1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
11 #include "base/sys_byteorder.h"
15 // Implementation of SHA-1. Only handles data in byte-sized blocks,
16 // which simplifies the code a fair bit.
18 // Identifier names follow notation in FIPS PUB 180-3, where you'll
19 // also find a description of the algorithm:
20 // http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
24 // SecureHashAlgorithm sha;
25 // while(there is data to hash)
26 // sha.Update(moredata, size of data);
28 // memcpy(somewhere, sha.Digest(), 20);
30 // to reuse the instance of sha, call sha.Init();
32 // TODO(jhawkins): Replace this implementation with a per-platform
33 // implementation using each platform's crypto library. See
34 // http://crbug.com/47218
36 class SecureHashAlgorithm {
38 SecureHashAlgorithm() { Init(); }
40 static const int kDigestSizeBytes;
43 void Update(const void* data, size_t nbytes);
46 // 20 bytes of message digest.
47 const unsigned char* Digest() const {
48 return reinterpret_cast<const unsigned char*>(H);
55 uint32_t A, B, C, D, E;
68 static inline uint32_t f(uint32_t t, uint32_t B, uint32_t C, uint32_t D) {
70 return (B & C) | ((~B) & D);
74 return (B & C) | (B & D) | (C & D);
80 static inline uint32_t S(uint32_t n, uint32_t X) {
81 return (X << n) | (X >> (32-n));
84 static inline uint32_t K(uint32_t t) {
96 const int SecureHashAlgorithm::kDigestSizeBytes = 20;
98 void SecureHashAlgorithm::Init() {
113 void SecureHashAlgorithm::Final() {
117 for (int t = 0; t < 5; ++t)
118 H[t] = ByteSwap(H[t]);
121 void SecureHashAlgorithm::Update(const void* data, size_t nbytes) {
122 const uint8_t* d = reinterpret_cast<const uint8_t*>(data);
131 void SecureHashAlgorithm::Pad() {
135 // pad out to next block
142 while (cursor < 64-8)
145 M[cursor++] = (l >> 56) & 0xff;
146 M[cursor++] = (l >> 48) & 0xff;
147 M[cursor++] = (l >> 40) & 0xff;
148 M[cursor++] = (l >> 32) & 0xff;
149 M[cursor++] = (l >> 24) & 0xff;
150 M[cursor++] = (l >> 16) & 0xff;
151 M[cursor++] = (l >> 8) & 0xff;
152 M[cursor++] = l & 0xff;
155 void SecureHashAlgorithm::Process() {
158 // Each a...e corresponds to a section in the FIPS 180-3 algorithm.
162 // W and M are in a union, so no need to memcpy.
163 // memcpy(W, M, sizeof(M));
164 for (t = 0; t < 16; ++t)
165 W[t] = ByteSwap(W[t]);
168 for (t = 16; t < 80; ++t)
169 W[t] = S(1, W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16]);
179 for (t = 0; t < 80; ++t) {
180 uint32_t TEMP = S(5, A) + f(t, B, C, D) + E + W[t] + K(t);
198 std::string SHA1HashString(const std::string& str) {
199 char hash[SecureHashAlgorithm::kDigestSizeBytes];
200 SHA1HashBytes(reinterpret_cast<const unsigned char*>(str.c_str()),
201 str.length(), reinterpret_cast<unsigned char*>(hash));
202 return std::string(hash, SecureHashAlgorithm::kDigestSizeBytes);
205 void SHA1HashBytes(const unsigned char* data, size_t len,
206 unsigned char* hash) {
207 SecureHashAlgorithm sha;
208 sha.Update(data, len);
211 memcpy(hash, sha.Digest(), SecureHashAlgorithm::kDigestSizeBytes);