]>
Commit | Line | Data |
---|---|---|
28dc98e3 JK |
1 | /*** |
2 | * Copyright 2017 Marc Stevens <marc@marc-stevens.nl>, Dan Shumow (danshu@microsoft.com) | |
3 | * Distributed under the MIT Software License. | |
4 | * See accompanying file LICENSE.txt or copy at | |
5 | * https://opensource.org/licenses/MIT | |
6 | ***/ | |
7 | ||
a0103914 ÆAB |
8 | #ifndef SHA1DC_NO_STANDARD_INCLUDES |
9 | #include <string.h> | |
10 | #include <memory.h> | |
11 | #include <stdio.h> | |
12 | #include <stdlib.h> | |
9936c1b5 ÆAB |
13 | #ifdef __unix__ |
14 | #include <sys/types.h> /* make sure macros like _BIG_ENDIAN visible */ | |
15 | #endif | |
a0103914 ÆAB |
16 | #endif |
17 | ||
18 | #ifdef SHA1DC_CUSTOM_INCLUDE_SHA1_C | |
19 | #include SHA1DC_CUSTOM_INCLUDE_SHA1_C | |
20 | #endif | |
21 | ||
22 | #ifndef SHA1DC_INIT_SAFE_HASH_DEFAULT | |
23 | #define SHA1DC_INIT_SAFE_HASH_DEFAULT 1 | |
24 | #endif | |
25 | ||
26 | #include "sha1.h" | |
27 | #include "ubc_check.h" | |
28dc98e3 | 28 | |
9936c1b5 ÆAB |
29 | #if (defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) || \ |
30 | defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) || \ | |
31 | defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(__X86__) || \ | |
32 | defined(_X86_) || defined(__THW_INTEL__) || defined(__I86__) || defined(__INTEL__) || \ | |
33 | defined(__386) || defined(_M_X64) || defined(_M_AMD64)) | |
34 | #define SHA1DC_ON_INTEL_LIKE_PROCESSOR | |
35 | #endif | |
28dc98e3 JK |
36 | |
37 | /* | |
38 | Because Little-Endian architectures are most common, | |
7e71542e | 39 | we only set SHA1DC_BIGENDIAN if one of these conditions is met. |
28dc98e3 JK |
40 | Note that all MSFT platforms are little endian, |
41 | so none of these will be defined under the MSC compiler. | |
42 | If you are compiling on a big endian platform and your compiler does not define one of these, | |
43 | you will have to add whatever macros your tool chain defines to indicate Big-Endianness. | |
44 | */ | |
a0103914 | 45 | |
9936c1b5 ÆAB |
46 | #if defined(__BYTE_ORDER__) && defined(__ORDER_BIG_ENDIAN__) |
47 | /* | |
48 | * Should detect Big Endian under GCC since at least 4.6.0 (gcc svn | |
49 | * rev #165881). See | |
50 | * https://gcc.gnu.org/onlinedocs/cpp/Common-Predefined-Macros.html | |
51 | * | |
52 | * This also works under clang since 3.2, it copied the GCC-ism. See | |
53 | * clang.git's 3b198a97d2 ("Preprocessor: add __BYTE_ORDER__ | |
54 | * predefined macro", 2012-07-27) | |
55 | */ | |
56 | #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ | |
6b851e53 ÆAB |
57 | #define SHA1DC_BIGENDIAN |
58 | #endif | |
59 | ||
9936c1b5 ÆAB |
60 | /* Not under GCC-alike */ |
61 | #elif defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) | |
62 | /* | |
63 | * Should detect Big Endian under glibc.git since 14245eb70e ("entered | |
64 | * into RCS", 1992-11-25). Defined in <endian.h> which will have been | |
65 | * brought in by standard headers. See glibc.git and | |
66 | * https://sourceforge.net/p/predef/wiki/Endianness/ | |
67 | */ | |
68 | #if __BYTE_ORDER == __BIG_ENDIAN | |
a0103914 | 69 | #define SHA1DC_BIGENDIAN |
6b851e53 | 70 | #endif |
28dc98e3 | 71 | |
9936c1b5 ÆAB |
72 | /* Not under GCC-alike or glibc */ |
73 | #elif defined(_BYTE_ORDER) && defined(_BIG_ENDIAN) && defined(_LITTLE_ENDIAN) | |
74 | /* | |
75 | * *BSD and newlib (embeded linux, cygwin, etc). | |
76 | * the defined(_BIG_ENDIAN) && defined(_LITTLE_ENDIAN) part prevents | |
77 | * this condition from matching with Solaris/sparc. | |
78 | * (Solaris defines only one endian macro) | |
79 | */ | |
80 | #if _BYTE_ORDER == _BIG_ENDIAN | |
81 | #define SHA1DC_BIGENDIAN | |
6b851e53 ÆAB |
82 | #endif |
83 | ||
9936c1b5 ÆAB |
84 | /* Not under GCC-alike or glibc or *BSD or newlib */ |
85 | #elif (defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \ | |
86 | defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || \ | |
87 | defined(__sparc)) | |
88 | /* | |
89 | * Should define Big Endian for a whitelist of known processors. See | |
90 | * https://sourceforge.net/p/predef/wiki/Endianness/ and | |
91 | * http://www.oracle.com/technetwork/server-storage/solaris/portingtosolaris-138514.html | |
92 | */ | |
93 | #define SHA1DC_BIGENDIAN | |
94 | ||
95 | /* Not under GCC-alike or glibc or *BSD or newlib or <processor whitelist> */ | |
4125f782 | 96 | #elif (defined(_AIX) || defined(__hpux)) |
23e37f8e ÆAB |
97 | |
98 | /* | |
99 | * Defines Big Endian on a whitelist of OSs that are known to be Big | |
100 | * Endian-only. See | |
101 | * https://public-inbox.org/git/93056823-2740-d072-1ebd-46b440b33d7e@felt.demon.nl/ | |
102 | */ | |
103 | #define SHA1DC_BIGENDIAN | |
104 | ||
105 | /* Not under GCC-alike or glibc or *BSD or newlib or <processor whitelist> or <os whitelist> */ | |
9936c1b5 ÆAB |
106 | #elif defined(SHA1DC_ON_INTEL_LIKE_PROCESSOR) |
107 | /* | |
108 | * As a last resort before we do anything else we're not 100% sure | |
109 | * about below, we blacklist specific processors here. We could add | |
110 | * more, see e.g. https://wiki.debian.org/ArchitectureSpecificsMemo | |
111 | */ | |
23e37f8e | 112 | #else /* Not under GCC-alike or glibc or *BSD or newlib or <processor whitelist> or <os whitelist> or <processor blacklist> */ |
9936c1b5 ÆAB |
113 | |
114 | /* We do nothing more here for now */ | |
115 | /*#error "Uncomment this to see if you fall through all the detection"*/ | |
116 | ||
117 | #endif /* Big Endian detection */ | |
118 | ||
6b851e53 ÆAB |
119 | #if (defined(SHA1DC_FORCE_LITTLEENDIAN) && defined(SHA1DC_BIGENDIAN)) |
120 | #undef SHA1DC_BIGENDIAN | |
121 | #endif | |
122 | #if (defined(SHA1DC_FORCE_BIGENDIAN) && !defined(SHA1DC_BIGENDIAN)) | |
123 | #define SHA1DC_BIGENDIAN | |
124 | #endif | |
125 | /*ENDIANNESS SELECTION*/ | |
28dc98e3 | 126 | |
07a20f56 | 127 | #ifndef SHA1DC_FORCE_ALIGNED_ACCESS |
9936c1b5 | 128 | #if defined(SHA1DC_FORCE_UNALIGNED_ACCESS) || defined(SHA1DC_ON_INTEL_LIKE_PROCESSOR) |
a0103914 | 129 | #define SHA1DC_ALLOW_UNALIGNED_ACCESS |
07a20f56 JK |
130 | #endif /*UNALIGNED ACCESS DETECTION*/ |
131 | #endif /*FORCE ALIGNED ACCESS*/ | |
a0103914 | 132 | |
28dc98e3 JK |
133 | #define rotate_right(x,n) (((x)>>(n))|((x)<<(32-(n)))) |
134 | #define rotate_left(x,n) (((x)<<(n))|((x)>>(32-(n)))) | |
135 | ||
136 | #define sha1_bswap32(x) \ | |
137 | {x = ((x << 8) & 0xFF00FF00) | ((x >> 8) & 0xFF00FF); x = (x << 16) | (x >> 16);} | |
138 | ||
139 | #define sha1_mix(W, t) (rotate_left(W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16], 1)) | |
140 | ||
a0103914 | 141 | #ifdef SHA1DC_BIGENDIAN |
28dc98e3 JK |
142 | #define sha1_load(m, t, temp) { temp = m[t]; } |
143 | #else | |
144 | #define sha1_load(m, t, temp) { temp = m[t]; sha1_bswap32(temp); } | |
a0103914 | 145 | #endif |
28dc98e3 JK |
146 | |
147 | #define sha1_store(W, t, x) *(volatile uint32_t *)&W[t] = x | |
148 | ||
149 | #define sha1_f1(b,c,d) ((d)^((b)&((c)^(d)))) | |
150 | #define sha1_f2(b,c,d) ((b)^(c)^(d)) | |
151 | #define sha1_f3(b,c,d) (((b)&(c))+((d)&((b)^(c)))) | |
152 | #define sha1_f4(b,c,d) ((b)^(c)^(d)) | |
153 | ||
154 | #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, m, t) \ | |
155 | { e += rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; b = rotate_left(b, 30); } | |
156 | #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, m, t) \ | |
157 | { e += rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; b = rotate_left(b, 30); } | |
158 | #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, m, t) \ | |
159 | { e += rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; b = rotate_left(b, 30); } | |
160 | #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, m, t) \ | |
161 | { e += rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; b = rotate_left(b, 30); } | |
162 | ||
163 | #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, m, t) \ | |
164 | { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; } | |
165 | #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, m, t) \ | |
166 | { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; } | |
167 | #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, m, t) \ | |
168 | { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; } | |
169 | #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, m, t) \ | |
170 | { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; } | |
171 | ||
172 | #define SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, t, temp) \ | |
173 | {sha1_load(m, t, temp); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30);} | |
174 | ||
175 | #define SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(a, b, c, d, e, W, t, temp) \ | |
176 | {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30); } | |
177 | ||
178 | #define SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, t, temp) \ | |
179 | {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1; b = rotate_left(b, 30); } | |
180 | ||
181 | #define SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, t, temp) \ | |
182 | {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC; b = rotate_left(b, 30); } | |
183 | ||
184 | #define SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, t, temp) \ | |
185 | {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6; b = rotate_left(b, 30); } | |
186 | ||
187 | ||
188 | #define SHA1_STORE_STATE(i) states[i][0] = a; states[i][1] = b; states[i][2] = c; states[i][3] = d; states[i][4] = e; | |
189 | ||
190 | #ifdef BUILDNOCOLLDETECTSHA1COMPRESSION | |
191 | void sha1_compression(uint32_t ihv[5], const uint32_t m[16]) | |
192 | { | |
193 | uint32_t W[80]; | |
194 | uint32_t a,b,c,d,e; | |
195 | unsigned i; | |
196 | ||
197 | memcpy(W, m, 16 * 4); | |
198 | for (i = 16; i < 80; ++i) | |
199 | W[i] = sha1_mix(W, i); | |
200 | ||
201 | a = ihv[0]; b = ihv[1]; c = ihv[2]; d = ihv[3]; e = ihv[4]; | |
202 | ||
203 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 0); | |
204 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 1); | |
205 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 2); | |
206 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 3); | |
207 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 4); | |
208 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 5); | |
209 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 6); | |
210 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 7); | |
211 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 8); | |
212 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 9); | |
213 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 10); | |
214 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 11); | |
215 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 12); | |
216 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 13); | |
217 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 14); | |
218 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 15); | |
219 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 16); | |
220 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 17); | |
221 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 18); | |
222 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 19); | |
223 | ||
224 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 20); | |
225 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 21); | |
226 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 22); | |
227 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 23); | |
228 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 24); | |
229 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 25); | |
230 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 26); | |
231 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 27); | |
232 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 28); | |
233 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 29); | |
234 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 30); | |
235 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 31); | |
236 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 32); | |
237 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 33); | |
238 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 34); | |
239 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 35); | |
240 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 36); | |
241 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 37); | |
242 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 38); | |
243 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 39); | |
244 | ||
245 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 40); | |
246 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 41); | |
247 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 42); | |
248 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 43); | |
249 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 44); | |
250 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 45); | |
251 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 46); | |
252 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 47); | |
253 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 48); | |
254 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 49); | |
255 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 50); | |
256 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 51); | |
257 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 52); | |
258 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 53); | |
259 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 54); | |
260 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 55); | |
261 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 56); | |
262 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 57); | |
263 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 58); | |
264 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 59); | |
265 | ||
266 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 60); | |
267 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 61); | |
268 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 62); | |
269 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 63); | |
270 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 64); | |
271 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 65); | |
272 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 66); | |
273 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 67); | |
274 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 68); | |
275 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 69); | |
276 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 70); | |
277 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 71); | |
278 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 72); | |
279 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 73); | |
280 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 74); | |
281 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 75); | |
282 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 76); | |
283 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 77); | |
284 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 78); | |
285 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 79); | |
286 | ||
287 | ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e; | |
288 | } | |
289 | #endif /*BUILDNOCOLLDETECTSHA1COMPRESSION*/ | |
290 | ||
291 | ||
292 | static void sha1_compression_W(uint32_t ihv[5], const uint32_t W[80]) | |
293 | { | |
294 | uint32_t a = ihv[0], b = ihv[1], c = ihv[2], d = ihv[3], e = ihv[4]; | |
295 | ||
296 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 0); | |
297 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 1); | |
298 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 2); | |
299 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 3); | |
300 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 4); | |
301 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 5); | |
302 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 6); | |
303 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 7); | |
304 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 8); | |
305 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 9); | |
306 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 10); | |
307 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 11); | |
308 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 12); | |
309 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 13); | |
310 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 14); | |
311 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 15); | |
312 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 16); | |
313 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 17); | |
314 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 18); | |
315 | HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 19); | |
316 | ||
317 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 20); | |
318 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 21); | |
319 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 22); | |
320 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 23); | |
321 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 24); | |
322 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 25); | |
323 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 26); | |
324 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 27); | |
325 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 28); | |
326 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 29); | |
327 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 30); | |
328 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 31); | |
329 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 32); | |
330 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 33); | |
331 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 34); | |
332 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 35); | |
333 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 36); | |
334 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 37); | |
335 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 38); | |
336 | HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 39); | |
337 | ||
338 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 40); | |
339 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 41); | |
340 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 42); | |
341 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 43); | |
342 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 44); | |
343 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 45); | |
344 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 46); | |
345 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 47); | |
346 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 48); | |
347 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 49); | |
348 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 50); | |
349 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 51); | |
350 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 52); | |
351 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 53); | |
352 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 54); | |
353 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 55); | |
354 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 56); | |
355 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 57); | |
356 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 58); | |
357 | HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 59); | |
358 | ||
359 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 60); | |
360 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 61); | |
361 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 62); | |
362 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 63); | |
363 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 64); | |
364 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 65); | |
365 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 66); | |
366 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 67); | |
367 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 68); | |
368 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 69); | |
369 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 70); | |
370 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 71); | |
371 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 72); | |
372 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 73); | |
373 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 74); | |
374 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 75); | |
375 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 76); | |
376 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 77); | |
377 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 78); | |
378 | HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 79); | |
379 | ||
380 | ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e; | |
381 | } | |
382 | ||
383 | ||
384 | ||
385 | void sha1_compression_states(uint32_t ihv[5], const uint32_t m[16], uint32_t W[80], uint32_t states[80][5]) | |
386 | { | |
387 | uint32_t a = ihv[0], b = ihv[1], c = ihv[2], d = ihv[3], e = ihv[4]; | |
388 | uint32_t temp; | |
389 | ||
390 | #ifdef DOSTORESTATE00 | |
391 | SHA1_STORE_STATE(0) | |
392 | #endif | |
393 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 0, temp); | |
394 | ||
395 | #ifdef DOSTORESTATE01 | |
396 | SHA1_STORE_STATE(1) | |
397 | #endif | |
398 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 1, temp); | |
399 | ||
400 | #ifdef DOSTORESTATE02 | |
401 | SHA1_STORE_STATE(2) | |
402 | #endif | |
403 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 2, temp); | |
404 | ||
405 | #ifdef DOSTORESTATE03 | |
406 | SHA1_STORE_STATE(3) | |
407 | #endif | |
408 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 3, temp); | |
409 | ||
410 | #ifdef DOSTORESTATE04 | |
411 | SHA1_STORE_STATE(4) | |
412 | #endif | |
413 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 4, temp); | |
414 | ||
415 | #ifdef DOSTORESTATE05 | |
416 | SHA1_STORE_STATE(5) | |
417 | #endif | |
418 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 5, temp); | |
419 | ||
420 | #ifdef DOSTORESTATE06 | |
421 | SHA1_STORE_STATE(6) | |
422 | #endif | |
423 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 6, temp); | |
424 | ||
425 | #ifdef DOSTORESTATE07 | |
426 | SHA1_STORE_STATE(7) | |
427 | #endif | |
428 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 7, temp); | |
429 | ||
430 | #ifdef DOSTORESTATE08 | |
431 | SHA1_STORE_STATE(8) | |
432 | #endif | |
433 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 8, temp); | |
434 | ||
435 | #ifdef DOSTORESTATE09 | |
436 | SHA1_STORE_STATE(9) | |
437 | #endif | |
438 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 9, temp); | |
439 | ||
440 | #ifdef DOSTORESTATE10 | |
441 | SHA1_STORE_STATE(10) | |
442 | #endif | |
443 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 10, temp); | |
444 | ||
445 | #ifdef DOSTORESTATE11 | |
446 | SHA1_STORE_STATE(11) | |
447 | #endif | |
448 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 11, temp); | |
449 | ||
450 | #ifdef DOSTORESTATE12 | |
451 | SHA1_STORE_STATE(12) | |
452 | #endif | |
453 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 12, temp); | |
454 | ||
455 | #ifdef DOSTORESTATE13 | |
456 | SHA1_STORE_STATE(13) | |
457 | #endif | |
458 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 13, temp); | |
459 | ||
460 | #ifdef DOSTORESTATE14 | |
461 | SHA1_STORE_STATE(14) | |
462 | #endif | |
463 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 14, temp); | |
464 | ||
465 | #ifdef DOSTORESTATE15 | |
466 | SHA1_STORE_STATE(15) | |
467 | #endif | |
468 | SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 15, temp); | |
469 | ||
470 | #ifdef DOSTORESTATE16 | |
471 | SHA1_STORE_STATE(16) | |
472 | #endif | |
473 | SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(e, a, b, c, d, W, 16, temp); | |
474 | ||
475 | #ifdef DOSTORESTATE17 | |
476 | SHA1_STORE_STATE(17) | |
477 | #endif | |
478 | SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(d, e, a, b, c, W, 17, temp); | |
479 | ||
480 | #ifdef DOSTORESTATE18 | |
481 | SHA1_STORE_STATE(18) | |
482 | #endif | |
483 | SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(c, d, e, a, b, W, 18, temp); | |
484 | ||
485 | #ifdef DOSTORESTATE19 | |
486 | SHA1_STORE_STATE(19) | |
487 | #endif | |
488 | SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(b, c, d, e, a, W, 19, temp); | |
489 | ||
490 | ||
491 | ||
492 | #ifdef DOSTORESTATE20 | |
493 | SHA1_STORE_STATE(20) | |
494 | #endif | |
495 | SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 20, temp); | |
496 | ||
497 | #ifdef DOSTORESTATE21 | |
498 | SHA1_STORE_STATE(21) | |
499 | #endif | |
500 | SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 21, temp); | |
501 | ||
502 | #ifdef DOSTORESTATE22 | |
503 | SHA1_STORE_STATE(22) | |
504 | #endif | |
505 | SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 22, temp); | |
506 | ||
507 | #ifdef DOSTORESTATE23 | |
508 | SHA1_STORE_STATE(23) | |
509 | #endif | |
510 | SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 23, temp); | |
511 | ||
512 | #ifdef DOSTORESTATE24 | |
513 | SHA1_STORE_STATE(24) | |
514 | #endif | |
515 | SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 24, temp); | |
516 | ||
517 | #ifdef DOSTORESTATE25 | |
518 | SHA1_STORE_STATE(25) | |
519 | #endif | |
520 | SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 25, temp); | |
521 | ||
522 | #ifdef DOSTORESTATE26 | |
523 | SHA1_STORE_STATE(26) | |
524 | #endif | |
525 | SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 26, temp); | |
526 | ||
527 | #ifdef DOSTORESTATE27 | |
528 | SHA1_STORE_STATE(27) | |
529 | #endif | |
530 | SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 27, temp); | |
531 | ||
532 | #ifdef DOSTORESTATE28 | |
533 | SHA1_STORE_STATE(28) | |
534 | #endif | |
535 | SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 28, temp); | |
536 | ||
537 | #ifdef DOSTORESTATE29 | |
538 | SHA1_STORE_STATE(29) | |
539 | #endif | |
540 | SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 29, temp); | |
541 | ||
542 | #ifdef DOSTORESTATE30 | |
543 | SHA1_STORE_STATE(30) | |
544 | #endif | |
545 | SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 30, temp); | |
546 | ||
547 | #ifdef DOSTORESTATE31 | |
548 | SHA1_STORE_STATE(31) | |
549 | #endif | |
550 | SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 31, temp); | |
551 | ||
552 | #ifdef DOSTORESTATE32 | |
553 | SHA1_STORE_STATE(32) | |
554 | #endif | |
555 | SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 32, temp); | |
556 | ||
557 | #ifdef DOSTORESTATE33 | |
558 | SHA1_STORE_STATE(33) | |
559 | #endif | |
560 | SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 33, temp); | |
561 | ||
562 | #ifdef DOSTORESTATE34 | |
563 | SHA1_STORE_STATE(34) | |
564 | #endif | |
565 | SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 34, temp); | |
566 | ||
567 | #ifdef DOSTORESTATE35 | |
568 | SHA1_STORE_STATE(35) | |
569 | #endif | |
570 | SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 35, temp); | |
571 | ||
572 | #ifdef DOSTORESTATE36 | |
573 | SHA1_STORE_STATE(36) | |
574 | #endif | |
575 | SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 36, temp); | |
576 | ||
577 | #ifdef DOSTORESTATE37 | |
578 | SHA1_STORE_STATE(37) | |
579 | #endif | |
580 | SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 37, temp); | |
581 | ||
582 | #ifdef DOSTORESTATE38 | |
583 | SHA1_STORE_STATE(38) | |
584 | #endif | |
585 | SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 38, temp); | |
586 | ||
587 | #ifdef DOSTORESTATE39 | |
588 | SHA1_STORE_STATE(39) | |
589 | #endif | |
590 | SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 39, temp); | |
591 | ||
592 | ||
593 | ||
594 | #ifdef DOSTORESTATE40 | |
595 | SHA1_STORE_STATE(40) | |
596 | #endif | |
597 | SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 40, temp); | |
598 | ||
599 | #ifdef DOSTORESTATE41 | |
600 | SHA1_STORE_STATE(41) | |
601 | #endif | |
602 | SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 41, temp); | |
603 | ||
604 | #ifdef DOSTORESTATE42 | |
605 | SHA1_STORE_STATE(42) | |
606 | #endif | |
607 | SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 42, temp); | |
608 | ||
609 | #ifdef DOSTORESTATE43 | |
610 | SHA1_STORE_STATE(43) | |
611 | #endif | |
612 | SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 43, temp); | |
613 | ||
614 | #ifdef DOSTORESTATE44 | |
615 | SHA1_STORE_STATE(44) | |
616 | #endif | |
617 | SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 44, temp); | |
618 | ||
619 | #ifdef DOSTORESTATE45 | |
620 | SHA1_STORE_STATE(45) | |
621 | #endif | |
622 | SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 45, temp); | |
623 | ||
624 | #ifdef DOSTORESTATE46 | |
625 | SHA1_STORE_STATE(46) | |
626 | #endif | |
627 | SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 46, temp); | |
628 | ||
629 | #ifdef DOSTORESTATE47 | |
630 | SHA1_STORE_STATE(47) | |
631 | #endif | |
632 | SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 47, temp); | |
633 | ||
634 | #ifdef DOSTORESTATE48 | |
635 | SHA1_STORE_STATE(48) | |
636 | #endif | |
637 | SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 48, temp); | |
638 | ||
639 | #ifdef DOSTORESTATE49 | |
640 | SHA1_STORE_STATE(49) | |
641 | #endif | |
642 | SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 49, temp); | |
643 | ||
644 | #ifdef DOSTORESTATE50 | |
645 | SHA1_STORE_STATE(50) | |
646 | #endif | |
647 | SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 50, temp); | |
648 | ||
649 | #ifdef DOSTORESTATE51 | |
650 | SHA1_STORE_STATE(51) | |
651 | #endif | |
652 | SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 51, temp); | |
653 | ||
654 | #ifdef DOSTORESTATE52 | |
655 | SHA1_STORE_STATE(52) | |
656 | #endif | |
657 | SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 52, temp); | |
658 | ||
659 | #ifdef DOSTORESTATE53 | |
660 | SHA1_STORE_STATE(53) | |
661 | #endif | |
662 | SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 53, temp); | |
663 | ||
664 | #ifdef DOSTORESTATE54 | |
665 | SHA1_STORE_STATE(54) | |
666 | #endif | |
667 | SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 54, temp); | |
668 | ||
669 | #ifdef DOSTORESTATE55 | |
670 | SHA1_STORE_STATE(55) | |
671 | #endif | |
672 | SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 55, temp); | |
673 | ||
674 | #ifdef DOSTORESTATE56 | |
675 | SHA1_STORE_STATE(56) | |
676 | #endif | |
677 | SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 56, temp); | |
678 | ||
679 | #ifdef DOSTORESTATE57 | |
680 | SHA1_STORE_STATE(57) | |
681 | #endif | |
682 | SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 57, temp); | |
683 | ||
684 | #ifdef DOSTORESTATE58 | |
685 | SHA1_STORE_STATE(58) | |
686 | #endif | |
687 | SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 58, temp); | |
688 | ||
689 | #ifdef DOSTORESTATE59 | |
690 | SHA1_STORE_STATE(59) | |
691 | #endif | |
692 | SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 59, temp); | |
693 | ||
694 | ||
695 | ||
696 | ||
697 | #ifdef DOSTORESTATE60 | |
698 | SHA1_STORE_STATE(60) | |
699 | #endif | |
700 | SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 60, temp); | |
701 | ||
702 | #ifdef DOSTORESTATE61 | |
703 | SHA1_STORE_STATE(61) | |
704 | #endif | |
705 | SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 61, temp); | |
706 | ||
707 | #ifdef DOSTORESTATE62 | |
708 | SHA1_STORE_STATE(62) | |
709 | #endif | |
710 | SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 62, temp); | |
711 | ||
712 | #ifdef DOSTORESTATE63 | |
713 | SHA1_STORE_STATE(63) | |
714 | #endif | |
715 | SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 63, temp); | |
716 | ||
717 | #ifdef DOSTORESTATE64 | |
718 | SHA1_STORE_STATE(64) | |
719 | #endif | |
720 | SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 64, temp); | |
721 | ||
722 | #ifdef DOSTORESTATE65 | |
723 | SHA1_STORE_STATE(65) | |
724 | #endif | |
725 | SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 65, temp); | |
726 | ||
727 | #ifdef DOSTORESTATE66 | |
728 | SHA1_STORE_STATE(66) | |
729 | #endif | |
730 | SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 66, temp); | |
731 | ||
732 | #ifdef DOSTORESTATE67 | |
733 | SHA1_STORE_STATE(67) | |
734 | #endif | |
735 | SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 67, temp); | |
736 | ||
737 | #ifdef DOSTORESTATE68 | |
738 | SHA1_STORE_STATE(68) | |
739 | #endif | |
740 | SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 68, temp); | |
741 | ||
742 | #ifdef DOSTORESTATE69 | |
743 | SHA1_STORE_STATE(69) | |
744 | #endif | |
745 | SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 69, temp); | |
746 | ||
747 | #ifdef DOSTORESTATE70 | |
748 | SHA1_STORE_STATE(70) | |
749 | #endif | |
750 | SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 70, temp); | |
751 | ||
752 | #ifdef DOSTORESTATE71 | |
753 | SHA1_STORE_STATE(71) | |
754 | #endif | |
755 | SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 71, temp); | |
756 | ||
757 | #ifdef DOSTORESTATE72 | |
758 | SHA1_STORE_STATE(72) | |
759 | #endif | |
760 | SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 72, temp); | |
761 | ||
762 | #ifdef DOSTORESTATE73 | |
763 | SHA1_STORE_STATE(73) | |
764 | #endif | |
765 | SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 73, temp); | |
766 | ||
767 | #ifdef DOSTORESTATE74 | |
768 | SHA1_STORE_STATE(74) | |
769 | #endif | |
770 | SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 74, temp); | |
771 | ||
772 | #ifdef DOSTORESTATE75 | |
773 | SHA1_STORE_STATE(75) | |
774 | #endif | |
775 | SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 75, temp); | |
776 | ||
777 | #ifdef DOSTORESTATE76 | |
778 | SHA1_STORE_STATE(76) | |
779 | #endif | |
780 | SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 76, temp); | |
781 | ||
782 | #ifdef DOSTORESTATE77 | |
783 | SHA1_STORE_STATE(77) | |
784 | #endif | |
785 | SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 77, temp); | |
786 | ||
787 | #ifdef DOSTORESTATE78 | |
788 | SHA1_STORE_STATE(78) | |
789 | #endif | |
790 | SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 78, temp); | |
791 | ||
792 | #ifdef DOSTORESTATE79 | |
793 | SHA1_STORE_STATE(79) | |
794 | #endif | |
795 | SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 79, temp); | |
796 | ||
797 | ||
798 | ||
799 | ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e; | |
800 | } | |
801 | ||
802 | ||
803 | ||
804 | ||
805 | #define SHA1_RECOMPRESS(t) \ | |
806 | static void sha1recompress_fast_ ## t (uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5]) \ | |
807 | { \ | |
808 | uint32_t a = state[0], b = state[1], c = state[2], d = state[3], e = state[4]; \ | |
809 | if (t > 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 79); \ | |
810 | if (t > 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 78); \ | |
811 | if (t > 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 77); \ | |
812 | if (t > 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 76); \ | |
813 | if (t > 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 75); \ | |
814 | if (t > 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 74); \ | |
815 | if (t > 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 73); \ | |
816 | if (t > 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 72); \ | |
817 | if (t > 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 71); \ | |
818 | if (t > 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 70); \ | |
819 | if (t > 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 69); \ | |
820 | if (t > 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 68); \ | |
821 | if (t > 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 67); \ | |
822 | if (t > 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 66); \ | |
823 | if (t > 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 65); \ | |
824 | if (t > 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 64); \ | |
825 | if (t > 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 63); \ | |
826 | if (t > 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 62); \ | |
827 | if (t > 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 61); \ | |
828 | if (t > 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 60); \ | |
829 | if (t > 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 59); \ | |
830 | if (t > 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 58); \ | |
831 | if (t > 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 57); \ | |
832 | if (t > 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 56); \ | |
833 | if (t > 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 55); \ | |
834 | if (t > 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 54); \ | |
835 | if (t > 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 53); \ | |
836 | if (t > 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 52); \ | |
837 | if (t > 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 51); \ | |
838 | if (t > 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 50); \ | |
839 | if (t > 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 49); \ | |
840 | if (t > 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 48); \ | |
841 | if (t > 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 47); \ | |
842 | if (t > 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 46); \ | |
843 | if (t > 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 45); \ | |
844 | if (t > 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 44); \ | |
845 | if (t > 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 43); \ | |
846 | if (t > 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 42); \ | |
847 | if (t > 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 41); \ | |
848 | if (t > 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 40); \ | |
849 | if (t > 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 39); \ | |
850 | if (t > 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 38); \ | |
851 | if (t > 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 37); \ | |
852 | if (t > 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 36); \ | |
853 | if (t > 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 35); \ | |
854 | if (t > 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 34); \ | |
855 | if (t > 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 33); \ | |
856 | if (t > 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 32); \ | |
857 | if (t > 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 31); \ | |
858 | if (t > 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 30); \ | |
859 | if (t > 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 29); \ | |
860 | if (t > 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 28); \ | |
861 | if (t > 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 27); \ | |
862 | if (t > 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 26); \ | |
863 | if (t > 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 25); \ | |
864 | if (t > 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 24); \ | |
865 | if (t > 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 23); \ | |
866 | if (t > 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 22); \ | |
867 | if (t > 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 21); \ | |
868 | if (t > 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 20); \ | |
869 | if (t > 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 19); \ | |
870 | if (t > 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 18); \ | |
871 | if (t > 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 17); \ | |
872 | if (t > 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 16); \ | |
873 | if (t > 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 15); \ | |
874 | if (t > 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 14); \ | |
875 | if (t > 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 13); \ | |
876 | if (t > 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 12); \ | |
877 | if (t > 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 11); \ | |
878 | if (t > 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 10); \ | |
879 | if (t > 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 9); \ | |
880 | if (t > 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 8); \ | |
881 | if (t > 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 7); \ | |
882 | if (t > 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 6); \ | |
883 | if (t > 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 5); \ | |
884 | if (t > 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 4); \ | |
885 | if (t > 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 3); \ | |
886 | if (t > 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 2); \ | |
887 | if (t > 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 1); \ | |
888 | if (t > 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 0); \ | |
889 | ihvin[0] = a; ihvin[1] = b; ihvin[2] = c; ihvin[3] = d; ihvin[4] = e; \ | |
890 | a = state[0]; b = state[1]; c = state[2]; d = state[3]; e = state[4]; \ | |
891 | if (t <= 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 0); \ | |
892 | if (t <= 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 1); \ | |
893 | if (t <= 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 2); \ | |
894 | if (t <= 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 3); \ | |
895 | if (t <= 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 4); \ | |
896 | if (t <= 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 5); \ | |
897 | if (t <= 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 6); \ | |
898 | if (t <= 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 7); \ | |
899 | if (t <= 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 8); \ | |
900 | if (t <= 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 9); \ | |
901 | if (t <= 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 10); \ | |
902 | if (t <= 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 11); \ | |
903 | if (t <= 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 12); \ | |
904 | if (t <= 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 13); \ | |
905 | if (t <= 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 14); \ | |
906 | if (t <= 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 15); \ | |
907 | if (t <= 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 16); \ | |
908 | if (t <= 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 17); \ | |
909 | if (t <= 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 18); \ | |
910 | if (t <= 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 19); \ | |
911 | if (t <= 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 20); \ | |
912 | if (t <= 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 21); \ | |
913 | if (t <= 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 22); \ | |
914 | if (t <= 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 23); \ | |
915 | if (t <= 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 24); \ | |
916 | if (t <= 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 25); \ | |
917 | if (t <= 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 26); \ | |
918 | if (t <= 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 27); \ | |
919 | if (t <= 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 28); \ | |
920 | if (t <= 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 29); \ | |
921 | if (t <= 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 30); \ | |
922 | if (t <= 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 31); \ | |
923 | if (t <= 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 32); \ | |
924 | if (t <= 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 33); \ | |
925 | if (t <= 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 34); \ | |
926 | if (t <= 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 35); \ | |
927 | if (t <= 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 36); \ | |
928 | if (t <= 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 37); \ | |
929 | if (t <= 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 38); \ | |
930 | if (t <= 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 39); \ | |
931 | if (t <= 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 40); \ | |
932 | if (t <= 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 41); \ | |
933 | if (t <= 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 42); \ | |
934 | if (t <= 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 43); \ | |
935 | if (t <= 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 44); \ | |
936 | if (t <= 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 45); \ | |
937 | if (t <= 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 46); \ | |
938 | if (t <= 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 47); \ | |
939 | if (t <= 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 48); \ | |
940 | if (t <= 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 49); \ | |
941 | if (t <= 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 50); \ | |
942 | if (t <= 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 51); \ | |
943 | if (t <= 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 52); \ | |
944 | if (t <= 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 53); \ | |
945 | if (t <= 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 54); \ | |
946 | if (t <= 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 55); \ | |
947 | if (t <= 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 56); \ | |
948 | if (t <= 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 57); \ | |
949 | if (t <= 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 58); \ | |
950 | if (t <= 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 59); \ | |
951 | if (t <= 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 60); \ | |
952 | if (t <= 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 61); \ | |
953 | if (t <= 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 62); \ | |
954 | if (t <= 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 63); \ | |
955 | if (t <= 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 64); \ | |
956 | if (t <= 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 65); \ | |
957 | if (t <= 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 66); \ | |
958 | if (t <= 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 67); \ | |
959 | if (t <= 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 68); \ | |
960 | if (t <= 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 69); \ | |
961 | if (t <= 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 70); \ | |
962 | if (t <= 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 71); \ | |
963 | if (t <= 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 72); \ | |
964 | if (t <= 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 73); \ | |
965 | if (t <= 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 74); \ | |
966 | if (t <= 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 75); \ | |
967 | if (t <= 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 76); \ | |
968 | if (t <= 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 77); \ | |
969 | if (t <= 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 78); \ | |
970 | if (t <= 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 79); \ | |
971 | ihvout[0] = ihvin[0] + a; ihvout[1] = ihvin[1] + b; ihvout[2] = ihvin[2] + c; ihvout[3] = ihvin[3] + d; ihvout[4] = ihvin[4] + e; \ | |
972 | } | |
973 | ||
a0103914 ÆAB |
974 | #ifdef _MSC_VER |
975 | #pragma warning(push) | |
64127575 | 976 | #pragma warning(disable: 4127) /* Compiler complains about the checks in the above macro being constant. */ |
a0103914 ÆAB |
977 | #endif |
978 | ||
28dc98e3 JK |
979 | #ifdef DOSTORESTATE0 |
980 | SHA1_RECOMPRESS(0) | |
981 | #endif | |
982 | ||
983 | #ifdef DOSTORESTATE1 | |
984 | SHA1_RECOMPRESS(1) | |
985 | #endif | |
986 | ||
987 | #ifdef DOSTORESTATE2 | |
988 | SHA1_RECOMPRESS(2) | |
989 | #endif | |
990 | ||
991 | #ifdef DOSTORESTATE3 | |
992 | SHA1_RECOMPRESS(3) | |
993 | #endif | |
994 | ||
995 | #ifdef DOSTORESTATE4 | |
996 | SHA1_RECOMPRESS(4) | |
997 | #endif | |
998 | ||
999 | #ifdef DOSTORESTATE5 | |
1000 | SHA1_RECOMPRESS(5) | |
1001 | #endif | |
1002 | ||
1003 | #ifdef DOSTORESTATE6 | |
1004 | SHA1_RECOMPRESS(6) | |
1005 | #endif | |
1006 | ||
1007 | #ifdef DOSTORESTATE7 | |
1008 | SHA1_RECOMPRESS(7) | |
1009 | #endif | |
1010 | ||
1011 | #ifdef DOSTORESTATE8 | |
1012 | SHA1_RECOMPRESS(8) | |
1013 | #endif | |
1014 | ||
1015 | #ifdef DOSTORESTATE9 | |
1016 | SHA1_RECOMPRESS(9) | |
1017 | #endif | |
1018 | ||
1019 | #ifdef DOSTORESTATE10 | |
1020 | SHA1_RECOMPRESS(10) | |
1021 | #endif | |
1022 | ||
1023 | #ifdef DOSTORESTATE11 | |
1024 | SHA1_RECOMPRESS(11) | |
1025 | #endif | |
1026 | ||
1027 | #ifdef DOSTORESTATE12 | |
1028 | SHA1_RECOMPRESS(12) | |
1029 | #endif | |
1030 | ||
1031 | #ifdef DOSTORESTATE13 | |
1032 | SHA1_RECOMPRESS(13) | |
1033 | #endif | |
1034 | ||
1035 | #ifdef DOSTORESTATE14 | |
1036 | SHA1_RECOMPRESS(14) | |
1037 | #endif | |
1038 | ||
1039 | #ifdef DOSTORESTATE15 | |
1040 | SHA1_RECOMPRESS(15) | |
1041 | #endif | |
1042 | ||
1043 | #ifdef DOSTORESTATE16 | |
1044 | SHA1_RECOMPRESS(16) | |
1045 | #endif | |
1046 | ||
1047 | #ifdef DOSTORESTATE17 | |
1048 | SHA1_RECOMPRESS(17) | |
1049 | #endif | |
1050 | ||
1051 | #ifdef DOSTORESTATE18 | |
1052 | SHA1_RECOMPRESS(18) | |
1053 | #endif | |
1054 | ||
1055 | #ifdef DOSTORESTATE19 | |
1056 | SHA1_RECOMPRESS(19) | |
1057 | #endif | |
1058 | ||
1059 | #ifdef DOSTORESTATE20 | |
1060 | SHA1_RECOMPRESS(20) | |
1061 | #endif | |
1062 | ||
1063 | #ifdef DOSTORESTATE21 | |
1064 | SHA1_RECOMPRESS(21) | |
1065 | #endif | |
1066 | ||
1067 | #ifdef DOSTORESTATE22 | |
1068 | SHA1_RECOMPRESS(22) | |
1069 | #endif | |
1070 | ||
1071 | #ifdef DOSTORESTATE23 | |
1072 | SHA1_RECOMPRESS(23) | |
1073 | #endif | |
1074 | ||
1075 | #ifdef DOSTORESTATE24 | |
1076 | SHA1_RECOMPRESS(24) | |
1077 | #endif | |
1078 | ||
1079 | #ifdef DOSTORESTATE25 | |
1080 | SHA1_RECOMPRESS(25) | |
1081 | #endif | |
1082 | ||
1083 | #ifdef DOSTORESTATE26 | |
1084 | SHA1_RECOMPRESS(26) | |
1085 | #endif | |
1086 | ||
1087 | #ifdef DOSTORESTATE27 | |
1088 | SHA1_RECOMPRESS(27) | |
1089 | #endif | |
1090 | ||
1091 | #ifdef DOSTORESTATE28 | |
1092 | SHA1_RECOMPRESS(28) | |
1093 | #endif | |
1094 | ||
1095 | #ifdef DOSTORESTATE29 | |
1096 | SHA1_RECOMPRESS(29) | |
1097 | #endif | |
1098 | ||
1099 | #ifdef DOSTORESTATE30 | |
1100 | SHA1_RECOMPRESS(30) | |
1101 | #endif | |
1102 | ||
1103 | #ifdef DOSTORESTATE31 | |
1104 | SHA1_RECOMPRESS(31) | |
1105 | #endif | |
1106 | ||
1107 | #ifdef DOSTORESTATE32 | |
1108 | SHA1_RECOMPRESS(32) | |
1109 | #endif | |
1110 | ||
1111 | #ifdef DOSTORESTATE33 | |
1112 | SHA1_RECOMPRESS(33) | |
1113 | #endif | |
1114 | ||
1115 | #ifdef DOSTORESTATE34 | |
1116 | SHA1_RECOMPRESS(34) | |
1117 | #endif | |
1118 | ||
1119 | #ifdef DOSTORESTATE35 | |
1120 | SHA1_RECOMPRESS(35) | |
1121 | #endif | |
1122 | ||
1123 | #ifdef DOSTORESTATE36 | |
1124 | SHA1_RECOMPRESS(36) | |
1125 | #endif | |
1126 | ||
1127 | #ifdef DOSTORESTATE37 | |
1128 | SHA1_RECOMPRESS(37) | |
1129 | #endif | |
1130 | ||
1131 | #ifdef DOSTORESTATE38 | |
1132 | SHA1_RECOMPRESS(38) | |
1133 | #endif | |
1134 | ||
1135 | #ifdef DOSTORESTATE39 | |
1136 | SHA1_RECOMPRESS(39) | |
1137 | #endif | |
1138 | ||
1139 | #ifdef DOSTORESTATE40 | |
1140 | SHA1_RECOMPRESS(40) | |
1141 | #endif | |
1142 | ||
1143 | #ifdef DOSTORESTATE41 | |
1144 | SHA1_RECOMPRESS(41) | |
1145 | #endif | |
1146 | ||
1147 | #ifdef DOSTORESTATE42 | |
1148 | SHA1_RECOMPRESS(42) | |
1149 | #endif | |
1150 | ||
1151 | #ifdef DOSTORESTATE43 | |
1152 | SHA1_RECOMPRESS(43) | |
1153 | #endif | |
1154 | ||
1155 | #ifdef DOSTORESTATE44 | |
1156 | SHA1_RECOMPRESS(44) | |
1157 | #endif | |
1158 | ||
1159 | #ifdef DOSTORESTATE45 | |
1160 | SHA1_RECOMPRESS(45) | |
1161 | #endif | |
1162 | ||
1163 | #ifdef DOSTORESTATE46 | |
1164 | SHA1_RECOMPRESS(46) | |
1165 | #endif | |
1166 | ||
1167 | #ifdef DOSTORESTATE47 | |
1168 | SHA1_RECOMPRESS(47) | |
1169 | #endif | |
1170 | ||
1171 | #ifdef DOSTORESTATE48 | |
1172 | SHA1_RECOMPRESS(48) | |
1173 | #endif | |
1174 | ||
1175 | #ifdef DOSTORESTATE49 | |
1176 | SHA1_RECOMPRESS(49) | |
1177 | #endif | |
1178 | ||
1179 | #ifdef DOSTORESTATE50 | |
1180 | SHA1_RECOMPRESS(50) | |
1181 | #endif | |
1182 | ||
1183 | #ifdef DOSTORESTATE51 | |
1184 | SHA1_RECOMPRESS(51) | |
1185 | #endif | |
1186 | ||
1187 | #ifdef DOSTORESTATE52 | |
1188 | SHA1_RECOMPRESS(52) | |
1189 | #endif | |
1190 | ||
1191 | #ifdef DOSTORESTATE53 | |
1192 | SHA1_RECOMPRESS(53) | |
1193 | #endif | |
1194 | ||
1195 | #ifdef DOSTORESTATE54 | |
1196 | SHA1_RECOMPRESS(54) | |
1197 | #endif | |
1198 | ||
1199 | #ifdef DOSTORESTATE55 | |
1200 | SHA1_RECOMPRESS(55) | |
1201 | #endif | |
1202 | ||
1203 | #ifdef DOSTORESTATE56 | |
1204 | SHA1_RECOMPRESS(56) | |
1205 | #endif | |
1206 | ||
1207 | #ifdef DOSTORESTATE57 | |
1208 | SHA1_RECOMPRESS(57) | |
1209 | #endif | |
1210 | ||
1211 | #ifdef DOSTORESTATE58 | |
1212 | SHA1_RECOMPRESS(58) | |
1213 | #endif | |
1214 | ||
1215 | #ifdef DOSTORESTATE59 | |
1216 | SHA1_RECOMPRESS(59) | |
1217 | #endif | |
1218 | ||
1219 | #ifdef DOSTORESTATE60 | |
1220 | SHA1_RECOMPRESS(60) | |
1221 | #endif | |
1222 | ||
1223 | #ifdef DOSTORESTATE61 | |
1224 | SHA1_RECOMPRESS(61) | |
1225 | #endif | |
1226 | ||
1227 | #ifdef DOSTORESTATE62 | |
1228 | SHA1_RECOMPRESS(62) | |
1229 | #endif | |
1230 | ||
1231 | #ifdef DOSTORESTATE63 | |
1232 | SHA1_RECOMPRESS(63) | |
1233 | #endif | |
1234 | ||
1235 | #ifdef DOSTORESTATE64 | |
1236 | SHA1_RECOMPRESS(64) | |
1237 | #endif | |
1238 | ||
1239 | #ifdef DOSTORESTATE65 | |
1240 | SHA1_RECOMPRESS(65) | |
1241 | #endif | |
1242 | ||
1243 | #ifdef DOSTORESTATE66 | |
1244 | SHA1_RECOMPRESS(66) | |
1245 | #endif | |
1246 | ||
1247 | #ifdef DOSTORESTATE67 | |
1248 | SHA1_RECOMPRESS(67) | |
1249 | #endif | |
1250 | ||
1251 | #ifdef DOSTORESTATE68 | |
1252 | SHA1_RECOMPRESS(68) | |
1253 | #endif | |
1254 | ||
1255 | #ifdef DOSTORESTATE69 | |
1256 | SHA1_RECOMPRESS(69) | |
1257 | #endif | |
1258 | ||
1259 | #ifdef DOSTORESTATE70 | |
1260 | SHA1_RECOMPRESS(70) | |
1261 | #endif | |
1262 | ||
1263 | #ifdef DOSTORESTATE71 | |
1264 | SHA1_RECOMPRESS(71) | |
1265 | #endif | |
1266 | ||
1267 | #ifdef DOSTORESTATE72 | |
1268 | SHA1_RECOMPRESS(72) | |
1269 | #endif | |
1270 | ||
1271 | #ifdef DOSTORESTATE73 | |
1272 | SHA1_RECOMPRESS(73) | |
1273 | #endif | |
1274 | ||
1275 | #ifdef DOSTORESTATE74 | |
1276 | SHA1_RECOMPRESS(74) | |
1277 | #endif | |
1278 | ||
1279 | #ifdef DOSTORESTATE75 | |
1280 | SHA1_RECOMPRESS(75) | |
1281 | #endif | |
1282 | ||
1283 | #ifdef DOSTORESTATE76 | |
1284 | SHA1_RECOMPRESS(76) | |
1285 | #endif | |
1286 | ||
1287 | #ifdef DOSTORESTATE77 | |
1288 | SHA1_RECOMPRESS(77) | |
1289 | #endif | |
1290 | ||
1291 | #ifdef DOSTORESTATE78 | |
1292 | SHA1_RECOMPRESS(78) | |
1293 | #endif | |
1294 | ||
1295 | #ifdef DOSTORESTATE79 | |
1296 | SHA1_RECOMPRESS(79) | |
1297 | #endif | |
1298 | ||
a0103914 ÆAB |
1299 | #ifdef _MSC_VER |
1300 | #pragma warning(pop) | |
1301 | #endif | |
1302 | ||
28dc98e3 JK |
1303 | static void sha1_recompression_step(uint32_t step, uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5]) |
1304 | { | |
1305 | switch (step) | |
1306 | { | |
1307 | #ifdef DOSTORESTATE0 | |
1308 | case 0: | |
1309 | sha1recompress_fast_0(ihvin, ihvout, me2, state); | |
1310 | break; | |
1311 | #endif | |
1312 | #ifdef DOSTORESTATE1 | |
1313 | case 1: | |
1314 | sha1recompress_fast_1(ihvin, ihvout, me2, state); | |
1315 | break; | |
1316 | #endif | |
1317 | #ifdef DOSTORESTATE2 | |
1318 | case 2: | |
1319 | sha1recompress_fast_2(ihvin, ihvout, me2, state); | |
1320 | break; | |
1321 | #endif | |
1322 | #ifdef DOSTORESTATE3 | |
1323 | case 3: | |
1324 | sha1recompress_fast_3(ihvin, ihvout, me2, state); | |
1325 | break; | |
1326 | #endif | |
1327 | #ifdef DOSTORESTATE4 | |
1328 | case 4: | |
1329 | sha1recompress_fast_4(ihvin, ihvout, me2, state); | |
1330 | break; | |
1331 | #endif | |
1332 | #ifdef DOSTORESTATE5 | |
1333 | case 5: | |
1334 | sha1recompress_fast_5(ihvin, ihvout, me2, state); | |
1335 | break; | |
1336 | #endif | |
1337 | #ifdef DOSTORESTATE6 | |
1338 | case 6: | |
1339 | sha1recompress_fast_6(ihvin, ihvout, me2, state); | |
1340 | break; | |
1341 | #endif | |
1342 | #ifdef DOSTORESTATE7 | |
1343 | case 7: | |
1344 | sha1recompress_fast_7(ihvin, ihvout, me2, state); | |
1345 | break; | |
1346 | #endif | |
1347 | #ifdef DOSTORESTATE8 | |
1348 | case 8: | |
1349 | sha1recompress_fast_8(ihvin, ihvout, me2, state); | |
1350 | break; | |
1351 | #endif | |
1352 | #ifdef DOSTORESTATE9 | |
1353 | case 9: | |
1354 | sha1recompress_fast_9(ihvin, ihvout, me2, state); | |
1355 | break; | |
1356 | #endif | |
1357 | #ifdef DOSTORESTATE10 | |
1358 | case 10: | |
1359 | sha1recompress_fast_10(ihvin, ihvout, me2, state); | |
1360 | break; | |
1361 | #endif | |
1362 | #ifdef DOSTORESTATE11 | |
1363 | case 11: | |
1364 | sha1recompress_fast_11(ihvin, ihvout, me2, state); | |
1365 | break; | |
1366 | #endif | |
1367 | #ifdef DOSTORESTATE12 | |
1368 | case 12: | |
1369 | sha1recompress_fast_12(ihvin, ihvout, me2, state); | |
1370 | break; | |
1371 | #endif | |
1372 | #ifdef DOSTORESTATE13 | |
1373 | case 13: | |
1374 | sha1recompress_fast_13(ihvin, ihvout, me2, state); | |
1375 | break; | |
1376 | #endif | |
1377 | #ifdef DOSTORESTATE14 | |
1378 | case 14: | |
1379 | sha1recompress_fast_14(ihvin, ihvout, me2, state); | |
1380 | break; | |
1381 | #endif | |
1382 | #ifdef DOSTORESTATE15 | |
1383 | case 15: | |
1384 | sha1recompress_fast_15(ihvin, ihvout, me2, state); | |
1385 | break; | |
1386 | #endif | |
1387 | #ifdef DOSTORESTATE16 | |
1388 | case 16: | |
1389 | sha1recompress_fast_16(ihvin, ihvout, me2, state); | |
1390 | break; | |
1391 | #endif | |
1392 | #ifdef DOSTORESTATE17 | |
1393 | case 17: | |
1394 | sha1recompress_fast_17(ihvin, ihvout, me2, state); | |
1395 | break; | |
1396 | #endif | |
1397 | #ifdef DOSTORESTATE18 | |
1398 | case 18: | |
1399 | sha1recompress_fast_18(ihvin, ihvout, me2, state); | |
1400 | break; | |
1401 | #endif | |
1402 | #ifdef DOSTORESTATE19 | |
1403 | case 19: | |
1404 | sha1recompress_fast_19(ihvin, ihvout, me2, state); | |
1405 | break; | |
1406 | #endif | |
1407 | #ifdef DOSTORESTATE20 | |
1408 | case 20: | |
1409 | sha1recompress_fast_20(ihvin, ihvout, me2, state); | |
1410 | break; | |
1411 | #endif | |
1412 | #ifdef DOSTORESTATE21 | |
1413 | case 21: | |
1414 | sha1recompress_fast_21(ihvin, ihvout, me2, state); | |
1415 | break; | |
1416 | #endif | |
1417 | #ifdef DOSTORESTATE22 | |
1418 | case 22: | |
1419 | sha1recompress_fast_22(ihvin, ihvout, me2, state); | |
1420 | break; | |
1421 | #endif | |
1422 | #ifdef DOSTORESTATE23 | |
1423 | case 23: | |
1424 | sha1recompress_fast_23(ihvin, ihvout, me2, state); | |
1425 | break; | |
1426 | #endif | |
1427 | #ifdef DOSTORESTATE24 | |
1428 | case 24: | |
1429 | sha1recompress_fast_24(ihvin, ihvout, me2, state); | |
1430 | break; | |
1431 | #endif | |
1432 | #ifdef DOSTORESTATE25 | |
1433 | case 25: | |
1434 | sha1recompress_fast_25(ihvin, ihvout, me2, state); | |
1435 | break; | |
1436 | #endif | |
1437 | #ifdef DOSTORESTATE26 | |
1438 | case 26: | |
1439 | sha1recompress_fast_26(ihvin, ihvout, me2, state); | |
1440 | break; | |
1441 | #endif | |
1442 | #ifdef DOSTORESTATE27 | |
1443 | case 27: | |
1444 | sha1recompress_fast_27(ihvin, ihvout, me2, state); | |
1445 | break; | |
1446 | #endif | |
1447 | #ifdef DOSTORESTATE28 | |
1448 | case 28: | |
1449 | sha1recompress_fast_28(ihvin, ihvout, me2, state); | |
1450 | break; | |
1451 | #endif | |
1452 | #ifdef DOSTORESTATE29 | |
1453 | case 29: | |
1454 | sha1recompress_fast_29(ihvin, ihvout, me2, state); | |
1455 | break; | |
1456 | #endif | |
1457 | #ifdef DOSTORESTATE30 | |
1458 | case 30: | |
1459 | sha1recompress_fast_30(ihvin, ihvout, me2, state); | |
1460 | break; | |
1461 | #endif | |
1462 | #ifdef DOSTORESTATE31 | |
1463 | case 31: | |
1464 | sha1recompress_fast_31(ihvin, ihvout, me2, state); | |
1465 | break; | |
1466 | #endif | |
1467 | #ifdef DOSTORESTATE32 | |
1468 | case 32: | |
1469 | sha1recompress_fast_32(ihvin, ihvout, me2, state); | |
1470 | break; | |
1471 | #endif | |
1472 | #ifdef DOSTORESTATE33 | |
1473 | case 33: | |
1474 | sha1recompress_fast_33(ihvin, ihvout, me2, state); | |
1475 | break; | |
1476 | #endif | |
1477 | #ifdef DOSTORESTATE34 | |
1478 | case 34: | |
1479 | sha1recompress_fast_34(ihvin, ihvout, me2, state); | |
1480 | break; | |
1481 | #endif | |
1482 | #ifdef DOSTORESTATE35 | |
1483 | case 35: | |
1484 | sha1recompress_fast_35(ihvin, ihvout, me2, state); | |
1485 | break; | |
1486 | #endif | |
1487 | #ifdef DOSTORESTATE36 | |
1488 | case 36: | |
1489 | sha1recompress_fast_36(ihvin, ihvout, me2, state); | |
1490 | break; | |
1491 | #endif | |
1492 | #ifdef DOSTORESTATE37 | |
1493 | case 37: | |
1494 | sha1recompress_fast_37(ihvin, ihvout, me2, state); | |
1495 | break; | |
1496 | #endif | |
1497 | #ifdef DOSTORESTATE38 | |
1498 | case 38: | |
1499 | sha1recompress_fast_38(ihvin, ihvout, me2, state); | |
1500 | break; | |
1501 | #endif | |
1502 | #ifdef DOSTORESTATE39 | |
1503 | case 39: | |
1504 | sha1recompress_fast_39(ihvin, ihvout, me2, state); | |
1505 | break; | |
1506 | #endif | |
1507 | #ifdef DOSTORESTATE40 | |
1508 | case 40: | |
1509 | sha1recompress_fast_40(ihvin, ihvout, me2, state); | |
1510 | break; | |
1511 | #endif | |
1512 | #ifdef DOSTORESTATE41 | |
1513 | case 41: | |
1514 | sha1recompress_fast_41(ihvin, ihvout, me2, state); | |
1515 | break; | |
1516 | #endif | |
1517 | #ifdef DOSTORESTATE42 | |
1518 | case 42: | |
1519 | sha1recompress_fast_42(ihvin, ihvout, me2, state); | |
1520 | break; | |
1521 | #endif | |
1522 | #ifdef DOSTORESTATE43 | |
1523 | case 43: | |
1524 | sha1recompress_fast_43(ihvin, ihvout, me2, state); | |
1525 | break; | |
1526 | #endif | |
1527 | #ifdef DOSTORESTATE44 | |
1528 | case 44: | |
1529 | sha1recompress_fast_44(ihvin, ihvout, me2, state); | |
1530 | break; | |
1531 | #endif | |
1532 | #ifdef DOSTORESTATE45 | |
1533 | case 45: | |
1534 | sha1recompress_fast_45(ihvin, ihvout, me2, state); | |
1535 | break; | |
1536 | #endif | |
1537 | #ifdef DOSTORESTATE46 | |
1538 | case 46: | |
1539 | sha1recompress_fast_46(ihvin, ihvout, me2, state); | |
1540 | break; | |
1541 | #endif | |
1542 | #ifdef DOSTORESTATE47 | |
1543 | case 47: | |
1544 | sha1recompress_fast_47(ihvin, ihvout, me2, state); | |
1545 | break; | |
1546 | #endif | |
1547 | #ifdef DOSTORESTATE48 | |
1548 | case 48: | |
1549 | sha1recompress_fast_48(ihvin, ihvout, me2, state); | |
1550 | break; | |
1551 | #endif | |
1552 | #ifdef DOSTORESTATE49 | |
1553 | case 49: | |
1554 | sha1recompress_fast_49(ihvin, ihvout, me2, state); | |
1555 | break; | |
1556 | #endif | |
1557 | #ifdef DOSTORESTATE50 | |
1558 | case 50: | |
1559 | sha1recompress_fast_50(ihvin, ihvout, me2, state); | |
1560 | break; | |
1561 | #endif | |
1562 | #ifdef DOSTORESTATE51 | |
1563 | case 51: | |
1564 | sha1recompress_fast_51(ihvin, ihvout, me2, state); | |
1565 | break; | |
1566 | #endif | |
1567 | #ifdef DOSTORESTATE52 | |
1568 | case 52: | |
1569 | sha1recompress_fast_52(ihvin, ihvout, me2, state); | |
1570 | break; | |
1571 | #endif | |
1572 | #ifdef DOSTORESTATE53 | |
1573 | case 53: | |
1574 | sha1recompress_fast_53(ihvin, ihvout, me2, state); | |
1575 | break; | |
1576 | #endif | |
1577 | #ifdef DOSTORESTATE54 | |
1578 | case 54: | |
1579 | sha1recompress_fast_54(ihvin, ihvout, me2, state); | |
1580 | break; | |
1581 | #endif | |
1582 | #ifdef DOSTORESTATE55 | |
1583 | case 55: | |
1584 | sha1recompress_fast_55(ihvin, ihvout, me2, state); | |
1585 | break; | |
1586 | #endif | |
1587 | #ifdef DOSTORESTATE56 | |
1588 | case 56: | |
1589 | sha1recompress_fast_56(ihvin, ihvout, me2, state); | |
1590 | break; | |
1591 | #endif | |
1592 | #ifdef DOSTORESTATE57 | |
1593 | case 57: | |
1594 | sha1recompress_fast_57(ihvin, ihvout, me2, state); | |
1595 | break; | |
1596 | #endif | |
1597 | #ifdef DOSTORESTATE58 | |
1598 | case 58: | |
1599 | sha1recompress_fast_58(ihvin, ihvout, me2, state); | |
1600 | break; | |
1601 | #endif | |
1602 | #ifdef DOSTORESTATE59 | |
1603 | case 59: | |
1604 | sha1recompress_fast_59(ihvin, ihvout, me2, state); | |
1605 | break; | |
1606 | #endif | |
1607 | #ifdef DOSTORESTATE60 | |
1608 | case 60: | |
1609 | sha1recompress_fast_60(ihvin, ihvout, me2, state); | |
1610 | break; | |
1611 | #endif | |
1612 | #ifdef DOSTORESTATE61 | |
1613 | case 61: | |
1614 | sha1recompress_fast_61(ihvin, ihvout, me2, state); | |
1615 | break; | |
1616 | #endif | |
1617 | #ifdef DOSTORESTATE62 | |
1618 | case 62: | |
1619 | sha1recompress_fast_62(ihvin, ihvout, me2, state); | |
1620 | break; | |
1621 | #endif | |
1622 | #ifdef DOSTORESTATE63 | |
1623 | case 63: | |
1624 | sha1recompress_fast_63(ihvin, ihvout, me2, state); | |
1625 | break; | |
1626 | #endif | |
1627 | #ifdef DOSTORESTATE64 | |
1628 | case 64: | |
1629 | sha1recompress_fast_64(ihvin, ihvout, me2, state); | |
1630 | break; | |
1631 | #endif | |
1632 | #ifdef DOSTORESTATE65 | |
1633 | case 65: | |
1634 | sha1recompress_fast_65(ihvin, ihvout, me2, state); | |
1635 | break; | |
1636 | #endif | |
1637 | #ifdef DOSTORESTATE66 | |
1638 | case 66: | |
1639 | sha1recompress_fast_66(ihvin, ihvout, me2, state); | |
1640 | break; | |
1641 | #endif | |
1642 | #ifdef DOSTORESTATE67 | |
1643 | case 67: | |
1644 | sha1recompress_fast_67(ihvin, ihvout, me2, state); | |
1645 | break; | |
1646 | #endif | |
1647 | #ifdef DOSTORESTATE68 | |
1648 | case 68: | |
1649 | sha1recompress_fast_68(ihvin, ihvout, me2, state); | |
1650 | break; | |
1651 | #endif | |
1652 | #ifdef DOSTORESTATE69 | |
1653 | case 69: | |
1654 | sha1recompress_fast_69(ihvin, ihvout, me2, state); | |
1655 | break; | |
1656 | #endif | |
1657 | #ifdef DOSTORESTATE70 | |
1658 | case 70: | |
1659 | sha1recompress_fast_70(ihvin, ihvout, me2, state); | |
1660 | break; | |
1661 | #endif | |
1662 | #ifdef DOSTORESTATE71 | |
1663 | case 71: | |
1664 | sha1recompress_fast_71(ihvin, ihvout, me2, state); | |
1665 | break; | |
1666 | #endif | |
1667 | #ifdef DOSTORESTATE72 | |
1668 | case 72: | |
1669 | sha1recompress_fast_72(ihvin, ihvout, me2, state); | |
1670 | break; | |
1671 | #endif | |
1672 | #ifdef DOSTORESTATE73 | |
1673 | case 73: | |
1674 | sha1recompress_fast_73(ihvin, ihvout, me2, state); | |
1675 | break; | |
1676 | #endif | |
1677 | #ifdef DOSTORESTATE74 | |
1678 | case 74: | |
1679 | sha1recompress_fast_74(ihvin, ihvout, me2, state); | |
1680 | break; | |
1681 | #endif | |
1682 | #ifdef DOSTORESTATE75 | |
1683 | case 75: | |
1684 | sha1recompress_fast_75(ihvin, ihvout, me2, state); | |
1685 | break; | |
1686 | #endif | |
1687 | #ifdef DOSTORESTATE76 | |
1688 | case 76: | |
1689 | sha1recompress_fast_76(ihvin, ihvout, me2, state); | |
1690 | break; | |
1691 | #endif | |
1692 | #ifdef DOSTORESTATE77 | |
1693 | case 77: | |
1694 | sha1recompress_fast_77(ihvin, ihvout, me2, state); | |
1695 | break; | |
1696 | #endif | |
1697 | #ifdef DOSTORESTATE78 | |
1698 | case 78: | |
1699 | sha1recompress_fast_78(ihvin, ihvout, me2, state); | |
1700 | break; | |
1701 | #endif | |
1702 | #ifdef DOSTORESTATE79 | |
1703 | case 79: | |
1704 | sha1recompress_fast_79(ihvin, ihvout, me2, state); | |
1705 | break; | |
1706 | #endif | |
1707 | default: | |
1708 | abort(); | |
1709 | } | |
1710 | ||
1711 | } | |
1712 | ||
1713 | ||
1714 | ||
1715 | static void sha1_process(SHA1_CTX* ctx, const uint32_t block[16]) | |
1716 | { | |
1717 | unsigned i, j; | |
1718 | uint32_t ubc_dv_mask[DVMASKSIZE] = { 0xFFFFFFFF }; | |
1719 | uint32_t ihvtmp[5]; | |
1720 | ||
1721 | ctx->ihv1[0] = ctx->ihv[0]; | |
1722 | ctx->ihv1[1] = ctx->ihv[1]; | |
1723 | ctx->ihv1[2] = ctx->ihv[2]; | |
1724 | ctx->ihv1[3] = ctx->ihv[3]; | |
1725 | ctx->ihv1[4] = ctx->ihv[4]; | |
1726 | ||
1727 | sha1_compression_states(ctx->ihv, block, ctx->m1, ctx->states); | |
1728 | ||
1729 | if (ctx->detect_coll) | |
1730 | { | |
1731 | if (ctx->ubc_check) | |
1732 | { | |
1733 | ubc_check(ctx->m1, ubc_dv_mask); | |
1734 | } | |
1735 | ||
1736 | if (ubc_dv_mask[0] != 0) | |
1737 | { | |
1738 | for (i = 0; sha1_dvs[i].dvType != 0; ++i) | |
1739 | { | |
1740 | if (ubc_dv_mask[0] & ((uint32_t)(1) << sha1_dvs[i].maskb)) | |
1741 | { | |
1742 | for (j = 0; j < 80; ++j) | |
1743 | ctx->m2[j] = ctx->m1[j] ^ sha1_dvs[i].dm[j]; | |
1744 | ||
1745 | sha1_recompression_step(sha1_dvs[i].testt, ctx->ihv2, ihvtmp, ctx->m2, ctx->states[sha1_dvs[i].testt]); | |
1746 | ||
1747 | /* to verify SHA-1 collision detection code with collisions for reduced-step SHA-1 */ | |
1748 | if ((0 == ((ihvtmp[0] ^ ctx->ihv[0]) | (ihvtmp[1] ^ ctx->ihv[1]) | (ihvtmp[2] ^ ctx->ihv[2]) | (ihvtmp[3] ^ ctx->ihv[3]) | (ihvtmp[4] ^ ctx->ihv[4]))) | |
1749 | || (ctx->reduced_round_coll && 0==((ctx->ihv1[0] ^ ctx->ihv2[0]) | (ctx->ihv1[1] ^ ctx->ihv2[1]) | (ctx->ihv1[2] ^ ctx->ihv2[2]) | (ctx->ihv1[3] ^ ctx->ihv2[3]) | (ctx->ihv1[4] ^ ctx->ihv2[4])))) | |
1750 | { | |
1751 | ctx->found_collision = 1; | |
1752 | ||
1753 | if (ctx->safe_hash) | |
1754 | { | |
1755 | sha1_compression_W(ctx->ihv, ctx->m1); | |
1756 | sha1_compression_W(ctx->ihv, ctx->m1); | |
1757 | } | |
1758 | ||
1759 | break; | |
1760 | } | |
1761 | } | |
1762 | } | |
1763 | } | |
1764 | } | |
1765 | } | |
1766 | ||
1767 | void SHA1DCInit(SHA1_CTX* ctx) | |
1768 | { | |
1769 | ctx->total = 0; | |
1770 | ctx->ihv[0] = 0x67452301; | |
1771 | ctx->ihv[1] = 0xEFCDAB89; | |
1772 | ctx->ihv[2] = 0x98BADCFE; | |
1773 | ctx->ihv[3] = 0x10325476; | |
1774 | ctx->ihv[4] = 0xC3D2E1F0; | |
1775 | ctx->found_collision = 0; | |
a0103914 | 1776 | ctx->safe_hash = SHA1DC_INIT_SAFE_HASH_DEFAULT; |
28dc98e3 JK |
1777 | ctx->ubc_check = 1; |
1778 | ctx->detect_coll = 1; | |
1779 | ctx->reduced_round_coll = 0; | |
1780 | ctx->callback = NULL; | |
1781 | } | |
1782 | ||
1783 | void SHA1DCSetSafeHash(SHA1_CTX* ctx, int safehash) | |
1784 | { | |
1785 | if (safehash) | |
1786 | ctx->safe_hash = 1; | |
1787 | else | |
1788 | ctx->safe_hash = 0; | |
1789 | } | |
1790 | ||
1791 | ||
1792 | void SHA1DCSetUseUBC(SHA1_CTX* ctx, int ubc_check) | |
1793 | { | |
1794 | if (ubc_check) | |
1795 | ctx->ubc_check = 1; | |
1796 | else | |
1797 | ctx->ubc_check = 0; | |
1798 | } | |
1799 | ||
1800 | void SHA1DCSetUseDetectColl(SHA1_CTX* ctx, int detect_coll) | |
1801 | { | |
1802 | if (detect_coll) | |
1803 | ctx->detect_coll = 1; | |
1804 | else | |
1805 | ctx->detect_coll = 0; | |
1806 | } | |
1807 | ||
1808 | void SHA1DCSetDetectReducedRoundCollision(SHA1_CTX* ctx, int reduced_round_coll) | |
1809 | { | |
1810 | if (reduced_round_coll) | |
1811 | ctx->reduced_round_coll = 1; | |
1812 | else | |
1813 | ctx->reduced_round_coll = 0; | |
1814 | } | |
1815 | ||
1816 | void SHA1DCSetCallback(SHA1_CTX* ctx, collision_block_callback callback) | |
1817 | { | |
1818 | ctx->callback = callback; | |
1819 | } | |
1820 | ||
1821 | void SHA1DCUpdate(SHA1_CTX* ctx, const char* buf, size_t len) | |
1822 | { | |
1823 | unsigned left, fill; | |
a0103914 | 1824 | |
28dc98e3 JK |
1825 | if (len == 0) |
1826 | return; | |
1827 | ||
1828 | left = ctx->total & 63; | |
1829 | fill = 64 - left; | |
1830 | ||
1831 | if (left && len >= fill) | |
1832 | { | |
1833 | ctx->total += fill; | |
1834 | memcpy(ctx->buffer + left, buf, fill); | |
1835 | sha1_process(ctx, (uint32_t*)(ctx->buffer)); | |
1836 | buf += fill; | |
1837 | len -= fill; | |
1838 | left = 0; | |
1839 | } | |
1840 | while (len >= 64) | |
1841 | { | |
1842 | ctx->total += 64; | |
a0103914 ÆAB |
1843 | |
1844 | #if defined(SHA1DC_ALLOW_UNALIGNED_ACCESS) | |
28dc98e3 | 1845 | sha1_process(ctx, (uint32_t*)(buf)); |
a0103914 ÆAB |
1846 | #else |
1847 | memcpy(ctx->buffer, buf, 64); | |
1848 | sha1_process(ctx, (uint32_t*)(ctx->buffer)); | |
1849 | #endif /* defined(SHA1DC_ALLOW_UNALIGNED_ACCESS) */ | |
28dc98e3 JK |
1850 | buf += 64; |
1851 | len -= 64; | |
1852 | } | |
1853 | if (len > 0) | |
1854 | { | |
1855 | ctx->total += len; | |
1856 | memcpy(ctx->buffer + left, buf, len); | |
1857 | } | |
1858 | } | |
1859 | ||
1860 | static const unsigned char sha1_padding[64] = | |
1861 | { | |
1862 | 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
1863 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
1864 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
1865 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 | |
1866 | }; | |
1867 | ||
1868 | int SHA1DCFinal(unsigned char output[20], SHA1_CTX *ctx) | |
1869 | { | |
1870 | uint32_t last = ctx->total & 63; | |
1871 | uint32_t padn = (last < 56) ? (56 - last) : (120 - last); | |
1872 | uint64_t total; | |
1873 | SHA1DCUpdate(ctx, (const char*)(sha1_padding), padn); | |
1874 | ||
1875 | total = ctx->total - padn; | |
1876 | total <<= 3; | |
1877 | ctx->buffer[56] = (unsigned char)(total >> 56); | |
1878 | ctx->buffer[57] = (unsigned char)(total >> 48); | |
1879 | ctx->buffer[58] = (unsigned char)(total >> 40); | |
1880 | ctx->buffer[59] = (unsigned char)(total >> 32); | |
1881 | ctx->buffer[60] = (unsigned char)(total >> 24); | |
1882 | ctx->buffer[61] = (unsigned char)(total >> 16); | |
1883 | ctx->buffer[62] = (unsigned char)(total >> 8); | |
1884 | ctx->buffer[63] = (unsigned char)(total); | |
1885 | sha1_process(ctx, (uint32_t*)(ctx->buffer)); | |
1886 | output[0] = (unsigned char)(ctx->ihv[0] >> 24); | |
1887 | output[1] = (unsigned char)(ctx->ihv[0] >> 16); | |
1888 | output[2] = (unsigned char)(ctx->ihv[0] >> 8); | |
1889 | output[3] = (unsigned char)(ctx->ihv[0]); | |
1890 | output[4] = (unsigned char)(ctx->ihv[1] >> 24); | |
1891 | output[5] = (unsigned char)(ctx->ihv[1] >> 16); | |
1892 | output[6] = (unsigned char)(ctx->ihv[1] >> 8); | |
1893 | output[7] = (unsigned char)(ctx->ihv[1]); | |
1894 | output[8] = (unsigned char)(ctx->ihv[2] >> 24); | |
1895 | output[9] = (unsigned char)(ctx->ihv[2] >> 16); | |
1896 | output[10] = (unsigned char)(ctx->ihv[2] >> 8); | |
1897 | output[11] = (unsigned char)(ctx->ihv[2]); | |
1898 | output[12] = (unsigned char)(ctx->ihv[3] >> 24); | |
1899 | output[13] = (unsigned char)(ctx->ihv[3] >> 16); | |
1900 | output[14] = (unsigned char)(ctx->ihv[3] >> 8); | |
1901 | output[15] = (unsigned char)(ctx->ihv[3]); | |
1902 | output[16] = (unsigned char)(ctx->ihv[4] >> 24); | |
1903 | output[17] = (unsigned char)(ctx->ihv[4] >> 16); | |
1904 | output[18] = (unsigned char)(ctx->ihv[4] >> 8); | |
1905 | output[19] = (unsigned char)(ctx->ihv[4]); | |
1906 | return ctx->found_collision; | |
1907 | } | |
8325e43b | 1908 | |
a0103914 ÆAB |
1909 | #ifdef SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C |
1910 | #include SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C | |
1911 | #endif |