Statistics
| Branch: | Revision:

ffmpeg / libavutil / sha.c @ 80a07f6e

History | View | Annotate | Download (12.2 KB)

1 3d44f15c Diego Biurrun
/*
2
 * Copyright (C) 2007 Michael Niedermayer <michaelni@gmx.at>
3 aa5a99ae Kostya Shishkov
 * Copyright (C) 2009 Konstantin Shishkov
4 3d44f15c Diego Biurrun
 * based on public domain SHA-1 code by Steve Reid <steve@edmweb.com>
5 aa5a99ae Kostya Shishkov
 * and on BSD-licensed SHA-2 code by Aaron D. Gifford
6 3d44f15c Diego Biurrun
 *
7
 * This file is part of FFmpeg.
8
 *
9
 * FFmpeg is free software; you can redistribute it and/or
10
 * modify it under the terms of the GNU Lesser General Public
11
 * License as published by the Free Software Foundation; either
12
 * version 2.1 of the License, or (at your option) any later version.
13
 *
14
 * FFmpeg is distributed in the hope that it will be useful,
15
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17
 * Lesser General Public License for more details.
18
 *
19
 * You should have received a copy of the GNU Lesser General Public
20
 * License along with FFmpeg; if not, write to the Free Software
21
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22
 */
23 7c60e55b Michael Niedermayer
24
#include "common.h"
25 451ae257 Kostya Shishkov
#include "avutil.h"
26 69ae9478 Attila Kinali
#include "bswap.h"
27 451ae257 Kostya Shishkov
#include "sha.h"
28 7c60e55b Michael Niedermayer
29 4364fc9a Kostya Shishkov
/** hash context */
30 451ae257 Kostya Shishkov
typedef struct AVSHA {
31 01cc6288 Kostya Shishkov
    uint8_t  digest_len;  ///< digest length in 32-bit words
32 4364fc9a Kostya Shishkov
    uint64_t count;       ///< number of bytes in buffer
33 3a7c6507 Kostya Shishkov
    uint8_t  buffer[64];  ///< 512-bit buffer of input values used in hash updating
34 01cc6288 Kostya Shishkov
    uint32_t state[8];    ///< current hash value
35 2c6361e0 Kostya Shishkov
    /** function used to update hash for 512-bit input block */
36
    void     (*transform)(uint32_t *state, const uint8_t buffer[64]);
37 451ae257 Kostya Shishkov
} AVSHA;
38 7c60e55b Michael Niedermayer
39 451ae257 Kostya Shishkov
const int av_sha_size = sizeof(AVSHA);
40 537c8e7a Luca Barbato
41 7c60e55b Michael Niedermayer
#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
42
43
/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
44 f522310b Michael Niedermayer
#define blk0(i) (block[i] = be2me_32(((const uint32_t*)buffer)[i]))
45 0ef37cd5 Diego Biurrun
#define blk(i)  (block[i] = rol(block[i-3] ^ block[i-8] ^ block[i-14] ^ block[i-16], 1))
46 d6cf7804 Michael Niedermayer
47 0ef37cd5 Diego Biurrun
#define R0(v,w,x,y,z,i) z += ((w&(x^y))^y)     + blk0(i) + 0x5A827999 + rol(v, 5); w = rol(w, 30);
48
#define R1(v,w,x,y,z,i) z += ((w&(x^y))^y)     + blk (i) + 0x5A827999 + rol(v, 5); w = rol(w, 30);
49
#define R2(v,w,x,y,z,i) z += ( w^x     ^y)     + blk (i) + 0x6ED9EBA1 + rol(v, 5); w = rol(w, 30);
50
#define R3(v,w,x,y,z,i) z += (((w|x)&y)|(w&x)) + blk (i) + 0x8F1BBCDC + rol(v, 5); w = rol(w, 30);
51
#define R4(v,w,x,y,z,i) z += ( w^x     ^y)     + blk (i) + 0xCA62C1D6 + rol(v, 5); w = rol(w, 30);
52 7c60e55b Michael Niedermayer
53
/* Hash a single 512-bit block. This is the core of the algorithm. */
54
55 0d73abb8 Kostya Shishkov
static void sha1_transform(uint32_t state[5], const uint8_t buffer[64])
56 0ef37cd5 Diego Biurrun
{
57 aa59433a Michael Niedermayer
    uint32_t block[80];
58 5fd7f87b Michael Niedermayer
    unsigned int i, a, b, c, d, e;
59 3479b72b Michael Niedermayer
60 7c60e55b Michael Niedermayer
    a = state[0];
61
    b = state[1];
62
    c = state[2];
63
    d = state[3];
64
    e = state[4];
65 b250f9c6 Aurelien Jacobs
#if CONFIG_SMALL
66 0ef37cd5 Diego Biurrun
    for (i = 0; i < 80; i++) {
67 476f9b74 Michael Niedermayer
        int t;
68 0ef37cd5 Diego Biurrun
        if (i < 16)
69
            t = be2me_32(((uint32_t*)buffer)[i]);
70
        else
71
            t = rol(block[i-3] ^ block[i-8] ^ block[i-14] ^ block[i-16], 1);
72
        block[i] = t;
73
        t += e + rol(a, 5);
74
        if (i < 40) {
75
            if (i < 20)
76
                t += ((b&(c^d))^d)     + 0x5A827999;
77
            else
78
                t += ( b^c     ^d)     + 0x6ED9EBA1;
79
        } else {
80
            if (i < 60)
81
                t += (((b|c)&d)|(b&c)) + 0x8F1BBCDC;
82
            else
83
                t += ( b^c     ^d)     + 0xCA62C1D6;
84 2fa3a22d Michael Niedermayer
        }
85 0ef37cd5 Diego Biurrun
        e = d;
86
        d = c;
87
        c = rol(b, 30);
88
        b = a;
89
        a = t;
90 6573578d Michael Niedermayer
    }
91
#else
92 0ef37cd5 Diego Biurrun
    for (i = 0; i < 15; i += 5) {
93
        R0(a, b, c, d, e, 0 + i);
94
        R0(e, a, b, c, d, 1 + i);
95
        R0(d, e, a, b, c, 2 + i);
96
        R0(c, d, e, a, b, 3 + i);
97
        R0(b, c, d, e, a, 4 + i);
98 7c60e55b Michael Niedermayer
    }
99 0ef37cd5 Diego Biurrun
    R0(a, b, c, d, e, 15);
100
    R1(e, a, b, c, d, 16);
101
    R1(d, e, a, b, c, 17);
102
    R1(c, d, e, a, b, 18);
103
    R1(b, c, d, e, a, 19);
104
    for (i = 20; i < 40; i += 5) {
105
        R2(a, b, c, d, e, 0 + i);
106
        R2(e, a, b, c, d, 1 + i);
107
        R2(d, e, a, b, c, 2 + i);
108
        R2(c, d, e, a, b, 3 + i);
109
        R2(b, c, d, e, a, 4 + i);
110 7c60e55b Michael Niedermayer
    }
111 0ef37cd5 Diego Biurrun
    for (; i < 60; i += 5) {
112
        R3(a, b, c, d, e, 0 + i);
113
        R3(e, a, b, c, d, 1 + i);
114
        R3(d, e, a, b, c, 2 + i);
115
        R3(c, d, e, a, b, 3 + i);
116
        R3(b, c, d, e, a, 4 + i);
117 7c60e55b Michael Niedermayer
    }
118 0ef37cd5 Diego Biurrun
    for (; i < 80; i += 5) {
119
        R4(a, b, c, d, e, 0 + i);
120
        R4(e, a, b, c, d, 1 + i);
121
        R4(d, e, a, b, c, 2 + i);
122
        R4(c, d, e, a, b, 3 + i);
123
        R4(b, c, d, e, a, 4 + i);
124 7c60e55b Michael Niedermayer
    }
125 6573578d Michael Niedermayer
#endif
126 7c60e55b Michael Niedermayer
    state[0] += a;
127
    state[1] += b;
128
    state[2] += c;
129
    state[3] += d;
130
    state[4] += e;
131
}
132
133 aa5a99ae Kostya Shishkov
static const uint32_t K256[64] = {
134
    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
135
    0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
136
    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
137
    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
138
    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
139
    0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
140
    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
141
    0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
142
    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
143
    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
144
    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
145
    0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
146
    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
147
    0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
148
    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
149
    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
150
};
151
152
153
#define Ch(x,y,z)   (((x) & ((y) ^ (z))) ^ (z))
154
#define Maj(x,y,z)  ((((x) | (y)) & (z)) | ((x) & (y)))
155
156
#define Sigma0_256(x)   (rol((x), 30) ^ rol((x), 19) ^ rol((x), 10))
157
#define Sigma1_256(x)   (rol((x), 26) ^ rol((x), 21) ^ rol((x),  7))
158
#define sigma0_256(x)   (rol((x), 25) ^ rol((x), 14) ^ ((x) >> 3))
159
#define sigma1_256(x)   (rol((x), 15) ^ rol((x), 13) ^ ((x) >> 10))
160
161
#undef blk
162
#define blk(i)  (block[i] = block[i - 16] + sigma0_256(block[i - 15]) + \
163
                            sigma1_256(block[i - 2]) + block[i - 7])
164
165
#define ROUND256(a,b,c,d,e,f,g,h)   \
166
    T1 += (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[i]; \
167
    (d) += T1; \
168
    (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
169
    i++
170
171
#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h)   \
172
    T1 = blk0(i); \
173
    ROUND256(a,b,c,d,e,f,g,h)
174
175
#define ROUND256_16_TO_63(a,b,c,d,e,f,g,h)   \
176
    T1 = blk(i); \
177
    ROUND256(a,b,c,d,e,f,g,h)
178
179
static void sha256_transform(uint32_t *state, const uint8_t buffer[64])
180
{
181
    unsigned int i, a, b, c, d, e, f, g, h;
182
    uint32_t block[64];
183 8b4e7c28 Diego Biurrun
    uint32_t T1, av_unused(T2);
184 aa5a99ae Kostya Shishkov
185
    a = state[0];
186
    b = state[1];
187
    c = state[2];
188
    d = state[3];
189
    e = state[4];
190
    f = state[5];
191
    g = state[6];
192
    h = state[7];
193
#if CONFIG_SMALL
194
    for (i = 0; i < 64; i++) {
195
        if (i < 16)
196
            T1 = blk0(i);
197
        else
198
            T1 = blk(i);
199
        T1 += h + Sigma1_256(e) + Ch(e, f, g) + K256[i];
200
        T2 = Sigma0_256(a) + Maj(a, b, c);
201
        h = g;
202
        g = f;
203
        f = e;
204
        e = d + T1;
205
        d = c;
206
        c = b;
207
        b = a;
208
        a = T1 + T2;
209
    }
210
#else
211
    for (i = 0; i < 16;) {
212
        ROUND256_0_TO_15(a, b, c, d, e, f, g, h);
213
        ROUND256_0_TO_15(h, a, b, c, d, e, f, g);
214
        ROUND256_0_TO_15(g, h, a, b, c, d, e, f);
215
        ROUND256_0_TO_15(f, g, h, a, b, c, d, e);
216
        ROUND256_0_TO_15(e, f, g, h, a, b, c, d);
217
        ROUND256_0_TO_15(d, e, f, g, h, a, b, c);
218
        ROUND256_0_TO_15(c, d, e, f, g, h, a, b);
219
        ROUND256_0_TO_15(b, c, d, e, f, g, h, a);
220
    }
221
222
    for (; i < 64;) {
223
        ROUND256_16_TO_63(a, b, c, d, e, f, g, h);
224
        ROUND256_16_TO_63(h, a, b, c, d, e, f, g);
225
        ROUND256_16_TO_63(g, h, a, b, c, d, e, f);
226
        ROUND256_16_TO_63(f, g, h, a, b, c, d, e);
227
        ROUND256_16_TO_63(e, f, g, h, a, b, c, d);
228
        ROUND256_16_TO_63(d, e, f, g, h, a, b, c);
229
        ROUND256_16_TO_63(c, d, e, f, g, h, a, b);
230
        ROUND256_16_TO_63(b, c, d, e, f, g, h, a);
231
    }
232
#endif
233
    state[0] += a;
234
    state[1] += b;
235
    state[2] += c;
236
    state[3] += d;
237
    state[4] += e;
238
    state[5] += f;
239
    state[6] += g;
240
    state[7] += h;
241
}
242
243
244 451ae257 Kostya Shishkov
int av_sha_init(AVSHA* ctx, int bits)
245 0ef37cd5 Diego Biurrun
{
246 aa5a99ae Kostya Shishkov
    ctx->digest_len = bits >> 5;
247
    switch (bits) {
248
    case 160: // SHA-1
249 87d718ae Kostya Shishkov
        ctx->state[0] = 0x67452301;
250
        ctx->state[1] = 0xEFCDAB89;
251
        ctx->state[2] = 0x98BADCFE;
252
        ctx->state[3] = 0x10325476;
253
        ctx->state[4] = 0xC3D2E1F0;
254
        ctx->transform = sha1_transform;
255 aa5a99ae Kostya Shishkov
        break;
256
    case 224: // SHA-224
257
        ctx->state[0] = 0xC1059ED8;
258
        ctx->state[1] = 0x367CD507;
259
        ctx->state[2] = 0x3070DD17;
260
        ctx->state[3] = 0xF70E5939;
261
        ctx->state[4] = 0xFFC00B31;
262
        ctx->state[5] = 0x68581511;
263
        ctx->state[6] = 0x64F98FA7;
264
        ctx->state[7] = 0xBEFA4FA4;
265
        ctx->transform = sha256_transform;
266
        break;
267
    case 256: // SHA-256
268
        ctx->state[0] = 0x6A09E667;
269
        ctx->state[1] = 0xBB67AE85;
270
        ctx->state[2] = 0x3C6EF372;
271
        ctx->state[3] = 0xA54FF53A;
272
        ctx->state[4] = 0x510E527F;
273
        ctx->state[5] = 0x9B05688C;
274
        ctx->state[6] = 0x1F83D9AB;
275
        ctx->state[7] = 0x5BE0CD19;
276
        ctx->transform = sha256_transform;
277
        break;
278
    default:
279
        return -1;
280
    }
281
    ctx->count = 0;
282 451ae257 Kostya Shishkov
    return 0;
283 7c60e55b Michael Niedermayer
}
284
285 451ae257 Kostya Shishkov
void av_sha_update(AVSHA* ctx, const uint8_t* data, unsigned int len)
286 0ef37cd5 Diego Biurrun
{
287 7c60e55b Michael Niedermayer
    unsigned int i, j;
288
289 248b25f8 Michael Niedermayer
    j = ctx->count & 63;
290
    ctx->count += len;
291 b250f9c6 Aurelien Jacobs
#if CONFIG_SMALL
292 0ef37cd5 Diego Biurrun
    for (i = 0; i < len; i++) {
293
        ctx->buffer[j++] = data[i];
294
        if (64 == j) {
295 2c6361e0 Kostya Shishkov
            ctx->transform(ctx->state, ctx->buffer);
296 36c7fa7e Michael Niedermayer
            j = 0;
297
        }
298
    }
299
#else
300 7c60e55b Michael Niedermayer
    if ((j + len) > 63) {
301 0ef37cd5 Diego Biurrun
        memcpy(&ctx->buffer[j], data, (i = 64 - j));
302 2c6361e0 Kostya Shishkov
        ctx->transform(ctx->state, ctx->buffer);
303 0ef37cd5 Diego Biurrun
        for (; i + 63 < len; i += 64)
304 2c6361e0 Kostya Shishkov
            ctx->transform(ctx->state, &data[i]);
305 0ef37cd5 Diego Biurrun
        j = 0;
306
    } else
307
        i = 0;
308 248b25f8 Michael Niedermayer
    memcpy(&ctx->buffer[j], &data[i], len - i);
309 36c7fa7e Michael Niedermayer
#endif
310 7c60e55b Michael Niedermayer
}
311
312 451ae257 Kostya Shishkov
void av_sha_final(AVSHA* ctx, uint8_t *digest)
313 0ef37cd5 Diego Biurrun
{
314 7c60e55b Michael Niedermayer
    int i;
315 0ef37cd5 Diego Biurrun
    uint64_t finalcount = be2me_64(ctx->count << 3);
316 7c60e55b Michael Niedermayer
317 451ae257 Kostya Shishkov
    av_sha_update(ctx, "\200", 1);
318 0ef37cd5 Diego Biurrun
    while ((ctx->count & 63) != 56)
319 451ae257 Kostya Shishkov
        av_sha_update(ctx, "", 1);
320
    av_sha_update(ctx, (uint8_t *)&finalcount, 8); /* Should cause a transform() */
321 aa5a99ae Kostya Shishkov
    for (i = 0; i < ctx->digest_len; i++)
322 0ef37cd5 Diego Biurrun
        ((uint32_t*)digest)[i] = be2me_32(ctx->state[i]);
323 7c60e55b Michael Niedermayer
}
324
325 451ae257 Kostya Shishkov
#if LIBAVUTIL_VERSION_MAJOR < 51
326
struct AVSHA1 {
327
    AVSHA sha;
328
};
329
330
const int av_sha1_size = sizeof(struct AVSHA1);
331
332
void av_sha1_init(struct AVSHA1* context)
333
{
334
    av_sha_init(&context->sha, 160);
335
}
336
337
void av_sha1_update(struct AVSHA1* context, const uint8_t* data, unsigned int len)
338
{
339
    av_sha_update(&context->sha, data, len);
340
}
341
342
void av_sha1_final(struct AVSHA1* context, uint8_t digest[20])
343
{
344
    av_sha_final(&context->sha, digest);
345
}
346
#endif
347
348 7c60e55b Michael Niedermayer
#ifdef TEST
349
#include <stdio.h>
350
#undef printf
351
352 0ef37cd5 Diego Biurrun
int main(void)
353
{
354 aa5a99ae Kostya Shishkov
    int i, j, k;
355 451ae257 Kostya Shishkov
    AVSHA ctx;
356 aa5a99ae Kostya Shishkov
    unsigned char digest[32];
357
    const int lengths[3] = { 160, 224, 256 };
358 7c60e55b Michael Niedermayer
359 aa5a99ae Kostya Shishkov
    for (j = 0; j < 3; j++) {
360
        printf("Testing SHA-%d\n", lengths[j]);
361 87d718ae Kostya Shishkov
        for (k = 0; k < 3; k++) {
362
            av_sha_init(&ctx, lengths[j]);
363
            if (k == 0)
364
                av_sha_update(&ctx, "abc", 3);
365
            else if (k == 1)
366
                av_sha_update(&ctx, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56);
367
            else
368
                for (i = 0; i < 1000*1000; i++)
369
                    av_sha_update(&ctx, "a", 1);
370
            av_sha_final(&ctx, digest);
371
            for (i = 0; i < lengths[j] >> 3; i++)
372
                printf("%02X", digest[i]);
373
            putchar('\n');
374
        }
375
        switch (j) {
376
        case 0:
377
            //test vectors (from FIPS PUB 180-1)
378
            printf("A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D\n"
379
                   "84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1\n"
380
                   "34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F\n");
381
            break;
382
        case 1:
383
            //test vectors (from FIPS PUB 180-2 Appendix A)
384
            printf("23097d22 3405d822 8642a477 bda255b3 2aadbce4 bda0b3f7 e36c9da7\n"
385
                   "75388b16 512776cc 5dba5da1 fd890150 b0c6455c b4f58b19 52522525\n"
386
                   "20794655 980c91d8 bbb4c1ea 97618a4b f03f4258 1948b2ee 4ee7ad67\n");
387
            break;
388
        case 2:
389
            //test vectors (from FIPS PUB 180-2)
390
            printf("ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad\n"
391
                   "248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1\n"
392
                   "cdc76e5c 9914fb92 81a1c7e2 84d73e67 f1809a48 a497200e 046d39cc c7112cd0\n");
393
            break;
394
        }
395 aa5a99ae Kostya Shishkov
    }
396 7c60e55b Michael Niedermayer
397
    return 0;
398
}
399
#endif