xref: /PHP-7.2/ext/hash/hash_haval.c (revision 7a7ec01a)
1 /*
2   +----------------------------------------------------------------------+
3   | PHP Version 7                                                        |
4   +----------------------------------------------------------------------+
5   | Copyright (c) 1997-2018 The PHP Group                                |
6   +----------------------------------------------------------------------+
7   | This source file is subject to version 3.01 of the PHP license,      |
8   | that is bundled with this package in the file LICENSE, and is        |
9   | available through the world-wide-web at the following url:           |
10   | http://www.php.net/license/3_01.txt                                  |
11   | If you did not receive a copy of the PHP license and are unable to   |
12   | obtain it through the world-wide-web, please send a note to          |
13   | license@php.net so we can mail you a copy immediately.               |
14   +----------------------------------------------------------------------+
15   | Author: Sara Golemon <pollita@php.net>                               |
16   +----------------------------------------------------------------------+
17 */
18 
19 /* $Id$ */
20 
21 #include "php_hash.h"
22 #include "php_hash_haval.h"
23 
24 static const unsigned char PADDING[128] ={
25 	1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
26 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
27 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
28 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
29 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
30 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
31 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
32 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
33 
34 static const uint32_t D0[8] = {
35 	0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, 0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89 };
36 
37 static const uint32_t K2[32] = {
38 	0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C, 0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917,
39 	0x9216D5D9, 0x8979FB1B, 0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7, 0xB8E1AFED, 0x6A267E96,
40 	0xBA7C9045, 0xF12C7F99, 0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16, 0x636920D8, 0x71574E69,
41 	0xA458FEA3, 0xF4933D7E, 0x0D95748F, 0x728EB658, 0x718BCD58, 0x82154AEE, 0x7B54A41D, 0xC25A59B5 };
42 
43 static const uint32_t K3[32] = {
44 	0x9C30D539, 0x2AF26013, 0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF, 0x8E79DCB0, 0x603A180E,
45 	0x6C9E0E8B, 0xB01E8A3E, 0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60, 0xE65525F3, 0xAA55AB94,
46 	0x57489862, 0x63E81440, 0x55CA396A, 0x2AAB10B6, 0xB4CC5C34, 0x1141E8CE, 0xA15486AF, 0x7C72E993,
47 	0xB3EE1411, 0x636FBC2A, 0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E, 0xAFD6BA33, 0x6C24CF5C };
48 
49 static const uint32_t K4[32] = {
50 	0x7A325381, 0x28958677, 0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193, 0x61D809CC, 0xFB21A991,
51 	0x487CAC60, 0x5DEC8032, 0xEF845D5D, 0xE98575B1, 0xDC262302, 0xEB651B88, 0x23893E81, 0xD396ACC5,
52 	0x0F6D6FF3, 0x83F44239, 0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E, 0x21C66842, 0xF6E96C9A,
53 	0x670C9C61, 0xABD388F0, 0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3, 0x6EEF0B6C, 0x137A3BE4 };
54 
55 static const uint32_t K5[32] = {
56 	0xBA3BF050, 0x7EFB2A98, 0xA1F1651D, 0x39AF0176, 0x66CA593E, 0x82430E88, 0x8CEE8619, 0x456F9FB4,
57 	0x7D84A5C3, 0x3B8B5EBE, 0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6, 0x4ED3AA62, 0x363F7706,
58 	0x1BFEDF72, 0x429B023D, 0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B, 0x075372C9, 0x80991B7B,
59 	0x25D479D8, 0xF6E8DEF7, 0xE3FE501A, 0xB6794C3B, 0x976CE0BD, 0x04C006BA, 0xC1A94FB6, 0x409F60C4 };
60 
61 static const short I2[32] = {	 5, 14, 26, 18, 11, 28,  7, 16,  0, 23, 20, 22,  1, 10,  4,  8,
62 						30,  3, 21,  9, 17, 24, 29,  6, 19, 12, 15, 13,  2, 25, 31, 27 };
63 
64 static const short I3[32] = {	19,  9,  4, 20, 28, 17,  8, 22, 29, 14, 25, 12, 24, 30, 16, 26,
65 						31, 15,  7,  3,  1,  0, 18, 27, 13,  6, 21, 10, 23, 11,  5,  2 };
66 
67 static const short I4[32] = {	24,  4,  0, 14,  2,  7, 28, 23, 26,  6, 30, 20, 18, 25, 19,  3,
68 						22, 11, 31, 21,  8, 27, 12,  9,  1, 29,  5, 15, 17, 10, 16, 13 };
69 
70 static const short I5[32] = {	27,  3, 21, 26, 17, 11, 20, 29, 19,  0, 12,  7, 13,  8, 31, 10,
71 						 5,  9, 14, 30, 18,  6, 28, 24,  2, 23, 16, 22,  4,  1, 25, 15 };
72 
73 static const short M0[32] = {	0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1,
74 						0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1 };
75 
76 static const short M1[32] = {	1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2,
77 						1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2 };
78 
79 static const short M2[32] = {	2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3,
80 						2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3 };
81 
82 static const short M3[32] = {	3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4,
83 						3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4 };
84 
85 static const short M4[32] = {	4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5,
86 						4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5 };
87 
88 static const short M5[32] = {	5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6,
89 						5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6 };
90 
91 static const short M6[32] = {	6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7,
92 						6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 7 };
93 
94 static const short M7[32] = {	7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0,
95 						7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0 };
96 
97 /* {{{ Encode
98    Encodes input (uint32_t) into output (unsigned char). Assumes len is
99    a multiple of 4.
100  */
Encode(unsigned char * output,uint32_t * input,unsigned int len)101 static void Encode(unsigned char *output, uint32_t *input, unsigned int len)
102 {
103 	unsigned int i, j;
104 
105 	for (i = 0, j = 0; j < len; i++, j += 4) {
106 		output[j] = (unsigned char) (input[i] & 0xff);
107 		output[j + 1] = (unsigned char) ((input[i] >> 8) & 0xff);
108 		output[j + 2] = (unsigned char) ((input[i] >> 16) & 0xff);
109 		output[j + 3] = (unsigned char) ((input[i] >> 24) & 0xff);
110 	}
111 }
112 /* }}} */
113 
114 /* {{{ Decode
115    Decodes input (unsigned char) into output (uint32_t). Assumes len is
116    a multiple of 4.
117  */
Decode(uint32_t * output,const unsigned char * input,unsigned int len)118 static void Decode(uint32_t *output, const unsigned char *input, unsigned int len)
119 {
120 	unsigned int i, j;
121 
122 	for (i = 0, j = 0; j < len; i++, j += 4) {
123 		output[i] = ((uint32_t) input[j]) | (((uint32_t) input[j + 1]) << 8) |
124 			(((uint32_t) input[j + 2]) << 16) | (((uint32_t) input[j + 3]) << 24);
125 	}
126 }
127 /* }}} */
128 
129 #define F1(x6,x5,x4,x3,x2,x1,x0)	( ((x1) & (x4)) ^ ((x2) & (x5)) ^ ((x3) & (x6)) ^ ((x0) & (x1)) ^ (x0) )
130 #define F2(x6,x5,x4,x3,x2,x1,x0)	( ((x1) & (x2) & (x3)) ^ ((x2) & (x4) & (x5)) ^ ((x1) & (x2)) ^ ((x1) & (x4)) ^ \
131 									  ((x2) & (x6)) ^ ((x3) & (x5)) ^ ((x4) & (x5)) ^ ((x0) & (x2)) ^ (x0) )
132 #define F3(x6,x5,x4,x3,x2,x1,x0)	( ((x1) & (x2) & (x3)) ^ ((x1) & (x4)) ^ ((x2) & (x5)) ^ ((x3) & (x6)) ^ ((x0) & (x3)) ^ (x0) )
133 #define F4(x6,x5,x4,x3,x2,x1,x0)	( ((x1) & (x2) & (x3)) ^ ((x2) & (x4) & (x5)) ^ ((x3) & (x4) & (x6)) ^ \
134 									  ((x1) & (x4)) ^ ((x2) & (x6)) ^ ((x3) & (x4)) ^ ((x3) & (x5)) ^ \
135 									  ((x3) & (x6)) ^ ((x4) & (x5)) ^ ((x4) & (x6)) ^ ((x0) & (x4)) ^ (x0) )
136 #define F5(x6,x5,x4,x3,x2,x1,x0)	( ((x1) & (x4)) ^ ((x2) & (x5)) ^ ((x3) & (x6)) ^ \
137 									  ((x0) & (x1) & (x2) & (x3)) ^ ((x0) & (x5)) ^ (x0) )
138 
139 #define ROTR(x,n)	(((x) >> (n)) | ((x) << (32 - (n))))
140 
141 
142 /* {{{ PHP_3HAVALTransform
143  */
PHP_3HAVALTransform(uint32_t state[8],const unsigned char block[128])144 static void PHP_3HAVALTransform(uint32_t state[8], const unsigned char block[128])
145 {
146 	uint32_t E[8];
147 	uint32_t x[32];
148 	int i;
149 
150 	Decode(x, block, 128);
151 
152 	for(i = 0; i < 8; i++) {
153 		E[i] = state[i];
154 	}
155 
156 	for(i = 0; i < 32; i++) {
157 		E[7 - (i % 8)] = ROTR(F1(E[M1[i]],E[M0[i]],E[M3[i]],E[M5[i]],E[M6[i]],E[M2[i]],E[M4[i]]),7) + ROTR(E[M7[i]],11) + x[i];
158 	}
159 	for(i = 0; i < 32; i++) {
160 		E[7 - (i % 8)] = ROTR(F2(E[M4[i]],E[M2[i]],E[M1[i]],E[M0[i]],E[M5[i]],E[M3[i]],E[M6[i]]),7) + ROTR(E[M7[i]],11) + x[I2[i]] + K2[i];
161 	}
162 	for(i = 0; i < 32; i++) {
163 		E[7 - (i % 8)] = ROTR(F3(E[M6[i]],E[M1[i]],E[M2[i]],E[M3[i]],E[M4[i]],E[M5[i]],E[M0[i]]),7) + ROTR(E[M7[i]],11) + x[I3[i]] + K3[i];
164 	}
165 
166 	/* Update digest */
167 	for(i = 0; i < 8; i++) {
168 		state[i] += E[i];
169 	}
170 
171 	/* Zeroize sensitive information. */
172 	ZEND_SECURE_ZERO((unsigned char*) x, sizeof(x));
173 }
174 /* }}} */
175 
176 /* {{{ PHP_4HAVALTransform
177  */
PHP_4HAVALTransform(uint32_t state[8],const unsigned char block[128])178 static void PHP_4HAVALTransform(uint32_t state[8], const unsigned char block[128])
179 {
180 	uint32_t E[8];
181 	uint32_t x[32];
182 	int i;
183 
184 	Decode(x, block, 128);
185 
186 	for(i = 0; i < 8; i++) {
187 		E[i] = state[i];
188 	}
189 
190 	for(i = 0; i < 32; i++) {
191 		E[7 - (i % 8)] = ROTR(F1(E[M2[i]],E[M6[i]],E[M1[i]],E[M4[i]],E[M5[i]],E[M3[i]],E[M0[i]]),7) + ROTR(E[M7[i]],11) + x[i];
192 	}
193 	for(i = 0; i < 32; i++) {
194 		E[7 - (i % 8)] = ROTR(F2(E[M3[i]],E[M5[i]],E[M2[i]],E[M0[i]],E[M1[i]],E[M6[i]],E[M4[i]]),7) + ROTR(E[M7[i]],11) + x[I2[i]] + K2[i];
195 	}
196 	for(i = 0; i < 32; i++) {
197 		E[7 - (i % 8)] = ROTR(F3(E[M1[i]],E[M4[i]],E[M3[i]],E[M6[i]],E[M0[i]],E[M2[i]],E[M5[i]]),7) + ROTR(E[M7[i]],11) + x[I3[i]] + K3[i];
198 	}
199 	for(i = 0; i < 32; i++) {
200 		E[7 - (i % 8)] = ROTR(F4(E[M6[i]],E[M4[i]],E[M0[i]],E[M5[i]],E[M2[i]],E[M1[i]],E[M3[i]]),7) + ROTR(E[M7[i]],11) + x[I4[i]] + K4[i];
201 	}
202 
203 	/* Update digest */
204 	for(i = 0; i < 8; i++) {
205 		state[i] += E[i];
206 	}
207 
208 	/* Zeroize sensitive information. */
209 	ZEND_SECURE_ZERO((unsigned char*) x, sizeof(x));
210 }
211 /* }}} */
212 
213 /* {{{ PHP_5HAVALTransform
214  */
PHP_5HAVALTransform(uint32_t state[8],const unsigned char block[128])215 static void PHP_5HAVALTransform(uint32_t state[8], const unsigned char block[128])
216 {
217 	uint32_t E[8];
218 	uint32_t x[32];
219 	int i;
220 
221 	Decode(x, block, 128);
222 
223 	for(i = 0; i < 8; i++) {
224 		E[i] = state[i];
225 	}
226 	for(i = 0; i < 32; i++) {
227 		E[7 - (i % 8)] = ROTR(F1(E[M3[i]],E[M4[i]],E[M1[i]],E[M0[i]],E[M5[i]],E[M2[i]],E[M6[i]]),7) + ROTR(E[M7[i]],11) + x[i];
228 	}
229 	for(i = 0; i < 32; i++) {
230 		E[7 - (i % 8)] = ROTR(F2(E[M6[i]],E[M2[i]],E[M1[i]],E[M0[i]],E[M3[i]],E[M4[i]],E[M5[i]]),7) + ROTR(E[M7[i]],11) + x[I2[i]] + K2[i];
231 	}
232 	for(i = 0; i < 32; i++) {
233 		E[7 - (i % 8)] = ROTR(F3(E[M2[i]],E[M6[i]],E[M0[i]],E[M4[i]],E[M3[i]],E[M1[i]],E[M5[i]]),7) + ROTR(E[M7[i]],11) + x[I3[i]] + K3[i];
234 	}
235 	for(i = 0; i < 32; i++) {
236 		E[7 - (i % 8)] = ROTR(F4(E[M1[i]],E[M5[i]],E[M3[i]],E[M2[i]],E[M0[i]],E[M4[i]],E[M6[i]]),7) + ROTR(E[M7[i]],11) + x[I4[i]] + K4[i];
237 	}
238 	for(i = 0; i < 32; i++) {
239 		E[7 - (i % 8)] = ROTR(F5(E[M2[i]],E[M5[i]],E[M0[i]],E[M6[i]],E[M4[i]],E[M3[i]],E[M1[i]]),7) + ROTR(E[M7[i]],11) + x[I5[i]] + K5[i];
240 	}
241 
242 	/* Update digest */
243 	for(i = 0; i < 8; i++) {
244 		state[i] += E[i];
245 	}
246 
247 	/* Zeroize sensitive information. */
248 	ZEND_SECURE_ZERO((unsigned char*) x, sizeof(x));
249 }
250 /* }}} */
251 
252 #define PHP_HASH_HAVAL_INIT(p,b) \
253 const php_hash_ops php_hash_##p##haval##b##_ops = { \
254 	(php_hash_init_func_t) PHP_##p##HAVAL##b##Init, \
255 	(php_hash_update_func_t) PHP_HAVALUpdate, \
256 	(php_hash_final_func_t) PHP_HAVAL##b##Final, \
257 	(php_hash_copy_func_t) php_hash_copy, \
258 	((b) / 8), 128, sizeof(PHP_HAVAL_CTX), 1 }; \
259 PHP_HASH_API void PHP_##p##HAVAL##b##Init(PHP_HAVAL_CTX *context) \
260 {	int i; context->count[0] = 	context->count[1] = 	0; \
261 	for(i = 0; i < 8; i++) context->state[i] = D0[i]; \
262 	context->passes = p;	context->output = b; \
263 	context->Transform = PHP_##p##HAVALTransform; }
264 
265 PHP_HASH_HAVAL_INIT(3,128)
266 PHP_HASH_HAVAL_INIT(3,160)
267 PHP_HASH_HAVAL_INIT(3,192)
268 PHP_HASH_HAVAL_INIT(3,224)
269 PHP_HASH_HAVAL_INIT(3,256)
270 
271 PHP_HASH_HAVAL_INIT(4,128)
272 PHP_HASH_HAVAL_INIT(4,160)
273 PHP_HASH_HAVAL_INIT(4,192)
274 PHP_HASH_HAVAL_INIT(4,224)
275 PHP_HASH_HAVAL_INIT(4,256)
276 
277 PHP_HASH_HAVAL_INIT(5,128)
278 PHP_HASH_HAVAL_INIT(5,160)
279 PHP_HASH_HAVAL_INIT(5,192)
280 PHP_HASH_HAVAL_INIT(5,224)
281 PHP_HASH_HAVAL_INIT(5,256)
282 
283 /* {{{ PHP_HAVALUpdate
284  */
PHP_HAVALUpdate(PHP_HAVAL_CTX * context,const unsigned char * input,unsigned int inputLen)285 PHP_HASH_API void PHP_HAVALUpdate(PHP_HAVAL_CTX *context, const unsigned char *input, unsigned int inputLen)
286 {
287 	unsigned int i, index, partLen;
288 
289 	/* Compute number of bytes mod 128 */
290 	index = (unsigned int) ((context->count[0] >> 3) & 0x7F);
291 	/* Update number of bits */
292 	if ((context->count[0] += ((uint32_t) inputLen << 3)) < ((uint32_t) inputLen << 3)) {
293 		context->count[1]++;
294 	}
295 	context->count[1] += ((uint32_t) inputLen >> 29);
296 
297 	partLen = 128 - index;
298 
299 	/* Transform as many times as possible.
300 	 */
301 	if (inputLen >= partLen) {
302 		memcpy((unsigned char*) & context->buffer[index], (unsigned char*) input, partLen);
303 		context->Transform(context->state, context->buffer);
304 
305 		for (i = partLen; i + 127 < inputLen; i += 128) {
306 			context->Transform(context->state, &input[i]);
307 		}
308 
309 		index = 0;
310 	} else {
311 		i = 0;
312 	}
313 
314 	/* Buffer remaining input */
315 	memcpy((unsigned char*) &context->buffer[index], (unsigned char*) &input[i], inputLen - i);
316 }
317 /* }}} */
318 
319 #define PHP_HASH_HAVAL_VERSION	0x01
320 
321 /* {{{ PHP_HAVAL128Final
322  */
PHP_HAVAL128Final(unsigned char * digest,PHP_HAVAL_CTX * context)323 PHP_HASH_API void PHP_HAVAL128Final(unsigned char *digest, PHP_HAVAL_CTX * context)
324 {
325 	unsigned char bits[10];
326 	unsigned int index, padLen;
327 
328 	/* Version, Passes, and Digest Length */
329 	bits[0] =	(PHP_HASH_HAVAL_VERSION & 0x07) |
330 				((context->passes & 0x07) << 3) |
331 				((context->output & 0x03) << 6);
332 	bits[1] = (context->output >> 2);
333 
334 	/* Save number of bits */
335 	Encode(bits + 2, context->count, 8);
336 
337 	/* Pad out to 118 mod 128.
338 	 */
339 	index = (unsigned int) ((context->count[0] >> 3) & 0x7f);
340 	padLen = (index < 118) ? (118 - index) : (246 - index);
341 	PHP_HAVALUpdate(context, PADDING, padLen);
342 
343 	/* Append version, passes, digest length, and message length */
344 	PHP_HAVALUpdate(context, bits, 10);
345 
346 	/* Store state in digest */
347 	context->state[3] += (context->state[7] & 0xFF000000) |
348 						 (context->state[6] & 0x00FF0000) |
349 						 (context->state[5] & 0x0000FF00) |
350 						 (context->state[4] & 0x000000FF);
351 
352 	context->state[2] += (((context->state[7] & 0x00FF0000) |
353 						   (context->state[6] & 0x0000FF00) |
354 						   (context->state[5] & 0x000000FF)) << 8) |
355 						  ((context->state[4] & 0xFF000000) >> 24);
356 
357 	context->state[1] += (((context->state[7] & 0x0000FF00) |
358 						   (context->state[6] & 0x000000FF)) << 16) |
359 						 (((context->state[5] & 0xFF000000) |
360 						   (context->state[4] & 0x00FF0000)) >> 16);
361 
362 	context->state[0] +=  ((context->state[7] & 0x000000FF) << 24) |
363 						 (((context->state[6] & 0xFF000000) |
364 						   (context->state[5] & 0x00FF0000) |
365 						   (context->state[4] & 0x0000FF00)) >> 8);
366 
367 	Encode(digest, context->state, 16);
368 
369 	/* Zeroize sensitive information.
370 	 */
371 	ZEND_SECURE_ZERO((unsigned char*) context, sizeof(*context));
372 }
373 /* }}} */
374 
375 /* {{{ PHP_HAVAL160Final
376  */
PHP_HAVAL160Final(unsigned char * digest,PHP_HAVAL_CTX * context)377 PHP_HASH_API void PHP_HAVAL160Final(unsigned char *digest, PHP_HAVAL_CTX * context)
378 {
379 	unsigned char bits[10];
380 	unsigned int index, padLen;
381 
382 	/* Version, Passes, and Digest Length */
383 	bits[0] =	(PHP_HASH_HAVAL_VERSION & 0x07) |
384 				((context->passes & 0x07) << 3) |
385 				((context->output & 0x03) << 6);
386 	bits[1] = (context->output >> 2);
387 
388 	/* Save number of bits */
389 	Encode(bits + 2, context->count, 8);
390 
391 	/* Pad out to 118 mod 128.
392 	 */
393 	index = (unsigned int) ((context->count[0] >> 3) & 0x7f);
394 	padLen = (index < 118) ? (118 - index) : (246 - index);
395 	PHP_HAVALUpdate(context, PADDING, padLen);
396 
397 	/* Append version, passes, digest length, and message length */
398 	PHP_HAVALUpdate(context, bits, 10);
399 
400 	/* Store state in digest */
401 	context->state[4] += ((context->state[7] & 0xFE000000) |
402 						  (context->state[6] & 0x01F80000) |
403 						  (context->state[5] & 0x0007F000)) >> 12;
404 
405 	context->state[3] += ((context->state[7] & 0x01F80000) |
406 						  (context->state[6] & 0x0007F000) |
407 						  (context->state[5] & 0x00000FC0)) >> 6;
408 
409 	context->state[2] +=  (context->state[7] & 0x0007F000) |
410 						  (context->state[6] & 0x00000FC0) |
411 						  (context->state[5] & 0x0000003F);
412 
413 	context->state[1] += ROTR((context->state[7] & 0x00000FC0) |
414 							  (context->state[6] & 0x0000003F) |
415 							  (context->state[5] & 0xFE000000), 25);
416 
417 	context->state[0] += ROTR((context->state[7] & 0x0000003F) |
418 							  (context->state[6] & 0xFE000000) |
419 							  (context->state[5] & 0x01F80000), 19);
420 
421 	Encode(digest, context->state, 20);
422 
423 	/* Zeroize sensitive information.
424 	 */
425 	ZEND_SECURE_ZERO((unsigned char*) context, sizeof(*context));
426 }
427 /* }}} */
428 
429 /* {{{ PHP_HAVAL192Final
430  */
PHP_HAVAL192Final(unsigned char * digest,PHP_HAVAL_CTX * context)431 PHP_HASH_API void PHP_HAVAL192Final(unsigned char *digest, PHP_HAVAL_CTX * context)
432 {
433 	unsigned char bits[10];
434 	unsigned int index, padLen;
435 
436 	/* Version, Passes, and Digest Length */
437 	bits[0] =	(PHP_HASH_HAVAL_VERSION & 0x07) |
438 				((context->passes & 0x07) << 3) |
439 				((context->output & 0x03) << 6);
440 	bits[1] = (context->output >> 2);
441 
442 	/* Save number of bits */
443 	Encode(bits + 2, context->count, 8);
444 
445 	/* Pad out to 118 mod 128.
446 	 */
447 	index = (unsigned int) ((context->count[0] >> 3) & 0x7f);
448 	padLen = (index < 118) ? (118 - index) : (246 - index);
449 	PHP_HAVALUpdate(context, PADDING, padLen);
450 
451 	/* Append version, passes, digest length, and message length */
452 	PHP_HAVALUpdate(context, bits, 10);
453 
454 	/* Store state in digest */
455 	context->state[5] += ((context->state[7] & 0xFC000000) | (context->state[6] & 0x03E00000)) >> 21;
456 	context->state[4] += ((context->state[7] & 0x03E00000) | (context->state[6] & 0x001F0000)) >> 16;
457 	context->state[3] += ((context->state[7] & 0x001F0000) | (context->state[6] & 0x0000FC00)) >> 10;
458 	context->state[2] += ((context->state[7] & 0x0000FC00) | (context->state[6] & 0x000003E0)) >>  5;
459 	context->state[1] +=  (context->state[7] & 0x000003E0) | (context->state[6] & 0x0000001F);
460 	context->state[0] += ROTR((context->state[7] & 0x0000001F) | (context->state[6] & 0xFC000000), 26);
461 	Encode(digest, context->state, 24);
462 
463 	/* Zeroize sensitive information.
464 	 */
465 	ZEND_SECURE_ZERO((unsigned char*) context, sizeof(*context));
466 }
467 /* }}} */
468 
469 /* {{{ PHP_HAVAL224Final
470  */
PHP_HAVAL224Final(unsigned char * digest,PHP_HAVAL_CTX * context)471 PHP_HASH_API void PHP_HAVAL224Final(unsigned char *digest, PHP_HAVAL_CTX * context)
472 {
473 	unsigned char bits[10];
474 	unsigned int index, padLen;
475 
476 	/* Version, Passes, and Digest Length */
477 	bits[0] =	(PHP_HASH_HAVAL_VERSION & 0x07) |
478 				((context->passes & 0x07) << 3) |
479 				((context->output & 0x03) << 6);
480 	bits[1] = (context->output >> 2);
481 
482 	/* Save number of bits */
483 	Encode(bits + 2, context->count, 8);
484 
485 	/* Pad out to 118 mod 128.
486 	 */
487 	index = (unsigned int) ((context->count[0] >> 3) & 0x7f);
488 	padLen = (index < 118) ? (118 - index) : (246 - index);
489 	PHP_HAVALUpdate(context, PADDING, padLen);
490 
491 	/* Append version, passes, digest length, and message length */
492 	PHP_HAVALUpdate(context, bits, 10);
493 
494 	/* Store state in digest */
495 	context->state[6] +=  context->state[7]        & 0x0000000F;
496 	context->state[5] += (context->state[7] >>  4) & 0x0000001F;
497 	context->state[4] += (context->state[7] >>  9) & 0x0000000F;
498 	context->state[3] += (context->state[7] >> 13) & 0x0000001F;
499 	context->state[2] += (context->state[7] >> 18) & 0x0000000F;
500 	context->state[1] += (context->state[7] >> 22) & 0x0000001F;
501 	context->state[0] += (context->state[7] >> 27) & 0x0000001F;
502 	Encode(digest, context->state, 28);
503 
504 	/* Zeroize sensitive information.
505 	 */
506 	ZEND_SECURE_ZERO((unsigned char*) context, sizeof(*context));
507 }
508 /* }}} */
509 
510 /* {{{ PHP_HAVAL256Final
511  */
PHP_HAVAL256Final(unsigned char * digest,PHP_HAVAL_CTX * context)512 PHP_HASH_API void PHP_HAVAL256Final(unsigned char *digest, PHP_HAVAL_CTX * context)
513 {
514 	unsigned char bits[10];
515 	unsigned int index, padLen;
516 
517 	/* Version, Passes, and Digest Length */
518 	bits[0] =	(PHP_HASH_HAVAL_VERSION & 0x07) |
519 				((context->passes & 0x07) << 3) |
520 				((context->output & 0x03) << 6);
521 	bits[1] = (context->output >> 2);
522 
523 	/* Save number of bits */
524 	Encode(bits + 2, context->count, 8);
525 
526 	/* Pad out to 118 mod 128.
527 	 */
528 	index = (unsigned int) ((context->count[0] >> 3) & 0x7f);
529 	padLen = (index < 118) ? (118 - index) : (246 - index);
530 	PHP_HAVALUpdate(context, PADDING, padLen);
531 
532 	/* Append version, passes, digest length, and message length */
533 	PHP_HAVALUpdate(context, bits, 10);
534 
535 	/* Store state in digest */
536 	Encode(digest, context->state, 32);
537 
538 	/* Zeroize sensitive information.
539 	 */
540 	ZEND_SECURE_ZERO((unsigned char*) context, sizeof(*context));
541 }
542 /* }}} */
543 
544 /*
545  * Local variables:
546  * tab-width: 4
547  * c-basic-offset: 4
548  * End:
549  * vim600: sw=4 ts=4 fdm=marker
550  * vim<600: sw=4 ts=4
551  */
552