1 /* crypto/md32_common.h */
2 /* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56 /*
57 * This is a generic 32 bit "collector" for message digest algorithms.
58 * Whenever needed it collects input character stream into chunks of
59 * 32 bit values and invokes a block function that performs actual hash
60 * calculations.
61 *
62 * Porting guide.
63 *
64 * Obligatory macros:
65 *
66 * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
67 * this macro defines byte order of input stream.
68 * HASH_CBLOCK
69 * size of a unit chunk HASH_BLOCK operates on.
70 * HASH_LONG
71 * has to be at lest 32 bit wide, if it's wider, then
72 * HASH_LONG_LOG2 *has to* be defined along
73 * HASH_CTX
74 * context structure that at least contains following
75 * members:
76 * typedef struct {
77 * ...
78 * HASH_LONG Nl,Nh;
79 * HASH_LONG data[HASH_LBLOCK];
80 * int num;
81 * ...
82 * } HASH_CTX;
83 * HASH_UPDATE
84 * name of "Update" function, implemented here.
85 * HASH_TRANSFORM
86 * name of "Transform" function, implemented here.
87 * HASH_FINAL
88 * name of "Final" function, implemented here.
89 * HASH_BLOCK_HOST_ORDER
90 * name of "block" function treating *aligned* input message
91 * in host byte order, implemented externally.
92 * HASH_BLOCK_DATA_ORDER
93 * name of "block" function treating *unaligned* input message
94 * in original (data) byte order, implemented externally (it
95 * actually is optional if data and host are of the same
96 * "endianess").
97 * HASH_MAKE_STRING
98 * macro convering context variables to an ASCII hash string.
99 *
100 * Optional macros:
101 *
102 * B_ENDIAN or L_ENDIAN
103 * defines host byte-order.
104 * HASH_LONG_LOG2
105 * defaults to 2 if not states otherwise.
106 * HASH_LBLOCK
107 * assumed to be HASH_CBLOCK/4 if not stated otherwise.
108 *
109 * MD5 example:
110 *
111 * #define DATA_ORDER_IS_LITTLE_ENDIAN
112 *
113 * #define HASH_LONG MD5_LONG
114 * #define HASH_LONG_LOG2 MD5_LONG_LOG2
115 * #define HASH_CTX MD5_CTX
116 * #define HASH_CBLOCK MD5_CBLOCK
117 * #define HASH_LBLOCK MD5_LBLOCK
118 * #define HASH_UPDATE MD5_Update
119 * #define HASH_TRANSFORM MD5_Transform
120 * #define HASH_FINAL MD5_Final
121 * #define HASH_BLOCK_HOST_ORDER md5_block_host_order
122 * #define HASH_BLOCK_DATA_ORDER md5_block_data_order
123 *
124 * <appro@fy.chalmers.se>
125 */
126
127 #if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
128 #error "DATA_ORDER must be defined!"
129 #endif
130
131 #ifndef HASH_CBLOCK
132 #error "HASH_CBLOCK must be defined!"
133 #endif
134 #ifndef HASH_LONG
135 #error "HASH_LONG must be defined!"
136 #endif
137 #ifndef HASH_CTX
138 #error "HASH_CTX must be defined!"
139 #endif
140
141 #ifndef HASH_UPDATE
142 #error "HASH_UPDATE must be defined!"
143 #endif
144 #ifndef HASH_TRANSFORM
145 #error "HASH_TRANSFORM must be defined!"
146 #endif
147 #ifndef HASH_FINAL
148 #error "HASH_FINAL must be defined!"
149 #endif
150
151 #ifndef HASH_BLOCK_HOST_ORDER
152 #error "HASH_BLOCK_HOST_ORDER must be defined!"
153 #endif
154
155 #ifndef HASH_BLOCK_DATA_ORDER
156 #error "HASH_BLOCK_DATA_ORDER must be defined!"
157 #endif
158
159 #ifndef HASH_LBLOCK
160 #define HASH_LBLOCK (HASH_CBLOCK/4)
161 #endif
162
163 #ifndef HASH_LONG_LOG2
164 #define HASH_LONG_LOG2 2
165 #endif
166
167 #ifdef ROTATE
168 #undef ROTATE
169 #endif
170 #define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
171
172 /*
173 * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
174 * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
175 * and host are of the same "endianess". It's possible to mask
176 * this with blank #define HASH_BLOCK_DATA_ORDER though...
177 *
178 * <appro@fy.chalmers.se>
179 */
180
181 #if defined(DATA_ORDER_IS_BIG_ENDIAN)
182
183 #define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
184 l|=(((unsigned long)(*((c)++)))<<16), \
185 l|=(((unsigned long)(*((c)++)))<< 8), \
186 l|=(((unsigned long)(*((c)++))) ), \
187 l)
188 #define HOST_p_c2l(c,l,n) { \
189 switch (n) { \
190 case 0: l =((unsigned long)(*((c)++)))<<24; \
191 case 1: l|=((unsigned long)(*((c)++)))<<16; \
192 case 2: l|=((unsigned long)(*((c)++)))<< 8; \
193 case 3: l|=((unsigned long)(*((c)++))); \
194 } }
195 #define HOST_p_c2l_p(c,l,sc,len) { \
196 switch (sc) { \
197 case 0: l =((unsigned long)(*((c)++)))<<24; \
198 if (--len == 0) break; \
199 case 1: l|=((unsigned long)(*((c)++)))<<16; \
200 if (--len == 0) break; \
201 case 2: l|=((unsigned long)(*((c)++)))<< 8; \
202 } }
203 /* NOTE the pointer is not incremented at the end of this */
204 #define HOST_c2l_p(c,l,n) { \
205 l=0; (c)+=n; \
206 switch (n) { \
207 case 3: l =((unsigned long)(*(--(c))))<< 8; \
208 case 2: l|=((unsigned long)(*(--(c))))<<16; \
209 case 1: l|=((unsigned long)(*(--(c))))<<24; \
210 } }
211 #define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
212 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
213 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
214 *((c)++)=(unsigned char)(((l) )&0xff), \
215 l)
216
217 #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
218
219 #define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
220 l|=(((unsigned long)(*((c)++)))<< 8), \
221 l|=(((unsigned long)(*((c)++)))<<16), \
222 l|=(((unsigned long)(*((c)++)))<<24), \
223 l)
224 #define HOST_p_c2l(c,l,n) { \
225 switch (n) { \
226 case 0: l =((unsigned long)(*((c)++))); \
227 case 1: l|=((unsigned long)(*((c)++)))<< 8; \
228 case 2: l|=((unsigned long)(*((c)++)))<<16; \
229 case 3: l|=((unsigned long)(*((c)++)))<<24; \
230 } }
231 #define HOST_p_c2l_p(c,l,sc,len) { \
232 switch (sc) { \
233 case 0: l =((unsigned long)(*((c)++))); \
234 if (--len == 0) break; \
235 case 1: l|=((unsigned long)(*((c)++)))<< 8; \
236 if (--len == 0) break; \
237 case 2: l|=((unsigned long)(*((c)++)))<<16; \
238 } }
239 /* NOTE the pointer is not incremented at the end of this */
240 #define HOST_c2l_p(c,l,n) { \
241 l=0; (c)+=n; \
242 switch (n) { \
243 case 3: l =((unsigned long)(*(--(c))))<<16; \
244 case 2: l|=((unsigned long)(*(--(c))))<< 8; \
245 case 1: l|=((unsigned long)(*(--(c)))); \
246 } }
247 #define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
248 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
249 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
250 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
251 l)
252
253 #endif
254
255 /*
256 * Time for some action:-)
257 */
258
HASH_UPDATE(HASH_CTX * c,const void * data_,unsigned long len)259 void HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len)
260 {
261 const unsigned char *data=(unsigned char *)data_;
262 register HASH_LONG * p;
263 register unsigned long l;
264 int sw,sc,ew,ec;
265
266 if (len==0) return;
267
268 l=(c->Nl+(len<<3))&0xffffffffL;
269 /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
270 * Wei Dai <weidai@eskimo.com> for pointing it out. */
271 if (l < c->Nl) /* overflow */
272 c->Nh++;
273 c->Nh+=(len>>29);
274 c->Nl=l;
275
276 if (c->num != 0)
277 {
278 p=c->data;
279 sw=c->num>>2;
280 sc=c->num&0x03;
281
282 if ((c->num+len) >= HASH_CBLOCK)
283 {
284 l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
285 for (; sw<HASH_LBLOCK; sw++)
286 {
287 HOST_c2l(data,l); p[sw]=l;
288 }
289 HASH_BLOCK_HOST_ORDER (c,p,1);
290 len-=(HASH_CBLOCK-c->num);
291 c->num=0;
292 /* drop through and do the rest */
293 }
294 else
295 {
296 c->num+=len;
297 if ((sc+len) < 4) /* ugly, add char's to a word */
298 {
299 l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
300 }
301 else
302 {
303 ew=(c->num>>2);
304 ec=(c->num&0x03);
305 l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
306 for (; sw < ew; sw++)
307 {
308 HOST_c2l(data,l); p[sw]=l;
309 }
310 if (ec)
311 {
312 HOST_c2l_p(data,l,ec); p[sw]=l;
313 }
314 }
315 return;
316 }
317 }
318
319 sw=len/HASH_CBLOCK;
320 if (sw > 0)
321 {
322 #if defined(HASH_BLOCK_DATA_ORDER)
323 {
324 HASH_BLOCK_DATA_ORDER(c,data,sw);
325 sw*=HASH_CBLOCK;
326 data+=sw;
327 len-=sw;
328 }
329 #endif
330 }
331
332 if (len!=0)
333 {
334 p = c->data;
335 c->num = len;
336 ew=len>>2; /* words to copy */
337 ec=len&0x03;
338 for (; ew; ew--,p++)
339 {
340 HOST_c2l(data,l); *p=l;
341 }
342 HOST_c2l_p(data,l,ec);
343 *p=l;
344 }
345 }
346
347
HASH_TRANSFORM(HASH_CTX * c,const unsigned char * data)348 void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
349 {
350 #if defined(HASH_BLOCK_DATA_ORDER)
351 HASH_BLOCK_DATA_ORDER (c,data,1);
352 #endif
353 }
354
355
HASH_FINAL(unsigned char * md,HASH_CTX * c)356 void HASH_FINAL (unsigned char *md, HASH_CTX *c)
357 {
358 register HASH_LONG *p;
359 register unsigned long l;
360 register int i,j;
361 static const unsigned char end[4]={0x80,0x00,0x00,0x00};
362 const unsigned char *cp=end;
363
364 /* c->num should definitly have room for at least one more byte. */
365 p=c->data;
366 i=c->num>>2;
367 j=c->num&0x03;
368
369 #if 0
370 /* purify often complains about the following line as an
371 * Uninitialized Memory Read. While this can be true, the
372 * following p_c2l macro will reset l when that case is true.
373 * This is because j&0x03 contains the number of 'valid' bytes
374 * already in p[i]. If and only if j&0x03 == 0, the UMR will
375 * occur but this is also the only time p_c2l will do
376 * l= *(cp++) instead of l|= *(cp++)
377 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
378 * 'potential bug' */
379 #ifdef PURIFY
380 if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
381 #endif
382 l=p[i];
383 #else
384 l = (j==0) ? 0 : p[i];
385 #endif
386 HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
387
388 if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
389 {
390 if (i<HASH_LBLOCK) p[i]=0;
391 HASH_BLOCK_HOST_ORDER (c,p,1);
392 i=0;
393 }
394 for (; i<(HASH_LBLOCK-2); i++)
395 p[i]=0;
396
397 #if defined(DATA_ORDER_IS_BIG_ENDIAN)
398 p[HASH_LBLOCK-2]=c->Nh;
399 p[HASH_LBLOCK-1]=c->Nl;
400 #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
401 p[HASH_LBLOCK-2]=c->Nl;
402 p[HASH_LBLOCK-1]=c->Nh;
403 #endif
404 HASH_BLOCK_HOST_ORDER (c,p,1);
405
406 #ifndef HASH_MAKE_STRING
407 #error "HASH_MAKE_STRING must be defined!"
408 #else
409 HASH_MAKE_STRING(c,md);
410 #endif
411
412 c->num=0;
413 /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
414 * but I'm not worried :-)
415 memset((void *)c,0,sizeof(HASH_CTX));
416 */
417 }
418