iofbird / bird2.0.1 / lib / sha1.c @ 6b3f1a54
History  View  Annotate  Download (7.03 KB)
1 
/*


2 
* BIRD Library  SHA1 Hash Function (FIPS 1801, RFC 3174)

3 
*

4 
* (c) 2015 CZ.NIC z.s.p.o.

5 
*

6 
* Based on the code from libucw6.4

7 
* (c) 20082009 Martin Mares <mj@ucw.cz>

8 
*

9 
* Based on the code from libgcrypt1.2.3, which is

10 
* (c) 1998, 2001, 2002, 2003 Free Software Foundation, Inc.

11 
*

12 
* Can be freely distributed and used under the terms of the GNU GPL.

13 
*/

14  
15 
#include "lib/sha1.h" 
16 
#include "lib/unaligned.h" 
17  
18  
19 
void

20 
sha1_init(struct hash_context *CTX)

21 
{ 
22 
struct sha1_context *ctx = (void *) CTX; 
23  
24 
ctx>h0 = 0x67452301;

25 
ctx>h1 = 0xefcdab89;

26 
ctx>h2 = 0x98badcfe;

27 
ctx>h3 = 0x10325476;

28 
ctx>h4 = 0xc3d2e1f0;

29  
30 
ctx>nblocks = 0;

31 
ctx>count = 0;

32 
} 
33  
34 
/*

35 
* Transform the message X which consists of 16 32bitwords

36 
*/

37 
static void 
38 
sha1_transform(struct sha1_context *ctx, const byte *data) 
39 
{ 
40 
u32 a,b,c,d,e,tm; 
41 
u32 x[16];

42  
43 
/* Get values from the chaining vars. */

44 
a = ctx>h0; 
45 
b = ctx>h1; 
46 
c = ctx>h2; 
47 
d = ctx>h3; 
48 
e = ctx>h4; 
49  
50 
#ifdef CPU_BIG_ENDIAN

51 
memcpy(x, data, 64);

52 
#else

53 
int i;

54 
for (i = 0; i < 16; i++) 
55 
x[i] = get_u32(data+4*i);

56 
#endif

57  
58 
#define K1 0x5A827999L 
59 
#define K2 0x6ED9EBA1L 
60 
#define K3 0x8F1BBCDCL 
61 
#define K4 0xCA62C1D6L 
62 
#define F1(x,y,z) ( z ^ ( x & ( y ^ z ) ) )

63 
#define F2(x,y,z) ( x ^ y ^ z )

64 
#define F3(x,y,z) ( ( x & y )  ( z & ( x  y ) ) )

65 
#define F4(x,y,z) ( x ^ y ^ z )

66  
67 
#define M(i) (tm = x[i&0x0f] ^ x[(i14)&0x0f] ^ x[(i8)&0x0f] ^ x[(i3)&0x0f], (x[i&0x0f] = ROL(tm, 1))) 
68  
69 
/* Bitwise rotation of an unsigned int to the left **/

70 
#define ROL(x, bits) (((x) << (bits))  ((uint)(x) >> (sizeof(uint)*8  (bits)))) 
71  
72 
#define R(a, b, c, d, e, f, k, m) \

73 
do \

74 
{ \ 
75 
e += ROL(a, 5) + f(b, c, d) + k + m; \

76 
b = ROL(b, 30); \

77 
} while(0) 
78  
79 
R( a, b, c, d, e, F1, K1, x[ 0] );

80 
R( e, a, b, c, d, F1, K1, x[ 1] );

81 
R( d, e, a, b, c, F1, K1, x[ 2] );

82 
R( c, d, e, a, b, F1, K1, x[ 3] );

83 
R( b, c, d, e, a, F1, K1, x[ 4] );

84 
R( a, b, c, d, e, F1, K1, x[ 5] );

85 
R( e, a, b, c, d, F1, K1, x[ 6] );

86 
R( d, e, a, b, c, F1, K1, x[ 7] );

87 
R( c, d, e, a, b, F1, K1, x[ 8] );

88 
R( b, c, d, e, a, F1, K1, x[ 9] );

89 
R( a, b, c, d, e, F1, K1, x[10] );

90 
R( e, a, b, c, d, F1, K1, x[11] );

91 
R( d, e, a, b, c, F1, K1, x[12] );

92 
R( c, d, e, a, b, F1, K1, x[13] );

93 
R( b, c, d, e, a, F1, K1, x[14] );

94 
R( a, b, c, d, e, F1, K1, x[15] );

95 
R( e, a, b, c, d, F1, K1, M(16) );

96 
R( d, e, a, b, c, F1, K1, M(17) );

97 
R( c, d, e, a, b, F1, K1, M(18) );

98 
R( b, c, d, e, a, F1, K1, M(19) );

99 
R( a, b, c, d, e, F2, K2, M(20) );

100 
R( e, a, b, c, d, F2, K2, M(21) );

101 
R( d, e, a, b, c, F2, K2, M(22) );

102 
R( c, d, e, a, b, F2, K2, M(23) );

103 
R( b, c, d, e, a, F2, K2, M(24) );

104 
R( a, b, c, d, e, F2, K2, M(25) );

105 
R( e, a, b, c, d, F2, K2, M(26) );

106 
R( d, e, a, b, c, F2, K2, M(27) );

107 
R( c, d, e, a, b, F2, K2, M(28) );

108 
R( b, c, d, e, a, F2, K2, M(29) );

109 
R( a, b, c, d, e, F2, K2, M(30) );

110 
R( e, a, b, c, d, F2, K2, M(31) );

111 
R( d, e, a, b, c, F2, K2, M(32) );

112 
R( c, d, e, a, b, F2, K2, M(33) );

113 
R( b, c, d, e, a, F2, K2, M(34) );

114 
R( a, b, c, d, e, F2, K2, M(35) );

115 
R( e, a, b, c, d, F2, K2, M(36) );

116 
R( d, e, a, b, c, F2, K2, M(37) );

117 
R( c, d, e, a, b, F2, K2, M(38) );

118 
R( b, c, d, e, a, F2, K2, M(39) );

119 
R( a, b, c, d, e, F3, K3, M(40) );

120 
R( e, a, b, c, d, F3, K3, M(41) );

121 
R( d, e, a, b, c, F3, K3, M(42) );

122 
R( c, d, e, a, b, F3, K3, M(43) );

123 
R( b, c, d, e, a, F3, K3, M(44) );

124 
R( a, b, c, d, e, F3, K3, M(45) );

125 
R( e, a, b, c, d, F3, K3, M(46) );

126 
R( d, e, a, b, c, F3, K3, M(47) );

127 
R( c, d, e, a, b, F3, K3, M(48) );

128 
R( b, c, d, e, a, F3, K3, M(49) );

129 
R( a, b, c, d, e, F3, K3, M(50) );

130 
R( e, a, b, c, d, F3, K3, M(51) );

131 
R( d, e, a, b, c, F3, K3, M(52) );

132 
R( c, d, e, a, b, F3, K3, M(53) );

133 
R( b, c, d, e, a, F3, K3, M(54) );

134 
R( a, b, c, d, e, F3, K3, M(55) );

135 
R( e, a, b, c, d, F3, K3, M(56) );

136 
R( d, e, a, b, c, F3, K3, M(57) );

137 
R( c, d, e, a, b, F3, K3, M(58) );

138 
R( b, c, d, e, a, F3, K3, M(59) );

139 
R( a, b, c, d, e, F4, K4, M(60) );

140 
R( e, a, b, c, d, F4, K4, M(61) );

141 
R( d, e, a, b, c, F4, K4, M(62) );

142 
R( c, d, e, a, b, F4, K4, M(63) );

143 
R( b, c, d, e, a, F4, K4, M(64) );

144 
R( a, b, c, d, e, F4, K4, M(65) );

145 
R( e, a, b, c, d, F4, K4, M(66) );

146 
R( d, e, a, b, c, F4, K4, M(67) );

147 
R( c, d, e, a, b, F4, K4, M(68) );

148 
R( b, c, d, e, a, F4, K4, M(69) );

149 
R( a, b, c, d, e, F4, K4, M(70) );

150 
R( e, a, b, c, d, F4, K4, M(71) );

151 
R( d, e, a, b, c, F4, K4, M(72) );

152 
R( c, d, e, a, b, F4, K4, M(73) );

153 
R( b, c, d, e, a, F4, K4, M(74) );

154 
R( a, b, c, d, e, F4, K4, M(75) );

155 
R( e, a, b, c, d, F4, K4, M(76) );

156 
R( d, e, a, b, c, F4, K4, M(77) );

157 
R( c, d, e, a, b, F4, K4, M(78) );

158 
R( b, c, d, e, a, F4, K4, M(79) );

159  
160 
/* Update chaining vars. */

161 
ctx>h0 += a; 
162 
ctx>h1 += b; 
163 
ctx>h2 += c; 
164 
ctx>h3 += d; 
165 
ctx>h4 += e; 
166 
} 
167  
168 
/*

169 
* Update the message digest with the contents of BUF with length LEN.

170 
*/

171 
void

172 
sha1_update(struct hash_context *CTX, const byte *buf, uint len) 
173 
{ 
174 
struct sha1_context *ctx = (void *) CTX; 
175  
176 
if (ctx>count)

177 
{ 
178 
/* Fill rest of internal buffer */

179 
for (; len && ctx>count < SHA1_BLOCK_SIZE; len)

180 
ctx>buf[ctx>count++] = *buf++; 
181  
182 
if (ctx>count < SHA1_BLOCK_SIZE)

183 
return;

184  
185 
/* Process data from internal buffer */

186 
sha1_transform(ctx, ctx>buf); 
187 
ctx>nblocks++; 
188 
ctx>count = 0;

189 
} 
190  
191 
if (!len)

192 
return;

193  
194 
/* Process data from input buffer */

195 
while (len >= SHA1_BLOCK_SIZE)

196 
{ 
197 
sha1_transform(ctx, buf); 
198 
ctx>nblocks++; 
199 
buf += SHA1_BLOCK_SIZE; 
200 
len = SHA1_BLOCK_SIZE; 
201 
} 
202  
203 
/* Copy remaining data to internal buffer */

204 
memcpy(ctx>buf, buf, len); 
205 
ctx>count = len; 
206 
} 
207  
208 
/*

209 
* The routine final terminates the computation and returns the digest. The

210 
* handle is prepared for a new cycle, but adding bytes to the handle will the

211 
* destroy the returned buffer.

212 
*

213 
* Returns: 20 bytes representing the digest.

214 
*/

215 
byte * 
216 
sha1_final(struct hash_context *CTX)

217 
{ 
218 
struct sha1_context *ctx = (void *) CTX; 
219 
u32 t, msb, lsb; 
220  
221 
sha1_update(CTX, NULL, 0); /* flush */ 
222  
223 
t = ctx>nblocks; 
224 
/* multiply by 64 to make a byte count */

225 
lsb = t << 6;

226 
msb = t >> 26;

227 
/* add the count */

228 
t = lsb; 
229 
if ((lsb += ctx>count) < t)

230 
msb++; 
231 
/* multiply by 8 to make a bit count */

232 
t = lsb; 
233 
lsb <<= 3;

234 
msb <<= 3;

235 
msb = t >> 29;

236  
237 
if (ctx>count < 56) 
238 
{ 
239 
/* enough room */

240 
ctx>buf[ctx>count++] = 0x80; /* pad */ 
241 
while (ctx>count < 56) 
242 
ctx>buf[ctx>count++] = 0; /* pad */ 
243 
} 
244 
else

245 
{ 
246 
/* need one extra block */

247 
ctx>buf[ctx>count++] = 0x80; /* pad character */ 
248 
while (ctx>count < 64) 
249 
ctx>buf[ctx>count++] = 0;

250 
sha1_update(CTX, NULL, 0); /* flush */ 
251 
memset(ctx>buf, 0, 56); /* fill next block with zeroes */ 
252 
} 
253  
254 
/* append the 64 bit count */

255 
ctx>buf[56] = msb >> 24; 
256 
ctx>buf[57] = msb >> 16; 
257 
ctx>buf[58] = msb >> 8; 
258 
ctx>buf[59] = msb;

259 
ctx>buf[60] = lsb >> 24; 
260 
ctx>buf[61] = lsb >> 16; 
261 
ctx>buf[62] = lsb >> 8; 
262 
ctx>buf[63] = lsb;

263 
sha1_transform(ctx, ctx>buf); 
264  
265 
byte *p = ctx>buf; 
266 
#define X(a) do { put_u32(p, ctx>h##a); p += 4; } while(0) 
267 
X(0);

268 
X(1);

269 
X(2);

270 
X(3);

271 
X(4);

272 
#undef X

273  
274 
return ctx>buf;

275 
} 