/sha2/info.txt @@ -1,16 +1,5 @@ -realname "SHA-2 (224, 256, 384, 512)" - define SHA2 -load_on auto - -<add> -sha2_32.cpp -sha2_32.h -sha2_64.cpp -sha2_64.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/sha2/sha2_32.cpp b/src/hash/sha2/sha2_32.cpp index 9da2ec23f..7068dd63f 100644 --- a/src/hash/sha2/sha2_32.cpp +++ b/src/hash/sha2/sha2_32.cpp @@ -56,13 +56,27 @@ void SHA_224_256_BASE::compress_n(const byte input[], u32bit blocks) for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 16; ++j) - W[j] = load_be<u32bit>(input, j); - input += HASH_BLOCK_SIZE; - - for(u32bit j = 16; j != 64; ++j) - W[j] = sigma(W[j- 2], 17, 19, 10) + W[j- 7] + - sigma(W[j-15], 7, 18, 3) + W[j-16]; + load_be(W.begin(), input, 16); + + for(u32bit j = 16; j != 64; j += 8) + { + W[j ] = sigma(W[j- 2], 17, 19, 10) + W[j-7] + + sigma(W[j-15], 7, 18, 3) + W[j-16]; + W[j+1] = sigma(W[j- 1], 17, 19, 10) + W[j-6] + + sigma(W[j-14], 7, 18, 3) + W[j-15]; + W[j+2] = sigma(W[j ], 17, 19, 10) + W[j-5] + + sigma(W[j-13], 7, 18, 3) + W[j-14]; + W[j+3] = sigma(W[j+ 1], 17, 19, 10) + W[j-4] + + sigma(W[j-12], 7, 18, 3) + W[j-13]; + W[j+4] = sigma(W[j+ 2], 17, 19, 10) + W[j-3] + + sigma(W[j-11], 7, 18, 3) + W[j-12]; + W[j+5] = sigma(W[j+ 3], 17, 19, 10) + W[j-2] + + sigma(W[j-10], 7, 18, 3) + W[j-11]; + W[j+6] = sigma(W[j+ 4], 17, 19, 10) + W[j-1] + + sigma(W[j- 9], 7, 18, 3) + W[j-10]; + W[j+7] = sigma(W[j+ 5], 17, 19, 10) + W[j ] + + sigma(W[j- 8], 7, 18, 3) + W[j- 9]; + } F1(A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98); F1(H, A, B, C, D, E, F, G, W[ 1], 0x71374491); @@ -137,6 +151,8 @@ void SHA_224_256_BASE::compress_n(const byte input[], u32bit blocks) F = (digest[5] += F); G = (digest[6] += G); H = (digest[7] += H); + + input += HASH_BLOCK_SIZE; } } @@ -152,7 +168,7 @@ void SHA_224_256_BASE::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void SHA_224_256_BASE::clear() throw() +void SHA_224_256_BASE::clear() { MDx_HashFunction::clear(); W.clear(); @@ -161,23 +177,23 @@ void SHA_224_256_BASE::clear() throw() /* * Clear memory of sensitive data */ -void SHA_224::clear() throw() +void SHA_224::clear() { SHA_224_256_BASE::clear(); - digest[0] = 0xc1059ed8; - digest[1] = 0x367cd507; - digest[2] = 0x3070dd17; - digest[3] = 0xf70e5939; - digest[4] = 0xffc00b31; + digest[0] = 0xC1059ED8; + digest[1] = 0x367CD507; + digest[2] = 0x3070DD17; + digest[3] = 0xF70E5939; + digest[4] = 0xFFC00B31; digest[5] = 0x68581511; - digest[6] = 0x64f98fa7; - digest[7] = 0xbefa4fa4; + digest[6] = 0x64F98FA7; + digest[7] = 0xBEFA4FA4; } /* * Clear memory of sensitive data */ -void SHA_256::clear() throw() +void SHA_256::clear() { SHA_224_256_BASE::clear(); digest[0] = 0x6A09E667; diff --git a/src/hash/sha2/sha2_32.h b/src/hash/sha2/sha2_32.h index 05083d19d..313eec676 100644 --- a/src/hash/sha2/sha2_32.h +++ b/src/hash/sha2/sha2_32.h @@ -19,7 +19,7 @@ namespace Botan { class BOTAN_DLL SHA_224_256_BASE : public MDx_HashFunction { protected: - void clear() throw(); + void clear(); SHA_224_256_BASE(u32bit out) : MDx_HashFunction(out, 64, true, true) { clear(); } @@ -36,7 +36,7 @@ class BOTAN_DLL SHA_224_256_BASE : public MDx_HashFunction class BOTAN_DLL SHA_224 : public SHA_224_256_BASE { public: - void clear() throw(); + void clear(); std::string name() const { return "SHA-224"; } HashFunction* clone() const { return new SHA_224; } SHA_224() : SHA_224_256_BASE(28) { clear(); } @@ -48,7 +48,7 @@ class BOTAN_DLL SHA_224 : public SHA_224_256_BASE class BOTAN_DLL SHA_256 : public SHA_224_256_BASE { public: - void clear() throw(); + void clear(); std::string name() const { return "SHA-256"; } HashFunction* clone() const { return new SHA_256; } SHA_256() : SHA_224_256_BASE(32) { clear (); } diff --git a/src/hash/sha2/sha2_64.cpp b/src/hash/sha2/sha2_64.cpp index e9b4c2e5a..3e7c0e228 100644 --- a/src/hash/sha2/sha2_64.cpp +++ b/src/hash/sha2/sha2_64.cpp @@ -55,13 +55,19 @@ void SHA_384_512_BASE::compress_n(const byte input[], u32bit blocks) for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 16; ++j) - W[j] = load_be<u64bit>(input, j); - input += HASH_BLOCK_SIZE; - - for(u32bit j = 16; j != 80; ++j) - W[j] = sigma(W[j- 2], 19, 61, 6) + W[j- 7] + - sigma(W[j-15], 1, 8, 7) + W[j-16]; + load_be(W.begin(), input, 16); + + for(u32bit j = 16; j != 80; j += 8) + { + W[j ] = sigma(W[j-2], 19, 61, 6) + W[j-7] + sigma(W[j-15], 1, 8, 7) + W[j-16]; + W[j+1] = sigma(W[j-1], 19, 61, 6) + W[j-6] + sigma(W[j-14], 1, 8, 7) + W[j-15]; + W[j+2] = sigma(W[j ], 19, 61, 6) + W[j-5] + sigma(W[j-13], 1, 8, 7) + W[j-14]; + W[j+3] = sigma(W[j+1], 19, 61, 6) + W[j-4] + sigma(W[j-12], 1, 8, 7) + W[j-13]; + W[j+4] = sigma(W[j+2], 19, 61, 6) + W[j-3] + sigma(W[j-11], 1, 8, 7) + W[j-12]; + W[j+5] = sigma(W[j+3], 19, 61, 6) + W[j-2] + sigma(W[j-10], 1, 8, 7) + W[j-11]; + W[j+6] = sigma(W[j+4], 19, 61, 6) + W[j-1] + sigma(W[j- 9], 1, 8, 7) + W[j-10]; + W[j+7] = sigma(W[j+5], 19, 61, 6) + W[j ] + sigma(W[j- 8], 1, 8, 7) + W[j- 9]; + } F1(A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98D728AE22); F1(H, A, B, C, D, E, F, G, W[ 1], 0x7137449123EF65CD); @@ -152,6 +158,8 @@ void SHA_384_512_BASE::compress_n(const byte input[], u32bit blocks) F = (digest[5] += F); G = (digest[6] += G); H = (digest[7] += H); + + input += HASH_BLOCK_SIZE; } } @@ -167,7 +175,7 @@ void SHA_384_512_BASE::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void SHA_384_512_BASE::clear() throw() +void SHA_384_512_BASE::clear() { MDx_HashFunction::clear(); W.clear(); @@ -176,7 +184,7 @@ void SHA_384_512_BASE::clear() throw() /* * Clear memory of sensitive data */ -void SHA_384::clear() throw() +void SHA_384::clear() { SHA_384_512_BASE::clear(); digest[0] = 0xCBBB9D5DC1059ED8; @@ -192,7 +200,7 @@ void SHA_384::clear() throw() /* * Clear memory of sensitive data */ -void SHA_512::clear() throw() +void SHA_512::clear() { SHA_384_512_BASE::clear(); digest[0] = 0x6A09E667F3BCC908; diff --git a/src/hash/sha2/sha2_64.h b/src/hash/sha2/sha2_64.h index dcc6dc83b..8e4d171f8 100644 --- a/src/hash/sha2/sha2_64.h +++ b/src/hash/sha2/sha2_64.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL SHA_384_512_BASE : public MDx_HashFunction { protected: - void clear() throw(); + void clear(); SHA_384_512_BASE(u32bit out) : MDx_HashFunction(out, 128, true, true, 16) {} @@ -37,7 +37,7 @@ class BOTAN_DLL SHA_384_512_BASE : public MDx_HashFunction class BOTAN_DLL SHA_384 : public SHA_384_512_BASE { public: - void clear() throw(); + void clear(); std::string name() const { return "SHA-384"; } HashFunction* clone() const { return new SHA_384; } SHA_384() : SHA_384_512_BASE(48) { clear(); } @@ -49,7 +49,7 @@ class BOTAN_DLL SHA_384 : public SHA_384_512_BASE class BOTAN_DLL SHA_512 : public SHA_384_512_BASE { public: - void clear() throw(); + void clear(); std::string name() const { return "SHA-512"; } HashFunction* clone() const { return new SHA_512; } SHA_512() : SHA_384_512_BASE(64) { clear(); } diff --git a/src/hash/skein/info.txt b/src/hash/skein/info.txt index bab8497c5..427f59121 100644 --- a/src/hash/skein/info.txt +++ b/src/hash/skein/info.txt @@ -1,14 +1,5 @@ -realname "Skein" - define SKEIN_512 -load_on auto - -<add> -skein_512.cpp -skein_512.h -</add> - <requires> alloc </requires> diff --git a/src/hash/skein/skein_512.cpp b/src/hash/skein/skein_512.cpp index a48cfc186..e1ca08c15 100644 --- a/src/hash/skein/skein_512.cpp +++ b/src/hash/skein/skein_512.cpp @@ -34,8 +34,8 @@ void ubi_512(u64bit H[9], u64bit T[], const byte msg[], u64bit msg_len) T[0] += to_proc; u64bit M[8] = { 0 }; - for(u32bit j = 0; j != to_proc / 8; ++j) - M[j] = load_le<u64bit>(msg, j); + + load_le(M, msg, to_proc / 8); if(to_proc % 8) { @@ -183,7 +183,7 @@ HashFunction* Skein_512::clone() const return new Skein_512(output_bits, personalization); } -void Skein_512::clear() throw() +void Skein_512::clear() { H.clear(); T.clear(); diff --git a/src/hash/skein/skein_512.h b/src/hash/skein/skein_512.h index fa558fc0d..db8d3c8b7 100644 --- a/src/hash/skein/skein_512.h +++ b/src/hash/skein/skein_512.h @@ -22,7 +22,7 @@ class BOTAN_DLL Skein_512 : public HashFunction HashFunction* clone() const; std::string name() const; - void clear() throw(); + void clear(); private: void add_data(const byte input[], u32bit length); void final_result(byte out[]); diff --git a/src/hash/tiger/info.txt b/src/hash/tiger/info.txt index 7d4cd7177..b50b745e3 100644 --- a/src/hash/tiger/info.txt +++ b/src/hash/tiger/info.txt @@ -1,15 +1,5 @@ -realname "Tiger" - define TIGER -load_on auto - -<add> -tig_tab.cpp -tiger.cpp -tiger.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/tiger/tiger.cpp b/src/hash/tiger/tiger.cpp index e46f2cb77..4f4d4dc83 100644 --- a/src/hash/tiger/tiger.cpp +++ b/src/hash/tiger/tiger.cpp @@ -21,9 +21,7 @@ void Tiger::compress_n(const byte input[], u32bit blocks) for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 8; ++j) - X[j] = load_le<u64bit>(input, j); - input += HASH_BLOCK_SIZE; + load_le(X.begin(), input, X.size()); pass(A, B, C, X, 5); mix(X); pass(C, A, B, X, 7); mix(X); @@ -39,6 +37,8 @@ void Tiger::compress_n(const byte input[], u32bit blocks) A = (digest[0] ^= A); B = digest[1] = B - digest[1]; C = (digest[2] += C); + + input += HASH_BLOCK_SIZE; } } @@ -129,7 +129,7 @@ void Tiger::mix(u64bit X[8]) /* * Clear memory of sensitive data */ -void Tiger::clear() throw() +void Tiger::clear() { MDx_HashFunction::clear(); X.clear(); diff --git a/src/hash/tiger/tiger.h b/src/hash/tiger/tiger.h index 63184a938..86ddcd270 100644 --- a/src/hash/tiger/tiger.h +++ b/src/hash/tiger/tiger.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL Tiger : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const; HashFunction* clone() const { return new Tiger(OUTPUT_LENGTH); } Tiger(u32bit = 24, u32bit = 3); diff --git a/src/hash/whirlpool/info.txt b/src/hash/whirlpool/info.txt index be55b5c3b..7bec0c6cf 100644 --- a/src/hash/whirlpool/info.txt +++ b/src/hash/whirlpool/info.txt @@ -1,15 +1,5 @@ -realname "Whirlpool" - define WHIRLPOOL -load_on auto - -<add> -whrl_tab.cpp -whrlpool.cpp -whrlpool.h -</add> - <requires> mdx_hash </requires> diff --git a/src/hash/whirlpool/whrlpool.cpp b/src/hash/whirlpool/whrlpool.cpp index 8548d6192..06755fe77 100644 --- a/src/hash/whirlpool/whrlpool.cpp +++ b/src/hash/whirlpool/whrlpool.cpp @@ -25,9 +25,7 @@ void Whirlpool::compress_n(const byte in[], u32bit blocks) for(u32bit i = 0; i != blocks; ++i) { - for(u32bit j = 0; j != 8; ++j) - M[j] = load_be<u64bit>(in, j); - in += HASH_BLOCK_SIZE; + load_be(M.begin(), in, M.size()); u64bit K0, K1, K2, K3, K4, K5, K6, K7; K0 = digest[0]; K1 = digest[1]; K2 = digest[2]; K3 = digest[3]; @@ -121,6 +119,8 @@ void Whirlpool::compress_n(const byte in[], u32bit blocks) digest[5] ^= B5 ^ M[5]; digest[6] ^= B6 ^ M[6]; digest[7] ^= B7 ^ M[7]; + + in += HASH_BLOCK_SIZE; } } @@ -136,7 +136,7 @@ void Whirlpool::copy_out(byte output[]) /* * Clear memory of sensitive data */ -void Whirlpool::clear() throw() +void Whirlpool::clear() { MDx_HashFunction::clear(); M.clear(); diff --git a/src/hash/whirlpool/whrlpool.h b/src/hash/whirlpool/whrlpool.h index b72ff609f..34b4d2302 100644 --- a/src/hash/whirlpool/whrlpool.h +++ b/src/hash/whirlpool/whrlpool.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL Whirlpool : public MDx_HashFunction { public: - void clear() throw(); + void clear(); std::string name() const { return "Whirlpool"; } HashFunction* clone() const { return new Whirlpool; } Whirlpool() : MDx_HashFunction(64, 64, true, true, 32) { clear(); } |