[apple/xnu.git] / bsd / dev / random / YarrowCoreLib / src / sha1mod.c

/*
 * Copyright (c) 1999, 2000-2001 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * The contents of this file constitute Original Code as defined in and
 * are subject to the Apple Public Source License Version 1.1 (the
 * "License").  You may not use this file except in compliance with the
 * License.  Please obtain a copy of the License at
 * http://www.apple.com/publicsource and read it before using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
 * License for the specific language governing rights and limitations
 * under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
SHA-1 in C
By Steve Reid <steve@edmweb.com>
100% Public Domain
*/
/* Header portion split from main code for convenience (AYB 3/02/98) */
#include "sha1mod.h"

#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))

/*
 * Apple change...
 */
#if	defined(macintosh) || defined (__APPLE__)
#undef LITTLE_ENDIAN
#endif

/* blk0() and blk() perform the initial expand. */
/* I got the idea of expanding during the round function from SSLeay */
#ifdef LITTLE_ENDIAN
#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
    |(rol(block->l[i],8)&0x00FF00FF))
#else
#define blk0(i) block->l[i]
#endif
#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
    ^block->l[(i+2)&15]^block->l[i&15],1))

/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);


/* Hash a single 512-bit block. This is the core of the algorithm. */

void SHA1Transform(unsigned long state[5], unsigned char buffer[64])
{
unsigned long a, b, c, d, e;
typedef union {
    unsigned char c[64];
    unsigned long l[16];
} CHAR64LONG16;
CHAR64LONG16* block;
#ifdef SHA1HANDSOFF
static unsigned char workspace[64];
    block = (CHAR64LONG16*)workspace;
    memcpy(block, buffer, 64);
#else
    block = (CHAR64LONG16*)buffer;
#endif
    /* Copy context->state[] to working vars */
    a = state[0];
    b = state[1];
    c = state[2];
    d = state[3];
    e = state[4];
    /* 4 rounds of 20 operations each. Loop unrolled. */
    R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
    R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
    R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
    R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
    R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
    R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
    R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
    R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
    R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
    R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
    R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
    R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
    R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
    R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
    R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
    R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
    R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
    R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
    R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
    R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
    /* Add the working vars back into context.state[] */
    state[0] += a;
    state[1] += b;
    state[2] += c;
    state[3] += d;
    state[4] += e;
    /* Wipe variables */
    a = b = c = d = e = 0;
}


/* SHA1Init - Initialize new context */

void SHA1Init(SHA1_CTX* context)
{
    /* SHA1 initialization constants */
    context->state[0] = 0x67452301;
    context->state[1] = 0xEFCDAB89;
    context->state[2] = 0x98BADCFE;
    context->state[3] = 0x10325476;
    context->state[4] = 0xC3D2E1F0;
    context->count[0] = context->count[1] = 0;
}


/* Run your data through this. */

void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int len)
{
unsigned int i, j;

    j = (context->count[0] >> 3) & 63;
    if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++;
    context->count[1] += (len >> 29);
    if ((j + len) > 63) {
        memcpy(&context->buffer[j], data, (i = 64-j));
        SHA1Transform(context->state, context->buffer);
        for ( ; i + 63 < len; i += 64) {
            SHA1Transform(context->state, &data[i]);
        }
        j = 0;
    }
    else i = 0;
    memcpy(&context->buffer[j], &data[i], len - i);
}


/* Add padding and return the message digest. */

void SHA1Final(unsigned char digest[20], SHA1_CTX* context)
{
unsigned long i, j;
unsigned char finalcount[8];

    for (i = 0; i < 8; i++) {
        finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
         >> ((3-(i & 3)) * 8) ) & 255);  /* Endian independent */
    }
    SHA1Update(context, (unsigned char *)"\200", 1);
    while ((context->count[0] & 504) != 448) {
        SHA1Update(context, (unsigned char *)"\0", 1);
    }
    SHA1Update(context, finalcount, 8);  /* Should cause a SHA1Transform() */
    for (i = 0; i < 20; i++) {
        digest[i] = (unsigned char)
         ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
    }
    /* Wipe variables */
    i = j = 0;
    memset(context->buffer, 0, 64);
    memset(context->state, 0, 20);
    memset(context->count, 0, 8);
    memset(finalcount, 0, 8);
#ifdef SHA1HANDSOFF  /* make SHA1Transform overwrite it's own static vars */
    SHA1Transform(context->state, context->buffer);
#endif
}


/*************************************************************/

/* Test Code */

#if 0

int main(int argc, char** argv)
{
int i, j;
SHA1_CTX context;
unsigned char digest[20], buffer[16384];
FILE* file;

    if (argc > 2) {
        puts("Public domain SHA-1 implementation - by Steve Reid <steve@edmweb.com>");
        puts("Produces the SHA-1 hash of a file, or stdin if no file is specified.");
        exit(0);
    }
    if (argc < 2) {
        file = stdin;
    }
    else {
        if (!(file = fopen(argv[1], "rb"))) {
            fputs("Unable to open file.", stderr);
            exit(-1);
        }
    } 
    SHA1Init(&context);
    while (!feof(file)) {  /* note: what if ferror(file) */
        i = fread(buffer, 1, 16384, file);
        SHA1Update(&context, buffer, i);
    }
    SHA1Final(digest, &context);
    fclose(file);
    for (i = 0; i < 5; i++) {
        for (j = 0; j < 4; j++) {
            printf("%02X", digest[i*4+j]);
        }
        putchar(' ');
    }
    putchar('\n');
    exit(0);
}

#endif
Commit	Line	Data
0b4e3aa0 A	1	/*
	2	* Copyright (c) 1999, 2000-2001 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
de355530 A	6	* The contents of this file constitute Original Code as defined in and
	7	* are subject to the Apple Public Source License Version 1.1 (the
	8	* "License"). You may not use this file except in compliance with the
	9	* License. Please obtain a copy of the License at
	10	* http://www.apple.com/publicsource and read it before using this file.
0b4e3aa0	11	*
de355530 A	12	* This Original Code and all software distributed under the License are
de355530 A	13	* distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
0b4e3aa0 A	14	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
0b4e3aa0 A	15	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
de355530 A	16	* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
	17	* License for the specific language governing rights and limitations
	18	* under the License.
0b4e3aa0 A	19	*
	20	* @APPLE_LICENSE_HEADER_END@
	21	*/
	22
	23	/*
	24	SHA-1 in C
	25	By Steve Reid <steve@edmweb.com>
	26	100% Public Domain
	27	*/
	28	/* Header portion split from main code for convenience (AYB 3/02/98) */
	29	#include "sha1mod.h"
	30
	31	#define rol(value, bits) (((value) << (bits)) \| ((value) >> (32 - (bits))))
	32
	33	/*
	34	* Apple change...
	35	*/
	36	#if defined(macintosh) \|\| defined (__APPLE__)
	37	#undef LITTLE_ENDIAN
	38	#endif
	39
	40	/* blk0() and blk() perform the initial expand. */
	41	/* I got the idea of expanding during the round function from SSLeay */
	42	#ifdef LITTLE_ENDIAN
	43	#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
	44	\|(rol(block->l[i],8)&0x00FF00FF))
	45	#else
	46	#define blk0(i) block->l[i]
	47	#endif
	48	#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
	49	^block->l[(i+2)&15]^block->l[i&15],1))
	50
	51	/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
	52	#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
	53	#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
	54	#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
	55	#define R3(v,w,x,y,z,i) z+=(((w\|x)&y)\|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
	56	#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
	57
	58
	59	/* Hash a single 512-bit block. This is the core of the algorithm. */
	60
	61	void SHA1Transform(unsigned long state[5], unsigned char buffer[64])
	62	{
	63	unsigned long a, b, c, d, e;
	64	typedef union {
	65	unsigned char c[64];
	66	unsigned long l[16];
	67	} CHAR64LONG16;
	68	CHAR64LONG16* block;
	69	#ifdef SHA1HANDSOFF
	70	static unsigned char workspace[64];
	71	block = (CHAR64LONG16*)workspace;
	72	memcpy(block, buffer, 64);
	73	#else
	74	block = (CHAR64LONG16*)buffer;
	75	#endif
	76	/* Copy context->state[] to working vars */
	77	a = state[0];
	78	b = state[1];
	79	c = state[2];
	80	d = state[3];
	81	e = state[4];
	82	/* 4 rounds of 20 operations each. Loop unrolled. */
83	R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
84	R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
85	R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
86	R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
87	R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
88	R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
89	R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
90	R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
91	R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
92	R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
93	R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
94	R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
95	R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
96	R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
97	R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
98	R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
99	R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
100	R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
101	R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
102	R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
103	/* Add the working vars back into context.state[] */
104	state[0] += a;
105	state[1] += b;
106	state[2] += c;
107	state[3] += d;
108	state[4] += e;
109	/* Wipe variables */
110	a = b = c = d = e = 0;
111	}
112
113
114	/* SHA1Init - Initialize new context */
115
116	void SHA1Init(SHA1_CTX* context)
117	{
118	/* SHA1 initialization constants */
119	context->state[0] = 0x67452301;
120	context->state[1] = 0xEFCDAB89;
121	context->state[2] = 0x98BADCFE;
122	context->state[3] = 0x10325476;
123	context->state[4] = 0xC3D2E1F0;
124	context->count[0] = context->count[1] = 0;
125	}
126
127
128	/* Run your data through this. */
129
130	void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int len)
131	{
132	unsigned int i, j;
133
134	j = (context->count[0] >> 3) & 63;
135	if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++;
136	context->count[1] += (len >> 29);
137	if ((j + len) > 63) {
138	memcpy(&context->buffer[j], data, (i = 64-j));
139	SHA1Transform(context->state, context->buffer);
140	for ( ; i + 63 < len; i += 64) {
141	SHA1Transform(context->state, &data[i]);
142	}
143	j = 0;
144	}
145	else i = 0;
146	memcpy(&context->buffer[j], &data[i], len - i);
147	}
148
149
150	/* Add padding and return the message digest. */
151
152	void SHA1Final(unsigned char digest[20], SHA1_CTX* context)
153	{
154	unsigned long i, j;
155	unsigned char finalcount[8];
156
157	for (i = 0; i < 8; i++) {
158	finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
159	>> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
160	}
161	SHA1Update(context, (unsigned char *)"\200", 1);
162	while ((context->count[0] & 504) != 448) {
163	SHA1Update(context, (unsigned char *)"\0", 1);
164	}
165	SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
166	for (i = 0; i < 20; i++) {
167	digest[i] = (unsigned char)
168	((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
169	}
170	/* Wipe variables */
171	i = j = 0;
172	memset(context->buffer, 0, 64);
173	memset(context->state, 0, 20);
174	memset(context->count, 0, 8);
175	memset(finalcount, 0, 8);
176	#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */
177	SHA1Transform(context->state, context->buffer);
178	#endif
179	}
180
181
182	/*************************************************************/
183
184	/* Test Code */
185
186	#if 0
187
188	int main(int argc, char** argv)
189	{
190	int i, j;
191	SHA1_CTX context;
192	unsigned char digest[20], buffer[16384];
193	FILE* file;
194
195	if (argc > 2) {
196	puts("Public domain SHA-1 implementation - by Steve Reid <steve@edmweb.com>");
197	puts("Produces the SHA-1 hash of a file, or stdin if no file is specified.");
198	exit(0);
199	}
200	if (argc < 2) {
201	file = stdin;
202	}
203	else {
204	if (!(file = fopen(argv[1], "rb"))) {
205	fputs("Unable to open file.", stderr);
206	exit(-1);
207	}
208	}
209	SHA1Init(&context);
210	while (!feof(file)) { /* note: what if ferror(file) */
211	i = fread(buffer, 1, 16384, file);
212	SHA1Update(&context, buffer, i);
213	}
214	SHA1Final(digest, &context);
215	fclose(file);
216	for (i = 0; i < 5; i++) {
217	for (j = 0; j < 4; j++) {
218	printf("%02X", digest[i*4+j]);
219	}
220	putchar(' ');
221	}
222	putchar('\n');
223	exit(0);
224	}
225
226	#endif