You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

sha1.cpp 8.6KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199
  1. // Copyright (c) 2014 The Starwels developers
  2. // Distributed under the MIT software license, see the accompanying
  3. // file COPYING or http://www.opensource.org/licenses/mit-license.php.
  4. #include "crypto/sha1.h"
  5. #include "crypto/common.h"
  6. #include <string.h>
  7. // Internal implementation code.
  8. namespace
  9. {
  10. /// Internal SHA-1 implementation.
  11. namespace sha1
  12. {
  13. /** One round of SHA-1. */
  14. void inline Round(uint32_t a, uint32_t& b, uint32_t c, uint32_t d, uint32_t& e, uint32_t f, uint32_t k, uint32_t w)
  15. {
  16. e += ((a << 5) | (a >> 27)) + f + k + w;
  17. b = (b << 30) | (b >> 2);
  18. }
  19. uint32_t inline f1(uint32_t b, uint32_t c, uint32_t d) { return d ^ (b & (c ^ d)); }
  20. uint32_t inline f2(uint32_t b, uint32_t c, uint32_t d) { return b ^ c ^ d; }
  21. uint32_t inline f3(uint32_t b, uint32_t c, uint32_t d) { return (b & c) | (d & (b | c)); }
  22. uint32_t inline left(uint32_t x) { return (x << 1) | (x >> 31); }
  23. /** Initialize SHA-1 state. */
  24. void inline Initialize(uint32_t* s)
  25. {
  26. s[0] = 0x67452301ul;
  27. s[1] = 0xEFCDAB89ul;
  28. s[2] = 0x98BADCFEul;
  29. s[3] = 0x10325476ul;
  30. s[4] = 0xC3D2E1F0ul;
  31. }
  32. const uint32_t k1 = 0x5A827999ul;
  33. const uint32_t k2 = 0x6ED9EBA1ul;
  34. const uint32_t k3 = 0x8F1BBCDCul;
  35. const uint32_t k4 = 0xCA62C1D6ul;
  36. /** Perform a SHA-1 transformation, processing a 64-byte chunk. */
  37. void Transform(uint32_t* s, const unsigned char* chunk)
  38. {
  39. uint32_t a = s[0], b = s[1], c = s[2], d = s[3], e = s[4];
  40. uint32_t w0, w1, w2, w3, w4, w5, w6, w7, w8, w9, w10, w11, w12, w13, w14, w15;
  41. Round(a, b, c, d, e, f1(b, c, d), k1, w0 = ReadBE32(chunk + 0));
  42. Round(e, a, b, c, d, f1(a, b, c), k1, w1 = ReadBE32(chunk + 4));
  43. Round(d, e, a, b, c, f1(e, a, b), k1, w2 = ReadBE32(chunk + 8));
  44. Round(c, d, e, a, b, f1(d, e, a), k1, w3 = ReadBE32(chunk + 12));
  45. Round(b, c, d, e, a, f1(c, d, e), k1, w4 = ReadBE32(chunk + 16));
  46. Round(a, b, c, d, e, f1(b, c, d), k1, w5 = ReadBE32(chunk + 20));
  47. Round(e, a, b, c, d, f1(a, b, c), k1, w6 = ReadBE32(chunk + 24));
  48. Round(d, e, a, b, c, f1(e, a, b), k1, w7 = ReadBE32(chunk + 28));
  49. Round(c, d, e, a, b, f1(d, e, a), k1, w8 = ReadBE32(chunk + 32));
  50. Round(b, c, d, e, a, f1(c, d, e), k1, w9 = ReadBE32(chunk + 36));
  51. Round(a, b, c, d, e, f1(b, c, d), k1, w10 = ReadBE32(chunk + 40));
  52. Round(e, a, b, c, d, f1(a, b, c), k1, w11 = ReadBE32(chunk + 44));
  53. Round(d, e, a, b, c, f1(e, a, b), k1, w12 = ReadBE32(chunk + 48));
  54. Round(c, d, e, a, b, f1(d, e, a), k1, w13 = ReadBE32(chunk + 52));
  55. Round(b, c, d, e, a, f1(c, d, e), k1, w14 = ReadBE32(chunk + 56));
  56. Round(a, b, c, d, e, f1(b, c, d), k1, w15 = ReadBE32(chunk + 60));
  57. Round(e, a, b, c, d, f1(a, b, c), k1, w0 = left(w0 ^ w13 ^ w8 ^ w2));
  58. Round(d, e, a, b, c, f1(e, a, b), k1, w1 = left(w1 ^ w14 ^ w9 ^ w3));
  59. Round(c, d, e, a, b, f1(d, e, a), k1, w2 = left(w2 ^ w15 ^ w10 ^ w4));
  60. Round(b, c, d, e, a, f1(c, d, e), k1, w3 = left(w3 ^ w0 ^ w11 ^ w5));
  61. Round(a, b, c, d, e, f2(b, c, d), k2, w4 = left(w4 ^ w1 ^ w12 ^ w6));
  62. Round(e, a, b, c, d, f2(a, b, c), k2, w5 = left(w5 ^ w2 ^ w13 ^ w7));
  63. Round(d, e, a, b, c, f2(e, a, b), k2, w6 = left(w6 ^ w3 ^ w14 ^ w8));
  64. Round(c, d, e, a, b, f2(d, e, a), k2, w7 = left(w7 ^ w4 ^ w15 ^ w9));
  65. Round(b, c, d, e, a, f2(c, d, e), k2, w8 = left(w8 ^ w5 ^ w0 ^ w10));
  66. Round(a, b, c, d, e, f2(b, c, d), k2, w9 = left(w9 ^ w6 ^ w1 ^ w11));
  67. Round(e, a, b, c, d, f2(a, b, c), k2, w10 = left(w10 ^ w7 ^ w2 ^ w12));
  68. Round(d, e, a, b, c, f2(e, a, b), k2, w11 = left(w11 ^ w8 ^ w3 ^ w13));
  69. Round(c, d, e, a, b, f2(d, e, a), k2, w12 = left(w12 ^ w9 ^ w4 ^ w14));
  70. Round(b, c, d, e, a, f2(c, d, e), k2, w13 = left(w13 ^ w10 ^ w5 ^ w15));
  71. Round(a, b, c, d, e, f2(b, c, d), k2, w14 = left(w14 ^ w11 ^ w6 ^ w0));
  72. Round(e, a, b, c, d, f2(a, b, c), k2, w15 = left(w15 ^ w12 ^ w7 ^ w1));
  73. Round(d, e, a, b, c, f2(e, a, b), k2, w0 = left(w0 ^ w13 ^ w8 ^ w2));
  74. Round(c, d, e, a, b, f2(d, e, a), k2, w1 = left(w1 ^ w14 ^ w9 ^ w3));
  75. Round(b, c, d, e, a, f2(c, d, e), k2, w2 = left(w2 ^ w15 ^ w10 ^ w4));
  76. Round(a, b, c, d, e, f2(b, c, d), k2, w3 = left(w3 ^ w0 ^ w11 ^ w5));
  77. Round(e, a, b, c, d, f2(a, b, c), k2, w4 = left(w4 ^ w1 ^ w12 ^ w6));
  78. Round(d, e, a, b, c, f2(e, a, b), k2, w5 = left(w5 ^ w2 ^ w13 ^ w7));
  79. Round(c, d, e, a, b, f2(d, e, a), k2, w6 = left(w6 ^ w3 ^ w14 ^ w8));
  80. Round(b, c, d, e, a, f2(c, d, e), k2, w7 = left(w7 ^ w4 ^ w15 ^ w9));
  81. Round(a, b, c, d, e, f3(b, c, d), k3, w8 = left(w8 ^ w5 ^ w0 ^ w10));
  82. Round(e, a, b, c, d, f3(a, b, c), k3, w9 = left(w9 ^ w6 ^ w1 ^ w11));
  83. Round(d, e, a, b, c, f3(e, a, b), k3, w10 = left(w10 ^ w7 ^ w2 ^ w12));
  84. Round(c, d, e, a, b, f3(d, e, a), k3, w11 = left(w11 ^ w8 ^ w3 ^ w13));
  85. Round(b, c, d, e, a, f3(c, d, e), k3, w12 = left(w12 ^ w9 ^ w4 ^ w14));
  86. Round(a, b, c, d, e, f3(b, c, d), k3, w13 = left(w13 ^ w10 ^ w5 ^ w15));
  87. Round(e, a, b, c, d, f3(a, b, c), k3, w14 = left(w14 ^ w11 ^ w6 ^ w0));
  88. Round(d, e, a, b, c, f3(e, a, b), k3, w15 = left(w15 ^ w12 ^ w7 ^ w1));
  89. Round(c, d, e, a, b, f3(d, e, a), k3, w0 = left(w0 ^ w13 ^ w8 ^ w2));
  90. Round(b, c, d, e, a, f3(c, d, e), k3, w1 = left(w1 ^ w14 ^ w9 ^ w3));
  91. Round(a, b, c, d, e, f3(b, c, d), k3, w2 = left(w2 ^ w15 ^ w10 ^ w4));
  92. Round(e, a, b, c, d, f3(a, b, c), k3, w3 = left(w3 ^ w0 ^ w11 ^ w5));
  93. Round(d, e, a, b, c, f3(e, a, b), k3, w4 = left(w4 ^ w1 ^ w12 ^ w6));
  94. Round(c, d, e, a, b, f3(d, e, a), k3, w5 = left(w5 ^ w2 ^ w13 ^ w7));
  95. Round(b, c, d, e, a, f3(c, d, e), k3, w6 = left(w6 ^ w3 ^ w14 ^ w8));
  96. Round(a, b, c, d, e, f3(b, c, d), k3, w7 = left(w7 ^ w4 ^ w15 ^ w9));
  97. Round(e, a, b, c, d, f3(a, b, c), k3, w8 = left(w8 ^ w5 ^ w0 ^ w10));
  98. Round(d, e, a, b, c, f3(e, a, b), k3, w9 = left(w9 ^ w6 ^ w1 ^ w11));
  99. Round(c, d, e, a, b, f3(d, e, a), k3, w10 = left(w10 ^ w7 ^ w2 ^ w12));
  100. Round(b, c, d, e, a, f3(c, d, e), k3, w11 = left(w11 ^ w8 ^ w3 ^ w13));
  101. Round(a, b, c, d, e, f2(b, c, d), k4, w12 = left(w12 ^ w9 ^ w4 ^ w14));
  102. Round(e, a, b, c, d, f2(a, b, c), k4, w13 = left(w13 ^ w10 ^ w5 ^ w15));
  103. Round(d, e, a, b, c, f2(e, a, b), k4, w14 = left(w14 ^ w11 ^ w6 ^ w0));
  104. Round(c, d, e, a, b, f2(d, e, a), k4, w15 = left(w15 ^ w12 ^ w7 ^ w1));
  105. Round(b, c, d, e, a, f2(c, d, e), k4, w0 = left(w0 ^ w13 ^ w8 ^ w2));
  106. Round(a, b, c, d, e, f2(b, c, d), k4, w1 = left(w1 ^ w14 ^ w9 ^ w3));
  107. Round(e, a, b, c, d, f2(a, b, c), k4, w2 = left(w2 ^ w15 ^ w10 ^ w4));
  108. Round(d, e, a, b, c, f2(e, a, b), k4, w3 = left(w3 ^ w0 ^ w11 ^ w5));
  109. Round(c, d, e, a, b, f2(d, e, a), k4, w4 = left(w4 ^ w1 ^ w12 ^ w6));
  110. Round(b, c, d, e, a, f2(c, d, e), k4, w5 = left(w5 ^ w2 ^ w13 ^ w7));
  111. Round(a, b, c, d, e, f2(b, c, d), k4, w6 = left(w6 ^ w3 ^ w14 ^ w8));
  112. Round(e, a, b, c, d, f2(a, b, c), k4, w7 = left(w7 ^ w4 ^ w15 ^ w9));
  113. Round(d, e, a, b, c, f2(e, a, b), k4, w8 = left(w8 ^ w5 ^ w0 ^ w10));
  114. Round(c, d, e, a, b, f2(d, e, a), k4, w9 = left(w9 ^ w6 ^ w1 ^ w11));
  115. Round(b, c, d, e, a, f2(c, d, e), k4, w10 = left(w10 ^ w7 ^ w2 ^ w12));
  116. Round(a, b, c, d, e, f2(b, c, d), k4, w11 = left(w11 ^ w8 ^ w3 ^ w13));
  117. Round(e, a, b, c, d, f2(a, b, c), k4, w12 = left(w12 ^ w9 ^ w4 ^ w14));
  118. Round(d, e, a, b, c, f2(e, a, b), k4, left(w13 ^ w10 ^ w5 ^ w15));
  119. Round(c, d, e, a, b, f2(d, e, a), k4, left(w14 ^ w11 ^ w6 ^ w0));
  120. Round(b, c, d, e, a, f2(c, d, e), k4, left(w15 ^ w12 ^ w7 ^ w1));
  121. s[0] += a;
  122. s[1] += b;
  123. s[2] += c;
  124. s[3] += d;
  125. s[4] += e;
  126. }
  127. } // namespace sha1
  128. } // namespace
  129. ////// SHA1
  130. CSHA1::CSHA1() : bytes(0)
  131. {
  132. sha1::Initialize(s);
  133. }
  134. CSHA1& CSHA1::Write(const unsigned char* data, size_t len)
  135. {
  136. const unsigned char* end = data + len;
  137. size_t bufsize = bytes % 64;
  138. if (bufsize && bufsize + len >= 64) {
  139. // Fill the buffer, and process it.
  140. memcpy(buf + bufsize, data, 64 - bufsize);
  141. bytes += 64 - bufsize;
  142. data += 64 - bufsize;
  143. sha1::Transform(s, buf);
  144. bufsize = 0;
  145. }
  146. while (end >= data + 64) {
  147. // Process full chunks directly from the source.
  148. sha1::Transform(s, data);
  149. bytes += 64;
  150. data += 64;
  151. }
  152. if (end > data) {
  153. // Fill the buffer with what remains.
  154. memcpy(buf + bufsize, data, end - data);
  155. bytes += end - data;
  156. }
  157. return *this;
  158. }
  159. void CSHA1::Finalize(unsigned char hash[OUTPUT_SIZE])
  160. {
  161. static const unsigned char pad[64] = {0x80};
  162. unsigned char sizedesc[8];
  163. WriteBE64(sizedesc, bytes << 3);
  164. Write(pad, 1 + ((119 - (bytes % 64)) % 64));
  165. Write(sizedesc, 8);
  166. WriteBE32(hash, s[0]);
  167. WriteBE32(hash + 4, s[1]);
  168. WriteBE32(hash + 8, s[2]);
  169. WriteBE32(hash + 12, s[3]);
  170. WriteBE32(hash + 16, s[4]);
  171. }
  172. CSHA1& CSHA1::Reset()
  173. {
  174. bytes = 0;
  175. sha1::Initialize(s);
  176. return *this;
  177. }