2 * FIPS-180-1 compliant SHA-1 implementation
6 * Copyright (C) 2001-2003 Christophe Devine
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 * Changed to use guint instead of uint 2004 by Anders Broman
23 * Original code found at http://www.cr0.net:8040/code/crypto/sha1/
24 * References: http://www.ietf.org/rfc/rfc3174.txt?number=3174
30 #include <epan/sha1.h>
32 #define GET_UINT32(n,b,i) \
34 (n) = ( (guint32) (b)[(i) ] << 24 ) \
35 | ( (guint32) (b)[(i) + 1] << 16 ) \
36 | ( (guint32) (b)[(i) + 2] << 8 ) \
37 | ( (guint32) (b)[(i) + 3] ); \
40 #define PUT_UINT32(n,b,i) \
42 (b)[(i) ] = (guint8) ( (n) >> 24 ); \
43 (b)[(i) + 1] = (guint8) ( (n) >> 16 ); \
44 (b)[(i) + 2] = (guint8) ( (n) >> 8 ); \
45 (b)[(i) + 3] = (guint8) ( (n) ); \
48 void sha1_starts( sha1_context *ctx )
53 ctx->state[0] = 0x67452301;
54 ctx->state[1] = 0xEFCDAB89;
55 ctx->state[2] = 0x98BADCFE;
56 ctx->state[3] = 0x10325476;
57 ctx->state[4] = 0xC3D2E1F0;
60 static void sha1_process( sha1_context *ctx, const guint8 data[64] )
62 guint32 temp, W[16], A, B, C, D, E;
64 GET_UINT32( W[0], data, 0 );
65 GET_UINT32( W[1], data, 4 );
66 GET_UINT32( W[2], data, 8 );
67 GET_UINT32( W[3], data, 12 );
68 GET_UINT32( W[4], data, 16 );
69 GET_UINT32( W[5], data, 20 );
70 GET_UINT32( W[6], data, 24 );
71 GET_UINT32( W[7], data, 28 );
72 GET_UINT32( W[8], data, 32 );
73 GET_UINT32( W[9], data, 36 );
74 GET_UINT32( W[10], data, 40 );
75 GET_UINT32( W[11], data, 44 );
76 GET_UINT32( W[12], data, 48 );
77 GET_UINT32( W[13], data, 52 );
78 GET_UINT32( W[14], data, 56 );
79 GET_UINT32( W[15], data, 60 );
81 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
85 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \
86 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \
87 ( W[t & 0x0F] = S(temp,1) ) \
90 #define P(a,b,c,d,e,x) \
92 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
101 #define F(x,y,z) (z ^ (x & (y ^ z)))
104 P( A, B, C, D, E, W[0] );
105 P( E, A, B, C, D, W[1] );
106 P( D, E, A, B, C, W[2] );
107 P( C, D, E, A, B, W[3] );
108 P( B, C, D, E, A, W[4] );
109 P( A, B, C, D, E, W[5] );
110 P( E, A, B, C, D, W[6] );
111 P( D, E, A, B, C, W[7] );
112 P( C, D, E, A, B, W[8] );
113 P( B, C, D, E, A, W[9] );
114 P( A, B, C, D, E, W[10] );
115 P( E, A, B, C, D, W[11] );
116 P( D, E, A, B, C, W[12] );
117 P( C, D, E, A, B, W[13] );
118 P( B, C, D, E, A, W[14] );
119 P( A, B, C, D, E, W[15] );
120 P( E, A, B, C, D, R(16) );
121 P( D, E, A, B, C, R(17) );
122 P( C, D, E, A, B, R(18) );
123 P( B, C, D, E, A, R(19) );
128 #define F(x,y,z) (x ^ y ^ z)
131 P( A, B, C, D, E, R(20) );
132 P( E, A, B, C, D, R(21) );
133 P( D, E, A, B, C, R(22) );
134 P( C, D, E, A, B, R(23) );
135 P( B, C, D, E, A, R(24) );
136 P( A, B, C, D, E, R(25) );
137 P( E, A, B, C, D, R(26) );
138 P( D, E, A, B, C, R(27) );
139 P( C, D, E, A, B, R(28) );
140 P( B, C, D, E, A, R(29) );
141 P( A, B, C, D, E, R(30) );
142 P( E, A, B, C, D, R(31) );
143 P( D, E, A, B, C, R(32) );
144 P( C, D, E, A, B, R(33) );
145 P( B, C, D, E, A, R(34) );
146 P( A, B, C, D, E, R(35) );
147 P( E, A, B, C, D, R(36) );
148 P( D, E, A, B, C, R(37) );
149 P( C, D, E, A, B, R(38) );
150 P( B, C, D, E, A, R(39) );
155 #define F(x,y,z) ((x & y) | (z & (x | y)))
158 P( A, B, C, D, E, R(40) );
159 P( E, A, B, C, D, R(41) );
160 P( D, E, A, B, C, R(42) );
161 P( C, D, E, A, B, R(43) );
162 P( B, C, D, E, A, R(44) );
163 P( A, B, C, D, E, R(45) );
164 P( E, A, B, C, D, R(46) );
165 P( D, E, A, B, C, R(47) );
166 P( C, D, E, A, B, R(48) );
167 P( B, C, D, E, A, R(49) );
168 P( A, B, C, D, E, R(50) );
169 P( E, A, B, C, D, R(51) );
170 P( D, E, A, B, C, R(52) );
171 P( C, D, E, A, B, R(53) );
172 P( B, C, D, E, A, R(54) );
173 P( A, B, C, D, E, R(55) );
174 P( E, A, B, C, D, R(56) );
175 P( D, E, A, B, C, R(57) );
176 P( C, D, E, A, B, R(58) );
177 P( B, C, D, E, A, R(59) );
182 #define F(x,y,z) (x ^ y ^ z)
185 P( A, B, C, D, E, R(60) );
186 P( E, A, B, C, D, R(61) );
187 P( D, E, A, B, C, R(62) );
188 P( C, D, E, A, B, R(63) );
189 P( B, C, D, E, A, R(64) );
190 P( A, B, C, D, E, R(65) );
191 P( E, A, B, C, D, R(66) );
192 P( D, E, A, B, C, R(67) );
193 P( C, D, E, A, B, R(68) );
194 P( B, C, D, E, A, R(69) );
195 P( A, B, C, D, E, R(70) );
196 P( E, A, B, C, D, R(71) );
197 P( D, E, A, B, C, R(72) );
198 P( C, D, E, A, B, R(73) );
199 P( B, C, D, E, A, R(74) );
200 P( A, B, C, D, E, R(75) );
201 P( E, A, B, C, D, R(76) );
202 P( D, E, A, B, C, R(77) );
203 P( C, D, E, A, B, R(78) );
204 P( B, C, D, E, A, R(79) );
216 void sha1_update( sha1_context *ctx, const guint8 *input, guint32 length )
220 if( ! length ) return;
222 left = ctx->total[0] & 0x3F;
225 ctx->total[0] += length;
226 ctx->total[0] &= 0xFFFFFFFF;
228 if( ctx->total[0] < length )
231 if( left && length >= fill )
233 memcpy( (void *) (ctx->buffer + left),
234 (const void *) input, fill );
235 sha1_process( ctx, ctx->buffer );
241 while( length >= 64 )
243 sha1_process( ctx, input );
250 memcpy( (void *) (ctx->buffer + left),
251 (const void *) input, length );
255 static guint8 sha1_padding[64] =
257 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
258 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
259 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
260 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
263 void sha1_finish( sha1_context *ctx, guint8 digest[20] )
269 high = ( ctx->total[0] >> 29 )
270 | ( ctx->total[1] << 3 );
271 low = ( ctx->total[0] << 3 );
273 PUT_UINT32( high, msglen, 0 );
274 PUT_UINT32( low, msglen, 4 );
276 last = ctx->total[0] & 0x3F;
277 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
279 sha1_update( ctx, sha1_padding, padn );
280 sha1_update( ctx, msglen, 8 );
282 PUT_UINT32( ctx->state[0], digest, 0 );
283 PUT_UINT32( ctx->state[1], digest, 4 );
284 PUT_UINT32( ctx->state[2], digest, 8 );
285 PUT_UINT32( ctx->state[3], digest, 12 );
286 PUT_UINT32( ctx->state[4], digest, 16 );
296 * those are the standard FIPS-180-1 test vectors
302 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
308 "a9993e364706816aba3e25717850c26c9cd0d89d",
309 "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
310 "34aa973cd4c4daa4f61eeb2bdbad27316534016f"
313 int main( int argc, char *argv[] )
319 unsigned char buf[1000];
320 unsigned char sha1sum[20];
324 printf( "\n SHA-1 Validation Tests:\n\n" );
326 for( i = 0; i < 3; i++ )
328 printf( " Test %d ", i + 1 );
334 sha1_update( &ctx, (uint8 *) msg[i],
339 memset( buf, 'a', 1000 );
341 for( j = 0; j < 1000; j++ )
343 sha1_update( &ctx, (uint8 *) buf, 1000 );
347 sha1_finish( &ctx, sha1sum );
349 for( j = 0; j < 20; j++ )
351 g_snprintf( output + j * 2, 41-j*2, "%02x", sha1sum[j] );
354 if( memcmp( output, val[i], 40 ) )
356 printf( "failed!\n" );
360 printf( "passed.\n" );
367 if( ! ( f = fopen( argv[1], "rb" ) ) )
375 while( ( i = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
377 sha1_update( &ctx, buf, i );
380 sha1_finish( &ctx, sha1sum );
382 for( j = 0; j < 20; j++ )
384 printf( "%02x", sha1sum[j] );
387 printf( " %s\n", argv[1] );