]>
Commit | Line | Data |
---|---|---|
d98f6a46 SS |
1 | /* |
2 | * sha1.c | |
3 | * | |
4 | * Originally witten by Steve Reid <steve@edmweb.com> | |
5 | * | |
6 | * Modified by Aaron D. Gifford <agifford@infowest.com> | |
7 | * | |
8 | * NO COPYRIGHT - THIS IS 100% IN THE PUBLIC DOMAIN | |
9 | * | |
10 | * The original unmodified version is available at: | |
11 | * ftp://ftp.funet.fi/pub/crypt/hash/sha/sha1.c | |
12 | * | |
13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTORS ``AS IS'' AND | |
14 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
15 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
16 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTORS BE LIABLE | |
17 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
18 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
19 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
20 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
21 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
22 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
23 | * SUCH DAMAGE. | |
24 | */ | |
25 | ||
26 | #include "hash_sha1.h" | |
27 | #include <stdlib.h> | |
28 | #include <string.h> | |
29 | ||
30 | #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) | |
31 | ||
32 | /* blk0() and blk() perform the initial expand. */ | |
33 | /* I got the idea of expanding during the round function from SSLeay */ | |
34 | ||
35 | #if BYTE_ORDER == LITTLE_ENDIAN | |
36 | #define blk0(i) (block->l[i] = (rol(block->l[i],24)&(sha1_quadbyte)0xFF00FF00) \ | |
37 | |(rol(block->l[i],8)&(sha1_quadbyte)0x00FF00FF)) | |
38 | #else | |
39 | #define blk0(i) block->l[i] | |
40 | #endif | |
41 | ||
42 | #define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ | |
43 | ^block->l[(i+2)&15]^block->l[i&15],1)) | |
44 | ||
45 | /* (SHA_R0+SHA_R1), SHA_R2, SHA_R3, SHA_R4 are the different operations used in SHA1 */ | |
46 | #define SHA_R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); | |
47 | #define SHA_R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); | |
48 | #define SHA_R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); | |
49 | #define SHA_R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); | |
50 | #define SHA_R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); | |
51 | ||
52 | typedef union _BYTE64QUAD16 { | |
53 | sha1_byte c[64]; | |
54 | sha1_quadbyte l[16]; | |
55 | } BYTE64QUAD16; | |
56 | ||
57 | /* Hash a single 512-bit block. This is the core of the algorithm. */ | |
58 | void SHA1_Transform(sha1_quadbyte state[5], const sha1_byte buffer[64]); | |
59 | void SHA1_Transform(sha1_quadbyte state[5], const sha1_byte buffer[64]) | |
60 | { | |
61 | sha1_quadbyte a, b, c, d, e; | |
62 | BYTE64QUAD16 *block; | |
63 | ||
64 | block = (BYTE64QUAD16*)buffer; | |
65 | /* Copy context->state[] to working vars */ | |
66 | a = state[0]; | |
67 | b = state[1]; | |
68 | c = state[2]; | |
69 | d = state[3]; | |
70 | e = state[4]; | |
71 | /* 4 rounds of 20 operations each. Loop unrolled. */ | |
72 | SHA_R0(a,b,c,d,e, 0); SHA_R0(e,a,b,c,d, 1); SHA_R0(d,e,a,b,c, 2); SHA_R0(c,d,e,a,b, 3); | |
73 | SHA_R0(b,c,d,e,a, 4); SHA_R0(a,b,c,d,e, 5); SHA_R0(e,a,b,c,d, 6); SHA_R0(d,e,a,b,c, 7); | |
74 | SHA_R0(c,d,e,a,b, 8); SHA_R0(b,c,d,e,a, 9); SHA_R0(a,b,c,d,e,10); SHA_R0(e,a,b,c,d,11); | |
75 | SHA_R0(d,e,a,b,c,12); SHA_R0(c,d,e,a,b,13); SHA_R0(b,c,d,e,a,14); SHA_R0(a,b,c,d,e,15); | |
76 | SHA_R1(e,a,b,c,d,16); SHA_R1(d,e,a,b,c,17); SHA_R1(c,d,e,a,b,18); SHA_R1(b,c,d,e,a,19); | |
77 | SHA_R2(a,b,c,d,e,20); SHA_R2(e,a,b,c,d,21); SHA_R2(d,e,a,b,c,22); SHA_R2(c,d,e,a,b,23); | |
78 | SHA_R2(b,c,d,e,a,24); SHA_R2(a,b,c,d,e,25); SHA_R2(e,a,b,c,d,26); SHA_R2(d,e,a,b,c,27); | |
79 | SHA_R2(c,d,e,a,b,28); SHA_R2(b,c,d,e,a,29); SHA_R2(a,b,c,d,e,30); SHA_R2(e,a,b,c,d,31); | |
80 | SHA_R2(d,e,a,b,c,32); SHA_R2(c,d,e,a,b,33); SHA_R2(b,c,d,e,a,34); SHA_R2(a,b,c,d,e,35); | |
81 | SHA_R2(e,a,b,c,d,36); SHA_R2(d,e,a,b,c,37); SHA_R2(c,d,e,a,b,38); SHA_R2(b,c,d,e,a,39); | |
82 | SHA_R3(a,b,c,d,e,40); SHA_R3(e,a,b,c,d,41); SHA_R3(d,e,a,b,c,42); SHA_R3(c,d,e,a,b,43); | |
83 | SHA_R3(b,c,d,e,a,44); SHA_R3(a,b,c,d,e,45); SHA_R3(e,a,b,c,d,46); SHA_R3(d,e,a,b,c,47); | |
84 | SHA_R3(c,d,e,a,b,48); SHA_R3(b,c,d,e,a,49); SHA_R3(a,b,c,d,e,50); SHA_R3(e,a,b,c,d,51); | |
85 | SHA_R3(d,e,a,b,c,52); SHA_R3(c,d,e,a,b,53); SHA_R3(b,c,d,e,a,54); SHA_R3(a,b,c,d,e,55); | |
86 | SHA_R3(e,a,b,c,d,56); SHA_R3(d,e,a,b,c,57); SHA_R3(c,d,e,a,b,58); SHA_R3(b,c,d,e,a,59); | |
87 | SHA_R4(a,b,c,d,e,60); SHA_R4(e,a,b,c,d,61); SHA_R4(d,e,a,b,c,62); SHA_R4(c,d,e,a,b,63); | |
88 | SHA_R4(b,c,d,e,a,64); SHA_R4(a,b,c,d,e,65); SHA_R4(e,a,b,c,d,66); SHA_R4(d,e,a,b,c,67); | |
89 | SHA_R4(c,d,e,a,b,68); SHA_R4(b,c,d,e,a,69); SHA_R4(a,b,c,d,e,70); SHA_R4(e,a,b,c,d,71); | |
90 | SHA_R4(d,e,a,b,c,72); SHA_R4(c,d,e,a,b,73); SHA_R4(b,c,d,e,a,74); SHA_R4(a,b,c,d,e,75); | |
91 | SHA_R4(e,a,b,c,d,76); SHA_R4(d,e,a,b,c,77); SHA_R4(c,d,e,a,b,78); SHA_R4(b,c,d,e,a,79); | |
92 | /* Add the working vars back into context.state[] */ | |
93 | state[0] += a; | |
94 | state[1] += b; | |
95 | state[2] += c; | |
96 | state[3] += d; | |
97 | state[4] += e; | |
98 | /* Wipe variables */ | |
99 | a = b = c = d = e = 0; | |
100 | } | |
101 | ||
102 | ||
103 | /* SHA1_Init - Initialize new context */ | |
104 | void SHA1_Init(SHA_CTX* context) { | |
105 | /* SHA1 initialization constants */ | |
106 | context->state[0] = 0x67452301; | |
107 | context->state[1] = 0xEFCDAB89; | |
108 | context->state[2] = 0x98BADCFE; | |
109 | context->state[3] = 0x10325476; | |
110 | context->state[4] = 0xC3D2E1F0; | |
111 | context->count[0] = context->count[1] = 0; | |
112 | } | |
113 | ||
114 | /* Run your data through this. */ | |
115 | void SHA1_Update(SHA_CTX *context, const sha1_byte *d, unsigned int len) { | |
116 | unsigned int i, j; | |
117 | ||
118 | /* Make a temporary storage as Transform destroys it */ | |
119 | sha1_byte *data = (sha1_byte *)malloc(len); | |
120 | if (!data) exit(-42); | |
121 | memcpy(data, d, len); | |
122 | ||
123 | j = (context->count[0] >> 3) & 63; | |
124 | if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++; | |
125 | context->count[1] += (len >> 29); | |
126 | if ((j + len) > 63) { | |
127 | memcpy(&context->buffer[j], data, (i = 64-j)); | |
128 | SHA1_Transform(context->state, context->buffer); | |
129 | for ( ; i + 63 < len; i += 64) { | |
130 | SHA1_Transform(context->state, &data[i]); | |
131 | } | |
132 | j = 0; | |
133 | } | |
134 | else i = 0; | |
135 | memcpy(&context->buffer[j], &data[i], len - i); | |
136 | ||
137 | /* Free the temporary buffer */ | |
138 | free(data); | |
139 | } | |
140 | ||
141 | /* Add padding and return the message digest. */ | |
142 | void SHA1_Final(sha1_byte digest[SHA1_DIGEST_LENGTH], SHA_CTX *context) { | |
143 | sha1_quadbyte i, j; | |
144 | sha1_byte finalcount[8]; | |
145 | ||
146 | for (i = 0; i < 8; i++) { | |
147 | finalcount[i] = (sha1_byte)((context->count[(i >= 4 ? 0 : 1)] | |
148 | >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ | |
149 | } | |
150 | SHA1_Update(context, (sha1_byte *)"\200", 1); | |
151 | while ((context->count[0] & 504) != 448) { | |
152 | SHA1_Update(context, (sha1_byte *)"\0", 1); | |
153 | } | |
154 | /* Should cause a SHA1_Transform() */ | |
155 | SHA1_Update(context, finalcount, 8); | |
156 | for (i = 0; i < SHA1_DIGEST_LENGTH; i++) { | |
157 | digest[i] = (sha1_byte) | |
158 | ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); | |
159 | } | |
160 | /* Wipe variables */ | |
161 | i = j = 0; | |
162 | memset(context->buffer, 0, SHA1_BLOCK_LENGTH); | |
163 | memset(context->state, 0, SHA1_DIGEST_LENGTH); | |
164 | memset(context->count, 0, 8); | |
165 | memset(&finalcount, 0, 8); | |
166 | } | |
167 |