package boring
+import "hash"
+
const available = false
// Unreachable marks code that should be unreachable
type randReader int
-func (randReader) Read(b []byte) (int, error) {
- panic("boringcrypto: not available")
-}
+func (randReader) Read(b []byte) (int, error) { panic("boringcrypto: not available") }
const RandReader = randReader(0)
+
+func NewSHA1() hash.Hash { panic("boringcrypto: not available") }
+func NewSHA224() hash.Hash { panic("boringcrypto: not available") }
+func NewSHA256() hash.Hash { panic("boringcrypto: not available") }
+func NewSHA384() hash.Hash { panic("boringcrypto: not available") }
+func NewSHA512() hash.Hash { panic("boringcrypto: not available") }
--- /dev/null
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build linux,amd64
+// +build !cmd_go_bootstrap
+
+package boring
+
+// #include "goboringcrypto.h"
+import "C"
+import (
+ "hash"
+ "unsafe"
+)
+
+// NewSHA1 returns a new SHA1 hash.
+func NewSHA1() hash.Hash {
+ h := new(sha1Hash)
+ h.Reset()
+ return h
+}
+
+type sha1Hash struct {
+ ctx C.GO_SHA_CTX
+ out [20]byte
+}
+
+func (h *sha1Hash) Reset() { C._goboringcrypto_SHA1_Init(&h.ctx) }
+func (h *sha1Hash) Size() int { return 20 }
+func (h *sha1Hash) BlockSize() int { return 64 }
+func (h *sha1Hash) Sum(in []byte) []byte { return append(in, h.sum()...) }
+
+func (h *sha1Hash) Write(p []byte) (int, error) {
+ if len(p) > 0 && C._goboringcrypto_SHA1_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 {
+ panic("boringcrypto: SHA1_Update failed")
+ }
+ return len(p), nil
+}
+
+func (h0 *sha1Hash) sum() []byte {
+ h := *h0 // make copy so future Write+Sum is valid
+ if C._goboringcrypto_SHA1_Final((*C.uint8_t)(unsafe.Pointer(&h.out[0])), &h.ctx) == 0 {
+ panic("boringcrypto: SHA1_Final failed")
+ }
+ return h.out[:]
+}
+
+// NewSHA224 returns a new SHA224 hash.
+func NewSHA224() hash.Hash {
+ h := new(sha224Hash)
+ h.Reset()
+ return h
+}
+
+type sha224Hash struct {
+ ctx C.GO_SHA256_CTX
+ out [224 / 8]byte
+}
+
+func (h *sha224Hash) Reset() { C._goboringcrypto_SHA224_Init(&h.ctx) }
+func (h *sha224Hash) Size() int { return 224 / 8 }
+func (h *sha224Hash) BlockSize() int { return 64 }
+func (h *sha224Hash) Sum(in []byte) []byte { return append(in, h.sum()...) }
+
+func (h *sha224Hash) Write(p []byte) (int, error) {
+ if len(p) > 0 && C._goboringcrypto_SHA224_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 {
+ panic("boringcrypto: SHA224_Update failed")
+ }
+ return len(p), nil
+}
+
+func (h0 *sha224Hash) sum() []byte {
+ h := *h0 // make copy so future Write+Sum is valid
+ if C._goboringcrypto_SHA224_Final((*C.uint8_t)(unsafe.Pointer(&h.out[0])), &h.ctx) == 0 {
+ panic("boringcrypto: SHA224_Final failed")
+ }
+ return h.out[:]
+}
+
+// NewSHA256 returns a new SHA256 hash.
+func NewSHA256() hash.Hash {
+ h := new(sha256Hash)
+ h.Reset()
+ return h
+}
+
+type sha256Hash struct {
+ ctx C.GO_SHA256_CTX
+ out [256 / 8]byte
+}
+
+func (h *sha256Hash) Reset() { C._goboringcrypto_SHA256_Init(&h.ctx) }
+func (h *sha256Hash) Size() int { return 256 / 8 }
+func (h *sha256Hash) BlockSize() int { return 64 }
+func (h *sha256Hash) Sum(in []byte) []byte { return append(in, h.sum()...) }
+
+func (h *sha256Hash) Write(p []byte) (int, error) {
+ if len(p) > 0 && C._goboringcrypto_SHA256_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 {
+ panic("boringcrypto: SHA256_Update failed")
+ }
+ return len(p), nil
+}
+
+func (h0 *sha256Hash) sum() []byte {
+ h := *h0 // make copy so future Write+Sum is valid
+ if C._goboringcrypto_SHA256_Final((*C.uint8_t)(unsafe.Pointer(&h.out[0])), &h.ctx) == 0 {
+ panic("boringcrypto: SHA256_Final failed")
+ }
+ return h.out[:]
+}
+
+// NewSHA384 returns a new SHA384 hash.
+func NewSHA384() hash.Hash {
+ h := new(sha384Hash)
+ h.Reset()
+ return h
+}
+
+type sha384Hash struct {
+ ctx C.GO_SHA512_CTX
+ out [384 / 8]byte
+}
+
+func (h *sha384Hash) Reset() { C._goboringcrypto_SHA384_Init(&h.ctx) }
+func (h *sha384Hash) Size() int { return 384 / 8 }
+func (h *sha384Hash) BlockSize() int { return 128 }
+func (h *sha384Hash) Sum(in []byte) []byte { return append(in, h.sum()...) }
+
+func (h *sha384Hash) Write(p []byte) (int, error) {
+ if len(p) > 0 && C._goboringcrypto_SHA384_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 {
+ panic("boringcrypto: SHA384_Update failed")
+ }
+ return len(p), nil
+}
+
+func (h0 *sha384Hash) sum() []byte {
+ h := *h0 // make copy so future Write+Sum is valid
+ if C._goboringcrypto_SHA384_Final((*C.uint8_t)(unsafe.Pointer(&h.out[0])), &h.ctx) == 0 {
+ panic("boringcrypto: SHA384_Final failed")
+ }
+ return h.out[:]
+}
+
+// NewSHA512 returns a new SHA512 hash.
+func NewSHA512() hash.Hash {
+ h := new(sha512Hash)
+ h.Reset()
+ return h
+}
+
+type sha512Hash struct {
+ ctx C.GO_SHA512_CTX
+ out [512 / 8]byte
+}
+
+func (h *sha512Hash) Reset() { C._goboringcrypto_SHA512_Init(&h.ctx) }
+func (h *sha512Hash) Size() int { return 512 / 8 }
+func (h *sha512Hash) BlockSize() int { return 128 }
+func (h *sha512Hash) Sum(in []byte) []byte { return append(in, h.sum()...) }
+
+func (h *sha512Hash) Write(p []byte) (int, error) {
+ if len(p) > 0 && C._goboringcrypto_SHA512_Update(&h.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) == 0 {
+ panic("boringcrypto: SHA512_Update failed")
+ }
+ return len(p), nil
+}
+
+func (h0 *sha512Hash) sum() []byte {
+ h := *h0 // make copy so future Write+Sum is valid
+ if C._goboringcrypto_SHA512_Final((*C.uint8_t)(unsafe.Pointer(&h.out[0])), &h.ctx) == 0 {
+ panic("boringcrypto: SHA512_Final failed")
+ }
+ return h.out[:]
+}
--- /dev/null
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Extra indirection here so that when building go_bootstrap
+// cmd/internal/boring is not even imported, so that we don't
+// have to maintain changes to cmd/dist's deps graph.
+
+// +build !cmd_go_bootstrap
+
+package sha1
+
+import (
+ "crypto/internal/boring"
+ "hash"
+)
+
+const boringEnabled = boring.Enabled
+
+func boringNewSHA1() hash.Hash { return boring.NewSHA1() }
+
+func boringUnreachable() { boring.Unreachable() }
--- /dev/null
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build cmd_go_bootstrap
+
+package sha1
+
+import (
+ "hash"
+)
+
+const boringEnabled = false
+
+func boringNewSHA1() hash.Hash { panic("boringcrypto: not available") }
+
+func boringUnreachable() {}
// New returns a new hash.Hash computing the SHA1 checksum.
func New() hash.Hash {
+ if boringEnabled {
+ return boringNewSHA1()
+ }
d := new(digest)
d.Reset()
return d
func (d *digest) BlockSize() int { return BlockSize }
func (d *digest) Write(p []byte) (nn int, err error) {
+ boringUnreachable()
nn = len(p)
d.len += uint64(nn)
if d.nx > 0 {
}
func (d0 *digest) Sum(in []byte) []byte {
+ boringUnreachable()
// Make a copy of d0 so that caller can keep writing and summing.
d := *d0
hash := d.checkSum()
// Sum returns the SHA-1 checksum of the data.
func Sum(data []byte) [Size]byte {
+ if boringEnabled {
+ h := New()
+ h.Write(data)
+ var ret [Size]byte
+ h.Sum(ret[:0])
+ return ret
+ }
var d digest
d.Reset()
d.Write(data)
package sha1
import (
+ "crypto/internal/boring"
"crypto/rand"
"fmt"
"io"
io.WriteString(c, g.in[len(g.in)/2:])
sum = c.Sum(nil)
case 3:
+ if boring.Enabled {
+ continue
+ }
io.WriteString(c, g.in[0:len(g.in)/2])
c.(*digest).ConstantTimeSum(nil)
io.WriteString(c, g.in[len(g.in)/2:])
// Tests that blockGeneric (pure Go) and block (in assembly for some architectures) match.
func TestBlockGeneric(t *testing.T) {
+ if boring.Enabled {
+ t.Skip("BoringCrypto doesn't expose digest")
+ }
for i := 1; i < 30; i++ { // arbitrary factor
gen, asm := New().(*digest), New().(*digest)
buf := make([]byte, BlockSize*i)
import (
"crypto"
+ "crypto/internal/boring"
"hash"
)
// New returns a new hash.Hash computing the SHA256 checksum.
func New() hash.Hash {
+ if boring.Enabled {
+ return boring.NewSHA256()
+ }
d := new(digest)
d.Reset()
return d
// New224 returns a new hash.Hash computing the SHA224 checksum.
func New224() hash.Hash {
+ if boring.Enabled {
+ return boring.NewSHA224()
+ }
d := new(digest)
d.is224 = true
d.Reset()
func (d *digest) BlockSize() int { return BlockSize }
func (d *digest) Write(p []byte) (nn int, err error) {
+ boring.Unreachable()
nn = len(p)
d.len += uint64(nn)
if d.nx > 0 {
}
func (d0 *digest) Sum(in []byte) []byte {
+ boring.Unreachable()
// Make a copy of d0 so that caller can keep writing and summing.
d := *d0
hash := d.checkSum()
// Sum256 returns the SHA256 checksum of the data.
func Sum256(data []byte) [Size]byte {
+ if boring.Enabled {
+ h := New()
+ h.Write(data)
+ var ret [Size]byte
+ h.Sum(ret[:0])
+ return ret
+ }
var d digest
d.Reset()
d.Write(data)
// Sum224 returns the SHA224 checksum of the data.
func Sum224(data []byte) (sum224 [Size224]byte) {
+ if boring.Enabled {
+ h := New224()
+ h.Write(data)
+ var ret [Size224]byte
+ h.Sum(ret[:0])
+ return ret
+ }
var d digest
d.is224 = true
d.Reset()
package sha256
import (
+ "crypto/internal/boring"
"crypto/rand"
"fmt"
"io"
// Tests that blockGeneric (pure Go) and block (in assembly for some architectures) match.
func TestBlockGeneric(t *testing.T) {
+ if boring.Enabled {
+ t.Skip("BoringCrypto doesn't expose digest")
+ }
gen, asm := New().(*digest), New().(*digest)
buf := make([]byte, BlockSize*20) // arbitrary factor
rand.Read(buf)
import (
"crypto"
+ "crypto/internal/boring"
"hash"
)
// New returns a new hash.Hash computing the SHA-512 checksum.
func New() hash.Hash {
+ if boring.Enabled {
+ return boring.NewSHA512()
+ }
d := &digest{function: crypto.SHA512}
d.Reset()
return d
// New384 returns a new hash.Hash computing the SHA-384 checksum.
func New384() hash.Hash {
+ if boring.Enabled {
+ return boring.NewSHA384()
+ }
d := &digest{function: crypto.SHA384}
d.Reset()
return d
func (d *digest) BlockSize() int { return BlockSize }
func (d *digest) Write(p []byte) (nn int, err error) {
+ if d.function != crypto.SHA512_224 && d.function != crypto.SHA512_256 {
+ boring.Unreachable()
+ }
nn = len(p)
d.len += uint64(nn)
if d.nx > 0 {
}
func (d0 *digest) Sum(in []byte) []byte {
+ if d0.function != crypto.SHA512_224 && d0.function != crypto.SHA512_256 {
+ boring.Unreachable()
+ }
// Make a copy of d0 so that caller can keep writing and summing.
d := new(digest)
*d = *d0
// Sum512 returns the SHA512 checksum of the data.
func Sum512(data []byte) [Size]byte {
+ if boring.Enabled {
+ h := New()
+ h.Write(data)
+ var ret [Size]byte
+ h.Sum(ret[:0])
+ return ret
+ }
d := digest{function: crypto.SHA512}
d.Reset()
d.Write(data)
// Sum384 returns the SHA384 checksum of the data.
func Sum384(data []byte) (sum384 [Size384]byte) {
+ if boring.Enabled {
+ h := New384()
+ h.Write(data)
+ var ret [Size384]byte
+ h.Sum(ret[:0])
+ return ret
+ }
d := digest{function: crypto.SHA384}
d.Reset()
d.Write(data)
package sha512
import (
+ "crypto/internal/boring"
"crypto/rand"
"encoding/hex"
"hash"
// Tests that blockGeneric (pure Go) and block (in assembly for some architectures) match.
func TestBlockGeneric(t *testing.T) {
+ if boring.Enabled {
+ t.Skip("BoringCrypto doesn't expose digest")
+ }
gen, asm := New().(*digest), New().(*digest)
buf := make([]byte, BlockSize*20) // arbitrary factor
rand.Read(buf)
"crypto/cipher"
"crypto/des"
"crypto/hmac"
+ "crypto/internal/boring"
"crypto/rc4"
"crypto/sha1"
"crypto/sha256"
func (c *cthWrapper) Sum(b []byte) []byte { return c.h.ConstantTimeSum(b) }
func newConstantTimeHash(h func() hash.Hash) func() hash.Hash {
+ if boring.Enabled {
+ // The BoringCrypto SHA1 does not have a constant-time
+ // checksum function, so don't try to use it.
+ return h
+ }
return func() hash.Hash {
return &cthWrapper{h().(constantTimeHash)}
}