fxr.watson.org: NETBSD20 sys/lib/libkern/sha1.c

FreeBSD/Linux Kernel Cross Reference
sys/lib/libkern/sha1.c

Version: - FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10

1 /* $NetBSD: sha1.c,v 1.7 2003/09/23 20:00:43 martin Exp $ */ 2 /* $OpenBSD: sha1.c,v 1.9 1997/07/23 21:12:32 kstailey Exp $ */ 3 4 /* 5 * SHA-1 in C 6 * By Steve Reid <steve@edmweb.com> 7 * 100% Public Domain 8 * 9 * Test Vectors (from FIPS PUB 180-1) 10 * "abc" 11 * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D 12 * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 13 * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1 14 * A million repetitions of "a" 15 * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F 16 */ 17 18 #define SHA1HANDSOFF /* Copies data before messing with it. */ 19 20 #include <sys/param.h> 21 22 #if defined(_KERNEL) || defined(_STANDALONE) 23 #include <lib/libkern/libkern.h> 24 #include <sys/sha1.h> 25 #else 26 #include <string.h> 27 #include <sys/sha1.h> 28 #endif 29 30 #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) 31 32 /* 33 * blk0() and blk() perform the initial expand. 34 * I got the idea of expanding during the round function from SSLeay 35 */ 36 #if BYTE_ORDER == LITTLE_ENDIAN 37 # define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \ 38 |(rol(block->l[i],8)&0x00FF00FF)) 39 #else 40 # define blk0(i) block->l[i] 41 #endif 42 #define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ 43 ^block->l[(i+2)&15]^block->l[i&15],1)) 44 45 /* 46 * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1 47 */ 48 #define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); 49 #define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); 50 #define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); 51 #define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); 52 #define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); 53 54 typedef union { 55 u_char c[64]; 56 u_int l[16]; 57 } CHAR64LONG16; 58 59 /* old sparc64 gcc could not compile this */ 60 #undef SPARC64_GCC_WORKAROUND 61 #if defined(__sparc64__) && defined(__GNUC__) && __GNUC__ < 3 62 #define SPARC64_GCC_WORKAROUND 63 #endif 64 65 #ifdef SPARC64_GCC_WORKAROUND 66 void do_R01(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *); 67 void do_R2(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *); 68 void do_R3(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *); 69 void do_R4(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *); 70 71 #define nR0(v,w,x,y,z,i) R0(*v,*w,*x,*y,*z,i) 72 #define nR1(v,w,x,y,z,i) R1(*v,*w,*x,*y,*z,i) 73 #define nR2(v,w,x,y,z,i) R2(*v,*w,*x,*y,*z,i) 74 #define nR3(v,w,x,y,z,i) R3(*v,*w,*x,*y,*z,i) 75 #define nR4(v,w,x,y,z,i) R4(*v,*w,*x,*y,*z,i) 76 77 void 78 do_R01(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *block) 79 { 80 nR0(a,b,c,d,e, 0); nR0(e,a,b,c,d, 1); nR0(d,e,a,b,c, 2); nR0(c,d,e,a,b, 3); 81 nR0(b,c,d,e,a, 4); nR0(a,b,c,d,e, 5); nR0(e,a,b,c,d, 6); nR0(d,e,a,b,c, 7); 82 nR0(c,d,e,a,b, 8); nR0(b,c,d,e,a, 9); nR0(a,b,c,d,e,10); nR0(e,a,b,c,d,11); 83 nR0(d,e,a,b,c,12); nR0(c,d,e,a,b,13); nR0(b,c,d,e,a,14); nR0(a,b,c,d,e,15); 84 nR1(e,a,b,c,d,16); nR1(d,e,a,b,c,17); nR1(c,d,e,a,b,18); nR1(b,c,d,e,a,19); 85 } 86 87 void 88 do_R2(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *block) 89 { 90 nR2(a,b,c,d,e,20); nR2(e,a,b,c,d,21); nR2(d,e,a,b,c,22); nR2(c,d,e,a,b,23); 91 nR2(b,c,d,e,a,24); nR2(a,b,c,d,e,25); nR2(e,a,b,c,d,26); nR2(d,e,a,b,c,27); 92 nR2(c,d,e,a,b,28); nR2(b,c,d,e,a,29); nR2(a,b,c,d,e,30); nR2(e,a,b,c,d,31); 93 nR2(d,e,a,b,c,32); nR2(c,d,e,a,b,33); nR2(b,c,d,e,a,34); nR2(a,b,c,d,e,35); 94 nR2(e,a,b,c,d,36); nR2(d,e,a,b,c,37); nR2(c,d,e,a,b,38); nR2(b,c,d,e,a,39); 95 } 96 97 void 98 do_R3(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *block) 99 { 100 nR3(a,b,c,d,e,40); nR3(e,a,b,c,d,41); nR3(d,e,a,b,c,42); nR3(c,d,e,a,b,43); 101 nR3(b,c,d,e,a,44); nR3(a,b,c,d,e,45); nR3(e,a,b,c,d,46); nR3(d,e,a,b,c,47); 102 nR3(c,d,e,a,b,48); nR3(b,c,d,e,a,49); nR3(a,b,c,d,e,50); nR3(e,a,b,c,d,51); 103 nR3(d,e,a,b,c,52); nR3(c,d,e,a,b,53); nR3(b,c,d,e,a,54); nR3(a,b,c,d,e,55); 104 nR3(e,a,b,c,d,56); nR3(d,e,a,b,c,57); nR3(c,d,e,a,b,58); nR3(b,c,d,e,a,59); 105 } 106 107 void 108 do_R4(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *block) 109 { 110 nR4(a,b,c,d,e,60); nR4(e,a,b,c,d,61); nR4(d,e,a,b,c,62); nR4(c,d,e,a,b,63); 111 nR4(b,c,d,e,a,64); nR4(a,b,c,d,e,65); nR4(e,a,b,c,d,66); nR4(d,e,a,b,c,67); 112 nR4(c,d,e,a,b,68); nR4(b,c,d,e,a,69); nR4(a,b,c,d,e,70); nR4(e,a,b,c,d,71); 113 nR4(d,e,a,b,c,72); nR4(c,d,e,a,b,73); nR4(b,c,d,e,a,74); nR4(a,b,c,d,e,75); 114 nR4(e,a,b,c,d,76); nR4(d,e,a,b,c,77); nR4(c,d,e,a,b,78); nR4(b,c,d,e,a,79); 115 } 116 #endif 117 118 /* 119 * Hash a single 512-bit block. This is the core of the algorithm. 120 */ 121 void SHA1Transform(state, buffer) 122 u_int32_t state[5]; 123 const u_char buffer[64]; 124 { 125 u_int32_t a, b, c, d, e; 126 CHAR64LONG16 *block; 127 128 #ifdef SHA1HANDSOFF 129 static u_int workspace[16]; 130 block = (CHAR64LONG16 *)workspace; 131 (void)memcpy(block, buffer, 64); 132 #else 133 block = (CHAR64LONG16 *)buffer; 134 #endif 135 136 /* Copy context->state[] to working vars */ 137 a = state[0]; 138 b = state[1]; 139 c = state[2]; 140 d = state[3]; 141 e = state[4]; 142 143 #ifdef SPARC64_GCC_WORKAROUND 144 do_R01(&a, &b, &c, &d, &e, block); 145 do_R2(&a, &b, &c, &d, &e, block); 146 do_R3(&a, &b, &c, &d, &e, block); 147 do_R4(&a, &b, &c, &d, &e, block); 148 #else 149 /* 4 rounds of 20 operations each. Loop unrolled. */ 150 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); 151 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); 152 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); 153 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); 154 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); 155 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); 156 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); 157 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); 158 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); 159 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); 160 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); 161 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); 162 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); 163 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); 164 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); 165 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); 166 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); 167 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); 168 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); 169 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); 170 #endif 171 172 /* Add the working vars back into context.state[] */ 173 state[0] += a; 174 state[1] += b; 175 state[2] += c; 176 state[3] += d; 177 state[4] += e; 178 179 /* Wipe variables */ 180 a = b = c = d = e = 0; 181 } 182 183 184 /* 185 * SHA1Init - Initialize new context 186 */ 187 void SHA1Init(context) 188 SHA1_CTX *context; 189 { 190 191 /* SHA1 initialization constants */ 192 context->state[0] = 0x67452301; 193 context->state[1] = 0xEFCDAB89; 194 context->state[2] = 0x98BADCFE; 195 context->state[3] = 0x10325476; 196 context->state[4] = 0xC3D2E1F0; 197 context->count[0] = context->count[1] = 0; 198 } 199 200 201 /* 202 * Run your data through this. 203 */ 204 void SHA1Update(context, data, len) 205 SHA1_CTX *context; 206 const u_char *data; 207 u_int len; 208 { 209 u_int i, j; 210 211 j = context->count[0]; 212 if ((context->count[0] += len << 3) < j) 213 context->count[1] += (len>>29)+1; 214 j = (j >> 3) & 63; 215 if ((j + len) > 63) { 216 (void)memcpy(&context->buffer[j], data, (i = 64-j)); 217 SHA1Transform(context->state, context->buffer); 218 for ( ; i + 63 < len; i += 64) 219 SHA1Transform(context->state, &data[i]); 220 j = 0; 221 } else { 222 i = 0; 223 } 224 (void)memcpy(&context->buffer[j], &data[i], len - i); 225 } 226 227 228 /* 229 * Add padding and return the message digest. 230 */ 231 void SHA1Final(digest, context) 232 u_char digest[20]; 233 SHA1_CTX* context; 234 { 235 u_int i; 236 u_char finalcount[8]; 237 238 for (i = 0; i < 8; i++) { 239 finalcount[i] = (u_char)((context->count[(i >= 4 ? 0 : 1)] 240 >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ 241 } 242 SHA1Update(context, (u_char *)"\200", 1); 243 while ((context->count[0] & 504) != 448) 244 SHA1Update(context, (u_char *)"\0", 1); 245 SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ 246 247 if (digest) { 248 for (i = 0; i < 20; i++) 249 digest[i] = (u_char) 250 ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); 251 } 252 }

Cache object: 368b2863d34d58ed26340e0825d567f1

FreeBSD/Linux Kernel Cross Reference sys/lib/libkern/sha1.c

FreeBSD/Linux Kernel Cross Reference
sys/lib/libkern/sha1.c