"Fossies" - the Fresh Open Source Software Archive

Member "littleutils-1.2.5/littleutils/sha1.c" (29 Oct 2021, 14360 Bytes) of package /linux/privat/littleutils-1.2.5.tar.lz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "sha1.c" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 1.2.4_vs_1.2.5.

    1 /* sha1.c - Functions to compute SHA1 message digest of files or
    2    memory blocks according to the NIST specification FIPS-180-1.
    3 
    4    Copyright (C) 2000-2001, 2003-2006, 2008-2018 Free Software Foundation, Inc.
    5 
    6    This program is free software; you can redistribute it and/or modify it
    7    under the terms of the GNU General Public License as published by the
    8    Free Software Foundation; either version 3, or (at your option) any
    9    later version.
   10 
   11    This program is distributed in the hope that it will be useful,
   12    but WITHOUT ANY WARRANTY; without even the implied warranty of
   13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   14    GNU General Public License for more details.
   15 
   16    You should have received a copy of the GNU General Public License
   17    along with this program; if not, see <https://www.gnu.org/licenses/>.  */
   18 
   19 /* Written by Scott G. Miller
   20    Credits:
   21       Robert Klep <robert@ilse.nl> -- Expansion function fix
   22       Modifications for portability and partial file reads by Brian Lindholm,
   23       2004-2021.  */
   24 
   25 #include <config.h>
   26 
   27 #ifdef HAVE_STDALIGN_H
   28 # include <stdalign.h>
   29 #endif
   30 #ifdef HAVE_STDINT_H
   31 # include <stdint.h>
   32 #endif
   33 #ifdef HAVE_STDLIB_H
   34 # include <stdlib.h>
   35 #endif
   36 #ifdef HAVE_STRING_H
   37 # include <string.h>
   38 #endif
   39 #ifdef HAVE_SYS_TYPES_H
   40 # include <sys/types.h>
   41 #endif
   42 
   43 #include "sha1.h"
   44 
   45 #ifdef WORDS_BIGENDIAN
   46 # define SWAP(n) (n)
   47 #else
   48 # ifdef HAVE_BYTESWAP_H
   49 #  include <byteswap.h>
   50 #  define SWAP(n) bswap_32 (n)
   51 # else
   52 #  define SWAP(n) (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
   53 # endif
   54 #endif
   55 
   56 #define BLOCKSIZE 32768
   57 #if BLOCKSIZE % 64 != 0
   58 # error "invalid BLOCKSIZE"
   59 #endif
   60 
   61 /* This array contains the bytes used to pad the buffer to the next
   62    64-byte boundary.  (RFC 1321, 3.1: Step 1)  */
   63 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ...  */ };
   64 
   65 
   66 /* Take a pointer to a 160 bit block of data (five 32 bit ints) and
   67    initialize it to the start constants of the SHA1 algorithm.  This
   68    must be called before using hash in the call to sha1_hash.  */
   69 void
   70 sha1_init_ctx (struct sha1_ctx *ctx)
   71 {
   72   ctx->A = 0x67452301;
   73   ctx->B = 0xefcdab89;
   74   ctx->C = 0x98badcfe;
   75   ctx->D = 0x10325476;
   76   ctx->E = 0xc3d2e1f0;
   77 
   78   ctx->total[0] = ctx->total[1] = 0;
   79   ctx->buflen = 0;
   80 }
   81 
   82 /* Copy the 4 byte value from v into the memory location pointed to by *cp,
   83    If your architecture allows unaligned access this is equivalent to
   84    * (uint32_t *) cp = v  */
   85 static void
   86 set_uint32 (char *cp, uint32_t v)
   87 {
   88   memcpy (cp, &v, sizeof v);
   89 }
   90 
   91 /* Put result from CTX in first 20 bytes following RESBUF.  The result
   92    must be in little endian byte order.  */
   93 void *
   94 sha1_read_ctx (const struct sha1_ctx *ctx, void *resbuf)
   95 {
   96   char *r = resbuf;
   97   set_uint32 (r + 0 * sizeof ctx->A, SWAP (ctx->A));
   98   set_uint32 (r + 1 * sizeof ctx->B, SWAP (ctx->B));
   99   set_uint32 (r + 2 * sizeof ctx->C, SWAP (ctx->C));
  100   set_uint32 (r + 3 * sizeof ctx->D, SWAP (ctx->D));
  101   set_uint32 (r + 4 * sizeof ctx->E, SWAP (ctx->E));
  102 
  103   return resbuf;
  104 }
  105 
  106 /* Process the remaining bytes in the internal buffer and the usual
  107    prolog according to the standard and write the result to RESBUF.  */
  108 void *
  109 sha1_finish_ctx (struct sha1_ctx *ctx, void *resbuf)
  110 {
  111   /* Take yet unprocessed bytes into account.  */
  112   uint32_t bytes = ctx->buflen;
  113   size_t size = (bytes < 56) ? 64 / 4 : 64 * 2 / 4;
  114 
  115   /* Now count remaining bytes.  */
  116   ctx->total[0] += bytes;
  117   if (ctx->total[0] < bytes)
  118     ++ctx->total[1];
  119 
  120   /* Put the 64-bit file length in *bits* at the end of the buffer.  */
  121   ctx->buffer[size - 2] = SWAP ((ctx->total[1] << 3) | (ctx->total[0] >> 29));
  122   ctx->buffer[size - 1] = SWAP (ctx->total[0] << 3);
  123 
  124   memcpy (&((char *) ctx->buffer)[bytes], fillbuf, (size - 2) * 4 - bytes);
  125 
  126   /* Process last bytes.  */
  127   sha1_process_block (ctx->buffer, size * 4, ctx);
  128 
  129   return sha1_read_ctx (ctx, resbuf);
  130 }
  131 
  132 /* Compute SHA1 message digest for bytes read from STREAM.  The
  133    resulting message digest number will be written into the 20 bytes
  134    beginning at RESBLOCK.  Readbytes == -1 implies whole file.  */
  135 int
  136 sha1_stream (FILE *stream, void *resblock, off_t readbytes)
  137 {
  138   char *buffer = malloc (BLOCKSIZE + 72);
  139   if (!buffer)
  140     return 1;
  141 
  142   /* Initialize the computation context.  */
  143   struct sha1_ctx ctx;
  144   sha1_init_ctx (&ctx);
  145   size_t sum, target;
  146   off_t total = 0;
  147 
  148   /* Jump to end for readbytes == 0.  */
  149   if (readbytes == 0)
  150     {
  151       sum = 0;
  152       goto process_partial_block;
  153     }
  154 
  155   /* Iterate over full file contents.  */
  156   while (1)
  157     {
  158       /* We read the file in blocks of BLOCKSIZE bytes.  One call of the
  159          computation function processes the whole buffer so that with the
  160          next round of the loop another block can be read.  */
  161       size_t n;
  162       if ((readbytes < 0) || ((readbytes - total) > (off_t) BLOCKSIZE))
  163         target = (size_t) BLOCKSIZE;
  164       else
  165         target = (size_t) (readbytes - total);
  166       sum = 0;
  167 
  168       /* Read block.  Take care for partial reads.  */
  169       while (1)
  170         {
  171           /* Either process a partial fread() from this loop,
  172              or the fread() in afalg_stream may have gotten EOF.
  173              We need to avoid a subsequent fread() as EOF may
  174              not be sticky.  For details of such systems, see:
  175              https://sourceware.org/bugzilla/show_bug.cgi?id=1190  */
  176           if (((off_t) sum >= target) || feof (stream))
  177             goto process_partial_block;
  178 
  179           n = fread (buffer + sum, 1, target - sum, stream);
  180           sum += n;
  181 
  182           if (sum == BLOCKSIZE)
  183             break;
  184 
  185           if (n == 0)
  186             {
  187               /* Check for the error flag IFF N == 0, so that we don't
  188                  exit the loop after a partial read due to e.g., EAGAIN
  189                  or EWOULDBLOCK.  */
  190               if (ferror (stream))
  191                 {
  192                   free (buffer);
  193                   return 1;
  194                 }
  195               goto process_partial_block;
  196             }
  197         }
  198       total += (off_t) sum;
  199 
  200       /* Process buffer with BLOCKSIZE bytes.  Note that
  201                         BLOCKSIZE % 64 == 0
  202        */
  203       sha1_process_block (buffer, BLOCKSIZE, &ctx);
  204     }
  205 
  206  process_partial_block:;
  207 
  208   /* Process any remaining bytes.  */
  209   if (sum > 0)
  210     sha1_process_bytes (buffer, sum, &ctx);
  211 
  212   /* Construct result in desired memory.  */
  213   sha1_finish_ctx (&ctx, resblock);
  214   free (buffer);
  215   return 0;
  216 }
  217 
  218 /* Compute SHA1 message digest for LEN bytes beginning at BUFFER.  The
  219    result is always in little endian byte order, so that a byte-wise
  220    output yields to the wanted ASCII representation of the message
  221    digest.  */
  222 void *
  223 sha1_buffer (const char *buffer, size_t len, void *resblock)
  224 {
  225   struct sha1_ctx ctx;
  226 
  227   /* Initialize the computation context.  */
  228   sha1_init_ctx (&ctx);
  229 
  230   /* Process whole buffer but last len % 64 bytes.  */
  231   sha1_process_bytes (buffer, len, &ctx);
  232 
  233   /* Put result in desired memory area.  */
  234   return sha1_finish_ctx (&ctx, resblock);
  235 }
  236 
  237 void
  238 sha1_process_bytes (const void *buffer, size_t len, struct sha1_ctx *ctx)
  239 {
  240   /* When we already have some bits in our internal buffer concatenate
  241      both inputs first.  */
  242   if (ctx->buflen != 0)
  243     {
  244       size_t left_over = ctx->buflen;
  245       size_t add = 128 - left_over > len ? len : 128 - left_over;
  246 
  247       memcpy (&((char *) ctx->buffer)[left_over], buffer, add);
  248       ctx->buflen += add;
  249 
  250       if (ctx->buflen > 64)
  251         {
  252           sha1_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
  253 
  254           ctx->buflen &= 63;
  255           /* The regions in the following copy operation cannot overlap,
  256              because ctx->buflen < 64 ≤ (left_over + add) & ~63.  */
  257           memcpy (ctx->buffer,
  258                   &((char *) ctx->buffer)[(left_over + add) & ~63],
  259                   ctx->buflen);
  260         }
  261 
  262       buffer = (const char *) buffer + add;
  263       len -= add;
  264     }
  265 
  266   /* Process available complete blocks.  */
  267   if (len >= 64)
  268     {
  269 #if !(_STRING_ARCH_unaligned || _STRING_INLINE_unaligned)
  270 # define UNALIGNED_P(p) ((uintptr_t) (p) % alignof (uint32_t) != 0)
  271       if (UNALIGNED_P (buffer))
  272         while (len > 64)
  273           {
  274             sha1_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
  275             buffer = (const char *) buffer + 64;
  276             len -= 64;
  277           }
  278       else
  279 #endif
  280         {
  281           sha1_process_block (buffer, len & ~63, ctx);
  282           buffer = (const char *) buffer + (len & ~63);
  283           len &= 63;
  284         }
  285     }
  286 
  287   /* Move remaining bytes in internal buffer.  */
  288   if (len > 0)
  289     {
  290       size_t left_over = ctx->buflen;
  291 
  292       memcpy (&((char *) ctx->buffer)[left_over], buffer, len);
  293       left_over += len;
  294       if (left_over >= 64)
  295         {
  296           sha1_process_block (ctx->buffer, 64, ctx);
  297           left_over -= 64;
  298           /* The regions in the following copy operation cannot overlap,
  299              because left_over ≤ 64.  */
  300           memcpy (ctx->buffer, &ctx->buffer[16], left_over);
  301         }
  302       ctx->buflen = left_over;
  303     }
  304 }
  305 
  306 /* --- Code below is the primary difference between md5.c and sha1.c --- */
  307 
  308 /* SHA1 round constants */
  309 #define K1 0x5a827999
  310 #define K2 0x6ed9eba1
  311 #define K3 0x8f1bbcdc
  312 #define K4 0xca62c1d6
  313 
  314 /* Round functions.  Note that F2 is the same as F4.  */
  315 #define F1(B,C,D) ( D ^ ( B & ( C ^ D ) ) )
  316 #define F2(B,C,D) (B ^ C ^ D)
  317 #define F3(B,C,D) ( ( B & C ) | ( D & ( B | C ) ) )
  318 #define F4(B,C,D) (B ^ C ^ D)
  319 
  320 /* Process LEN bytes of BUFFER, accumulating context into CTX.
  321    It is assumed that LEN % 64 == 0.
  322    Most of this code comes from GnuPG's cipher/sha1.c.  */
  323 
  324 void
  325 sha1_process_block (const void *buffer, size_t len, struct sha1_ctx *ctx)
  326 {
  327   const uint32_t *words = buffer;
  328   size_t nwords = len / sizeof (uint32_t);
  329   const uint32_t *endp = words + nwords;
  330   uint32_t x[16];
  331   uint32_t a = ctx->A;
  332   uint32_t b = ctx->B;
  333   uint32_t c = ctx->C;
  334   uint32_t d = ctx->D;
  335   uint32_t e = ctx->E;
  336   uint32_t lolen = len;
  337 
  338   /* First increment the byte count.  RFC 1321 specifies the possible
  339      length of the file up to 2^64 bits.  Here we only compute the
  340      number of bytes.  Do a double word increment.  */
  341   ctx->total[0] += lolen;
  342   ctx->total[1] += (len >> 31 >> 1) + (ctx->total[0] < lolen);
  343 
  344 #define rol(x, n) (((x) << (n)) | ((uint32_t) (x) >> (32 - (n))))
  345 
  346 #define M(I) ( tm =   x[I&0x0f] ^ x[(I-14)&0x0f] \
  347                     ^ x[(I-8)&0x0f] ^ x[(I-3)&0x0f] \
  348                , (x[I&0x0f] = rol(tm, 1)) )
  349 
  350 #define R(A,B,C,D,E,F,K,M)  do { E += rol( A, 5 )     \
  351                                       + F( B, C, D )  \
  352                                       + K             \
  353                                       + M;            \
  354                                  B = rol( B, 30 );    \
  355                                } while(0)
  356 
  357   while (words < endp)
  358     {
  359       uint32_t tm;
  360       int t;
  361       for (t = 0; t < 16; t++)
  362         {
  363           x[t] = SWAP (*words);
  364           words++;
  365         }
  366 
  367       R( a, b, c, d, e, F1, K1, x[ 0] );
  368       R( e, a, b, c, d, F1, K1, x[ 1] );
  369       R( d, e, a, b, c, F1, K1, x[ 2] );
  370       R( c, d, e, a, b, F1, K1, x[ 3] );
  371       R( b, c, d, e, a, F1, K1, x[ 4] );
  372       R( a, b, c, d, e, F1, K1, x[ 5] );
  373       R( e, a, b, c, d, F1, K1, x[ 6] );
  374       R( d, e, a, b, c, F1, K1, x[ 7] );
  375       R( c, d, e, a, b, F1, K1, x[ 8] );
  376       R( b, c, d, e, a, F1, K1, x[ 9] );
  377       R( a, b, c, d, e, F1, K1, x[10] );
  378       R( e, a, b, c, d, F1, K1, x[11] );
  379       R( d, e, a, b, c, F1, K1, x[12] );
  380       R( c, d, e, a, b, F1, K1, x[13] );
  381       R( b, c, d, e, a, F1, K1, x[14] );
  382       R( a, b, c, d, e, F1, K1, x[15] );
  383       R( e, a, b, c, d, F1, K1, M(16) );
  384       R( d, e, a, b, c, F1, K1, M(17) );
  385       R( c, d, e, a, b, F1, K1, M(18) );
  386       R( b, c, d, e, a, F1, K1, M(19) );
  387       R( a, b, c, d, e, F2, K2, M(20) );
  388       R( e, a, b, c, d, F2, K2, M(21) );
  389       R( d, e, a, b, c, F2, K2, M(22) );
  390       R( c, d, e, a, b, F2, K2, M(23) );
  391       R( b, c, d, e, a, F2, K2, M(24) );
  392       R( a, b, c, d, e, F2, K2, M(25) );
  393       R( e, a, b, c, d, F2, K2, M(26) );
  394       R( d, e, a, b, c, F2, K2, M(27) );
  395       R( c, d, e, a, b, F2, K2, M(28) );
  396       R( b, c, d, e, a, F2, K2, M(29) );
  397       R( a, b, c, d, e, F2, K2, M(30) );
  398       R( e, a, b, c, d, F2, K2, M(31) );
  399       R( d, e, a, b, c, F2, K2, M(32) );
  400       R( c, d, e, a, b, F2, K2, M(33) );
  401       R( b, c, d, e, a, F2, K2, M(34) );
  402       R( a, b, c, d, e, F2, K2, M(35) );
  403       R( e, a, b, c, d, F2, K2, M(36) );
  404       R( d, e, a, b, c, F2, K2, M(37) );
  405       R( c, d, e, a, b, F2, K2, M(38) );
  406       R( b, c, d, e, a, F2, K2, M(39) );
  407       R( a, b, c, d, e, F3, K3, M(40) );
  408       R( e, a, b, c, d, F3, K3, M(41) );
  409       R( d, e, a, b, c, F3, K3, M(42) );
  410       R( c, d, e, a, b, F3, K3, M(43) );
  411       R( b, c, d, e, a, F3, K3, M(44) );
  412       R( a, b, c, d, e, F3, K3, M(45) );
  413       R( e, a, b, c, d, F3, K3, M(46) );
  414       R( d, e, a, b, c, F3, K3, M(47) );
  415       R( c, d, e, a, b, F3, K3, M(48) );
  416       R( b, c, d, e, a, F3, K3, M(49) );
  417       R( a, b, c, d, e, F3, K3, M(50) );
  418       R( e, a, b, c, d, F3, K3, M(51) );
  419       R( d, e, a, b, c, F3, K3, M(52) );
  420       R( c, d, e, a, b, F3, K3, M(53) );
  421       R( b, c, d, e, a, F3, K3, M(54) );
  422       R( a, b, c, d, e, F3, K3, M(55) );
  423       R( e, a, b, c, d, F3, K3, M(56) );
  424       R( d, e, a, b, c, F3, K3, M(57) );
  425       R( c, d, e, a, b, F3, K3, M(58) );
  426       R( b, c, d, e, a, F3, K3, M(59) );
  427       R( a, b, c, d, e, F4, K4, M(60) );
  428       R( e, a, b, c, d, F4, K4, M(61) );
  429       R( d, e, a, b, c, F4, K4, M(62) );
  430       R( c, d, e, a, b, F4, K4, M(63) );
  431       R( b, c, d, e, a, F4, K4, M(64) );
  432       R( a, b, c, d, e, F4, K4, M(65) );
  433       R( e, a, b, c, d, F4, K4, M(66) );
  434       R( d, e, a, b, c, F4, K4, M(67) );
  435       R( c, d, e, a, b, F4, K4, M(68) );
  436       R( b, c, d, e, a, F4, K4, M(69) );
  437       R( a, b, c, d, e, F4, K4, M(70) );
  438       R( e, a, b, c, d, F4, K4, M(71) );
  439       R( d, e, a, b, c, F4, K4, M(72) );
  440       R( c, d, e, a, b, F4, K4, M(73) );
  441       R( b, c, d, e, a, F4, K4, M(74) );
  442       R( a, b, c, d, e, F4, K4, M(75) );
  443       R( e, a, b, c, d, F4, K4, M(76) );
  444       R( d, e, a, b, c, F4, K4, M(77) );
  445       R( c, d, e, a, b, F4, K4, M(78) );
  446       R( b, c, d, e, a, F4, K4, M(79) );
  447 
  448       a = ctx->A += a;
  449       b = ctx->B += b;
  450       c = ctx->C += c;
  451       d = ctx->D += d;
  452       e = ctx->E += e;
  453     }
  454 }