Geremia G
Fork of François Berder Crypto, fixed AES CBC and small rework
Dependents: AES_example shaun_larada Smartage
Fork of
Crypto
by 
Francois Berder
SHA1.cpp@3:85c6ee25cf3e, 2013-09-11 (annotated)
- Committer:
- feb11
- Date:
- Wed Sep 11 17:22:40 2013 +0000
- Revision:
- 3:85c6ee25cf3e
- Parent:
- 2:473bac39ae7c
- Child:
- 4:0da19393bd57
improved speed of MD2, MD5, SHA-1 and SHA-2 (32bits)
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| feb11 | 0:7a1237bd2d13 | 1 | #include "SHA1.h" |
| feb11 | 0:7a1237bd2d13 | 2 | #include <string.h> |
| feb11 | 3:85c6ee25cf3e | 3 | #include <stdio.h> |
| feb11 | 3:85c6ee25cf3e | 4 | #include <stdlib.h> |
| feb11 | 0:7a1237bd2d13 | 5 | |
| feb11 | 3:85c6ee25cf3e | 6 | #define F0(B,C,D) ((B & C) | ((~B) & D)) |
| feb11 | 3:85c6ee25cf3e | 7 | #define F1(B,C,D) (B ^ C ^ D) |
| feb11 | 3:85c6ee25cf3e | 8 | #define F2(B,C,D) ((B & C) | (B & D) | (C & D)) |
| feb11 | 3:85c6ee25cf3e | 9 | #define ROTL(W,N) (((W) << N) | ((W) >> (32-N))) |
| feb11 | 3:85c6ee25cf3e | 10 | |
| feb11 | 3:85c6ee25cf3e | 11 | static const uint32_t K0 = 0x5A827999; |
| feb11 | 3:85c6ee25cf3e | 12 | static const uint32_t K1 = 0x6ED9EBA1; |
| feb11 | 3:85c6ee25cf3e | 13 | static const uint32_t K2 = 0x8F1BBCDC; |
| feb11 | 3:85c6ee25cf3e | 14 | static const uint32_t K3 = 0xCA62C1D6; |
| feb11 | 0:7a1237bd2d13 | 15 | |
| feb11 | 0:7a1237bd2d13 | 16 | |
| feb11 | 0:7a1237bd2d13 | 17 | static const uint32_t H0 = 0x67452301; |
| feb11 | 0:7a1237bd2d13 | 18 | static const uint32_t H1 = 0xEFCDAB89; |
| feb11 | 0:7a1237bd2d13 | 19 | static const uint32_t H2 = 0x98BADCFE; |
| feb11 | 0:7a1237bd2d13 | 20 | static const uint32_t H3 = 0x10325476; |
| feb11 | 0:7a1237bd2d13 | 21 | static const uint32_t H4 = 0xC3D2E1F0; |
| feb11 | 3:85c6ee25cf3e | 22 | |
| feb11 | 3:85c6ee25cf3e | 23 | static const uint32_t MASK = 0xF; |
| feb11 | 3:85c6ee25cf3e | 24 | |
| feb11 | 3:85c6ee25cf3e | 25 | #define W(s) ( w[s] = ROTL(w[((s) + 13) & MASK] ^ w[((s) + 8) & MASK] ^ w[((s) + 2) & MASK] ^ w[s],1)) |
| feb11 | 0:7a1237bd2d13 | 26 | |
| feb11 | 3:85c6ee25cf3e | 27 | #define R0(A,B,C,D,E,T) E += ROTL(A, 5) + F0(B, C, D) + w[T] + K0; \ |
| feb11 | 3:85c6ee25cf3e | 28 | B = ROTL(B,30); |
| feb11 | 3:85c6ee25cf3e | 29 | #define R1(A,B,C,D,E,T) E += ROTL(A, 5) + F0(B, C, D) + W(T & MASK) + K0; \ |
| feb11 | 3:85c6ee25cf3e | 30 | B = ROTL(B,30); |
| feb11 | 3:85c6ee25cf3e | 31 | #define R2(A,B,C,D,E,T) E += ROTL(A, 5) + F1(B, C, D) + W(T & MASK) + K1; \ |
| feb11 | 3:85c6ee25cf3e | 32 | B = ROTL(B,30); |
| feb11 | 3:85c6ee25cf3e | 33 | #define R3(A,B,C,D,E,T) E += ROTL(A, 5) + F2(B, C, D) + W(T & MASK) + K2; \ |
| feb11 | 3:85c6ee25cf3e | 34 | B = ROTL(B,30); |
| feb11 | 3:85c6ee25cf3e | 35 | #define R4(A,B,C,D,E,T) E += ROTL(A, 5) + F1(B, C, D) + W(T & MASK) + K3; \ |
| feb11 | 3:85c6ee25cf3e | 36 | B = ROTL(B,30); |
| feb11 | 0:7a1237bd2d13 | 37 | |
| feb11 | 3:85c6ee25cf3e | 38 | |
| feb11 | 0:7a1237bd2d13 | 39 | SHA1::SHA1(): |
| feb11 | 0:7a1237bd2d13 | 40 | HashAlgorithm(), |
| feb11 | 0:7a1237bd2d13 | 41 | h0(H0), |
| feb11 | 0:7a1237bd2d13 | 42 | h1(H1), |
| feb11 | 0:7a1237bd2d13 | 43 | h2(H2), |
| feb11 | 0:7a1237bd2d13 | 44 | h3(H3), |
| feb11 | 0:7a1237bd2d13 | 45 | h4(H4), |
| feb11 | 0:7a1237bd2d13 | 46 | totalBufferLength(0), |
| feb11 | 0:7a1237bd2d13 | 47 | buffer(), |
| feb11 | 0:7a1237bd2d13 | 48 | bufferLength(0) |
| feb11 | 0:7a1237bd2d13 | 49 | { |
| feb11 | 0:7a1237bd2d13 | 50 | } |
| feb11 | 0:7a1237bd2d13 | 51 | |
| feb11 | 0:7a1237bd2d13 | 52 | uint8_t SHA1::outputSize() const |
| feb11 | 0:7a1237bd2d13 | 53 | { |
| feb11 | 0:7a1237bd2d13 | 54 | return 20; |
| feb11 | 0:7a1237bd2d13 | 55 | } |
| feb11 | 0:7a1237bd2d13 | 56 | |
| feb11 | 0:7a1237bd2d13 | 57 | void SHA1::add(uint8_t *in, uint32_t length) |
| feb11 | 0:7a1237bd2d13 | 58 | { |
| feb11 | 0:7a1237bd2d13 | 59 | if(length < 64-bufferLength) |
| feb11 | 0:7a1237bd2d13 | 60 | { |
| feb11 | 0:7a1237bd2d13 | 61 | memcpy(&buffer[bufferLength], in, length); |
| feb11 | 0:7a1237bd2d13 | 62 | bufferLength += length; |
| feb11 | 0:7a1237bd2d13 | 63 | totalBufferLength += length; |
| feb11 | 0:7a1237bd2d13 | 64 | return; |
| feb11 | 0:7a1237bd2d13 | 65 | } |
| feb11 | 0:7a1237bd2d13 | 66 | int offset = 64-bufferLength; |
| feb11 | 0:7a1237bd2d13 | 67 | memcpy(&buffer[bufferLength], in, offset); |
| feb11 | 0:7a1237bd2d13 | 68 | computeBlock(&h0,&h1,&h2,&h3,&h4, buffer); |
| feb11 | 0:7a1237bd2d13 | 69 | while(length-offset > 64) |
| feb11 | 0:7a1237bd2d13 | 70 | { |
| feb11 | 0:7a1237bd2d13 | 71 | memcpy(buffer, &in[offset], 64); |
| feb11 | 0:7a1237bd2d13 | 72 | computeBlock(&h0,&h1,&h2,&h3,&h4, buffer); |
| feb11 | 0:7a1237bd2d13 | 73 | offset += 64; |
| feb11 | 0:7a1237bd2d13 | 74 | } |
| feb11 | 0:7a1237bd2d13 | 75 | if(offset > length) |
| feb11 | 0:7a1237bd2d13 | 76 | offset -= 64; |
| feb11 | 0:7a1237bd2d13 | 77 | bufferLength = length - offset; |
| feb11 | 0:7a1237bd2d13 | 78 | memcpy(buffer, &in[offset], bufferLength); |
| feb11 | 0:7a1237bd2d13 | 79 | totalBufferLength += length; |
| feb11 | 0:7a1237bd2d13 | 80 | } |
| feb11 | 0:7a1237bd2d13 | 81 | |
| feb11 | 0:7a1237bd2d13 | 82 | void SHA1::computeDigest(uint8_t *digest) |
| feb11 | 0:7a1237bd2d13 | 83 | { |
| feb11 | 3:85c6ee25cf3e | 84 | uint32_t *digest2 = (uint32_t*)digest; |
| feb11 | 0:7a1237bd2d13 | 85 | uint16_t padding; |
| feb11 | 0:7a1237bd2d13 | 86 | if(totalBufferLength % 64 < 56) |
| feb11 | 0:7a1237bd2d13 | 87 | padding = 56 - (totalBufferLength % 64); |
| feb11 | 0:7a1237bd2d13 | 88 | else |
| feb11 | 0:7a1237bd2d13 | 89 | padding = 56 + (64 - (totalBufferLength % 64)); |
| feb11 | 3:85c6ee25cf3e | 90 | |
| feb11 | 3:85c6ee25cf3e | 91 | buffer[bufferLength++] = 0x80; |
| feb11 | 3:85c6ee25cf3e | 92 | padding--; |
| feb11 | 3:85c6ee25cf3e | 93 | if(padding+bufferLength == 56) |
| feb11 | 3:85c6ee25cf3e | 94 | memset(&buffer[bufferLength], 0, padding); |
| feb11 | 3:85c6ee25cf3e | 95 | else |
| feb11 | 3:85c6ee25cf3e | 96 | { |
| feb11 | 3:85c6ee25cf3e | 97 | memset(&buffer[bufferLength], 0, 64-bufferLength); |
| feb11 | 3:85c6ee25cf3e | 98 | computeBlock(&h0,&h1,&h2,&h3,&h4, buffer); |
| feb11 | 3:85c6ee25cf3e | 99 | memset(buffer, 0, 48); |
| feb11 | 3:85c6ee25cf3e | 100 | } |
| feb11 | 3:85c6ee25cf3e | 101 | |
| feb11 | 3:85c6ee25cf3e | 102 | uint64_t lengthBit = totalBufferLength << 3; |
| feb11 | 0:7a1237bd2d13 | 103 | uint32_t lengthBitLow = lengthBit; |
| feb11 | 0:7a1237bd2d13 | 104 | uint32_t lengthBitHigh = lengthBit >> 32; |
| feb11 | 3:85c6ee25cf3e | 105 | lengthBitLow = __rev(lengthBitLow); |
| feb11 | 3:85c6ee25cf3e | 106 | lengthBitHigh = __rev(lengthBitHigh); |
| feb11 | 3:85c6ee25cf3e | 107 | memcpy(&buffer[56], &lengthBitHigh, 4); |
| feb11 | 3:85c6ee25cf3e | 108 | memcpy(&buffer[60], &lengthBitLow, 4); |
| feb11 | 3:85c6ee25cf3e | 109 | computeBlock(&h0,&h1,&h2,&h3,&h4, buffer); |
| feb11 | 3:85c6ee25cf3e | 110 | |
| feb11 | 3:85c6ee25cf3e | 111 | digest2[0] = __rev(h0); |
| feb11 | 3:85c6ee25cf3e | 112 | digest2[1] = __rev(h1); |
| feb11 | 3:85c6ee25cf3e | 113 | digest2[2] = __rev(h2); |
| feb11 | 3:85c6ee25cf3e | 114 | digest2[3] = __rev(h3); |
| feb11 | 3:85c6ee25cf3e | 115 | digest2[4] = __rev(h4); |
| feb11 | 0:7a1237bd2d13 | 116 | |
| feb11 | 0:7a1237bd2d13 | 117 | // reset state |
| feb11 | 0:7a1237bd2d13 | 118 | h0 = H0; |
| feb11 | 0:7a1237bd2d13 | 119 | h1 = H1; |
| feb11 | 0:7a1237bd2d13 | 120 | h2 = H2; |
| feb11 | 0:7a1237bd2d13 | 121 | h3 = H3; |
| feb11 | 0:7a1237bd2d13 | 122 | h4 = H4; |
| feb11 | 0:7a1237bd2d13 | 123 | totalBufferLength = 0; |
| feb11 | 0:7a1237bd2d13 | 124 | bufferLength = 0; |
| feb11 | 0:7a1237bd2d13 | 125 | } |
| feb11 | 0:7a1237bd2d13 | 126 | |
| feb11 | 0:7a1237bd2d13 | 127 | void SHA1::computeBlock(uint32_t *h02, uint32_t *h12, uint32_t *h22, uint32_t *h32, uint32_t *h42, uint8_t *buffer) |
| feb11 | 0:7a1237bd2d13 | 128 | { |
| feb11 | 3:85c6ee25cf3e | 129 | uint32_t *buffer2 = (uint32_t*)buffer; |
| feb11 | 0:7a1237bd2d13 | 130 | uint32_t w[16]; |
| feb11 | 3:85c6ee25cf3e | 131 | for(int t = 0; t < 16; ++t) |
| feb11 | 3:85c6ee25cf3e | 132 | w[t] = __rev(buffer2[t]); |
| feb11 | 0:7a1237bd2d13 | 133 | |
| feb11 | 0:7a1237bd2d13 | 134 | uint32_t a = *h02, b = *h12, c = *h22, d = *h32, e = *h42; |
| feb11 | 3:85c6ee25cf3e | 135 | |
| feb11 | 3:85c6ee25cf3e | 136 | R0(a,b,c,d,e, 0) R0(e,a,b,c,d, 1) R0(d,e,a,b,c, 2) R0(c,d,e,a,b, 3) |
| feb11 | 3:85c6ee25cf3e | 137 | R0(b,c,d,e,a, 4) R0(a,b,c,d,e, 5) R0(e,a,b,c,d, 6) R0(d,e,a,b,c, 7) |
| feb11 | 3:85c6ee25cf3e | 138 | R0(c,d,e,a,b, 8) R0(b,c,d,e,a, 9) R0(a,b,c,d,e,10) R0(e,a,b,c,d,11) |
| feb11 | 3:85c6ee25cf3e | 139 | R0(d,e,a,b,c,12) R0(c,d,e,a,b,13) R0(b,c,d,e,a,14) R0(a,b,c,d,e,15) |
| feb11 | 3:85c6ee25cf3e | 140 | R1(e,a,b,c,d,16) R1(d,e,a,b,c,17) R1(c,d,e,a,b,18) R1(b,c,d,e,a,19) |
| feb11 | 3:85c6ee25cf3e | 141 | |
| feb11 | 3:85c6ee25cf3e | 142 | |
| feb11 | 3:85c6ee25cf3e | 143 | R2(a,b,c,d,e,20) R2(e,a,b,c,d,21) R2(d,e,a,b,c,22) R2(c,d,e,a,b,23) |
| feb11 | 3:85c6ee25cf3e | 144 | R2(b,c,d,e,a,24) R2(a,b,c,d,e,25) R2(e,a,b,c,d,26) R2(d,e,a,b,c,27) |
| feb11 | 3:85c6ee25cf3e | 145 | R2(c,d,e,a,b,28) R2(b,c,d,e,a,29) R2(a,b,c,d,e,30) R2(e,a,b,c,d,31) |
| feb11 | 3:85c6ee25cf3e | 146 | R2(d,e,a,b,c,32) R2(c,d,e,a,b,33) R2(b,c,d,e,a,34) R2(a,b,c,d,e,35) |
| feb11 | 3:85c6ee25cf3e | 147 | R2(e,a,b,c,d,36) R2(d,e,a,b,c,37) R2(c,d,e,a,b,38) R2(b,c,d,e,a,39) |
| feb11 | 3:85c6ee25cf3e | 148 | |
| feb11 | 3:85c6ee25cf3e | 149 | R3(a,b,c,d,e,40) R3(e,a,b,c,d,41) R3(d,e,a,b,c,42) R3(c,d,e,a,b,43) |
| feb11 | 3:85c6ee25cf3e | 150 | R3(b,c,d,e,a,44) R3(a,b,c,d,e,45) R3(e,a,b,c,d,46) R3(d,e,a,b,c,47) |
| feb11 | 3:85c6ee25cf3e | 151 | R3(c,d,e,a,b,48) R3(b,c,d,e,a,49) R3(a,b,c,d,e,50) R3(e,a,b,c,d,51) |
| feb11 | 3:85c6ee25cf3e | 152 | R3(d,e,a,b,c,52) R3(c,d,e,a,b,53) R3(b,c,d,e,a,54) R3(a,b,c,d,e,55) |
| feb11 | 3:85c6ee25cf3e | 153 | R3(e,a,b,c,d,56) R3(d,e,a,b,c,57) R3(c,d,e,a,b,58) R3(b,c,d,e,a,59) |
| feb11 | 3:85c6ee25cf3e | 154 | |
| feb11 | 3:85c6ee25cf3e | 155 | |
| feb11 | 3:85c6ee25cf3e | 156 | R4(a,b,c,d,e,60) R4(e,a,b,c,d,61) R4(d,e,a,b,c,62) R4(c,d,e,a,b,63) |
| feb11 | 3:85c6ee25cf3e | 157 | R4(b,c,d,e,a,64) R4(a,b,c,d,e,65) R4(e,a,b,c,d,66) R4(d,e,a,b,c,67) |
| feb11 | 3:85c6ee25cf3e | 158 | R4(c,d,e,a,b,68) R4(b,c,d,e,a,69) R4(a,b,c,d,e,70) R4(e,a,b,c,d,71) |
| feb11 | 3:85c6ee25cf3e | 159 | R4(d,e,a,b,c,72) R4(c,d,e,a,b,73) R4(b,c,d,e,a,74) R4(a,b,c,d,e,75) |
| feb11 | 3:85c6ee25cf3e | 160 | R4(e,a,b,c,d,76) R4(d,e,a,b,c,77) R4(c,d,e,a,b,78) R4(b,c,d,e,a,79) |
| feb11 | 0:7a1237bd2d13 | 161 | |
| feb11 | 0:7a1237bd2d13 | 162 | *h02 += a; |
| feb11 | 0:7a1237bd2d13 | 163 | *h12 += b; |
| feb11 | 0:7a1237bd2d13 | 164 | *h22 += c; |
| feb11 | 0:7a1237bd2d13 | 165 | *h32 += d; |
| feb11 | 0:7a1237bd2d13 | 166 | *h42 += e; |
| feb11 | 0:7a1237bd2d13 | 167 | } |
| feb11 | 0:7a1237bd2d13 | 168 | |
| feb11 | 0:7a1237bd2d13 | 169 | |
| feb11 | 0:7a1237bd2d13 | 170 | |
| feb11 | 3:85c6ee25cf3e | 171 | /* method 1 */ |
| feb11 | 0:7a1237bd2d13 | 172 | void SHA1::computeDigest(uint8_t *digest, uint8_t *in, uint32_t length) |
| feb11 | 0:7a1237bd2d13 | 173 | { |
| feb11 | 3:85c6ee25cf3e | 174 | uint64_t lengthBit = length << 3; |
| feb11 | 3:85c6ee25cf3e | 175 | uint32_t padding; |
| feb11 | 0:7a1237bd2d13 | 176 | if(length % 64 < 56) |
| feb11 | 0:7a1237bd2d13 | 177 | padding = 56 - (length % 64); |
| feb11 | 0:7a1237bd2d13 | 178 | else |
| feb11 | 0:7a1237bd2d13 | 179 | padding = 56 + (64 - (length % 64)); |
| feb11 | 1:14a7cea431aa | 180 | |
| feb11 | 1:14a7cea431aa | 181 | uint32_t h0 = H0, h1 = H1, h2 = H2, h3 = H3, h4 = H4; |
| feb11 | 3:85c6ee25cf3e | 182 | while(length >= 64) |
| feb11 | 1:14a7cea431aa | 183 | { |
| feb11 | 3:85c6ee25cf3e | 184 | computeBlock(&h0,&h1,&h2,&h3,&h4, in); |
| feb11 | 3:85c6ee25cf3e | 185 | length -= 64; |
| feb11 | 3:85c6ee25cf3e | 186 | in += 64; |
| feb11 | 3:85c6ee25cf3e | 187 | } |
| feb11 | 3:85c6ee25cf3e | 188 | |
| feb11 | 3:85c6ee25cf3e | 189 | uint8_t buffer[64]; |
| feb11 | 3:85c6ee25cf3e | 190 | memcpy(buffer, in, length); |
| feb11 | 3:85c6ee25cf3e | 191 | buffer[length++] = 0x80; |
| feb11 | 3:85c6ee25cf3e | 192 | padding--; |
| feb11 | 3:85c6ee25cf3e | 193 | if(padding+length+8 == 64) |
| feb11 | 3:85c6ee25cf3e | 194 | memset(&buffer[length], 0, padding); |
| feb11 | 3:85c6ee25cf3e | 195 | else |
| feb11 | 3:85c6ee25cf3e | 196 | { |
| feb11 | 3:85c6ee25cf3e | 197 | memset(&buffer[length], 0, 64-length); |
| feb11 | 3:85c6ee25cf3e | 198 | computeBlock(&h0,&h1,&h2,&h3,&h4, buffer); |
| feb11 | 3:85c6ee25cf3e | 199 | memset(buffer, 0, length); |
| feb11 | 1:14a7cea431aa | 200 | } |
| feb11 | 1:14a7cea431aa | 201 | |
| feb11 | 0:7a1237bd2d13 | 202 | uint32_t lengthBitLow = lengthBit; |
| feb11 | 0:7a1237bd2d13 | 203 | uint32_t lengthBitHigh = lengthBit >> 32; |
| feb11 | 2:473bac39ae7c | 204 | lengthBitLow = __rev(lengthBitLow); |
| feb11 | 2:473bac39ae7c | 205 | lengthBitHigh = __rev(lengthBitHigh); |
| feb11 | 2:473bac39ae7c | 206 | memcpy(&buffer[60], &lengthBitLow, 4); |
| feb11 | 2:473bac39ae7c | 207 | memcpy(&buffer[56], &lengthBitHigh, 4); |
| feb11 | 0:7a1237bd2d13 | 208 | |
| feb11 | 1:14a7cea431aa | 209 | computeBlock(&h0,&h1,&h2,&h3,&h4, buffer); |
| feb11 | 0:7a1237bd2d13 | 210 | |
| feb11 | 2:473bac39ae7c | 211 | h0 = __rev(h0); |
| feb11 | 2:473bac39ae7c | 212 | h1 = __rev(h1); |
| feb11 | 2:473bac39ae7c | 213 | h2 = __rev(h2); |
| feb11 | 2:473bac39ae7c | 214 | h3 = __rev(h3); |
| feb11 | 2:473bac39ae7c | 215 | h4 = __rev(h4); |
| feb11 | 2:473bac39ae7c | 216 | |
| feb11 | 2:473bac39ae7c | 217 | memcpy(digest, &h0, 4); |
| feb11 | 2:473bac39ae7c | 218 | memcpy(&digest[4], &h1, 4); |
| feb11 | 2:473bac39ae7c | 219 | memcpy(&digest[8], &h2, 4); |
| feb11 | 2:473bac39ae7c | 220 | memcpy(&digest[12], &h3, 4); |
| feb11 | 2:473bac39ae7c | 221 | memcpy(&digest[16], &h4, 4); |
| feb11 | 0:7a1237bd2d13 | 222 | } |
| feb11 | 0:7a1237bd2d13 | 223 |