Kenji Arai
/
mbed-os_TYBLE16
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
Embed:
(wiki syntax)
Show/hide line numbers
sha1.c
00001 /* 00002 * FIPS-180-1 compliant SHA-1 implementation 00003 * 00004 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00005 * SPDX-License-Identifier: Apache-2.0 00006 * 00007 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00008 * not use this file except in compliance with the License. 00009 * You may obtain a copy of the License at 00010 * 00011 * http://www.apache.org/licenses/LICENSE-2.0 00012 * 00013 * Unless required by applicable law or agreed to in writing, software 00014 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00015 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00016 * See the License for the specific language governing permissions and 00017 * limitations under the License. 00018 * 00019 * This file is part of mbed TLS (https://tls.mbed.org) 00020 */ 00021 /* 00022 * The SHA-1 standard was published by NIST in 1993. 00023 * 00024 * http://www.itl.nist.gov/fipspubs/fip180-1.htm 00025 */ 00026 00027 #if !defined(MBEDTLS_CONFIG_FILE) 00028 #include "mbedtls/config.h" 00029 #else 00030 #include MBEDTLS_CONFIG_FILE 00031 #endif 00032 00033 #if defined(MBEDTLS_SHA1_C) 00034 00035 #include "mbedtls/sha1.h" 00036 #include "mbedtls/platform_util.h" 00037 00038 #include <string.h> 00039 00040 #if defined(MBEDTLS_SELF_TEST) 00041 #if defined(MBEDTLS_PLATFORM_C) 00042 #include "mbedtls/platform.h" 00043 #else 00044 #include <stdio.h> 00045 #define mbedtls_printf printf 00046 #endif /* MBEDTLS_PLATFORM_C */ 00047 #endif /* MBEDTLS_SELF_TEST */ 00048 00049 #define SHA1_VALIDATE_RET(cond) \ 00050 MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA ) 00051 00052 #define SHA1_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) 00053 00054 #if !defined(MBEDTLS_SHA1_ALT) 00055 00056 /* 00057 * 32-bit integer manipulation macros (big endian) 00058 */ 00059 #ifndef GET_UINT32_BE 00060 #define GET_UINT32_BE(n,b,i) \ 00061 { \ 00062 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ 00063 | ( (uint32_t) (b)[(i) + 1] << 16 ) \ 00064 | ( (uint32_t) (b)[(i) + 2] << 8 ) \ 00065 | ( (uint32_t) (b)[(i) + 3] ); \ 00066 } 00067 #endif 00068 00069 #ifndef PUT_UINT32_BE 00070 #define PUT_UINT32_BE(n,b,i) \ 00071 { \ 00072 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 00073 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 00074 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 00075 (b)[(i) + 3] = (unsigned char) ( (n) ); \ 00076 } 00077 #endif 00078 00079 void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) 00080 { 00081 SHA1_VALIDATE( ctx != NULL ); 00082 00083 memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); 00084 } 00085 00086 void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) 00087 { 00088 if( ctx == NULL ) 00089 return; 00090 00091 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha1_context ) ); 00092 } 00093 00094 void mbedtls_sha1_clone( mbedtls_sha1_context *dst, 00095 const mbedtls_sha1_context *src ) 00096 { 00097 SHA1_VALIDATE( dst != NULL ); 00098 SHA1_VALIDATE( src != NULL ); 00099 00100 *dst = *src; 00101 } 00102 00103 /* 00104 * SHA-1 context setup 00105 */ 00106 int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) 00107 { 00108 SHA1_VALIDATE_RET( ctx != NULL ); 00109 00110 ctx->total [0] = 0; 00111 ctx->total [1] = 0; 00112 00113 ctx->state [0] = 0x67452301; 00114 ctx->state [1] = 0xEFCDAB89; 00115 ctx->state [2] = 0x98BADCFE; 00116 ctx->state [3] = 0x10325476; 00117 ctx->state [4] = 0xC3D2E1F0; 00118 00119 return( 0 ); 00120 } 00121 00122 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 00123 void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) 00124 { 00125 mbedtls_sha1_starts_ret( ctx ); 00126 } 00127 #endif 00128 00129 #if !defined(MBEDTLS_SHA1_PROCESS_ALT) 00130 int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, 00131 const unsigned char data[64] ) 00132 { 00133 uint32_t temp, W[16], A, B, C, D, E; 00134 00135 SHA1_VALIDATE_RET( ctx != NULL ); 00136 SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); 00137 00138 GET_UINT32_BE( W[ 0], data, 0 ); 00139 GET_UINT32_BE( W[ 1], data, 4 ); 00140 GET_UINT32_BE( W[ 2], data, 8 ); 00141 GET_UINT32_BE( W[ 3], data, 12 ); 00142 GET_UINT32_BE( W[ 4], data, 16 ); 00143 GET_UINT32_BE( W[ 5], data, 20 ); 00144 GET_UINT32_BE( W[ 6], data, 24 ); 00145 GET_UINT32_BE( W[ 7], data, 28 ); 00146 GET_UINT32_BE( W[ 8], data, 32 ); 00147 GET_UINT32_BE( W[ 9], data, 36 ); 00148 GET_UINT32_BE( W[10], data, 40 ); 00149 GET_UINT32_BE( W[11], data, 44 ); 00150 GET_UINT32_BE( W[12], data, 48 ); 00151 GET_UINT32_BE( W[13], data, 52 ); 00152 GET_UINT32_BE( W[14], data, 56 ); 00153 GET_UINT32_BE( W[15], data, 60 ); 00154 00155 #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) 00156 00157 #define R(t) \ 00158 ( \ 00159 temp = W[( (t) - 3 ) & 0x0F] ^ W[( (t) - 8 ) & 0x0F] ^ \ 00160 W[( (t) - 14 ) & 0x0F] ^ W[ (t) & 0x0F], \ 00161 ( W[(t) & 0x0F] = S(temp,1) ) \ 00162 ) 00163 00164 #define P(a,b,c,d,e,x) \ 00165 do \ 00166 { \ 00167 (e) += S((a),5) + F((b),(c),(d)) + K + (x); \ 00168 (b) = S((b),30); \ 00169 } while( 0 ) 00170 00171 A = ctx->state [0]; 00172 B = ctx->state [1]; 00173 C = ctx->state [2]; 00174 D = ctx->state [3]; 00175 E = ctx->state [4]; 00176 00177 #define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) 00178 #define K 0x5A827999 00179 00180 P( A, B, C, D, E, W[0] ); 00181 P( E, A, B, C, D, W[1] ); 00182 P( D, E, A, B, C, W[2] ); 00183 P( C, D, E, A, B, W[3] ); 00184 P( B, C, D, E, A, W[4] ); 00185 P( A, B, C, D, E, W[5] ); 00186 P( E, A, B, C, D, W[6] ); 00187 P( D, E, A, B, C, W[7] ); 00188 P( C, D, E, A, B, W[8] ); 00189 P( B, C, D, E, A, W[9] ); 00190 P( A, B, C, D, E, W[10] ); 00191 P( E, A, B, C, D, W[11] ); 00192 P( D, E, A, B, C, W[12] ); 00193 P( C, D, E, A, B, W[13] ); 00194 P( B, C, D, E, A, W[14] ); 00195 P( A, B, C, D, E, W[15] ); 00196 P( E, A, B, C, D, R(16) ); 00197 P( D, E, A, B, C, R(17) ); 00198 P( C, D, E, A, B, R(18) ); 00199 P( B, C, D, E, A, R(19) ); 00200 00201 #undef K 00202 #undef F 00203 00204 #define F(x,y,z) ((x) ^ (y) ^ (z)) 00205 #define K 0x6ED9EBA1 00206 00207 P( A, B, C, D, E, R(20) ); 00208 P( E, A, B, C, D, R(21) ); 00209 P( D, E, A, B, C, R(22) ); 00210 P( C, D, E, A, B, R(23) ); 00211 P( B, C, D, E, A, R(24) ); 00212 P( A, B, C, D, E, R(25) ); 00213 P( E, A, B, C, D, R(26) ); 00214 P( D, E, A, B, C, R(27) ); 00215 P( C, D, E, A, B, R(28) ); 00216 P( B, C, D, E, A, R(29) ); 00217 P( A, B, C, D, E, R(30) ); 00218 P( E, A, B, C, D, R(31) ); 00219 P( D, E, A, B, C, R(32) ); 00220 P( C, D, E, A, B, R(33) ); 00221 P( B, C, D, E, A, R(34) ); 00222 P( A, B, C, D, E, R(35) ); 00223 P( E, A, B, C, D, R(36) ); 00224 P( D, E, A, B, C, R(37) ); 00225 P( C, D, E, A, B, R(38) ); 00226 P( B, C, D, E, A, R(39) ); 00227 00228 #undef K 00229 #undef F 00230 00231 #define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) 00232 #define K 0x8F1BBCDC 00233 00234 P( A, B, C, D, E, R(40) ); 00235 P( E, A, B, C, D, R(41) ); 00236 P( D, E, A, B, C, R(42) ); 00237 P( C, D, E, A, B, R(43) ); 00238 P( B, C, D, E, A, R(44) ); 00239 P( A, B, C, D, E, R(45) ); 00240 P( E, A, B, C, D, R(46) ); 00241 P( D, E, A, B, C, R(47) ); 00242 P( C, D, E, A, B, R(48) ); 00243 P( B, C, D, E, A, R(49) ); 00244 P( A, B, C, D, E, R(50) ); 00245 P( E, A, B, C, D, R(51) ); 00246 P( D, E, A, B, C, R(52) ); 00247 P( C, D, E, A, B, R(53) ); 00248 P( B, C, D, E, A, R(54) ); 00249 P( A, B, C, D, E, R(55) ); 00250 P( E, A, B, C, D, R(56) ); 00251 P( D, E, A, B, C, R(57) ); 00252 P( C, D, E, A, B, R(58) ); 00253 P( B, C, D, E, A, R(59) ); 00254 00255 #undef K 00256 #undef F 00257 00258 #define F(x,y,z) ((x) ^ (y) ^ (z)) 00259 #define K 0xCA62C1D6 00260 00261 P( A, B, C, D, E, R(60) ); 00262 P( E, A, B, C, D, R(61) ); 00263 P( D, E, A, B, C, R(62) ); 00264 P( C, D, E, A, B, R(63) ); 00265 P( B, C, D, E, A, R(64) ); 00266 P( A, B, C, D, E, R(65) ); 00267 P( E, A, B, C, D, R(66) ); 00268 P( D, E, A, B, C, R(67) ); 00269 P( C, D, E, A, B, R(68) ); 00270 P( B, C, D, E, A, R(69) ); 00271 P( A, B, C, D, E, R(70) ); 00272 P( E, A, B, C, D, R(71) ); 00273 P( D, E, A, B, C, R(72) ); 00274 P( C, D, E, A, B, R(73) ); 00275 P( B, C, D, E, A, R(74) ); 00276 P( A, B, C, D, E, R(75) ); 00277 P( E, A, B, C, D, R(76) ); 00278 P( D, E, A, B, C, R(77) ); 00279 P( C, D, E, A, B, R(78) ); 00280 P( B, C, D, E, A, R(79) ); 00281 00282 #undef K 00283 #undef F 00284 00285 ctx->state [0] += A; 00286 ctx->state [1] += B; 00287 ctx->state [2] += C; 00288 ctx->state [3] += D; 00289 ctx->state [4] += E; 00290 00291 return( 0 ); 00292 } 00293 00294 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 00295 void mbedtls_sha1_process( mbedtls_sha1_context *ctx, 00296 const unsigned char data[64] ) 00297 { 00298 mbedtls_internal_sha1_process( ctx, data ); 00299 } 00300 #endif 00301 #endif /* !MBEDTLS_SHA1_PROCESS_ALT */ 00302 00303 /* 00304 * SHA-1 process buffer 00305 */ 00306 int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, 00307 const unsigned char *input, 00308 size_t ilen ) 00309 { 00310 int ret; 00311 size_t fill; 00312 uint32_t left; 00313 00314 SHA1_VALIDATE_RET( ctx != NULL ); 00315 SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); 00316 00317 if( ilen == 0 ) 00318 return( 0 ); 00319 00320 left = ctx->total [0] & 0x3F; 00321 fill = 64 - left; 00322 00323 ctx->total [0] += (uint32_t) ilen; 00324 ctx->total [0] &= 0xFFFFFFFF; 00325 00326 if( ctx->total [0] < (uint32_t) ilen ) 00327 ctx->total [1]++; 00328 00329 if( left && ilen >= fill ) 00330 { 00331 memcpy( (void *) (ctx->buffer + left), input, fill ); 00332 00333 if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) 00334 return( ret ); 00335 00336 input += fill; 00337 ilen -= fill; 00338 left = 0; 00339 } 00340 00341 while( ilen >= 64 ) 00342 { 00343 if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 ) 00344 return( ret ); 00345 00346 input += 64; 00347 ilen -= 64; 00348 } 00349 00350 if( ilen > 0 ) 00351 memcpy( (void *) (ctx->buffer + left), input, ilen ); 00352 00353 return( 0 ); 00354 } 00355 00356 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 00357 void mbedtls_sha1_update( mbedtls_sha1_context *ctx, 00358 const unsigned char *input, 00359 size_t ilen ) 00360 { 00361 mbedtls_sha1_update_ret( ctx, input, ilen ); 00362 } 00363 #endif 00364 00365 /* 00366 * SHA-1 final digest 00367 */ 00368 int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, 00369 unsigned char output[20] ) 00370 { 00371 int ret; 00372 uint32_t used; 00373 uint32_t high, low; 00374 00375 SHA1_VALIDATE_RET( ctx != NULL ); 00376 SHA1_VALIDATE_RET( (unsigned char *)output != NULL ); 00377 00378 /* 00379 * Add padding: 0x80 then 0x00 until 8 bytes remain for the length 00380 */ 00381 used = ctx->total [0] & 0x3F; 00382 00383 ctx->buffer [used++] = 0x80; 00384 00385 if( used <= 56 ) 00386 { 00387 /* Enough room for padding + length in current block */ 00388 memset( ctx->buffer + used, 0, 56 - used ); 00389 } 00390 else 00391 { 00392 /* We'll need an extra block */ 00393 memset( ctx->buffer + used, 0, 64 - used ); 00394 00395 if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) 00396 return( ret ); 00397 00398 memset( ctx->buffer , 0, 56 ); 00399 } 00400 00401 /* 00402 * Add message length 00403 */ 00404 high = ( ctx->total [0] >> 29 ) 00405 | ( ctx->total [1] << 3 ); 00406 low = ( ctx->total [0] << 3 ); 00407 00408 PUT_UINT32_BE( high, ctx->buffer , 56 ); 00409 PUT_UINT32_BE( low, ctx->buffer , 60 ); 00410 00411 if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) 00412 return( ret ); 00413 00414 /* 00415 * Output final state 00416 */ 00417 PUT_UINT32_BE( ctx->state [0], output, 0 ); 00418 PUT_UINT32_BE( ctx->state [1], output, 4 ); 00419 PUT_UINT32_BE( ctx->state [2], output, 8 ); 00420 PUT_UINT32_BE( ctx->state [3], output, 12 ); 00421 PUT_UINT32_BE( ctx->state [4], output, 16 ); 00422 00423 return( 0 ); 00424 } 00425 00426 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 00427 void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, 00428 unsigned char output[20] ) 00429 { 00430 mbedtls_sha1_finish_ret( ctx, output ); 00431 } 00432 #endif 00433 00434 #endif /* !MBEDTLS_SHA1_ALT */ 00435 00436 /* 00437 * output = SHA-1( input buffer ) 00438 */ 00439 int mbedtls_sha1_ret( const unsigned char *input, 00440 size_t ilen, 00441 unsigned char output[20] ) 00442 { 00443 int ret; 00444 mbedtls_sha1_context ctx; 00445 00446 SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); 00447 SHA1_VALIDATE_RET( (unsigned char *)output != NULL ); 00448 00449 mbedtls_sha1_init( &ctx ); 00450 00451 if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) 00452 goto exit; 00453 00454 if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 ) 00455 goto exit; 00456 00457 if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 ) 00458 goto exit; 00459 00460 exit: 00461 mbedtls_sha1_free( &ctx ); 00462 00463 return( ret ); 00464 } 00465 00466 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 00467 void mbedtls_sha1( const unsigned char *input, 00468 size_t ilen, 00469 unsigned char output[20] ) 00470 { 00471 mbedtls_sha1_ret( input, ilen, output ); 00472 } 00473 #endif 00474 00475 #if defined(MBEDTLS_SELF_TEST) 00476 /* 00477 * FIPS-180-1 test vectors 00478 */ 00479 static const unsigned char sha1_test_buf[3][57] = 00480 { 00481 { "abc" }, 00482 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, 00483 { "" } 00484 }; 00485 00486 static const size_t sha1_test_buflen[3] = 00487 { 00488 3, 56, 1000 00489 }; 00490 00491 static const unsigned char sha1_test_sum[3][20] = 00492 { 00493 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 00494 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D }, 00495 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE, 00496 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 }, 00497 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E, 00498 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F } 00499 }; 00500 00501 /* 00502 * Checkup routine 00503 */ 00504 int mbedtls_sha1_self_test( int verbose ) 00505 { 00506 int i, j, buflen, ret = 0; 00507 unsigned char buf[1024]; 00508 unsigned char sha1sum[20]; 00509 mbedtls_sha1_context ctx; 00510 00511 mbedtls_sha1_init( &ctx ); 00512 00513 /* 00514 * SHA-1 00515 */ 00516 for( i = 0; i < 3; i++ ) 00517 { 00518 if( verbose != 0 ) 00519 mbedtls_printf( " SHA-1 test #%d: ", i + 1 ); 00520 00521 if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) 00522 goto fail; 00523 00524 if( i == 2 ) 00525 { 00526 memset( buf, 'a', buflen = 1000 ); 00527 00528 for( j = 0; j < 1000; j++ ) 00529 { 00530 ret = mbedtls_sha1_update_ret( &ctx, buf, buflen ); 00531 if( ret != 0 ) 00532 goto fail; 00533 } 00534 } 00535 else 00536 { 00537 ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i], 00538 sha1_test_buflen[i] ); 00539 if( ret != 0 ) 00540 goto fail; 00541 } 00542 00543 if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 ) 00544 goto fail; 00545 00546 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) 00547 { 00548 ret = 1; 00549 goto fail; 00550 } 00551 00552 if( verbose != 0 ) 00553 mbedtls_printf( "passed\n" ); 00554 } 00555 00556 if( verbose != 0 ) 00557 mbedtls_printf( "\n" ); 00558 00559 goto exit; 00560 00561 fail: 00562 if( verbose != 0 ) 00563 mbedtls_printf( "failed\n" ); 00564 00565 exit: 00566 mbedtls_sha1_free( &ctx ); 00567 00568 return( ret ); 00569 } 00570 00571 #endif /* MBEDTLS_SELF_TEST */ 00572 00573 #endif /* MBEDTLS_SHA1_C */
Generated on Tue Jul 12 2022 13:54:50 by
1.7.2