Line data Source code
1 : /* sha1.c - SHA1 hash function
2 : * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc.
3 : *
4 : * This file is part of Libgcrypt.
5 : *
6 : * Libgcrypt is free software; you can redistribute it and/or modify
7 : * it under the terms of the GNU Lesser General Public License as
8 : * published by the Free Software Foundation; either version 2.1 of
9 : * the License, or (at your option) any later version.
10 : *
11 : * Libgcrypt is distributed in the hope that it will be useful,
12 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : * GNU Lesser General Public License for more details.
15 : *
16 : * You should have received a copy of the GNU Lesser General Public
17 : * License along with this program; if not, write to the Free Software
18 : * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
19 : * USA.
20 : */
21 :
22 :
23 : /* This is a simplified SHA01 versions taken from the libgrypt one.
24 : We need this for some tests (e.g. OCSP).
25 : */
26 :
27 : #include <config.h>
28 : #include <stdio.h>
29 : #include <stdlib.h>
30 : #include <string.h>
31 : #include <sys/types.h>
32 :
33 : #ifndef HAVE_U32_TYPEDEF
34 : #undef u32 /* maybe there is a macro with this name */
35 : #if SIZEOF_UNSIGNED_INT == 4
36 : typedef unsigned int u32;
37 : #elif SIZEOF_UNSIGNED_LONG == 4
38 : typedef unsigned long u32;
39 : #else
40 : #error no typedef for u32
41 : #endif
42 : #define HAVE_U32_TYPEDEF
43 : #endif
44 :
45 : typedef struct
46 : {
47 : u32 h0,h1,h2,h3,h4;
48 : u32 nblocks;
49 : unsigned char buf[64];
50 : int count;
51 : } sha1_context_t;
52 :
53 :
54 : #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) )
55 :
56 :
57 : static void
58 0 : sha1_init (void *context)
59 : {
60 0 : sha1_context_t *hd = context;
61 :
62 0 : hd->h0 = 0x67452301;
63 0 : hd->h1 = 0xefcdab89;
64 0 : hd->h2 = 0x98badcfe;
65 0 : hd->h3 = 0x10325476;
66 0 : hd->h4 = 0xc3d2e1f0;
67 0 : hd->nblocks = 0;
68 0 : hd->count = 0;
69 0 : }
70 :
71 :
72 : /****************
73 : * Transform the message X which consists of 16 32-bit-words
74 : */
75 : static void
76 0 : transform( sha1_context_t *hd, unsigned char *data )
77 : {
78 : register u32 a,b,c,d,e,tm;
79 : u32 x[16];
80 :
81 : /* Get values from the chaining vars. */
82 0 : a = hd->h0;
83 0 : b = hd->h1;
84 0 : c = hd->h2;
85 0 : d = hd->h3;
86 0 : e = hd->h4;
87 :
88 : #ifdef WORDS_BIGENDIAN
89 : memcpy( x, data, 64 );
90 : #else
91 : {
92 : int i;
93 : unsigned char *p2;
94 0 : for(i=0, p2=(unsigned char*)x; i < 16; i++, p2 += 4 )
95 : {
96 0 : p2[3] = *data++;
97 0 : p2[2] = *data++;
98 0 : p2[1] = *data++;
99 0 : p2[0] = *data++;
100 : }
101 : }
102 : #endif
103 :
104 :
105 : #define K1 0x5A827999L
106 : #define K2 0x6ED9EBA1L
107 : #define K3 0x8F1BBCDCL
108 : #define K4 0xCA62C1D6L
109 : #define F1(x,y,z) ( z ^ ( x & ( y ^ z ) ) )
110 : #define F2(x,y,z) ( x ^ y ^ z )
111 : #define F3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) )
112 : #define F4(x,y,z) ( x ^ y ^ z )
113 :
114 :
115 : #define M(i) ( tm = x[i&0x0f] ^ x[(i-14)&0x0f] \
116 : ^ x[(i-8)&0x0f] ^ x[(i-3)&0x0f] \
117 : , (x[i&0x0f] = rol(tm, 1)) )
118 :
119 : #define R(a,b,c,d,e,f,k,m) do { e += rol( a, 5 ) \
120 : + f( b, c, d ) \
121 : + k \
122 : + m; \
123 : b = rol( b, 30 ); \
124 : } while(0)
125 0 : R( a, b, c, d, e, F1, K1, x[ 0] );
126 0 : R( e, a, b, c, d, F1, K1, x[ 1] );
127 0 : R( d, e, a, b, c, F1, K1, x[ 2] );
128 0 : R( c, d, e, a, b, F1, K1, x[ 3] );
129 0 : R( b, c, d, e, a, F1, K1, x[ 4] );
130 0 : R( a, b, c, d, e, F1, K1, x[ 5] );
131 0 : R( e, a, b, c, d, F1, K1, x[ 6] );
132 0 : R( d, e, a, b, c, F1, K1, x[ 7] );
133 0 : R( c, d, e, a, b, F1, K1, x[ 8] );
134 0 : R( b, c, d, e, a, F1, K1, x[ 9] );
135 0 : R( a, b, c, d, e, F1, K1, x[10] );
136 0 : R( e, a, b, c, d, F1, K1, x[11] );
137 0 : R( d, e, a, b, c, F1, K1, x[12] );
138 0 : R( c, d, e, a, b, F1, K1, x[13] );
139 0 : R( b, c, d, e, a, F1, K1, x[14] );
140 0 : R( a, b, c, d, e, F1, K1, x[15] );
141 0 : R( e, a, b, c, d, F1, K1, M(16) );
142 0 : R( d, e, a, b, c, F1, K1, M(17) );
143 0 : R( c, d, e, a, b, F1, K1, M(18) );
144 0 : R( b, c, d, e, a, F1, K1, M(19) );
145 0 : R( a, b, c, d, e, F2, K2, M(20) );
146 0 : R( e, a, b, c, d, F2, K2, M(21) );
147 0 : R( d, e, a, b, c, F2, K2, M(22) );
148 0 : R( c, d, e, a, b, F2, K2, M(23) );
149 0 : R( b, c, d, e, a, F2, K2, M(24) );
150 0 : R( a, b, c, d, e, F2, K2, M(25) );
151 0 : R( e, a, b, c, d, F2, K2, M(26) );
152 0 : R( d, e, a, b, c, F2, K2, M(27) );
153 0 : R( c, d, e, a, b, F2, K2, M(28) );
154 0 : R( b, c, d, e, a, F2, K2, M(29) );
155 0 : R( a, b, c, d, e, F2, K2, M(30) );
156 0 : R( e, a, b, c, d, F2, K2, M(31) );
157 0 : R( d, e, a, b, c, F2, K2, M(32) );
158 0 : R( c, d, e, a, b, F2, K2, M(33) );
159 0 : R( b, c, d, e, a, F2, K2, M(34) );
160 0 : R( a, b, c, d, e, F2, K2, M(35) );
161 0 : R( e, a, b, c, d, F2, K2, M(36) );
162 0 : R( d, e, a, b, c, F2, K2, M(37) );
163 0 : R( c, d, e, a, b, F2, K2, M(38) );
164 0 : R( b, c, d, e, a, F2, K2, M(39) );
165 0 : R( a, b, c, d, e, F3, K3, M(40) );
166 0 : R( e, a, b, c, d, F3, K3, M(41) );
167 0 : R( d, e, a, b, c, F3, K3, M(42) );
168 0 : R( c, d, e, a, b, F3, K3, M(43) );
169 0 : R( b, c, d, e, a, F3, K3, M(44) );
170 0 : R( a, b, c, d, e, F3, K3, M(45) );
171 0 : R( e, a, b, c, d, F3, K3, M(46) );
172 0 : R( d, e, a, b, c, F3, K3, M(47) );
173 0 : R( c, d, e, a, b, F3, K3, M(48) );
174 0 : R( b, c, d, e, a, F3, K3, M(49) );
175 0 : R( a, b, c, d, e, F3, K3, M(50) );
176 0 : R( e, a, b, c, d, F3, K3, M(51) );
177 0 : R( d, e, a, b, c, F3, K3, M(52) );
178 0 : R( c, d, e, a, b, F3, K3, M(53) );
179 0 : R( b, c, d, e, a, F3, K3, M(54) );
180 0 : R( a, b, c, d, e, F3, K3, M(55) );
181 0 : R( e, a, b, c, d, F3, K3, M(56) );
182 0 : R( d, e, a, b, c, F3, K3, M(57) );
183 0 : R( c, d, e, a, b, F3, K3, M(58) );
184 0 : R( b, c, d, e, a, F3, K3, M(59) );
185 0 : R( a, b, c, d, e, F4, K4, M(60) );
186 0 : R( e, a, b, c, d, F4, K4, M(61) );
187 0 : R( d, e, a, b, c, F4, K4, M(62) );
188 0 : R( c, d, e, a, b, F4, K4, M(63) );
189 0 : R( b, c, d, e, a, F4, K4, M(64) );
190 0 : R( a, b, c, d, e, F4, K4, M(65) );
191 0 : R( e, a, b, c, d, F4, K4, M(66) );
192 0 : R( d, e, a, b, c, F4, K4, M(67) );
193 0 : R( c, d, e, a, b, F4, K4, M(68) );
194 0 : R( b, c, d, e, a, F4, K4, M(69) );
195 0 : R( a, b, c, d, e, F4, K4, M(70) );
196 0 : R( e, a, b, c, d, F4, K4, M(71) );
197 0 : R( d, e, a, b, c, F4, K4, M(72) );
198 0 : R( c, d, e, a, b, F4, K4, M(73) );
199 0 : R( b, c, d, e, a, F4, K4, M(74) );
200 0 : R( a, b, c, d, e, F4, K4, M(75) );
201 0 : R( e, a, b, c, d, F4, K4, M(76) );
202 0 : R( d, e, a, b, c, F4, K4, M(77) );
203 0 : R( c, d, e, a, b, F4, K4, M(78) );
204 0 : R( b, c, d, e, a, F4, K4, M(79) );
205 :
206 : /* Update chaining vars. */
207 0 : hd->h0 += a;
208 0 : hd->h1 += b;
209 0 : hd->h2 += c;
210 0 : hd->h3 += d;
211 0 : hd->h4 += e;
212 0 : }
213 :
214 :
215 : /* Update the message digest with the contents
216 : * of INBUF with length INLEN.
217 : */
218 : static void
219 0 : sha1_write( void *context, unsigned char *inbuf, size_t inlen)
220 : {
221 0 : sha1_context_t *hd = context;
222 :
223 0 : if( hd->count == 64 ) /* flush the buffer */
224 : {
225 0 : transform( hd, hd->buf );
226 0 : hd->count = 0;
227 0 : hd->nblocks++;
228 : }
229 0 : if( !inbuf )
230 0 : return;
231 :
232 0 : if( hd->count )
233 : {
234 0 : for( ; inlen && hd->count < 64; inlen-- )
235 0 : hd->buf[hd->count++] = *inbuf++;
236 0 : sha1_write( hd, NULL, 0 );
237 0 : if( !inlen )
238 0 : return;
239 : }
240 :
241 0 : while( inlen >= 64 )
242 : {
243 0 : transform( hd, inbuf );
244 0 : hd->count = 0;
245 0 : hd->nblocks++;
246 0 : inlen -= 64;
247 0 : inbuf += 64;
248 : }
249 0 : for( ; inlen && hd->count < 64; inlen-- )
250 0 : hd->buf[hd->count++] = *inbuf++;
251 : }
252 :
253 :
254 : /* The routine final terminates the computation and
255 : * returns the digest.
256 : * The handle is prepared for a new cycle, but adding bytes to the
257 : * handle will the destroy the returned buffer.
258 : * Returns: 20 bytes representing the digest.
259 : */
260 :
261 : static void
262 0 : sha1_final(void *context)
263 : {
264 0 : sha1_context_t *hd = context;
265 :
266 : u32 t, msb, lsb;
267 : unsigned char *p;
268 :
269 0 : sha1_write(hd, NULL, 0); /* flush */;
270 :
271 0 : t = hd->nblocks;
272 : /* multiply by 64 to make a byte count */
273 0 : lsb = t << 6;
274 0 : msb = t >> 26;
275 : /* add the count */
276 0 : t = lsb;
277 0 : if( (lsb += hd->count) < t )
278 0 : msb++;
279 : /* multiply by 8 to make a bit count */
280 0 : t = lsb;
281 0 : lsb <<= 3;
282 0 : msb <<= 3;
283 0 : msb |= t >> 29;
284 :
285 0 : if( hd->count < 56 ) /* enough room */
286 : {
287 0 : hd->buf[hd->count++] = 0x80; /* pad */
288 0 : while( hd->count < 56 )
289 0 : hd->buf[hd->count++] = 0; /* pad */
290 : }
291 : else /* need one extra block */
292 : {
293 0 : hd->buf[hd->count++] = 0x80; /* pad character */
294 0 : while( hd->count < 64 )
295 0 : hd->buf[hd->count++] = 0;
296 0 : sha1_write(hd, NULL, 0); /* flush */;
297 0 : memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
298 : }
299 : /* append the 64 bit count */
300 0 : hd->buf[56] = msb >> 24;
301 0 : hd->buf[57] = msb >> 16;
302 0 : hd->buf[58] = msb >> 8;
303 0 : hd->buf[59] = msb ;
304 0 : hd->buf[60] = lsb >> 24;
305 0 : hd->buf[61] = lsb >> 16;
306 0 : hd->buf[62] = lsb >> 8;
307 0 : hd->buf[63] = lsb ;
308 0 : transform( hd, hd->buf );
309 :
310 0 : p = hd->buf;
311 : #ifdef WORDS_BIGENDIAN
312 : #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
313 : #else /* little endian */
314 : #define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \
315 : *p++ = hd->h##a >> 8; *p++ = hd->h##a; } while(0)
316 : #endif
317 0 : X(0);
318 0 : X(1);
319 0 : X(2);
320 0 : X(3);
321 0 : X(4);
322 : #undef X
323 :
324 0 : }
325 :
326 : void
327 0 : sha1_hash_buffer (char *outbuf, const char *buffer, size_t length)
328 : {
329 : sha1_context_t hd;
330 :
331 0 : sha1_init (&hd);
332 0 : sha1_write (&hd, (unsigned char *)buffer, length);
333 0 : sha1_final (&hd);
334 0 : memcpy (outbuf, hd.buf, 20);
335 0 : }
|
