2
* Copyright (c) 2001-2003 Allan Saddi <allan@saddi.com>
5
* Redistribution and use in source and binary forms, with or without
6
* modification, are permitted provided that the following conditions
8
* 1. Redistributions of source code must retain the above copyright
9
* notice, this list of conditions and the following disclaimer.
10
* 2. Redistributions in binary form must reproduce the above copyright
11
* notice, this list of conditions and the following disclaimer in the
12
* documentation and/or other materials provided with the distribution.
14
* THIS SOFTWARE IS PROVIDED BY ALLAN SADDI AND HIS CONTRIBUTORS ``AS IS''
15
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17
* ARE DISCLAIMED. IN NO EVENT SHALL ALLAN SADDI OR HIS CONTRIBUTORS BE
18
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
19
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
20
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
21
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
22
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
23
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
24
* POSSIBILITY OF SUCH DAMAGE.
26
* $Id: sha1.c 680 2003-07-25 21:57:38Z asaddi $
30
* Define WORDS_BIGENDIAN if compiling on a big-endian architecture.
32
* Define SHA1_TEST to test the implementation using the NIST's
33
* sample messages. The output should be:
35
* a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
36
* 84983e44 1c3bd26e baae4aa1 f95129e5 e54670f1
37
* 34aa973c d4c4daa4 f61eeb2b dbad2731 6534016f
41
#include "clamav-config.h"
42
#endif /* HAVE_CONFIG_H */
45
# include <inttypes.h>
57
static const char rcsid[] =
58
"$Id: sha1.c 680 2003-07-25 21:57:38Z asaddi $";
61
#define ROTL(x, n) (((x) << (n)) | ((x) >> (32 - (n))))
62
#define ROTR(x, n) (((x) >> (n)) | ((x) << (32 - (n))))
64
#define F_0_19(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
65
#define F_20_39(x, y, z) ((x) ^ (y) ^ (z))
66
#define F_40_59(x, y, z) (((x) & ((y) | (z))) | ((y) & (z)))
67
#define F_60_79(x, y, z) ((x) ^ (y) ^ (z))
69
#define DO_ROUND(F, K) { \
70
temp = ROTL(a, 5) + F(b, c, d) + e + *(W++) + K; \
78
#define K_0_19 0x5a827999L
79
#define K_20_39 0x6ed9eba1L
80
#define K_40_59 0x8f1bbcdcL
81
#define K_60_79 0xca62c1d6L
83
#ifndef RUNTIME_ENDIAN
85
#if WORDS_BIGENDIAN == 1
87
#define BYTESWAP(x) (x)
88
#define BYTESWAP64(x) (x)
90
#else /* WORDS_BIGENDIAN */
92
#define BYTESWAP(x) ((ROTR((x), 8) & 0xff00ff00L) | \
93
(ROTL((x), 8) & 0x00ff00ffL))
94
#define BYTESWAP64(x) _byteswap64(x)
96
static inline uint64_t _byteswap64(uint64_t x)
99
uint32_t b = (uint32_t) x;
100
return ((uint64_t) BYTESWAP(b) << 32) | (uint64_t) BYTESWAP(a);
103
#endif /* WORDS_BIGENDIAN */
105
#else /* !RUNTIME_ENDIAN */
107
#define BYTESWAP(x) _byteswap(sc->littleEndian, x)
108
#define BYTESWAP64(x) _byteswap64(sc->littleEndian, x)
110
#define _BYTESWAP(x) ((ROTR((x), 8) & 0xff00ff00L) | \
111
(ROTL((x), 8) & 0x00ff00ffL))
112
#define _BYTESWAP64(x) __byteswap64(x)
114
static inline uint64_t __byteswap64(uint64_t x)
116
uint32_t a = x >> 32;
117
uint32_t b = (uint32_t) x;
118
return ((uint64_t) _BYTESWAP(b) << 32) | (uint64_t) _BYTESWAP(a);
121
static inline uint32_t _byteswap(int littleEndian, uint32_t x)
129
static inline uint64_t _byteswap64(int littleEndian, uint64_t x)
134
return _BYTESWAP64(x);
137
static inline void setEndian(int *littleEndianp)
145
*littleEndianp = endian.b[0] != 0;
148
#endif /* !RUNTIME_ENDIAN */
150
static const uint8_t padding[64] = {
151
0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
152
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
153
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
154
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
155
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
156
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
157
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
158
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
162
SHA1Init (SHA1Context *sc)
164
#ifdef RUNTIME_ENDIAN
165
setEndian (&sc->littleEndian);
166
#endif /* RUNTIME_ENDIAN */
168
sc->totalLength = 0LL;
169
sc->hash[0] = 0x67452301L;
170
sc->hash[1] = 0xefcdab89L;
171
sc->hash[2] = 0x98badcfeL;
172
sc->hash[3] = 0x10325476L;
173
sc->hash[4] = 0xc3d2e1f0L;
174
sc->bufferLength = 0L;
182
memset (buf, 0, sizeof (buf));
183
size -= sizeof (buf);
189
SHA1Guts (SHA1Context *sc, const uint32_t *cbuf)
192
uint32_t *W, *W3, *W8, *W14, *W16;
193
uint32_t a, b, c, d, e, temp;
198
for (i = 15; i >= 0; i--) {
199
*(W++) = BYTESWAP(*cbuf);
208
for (i = 63; i >= 0; i--) {
209
*W = *(W3++) ^ *(W8++) ^ *(W14++) ^ *(W16++);
223
#define SHA1_UNROLL 20
224
#endif /* !SHA1_UNROLL */
227
for (i = 19; i >= 0; i--)
228
DO_ROUND(F_0_19, K_0_19);
230
for (i = 19; i >= 0; i--)
231
DO_ROUND(F_20_39, K_20_39);
233
for (i = 19; i >= 0; i--)
234
DO_ROUND(F_40_59, K_40_59);
236
for (i = 19; i >= 0; i--)
237
DO_ROUND(F_60_79, K_60_79);
238
#elif SHA1_UNROLL == 2
239
for (i = 9; i >= 0; i--) {
240
DO_ROUND(F_0_19, K_0_19);
241
DO_ROUND(F_0_19, K_0_19);
244
for (i = 9; i >= 0; i--) {
245
DO_ROUND(F_20_39, K_20_39);
246
DO_ROUND(F_20_39, K_20_39);
249
for (i = 9; i >= 0; i--) {
250
DO_ROUND(F_40_59, K_40_59);
251
DO_ROUND(F_40_59, K_40_59);
254
for (i = 9; i >= 0; i--) {
255
DO_ROUND(F_60_79, K_60_79);
256
DO_ROUND(F_60_79, K_60_79);
258
#elif SHA1_UNROLL == 4
259
for (i = 4; i >= 0; i--) {
260
DO_ROUND(F_0_19, K_0_19);
261
DO_ROUND(F_0_19, K_0_19);
262
DO_ROUND(F_0_19, K_0_19);
263
DO_ROUND(F_0_19, K_0_19);
266
for (i = 4; i >= 0; i--) {
267
DO_ROUND(F_20_39, K_20_39);
268
DO_ROUND(F_20_39, K_20_39);
269
DO_ROUND(F_20_39, K_20_39);
270
DO_ROUND(F_20_39, K_20_39);
273
for (i = 4; i >= 0; i--) {
274
DO_ROUND(F_40_59, K_40_59);
275
DO_ROUND(F_40_59, K_40_59);
276
DO_ROUND(F_40_59, K_40_59);
277
DO_ROUND(F_40_59, K_40_59);
280
for (i = 4; i >= 0; i--) {
281
DO_ROUND(F_60_79, K_60_79);
282
DO_ROUND(F_60_79, K_60_79);
283
DO_ROUND(F_60_79, K_60_79);
284
DO_ROUND(F_60_79, K_60_79);
286
#elif SHA1_UNROLL == 5
287
for (i = 3; i >= 0; i--) {
288
DO_ROUND(F_0_19, K_0_19);
289
DO_ROUND(F_0_19, K_0_19);
290
DO_ROUND(F_0_19, K_0_19);
291
DO_ROUND(F_0_19, K_0_19);
292
DO_ROUND(F_0_19, K_0_19);
295
for (i = 3; i >= 0; i--) {
296
DO_ROUND(F_20_39, K_20_39);
297
DO_ROUND(F_20_39, K_20_39);
298
DO_ROUND(F_20_39, K_20_39);
299
DO_ROUND(F_20_39, K_20_39);
300
DO_ROUND(F_20_39, K_20_39);
303
for (i = 3; i >= 0; i--) {
304
DO_ROUND(F_40_59, K_40_59);
305
DO_ROUND(F_40_59, K_40_59);
306
DO_ROUND(F_40_59, K_40_59);
307
DO_ROUND(F_40_59, K_40_59);
308
DO_ROUND(F_40_59, K_40_59);
311
for (i = 3; i >= 0; i--) {
312
DO_ROUND(F_60_79, K_60_79);
313
DO_ROUND(F_60_79, K_60_79);
314
DO_ROUND(F_60_79, K_60_79);
315
DO_ROUND(F_60_79, K_60_79);
316
DO_ROUND(F_60_79, K_60_79);
318
#elif SHA1_UNROLL == 10
319
for (i = 1; i >= 0; i--) {
320
DO_ROUND(F_0_19, K_0_19);
321
DO_ROUND(F_0_19, K_0_19);
322
DO_ROUND(F_0_19, K_0_19);
323
DO_ROUND(F_0_19, K_0_19);
324
DO_ROUND(F_0_19, K_0_19);
325
DO_ROUND(F_0_19, K_0_19);
326
DO_ROUND(F_0_19, K_0_19);
327
DO_ROUND(F_0_19, K_0_19);
328
DO_ROUND(F_0_19, K_0_19);
329
DO_ROUND(F_0_19, K_0_19);
332
for (i = 1; i >= 0; i--) {
333
DO_ROUND(F_20_39, K_20_39);
334
DO_ROUND(F_20_39, K_20_39);
335
DO_ROUND(F_20_39, K_20_39);
336
DO_ROUND(F_20_39, K_20_39);
337
DO_ROUND(F_20_39, K_20_39);
338
DO_ROUND(F_20_39, K_20_39);
339
DO_ROUND(F_20_39, K_20_39);
340
DO_ROUND(F_20_39, K_20_39);
341
DO_ROUND(F_20_39, K_20_39);
342
DO_ROUND(F_20_39, K_20_39);
345
for (i = 1; i >= 0; i--) {
346
DO_ROUND(F_40_59, K_40_59);
347
DO_ROUND(F_40_59, K_40_59);
348
DO_ROUND(F_40_59, K_40_59);
349
DO_ROUND(F_40_59, K_40_59);
350
DO_ROUND(F_40_59, K_40_59);
351
DO_ROUND(F_40_59, K_40_59);
352
DO_ROUND(F_40_59, K_40_59);
353
DO_ROUND(F_40_59, K_40_59);
354
DO_ROUND(F_40_59, K_40_59);
355
DO_ROUND(F_40_59, K_40_59);
358
for (i = 1; i >= 0; i--) {
359
DO_ROUND(F_60_79, K_60_79);
360
DO_ROUND(F_60_79, K_60_79);
361
DO_ROUND(F_60_79, K_60_79);
362
DO_ROUND(F_60_79, K_60_79);
363
DO_ROUND(F_60_79, K_60_79);
364
DO_ROUND(F_60_79, K_60_79);
365
DO_ROUND(F_60_79, K_60_79);
366
DO_ROUND(F_60_79, K_60_79);
367
DO_ROUND(F_60_79, K_60_79);
368
DO_ROUND(F_60_79, K_60_79);
370
#elif SHA1_UNROLL == 20
371
DO_ROUND(F_0_19, K_0_19);
372
DO_ROUND(F_0_19, K_0_19);
373
DO_ROUND(F_0_19, K_0_19);
374
DO_ROUND(F_0_19, K_0_19);
375
DO_ROUND(F_0_19, K_0_19);
376
DO_ROUND(F_0_19, K_0_19);
377
DO_ROUND(F_0_19, K_0_19);
378
DO_ROUND(F_0_19, K_0_19);
379
DO_ROUND(F_0_19, K_0_19);
380
DO_ROUND(F_0_19, K_0_19);
381
DO_ROUND(F_0_19, K_0_19);
382
DO_ROUND(F_0_19, K_0_19);
383
DO_ROUND(F_0_19, K_0_19);
384
DO_ROUND(F_0_19, K_0_19);
385
DO_ROUND(F_0_19, K_0_19);
386
DO_ROUND(F_0_19, K_0_19);
387
DO_ROUND(F_0_19, K_0_19);
388
DO_ROUND(F_0_19, K_0_19);
389
DO_ROUND(F_0_19, K_0_19);
390
DO_ROUND(F_0_19, K_0_19);
392
DO_ROUND(F_20_39, K_20_39);
393
DO_ROUND(F_20_39, K_20_39);
394
DO_ROUND(F_20_39, K_20_39);
395
DO_ROUND(F_20_39, K_20_39);
396
DO_ROUND(F_20_39, K_20_39);
397
DO_ROUND(F_20_39, K_20_39);
398
DO_ROUND(F_20_39, K_20_39);
399
DO_ROUND(F_20_39, K_20_39);
400
DO_ROUND(F_20_39, K_20_39);
401
DO_ROUND(F_20_39, K_20_39);
402
DO_ROUND(F_20_39, K_20_39);
403
DO_ROUND(F_20_39, K_20_39);
404
DO_ROUND(F_20_39, K_20_39);
405
DO_ROUND(F_20_39, K_20_39);
406
DO_ROUND(F_20_39, K_20_39);
407
DO_ROUND(F_20_39, K_20_39);
408
DO_ROUND(F_20_39, K_20_39);
409
DO_ROUND(F_20_39, K_20_39);
410
DO_ROUND(F_20_39, K_20_39);
411
DO_ROUND(F_20_39, K_20_39);
413
DO_ROUND(F_40_59, K_40_59);
414
DO_ROUND(F_40_59, K_40_59);
415
DO_ROUND(F_40_59, K_40_59);
416
DO_ROUND(F_40_59, K_40_59);
417
DO_ROUND(F_40_59, K_40_59);
418
DO_ROUND(F_40_59, K_40_59);
419
DO_ROUND(F_40_59, K_40_59);
420
DO_ROUND(F_40_59, K_40_59);
421
DO_ROUND(F_40_59, K_40_59);
422
DO_ROUND(F_40_59, K_40_59);
423
DO_ROUND(F_40_59, K_40_59);
424
DO_ROUND(F_40_59, K_40_59);
425
DO_ROUND(F_40_59, K_40_59);
426
DO_ROUND(F_40_59, K_40_59);
427
DO_ROUND(F_40_59, K_40_59);
428
DO_ROUND(F_40_59, K_40_59);
429
DO_ROUND(F_40_59, K_40_59);
430
DO_ROUND(F_40_59, K_40_59);
431
DO_ROUND(F_40_59, K_40_59);
432
DO_ROUND(F_40_59, K_40_59);
434
DO_ROUND(F_60_79, K_60_79);
435
DO_ROUND(F_60_79, K_60_79);
436
DO_ROUND(F_60_79, K_60_79);
437
DO_ROUND(F_60_79, K_60_79);
438
DO_ROUND(F_60_79, K_60_79);
439
DO_ROUND(F_60_79, K_60_79);
440
DO_ROUND(F_60_79, K_60_79);
441
DO_ROUND(F_60_79, K_60_79);
442
DO_ROUND(F_60_79, K_60_79);
443
DO_ROUND(F_60_79, K_60_79);
444
DO_ROUND(F_60_79, K_60_79);
445
DO_ROUND(F_60_79, K_60_79);
446
DO_ROUND(F_60_79, K_60_79);
447
DO_ROUND(F_60_79, K_60_79);
448
DO_ROUND(F_60_79, K_60_79);
449
DO_ROUND(F_60_79, K_60_79);
450
DO_ROUND(F_60_79, K_60_79);
451
DO_ROUND(F_60_79, K_60_79);
452
DO_ROUND(F_60_79, K_60_79);
453
DO_ROUND(F_60_79, K_60_79);
454
#else /* SHA1_UNROLL */
455
#error SHA1_UNROLL must be 1, 2, 4, 5, 10 or 20!
466
SHA1Update (SHA1Context *sc, const void *vdata, uint32_t len)
468
const uint8_t *data = vdata;
469
uint32_t bufferBytesLeft;
470
uint32_t bytesToCopy;
473
#ifdef SHA1_FAST_COPY
474
if (sc->bufferLength) {
475
bufferBytesLeft = 64L - sc->bufferLength;
477
bytesToCopy = bufferBytesLeft;
478
if (bytesToCopy > len)
481
memcpy (&sc->buffer.bytes[sc->bufferLength], data, bytesToCopy);
483
sc->totalLength += bytesToCopy * 8L;
485
sc->bufferLength += bytesToCopy;
489
if (sc->bufferLength == 64L) {
490
SHA1Guts (sc, sc->buffer.words);
492
sc->bufferLength = 0L;
497
sc->totalLength += 512L;
507
memcpy (&sc->buffer.bytes[sc->bufferLength], data, len);
509
sc->totalLength += len * 8L;
511
sc->bufferLength += len;
513
#else /* SHA1_FAST_COPY */
515
bufferBytesLeft = 64L - sc->bufferLength;
517
bytesToCopy = bufferBytesLeft;
518
if (bytesToCopy > len)
521
memcpy (&sc->buffer.bytes[sc->bufferLength], data, bytesToCopy);
523
sc->totalLength += bytesToCopy * 8L;
525
sc->bufferLength += bytesToCopy;
529
if (sc->bufferLength == 64L) {
530
SHA1Guts (sc, sc->buffer.words);
532
sc->bufferLength = 0L;
535
#endif /* SHA1_FAST_COPY */
538
burnStack (sizeof (uint32_t[86]) + sizeof (uint32_t *[5]) + sizeof (int));
542
SHA1Final (SHA1Context *sc, uint8_t hash[SHA1_HASH_SIZE])
548
bytesToPad = 120L - sc->bufferLength;
549
if (bytesToPad > 64L)
552
lengthPad = BYTESWAP64(sc->totalLength);
554
SHA1Update (sc, padding, bytesToPad);
555
SHA1Update (sc, &lengthPad, 8L);
558
for (i = 0; i < SHA1_HASH_WORDS; i++) {
559
#ifdef SHA1_FAST_COPY
560
*((uint32_t *) hash) = BYTESWAP(sc->hash[i]);
561
#else /* SHA1_FAST_COPY */
562
hash[0] = (uint8_t) (sc->hash[i] >> 24);
563
hash[1] = (uint8_t) (sc->hash[i] >> 16);
564
hash[2] = (uint8_t) (sc->hash[i] >> 8);
565
hash[3] = (uint8_t) sc->hash[i];
566
#endif /* SHA1_FAST_COPY */
579
main (int argc, char *argv[])
582
uint8_t hash[SHA1_HASH_SIZE];
587
SHA1Update (&foo, "abc", 3);
588
SHA1Final (&foo, hash);
590
for (i = 0; i < SHA1_HASH_SIZE;) {
591
printf ("%02x", hash[i++]);
599
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
601
SHA1Final (&foo, hash);
603
for (i = 0; i < SHA1_HASH_SIZE;) {
604
printf ("%02x", hash[i++]);
611
memset (buf, 'a', sizeof (buf));
612
for (i = 0; i < 1000; i++)
613
SHA1Update (&foo, buf, sizeof (buf));
614
SHA1Final (&foo, hash);
616
for (i = 0; i < SHA1_HASH_SIZE;) {
617
printf ("%02x", hash[i++]);
626
#endif /* SHA1_TEST */