Line data Source code
1 : /* rmd160.c - RIPE-MD160
2 : * Copyright (C) 1998, 1999, 2000, 2001, 2008 Free Software Foundation, Inc.
3 : *
4 : * This file is part of GnuPG.
5 : *
6 : * GnuPG is free software; you can redistribute it and/or modify
7 : * it under the terms of the GNU General Public License as published by
8 : * the Free Software Foundation; either version 3 of the License, or
9 : * (at your option) any later version.
10 : *
11 : * GnuPG is distributed in the hope that it will be useful,
12 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : * GNU General Public License for more details.
15 : *
16 : * You should have received a copy of the GNU General Public License
17 : * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 : */
19 :
20 : /* For historic reasons gpg uses RIPE-MD160 to to identify names in
21 : the trustdb. It would be better to change that to SHA-1, to take
22 : advantage of a SHA-1 hardware operation provided by some CPUs.
23 : This would break trustdb compatibility and thus we don't want to do
24 : it now.
25 :
26 : We do not use the libgcrypt provided implementation of RMD160
27 : because that is not available in FIPS mode, thus for the sake of
28 : gpg internal non-cryptographic, purposes, we use this separate
29 : implementation.
30 : */
31 :
32 : #include <config.h>
33 :
34 : #include <stdio.h>
35 : #include <stdlib.h>
36 : #include <string.h>
37 :
38 : #include "../common/types.h"
39 : #include "rmd160.h"
40 :
41 : /*
42 : * Rotate the 32 bit integer X by N bytes.
43 : */
44 : #if defined(__GNUC__) && defined(__i386__)
45 : static inline u32
46 : rol (u32 x, int n)
47 : {
48 : __asm__("roll %%cl,%0"
49 : :"=r" (x)
50 : :"0" (x),"c" (n));
51 : return x;
52 : }
53 : #else
54 : #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) )
55 : #endif
56 :
57 : /* Structure holding the context for the RIPE-MD160 computation. */
58 : typedef struct
59 : {
60 : u32 h0, h1, h2, h3, h4;
61 : u32 nblocks;
62 : unsigned char buf[64];
63 : int count;
64 : } rmd160_context_t;
65 :
66 :
67 :
68 : static void
69 559 : rmd160_init (rmd160_context_t *hd)
70 : {
71 559 : hd->h0 = 0x67452301;
72 559 : hd->h1 = 0xEFCDAB89;
73 559 : hd->h2 = 0x98BADCFE;
74 559 : hd->h3 = 0x10325476;
75 559 : hd->h4 = 0xC3D2E1F0;
76 559 : hd->nblocks = 0;
77 559 : hd->count = 0;
78 559 : }
79 :
80 :
81 :
82 : /*
83 : * Transform the message X which consists of 16 32-bit-words.
84 : */
85 : static void
86 562 : transform (rmd160_context_t *hd, const unsigned char *data)
87 : {
88 : u32 a,b,c,d,e,aa,bb,cc,dd,ee,t;
89 : #ifdef BIG_ENDIAN_HOST
90 : u32 x[16];
91 : {
92 : int i;
93 : unsigned char *p2, *p1;
94 : for (i=0, p1=data, p2=(unsigned char*)x; i < 16; i++, p2 += 4 )
95 : {
96 : p2[3] = *p1++;
97 : p2[2] = *p1++;
98 : p2[1] = *p1++;
99 : p2[0] = *p1++;
100 : }
101 : }
102 : #else
103 : u32 x[16];
104 562 : memcpy (x, data, 64);
105 : #endif
106 :
107 :
108 : #define K0 0x00000000
109 : #define K1 0x5A827999
110 : #define K2 0x6ED9EBA1
111 : #define K3 0x8F1BBCDC
112 : #define K4 0xA953FD4E
113 : #define KK0 0x50A28BE6
114 : #define KK1 0x5C4DD124
115 : #define KK2 0x6D703EF3
116 : #define KK3 0x7A6D76E9
117 : #define KK4 0x00000000
118 : #define F0(x,y,z) ( (x) ^ (y) ^ (z) )
119 : #define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) )
120 : #define F2(x,y,z) ( ((x) | ~(y)) ^ (z) )
121 : #define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) )
122 : #define F4(x,y,z) ( (x) ^ ((y) | ~(z)) )
123 : #define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \
124 : a = rol(t,s) + e; \
125 : c = rol(c,10); \
126 : } while(0)
127 :
128 : /* Left lane. */
129 562 : a = hd->h0;
130 562 : b = hd->h1;
131 562 : c = hd->h2;
132 562 : d = hd->h3;
133 562 : e = hd->h4;
134 562 : R( a, b, c, d, e, F0, K0, 0, 11 );
135 562 : R( e, a, b, c, d, F0, K0, 1, 14 );
136 562 : R( d, e, a, b, c, F0, K0, 2, 15 );
137 562 : R( c, d, e, a, b, F0, K0, 3, 12 );
138 562 : R( b, c, d, e, a, F0, K0, 4, 5 );
139 562 : R( a, b, c, d, e, F0, K0, 5, 8 );
140 562 : R( e, a, b, c, d, F0, K0, 6, 7 );
141 562 : R( d, e, a, b, c, F0, K0, 7, 9 );
142 562 : R( c, d, e, a, b, F0, K0, 8, 11 );
143 562 : R( b, c, d, e, a, F0, K0, 9, 13 );
144 562 : R( a, b, c, d, e, F0, K0, 10, 14 );
145 562 : R( e, a, b, c, d, F0, K0, 11, 15 );
146 562 : R( d, e, a, b, c, F0, K0, 12, 6 );
147 562 : R( c, d, e, a, b, F0, K0, 13, 7 );
148 562 : R( b, c, d, e, a, F0, K0, 14, 9 );
149 562 : R( a, b, c, d, e, F0, K0, 15, 8 );
150 562 : R( e, a, b, c, d, F1, K1, 7, 7 );
151 562 : R( d, e, a, b, c, F1, K1, 4, 6 );
152 562 : R( c, d, e, a, b, F1, K1, 13, 8 );
153 562 : R( b, c, d, e, a, F1, K1, 1, 13 );
154 562 : R( a, b, c, d, e, F1, K1, 10, 11 );
155 562 : R( e, a, b, c, d, F1, K1, 6, 9 );
156 562 : R( d, e, a, b, c, F1, K1, 15, 7 );
157 562 : R( c, d, e, a, b, F1, K1, 3, 15 );
158 562 : R( b, c, d, e, a, F1, K1, 12, 7 );
159 562 : R( a, b, c, d, e, F1, K1, 0, 12 );
160 562 : R( e, a, b, c, d, F1, K1, 9, 15 );
161 562 : R( d, e, a, b, c, F1, K1, 5, 9 );
162 562 : R( c, d, e, a, b, F1, K1, 2, 11 );
163 562 : R( b, c, d, e, a, F1, K1, 14, 7 );
164 562 : R( a, b, c, d, e, F1, K1, 11, 13 );
165 562 : R( e, a, b, c, d, F1, K1, 8, 12 );
166 562 : R( d, e, a, b, c, F2, K2, 3, 11 );
167 562 : R( c, d, e, a, b, F2, K2, 10, 13 );
168 562 : R( b, c, d, e, a, F2, K2, 14, 6 );
169 562 : R( a, b, c, d, e, F2, K2, 4, 7 );
170 562 : R( e, a, b, c, d, F2, K2, 9, 14 );
171 562 : R( d, e, a, b, c, F2, K2, 15, 9 );
172 562 : R( c, d, e, a, b, F2, K2, 8, 13 );
173 562 : R( b, c, d, e, a, F2, K2, 1, 15 );
174 562 : R( a, b, c, d, e, F2, K2, 2, 14 );
175 562 : R( e, a, b, c, d, F2, K2, 7, 8 );
176 562 : R( d, e, a, b, c, F2, K2, 0, 13 );
177 562 : R( c, d, e, a, b, F2, K2, 6, 6 );
178 562 : R( b, c, d, e, a, F2, K2, 13, 5 );
179 562 : R( a, b, c, d, e, F2, K2, 11, 12 );
180 562 : R( e, a, b, c, d, F2, K2, 5, 7 );
181 562 : R( d, e, a, b, c, F2, K2, 12, 5 );
182 562 : R( c, d, e, a, b, F3, K3, 1, 11 );
183 562 : R( b, c, d, e, a, F3, K3, 9, 12 );
184 562 : R( a, b, c, d, e, F3, K3, 11, 14 );
185 562 : R( e, a, b, c, d, F3, K3, 10, 15 );
186 562 : R( d, e, a, b, c, F3, K3, 0, 14 );
187 562 : R( c, d, e, a, b, F3, K3, 8, 15 );
188 562 : R( b, c, d, e, a, F3, K3, 12, 9 );
189 562 : R( a, b, c, d, e, F3, K3, 4, 8 );
190 562 : R( e, a, b, c, d, F3, K3, 13, 9 );
191 562 : R( d, e, a, b, c, F3, K3, 3, 14 );
192 562 : R( c, d, e, a, b, F3, K3, 7, 5 );
193 562 : R( b, c, d, e, a, F3, K3, 15, 6 );
194 562 : R( a, b, c, d, e, F3, K3, 14, 8 );
195 562 : R( e, a, b, c, d, F3, K3, 5, 6 );
196 562 : R( d, e, a, b, c, F3, K3, 6, 5 );
197 562 : R( c, d, e, a, b, F3, K3, 2, 12 );
198 562 : R( b, c, d, e, a, F4, K4, 4, 9 );
199 562 : R( a, b, c, d, e, F4, K4, 0, 15 );
200 562 : R( e, a, b, c, d, F4, K4, 5, 5 );
201 562 : R( d, e, a, b, c, F4, K4, 9, 11 );
202 562 : R( c, d, e, a, b, F4, K4, 7, 6 );
203 562 : R( b, c, d, e, a, F4, K4, 12, 8 );
204 562 : R( a, b, c, d, e, F4, K4, 2, 13 );
205 562 : R( e, a, b, c, d, F4, K4, 10, 12 );
206 562 : R( d, e, a, b, c, F4, K4, 14, 5 );
207 562 : R( c, d, e, a, b, F4, K4, 1, 12 );
208 562 : R( b, c, d, e, a, F4, K4, 3, 13 );
209 562 : R( a, b, c, d, e, F4, K4, 8, 14 );
210 562 : R( e, a, b, c, d, F4, K4, 11, 11 );
211 562 : R( d, e, a, b, c, F4, K4, 6, 8 );
212 562 : R( c, d, e, a, b, F4, K4, 15, 5 );
213 562 : R( b, c, d, e, a, F4, K4, 13, 6 );
214 :
215 562 : aa = a; bb = b; cc = c; dd = d; ee = e;
216 :
217 : /* Right lane. */
218 562 : a = hd->h0;
219 562 : b = hd->h1;
220 562 : c = hd->h2;
221 562 : d = hd->h3;
222 562 : e = hd->h4;
223 562 : R( a, b, c, d, e, F4, KK0, 5, 8);
224 562 : R( e, a, b, c, d, F4, KK0, 14, 9);
225 562 : R( d, e, a, b, c, F4, KK0, 7, 9);
226 562 : R( c, d, e, a, b, F4, KK0, 0, 11);
227 562 : R( b, c, d, e, a, F4, KK0, 9, 13);
228 562 : R( a, b, c, d, e, F4, KK0, 2, 15);
229 562 : R( e, a, b, c, d, F4, KK0, 11, 15);
230 562 : R( d, e, a, b, c, F4, KK0, 4, 5);
231 562 : R( c, d, e, a, b, F4, KK0, 13, 7);
232 562 : R( b, c, d, e, a, F4, KK0, 6, 7);
233 562 : R( a, b, c, d, e, F4, KK0, 15, 8);
234 562 : R( e, a, b, c, d, F4, KK0, 8, 11);
235 562 : R( d, e, a, b, c, F4, KK0, 1, 14);
236 562 : R( c, d, e, a, b, F4, KK0, 10, 14);
237 562 : R( b, c, d, e, a, F4, KK0, 3, 12);
238 562 : R( a, b, c, d, e, F4, KK0, 12, 6);
239 562 : R( e, a, b, c, d, F3, KK1, 6, 9);
240 562 : R( d, e, a, b, c, F3, KK1, 11, 13);
241 562 : R( c, d, e, a, b, F3, KK1, 3, 15);
242 562 : R( b, c, d, e, a, F3, KK1, 7, 7);
243 562 : R( a, b, c, d, e, F3, KK1, 0, 12);
244 562 : R( e, a, b, c, d, F3, KK1, 13, 8);
245 562 : R( d, e, a, b, c, F3, KK1, 5, 9);
246 562 : R( c, d, e, a, b, F3, KK1, 10, 11);
247 562 : R( b, c, d, e, a, F3, KK1, 14, 7);
248 562 : R( a, b, c, d, e, F3, KK1, 15, 7);
249 562 : R( e, a, b, c, d, F3, KK1, 8, 12);
250 562 : R( d, e, a, b, c, F3, KK1, 12, 7);
251 562 : R( c, d, e, a, b, F3, KK1, 4, 6);
252 562 : R( b, c, d, e, a, F3, KK1, 9, 15);
253 562 : R( a, b, c, d, e, F3, KK1, 1, 13);
254 562 : R( e, a, b, c, d, F3, KK1, 2, 11);
255 562 : R( d, e, a, b, c, F2, KK2, 15, 9);
256 562 : R( c, d, e, a, b, F2, KK2, 5, 7);
257 562 : R( b, c, d, e, a, F2, KK2, 1, 15);
258 562 : R( a, b, c, d, e, F2, KK2, 3, 11);
259 562 : R( e, a, b, c, d, F2, KK2, 7, 8);
260 562 : R( d, e, a, b, c, F2, KK2, 14, 6);
261 562 : R( c, d, e, a, b, F2, KK2, 6, 6);
262 562 : R( b, c, d, e, a, F2, KK2, 9, 14);
263 562 : R( a, b, c, d, e, F2, KK2, 11, 12);
264 562 : R( e, a, b, c, d, F2, KK2, 8, 13);
265 562 : R( d, e, a, b, c, F2, KK2, 12, 5);
266 562 : R( c, d, e, a, b, F2, KK2, 2, 14);
267 562 : R( b, c, d, e, a, F2, KK2, 10, 13);
268 562 : R( a, b, c, d, e, F2, KK2, 0, 13);
269 562 : R( e, a, b, c, d, F2, KK2, 4, 7);
270 562 : R( d, e, a, b, c, F2, KK2, 13, 5);
271 562 : R( c, d, e, a, b, F1, KK3, 8, 15);
272 562 : R( b, c, d, e, a, F1, KK3, 6, 5);
273 562 : R( a, b, c, d, e, F1, KK3, 4, 8);
274 562 : R( e, a, b, c, d, F1, KK3, 1, 11);
275 562 : R( d, e, a, b, c, F1, KK3, 3, 14);
276 562 : R( c, d, e, a, b, F1, KK3, 11, 14);
277 562 : R( b, c, d, e, a, F1, KK3, 15, 6);
278 562 : R( a, b, c, d, e, F1, KK3, 0, 14);
279 562 : R( e, a, b, c, d, F1, KK3, 5, 6);
280 562 : R( d, e, a, b, c, F1, KK3, 12, 9);
281 562 : R( c, d, e, a, b, F1, KK3, 2, 12);
282 562 : R( b, c, d, e, a, F1, KK3, 13, 9);
283 562 : R( a, b, c, d, e, F1, KK3, 9, 12);
284 562 : R( e, a, b, c, d, F1, KK3, 7, 5);
285 562 : R( d, e, a, b, c, F1, KK3, 10, 15);
286 562 : R( c, d, e, a, b, F1, KK3, 14, 8);
287 562 : R( b, c, d, e, a, F0, KK4, 12, 8);
288 562 : R( a, b, c, d, e, F0, KK4, 15, 5);
289 562 : R( e, a, b, c, d, F0, KK4, 10, 12);
290 562 : R( d, e, a, b, c, F0, KK4, 4, 9);
291 562 : R( c, d, e, a, b, F0, KK4, 1, 12);
292 562 : R( b, c, d, e, a, F0, KK4, 5, 5);
293 562 : R( a, b, c, d, e, F0, KK4, 8, 14);
294 562 : R( e, a, b, c, d, F0, KK4, 7, 6);
295 562 : R( d, e, a, b, c, F0, KK4, 6, 8);
296 562 : R( c, d, e, a, b, F0, KK4, 2, 13);
297 562 : R( b, c, d, e, a, F0, KK4, 13, 6);
298 562 : R( a, b, c, d, e, F0, KK4, 14, 5);
299 562 : R( e, a, b, c, d, F0, KK4, 0, 15);
300 562 : R( d, e, a, b, c, F0, KK4, 3, 13);
301 562 : R( c, d, e, a, b, F0, KK4, 9, 11);
302 562 : R( b, c, d, e, a, F0, KK4, 11, 11);
303 :
304 :
305 562 : t = hd->h1 + d + cc;
306 562 : hd->h1 = hd->h2 + e + dd;
307 562 : hd->h2 = hd->h3 + a + ee;
308 562 : hd->h3 = hd->h4 + b + aa;
309 562 : hd->h4 = hd->h0 + c + bb;
310 562 : hd->h0 = t;
311 562 : }
312 :
313 :
314 : /* Update the message digest with the content of (INBUF,INLEN). */
315 : static void
316 1119 : rmd160_write (rmd160_context_t *hd, const unsigned char *inbuf, size_t inlen)
317 : {
318 1119 : if( hd->count == 64 )
319 : {
320 : /* Flush the buffer. */
321 1 : transform (hd, hd->buf);
322 1 : hd->count = 0;
323 1 : hd->nblocks++;
324 : }
325 1119 : if (!inbuf)
326 560 : return;
327 :
328 559 : if (hd->count)
329 : {
330 0 : for (; inlen && hd->count < 64; inlen--)
331 0 : hd->buf[hd->count++] = *inbuf++;
332 0 : rmd160_write (hd, NULL, 0);
333 0 : if (!inlen)
334 0 : return;
335 : }
336 :
337 1120 : while (inlen >= 64)
338 : {
339 2 : transform (hd, inbuf);
340 2 : hd->count = 0;
341 2 : hd->nblocks++;
342 2 : inlen -= 64;
343 2 : inbuf += 64;
344 : }
345 18171 : for (; inlen && hd->count < 64; inlen--)
346 17612 : hd->buf[hd->count++] = *inbuf++;
347 : }
348 :
349 :
350 : /* Complete the message computation. */
351 : static void
352 559 : rmd160_final( rmd160_context_t *hd )
353 : {
354 : u32 t, msb, lsb;
355 : unsigned char *p;
356 :
357 559 : rmd160_write (hd, NULL, 0); /* Flush buffer. */
358 :
359 559 : t = hd->nblocks;
360 : /* Multiply by 64 to make a byte count. */
361 559 : lsb = t << 6;
362 559 : msb = t >> 26;
363 : /* Add the count. */
364 559 : t = lsb;
365 559 : if ((lsb += hd->count) < t)
366 0 : msb++;
367 : /* Multiply by 8 to make a bit count. */
368 559 : t = lsb;
369 559 : lsb <<= 3;
370 559 : msb <<= 3;
371 559 : msb |= t >> 29;
372 :
373 559 : if (hd->count < 56)
374 : {
375 : /* Enough room. */
376 558 : hd->buf[hd->count++] = 0x80; /* Pad character. */
377 14256 : while (hd->count < 56)
378 13140 : hd->buf[hd->count++] = 0;
379 : }
380 : else
381 : {
382 : /* Need one extra block. */
383 1 : hd->buf[hd->count++] = 0x80; /* Pad character. */
384 3 : while (hd->count < 64)
385 1 : hd->buf[hd->count++] = 0;
386 1 : rmd160_write (hd, NULL, 0); /* Flush buffer. */
387 1 : memset (hd->buf, 0, 56); /* Fill next block with zeroes. */
388 : }
389 : /* Append the 64 bit count. */
390 559 : hd->buf[56] = lsb;
391 559 : hd->buf[57] = lsb >> 8;
392 559 : hd->buf[58] = lsb >> 16;
393 559 : hd->buf[59] = lsb >> 24;
394 559 : hd->buf[60] = msb;
395 559 : hd->buf[61] = msb >> 8;
396 559 : hd->buf[62] = msb >> 16;
397 559 : hd->buf[63] = msb >> 24;
398 559 : transform (hd, hd->buf);
399 :
400 559 : p = hd->buf;
401 : #define X(a) do { *p++ = hd->h##a; *p++ = hd->h##a >> 8; \
402 : *p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0)
403 559 : X(0);
404 559 : X(1);
405 559 : X(2);
406 559 : X(3);
407 559 : X(4);
408 : #undef X
409 559 : }
410 :
411 :
412 : /*
413 : * Compines function to put the hash value of the supplied BUFFER into
414 : * OUTBUF which must have a size of 20 bytes.
415 : */
416 : void
417 559 : rmd160_hash_buffer (void *outbuf, const void *buffer, size_t length)
418 : {
419 : rmd160_context_t hd;
420 :
421 559 : rmd160_init (&hd);
422 559 : rmd160_write (&hd, buffer, length);
423 559 : rmd160_final (&hd);
424 559 : memcpy (outbuf, hd.buf, 20);
425 559 : }
|
