Nicolas Borla / Mbed OS BBR_1Ebene

BBR 1 Ebene

mbed-os/features/mbedtls/src/sha1.c@0:fbdae7e6d805, 2018-05-14 (annotated)

Committer:
borlanic
Date:
Mon May 14 11:29:06 2018 +0000
Revision:
0:fbdae7e6d805
BBR

Who changed what in which revision?

UserRevisionLine numberNew contents of line
borlanic 0:fbdae7e6d805 1 /*
borlanic 0:fbdae7e6d805 2 * FIPS-180-1 compliant SHA-1 implementation
borlanic 0:fbdae7e6d805 3 *
borlanic 0:fbdae7e6d805 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
borlanic 0:fbdae7e6d805 5 * SPDX-License-Identifier: Apache-2.0
borlanic 0:fbdae7e6d805 6 *
borlanic 0:fbdae7e6d805 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
borlanic 0:fbdae7e6d805 8 * not use this file except in compliance with the License.
borlanic 0:fbdae7e6d805 9 * You may obtain a copy of the License at
borlanic 0:fbdae7e6d805 10 *
borlanic 0:fbdae7e6d805 11 * http://www.apache.org/licenses/LICENSE-2.0
borlanic 0:fbdae7e6d805 12 *
borlanic 0:fbdae7e6d805 13 * Unless required by applicable law or agreed to in writing, software
borlanic 0:fbdae7e6d805 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
borlanic 0:fbdae7e6d805 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
borlanic 0:fbdae7e6d805 16 * See the License for the specific language governing permissions and
borlanic 0:fbdae7e6d805 17 * limitations under the License.
borlanic 0:fbdae7e6d805 18 *
borlanic 0:fbdae7e6d805 19 * This file is part of mbed TLS (https://tls.mbed.org)
borlanic 0:fbdae7e6d805 20 */
borlanic 0:fbdae7e6d805 21 /*
borlanic 0:fbdae7e6d805 22 * The SHA-1 standard was published by NIST in 1993.
borlanic 0:fbdae7e6d805 23 *
borlanic 0:fbdae7e6d805 24 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
borlanic 0:fbdae7e6d805 25 */
borlanic 0:fbdae7e6d805 26
borlanic 0:fbdae7e6d805 27 #if !defined(MBEDTLS_CONFIG_FILE)
borlanic 0:fbdae7e6d805 28 #include "mbedtls/config.h"
borlanic 0:fbdae7e6d805 29 #else
borlanic 0:fbdae7e6d805 30 #include MBEDTLS_CONFIG_FILE
borlanic 0:fbdae7e6d805 31 #endif
borlanic 0:fbdae7e6d805 32
borlanic 0:fbdae7e6d805 33 #if defined(MBEDTLS_SHA1_C)
borlanic 0:fbdae7e6d805 34
borlanic 0:fbdae7e6d805 35 #include "mbedtls/sha1.h"
borlanic 0:fbdae7e6d805 36
borlanic 0:fbdae7e6d805 37 #include <string.h>
borlanic 0:fbdae7e6d805 38
borlanic 0:fbdae7e6d805 39 #if defined(MBEDTLS_SELF_TEST)
borlanic 0:fbdae7e6d805 40 #if defined(MBEDTLS_PLATFORM_C)
borlanic 0:fbdae7e6d805 41 #include "mbedtls/platform.h"
borlanic 0:fbdae7e6d805 42 #else
borlanic 0:fbdae7e6d805 43 #include <stdio.h>
borlanic 0:fbdae7e6d805 44 #define mbedtls_printf printf
borlanic 0:fbdae7e6d805 45 #endif /* MBEDTLS_PLATFORM_C */
borlanic 0:fbdae7e6d805 46 #endif /* MBEDTLS_SELF_TEST */
borlanic 0:fbdae7e6d805 47
borlanic 0:fbdae7e6d805 48 #if !defined(MBEDTLS_SHA1_ALT)
borlanic 0:fbdae7e6d805 49
borlanic 0:fbdae7e6d805 50 /* Implementation that should never be optimized out by the compiler */
borlanic 0:fbdae7e6d805 51 static void mbedtls_zeroize( void *v, size_t n ) {
borlanic 0:fbdae7e6d805 52 volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
borlanic 0:fbdae7e6d805 53 }
borlanic 0:fbdae7e6d805 54
borlanic 0:fbdae7e6d805 55 /*
borlanic 0:fbdae7e6d805 56 * 32-bit integer manipulation macros (big endian)
borlanic 0:fbdae7e6d805 57 */
borlanic 0:fbdae7e6d805 58 #ifndef GET_UINT32_BE
borlanic 0:fbdae7e6d805 59 #define GET_UINT32_BE(n,b,i) \
borlanic 0:fbdae7e6d805 60 { \
borlanic 0:fbdae7e6d805 61 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
borlanic 0:fbdae7e6d805 62 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
borlanic 0:fbdae7e6d805 63 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
borlanic 0:fbdae7e6d805 64 | ( (uint32_t) (b)[(i) + 3] ); \
borlanic 0:fbdae7e6d805 65 }
borlanic 0:fbdae7e6d805 66 #endif
borlanic 0:fbdae7e6d805 67
borlanic 0:fbdae7e6d805 68 #ifndef PUT_UINT32_BE
borlanic 0:fbdae7e6d805 69 #define PUT_UINT32_BE(n,b,i) \
borlanic 0:fbdae7e6d805 70 { \
borlanic 0:fbdae7e6d805 71 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
borlanic 0:fbdae7e6d805 72 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
borlanic 0:fbdae7e6d805 73 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
borlanic 0:fbdae7e6d805 74 (b)[(i) + 3] = (unsigned char) ( (n) ); \
borlanic 0:fbdae7e6d805 75 }
borlanic 0:fbdae7e6d805 76 #endif
borlanic 0:fbdae7e6d805 77
borlanic 0:fbdae7e6d805 78 void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
borlanic 0:fbdae7e6d805 79 {
borlanic 0:fbdae7e6d805 80 memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
borlanic 0:fbdae7e6d805 81 }
borlanic 0:fbdae7e6d805 82
borlanic 0:fbdae7e6d805 83 void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
borlanic 0:fbdae7e6d805 84 {
borlanic 0:fbdae7e6d805 85 if( ctx == NULL )
borlanic 0:fbdae7e6d805 86 return;
borlanic 0:fbdae7e6d805 87
borlanic 0:fbdae7e6d805 88 mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
borlanic 0:fbdae7e6d805 89 }
borlanic 0:fbdae7e6d805 90
borlanic 0:fbdae7e6d805 91 void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
borlanic 0:fbdae7e6d805 92 const mbedtls_sha1_context *src )
borlanic 0:fbdae7e6d805 93 {
borlanic 0:fbdae7e6d805 94 *dst = *src;
borlanic 0:fbdae7e6d805 95 }
borlanic 0:fbdae7e6d805 96
borlanic 0:fbdae7e6d805 97 /*
borlanic 0:fbdae7e6d805 98 * SHA-1 context setup
borlanic 0:fbdae7e6d805 99 */
borlanic 0:fbdae7e6d805 100 int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
borlanic 0:fbdae7e6d805 101 {
borlanic 0:fbdae7e6d805 102 ctx->total[0] = 0;
borlanic 0:fbdae7e6d805 103 ctx->total[1] = 0;
borlanic 0:fbdae7e6d805 104
borlanic 0:fbdae7e6d805 105 ctx->state[0] = 0x67452301;
borlanic 0:fbdae7e6d805 106 ctx->state[1] = 0xEFCDAB89;
borlanic 0:fbdae7e6d805 107 ctx->state[2] = 0x98BADCFE;
borlanic 0:fbdae7e6d805 108 ctx->state[3] = 0x10325476;
borlanic 0:fbdae7e6d805 109 ctx->state[4] = 0xC3D2E1F0;
borlanic 0:fbdae7e6d805 110
borlanic 0:fbdae7e6d805 111 return( 0 );
borlanic 0:fbdae7e6d805 112 }
borlanic 0:fbdae7e6d805 113
borlanic 0:fbdae7e6d805 114 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
borlanic 0:fbdae7e6d805 115 void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
borlanic 0:fbdae7e6d805 116 {
borlanic 0:fbdae7e6d805 117 mbedtls_sha1_starts_ret( ctx );
borlanic 0:fbdae7e6d805 118 }
borlanic 0:fbdae7e6d805 119 #endif
borlanic 0:fbdae7e6d805 120
borlanic 0:fbdae7e6d805 121 #if !defined(MBEDTLS_SHA1_PROCESS_ALT)
borlanic 0:fbdae7e6d805 122 int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
borlanic 0:fbdae7e6d805 123 const unsigned char data[64] )
borlanic 0:fbdae7e6d805 124 {
borlanic 0:fbdae7e6d805 125 uint32_t temp, W[16], A, B, C, D, E;
borlanic 0:fbdae7e6d805 126
borlanic 0:fbdae7e6d805 127 GET_UINT32_BE( W[ 0], data, 0 );
borlanic 0:fbdae7e6d805 128 GET_UINT32_BE( W[ 1], data, 4 );
borlanic 0:fbdae7e6d805 129 GET_UINT32_BE( W[ 2], data, 8 );
borlanic 0:fbdae7e6d805 130 GET_UINT32_BE( W[ 3], data, 12 );
borlanic 0:fbdae7e6d805 131 GET_UINT32_BE( W[ 4], data, 16 );
borlanic 0:fbdae7e6d805 132 GET_UINT32_BE( W[ 5], data, 20 );
borlanic 0:fbdae7e6d805 133 GET_UINT32_BE( W[ 6], data, 24 );
borlanic 0:fbdae7e6d805 134 GET_UINT32_BE( W[ 7], data, 28 );
borlanic 0:fbdae7e6d805 135 GET_UINT32_BE( W[ 8], data, 32 );
borlanic 0:fbdae7e6d805 136 GET_UINT32_BE( W[ 9], data, 36 );
borlanic 0:fbdae7e6d805 137 GET_UINT32_BE( W[10], data, 40 );
borlanic 0:fbdae7e6d805 138 GET_UINT32_BE( W[11], data, 44 );
borlanic 0:fbdae7e6d805 139 GET_UINT32_BE( W[12], data, 48 );
borlanic 0:fbdae7e6d805 140 GET_UINT32_BE( W[13], data, 52 );
borlanic 0:fbdae7e6d805 141 GET_UINT32_BE( W[14], data, 56 );
borlanic 0:fbdae7e6d805 142 GET_UINT32_BE( W[15], data, 60 );
borlanic 0:fbdae7e6d805 143
borlanic 0:fbdae7e6d805 144 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
borlanic 0:fbdae7e6d805 145
borlanic 0:fbdae7e6d805 146 #define R(t) \
borlanic 0:fbdae7e6d805 147 ( \
borlanic 0:fbdae7e6d805 148 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
borlanic 0:fbdae7e6d805 149 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
borlanic 0:fbdae7e6d805 150 ( W[t & 0x0F] = S(temp,1) ) \
borlanic 0:fbdae7e6d805 151 )
borlanic 0:fbdae7e6d805 152
borlanic 0:fbdae7e6d805 153 #define P(a,b,c,d,e,x) \
borlanic 0:fbdae7e6d805 154 { \
borlanic 0:fbdae7e6d805 155 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
borlanic 0:fbdae7e6d805 156 }
borlanic 0:fbdae7e6d805 157
borlanic 0:fbdae7e6d805 158 A = ctx->state[0];
borlanic 0:fbdae7e6d805 159 B = ctx->state[1];
borlanic 0:fbdae7e6d805 160 C = ctx->state[2];
borlanic 0:fbdae7e6d805 161 D = ctx->state[3];
borlanic 0:fbdae7e6d805 162 E = ctx->state[4];
borlanic 0:fbdae7e6d805 163
borlanic 0:fbdae7e6d805 164 #define F(x,y,z) (z ^ (x & (y ^ z)))
borlanic 0:fbdae7e6d805 165 #define K 0x5A827999
borlanic 0:fbdae7e6d805 166
borlanic 0:fbdae7e6d805 167 P( A, B, C, D, E, W[0] );
borlanic 0:fbdae7e6d805 168 P( E, A, B, C, D, W[1] );
borlanic 0:fbdae7e6d805 169 P( D, E, A, B, C, W[2] );
borlanic 0:fbdae7e6d805 170 P( C, D, E, A, B, W[3] );
borlanic 0:fbdae7e6d805 171 P( B, C, D, E, A, W[4] );
borlanic 0:fbdae7e6d805 172 P( A, B, C, D, E, W[5] );
borlanic 0:fbdae7e6d805 173 P( E, A, B, C, D, W[6] );
borlanic 0:fbdae7e6d805 174 P( D, E, A, B, C, W[7] );
borlanic 0:fbdae7e6d805 175 P( C, D, E, A, B, W[8] );
borlanic 0:fbdae7e6d805 176 P( B, C, D, E, A, W[9] );
borlanic 0:fbdae7e6d805 177 P( A, B, C, D, E, W[10] );
borlanic 0:fbdae7e6d805 178 P( E, A, B, C, D, W[11] );
borlanic 0:fbdae7e6d805 179 P( D, E, A, B, C, W[12] );
borlanic 0:fbdae7e6d805 180 P( C, D, E, A, B, W[13] );
borlanic 0:fbdae7e6d805 181 P( B, C, D, E, A, W[14] );
borlanic 0:fbdae7e6d805 182 P( A, B, C, D, E, W[15] );
borlanic 0:fbdae7e6d805 183 P( E, A, B, C, D, R(16) );
borlanic 0:fbdae7e6d805 184 P( D, E, A, B, C, R(17) );
borlanic 0:fbdae7e6d805 185 P( C, D, E, A, B, R(18) );
borlanic 0:fbdae7e6d805 186 P( B, C, D, E, A, R(19) );
borlanic 0:fbdae7e6d805 187
borlanic 0:fbdae7e6d805 188 #undef K
borlanic 0:fbdae7e6d805 189 #undef F
borlanic 0:fbdae7e6d805 190
borlanic 0:fbdae7e6d805 191 #define F(x,y,z) (x ^ y ^ z)
borlanic 0:fbdae7e6d805 192 #define K 0x6ED9EBA1
borlanic 0:fbdae7e6d805 193
borlanic 0:fbdae7e6d805 194 P( A, B, C, D, E, R(20) );
borlanic 0:fbdae7e6d805 195 P( E, A, B, C, D, R(21) );
borlanic 0:fbdae7e6d805 196 P( D, E, A, B, C, R(22) );
borlanic 0:fbdae7e6d805 197 P( C, D, E, A, B, R(23) );
borlanic 0:fbdae7e6d805 198 P( B, C, D, E, A, R(24) );
borlanic 0:fbdae7e6d805 199 P( A, B, C, D, E, R(25) );
borlanic 0:fbdae7e6d805 200 P( E, A, B, C, D, R(26) );
borlanic 0:fbdae7e6d805 201 P( D, E, A, B, C, R(27) );
borlanic 0:fbdae7e6d805 202 P( C, D, E, A, B, R(28) );
borlanic 0:fbdae7e6d805 203 P( B, C, D, E, A, R(29) );
borlanic 0:fbdae7e6d805 204 P( A, B, C, D, E, R(30) );
borlanic 0:fbdae7e6d805 205 P( E, A, B, C, D, R(31) );
borlanic 0:fbdae7e6d805 206 P( D, E, A, B, C, R(32) );
borlanic 0:fbdae7e6d805 207 P( C, D, E, A, B, R(33) );
borlanic 0:fbdae7e6d805 208 P( B, C, D, E, A, R(34) );
borlanic 0:fbdae7e6d805 209 P( A, B, C, D, E, R(35) );
borlanic 0:fbdae7e6d805 210 P( E, A, B, C, D, R(36) );
borlanic 0:fbdae7e6d805 211 P( D, E, A, B, C, R(37) );
borlanic 0:fbdae7e6d805 212 P( C, D, E, A, B, R(38) );
borlanic 0:fbdae7e6d805 213 P( B, C, D, E, A, R(39) );
borlanic 0:fbdae7e6d805 214
borlanic 0:fbdae7e6d805 215 #undef K
borlanic 0:fbdae7e6d805 216 #undef F
borlanic 0:fbdae7e6d805 217
borlanic 0:fbdae7e6d805 218 #define F(x,y,z) ((x & y) | (z & (x | y)))
borlanic 0:fbdae7e6d805 219 #define K 0x8F1BBCDC
borlanic 0:fbdae7e6d805 220
borlanic 0:fbdae7e6d805 221 P( A, B, C, D, E, R(40) );
borlanic 0:fbdae7e6d805 222 P( E, A, B, C, D, R(41) );
borlanic 0:fbdae7e6d805 223 P( D, E, A, B, C, R(42) );
borlanic 0:fbdae7e6d805 224 P( C, D, E, A, B, R(43) );
borlanic 0:fbdae7e6d805 225 P( B, C, D, E, A, R(44) );
borlanic 0:fbdae7e6d805 226 P( A, B, C, D, E, R(45) );
borlanic 0:fbdae7e6d805 227 P( E, A, B, C, D, R(46) );
borlanic 0:fbdae7e6d805 228 P( D, E, A, B, C, R(47) );
borlanic 0:fbdae7e6d805 229 P( C, D, E, A, B, R(48) );
borlanic 0:fbdae7e6d805 230 P( B, C, D, E, A, R(49) );
borlanic 0:fbdae7e6d805 231 P( A, B, C, D, E, R(50) );
borlanic 0:fbdae7e6d805 232 P( E, A, B, C, D, R(51) );
borlanic 0:fbdae7e6d805 233 P( D, E, A, B, C, R(52) );
borlanic 0:fbdae7e6d805 234 P( C, D, E, A, B, R(53) );
borlanic 0:fbdae7e6d805 235 P( B, C, D, E, A, R(54) );
borlanic 0:fbdae7e6d805 236 P( A, B, C, D, E, R(55) );
borlanic 0:fbdae7e6d805 237 P( E, A, B, C, D, R(56) );
borlanic 0:fbdae7e6d805 238 P( D, E, A, B, C, R(57) );
borlanic 0:fbdae7e6d805 239 P( C, D, E, A, B, R(58) );
borlanic 0:fbdae7e6d805 240 P( B, C, D, E, A, R(59) );
borlanic 0:fbdae7e6d805 241
borlanic 0:fbdae7e6d805 242 #undef K
borlanic 0:fbdae7e6d805 243 #undef F
borlanic 0:fbdae7e6d805 244
borlanic 0:fbdae7e6d805 245 #define F(x,y,z) (x ^ y ^ z)
borlanic 0:fbdae7e6d805 246 #define K 0xCA62C1D6
borlanic 0:fbdae7e6d805 247
borlanic 0:fbdae7e6d805 248 P( A, B, C, D, E, R(60) );
borlanic 0:fbdae7e6d805 249 P( E, A, B, C, D, R(61) );
borlanic 0:fbdae7e6d805 250 P( D, E, A, B, C, R(62) );
borlanic 0:fbdae7e6d805 251 P( C, D, E, A, B, R(63) );
borlanic 0:fbdae7e6d805 252 P( B, C, D, E, A, R(64) );
borlanic 0:fbdae7e6d805 253 P( A, B, C, D, E, R(65) );
borlanic 0:fbdae7e6d805 254 P( E, A, B, C, D, R(66) );
borlanic 0:fbdae7e6d805 255 P( D, E, A, B, C, R(67) );
borlanic 0:fbdae7e6d805 256 P( C, D, E, A, B, R(68) );
borlanic 0:fbdae7e6d805 257 P( B, C, D, E, A, R(69) );
borlanic 0:fbdae7e6d805 258 P( A, B, C, D, E, R(70) );
borlanic 0:fbdae7e6d805 259 P( E, A, B, C, D, R(71) );
borlanic 0:fbdae7e6d805 260 P( D, E, A, B, C, R(72) );
borlanic 0:fbdae7e6d805 261 P( C, D, E, A, B, R(73) );
borlanic 0:fbdae7e6d805 262 P( B, C, D, E, A, R(74) );
borlanic 0:fbdae7e6d805 263 P( A, B, C, D, E, R(75) );
borlanic 0:fbdae7e6d805 264 P( E, A, B, C, D, R(76) );
borlanic 0:fbdae7e6d805 265 P( D, E, A, B, C, R(77) );
borlanic 0:fbdae7e6d805 266 P( C, D, E, A, B, R(78) );
borlanic 0:fbdae7e6d805 267 P( B, C, D, E, A, R(79) );
borlanic 0:fbdae7e6d805 268
borlanic 0:fbdae7e6d805 269 #undef K
borlanic 0:fbdae7e6d805 270 #undef F
borlanic 0:fbdae7e6d805 271
borlanic 0:fbdae7e6d805 272 ctx->state[0] += A;
borlanic 0:fbdae7e6d805 273 ctx->state[1] += B;
borlanic 0:fbdae7e6d805 274 ctx->state[2] += C;
borlanic 0:fbdae7e6d805 275 ctx->state[3] += D;
borlanic 0:fbdae7e6d805 276 ctx->state[4] += E;
borlanic 0:fbdae7e6d805 277
borlanic 0:fbdae7e6d805 278 return( 0 );
borlanic 0:fbdae7e6d805 279 }
borlanic 0:fbdae7e6d805 280
borlanic 0:fbdae7e6d805 281 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
borlanic 0:fbdae7e6d805 282 void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
borlanic 0:fbdae7e6d805 283 const unsigned char data[64] )
borlanic 0:fbdae7e6d805 284 {
borlanic 0:fbdae7e6d805 285 mbedtls_internal_sha1_process( ctx, data );
borlanic 0:fbdae7e6d805 286 }
borlanic 0:fbdae7e6d805 287 #endif
borlanic 0:fbdae7e6d805 288 #endif /* !MBEDTLS_SHA1_PROCESS_ALT */
borlanic 0:fbdae7e6d805 289
borlanic 0:fbdae7e6d805 290 /*
borlanic 0:fbdae7e6d805 291 * SHA-1 process buffer
borlanic 0:fbdae7e6d805 292 */
borlanic 0:fbdae7e6d805 293 int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
borlanic 0:fbdae7e6d805 294 const unsigned char *input,
borlanic 0:fbdae7e6d805 295 size_t ilen )
borlanic 0:fbdae7e6d805 296 {
borlanic 0:fbdae7e6d805 297 int ret;
borlanic 0:fbdae7e6d805 298 size_t fill;
borlanic 0:fbdae7e6d805 299 uint32_t left;
borlanic 0:fbdae7e6d805 300
borlanic 0:fbdae7e6d805 301 if( ilen == 0 )
borlanic 0:fbdae7e6d805 302 return( 0 );
borlanic 0:fbdae7e6d805 303
borlanic 0:fbdae7e6d805 304 left = ctx->total[0] & 0x3F;
borlanic 0:fbdae7e6d805 305 fill = 64 - left;
borlanic 0:fbdae7e6d805 306
borlanic 0:fbdae7e6d805 307 ctx->total[0] += (uint32_t) ilen;
borlanic 0:fbdae7e6d805 308 ctx->total[0] &= 0xFFFFFFFF;
borlanic 0:fbdae7e6d805 309
borlanic 0:fbdae7e6d805 310 if( ctx->total[0] < (uint32_t) ilen )
borlanic 0:fbdae7e6d805 311 ctx->total[1]++;
borlanic 0:fbdae7e6d805 312
borlanic 0:fbdae7e6d805 313 if( left && ilen >= fill )
borlanic 0:fbdae7e6d805 314 {
borlanic 0:fbdae7e6d805 315 memcpy( (void *) (ctx->buffer + left), input, fill );
borlanic 0:fbdae7e6d805 316
borlanic 0:fbdae7e6d805 317 if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
borlanic 0:fbdae7e6d805 318 return( ret );
borlanic 0:fbdae7e6d805 319
borlanic 0:fbdae7e6d805 320 input += fill;
borlanic 0:fbdae7e6d805 321 ilen -= fill;
borlanic 0:fbdae7e6d805 322 left = 0;
borlanic 0:fbdae7e6d805 323 }
borlanic 0:fbdae7e6d805 324
borlanic 0:fbdae7e6d805 325 while( ilen >= 64 )
borlanic 0:fbdae7e6d805 326 {
borlanic 0:fbdae7e6d805 327 if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 )
borlanic 0:fbdae7e6d805 328 return( ret );
borlanic 0:fbdae7e6d805 329
borlanic 0:fbdae7e6d805 330 input += 64;
borlanic 0:fbdae7e6d805 331 ilen -= 64;
borlanic 0:fbdae7e6d805 332 }
borlanic 0:fbdae7e6d805 333
borlanic 0:fbdae7e6d805 334 if( ilen > 0 )
borlanic 0:fbdae7e6d805 335 memcpy( (void *) (ctx->buffer + left), input, ilen );
borlanic 0:fbdae7e6d805 336
borlanic 0:fbdae7e6d805 337 return( 0 );
borlanic 0:fbdae7e6d805 338 }
borlanic 0:fbdae7e6d805 339
borlanic 0:fbdae7e6d805 340 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
borlanic 0:fbdae7e6d805 341 void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
borlanic 0:fbdae7e6d805 342 const unsigned char *input,
borlanic 0:fbdae7e6d805 343 size_t ilen )
borlanic 0:fbdae7e6d805 344 {
borlanic 0:fbdae7e6d805 345 mbedtls_sha1_update_ret( ctx, input, ilen );
borlanic 0:fbdae7e6d805 346 }
borlanic 0:fbdae7e6d805 347 #endif
borlanic 0:fbdae7e6d805 348
borlanic 0:fbdae7e6d805 349 static const unsigned char sha1_padding[64] =
borlanic 0:fbdae7e6d805 350 {
borlanic 0:fbdae7e6d805 351 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
borlanic 0:fbdae7e6d805 352 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
borlanic 0:fbdae7e6d805 353 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
borlanic 0:fbdae7e6d805 354 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
borlanic 0:fbdae7e6d805 355 };
borlanic 0:fbdae7e6d805 356
borlanic 0:fbdae7e6d805 357 /*
borlanic 0:fbdae7e6d805 358 * SHA-1 final digest
borlanic 0:fbdae7e6d805 359 */
borlanic 0:fbdae7e6d805 360 int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
borlanic 0:fbdae7e6d805 361 unsigned char output[20] )
borlanic 0:fbdae7e6d805 362 {
borlanic 0:fbdae7e6d805 363 int ret;
borlanic 0:fbdae7e6d805 364 uint32_t last, padn;
borlanic 0:fbdae7e6d805 365 uint32_t high, low;
borlanic 0:fbdae7e6d805 366 unsigned char msglen[8];
borlanic 0:fbdae7e6d805 367
borlanic 0:fbdae7e6d805 368 high = ( ctx->total[0] >> 29 )
borlanic 0:fbdae7e6d805 369 | ( ctx->total[1] << 3 );
borlanic 0:fbdae7e6d805 370 low = ( ctx->total[0] << 3 );
borlanic 0:fbdae7e6d805 371
borlanic 0:fbdae7e6d805 372 PUT_UINT32_BE( high, msglen, 0 );
borlanic 0:fbdae7e6d805 373 PUT_UINT32_BE( low, msglen, 4 );
borlanic 0:fbdae7e6d805 374
borlanic 0:fbdae7e6d805 375 last = ctx->total[0] & 0x3F;
borlanic 0:fbdae7e6d805 376 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
borlanic 0:fbdae7e6d805 377
borlanic 0:fbdae7e6d805 378 if( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 )
borlanic 0:fbdae7e6d805 379 return( ret );
borlanic 0:fbdae7e6d805 380 if( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 )
borlanic 0:fbdae7e6d805 381 return( ret );
borlanic 0:fbdae7e6d805 382
borlanic 0:fbdae7e6d805 383 PUT_UINT32_BE( ctx->state[0], output, 0 );
borlanic 0:fbdae7e6d805 384 PUT_UINT32_BE( ctx->state[1], output, 4 );
borlanic 0:fbdae7e6d805 385 PUT_UINT32_BE( ctx->state[2], output, 8 );
borlanic 0:fbdae7e6d805 386 PUT_UINT32_BE( ctx->state[3], output, 12 );
borlanic 0:fbdae7e6d805 387 PUT_UINT32_BE( ctx->state[4], output, 16 );
borlanic 0:fbdae7e6d805 388
borlanic 0:fbdae7e6d805 389 return( 0 );
borlanic 0:fbdae7e6d805 390 }
borlanic 0:fbdae7e6d805 391
borlanic 0:fbdae7e6d805 392 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
borlanic 0:fbdae7e6d805 393 void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
borlanic 0:fbdae7e6d805 394 unsigned char output[20] )
borlanic 0:fbdae7e6d805 395 {
borlanic 0:fbdae7e6d805 396 mbedtls_sha1_finish_ret( ctx, output );
borlanic 0:fbdae7e6d805 397 }
borlanic 0:fbdae7e6d805 398 #endif
borlanic 0:fbdae7e6d805 399
borlanic 0:fbdae7e6d805 400 #endif /* !MBEDTLS_SHA1_ALT */
borlanic 0:fbdae7e6d805 401
borlanic 0:fbdae7e6d805 402 /*
borlanic 0:fbdae7e6d805 403 * output = SHA-1( input buffer )
borlanic 0:fbdae7e6d805 404 */
borlanic 0:fbdae7e6d805 405 int mbedtls_sha1_ret( const unsigned char *input,
borlanic 0:fbdae7e6d805 406 size_t ilen,
borlanic 0:fbdae7e6d805 407 unsigned char output[20] )
borlanic 0:fbdae7e6d805 408 {
borlanic 0:fbdae7e6d805 409 int ret;
borlanic 0:fbdae7e6d805 410 mbedtls_sha1_context ctx;
borlanic 0:fbdae7e6d805 411
borlanic 0:fbdae7e6d805 412 mbedtls_sha1_init( &ctx );
borlanic 0:fbdae7e6d805 413
borlanic 0:fbdae7e6d805 414 if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
borlanic 0:fbdae7e6d805 415 goto exit;
borlanic 0:fbdae7e6d805 416
borlanic 0:fbdae7e6d805 417 if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 )
borlanic 0:fbdae7e6d805 418 goto exit;
borlanic 0:fbdae7e6d805 419
borlanic 0:fbdae7e6d805 420 if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 )
borlanic 0:fbdae7e6d805 421 goto exit;
borlanic 0:fbdae7e6d805 422
borlanic 0:fbdae7e6d805 423 exit:
borlanic 0:fbdae7e6d805 424 mbedtls_sha1_free( &ctx );
borlanic 0:fbdae7e6d805 425
borlanic 0:fbdae7e6d805 426 return( ret );
borlanic 0:fbdae7e6d805 427 }
borlanic 0:fbdae7e6d805 428
borlanic 0:fbdae7e6d805 429 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
borlanic 0:fbdae7e6d805 430 void mbedtls_sha1( const unsigned char *input,
borlanic 0:fbdae7e6d805 431 size_t ilen,
borlanic 0:fbdae7e6d805 432 unsigned char output[20] )
borlanic 0:fbdae7e6d805 433 {
borlanic 0:fbdae7e6d805 434 mbedtls_sha1_ret( input, ilen, output );
borlanic 0:fbdae7e6d805 435 }
borlanic 0:fbdae7e6d805 436 #endif
borlanic 0:fbdae7e6d805 437
borlanic 0:fbdae7e6d805 438 #if defined(MBEDTLS_SELF_TEST)
borlanic 0:fbdae7e6d805 439 /*
borlanic 0:fbdae7e6d805 440 * FIPS-180-1 test vectors
borlanic 0:fbdae7e6d805 441 */
borlanic 0:fbdae7e6d805 442 static const unsigned char sha1_test_buf[3][57] =
borlanic 0:fbdae7e6d805 443 {
borlanic 0:fbdae7e6d805 444 { "abc" },
borlanic 0:fbdae7e6d805 445 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
borlanic 0:fbdae7e6d805 446 { "" }
borlanic 0:fbdae7e6d805 447 };
borlanic 0:fbdae7e6d805 448
borlanic 0:fbdae7e6d805 449 static const size_t sha1_test_buflen[3] =
borlanic 0:fbdae7e6d805 450 {
borlanic 0:fbdae7e6d805 451 3, 56, 1000
borlanic 0:fbdae7e6d805 452 };
borlanic 0:fbdae7e6d805 453
borlanic 0:fbdae7e6d805 454 static const unsigned char sha1_test_sum[3][20] =
borlanic 0:fbdae7e6d805 455 {
borlanic 0:fbdae7e6d805 456 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
borlanic 0:fbdae7e6d805 457 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
borlanic 0:fbdae7e6d805 458 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
borlanic 0:fbdae7e6d805 459 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
borlanic 0:fbdae7e6d805 460 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
borlanic 0:fbdae7e6d805 461 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
borlanic 0:fbdae7e6d805 462 };
borlanic 0:fbdae7e6d805 463
borlanic 0:fbdae7e6d805 464 /*
borlanic 0:fbdae7e6d805 465 * Checkup routine
borlanic 0:fbdae7e6d805 466 */
borlanic 0:fbdae7e6d805 467 int mbedtls_sha1_self_test( int verbose )
borlanic 0:fbdae7e6d805 468 {
borlanic 0:fbdae7e6d805 469 int i, j, buflen, ret = 0;
borlanic 0:fbdae7e6d805 470 unsigned char buf[1024];
borlanic 0:fbdae7e6d805 471 unsigned char sha1sum[20];
borlanic 0:fbdae7e6d805 472 mbedtls_sha1_context ctx;
borlanic 0:fbdae7e6d805 473
borlanic 0:fbdae7e6d805 474 mbedtls_sha1_init( &ctx );
borlanic 0:fbdae7e6d805 475
borlanic 0:fbdae7e6d805 476 /*
borlanic 0:fbdae7e6d805 477 * SHA-1
borlanic 0:fbdae7e6d805 478 */
borlanic 0:fbdae7e6d805 479 for( i = 0; i < 3; i++ )
borlanic 0:fbdae7e6d805 480 {
borlanic 0:fbdae7e6d805 481 if( verbose != 0 )
borlanic 0:fbdae7e6d805 482 mbedtls_printf( " SHA-1 test #%d: ", i + 1 );
borlanic 0:fbdae7e6d805 483
borlanic 0:fbdae7e6d805 484 if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
borlanic 0:fbdae7e6d805 485 goto fail;
borlanic 0:fbdae7e6d805 486
borlanic 0:fbdae7e6d805 487 if( i == 2 )
borlanic 0:fbdae7e6d805 488 {
borlanic 0:fbdae7e6d805 489 memset( buf, 'a', buflen = 1000 );
borlanic 0:fbdae7e6d805 490
borlanic 0:fbdae7e6d805 491 for( j = 0; j < 1000; j++ )
borlanic 0:fbdae7e6d805 492 {
borlanic 0:fbdae7e6d805 493 ret = mbedtls_sha1_update_ret( &ctx, buf, buflen );
borlanic 0:fbdae7e6d805 494 if( ret != 0 )
borlanic 0:fbdae7e6d805 495 goto fail;
borlanic 0:fbdae7e6d805 496 }
borlanic 0:fbdae7e6d805 497 }
borlanic 0:fbdae7e6d805 498 else
borlanic 0:fbdae7e6d805 499 {
borlanic 0:fbdae7e6d805 500 ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i],
borlanic 0:fbdae7e6d805 501 sha1_test_buflen[i] );
borlanic 0:fbdae7e6d805 502 if( ret != 0 )
borlanic 0:fbdae7e6d805 503 goto fail;
borlanic 0:fbdae7e6d805 504 }
borlanic 0:fbdae7e6d805 505
borlanic 0:fbdae7e6d805 506 if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 )
borlanic 0:fbdae7e6d805 507 goto fail;
borlanic 0:fbdae7e6d805 508
borlanic 0:fbdae7e6d805 509 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
borlanic 0:fbdae7e6d805 510 {
borlanic 0:fbdae7e6d805 511 ret = 1;
borlanic 0:fbdae7e6d805 512 goto fail;
borlanic 0:fbdae7e6d805 513 }
borlanic 0:fbdae7e6d805 514
borlanic 0:fbdae7e6d805 515 if( verbose != 0 )
borlanic 0:fbdae7e6d805 516 mbedtls_printf( "passed\n" );
borlanic 0:fbdae7e6d805 517 }
borlanic 0:fbdae7e6d805 518
borlanic 0:fbdae7e6d805 519 if( verbose != 0 )
borlanic 0:fbdae7e6d805 520 mbedtls_printf( "\n" );
borlanic 0:fbdae7e6d805 521
borlanic 0:fbdae7e6d805 522 goto exit;
borlanic 0:fbdae7e6d805 523
borlanic 0:fbdae7e6d805 524 fail:
borlanic 0:fbdae7e6d805 525 if( verbose != 0 )
borlanic 0:fbdae7e6d805 526 mbedtls_printf( "failed\n" );
borlanic 0:fbdae7e6d805 527
borlanic 0:fbdae7e6d805 528 exit:
borlanic 0:fbdae7e6d805 529 mbedtls_sha1_free( &ctx );
borlanic 0:fbdae7e6d805 530
borlanic 0:fbdae7e6d805 531 return( ret );
borlanic 0:fbdae7e6d805 532 }
borlanic 0:fbdae7e6d805 533
borlanic 0:fbdae7e6d805 534 #endif /* MBEDTLS_SELF_TEST */
borlanic 0:fbdae7e6d805 535
borlanic 0:fbdae7e6d805 536 #endif /* MBEDTLS_SHA1_C */