2 * FIPS-180-1 compliant SHA-1 implementation
4 * Copyright (C) 2001-2003 Christophe Devine
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Changed to use guint instead of uint 2004 by Anders Broman
21 * Original code found at http://www.cr0.net:8040/code/crypto/sha1/
22 * References: http://www.ietf.org/rfc/rfc3174.txt?number=3174
30 #define GET_UINT32(n,b,i) \
32 (n) = ( (guint32) (b)[(i) ] << 24 ) \
33 | ( (guint32) (b)[(i) + 1] << 16 ) \
34 | ( (guint32) (b)[(i) + 2] << 8 ) \
35 | ( (guint32) (b)[(i) + 3] ); \
38 #define PUT_UINT32(n,b,i) \
40 (b)[(i) ] = (guint8) ( (n) >> 24 ); \
41 (b)[(i) + 1] = (guint8) ( (n) >> 16 ); \
42 (b)[(i) + 2] = (guint8) ( (n) >> 8 ); \
43 (b)[(i) + 3] = (guint8) ( (n) ); \
46 void sha1_starts( sha1_context *ctx )
51 ctx->state[0] = 0x67452301;
52 ctx->state[1] = 0xEFCDAB89;
53 ctx->state[2] = 0x98BADCFE;
54 ctx->state[3] = 0x10325476;
55 ctx->state[4] = 0xC3D2E1F0;
58 void sha1_process( sha1_context *ctx, guint8 data[64] )
60 guint32 temp, W[16], A, B, C, D, E;
62 GET_UINT32( W[0], data, 0 );
63 GET_UINT32( W[1], data, 4 );
64 GET_UINT32( W[2], data, 8 );
65 GET_UINT32( W[3], data, 12 );
66 GET_UINT32( W[4], data, 16 );
67 GET_UINT32( W[5], data, 20 );
68 GET_UINT32( W[6], data, 24 );
69 GET_UINT32( W[7], data, 28 );
70 GET_UINT32( W[8], data, 32 );
71 GET_UINT32( W[9], data, 36 );
72 GET_UINT32( W[10], data, 40 );
73 GET_UINT32( W[11], data, 44 );
74 GET_UINT32( W[12], data, 48 );
75 GET_UINT32( W[13], data, 52 );
76 GET_UINT32( W[14], data, 56 );
77 GET_UINT32( W[15], data, 60 );
79 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
83 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \
84 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \
85 ( W[t & 0x0F] = S(temp,1) ) \
88 #define P(a,b,c,d,e,x) \
90 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
99 #define F(x,y,z) (z ^ (x & (y ^ z)))
102 P( A, B, C, D, E, W[0] );
103 P( E, A, B, C, D, W[1] );
104 P( D, E, A, B, C, W[2] );
105 P( C, D, E, A, B, W[3] );
106 P( B, C, D, E, A, W[4] );
107 P( A, B, C, D, E, W[5] );
108 P( E, A, B, C, D, W[6] );
109 P( D, E, A, B, C, W[7] );
110 P( C, D, E, A, B, W[8] );
111 P( B, C, D, E, A, W[9] );
112 P( A, B, C, D, E, W[10] );
113 P( E, A, B, C, D, W[11] );
114 P( D, E, A, B, C, W[12] );
115 P( C, D, E, A, B, W[13] );
116 P( B, C, D, E, A, W[14] );
117 P( A, B, C, D, E, W[15] );
118 P( E, A, B, C, D, R(16) );
119 P( D, E, A, B, C, R(17) );
120 P( C, D, E, A, B, R(18) );
121 P( B, C, D, E, A, R(19) );
126 #define F(x,y,z) (x ^ y ^ z)
129 P( A, B, C, D, E, R(20) );
130 P( E, A, B, C, D, R(21) );
131 P( D, E, A, B, C, R(22) );
132 P( C, D, E, A, B, R(23) );
133 P( B, C, D, E, A, R(24) );
134 P( A, B, C, D, E, R(25) );
135 P( E, A, B, C, D, R(26) );
136 P( D, E, A, B, C, R(27) );
137 P( C, D, E, A, B, R(28) );
138 P( B, C, D, E, A, R(29) );
139 P( A, B, C, D, E, R(30) );
140 P( E, A, B, C, D, R(31) );
141 P( D, E, A, B, C, R(32) );
142 P( C, D, E, A, B, R(33) );
143 P( B, C, D, E, A, R(34) );
144 P( A, B, C, D, E, R(35) );
145 P( E, A, B, C, D, R(36) );
146 P( D, E, A, B, C, R(37) );
147 P( C, D, E, A, B, R(38) );
148 P( B, C, D, E, A, R(39) );
153 #define F(x,y,z) ((x & y) | (z & (x | y)))
156 P( A, B, C, D, E, R(40) );
157 P( E, A, B, C, D, R(41) );
158 P( D, E, A, B, C, R(42) );
159 P( C, D, E, A, B, R(43) );
160 P( B, C, D, E, A, R(44) );
161 P( A, B, C, D, E, R(45) );
162 P( E, A, B, C, D, R(46) );
163 P( D, E, A, B, C, R(47) );
164 P( C, D, E, A, B, R(48) );
165 P( B, C, D, E, A, R(49) );
166 P( A, B, C, D, E, R(50) );
167 P( E, A, B, C, D, R(51) );
168 P( D, E, A, B, C, R(52) );
169 P( C, D, E, A, B, R(53) );
170 P( B, C, D, E, A, R(54) );
171 P( A, B, C, D, E, R(55) );
172 P( E, A, B, C, D, R(56) );
173 P( D, E, A, B, C, R(57) );
174 P( C, D, E, A, B, R(58) );
175 P( B, C, D, E, A, R(59) );
180 #define F(x,y,z) (x ^ y ^ z)
183 P( A, B, C, D, E, R(60) );
184 P( E, A, B, C, D, R(61) );
185 P( D, E, A, B, C, R(62) );
186 P( C, D, E, A, B, R(63) );
187 P( B, C, D, E, A, R(64) );
188 P( A, B, C, D, E, R(65) );
189 P( E, A, B, C, D, R(66) );
190 P( D, E, A, B, C, R(67) );
191 P( C, D, E, A, B, R(68) );
192 P( B, C, D, E, A, R(69) );
193 P( A, B, C, D, E, R(70) );
194 P( E, A, B, C, D, R(71) );
195 P( D, E, A, B, C, R(72) );
196 P( C, D, E, A, B, R(73) );
197 P( B, C, D, E, A, R(74) );
198 P( A, B, C, D, E, R(75) );
199 P( E, A, B, C, D, R(76) );
200 P( D, E, A, B, C, R(77) );
201 P( C, D, E, A, B, R(78) );
202 P( B, C, D, E, A, R(79) );
214 void sha1_update( sha1_context *ctx, guint8 *input, guint32 length )
218 if( ! length ) return;
220 left = ctx->total[0] & 0x3F;
223 ctx->total[0] += length;
224 ctx->total[0] &= 0xFFFFFFFF;
226 if( ctx->total[0] < length )
229 if( left && length >= fill )
231 memcpy( (void *) (ctx->buffer + left),
232 (void *) input, fill );
233 sha1_process( ctx, ctx->buffer );
239 while( length >= 64 )
241 sha1_process( ctx, input );
248 memcpy( (void *) (ctx->buffer + left),
249 (void *) input, length );
253 static guint8 sha1_padding[64] =
255 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
256 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
257 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
258 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
261 void sha1_finish( sha1_context *ctx, guint8 digest[20] )
267 high = ( ctx->total[0] >> 29 )
268 | ( ctx->total[1] << 3 );
269 low = ( ctx->total[0] << 3 );
271 PUT_UINT32( high, msglen, 0 );
272 PUT_UINT32( low, msglen, 4 );
274 last = ctx->total[0] & 0x3F;
275 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
277 sha1_update( ctx, sha1_padding, padn );
278 sha1_update( ctx, msglen, 8 );
280 PUT_UINT32( ctx->state[0], digest, 0 );
281 PUT_UINT32( ctx->state[1], digest, 4 );
282 PUT_UINT32( ctx->state[2], digest, 8 );
283 PUT_UINT32( ctx->state[3], digest, 12 );
284 PUT_UINT32( ctx->state[4], digest, 16 );
294 * those are the standard FIPS-180-1 test vectors
300 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
306 "a9993e364706816aba3e25717850c26c9cd0d89d",
307 "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
308 "34aa973cd4c4daa4f61eeb2bdbad27316534016f"
311 int main( int argc, char *argv[] )
317 unsigned char buf[1000];
318 unsigned char sha1sum[20];
322 printf( "\n SHA-1 Validation Tests:\n\n" );
324 for( i = 0; i < 3; i++ )
326 printf( " Test %d ", i + 1 );
332 sha1_update( &ctx, (uint8 *) msg[i],
337 memset( buf, 'a', 1000 );
339 for( j = 0; j < 1000; j++ )
341 sha1_update( &ctx, (uint8 *) buf, 1000 );
345 sha1_finish( &ctx, sha1sum );
347 for( j = 0; j < 20; j++ )
349 sprintf( output + j * 2, "%02x", sha1sum[j] );
352 if( memcmp( output, val[i], 40 ) )
354 printf( "failed!\n" );
358 printf( "passed.\n" );
365 if( ! ( f = fopen( argv[1], "rb" ) ) )
373 while( ( i = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
375 sha1_update( &ctx, buf, i );
378 sha1_finish( &ctx, sha1sum );
380 for( j = 0; j < 20; j++ )
382 printf( "%02x", sha1sum[j] );
385 printf( " %s\n", argv[1] );