1
/* @(#)sha_func.c 1.2 99/12/19 Copyright 1998,1999 Heiko Eissfeldt */
4
"@(#)sha_func.c 1.2 99/12/19 Copyright 1998,1999 Heiko Eissfeldt";
7
/*____________________________________________________________________________
9
// CD Index - The Internet CD Index
11
// This program is free software; you can redistribute it and/or modify
12
// it under the terms of the GNU General Public License as published by
13
// the Free Software Foundation; either version 2 of the License, or
14
// (at your option) any later version.
16
// This program is distributed in the hope that it will be useful,
17
// but WITHOUT ANY WARRANTY; without even the implied warranty of
18
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19
// GNU General Public License for more details.
21
// You should have received a copy of the GNU General Public License
22
// along with this program; if not, write to the Free Software
23
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25
// $Id: sha_func.c,v 1.2 1999/06/04 14:10:07 marc Exp $
26
//____________________________________________________________________________
28
/* NIST Secure Hash Algorithm */
30
/* heavily modified by Uwe Hollerbach <uh@alumni.caltech edu> */
31
/* from Peter C. Gutmann's implementation as found in */
32
/* Applied Cryptography by Bruce Schneier */
33
/* Further modifications to include the "UNRAVEL" stuff, below */
34
/* portability modifications Heiko Eissfeldt */
36
/* This code is in the public domain */
42
/* UNRAVEL should be fastest & biggest */
43
/* UNROLL_LOOPS should be just as big, but slightly slower */
44
/* both undefined should be smallest and slowest */
47
/* #define UNROLL_LOOPS */
49
/* SHA f()-functions */
51
#define f1(x,y,z) ((x & y) | (~x & z))
52
#define f2(x,y,z) (x ^ y ^ z)
53
#define f3(x,y,z) ((x & y) | (x & z) | (y & z))
54
#define f4(x,y,z) (x ^ y ^ z)
58
#define CONST1 ULONG_C(0x5a827999)
59
#define CONST2 ULONG_C(0x6ed9eba1)
60
#define CONST3 ULONG_C(0x8f1bbcdc)
61
#define CONST4 ULONG_C(0xca62c1d6)
63
/* truncate to 32 bits -- should be a null op on 32-bit machines */
65
#define T32(x) ((x) & ULONG_C(0xffffffff))
69
#define R32(x,n) T32(((x << n) | (x >> (32 - n))))
71
/* the generic case, for when the overall rotation is not unraveled */
74
T = T32(R32(A,5) + CONCAT(f,n(B,C,D)) + E + *WP++ + CONCAT(CONST,n)); \
75
E = D; D = C; C = R32(B,30); B = A; A = T
77
/* specific cases, for when the overall rotation is unraveled */
80
T = T32(R32(A,5) + CONCAT(f,n(B,C,D)) + E + *WP++ + CONCAT(CONST,n)); B = R32(B,30)
83
E = T32(R32(T,5) + CONCAT(f,n(A,B,C)) + D + *WP++ + CONCAT(CONST,n)); A = R32(A,30)
86
D = T32(R32(E,5) + CONCAT(f,n(T,A,B)) + C + *WP++ + CONCAT(CONST,n)); T = R32(T,30)
89
C = T32(R32(D,5) + CONCAT(f,n(E,T,A)) + B + *WP++ + CONCAT(CONST,n)); E = R32(E,30)
92
B = T32(R32(C,5) + CONCAT(f,n(D,E,T)) + A + *WP++ + CONCAT(CONST,n)); D = R32(D,30)
95
A = T32(R32(B,5) + CONCAT(f,n(C,D,E)) + T + *WP++ + CONCAT(CONST,n)); C = R32(C,30)
97
/* do SHA transformation */
99
static void sha_transform __PR((SHA_INFO *sha_info));
101
static void sha_transform(sha_info)
106
ULONG T, A, B, C, D, E, W[80], *WP;
111
the following makes sure that at least one code block below is
112
traversed or an error is reported, without the necessity for nested
113
preprocessor if/else/endif blocks, which are a great pain in the
114
nether regions of the anatomy...
118
#if (SHA_BYTE_ORDER == 1234)
120
for (i = 0; i < 16; ++i) {
123
W[i] = ((T << 24) & ULONG_C(0xff000000)) | ((T << 8) & ULONG_C(0x00ff0000)) |
124
((T >> 8) & ULONG_C(0x0000ff00)) | ((T >> 24) & ULONG_C(0x000000ff));
126
#endif /* SHA_BYTE_ORDER == 1234 */
128
#if (SHA_BYTE_ORDER == 4321)
130
for (i = 0; i < 16; ++i) {
135
#endif /* SHA_BYTE_ORDER == 4321 */
137
#if (SHA_BYTE_ORDER == 12345678)
139
for (i = 0; i < 16; i += 2) {
142
W[i] = ((T << 24) & ULONG_C(0xff000000)) | ((T << 8) & ULONG_C(0x00ff0000)) |
143
((T >> 8) & ULONG_C(0x0000ff00)) | ((T >> 24) & ULONG_C(0x000000ff));
145
W[i+1] = ((T << 24) & ULONG_C(0xff000000)) | ((T << 8) & ULONG_C(0x00ff0000)) |
146
((T >> 8) & ULONG_C(0x0000ff00)) | ((T >> 24) & ULONG_C(0x000000ff));
148
#endif /* SHA_BYTE_ORDER == 12345678 */
150
#if (SHA_BYTE_ORDER == 87654321)
152
for (i = 0; i < 16; i += 2) {
158
#endif /* SHA_BYTE_ORDER == 87654321 */
161
error Unknown byte order -- you need to add code here
162
#endif /* SWAP_DONE */
164
for (i = 16; i < 80; ++i) {
165
W[i] = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16];
166
#if (SHA_VERSION == 1)
168
#endif /* SHA_VERSION */
170
A = sha_info->digest[0];
171
B = sha_info->digest[1];
172
C = sha_info->digest[2];
173
D = sha_info->digest[3];
174
E = sha_info->digest[4];
177
FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1); FC(1); FD(1);
178
FE(1); FT(1); FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1);
179
FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2); FE(2); FT(2);
180
FA(2); FB(2); FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2);
181
FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3); FA(3); FB(3);
182
FC(3); FD(3); FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3);
183
FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4); FC(4); FD(4);
184
FE(4); FT(4); FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4);
185
sha_info->digest[0] = T32(sha_info->digest[0] + E);
186
sha_info->digest[1] = T32(sha_info->digest[1] + T);
187
sha_info->digest[2] = T32(sha_info->digest[2] + A);
188
sha_info->digest[3] = T32(sha_info->digest[3] + B);
189
sha_info->digest[4] = T32(sha_info->digest[4] + C);
192
FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1);
193
FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1);
194
FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2);
195
FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2);
196
FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3);
197
FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3);
198
FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4);
199
FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4);
200
#else /* !UNROLL_LOOPS */
201
for (i = 0; i < 20; ++i) { FG(1); }
202
for (i = 20; i < 40; ++i) { FG(2); }
203
for (i = 40; i < 60; ++i) { FG(3); }
204
for (i = 60; i < 80; ++i) { FG(4); }
205
#endif /* !UNROLL_LOOPS */
206
sha_info->digest[0] = T32(sha_info->digest[0] + A);
207
sha_info->digest[1] = T32(sha_info->digest[1] + B);
208
sha_info->digest[2] = T32(sha_info->digest[2] + C);
209
sha_info->digest[3] = T32(sha_info->digest[3] + D);
210
sha_info->digest[4] = T32(sha_info->digest[4] + E);
211
#endif /* !UNRAVEL */
214
/* initialize the SHA digest */
216
void sha_init __PR((SHA_INFO *sha_info));
218
void sha_init(sha_info)
221
sha_info->digest[0] = ULONG_C(0x67452301);
222
sha_info->digest[1] = ULONG_C(0xefcdab89);
223
sha_info->digest[2] = ULONG_C(0x98badcfe);
224
sha_info->digest[3] = ULONG_C(0x10325476);
225
sha_info->digest[4] = ULONG_C(0xc3d2e1f0);
226
sha_info->count_lo = 0L;
227
sha_info->count_hi = 0L;
231
/* update the SHA digest */
233
void sha_update __PR((SHA_INFO *sha_info, BYTE *buffer, int count));
235
void sha_update(sha_info, buffer, count)
243
clo = T32(sha_info->count_lo + ((ULONG) count << 3));
244
if (clo < sha_info->count_lo) {
245
++sha_info->count_hi;
247
sha_info->count_lo = clo;
248
sha_info->count_hi += (ULONG) count >> 29;
249
if (sha_info->local) {
250
i = SHA_BLOCKSIZE - sha_info->local;
254
memcpy(((BYTE *) sha_info->data) + sha_info->local, buffer, i);
257
sha_info->local += i;
258
if (sha_info->local == SHA_BLOCKSIZE) {
259
sha_transform(sha_info);
264
while (count >= SHA_BLOCKSIZE) {
265
memcpy(sha_info->data, buffer, SHA_BLOCKSIZE);
266
buffer += SHA_BLOCKSIZE;
267
count -= SHA_BLOCKSIZE;
268
sha_transform(sha_info);
270
memcpy(sha_info->data, buffer, count);
271
sha_info->local = count;
274
/* finish computing the SHA digest */
276
void sha_final __PR((unsigned char digest[20], SHA_INFO *sha_info));
278
void sha_final(digest, sha_info)
279
unsigned char digest[20];
283
ULONG lo_bit_count, hi_bit_count;
285
lo_bit_count = sha_info->count_lo;
286
hi_bit_count = sha_info->count_hi;
287
count = (int) ((lo_bit_count >> 3) & 0x3f);
288
((BYTE *) sha_info->data)[count++] = 0x80;
289
if (count > SHA_BLOCKSIZE - 8) {
290
memset(((BYTE *) sha_info->data) + count, 0, SHA_BLOCKSIZE - count);
291
sha_transform(sha_info);
292
memset((BYTE *) sha_info->data, 0, SHA_BLOCKSIZE - 8);
294
memset(((BYTE *) sha_info->data) + count, 0,
295
SHA_BLOCKSIZE - 8 - count);
297
sha_info->data[56] = (unsigned char) ((hi_bit_count >> 24) & 0xff);
298
sha_info->data[57] = (unsigned char) ((hi_bit_count >> 16) & 0xff);
299
sha_info->data[58] = (unsigned char) ((hi_bit_count >> 8) & 0xff);
300
sha_info->data[59] = (unsigned char) ((hi_bit_count >> 0) & 0xff);
301
sha_info->data[60] = (unsigned char) ((lo_bit_count >> 24) & 0xff);
302
sha_info->data[61] = (unsigned char) ((lo_bit_count >> 16) & 0xff);
303
sha_info->data[62] = (unsigned char) ((lo_bit_count >> 8) & 0xff);
304
sha_info->data[63] = (unsigned char) ((lo_bit_count >> 0) & 0xff);
305
sha_transform(sha_info);
306
digest[ 0] = (unsigned char) ((sha_info->digest[0] >> 24) & 0xff);
307
digest[ 1] = (unsigned char) ((sha_info->digest[0] >> 16) & 0xff);
308
digest[ 2] = (unsigned char) ((sha_info->digest[0] >> 8) & 0xff);
309
digest[ 3] = (unsigned char) ((sha_info->digest[0] ) & 0xff);
310
digest[ 4] = (unsigned char) ((sha_info->digest[1] >> 24) & 0xff);
311
digest[ 5] = (unsigned char) ((sha_info->digest[1] >> 16) & 0xff);
312
digest[ 6] = (unsigned char) ((sha_info->digest[1] >> 8) & 0xff);
313
digest[ 7] = (unsigned char) ((sha_info->digest[1] ) & 0xff);
314
digest[ 8] = (unsigned char) ((sha_info->digest[2] >> 24) & 0xff);
315
digest[ 9] = (unsigned char) ((sha_info->digest[2] >> 16) & 0xff);
316
digest[10] = (unsigned char) ((sha_info->digest[2] >> 8) & 0xff);
317
digest[11] = (unsigned char) ((sha_info->digest[2] ) & 0xff);
318
digest[12] = (unsigned char) ((sha_info->digest[3] >> 24) & 0xff);
319
digest[13] = (unsigned char) ((sha_info->digest[3] >> 16) & 0xff);
320
digest[14] = (unsigned char) ((sha_info->digest[3] >> 8) & 0xff);
321
digest[15] = (unsigned char) ((sha_info->digest[3] ) & 0xff);
322
digest[16] = (unsigned char) ((sha_info->digest[4] >> 24) & 0xff);
323
digest[17] = (unsigned char) ((sha_info->digest[4] >> 16) & 0xff);
324
digest[18] = (unsigned char) ((sha_info->digest[4] >> 8) & 0xff);
325
digest[19] = (unsigned char) ((sha_info->digest[4] ) & 0xff);
330
/* compute the SHA digest of a FILE stream */
332
#define BLOCK_SIZE 8192
334
void sha_stream __PR((unsigned char digest[20], SHA_INFO *sha_info, FILE *fin));
336
void sha_stream(digest, sha_info, fin)
337
unsigned char digest[20];
342
BYTE data[BLOCK_SIZE];
345
while ((i = fread(data, 1, BLOCK_SIZE, fin)) > 0) {
346
sha_update(sha_info, data, i);
348
sha_final(digest, sha_info);
351
/* print a SHA digest */
353
void sha_print __PR((unsigned char digest[20]));
355
void sha_print(digest)
356
unsigned char digest[20];
360
for (j = 0; j < 5; ++j) {
361
for (i = 0; i < 4; ++i) {
362
printf("%02x", *digest++);
364
printf("%c", (j < 4) ? ' ' : '\n');
368
char *sha_version __PR((void));
372
#if (SHA_VERSION == 1)
373
static char *version = "SHA-1";
375
static char *version = "SHA";
380
#endif /* SHA_FOR_C */