Line data Source code
1 : /*
2 : * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
3 : * (Royal Institute of Technology, Stockholm, Sweden).
4 : * All rights reserved.
5 : *
6 : * Redistribution and use in source and binary forms, with or without
7 : * modification, are permitted provided that the following conditions
8 : * are met:
9 : *
10 : * 1. Redistributions of source code must retain the above copyright
11 : * notice, this list of conditions and the following disclaimer.
12 : *
13 : * 2. Redistributions in binary form must reproduce the above copyright
14 : * notice, this list of conditions and the following disclaimer in the
15 : * documentation and/or other materials provided with the distribution.
16 : *
17 : * 3. Neither the name of the Institute nor the names of its contributors
18 : * may be used to endorse or promote products derived from this software
19 : * without specific prior written permission.
20 : *
21 : * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 : * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 : * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 : * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 : * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 : * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 : * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 : * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 : * SUCH DAMAGE.
32 : */
33 :
34 : #include "config.h"
35 :
36 : #include "hash.h"
37 : #include "sha.h"
38 :
39 : #define A m->counter[0]
40 : #define B m->counter[1]
41 : #define C m->counter[2]
42 : #define D m->counter[3]
43 : #define E m->counter[4]
44 : #define X data
45 :
46 : void
47 885071338 : SHA1_Init (struct sha *m)
48 : {
49 885071338 : m->sz[0] = 0;
50 885071338 : m->sz[1] = 0;
51 885071338 : A = 0x67452301;
52 885071338 : B = 0xefcdab89;
53 885071338 : C = 0x98badcfe;
54 885071338 : D = 0x10325476;
55 885071338 : E = 0xc3d2e1f0;
56 885071338 : }
57 :
58 :
59 : #define F0(x,y,z) CRAYFIX((x & y) | (~x & z))
60 : #define F1(x,y,z) (x ^ y ^ z)
61 : #define F2(x,y,z) ((x & y) | (x & z) | (y & z))
62 : #define F3(x,y,z) F1(x,y,z)
63 :
64 : #define K0 0x5a827999
65 : #define K1 0x6ed9eba1
66 : #define K2 0x8f1bbcdc
67 : #define K3 0xca62c1d6
68 :
69 : #define DO(t,f,k) \
70 : do { \
71 : uint32_t temp; \
72 : \
73 : temp = cshift(AA, 5) + f(BB,CC,DD) + EE + data[t] + k; \
74 : EE = DD; \
75 : DD = CC; \
76 : CC = cshift(BB, 30); \
77 : BB = AA; \
78 : AA = temp; \
79 : } while(0)
80 :
81 : static inline void
82 2179041714 : calc (struct sha *m, uint32_t *in)
83 : {
84 : uint32_t AA, BB, CC, DD, EE;
85 : uint32_t data[80];
86 : int i;
87 :
88 2179041714 : AA = A;
89 2179041714 : BB = B;
90 2179041714 : CC = C;
91 2179041714 : DD = D;
92 2179041714 : EE = E;
93 :
94 37043709138 : for (i = 0; i < 16; ++i)
95 34864667424 : data[i] = in[i];
96 >14160*10^7 : for (i = 16; i < 80; ++i)
97 >14167*10^7 : data[i] = cshift(data[i-3] ^ data[i-8] ^ data[i-14] ^ data[i-16], 1);
98 :
99 : /* t=[0,19] */
100 :
101 2213604003 : DO(0,F0,K0);
102 2213604003 : DO(1,F0,K0);
103 2213604003 : DO(2,F0,K0);
104 2213604003 : DO(3,F0,K0);
105 2213604003 : DO(4,F0,K0);
106 2213604003 : DO(5,F0,K0);
107 2213604003 : DO(6,F0,K0);
108 2213604003 : DO(7,F0,K0);
109 2213604003 : DO(8,F0,K0);
110 2213604003 : DO(9,F0,K0);
111 2213604003 : DO(10,F0,K0);
112 2213604003 : DO(11,F0,K0);
113 2213604003 : DO(12,F0,K0);
114 2213604003 : DO(13,F0,K0);
115 2213604003 : DO(14,F0,K0);
116 2213604003 : DO(15,F0,K0);
117 2213604003 : DO(16,F0,K0);
118 2213604003 : DO(17,F0,K0);
119 2213604003 : DO(18,F0,K0);
120 2213604003 : DO(19,F0,K0);
121 :
122 : /* t=[20,39] */
123 :
124 2213604003 : DO(20,F1,K1);
125 2213604003 : DO(21,F1,K1);
126 2213604003 : DO(22,F1,K1);
127 2213604003 : DO(23,F1,K1);
128 2213604003 : DO(24,F1,K1);
129 2213604003 : DO(25,F1,K1);
130 2213604003 : DO(26,F1,K1);
131 2213604003 : DO(27,F1,K1);
132 2213604003 : DO(28,F1,K1);
133 2213604003 : DO(29,F1,K1);
134 2213604003 : DO(30,F1,K1);
135 2213604003 : DO(31,F1,K1);
136 2213604003 : DO(32,F1,K1);
137 2213604003 : DO(33,F1,K1);
138 2213604003 : DO(34,F1,K1);
139 2213604003 : DO(35,F1,K1);
140 2213604003 : DO(36,F1,K1);
141 2213604003 : DO(37,F1,K1);
142 2213604003 : DO(38,F1,K1);
143 2213604003 : DO(39,F1,K1);
144 :
145 : /* t=[40,59] */
146 :
147 2213604003 : DO(40,F2,K2);
148 2213604003 : DO(41,F2,K2);
149 2213604003 : DO(42,F2,K2);
150 2213604003 : DO(43,F2,K2);
151 2213604003 : DO(44,F2,K2);
152 2213604003 : DO(45,F2,K2);
153 2213604003 : DO(46,F2,K2);
154 2213604003 : DO(47,F2,K2);
155 2213604003 : DO(48,F2,K2);
156 2213604003 : DO(49,F2,K2);
157 2213604003 : DO(50,F2,K2);
158 2213604003 : DO(51,F2,K2);
159 2213604003 : DO(52,F2,K2);
160 2213604003 : DO(53,F2,K2);
161 2213604003 : DO(54,F2,K2);
162 2213604003 : DO(55,F2,K2);
163 2213604003 : DO(56,F2,K2);
164 2213604003 : DO(57,F2,K2);
165 2213604003 : DO(58,F2,K2);
166 2213604003 : DO(59,F2,K2);
167 :
168 : /* t=[60,79] */
169 :
170 2213604003 : DO(60,F3,K3);
171 2213604003 : DO(61,F3,K3);
172 2213604003 : DO(62,F3,K3);
173 2213604003 : DO(63,F3,K3);
174 2213604003 : DO(64,F3,K3);
175 2213604003 : DO(65,F3,K3);
176 2213604003 : DO(66,F3,K3);
177 2213604003 : DO(67,F3,K3);
178 2213604003 : DO(68,F3,K3);
179 2213604003 : DO(69,F3,K3);
180 2213604003 : DO(70,F3,K3);
181 2213604003 : DO(71,F3,K3);
182 2213604003 : DO(72,F3,K3);
183 2213604003 : DO(73,F3,K3);
184 2213604003 : DO(74,F3,K3);
185 2213604003 : DO(75,F3,K3);
186 2213604003 : DO(76,F3,K3);
187 2213604003 : DO(77,F3,K3);
188 2213604003 : DO(78,F3,K3);
189 2213604003 : DO(79,F3,K3);
190 :
191 2179041714 : A += AA;
192 2179041714 : B += BB;
193 2179041714 : C += CC;
194 2179041714 : D += DD;
195 2179041714 : E += EE;
196 2179041714 : }
197 :
198 : /*
199 : * From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
200 : */
201 :
202 : #if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
203 : static inline uint32_t
204 34311670800 : swap_uint32_t (uint32_t t)
205 : {
206 : #define ROL(x,n) ((x)<<(n))|((x)>>(32-(n)))
207 : uint32_t temp1, temp2;
208 :
209 34864667424 : temp1 = cshift(t, 16);
210 34864667424 : temp2 = temp1 >> 8;
211 34864667424 : temp1 &= 0x00ff00ff;
212 34864667424 : temp2 &= 0x00ff00ff;
213 34864667424 : temp1 <<= 8;
214 34864667424 : return temp1 | temp2;
215 : }
216 : #endif
217 :
218 : struct x32{
219 : unsigned int a:32;
220 : unsigned int b:32;
221 : };
222 :
223 : void
224 2537735562 : SHA1_Update (struct sha *m, const void *v, size_t len)
225 : {
226 2537735562 : const unsigned char *p = v;
227 2537735562 : size_t old_sz = m->sz[0];
228 : size_t offset;
229 :
230 2537735562 : m->sz[0] += len * 8;
231 2537735562 : if (m->sz[0] < old_sz)
232 0 : ++m->sz[1];
233 2537735562 : offset = (old_sz / 8) % 64;
234 8135243647 : while(len > 0){
235 3059772523 : size_t l = min(len, 64 - offset);
236 3108546299 : memcpy(m->save + offset, p, l);
237 3059772523 : offset += l;
238 3059772523 : p += l;
239 3059772523 : len -= l;
240 3059772523 : if(offset == 64){
241 : #if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
242 : int i;
243 : uint32_t SHA1current[16];
244 2144479425 : struct x32 *us = (struct x32*)m->save;
245 19576813137 : for(i = 0; i < 8; i++){
246 17708832024 : SHA1current[2*i+0] = swap_uint32_t(us[i].a);
247 17708832024 : SHA1current[2*i+1] = swap_uint32_t(us[i].b);
248 : }
249 2179041714 : calc(m, SHA1current);
250 : #else
251 : calc(m, (uint32_t*)m->save);
252 : #endif
253 2179041714 : offset = 0;
254 : }
255 : }
256 2537735562 : }
257 :
258 : void
259 885071338 : SHA1_Final (void *res, struct sha *m)
260 : {
261 : unsigned char zeros[72];
262 885071338 : unsigned offset = (m->sz[0] / 8) % 64;
263 885071338 : unsigned int dstart = (120 - offset - 1) % 64 + 1;
264 :
265 885071338 : *zeros = 0x80;
266 899285322 : memset (zeros + 1, 0, sizeof(zeros) - 1);
267 885071338 : zeros[dstart+7] = (m->sz[0] >> 0) & 0xff;
268 885071338 : zeros[dstart+6] = (m->sz[0] >> 8) & 0xff;
269 885071338 : zeros[dstart+5] = (m->sz[0] >> 16) & 0xff;
270 885071338 : zeros[dstart+4] = (m->sz[0] >> 24) & 0xff;
271 885071338 : zeros[dstart+3] = (m->sz[1] >> 0) & 0xff;
272 885071338 : zeros[dstart+2] = (m->sz[1] >> 8) & 0xff;
273 885071338 : zeros[dstart+1] = (m->sz[1] >> 16) & 0xff;
274 885071338 : zeros[dstart+0] = (m->sz[1] >> 24) & 0xff;
275 885071338 : SHA1_Update (m, zeros, dstart + 8);
276 : {
277 : int i;
278 885071338 : unsigned char *r = (unsigned char*)res;
279 :
280 5310428028 : for (i = 0; i < 5; ++i) {
281 4425356690 : r[4*i+3] = m->counter[i] & 0xFF;
282 4425356690 : r[4*i+2] = (m->counter[i] >> 8) & 0xFF;
283 4425356690 : r[4*i+1] = (m->counter[i] >> 16) & 0xFF;
284 4425356690 : r[4*i] = (m->counter[i] >> 24) & 0xFF;
285 : }
286 : }
287 : #if 0
288 : {
289 : int i;
290 : uint32_t *r = (uint32_t *)res;
291 :
292 : for (i = 0; i < 5; ++i)
293 : r[i] = swap_uint32_t (m->counter[i]);
294 : }
295 : #endif
296 885071338 : }
|