/*
- * Based on shasum from http://www.netsw.org/crypto/hash/
- * Majorly hacked up to use Dr Brian Gladman's sha1 code
- *
+ * md5.c - Compute MD5 checksum of strings according to the
+ * definition of MD5 in RFC 1321 from April 1992.
+ *
+ * Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995.
+ *
+ * Copyright (C) 1995-1999 Free Software Foundation, Inc.
+ * Copyright (C) 2001 Manuel Novoa III
* Copyright (C) 2003 Glenn L. McGrath
* Copyright (C) 2003 Erik Andersen
*
- * Licensed under the GPL v2 or later, see the file LICENSE in this tarball.
+ * Licensed under the GPL v2 or later, see the file LICENSE in this tarball.
*/
-
-#include <byteswap.h>
-#include <endian.h>
#include <fcntl.h>
#include <limits.h>
#include <stdio.h>
#include "busybox.h"
-
-#ifdef CONFIG_SHA1SUM
-/*
- ---------------------------------------------------------------------------
- Begin Dr. Gladman's sha1 code
- ---------------------------------------------------------------------------
-*/
-
-/*
- ---------------------------------------------------------------------------
- Copyright (c) 2002, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
- All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- ALTERNATIVELY, provided that this notice is retained in full, this product
- may be distributed under the terms of the GNU General Public License (GPL),
- in which case the provisions of the GPL apply INSTEAD OF those given above.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explicit or implied warranties
- in respect of its properties, including, but not limited to, correctness
- and/or fitness for purpose.
- ---------------------------------------------------------------------------
- Issue Date: 10/11/2002
-
- This is a byte oriented version of SHA1 that operates on arrays of bytes
- stored in memory. It runs at 22 cycles per byte on a Pentium P4 processor
-*/
-
-# define SHA1_BLOCK_SIZE 64
-# define SHA1_DIGEST_SIZE 20
-# define SHA1_HASH_SIZE SHA1_DIGEST_SIZE
-# define SHA2_GOOD 0
-# define SHA2_BAD 1
-
-# define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
-
-# if __BYTE_ORDER == __BIG_ENDIAN
-# define swap_b32(x) (x)
-# elif defined(bswap_32)
-# define swap_b32(x) bswap_32(x)
+# if CONFIG_MD5_SIZE_VS_SPEED < 0 || CONFIG_MD5_SIZE_VS_SPEED > 3
+# define MD5_SIZE_VS_SPEED 2
# else
-# define swap_b32(x) ((rotl32((x), 8) & 0x00ff00ff) | (rotl32((x), 24) & 0xff00ff00))
-# endif /* __BYTE_ORDER */
-
-# define SHA1_MASK (SHA1_BLOCK_SIZE - 1)
-
-/* reverse byte order in 32-bit words */
-#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-#define parity(x,y,z) ((x) ^ (y) ^ (z))
-#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
-
-/* A normal version as set out in the FIPS. This version uses */
-/* partial loop unrolling and is optimised for the Pentium 4 */
-# define rnd(f,k) \
- t = a; a = rotl32(a,5) + f(b,c,d) + e + k + w[i]; \
- e = d; d = c; c = rotl32(b, 30); b = t
-
-/* type to hold the SHA1 context */
-struct sha1_ctx_t {
- uint32_t count[2];
- uint32_t hash[5];
- uint32_t wbuf[16];
-};
-
-static void sha1_compile(struct sha1_ctx_t *ctx)
-{
- uint32_t w[80], i, a, b, c, d, e, t;
-
- /* note that words are compiled from the buffer into 32-bit */
- /* words in big-endian order so an order reversal is needed */
- /* here on little endian machines */
- for (i = 0; i < SHA1_BLOCK_SIZE / 4; ++i)
- w[i] = swap_b32(ctx->wbuf[i]);
-
- for (i = SHA1_BLOCK_SIZE / 4; i < 80; ++i)
- w[i] = rotl32(w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16], 1);
-
- a = ctx->hash[0];
- b = ctx->hash[1];
- c = ctx->hash[2];
- d = ctx->hash[3];
- e = ctx->hash[4];
-
- for (i = 0; i < 20; ++i) {
- rnd(ch, 0x5a827999);
- }
-
- for (i = 20; i < 40; ++i) {
- rnd(parity, 0x6ed9eba1);
- }
-
- for (i = 40; i < 60; ++i) {
- rnd(maj, 0x8f1bbcdc);
- }
-
- for (i = 60; i < 80; ++i) {
- rnd(parity, 0xca62c1d6);
- }
-
- ctx->hash[0] += a;
- ctx->hash[1] += b;
- ctx->hash[2] += c;
- ctx->hash[3] += d;
- ctx->hash[4] += e;
-}
-
-static void sha1_begin(struct sha1_ctx_t *ctx)
-{
- ctx->count[0] = ctx->count[1] = 0;
- ctx->hash[0] = 0x67452301;
- ctx->hash[1] = 0xefcdab89;
- ctx->hash[2] = 0x98badcfe;
- ctx->hash[3] = 0x10325476;
- ctx->hash[4] = 0xc3d2e1f0;
-}
-
-/* SHA1 hash data in an array of bytes into hash buffer and call the */
-/* hash_compile function as required. */
-static void sha1_hash(const void *data, size_t len, void *ctx_v)
-{
- struct sha1_ctx_t *ctx = (struct sha1_ctx_t *) ctx_v;
- uint32_t pos = (uint32_t) (ctx->count[0] & SHA1_MASK);
- uint32_t freeb = SHA1_BLOCK_SIZE - pos;
- const unsigned char *sp = data;
-
- if ((ctx->count[0] += len) < len)
- ++(ctx->count[1]);
-
- while (len >= freeb) { /* tranfer whole blocks while possible */
- memcpy(((unsigned char *) ctx->wbuf) + pos, sp, freeb);
- sp += freeb;
- len -= freeb;
- freeb = SHA1_BLOCK_SIZE;
- pos = 0;
- sha1_compile(ctx);
- }
-
- memcpy(((unsigned char *) ctx->wbuf) + pos, sp, len);
-}
-
-/* SHA1 Final padding and digest calculation */
-# if __BYTE_ORDER == __LITTLE_ENDIAN
-static uint32_t mask[4] = { 0x00000000, 0x000000ff, 0x0000ffff, 0x00ffffff };
-static uint32_t bits[4] = { 0x00000080, 0x00008000, 0x00800000, 0x80000000 };
-# else
-static uint32_t mask[4] = { 0x00000000, 0xff000000, 0xffff0000, 0xffffff00 };
-static uint32_t bits[4] = { 0x80000000, 0x00800000, 0x00008000, 0x00000080 };
-# endif /* __BYTE_ORDER */
-
-static void sha1_end(unsigned char hval[], struct sha1_ctx_t *ctx)
-{
- uint32_t i, cnt = (uint32_t) (ctx->count[0] & SHA1_MASK);
-
- /* mask out the rest of any partial 32-bit word and then set */
- /* the next byte to 0x80. On big-endian machines any bytes in */
- /* the buffer will be at the top end of 32 bit words, on little */
- /* endian machines they will be at the bottom. Hence the AND */
- /* and OR masks above are reversed for little endian systems */
- ctx->wbuf[cnt >> 2] =
- (ctx->wbuf[cnt >> 2] & mask[cnt & 3]) | bits[cnt & 3];
-
- /* we need 9 or more empty positions, one for the padding byte */
- /* (above) and eight for the length count. If there is not */
- /* enough space pad and empty the buffer */
- if (cnt > SHA1_BLOCK_SIZE - 9) {
- if (cnt < 60)
- ctx->wbuf[15] = 0;
- sha1_compile(ctx);
- cnt = 0;
- } else /* compute a word index for the empty buffer positions */
- cnt = (cnt >> 2) + 1;
-
- while (cnt < 14) /* and zero pad all but last two positions */
- ctx->wbuf[cnt++] = 0;
-
- /* assemble the eight byte counter in the buffer in big-endian */
- /* format */
-
- ctx->wbuf[14] = swap_b32((ctx->count[1] << 3) | (ctx->count[0] >> 29));
- ctx->wbuf[15] = swap_b32(ctx->count[0] << 3);
-
- sha1_compile(ctx);
-
- /* extract the hash value as bytes in case the hash buffer is */
- /* misaligned for 32-bit words */
-
- for (i = 0; i < SHA1_DIGEST_SIZE; ++i)
- hval[i] = (unsigned char) (ctx->hash[i >> 2] >> 8 * (~i & 3));
-}
-
-/*
- ---------------------------------------------------------------------------
- End of Dr. Gladman's sha1 code
- ---------------------------------------------------------------------------
-*/
-#endif /* CONFIG_SHA1 */
-
-
-
-
-
-#ifdef CONFIG_MD5SUM
-/*
- * md5sum.c - Compute MD5 checksum of files or strings according to the
- * definition of MD5 in RFC 1321 from April 1992.
- *
- * Copyright (C) 1995-1999 Free Software Foundation, Inc.
- * Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995.
- *
- *
- * June 29, 2001 Manuel Novoa III
- *
- * Added MD5SUM_SIZE_VS_SPEED configuration option.
- *
- * Current valid values, with data from my system for comparison, are:
- * (using uClibc and running on linux-2.4.4.tar.bz2)
- * user times (sec) text size (386)
- * 0 (fastest) 1.1 6144
- * 1 1.4 5392
- * 2 3.0 5088
- * 3 (smallest) 5.1 4912
- */
-
-# if CONFIG_MD5SUM_SIZE_VS_SPEED < 0 || CONFIG_MD5SUM_SIZE_VS_SPEED > 3
-# define MD5SUM_SIZE_VS_SPEED 2
-# else
-# define MD5SUM_SIZE_VS_SPEED CONFIG_MD5SUM_SIZE_VS_SPEED
+# define MD5_SIZE_VS_SPEED CONFIG_MD5_SIZE_VS_SPEED
# endif
/* Handle endian-ness */
-# if __BYTE_ORDER == __LITTLE_ENDIAN
+# if !BB_BIG_ENDIAN
# define SWAP(n) (n)
# elif defined(bswap_32)
# define SWAP(n) bswap_32(n)
# define SWAP(n) ((n << 24) | ((n&65280)<<8) | ((n&16711680)>>8) | (n>>24))
# endif
-# if MD5SUM_SIZE_VS_SPEED == 0
+# if MD5_SIZE_VS_SPEED == 0
/* This array contains the bytes used to pad the buffer to the next
64-byte boundary. (RFC 1321, 3.1: Step 1) */
static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
-# endif /* MD5SUM_SIZE_VS_SPEED == 0 */
-
-/* Structure to save state of computation between the single steps. */
-struct md5_ctx_t {
- uint32_t A;
- uint32_t B;
- uint32_t C;
- uint32_t D;
- uint32_t total[2];
- uint32_t buflen;
- char buffer[128];
-};
+# endif /* MD5_SIZE_VS_SPEED == 0 */
/* Initialize structure containing state of computation.
* (RFC 1321, 3.3: Step 3)
*/
-static void md5_begin(struct md5_ctx_t *ctx)
+void md5_begin(md5_ctx_t *ctx)
{
ctx->A = 0x67452301;
ctx->B = 0xefcdab89;
* starting at BUFFER.
* It is necessary that LEN is a multiple of 64!!!
*/
-static void md5_hash_block(const void *buffer, size_t len, struct md5_ctx_t *ctx)
+void md5_hash_block(const void *buffer, size_t len, md5_ctx_t *ctx)
{
uint32_t correct_words[16];
const uint32_t *words = buffer;
size_t nwords = len / sizeof(uint32_t);
const uint32_t *endp = words + nwords;
-# if MD5SUM_SIZE_VS_SPEED > 0
+# if MD5_SIZE_VS_SPEED > 0
static const uint32_t C_array[] = {
/* round 1 */
0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
};
static const char P_array[] = {
-# if MD5SUM_SIZE_VS_SPEED > 1
+# if MD5_SIZE_VS_SPEED > 1
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, /* 1 */
-# endif /* MD5SUM_SIZE_VS_SPEED > 1 */
+# endif /* MD5_SIZE_VS_SPEED > 1 */
1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, /* 2 */
5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, /* 3 */
0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9 /* 4 */
};
-# if MD5SUM_SIZE_VS_SPEED > 1
+# if MD5_SIZE_VS_SPEED > 1
static const char S_array[] = {
7, 12, 17, 22,
5, 9, 14, 20,
4, 11, 16, 23,
6, 10, 15, 21
};
-# endif /* MD5SUM_SIZE_VS_SPEED > 1 */
+# endif /* MD5_SIZE_VS_SPEED > 1 */
# endif
uint32_t A = ctx->A;
uint32_t C_save = C;
uint32_t D_save = D;
-# if MD5SUM_SIZE_VS_SPEED > 1
+# if MD5_SIZE_VS_SPEED > 1
# define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
const uint32_t *pc;
}
words += 16;
-# if MD5SUM_SIZE_VS_SPEED > 2
+# if MD5_SIZE_VS_SPEED > 2
pc = C_array;
pp = P_array;
ps = S_array - 4;
B = temp;
}
-# endif /* MD5SUM_SIZE_VS_SPEED > 2 */
+# endif /* MD5_SIZE_VS_SPEED > 2 */
# else
/* First round: using the given function, the context and a constant
the next context is computed. Because the algorithms processing
T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
*/
-# if MD5SUM_SIZE_VS_SPEED == 1
+# if MD5_SIZE_VS_SPEED == 1
const uint32_t *pc;
const char *pp;
int i;
-# endif /* MD5SUM_SIZE_VS_SPEED */
+# endif /* MD5_SIZE_VS_SPEED */
/* Round 1. */
-# if MD5SUM_SIZE_VS_SPEED == 1
+# if MD5_SIZE_VS_SPEED == 1
pc = C_array;
for (i = 0; i < 4; i++) {
OP(A, B, C, D, 7, *pc++);
OP(D, A, B, C, 12, 0xfd987193);
OP(C, D, A, B, 17, 0xa679438e);
OP(B, C, D, A, 22, 0x49b40821);
-# endif /* MD5SUM_SIZE_VS_SPEED == 1 */
+# endif /* MD5_SIZE_VS_SPEED == 1 */
/* For the second to fourth round we have the possibly swapped words
in CORRECT_WORDS. Redefine the macro to take an additional first
while (0)
/* Round 2. */
-# if MD5SUM_SIZE_VS_SPEED == 1
+# if MD5_SIZE_VS_SPEED == 1
pp = P_array;
for (i = 0; i < 4; i++) {
OP(FG, A, B, C, D, (int) (*pp++), 5, *pc++);
OP(FG, D, A, B, C, 2, 9, 0xfcefa3f8);
OP(FG, C, D, A, B, 7, 14, 0x676f02d9);
OP(FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
-# endif /* MD5SUM_SIZE_VS_SPEED == 1 */
+# endif /* MD5_SIZE_VS_SPEED == 1 */
/* Round 3. */
-# if MD5SUM_SIZE_VS_SPEED == 1
+# if MD5_SIZE_VS_SPEED == 1
for (i = 0; i < 4; i++) {
OP(FH, A, B, C, D, (int) (*pp++), 4, *pc++);
OP(FH, D, A, B, C, (int) (*pp++), 11, *pc++);
OP(FH, D, A, B, C, 12, 11, 0xe6db99e5);
OP(FH, C, D, A, B, 15, 16, 0x1fa27cf8);
OP(FH, B, C, D, A, 2, 23, 0xc4ac5665);
-# endif /* MD5SUM_SIZE_VS_SPEED == 1 */
+# endif /* MD5_SIZE_VS_SPEED == 1 */
/* Round 4. */
-# if MD5SUM_SIZE_VS_SPEED == 1
+# if MD5_SIZE_VS_SPEED == 1
for (i = 0; i < 4; i++) {
OP(FI, A, B, C, D, (int) (*pp++), 6, *pc++);
OP(FI, D, A, B, C, (int) (*pp++), 10, *pc++);
OP(FI, D, A, B, C, 11, 10, 0xbd3af235);
OP(FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
OP(FI, B, C, D, A, 9, 21, 0xeb86d391);
-# endif /* MD5SUM_SIZE_VS_SPEED == 1 */
-# endif /* MD5SUM_SIZE_VS_SPEED > 1 */
+# endif /* MD5_SIZE_VS_SPEED == 1 */
+# endif /* MD5_SIZE_VS_SPEED > 1 */
/* Add the starting values of the context. */
A += A_save;
* It is NOT required that LEN is a multiple of 64.
*/
-static void md5_hash_bytes(const void *buffer, size_t len, struct md5_ctx_t *ctx)
+static void md5_hash_bytes(const void *buffer, size_t len, md5_ctx_t *ctx)
{
/* When we already have some bits in our internal buffer concatenate
both inputs first. */
}
}
-static void md5_hash(const void *buffer, size_t length, void *md5_ctx)
+void md5_hash(const void *data, size_t length, md5_ctx_t *ctx)
{
if (length % 64 == 0) {
- md5_hash_block(buffer, length, md5_ctx);
+ md5_hash_block(data, length, ctx);
} else {
- md5_hash_bytes(buffer, length, md5_ctx);
+ md5_hash_bytes(data, length, ctx);
}
}
* IMPORTANT: On some systems it is required that RESBUF is correctly
* aligned for a 32 bits value.
*/
-static void *md5_end(void *resbuf, struct md5_ctx_t *ctx)
+void *md5_end(void *resbuf, md5_ctx_t *ctx)
{
/* Take yet unprocessed bytes into account. */
uint32_t bytes = ctx->buflen;
++ctx->total[1];
pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
-# if MD5SUM_SIZE_VS_SPEED > 0
+# if MD5_SIZE_VS_SPEED > 0
memset(&ctx->buffer[bytes], 0, pad);
ctx->buffer[bytes] = 0x80;
# else
memcpy(&ctx->buffer[bytes], fillbuf, pad);
-# endif /* MD5SUM_SIZE_VS_SPEED > 0 */
+# endif /* MD5_SIZE_VS_SPEED > 0 */
/* Put the 64-bit file length in *bits* at the end of the buffer. */
*(uint32_t *) & ctx->buffer[bytes + pad] = SWAP(ctx->total[0] << 3);
return resbuf;
}
-#endif /* CONFIG_MD5SUM */
-
-
-
-
-extern int hash_fd(int src_fd, const size_t size, const uint8_t hash_algo,
- uint8_t * hashval)
-{
- int result = EXIT_SUCCESS;
-// size_t hashed_count = 0;
- size_t blocksize = 0;
- size_t remaining = size;
- unsigned char *buffer = NULL;
- void (*hash_fn_ptr)(const void *, size_t, void *) = NULL;
- void *cx = NULL;
-
-#ifdef CONFIG_SHA1SUM
- struct sha1_ctx_t sha1_cx;
-#endif
-#ifdef CONFIG_MD5SUM
- struct md5_ctx_t md5_cx;
-#endif
-
-
-#ifdef CONFIG_SHA1SUM
- if (hash_algo == HASH_SHA1) {
- /* Ensure that BLOCKSIZE is a multiple of 64. */
- blocksize = 65536;
- buffer = xmalloc(blocksize);
- hash_fn_ptr = sha1_hash;
- cx = &sha1_cx;
- }
-#endif
-#ifdef CONFIG_MD5SUM
- if (hash_algo == HASH_MD5) {
- blocksize = 4096;
- buffer = xmalloc(blocksize + 72);
- hash_fn_ptr = md5_hash;
- cx = &md5_cx;
- }
-#endif
-
- /* Initialize the computation context. */
-#ifdef CONFIG_SHA1SUM
- if (hash_algo == HASH_SHA1) {
- sha1_begin(&sha1_cx);
- }
-#endif
-#ifdef CONFIG_MD5SUM
- if (hash_algo == HASH_MD5) {
- md5_begin(&md5_cx);
- }
-#endif
- /* Iterate over full file contents. */
- while ((remaining == (size_t) -1) || (remaining > 0)) {
- size_t read_try;
- ssize_t read_got;
-
- if (remaining > blocksize) {
- read_try = blocksize;
- } else {
- read_try = remaining;
- }
- read_got = bb_full_read(src_fd, buffer, read_try);
- if (read_got < 1) {
- /* count == 0 means short read
- * count == -1 means read error */
- result = read_got - 1;
- break;
- }
- if (remaining != (size_t) -1) {
- remaining -= read_got;
- }
-
- /* Process buffer */
- hash_fn_ptr(buffer, read_got, cx);
- }
- /* Finalize and write the hash into our buffer. */
-#ifdef CONFIG_SHA1SUM
- if (hash_algo == HASH_SHA1) {
- sha1_end(hashval, &sha1_cx);
- }
-#endif
-#ifdef CONFIG_MD5SUM
- if (hash_algo == HASH_MD5) {
- md5_end(hashval, &md5_cx);
- }
-#endif
-
- free(buffer);
- return result;
-}
--- /dev/null
+/*
+ * Based on shasum from http://www.netsw.org/crypto/hash/
+ * Majorly hacked up to use Dr Brian Gladman's sha1 code
+ *
+ * Copyright (C) 2002 Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
+ * Copyright (C) 2003 Glenn L. McGrath
+ * Copyright (C) 2003 Erik Andersen
+ *
+ * LICENSE TERMS
+ *
+ * The free distribution and use of this software in both source and binary
+ * form is allowed (with or without changes) provided that:
+ *
+ * 1. distributions of this source code include the above copyright
+ * notice, this list of conditions and the following disclaimer;
+ *
+ * 2. distributions in binary form include the above copyright
+ * notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other associated materials;
+ *
+ * 3. the copyright holder's name is not used to endorse products
+ * built using this software without specific written permission.
+ *
+ * ALTERNATIVELY, provided that this notice is retained in full, this product
+ * may be distributed under the terms of the GNU General Public License (GPL),
+ * in which case the provisions of the GPL apply INSTEAD OF those given above.
+ *
+ * DISCLAIMER
+ *
+ * This software is provided 'as is' with no explicit or implied warranties
+ * in respect of its properties, including, but not limited to, correctness
+ * and/or fitness for purpose.
+ * ---------------------------------------------------------------------------
+ * Issue Date: 10/11/2002
+ *
+ * This is a byte oriented version of SHA1 that operates on arrays of bytes
+ * stored in memory. It runs at 22 cycles per byte on a Pentium P4 processor
+ */
+
+#include <fcntl.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "busybox.h"
+
+# define SHA1_BLOCK_SIZE 64
+# define SHA1_DIGEST_SIZE 20
+# define SHA1_HASH_SIZE SHA1_DIGEST_SIZE
+# define SHA2_GOOD 0
+# define SHA2_BAD 1
+
+# define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
+
+# define SHA1_MASK (SHA1_BLOCK_SIZE - 1)
+
+/* reverse byte order in 32-bit words */
+#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
+#define parity(x,y,z) ((x) ^ (y) ^ (z))
+#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
+
+/* A normal version as set out in the FIPS. This version uses */
+/* partial loop unrolling and is optimised for the Pentium 4 */
+# define rnd(f,k) \
+ t = a; a = rotl32(a,5) + f(b,c,d) + e + k + w[i]; \
+ e = d; d = c; c = rotl32(b, 30); b = t
+
+
+static void sha1_compile(sha1_ctx_t *ctx)
+{
+ uint32_t w[80], i, a, b, c, d, e, t;
+
+ /* note that words are compiled from the buffer into 32-bit */
+ /* words in big-endian order so an order reversal is needed */
+ /* here on little endian machines */
+ for (i = 0; i < SHA1_BLOCK_SIZE / 4; ++i)
+ w[i] = htonl(ctx->wbuf[i]);
+
+ for (i = SHA1_BLOCK_SIZE / 4; i < 80; ++i)
+ w[i] = rotl32(w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16], 1);
+
+ a = ctx->hash[0];
+ b = ctx->hash[1];
+ c = ctx->hash[2];
+ d = ctx->hash[3];
+ e = ctx->hash[4];
+
+ for (i = 0; i < 20; ++i) {
+ rnd(ch, 0x5a827999);
+ }
+
+ for (i = 20; i < 40; ++i) {
+ rnd(parity, 0x6ed9eba1);
+ }
+
+ for (i = 40; i < 60; ++i) {
+ rnd(maj, 0x8f1bbcdc);
+ }
+
+ for (i = 60; i < 80; ++i) {
+ rnd(parity, 0xca62c1d6);
+ }
+
+ ctx->hash[0] += a;
+ ctx->hash[1] += b;
+ ctx->hash[2] += c;
+ ctx->hash[3] += d;
+ ctx->hash[4] += e;
+}
+
+void sha1_begin(sha1_ctx_t *ctx)
+{
+ ctx->count[0] = ctx->count[1] = 0;
+ ctx->hash[0] = 0x67452301;
+ ctx->hash[1] = 0xefcdab89;
+ ctx->hash[2] = 0x98badcfe;
+ ctx->hash[3] = 0x10325476;
+ ctx->hash[4] = 0xc3d2e1f0;
+}
+
+/* SHA1 hash data in an array of bytes into hash buffer and call the */
+/* hash_compile function as required. */
+void sha1_hash(const void *data, size_t length, sha1_ctx_t *ctx)
+{
+ uint32_t pos = (uint32_t) (ctx->count[0] & SHA1_MASK);
+ uint32_t freeb = SHA1_BLOCK_SIZE - pos;
+ const unsigned char *sp = data;
+
+ if ((ctx->count[0] += length) < length)
+ ++(ctx->count[1]);
+
+ while (length >= freeb) { /* tranfer whole blocks while possible */
+ memcpy(((unsigned char *) ctx->wbuf) + pos, sp, freeb);
+ sp += freeb;
+ length -= freeb;
+ freeb = SHA1_BLOCK_SIZE;
+ pos = 0;
+ sha1_compile(ctx);
+ }
+
+ memcpy(((unsigned char *) ctx->wbuf) + pos, sp, length);
+}
+
+void *sha1_end(void *resbuf, sha1_ctx_t *ctx)
+{
+ /* SHA1 Final padding and digest calculation */
+ #if BB_BIG_ENDIAN
+ static uint32_t mask[4] = { 0x00000000, 0xff000000, 0xffff0000, 0xffffff00 };
+ static uint32_t bits[4] = { 0x80000000, 0x00800000, 0x00008000, 0x00000080 };
+ #else
+ static uint32_t mask[4] = { 0x00000000, 0x000000ff, 0x0000ffff, 0x00ffffff };
+ static uint32_t bits[4] = { 0x00000080, 0x00008000, 0x00800000, 0x80000000 };
+ #endif /* __BYTE_ORDER */
+
+ uint8_t *hval = resbuf;
+ uint32_t i, cnt = (uint32_t) (ctx->count[0] & SHA1_MASK);
+
+ /* mask out the rest of any partial 32-bit word and then set */
+ /* the next byte to 0x80. On big-endian machines any bytes in */
+ /* the buffer will be at the top end of 32 bit words, on little */
+ /* endian machines they will be at the bottom. Hence the AND */
+ /* and OR masks above are reversed for little endian systems */
+ ctx->wbuf[cnt >> 2] =
+ (ctx->wbuf[cnt >> 2] & mask[cnt & 3]) | bits[cnt & 3];
+
+ /* we need 9 or more empty positions, one for the padding byte */
+ /* (above) and eight for the length count. If there is not */
+ /* enough space pad and empty the buffer */
+ if (cnt > SHA1_BLOCK_SIZE - 9) {
+ if (cnt < 60)
+ ctx->wbuf[15] = 0;
+ sha1_compile(ctx);
+ cnt = 0;
+ } else /* compute a word index for the empty buffer positions */
+ cnt = (cnt >> 2) + 1;
+
+ while (cnt < 14) /* and zero pad all but last two positions */
+ ctx->wbuf[cnt++] = 0;
+
+ /* assemble the eight byte counter in the buffer in big-endian */
+ /* format */
+
+ ctx->wbuf[14] = htonl((ctx->count[1] << 3) | (ctx->count[0] >> 29));
+ ctx->wbuf[15] = htonl(ctx->count[0] << 3);
+
+ sha1_compile(ctx);
+
+ /* extract the hash value as bytes in case the hash buffer is */
+ /* misaligned for 32-bit words */
+
+ for (i = 0; i < SHA1_DIGEST_SIZE; ++i)
+ hval[i] = (unsigned char) (ctx->hash[i >> 2] >> 8 * (~i & 3));
+
+ return resbuf;
+}
+
+
projects / platform / upstream / busybox.git / commitdiff