Mercurial > projects > hoofbaby
comparison deps/Platinum/ThirdParty/Neptune/ThirdParty/axTLS/crypto/sha1.c @ 0:3425707ddbf6
Initial import (hopefully this mercurial stuff works...)
author | fraserofthenight |
---|---|
date | Mon, 06 Jul 2009 08:06:28 -0700 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:3425707ddbf6 |
---|---|
1 /* | |
2 * Copyright (c) 2007, Cameron Rich | |
3 * | |
4 * All rights reserved. | |
5 * | |
6 * Redistribution and use in source and binary forms, with or without | |
7 * modification, are permitted provided that the following conditions are met: | |
8 * | |
9 * * Redistributions of source code must retain the above copyright notice, | |
10 * this list of conditions and the following disclaimer. | |
11 * * Redistributions in binary form must reproduce the above copyright notice, | |
12 * this list of conditions and the following disclaimer in the documentation | |
13 * and/or other materials provided with the distribution. | |
14 * * Neither the name of the axTLS project nor the names of its contributors | |
15 * may be used to endorse or promote products derived from this software | |
16 * without specific prior written permission. | |
17 * | |
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR | |
22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, | |
23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, | |
24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR | |
25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF | |
26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | |
28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
29 */ | |
30 | |
31 /** | |
32 * SHA1 implementation - as defined in FIPS PUB 180-1 published April 17, 1995. | |
33 * This code was originally taken from RFC3174 | |
34 */ | |
35 | |
36 #include <string.h> | |
37 #include "crypto.h" | |
38 | |
39 /* | |
40 * Define the SHA1 circular left shift macro | |
41 */ | |
42 #define SHA1CircularShift(bits,word) \ | |
43 (((word) << (bits)) | ((word) >> (32-(bits)))) | |
44 | |
45 /* ----- static functions ----- */ | |
46 static void SHA1PadMessage(SHA1_CTX *ctx); | |
47 static void SHA1ProcessMessageBlock(SHA1_CTX *ctx); | |
48 | |
49 /** | |
50 * Initialize the SHA1 context | |
51 */ | |
52 void SHA1_Init(SHA1_CTX *ctx) | |
53 { | |
54 ctx->Length_Low = 0; | |
55 ctx->Length_High = 0; | |
56 ctx->Message_Block_Index = 0; | |
57 ctx->Intermediate_Hash[0] = 0x67452301; | |
58 ctx->Intermediate_Hash[1] = 0xEFCDAB89; | |
59 ctx->Intermediate_Hash[2] = 0x98BADCFE; | |
60 ctx->Intermediate_Hash[3] = 0x10325476; | |
61 ctx->Intermediate_Hash[4] = 0xC3D2E1F0; | |
62 } | |
63 | |
64 /** | |
65 * Accepts an array of octets as the next portion of the message. | |
66 */ | |
67 void SHA1_Update(SHA1_CTX *ctx, const uint8_t *msg, int len) | |
68 { | |
69 while (len--) | |
70 { | |
71 ctx->Message_Block[ctx->Message_Block_Index++] = (*msg & 0xFF); | |
72 ctx->Length_Low += 8; | |
73 | |
74 if (ctx->Length_Low == 0) | |
75 ctx->Length_High++; | |
76 | |
77 if (ctx->Message_Block_Index == 64) | |
78 SHA1ProcessMessageBlock(ctx); | |
79 | |
80 msg++; | |
81 } | |
82 } | |
83 | |
84 /** | |
85 * Return the 160-bit message digest into the user's array | |
86 */ | |
87 void SHA1_Final(uint8_t *digest, SHA1_CTX *ctx) | |
88 { | |
89 int i; | |
90 | |
91 SHA1PadMessage(ctx); | |
92 memset(ctx->Message_Block, 0, 64); | |
93 ctx->Length_Low = 0; /* and clear length */ | |
94 ctx->Length_High = 0; | |
95 | |
96 for (i = 0; i < SHA1_SIZE; i++) | |
97 { | |
98 digest[i] = ctx->Intermediate_Hash[i>>2] >> 8 * ( 3 - ( i & 0x03 ) ); | |
99 } | |
100 } | |
101 | |
102 /** | |
103 * Process the next 512 bits of the message stored in the array. | |
104 */ | |
105 static void SHA1ProcessMessageBlock(SHA1_CTX *ctx) | |
106 { | |
107 const uint32_t K[] = { /* Constants defined in SHA-1 */ | |
108 0x5A827999, | |
109 0x6ED9EBA1, | |
110 0x8F1BBCDC, | |
111 0xCA62C1D6 | |
112 }; | |
113 int t; /* Loop counter */ | |
114 uint32_t temp; /* Temporary word value */ | |
115 uint32_t W[80]; /* Word sequence */ | |
116 uint32_t A, B, C, D, E; /* Word buffers */ | |
117 | |
118 /* | |
119 * Initialize the first 16 words in the array W | |
120 */ | |
121 for (t = 0; t < 16; t++) | |
122 { | |
123 W[t] = ctx->Message_Block[t * 4] << 24; | |
124 W[t] |= ctx->Message_Block[t * 4 + 1] << 16; | |
125 W[t] |= ctx->Message_Block[t * 4 + 2] << 8; | |
126 W[t] |= ctx->Message_Block[t * 4 + 3]; | |
127 } | |
128 | |
129 for (t = 16; t < 80; t++) | |
130 { | |
131 W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]); | |
132 } | |
133 | |
134 A = ctx->Intermediate_Hash[0]; | |
135 B = ctx->Intermediate_Hash[1]; | |
136 C = ctx->Intermediate_Hash[2]; | |
137 D = ctx->Intermediate_Hash[3]; | |
138 E = ctx->Intermediate_Hash[4]; | |
139 | |
140 for (t = 0; t < 20; t++) | |
141 { | |
142 temp = SHA1CircularShift(5,A) + | |
143 ((B & C) | ((~B) & D)) + E + W[t] + K[0]; | |
144 E = D; | |
145 D = C; | |
146 C = SHA1CircularShift(30,B); | |
147 | |
148 B = A; | |
149 A = temp; | |
150 } | |
151 | |
152 for (t = 20; t < 40; t++) | |
153 { | |
154 temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1]; | |
155 E = D; | |
156 D = C; | |
157 C = SHA1CircularShift(30,B); | |
158 B = A; | |
159 A = temp; | |
160 } | |
161 | |
162 for (t = 40; t < 60; t++) | |
163 { | |
164 temp = SHA1CircularShift(5,A) + | |
165 ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2]; | |
166 E = D; | |
167 D = C; | |
168 C = SHA1CircularShift(30,B); | |
169 B = A; | |
170 A = temp; | |
171 } | |
172 | |
173 for (t = 60; t < 80; t++) | |
174 { | |
175 temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3]; | |
176 E = D; | |
177 D = C; | |
178 C = SHA1CircularShift(30,B); | |
179 B = A; | |
180 A = temp; | |
181 } | |
182 | |
183 ctx->Intermediate_Hash[0] += A; | |
184 ctx->Intermediate_Hash[1] += B; | |
185 ctx->Intermediate_Hash[2] += C; | |
186 ctx->Intermediate_Hash[3] += D; | |
187 ctx->Intermediate_Hash[4] += E; | |
188 ctx->Message_Block_Index = 0; | |
189 } | |
190 | |
191 /* | |
192 * According to the standard, the message must be padded to an even | |
193 * 512 bits. The first padding bit must be a '1'. The last 64 | |
194 * bits represent the length of the original message. All bits in | |
195 * between should be 0. This function will pad the message | |
196 * according to those rules by filling the Message_Block array | |
197 * accordingly. It will also call the ProcessMessageBlock function | |
198 * provided appropriately. When it returns, it can be assumed that | |
199 * the message digest has been computed. | |
200 * | |
201 * @param ctx [in, out] The SHA1 context | |
202 */ | |
203 static void SHA1PadMessage(SHA1_CTX *ctx) | |
204 { | |
205 /* | |
206 * Check to see if the current message block is too small to hold | |
207 * the initial padding bits and length. If so, we will pad the | |
208 * block, process it, and then continue padding into a second | |
209 * block. | |
210 */ | |
211 if (ctx->Message_Block_Index > 55) | |
212 { | |
213 ctx->Message_Block[ctx->Message_Block_Index++] = 0x80; | |
214 while(ctx->Message_Block_Index < 64) | |
215 { | |
216 ctx->Message_Block[ctx->Message_Block_Index++] = 0; | |
217 } | |
218 | |
219 SHA1ProcessMessageBlock(ctx); | |
220 | |
221 while (ctx->Message_Block_Index < 56) | |
222 { | |
223 ctx->Message_Block[ctx->Message_Block_Index++] = 0; | |
224 } | |
225 } | |
226 else | |
227 { | |
228 ctx->Message_Block[ctx->Message_Block_Index++] = 0x80; | |
229 while(ctx->Message_Block_Index < 56) | |
230 { | |
231 | |
232 ctx->Message_Block[ctx->Message_Block_Index++] = 0; | |
233 } | |
234 } | |
235 | |
236 /* | |
237 * Store the message length as the last 8 octets | |
238 */ | |
239 ctx->Message_Block[56] = ctx->Length_High >> 24; | |
240 ctx->Message_Block[57] = ctx->Length_High >> 16; | |
241 ctx->Message_Block[58] = ctx->Length_High >> 8; | |
242 ctx->Message_Block[59] = ctx->Length_High; | |
243 ctx->Message_Block[60] = ctx->Length_Low >> 24; | |
244 ctx->Message_Block[61] = ctx->Length_Low >> 16; | |
245 ctx->Message_Block[62] = ctx->Length_Low >> 8; | |
246 ctx->Message_Block[63] = ctx->Length_Low; | |
247 SHA1ProcessMessageBlock(ctx); | |
248 } |