Line data Source code
1 : /* rmd160.c - RIPE-MD160
2 : * Copyright (C) 1998, 1999, 2000, 2001, 2008 Free Software Foundation, Inc.
3 : *
4 : * This file is part of GnuPG.
5 : *
6 : * GnuPG is free software; you can redistribute it and/or modify
7 : * it under the terms of the GNU General Public License as published by
8 : * the Free Software Foundation; either version 3 of the License, or
9 : * (at your option) any later version.
10 : *
11 : * GnuPG is distributed in the hope that it will be useful,
12 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : * GNU General Public License for more details.
15 : *
16 : * You should have received a copy of the GNU General Public License
17 : * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 : */
19 :
20 : /* For historic reasons gpg uses RIPE-MD160 to to identify names in
21 : the trustdb. It would be better to change that to SHA-1, to take
22 : advantage of a SHA-1 hardware operation provided by some CPUs.
23 : This would break trustdb compatibility and thus we don't want to do
24 : it now.
25 :
26 : We do not use the libgcrypt provided implementation of RMD160
27 : because that is not available in FIPS mode, thus for the sake of
28 : gpg internal non-cryptographic, purposes, we use this separate
29 : implementation.
30 : */
31 :
32 : #include <config.h>
33 :
34 : #include <stdio.h>
35 : #include <stdlib.h>
36 : #include <string.h>
37 :
38 : #include "../common/types.h"
39 : #include "rmd160.h"
40 :
41 : /*
42 : * Rotate the 32 bit integer X by N bytes.
43 : */
44 : #if defined(__GNUC__) && defined(__i386__)
45 : static inline u32
46 : rol (u32 x, int n)
47 : {
48 : __asm__("roll %%cl,%0"
49 : :"=r" (x)
50 : :"0" (x),"c" (n));
51 : return x;
52 : }
53 : #else
54 : #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) )
55 : #endif
56 :
57 : /* Structure holding the context for the RIPE-MD160 computation. */
58 : typedef struct
59 : {
60 : u32 h0, h1, h2, h3, h4;
61 : u32 nblocks;
62 : unsigned char buf[64];
63 : int count;
64 : } rmd160_context_t;
65 :
66 :
67 :
68 : static void
69 530 : rmd160_init (rmd160_context_t *hd)
70 : {
71 530 : hd->h0 = 0x67452301;
72 530 : hd->h1 = 0xEFCDAB89;
73 530 : hd->h2 = 0x98BADCFE;
74 530 : hd->h3 = 0x10325476;
75 530 : hd->h4 = 0xC3D2E1F0;
76 530 : hd->nblocks = 0;
77 530 : hd->count = 0;
78 530 : }
79 :
80 :
81 :
82 : /*
83 : * Transform the message X which consists of 16 32-bit-words.
84 : */
85 : static void
86 533 : transform (rmd160_context_t *hd, const unsigned char *data)
87 : {
88 : u32 a,b,c,d,e,aa,bb,cc,dd,ee,t;
89 : #ifdef BIG_ENDIAN_HOST
90 : u32 x[16];
91 : {
92 : int i;
93 : unsigned char *p2, *p1;
94 : for (i=0, p1=data, p2=(unsigned char*)x; i < 16; i++, p2 += 4 )
95 : {
96 : p2[3] = *p1++;
97 : p2[2] = *p1++;
98 : p2[1] = *p1++;
99 : p2[0] = *p1++;
100 : }
101 : }
102 : #else
103 : u32 x[16];
104 533 : memcpy (x, data, 64);
105 : #endif
106 :
107 :
108 : #define K0 0x00000000
109 : #define K1 0x5A827999
110 : #define K2 0x6ED9EBA1
111 : #define K3 0x8F1BBCDC
112 : #define K4 0xA953FD4E
113 : #define KK0 0x50A28BE6
114 : #define KK1 0x5C4DD124
115 : #define KK2 0x6D703EF3
116 : #define KK3 0x7A6D76E9
117 : #define KK4 0x00000000
118 : #define F0(x,y,z) ( (x) ^ (y) ^ (z) )
119 : #define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) )
120 : #define F2(x,y,z) ( ((x) | ~(y)) ^ (z) )
121 : #define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) )
122 : #define F4(x,y,z) ( (x) ^ ((y) | ~(z)) )
123 : #define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \
124 : a = rol(t,s) + e; \
125 : c = rol(c,10); \
126 : } while(0)
127 :
128 : /* Left lane. */
129 533 : a = hd->h0;
130 533 : b = hd->h1;
131 533 : c = hd->h2;
132 533 : d = hd->h3;
133 533 : e = hd->h4;
134 533 : R( a, b, c, d, e, F0, K0, 0, 11 );
135 533 : R( e, a, b, c, d, F0, K0, 1, 14 );
136 533 : R( d, e, a, b, c, F0, K0, 2, 15 );
137 533 : R( c, d, e, a, b, F0, K0, 3, 12 );
138 533 : R( b, c, d, e, a, F0, K0, 4, 5 );
139 533 : R( a, b, c, d, e, F0, K0, 5, 8 );
140 533 : R( e, a, b, c, d, F0, K0, 6, 7 );
141 533 : R( d, e, a, b, c, F0, K0, 7, 9 );
142 533 : R( c, d, e, a, b, F0, K0, 8, 11 );
143 533 : R( b, c, d, e, a, F0, K0, 9, 13 );
144 533 : R( a, b, c, d, e, F0, K0, 10, 14 );
145 533 : R( e, a, b, c, d, F0, K0, 11, 15 );
146 533 : R( d, e, a, b, c, F0, K0, 12, 6 );
147 533 : R( c, d, e, a, b, F0, K0, 13, 7 );
148 533 : R( b, c, d, e, a, F0, K0, 14, 9 );
149 533 : R( a, b, c, d, e, F0, K0, 15, 8 );
150 533 : R( e, a, b, c, d, F1, K1, 7, 7 );
151 533 : R( d, e, a, b, c, F1, K1, 4, 6 );
152 533 : R( c, d, e, a, b, F1, K1, 13, 8 );
153 533 : R( b, c, d, e, a, F1, K1, 1, 13 );
154 533 : R( a, b, c, d, e, F1, K1, 10, 11 );
155 533 : R( e, a, b, c, d, F1, K1, 6, 9 );
156 533 : R( d, e, a, b, c, F1, K1, 15, 7 );
157 533 : R( c, d, e, a, b, F1, K1, 3, 15 );
158 533 : R( b, c, d, e, a, F1, K1, 12, 7 );
159 533 : R( a, b, c, d, e, F1, K1, 0, 12 );
160 533 : R( e, a, b, c, d, F1, K1, 9, 15 );
161 533 : R( d, e, a, b, c, F1, K1, 5, 9 );
162 533 : R( c, d, e, a, b, F1, K1, 2, 11 );
163 533 : R( b, c, d, e, a, F1, K1, 14, 7 );
164 533 : R( a, b, c, d, e, F1, K1, 11, 13 );
165 533 : R( e, a, b, c, d, F1, K1, 8, 12 );
166 533 : R( d, e, a, b, c, F2, K2, 3, 11 );
167 533 : R( c, d, e, a, b, F2, K2, 10, 13 );
168 533 : R( b, c, d, e, a, F2, K2, 14, 6 );
169 533 : R( a, b, c, d, e, F2, K2, 4, 7 );
170 533 : R( e, a, b, c, d, F2, K2, 9, 14 );
171 533 : R( d, e, a, b, c, F2, K2, 15, 9 );
172 533 : R( c, d, e, a, b, F2, K2, 8, 13 );
173 533 : R( b, c, d, e, a, F2, K2, 1, 15 );
174 533 : R( a, b, c, d, e, F2, K2, 2, 14 );
175 533 : R( e, a, b, c, d, F2, K2, 7, 8 );
176 533 : R( d, e, a, b, c, F2, K2, 0, 13 );
177 533 : R( c, d, e, a, b, F2, K2, 6, 6 );
178 533 : R( b, c, d, e, a, F2, K2, 13, 5 );
179 533 : R( a, b, c, d, e, F2, K2, 11, 12 );
180 533 : R( e, a, b, c, d, F2, K2, 5, 7 );
181 533 : R( d, e, a, b, c, F2, K2, 12, 5 );
182 533 : R( c, d, e, a, b, F3, K3, 1, 11 );
183 533 : R( b, c, d, e, a, F3, K3, 9, 12 );
184 533 : R( a, b, c, d, e, F3, K3, 11, 14 );
185 533 : R( e, a, b, c, d, F3, K3, 10, 15 );
186 533 : R( d, e, a, b, c, F3, K3, 0, 14 );
187 533 : R( c, d, e, a, b, F3, K3, 8, 15 );
188 533 : R( b, c, d, e, a, F3, K3, 12, 9 );
189 533 : R( a, b, c, d, e, F3, K3, 4, 8 );
190 533 : R( e, a, b, c, d, F3, K3, 13, 9 );
191 533 : R( d, e, a, b, c, F3, K3, 3, 14 );
192 533 : R( c, d, e, a, b, F3, K3, 7, 5 );
193 533 : R( b, c, d, e, a, F3, K3, 15, 6 );
194 533 : R( a, b, c, d, e, F3, K3, 14, 8 );
195 533 : R( e, a, b, c, d, F3, K3, 5, 6 );
196 533 : R( d, e, a, b, c, F3, K3, 6, 5 );
197 533 : R( c, d, e, a, b, F3, K3, 2, 12 );
198 533 : R( b, c, d, e, a, F4, K4, 4, 9 );
199 533 : R( a, b, c, d, e, F4, K4, 0, 15 );
200 533 : R( e, a, b, c, d, F4, K4, 5, 5 );
201 533 : R( d, e, a, b, c, F4, K4, 9, 11 );
202 533 : R( c, d, e, a, b, F4, K4, 7, 6 );
203 533 : R( b, c, d, e, a, F4, K4, 12, 8 );
204 533 : R( a, b, c, d, e, F4, K4, 2, 13 );
205 533 : R( e, a, b, c, d, F4, K4, 10, 12 );
206 533 : R( d, e, a, b, c, F4, K4, 14, 5 );
207 533 : R( c, d, e, a, b, F4, K4, 1, 12 );
208 533 : R( b, c, d, e, a, F4, K4, 3, 13 );
209 533 : R( a, b, c, d, e, F4, K4, 8, 14 );
210 533 : R( e, a, b, c, d, F4, K4, 11, 11 );
211 533 : R( d, e, a, b, c, F4, K4, 6, 8 );
212 533 : R( c, d, e, a, b, F4, K4, 15, 5 );
213 533 : R( b, c, d, e, a, F4, K4, 13, 6 );
214 :
215 533 : aa = a; bb = b; cc = c; dd = d; ee = e;
216 :
217 : /* Right lane. */
218 533 : a = hd->h0;
219 533 : b = hd->h1;
220 533 : c = hd->h2;
221 533 : d = hd->h3;
222 533 : e = hd->h4;
223 533 : R( a, b, c, d, e, F4, KK0, 5, 8);
224 533 : R( e, a, b, c, d, F4, KK0, 14, 9);
225 533 : R( d, e, a, b, c, F4, KK0, 7, 9);
226 533 : R( c, d, e, a, b, F4, KK0, 0, 11);
227 533 : R( b, c, d, e, a, F4, KK0, 9, 13);
228 533 : R( a, b, c, d, e, F4, KK0, 2, 15);
229 533 : R( e, a, b, c, d, F4, KK0, 11, 15);
230 533 : R( d, e, a, b, c, F4, KK0, 4, 5);
231 533 : R( c, d, e, a, b, F4, KK0, 13, 7);
232 533 : R( b, c, d, e, a, F4, KK0, 6, 7);
233 533 : R( a, b, c, d, e, F4, KK0, 15, 8);
234 533 : R( e, a, b, c, d, F4, KK0, 8, 11);
235 533 : R( d, e, a, b, c, F4, KK0, 1, 14);
236 533 : R( c, d, e, a, b, F4, KK0, 10, 14);
237 533 : R( b, c, d, e, a, F4, KK0, 3, 12);
238 533 : R( a, b, c, d, e, F4, KK0, 12, 6);
239 533 : R( e, a, b, c, d, F3, KK1, 6, 9);
240 533 : R( d, e, a, b, c, F3, KK1, 11, 13);
241 533 : R( c, d, e, a, b, F3, KK1, 3, 15);
242 533 : R( b, c, d, e, a, F3, KK1, 7, 7);
243 533 : R( a, b, c, d, e, F3, KK1, 0, 12);
244 533 : R( e, a, b, c, d, F3, KK1, 13, 8);
245 533 : R( d, e, a, b, c, F3, KK1, 5, 9);
246 533 : R( c, d, e, a, b, F3, KK1, 10, 11);
247 533 : R( b, c, d, e, a, F3, KK1, 14, 7);
248 533 : R( a, b, c, d, e, F3, KK1, 15, 7);
249 533 : R( e, a, b, c, d, F3, KK1, 8, 12);
250 533 : R( d, e, a, b, c, F3, KK1, 12, 7);
251 533 : R( c, d, e, a, b, F3, KK1, 4, 6);
252 533 : R( b, c, d, e, a, F3, KK1, 9, 15);
253 533 : R( a, b, c, d, e, F3, KK1, 1, 13);
254 533 : R( e, a, b, c, d, F3, KK1, 2, 11);
255 533 : R( d, e, a, b, c, F2, KK2, 15, 9);
256 533 : R( c, d, e, a, b, F2, KK2, 5, 7);
257 533 : R( b, c, d, e, a, F2, KK2, 1, 15);
258 533 : R( a, b, c, d, e, F2, KK2, 3, 11);
259 533 : R( e, a, b, c, d, F2, KK2, 7, 8);
260 533 : R( d, e, a, b, c, F2, KK2, 14, 6);
261 533 : R( c, d, e, a, b, F2, KK2, 6, 6);
262 533 : R( b, c, d, e, a, F2, KK2, 9, 14);
263 533 : R( a, b, c, d, e, F2, KK2, 11, 12);
264 533 : R( e, a, b, c, d, F2, KK2, 8, 13);
265 533 : R( d, e, a, b, c, F2, KK2, 12, 5);
266 533 : R( c, d, e, a, b, F2, KK2, 2, 14);
267 533 : R( b, c, d, e, a, F2, KK2, 10, 13);
268 533 : R( a, b, c, d, e, F2, KK2, 0, 13);
269 533 : R( e, a, b, c, d, F2, KK2, 4, 7);
270 533 : R( d, e, a, b, c, F2, KK2, 13, 5);
271 533 : R( c, d, e, a, b, F1, KK3, 8, 15);
272 533 : R( b, c, d, e, a, F1, KK3, 6, 5);
273 533 : R( a, b, c, d, e, F1, KK3, 4, 8);
274 533 : R( e, a, b, c, d, F1, KK3, 1, 11);
275 533 : R( d, e, a, b, c, F1, KK3, 3, 14);
276 533 : R( c, d, e, a, b, F1, KK3, 11, 14);
277 533 : R( b, c, d, e, a, F1, KK3, 15, 6);
278 533 : R( a, b, c, d, e, F1, KK3, 0, 14);
279 533 : R( e, a, b, c, d, F1, KK3, 5, 6);
280 533 : R( d, e, a, b, c, F1, KK3, 12, 9);
281 533 : R( c, d, e, a, b, F1, KK3, 2, 12);
282 533 : R( b, c, d, e, a, F1, KK3, 13, 9);
283 533 : R( a, b, c, d, e, F1, KK3, 9, 12);
284 533 : R( e, a, b, c, d, F1, KK3, 7, 5);
285 533 : R( d, e, a, b, c, F1, KK3, 10, 15);
286 533 : R( c, d, e, a, b, F1, KK3, 14, 8);
287 533 : R( b, c, d, e, a, F0, KK4, 12, 8);
288 533 : R( a, b, c, d, e, F0, KK4, 15, 5);
289 533 : R( e, a, b, c, d, F0, KK4, 10, 12);
290 533 : R( d, e, a, b, c, F0, KK4, 4, 9);
291 533 : R( c, d, e, a, b, F0, KK4, 1, 12);
292 533 : R( b, c, d, e, a, F0, KK4, 5, 5);
293 533 : R( a, b, c, d, e, F0, KK4, 8, 14);
294 533 : R( e, a, b, c, d, F0, KK4, 7, 6);
295 533 : R( d, e, a, b, c, F0, KK4, 6, 8);
296 533 : R( c, d, e, a, b, F0, KK4, 2, 13);
297 533 : R( b, c, d, e, a, F0, KK4, 13, 6);
298 533 : R( a, b, c, d, e, F0, KK4, 14, 5);
299 533 : R( e, a, b, c, d, F0, KK4, 0, 15);
300 533 : R( d, e, a, b, c, F0, KK4, 3, 13);
301 533 : R( c, d, e, a, b, F0, KK4, 9, 11);
302 533 : R( b, c, d, e, a, F0, KK4, 11, 11);
303 :
304 :
305 533 : t = hd->h1 + d + cc;
306 533 : hd->h1 = hd->h2 + e + dd;
307 533 : hd->h2 = hd->h3 + a + ee;
308 533 : hd->h3 = hd->h4 + b + aa;
309 533 : hd->h4 = hd->h0 + c + bb;
310 533 : hd->h0 = t;
311 533 : }
312 :
313 :
314 : /* Update the message digest with the content of (INBUF,INLEN). */
315 : static void
316 1061 : rmd160_write (rmd160_context_t *hd, const unsigned char *inbuf, size_t inlen)
317 : {
318 1061 : if( hd->count == 64 )
319 : {
320 : /* Flush the buffer. */
321 1 : transform (hd, hd->buf);
322 1 : hd->count = 0;
323 1 : hd->nblocks++;
324 : }
325 1061 : if (!inbuf)
326 531 : return;
327 :
328 530 : if (hd->count)
329 : {
330 0 : for (; inlen && hd->count < 64; inlen--)
331 0 : hd->buf[hd->count++] = *inbuf++;
332 0 : rmd160_write (hd, NULL, 0);
333 0 : if (!inlen)
334 0 : return;
335 : }
336 :
337 1062 : while (inlen >= 64)
338 : {
339 2 : transform (hd, inbuf);
340 2 : hd->count = 0;
341 2 : hd->nblocks++;
342 2 : inlen -= 64;
343 2 : inbuf += 64;
344 : }
345 16477 : for (; inlen && hd->count < 64; inlen--)
346 15947 : hd->buf[hd->count++] = *inbuf++;
347 : }
348 :
349 :
350 : /* Complete the message computation. */
351 : static void
352 530 : rmd160_final( rmd160_context_t *hd )
353 : {
354 : u32 t, msb, lsb;
355 : unsigned char *p;
356 :
357 530 : rmd160_write (hd, NULL, 0); /* Flush buffer. */
358 :
359 530 : t = hd->nblocks;
360 : /* Multiply by 64 to make a byte count. */
361 530 : lsb = t << 6;
362 530 : msb = t >> 26;
363 : /* Add the count. */
364 530 : t = lsb;
365 530 : if ((lsb += hd->count) < t)
366 0 : msb++;
367 : /* Multiply by 8 to make a bit count. */
368 530 : t = lsb;
369 530 : lsb <<= 3;
370 530 : msb <<= 3;
371 530 : msb |= t >> 29;
372 :
373 530 : if (hd->count < 56)
374 : {
375 : /* Enough room. */
376 529 : hd->buf[hd->count++] = 0x80; /* Pad character. */
377 14268 : while (hd->count < 56)
378 13210 : hd->buf[hd->count++] = 0;
379 : }
380 : else
381 : {
382 : /* Need one extra block. */
383 1 : hd->buf[hd->count++] = 0x80; /* Pad character. */
384 3 : while (hd->count < 64)
385 1 : hd->buf[hd->count++] = 0;
386 1 : rmd160_write (hd, NULL, 0); /* Flush buffer. */
387 1 : memset (hd->buf, 0, 56); /* Fill next block with zeroes. */
388 : }
389 : /* Append the 64 bit count. */
390 530 : hd->buf[56] = lsb;
391 530 : hd->buf[57] = lsb >> 8;
392 530 : hd->buf[58] = lsb >> 16;
393 530 : hd->buf[59] = lsb >> 24;
394 530 : hd->buf[60] = msb;
395 530 : hd->buf[61] = msb >> 8;
396 530 : hd->buf[62] = msb >> 16;
397 530 : hd->buf[63] = msb >> 24;
398 530 : transform (hd, hd->buf);
399 :
400 530 : p = hd->buf;
401 : #define X(a) do { *p++ = hd->h##a; *p++ = hd->h##a >> 8; \
402 : *p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0)
403 530 : X(0);
404 530 : X(1);
405 530 : X(2);
406 530 : X(3);
407 530 : X(4);
408 : #undef X
409 530 : }
410 :
411 :
412 : /*
413 : * Compines function to put the hash value of the supplied BUFFER into
414 : * OUTBUF which must have a size of 20 bytes.
415 : */
416 : void
417 530 : rmd160_hash_buffer (void *outbuf, const void *buffer, size_t length)
418 : {
419 : rmd160_context_t hd;
420 :
421 530 : rmd160_init (&hd);
422 530 : rmd160_write (&hd, buffer, length);
423 530 : rmd160_final (&hd);
424 530 : memcpy (outbuf, hd.buf, 20);
425 530 : }
|