From b32651c830b024e93f1e0e99b96ec8859b88a563 Mon Sep 17 00:00:00 2001
From: Love Hornquist Astrand <lha@h5l.org>
Date: Wed, 29 Sep 2010 23:37:34 -0700
Subject: [PATCH] SHA512 support

---
 lib/hcrypto/Makefile.am            |  1 +
 lib/hcrypto/evp-hcrypto.c          | 23 +++++++++++++++++++++++
 lib/hcrypto/evp-hcrypto.h          |  2 ++
 lib/hcrypto/evp.c                  |  7 +++++++
 lib/hcrypto/evp.h                  |  2 ++
 lib/hcrypto/hash.h                 |  6 ++++++
 lib/hcrypto/libhcrypto-exports.def |  1 +
 lib/hcrypto/mdtest.c               | 17 ++++++-----------
 lib/hcrypto/sha.h                  | 18 ++++++++++++++++++
 lib/hcrypto/version-script.map     |  2 ++
 10 files changed, 68 insertions(+), 11 deletions(-)

diff --git a/lib/hcrypto/Makefile.am b/lib/hcrypto/Makefile.am
index f119d8c88..a2a213279 100644
--- a/lib/hcrypto/Makefile.am
+++ b/lib/hcrypto/Makefile.am
@@ -154,6 +154,7 @@ libhcrypto_la_SOURCES =	\
 	sha.c		\
 	sha.h		\
 	sha256.c	\
+	sha512.c	\
 	validate.c	\
 	ui.c		\
 	ui.h
diff --git a/lib/hcrypto/evp-hcrypto.c b/lib/hcrypto/evp-hcrypto.c
index 9e063545e..7075c0fdd 100644
--- a/lib/hcrypto/evp-hcrypto.c
+++ b/lib/hcrypto/evp-hcrypto.c
@@ -289,6 +289,29 @@ EVP_hcrypto_sha256(void)
     return &sha256;
 }
 
+/**
+ * The message digest SHA256 - hcrypto
+ *
+ * @return the message digest type.
+ *
+ * @ingroup hcrypto_evp
+ */
+
+const EVP_MD *
+EVP_hcrypto_sha512(void)
+{
+    static const struct hc_evp_md sha512 = {
+	64,
+	128,
+	sizeof(SHA512_CTX),
+	(hc_evp_md_init)SHA512_Init,
+	(hc_evp_md_update)SHA512_Update,
+	(hc_evp_md_final)SHA512_Final,
+	NULL
+    };
+    return &sha512;
+}
+
 /**
  * The message digest SHA1 - hcrypto
  *
diff --git a/lib/hcrypto/evp-hcrypto.h b/lib/hcrypto/evp-hcrypto.h
index 7915046bd..df82c227b 100644
--- a/lib/hcrypto/evp-hcrypto.h
+++ b/lib/hcrypto/evp-hcrypto.h
@@ -42,6 +42,7 @@
 #define EVP_hcrypto_md5 hc_EVP_hcrypto_md5
 #define EVP_hcrypto_sha1 hc_EVP_hcrypto_sha1
 #define EVP_hcrypto_sha256 hc_EVP_hcrypto_sha256
+#define EVP_hcrypto_sha512 hc_EVP_hcrypto_sha512
 #define EVP_hcrypto_des_cbc hc_EVP_hcrypto_des_cbc
 #define EVP_hcrypto_des_ede3_cbc hc_EVP_hcrypto_des_ede3_cbc
 #define EVP_hcrypto_aes_128_cbc hc_EVP_hcrypto_aes_128_cbc
@@ -70,6 +71,7 @@ const EVP_MD * EVP_hcrypto_md4(void);
 const EVP_MD * EVP_hcrypto_md5(void);
 const EVP_MD * EVP_hcrypto_sha1(void);
 const EVP_MD * EVP_hcrypto_sha256(void);
+const EVP_MD * EVP_hcrypto_sha512(void);
 
 const EVP_CIPHER * EVP_hcrypto_rc4(void);
 const EVP_CIPHER * EVP_hcrypto_rc4_40(void);
diff --git a/lib/hcrypto/evp.c b/lib/hcrypto/evp.c
index da1a8940b..e28691598 100644
--- a/lib/hcrypto/evp.c
+++ b/lib/hcrypto/evp.c
@@ -360,6 +360,13 @@ EVP_sha256(void)
     return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha256);
 }
 
+const EVP_MD *
+EVP_sha512(void)
+{
+    hcrypto_validate();
+    return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha512);
+}
+
 /**
  * The message digest SHA1
  *
diff --git a/lib/hcrypto/evp.h b/lib/hcrypto/evp.h
index 03ec175d5..b60d5586f 100644
--- a/lib/hcrypto/evp.h
+++ b/lib/hcrypto/evp.h
@@ -96,6 +96,7 @@
 #define EVP_sha hc_EVP_sha
 #define EVP_sha1 hc_EVP_sha1
 #define EVP_sha256 hc_EVP_sha256
+#define EVP_sha512 hc_EVP_sha512
 #define PKCS5_PBKDF2_HMAC_SHA1 hc_PKCS5_PBKDF2_HMAC_SHA1
 #define EVP_BytesToKey hc_EVP_BytesToKey
 #define EVP_get_cipherbyname hc_EVP_get_cipherbyname
@@ -225,6 +226,7 @@ HC_DEPRECATED_CRYPTO const EVP_MD *EVP_md5(void);
 const EVP_MD *EVP_sha(void);
 const EVP_MD *EVP_sha1(void);
 const EVP_MD *EVP_sha256(void);
+const EVP_MD *EVP_sha512(void);
 
 const EVP_CIPHER * EVP_aes_128_cbc(void);
 const EVP_CIPHER * EVP_aes_192_cbc(void);
diff --git a/lib/hcrypto/hash.h b/lib/hcrypto/hash.h
index cfec9cf3f..498e5b1af 100644
--- a/lib/hcrypto/hash.h
+++ b/lib/hcrypto/hash.h
@@ -66,4 +66,10 @@ cshift (uint32_t x, unsigned int n)
     return CRAYFIX((x << n) | (x >> (32 - n)));
 }
 
+static inline uint64_t
+cshift64 (uint64_t x, unsigned int n)
+{
+  return ((uint64_t)x << (uint64_t)n) | ((uint64_t)x >> ((uint64_t)64 - (uint64_t)n));
+}
+
 #endif /* __hash_h__ */
diff --git a/lib/hcrypto/libhcrypto-exports.def b/lib/hcrypto/libhcrypto-exports.def
index 440acfea3..8fa083442 100644
--- a/lib/hcrypto/libhcrypto-exports.def
+++ b/lib/hcrypto/libhcrypto-exports.def
@@ -160,6 +160,7 @@ EXPORTS
 	hc_EVP_sha
 	hc_EVP_sha1
 	hc_EVP_sha256
+	hc_EVP_sha512
 
 ;!	hc_EVP_cc_md2
 ;!	hc_EVP_cc_md4
diff --git a/lib/hcrypto/mdtest.c b/lib/hcrypto/mdtest.c
index d67c04a6b..9f474c712 100644
--- a/lib/hcrypto/mdtest.c
+++ b/lib/hcrypto/mdtest.c
@@ -104,23 +104,22 @@ struct hash_foo sha256 = {
 #ifdef HAVE_SHA384
 struct hash_foo sha384 = {
     "SHA-384",
-    sizeof(struct sha512),
+    sizeof(SHA384_CTX),
     48,
     (void (*)(void*))SHA384_Init,
     (void (*)(void*,const void*, size_t))SHA384_Update,
     (void (*)(void*, void*))SHA384_Final
 };
 #endif
-#ifdef HAVE_SHA512
 struct hash_foo sha512 = {
     "SHA-512",
-    sizeof(struct sha512),
+    sizeof(SHA512_CTX),
     64,
     (void (*)(void*))SHA512_Init,
     (void (*)(void*,const void*, size_t))SHA512_Update,
-    (void (*)(void*, void*))SHA512_Final
+    (void (*)(void*, void*))SHA512_Final,
+    EVP_sha512
 };
-#endif
 
 struct test {
     char *str;
@@ -235,7 +234,7 @@ struct test sha384_tests[] = {
     {NULL}
 };
 #endif
-#ifdef HAVE_SHA512
+
 struct test sha512_tests[] = {
     { "abc",
       { 0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba,
@@ -267,7 +266,6 @@ struct test sha512_tests[] = {
 	0x4e,0xad,0xb2,0x17,0xad,0x8c,0xc0,0x9b }},
     { NULL }
 };
-#endif
 
 static int
 hash_test (struct hash_foo *hash, struct test *tests)
@@ -351,8 +349,5 @@ main (void)
 #ifdef HAVE_SHA384
 	+ hash_test(&sha384, sha384_tests)
 #endif
-#ifdef HAVE_SHA512
-	+ hash_test(&sha512, sha512_tests)
-#endif
-	;
+	+ hash_test(&sha512, sha512_tests);
 }
diff --git a/lib/hcrypto/sha.h b/lib/hcrypto/sha.h
index 39e33cf8d..cefe7dca0 100644
--- a/lib/hcrypto/sha.h
+++ b/lib/hcrypto/sha.h
@@ -80,4 +80,22 @@ void SHA256_Init (SHA256_CTX *);
 void SHA256_Update (SHA256_CTX *, const void *, size_t);
 void SHA256_Final (void *, SHA256_CTX *);
 
+/*
+ * SHA-2 512
+ */
+
+#define SHA512_DIGEST_LENGTH 64
+
+struct hc_sha512state {
+  uint64_t sz[2];
+  uint64_t counter[8];
+  unsigned char save[128];
+};
+
+typedef struct hc_sha512state SHA512_CTX;
+
+void SHA512_Init (SHA512_CTX *);
+void SHA512_Update (SHA512_CTX *, const void *, size_t);
+void SHA512_Final (void *, SHA512_CTX *);
+
 #endif /* HEIM_SHA_H */
diff --git a/lib/hcrypto/version-script.map b/lib/hcrypto/version-script.map
index fad05683e..2c6afc451 100644
--- a/lib/hcrypto/version-script.map
+++ b/lib/hcrypto/version-script.map
@@ -167,6 +167,7 @@ HEIMDAL_CRYPTO_1.0 {
 		hc_EVP_sha;
 		hc_EVP_sha1;
 		hc_EVP_sha256;
+		hc_EVP_sha512;
 
 		hc_EVP_cc_md2;
 		hc_EVP_cc_md4;
@@ -186,6 +187,7 @@ HEIMDAL_CRYPTO_1.0 {
 		hc_EVP_hcrypto_md5;
 		hc_EVP_hcrypto_sha1;
 		hc_EVP_hcrypto_sha256;
+		hc_EVP_hcrypto_sha512;
 		hc_EVP_hcrypto_des_ede3_cbc;
 		hc_EVP_hcrypto_aes_128_cbc;
 		hc_EVP_hcrypto_aes_192_cbc;