1
1
/* sha1.c - Functions to compute SHA1 message digest of files or
2
2
memory blocks according to the NIST specification FIPS-180-1.
4
Copyright (C) 2000, 2001, 2003, 2004, 2005, 2006, 2008 Free Software
4
Copyright (C) 2000-2001, 2003-2006, 2008-2015 Free Software Foundation, Inc.
7
6
This program is free software; you can redistribute it and/or modify it
8
7
under the terms of the GNU General Public License as published by the
15
14
GNU General Public License for more details.
17
16
You should have received a copy of the GNU General Public License
18
along with this program; if not, write to the Free Software Foundation,
19
Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
17
along with this program; if not, see <http://www.gnu.org/licenses/>. */
21
19
/* Written by Scott G. Miller
41
44
(((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
44
#define BLOCKSIZE 4096
47
#define BLOCKSIZE 32768
45
48
#if BLOCKSIZE % 64 != 0
46
49
# error "invalid BLOCKSIZE"
52
#if ! HAVE_OPENSSL_SHA1
49
53
/* This array contains the bytes used to pad the buffer to the next
50
54
64-byte boundary. (RFC 1321, 3.1: Step 1) */
51
55
static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
70
74
/* Copy the 4 byte value from v into the memory location pointed to by *cp,
71
75
If your architecture allows unaligned access this is equivalent to
72
76
* (uint32_t *) cp = v */
74
78
set_uint32 (char *cp, uint32_t v)
76
80
memcpy (cp, &v, sizeof v);
124
129
sha1_stream (FILE *stream, void *resblock)
126
131
struct sha1_ctx ctx;
127
char buffer[BLOCKSIZE + 72];
134
char *buffer = malloc (BLOCKSIZE + 72);
130
138
/* Initialize the computation context. */
131
139
sha1_init_ctx (&ctx);
136
144
/* We read the file in blocks of BLOCKSIZE bytes. One call of the
137
computation function processes the whole buffer so that with the
138
next round of the loop another block can be read. */
145
computation function processes the whole buffer so that with the
146
next round of the loop another block can be read. */
142
150
/* Read block. Take care for partial reads. */
145
n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream);
149
if (sum == BLOCKSIZE)
154
/* Check for the error flag IFF N == 0, so that we don't
155
exit the loop after a partial read due to e.g., EAGAIN
159
goto process_partial_block;
162
/* We've read at least one byte, so ignore errors. But always
163
check for EOF, since feof may be true even though N > 0.
164
Otherwise, we could end up calling fread after EOF. */
166
goto process_partial_block;
153
n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream);
157
if (sum == BLOCKSIZE)
162
/* Check for the error flag IFF N == 0, so that we don't
163
exit the loop after a partial read due to e.g., EAGAIN
170
goto process_partial_block;
173
/* We've read at least one byte, so ignore errors. But always
174
check for EOF, since feof may be true even though N > 0.
175
Otherwise, we could end up calling fread after EOF. */
177
goto process_partial_block;
169
180
/* Process buffer with BLOCKSIZE bytes. Note that
172
183
sha1_process_block (buffer, BLOCKSIZE, &ctx);
181
192
/* Construct result in desired memory. */
182
193
sha1_finish_ctx (&ctx, resblock);
198
#if ! HAVE_OPENSSL_SHA1
186
199
/* Compute SHA1 message digest for LEN bytes beginning at BUFFER. The
187
200
result is always in little endian byte order, so that a byte-wise
188
201
output yields to the wanted ASCII representation of the message
216
229
ctx->buflen += add;
218
231
if (ctx->buflen > 64)
220
sha1_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
233
sha1_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
223
/* The regions in the following copy operation cannot overlap. */
225
&((char *) ctx->buffer)[(left_over + add) & ~63],
236
/* The regions in the following copy operation cannot overlap. */
238
&((char *) ctx->buffer)[(left_over + add) & ~63],
229
242
buffer = (const char *) buffer + add;
236
249
#if !_STRING_ARCH_unaligned
237
# define alignof(type) offsetof (struct { char c; type x; }, x)
238
# define UNALIGNED_P(p) (((size_t) p) % alignof (uint32_t) != 0)
250
# define UNALIGNED_P(p) ((uintptr_t) (p) % alignof (uint32_t) != 0)
239
251
if (UNALIGNED_P (buffer))
242
sha1_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
243
buffer = (const char *) buffer + 64;
254
sha1_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
255
buffer = (const char *) buffer + 64;
249
sha1_process_block (buffer, len & ~63, ctx);
250
buffer = (const char *) buffer + (len & ~63);
261
sha1_process_block (buffer, len & ~63, ctx);
262
buffer = (const char *) buffer + (len & ~63);
255
267
/* Move remaining bytes in internal buffer. */
260
272
memcpy (&((char *) ctx->buffer)[left_over], buffer, len);
261
273
left_over += len;
262
274
if (left_over >= 64)
264
sha1_process_block (ctx->buffer, 64, ctx);
266
memcpy (ctx->buffer, &ctx->buffer[16], left_over);
276
sha1_process_block (ctx->buffer, 64, ctx);
278
memcpy (ctx->buffer, &ctx->buffer[16], left_over);
268
280
ctx->buflen = left_over;
299
311
uint32_t c = ctx->C;
300
312
uint32_t d = ctx->D;
301
313
uint32_t e = ctx->E;
314
uint32_t lolen = len;
303
316
/* First increment the byte count. RFC 1321 specifies the possible
304
317
length of the file up to 2^64 bits. Here we only compute the
305
318
number of bytes. Do a double word increment. */
306
ctx->total[0] += len;
307
if (ctx->total[0] < len)
319
ctx->total[0] += lolen;
320
ctx->total[1] += (len >> 31 >> 1) + (ctx->total[0] < lolen);
310
322
#define rol(x, n) (((x) << (n)) | ((uint32_t) (x) >> (32 - (n))))
312
324
#define M(I) ( tm = x[I&0x0f] ^ x[(I-14)&0x0f] \
313
^ x[(I-8)&0x0f] ^ x[(I-3)&0x0f] \
314
, (x[I&0x0f] = rol(tm, 1)) )
325
^ x[(I-8)&0x0f] ^ x[(I-3)&0x0f] \
326
, (x[I&0x0f] = rol(tm, 1)) )
316
328
#define R(A,B,C,D,E,F,K,M) do { E += rol( A, 5 ) \
323
335
while (words < endp)
327
339
for (t = 0; t < 16; t++)
329
x[t] = SWAP (*words);
341
x[t] = SWAP (*words);
333
345
R( a, b, c, d, e, F1, K1, x[ 0] );
334
346
R( e, a, b, c, d, F1, K1, x[ 1] );