1 #include "niml_private.h"
2
3 /*************************************************************************/
4 /************************* Stuff for MD5 hashing *************************/
5 /** [Most are not actually used in NIML, but are here for completeness] **/
6 /*************************************************************************/
7
8 /**********************************************************************
9 * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All *
10 * rights reserved. *
11 * *
12 * License to copy and use this software is granted provided that it *
13 * is identified as the "RSA Data Security, Inc. MD5 Message-Digest *
14 * Algorithm" in all material mentioning or referencing this software *
15 * or this function. *
16 * *
17 * License is also granted to make and use derivative works provided *
18 * that such works are identified as "derived from the RSA Data *
19 * Security, Inc. MD5 Message-Digest Algorithm" in all material *
20 * mentioning or referencing the derived work. *
21 * *
22 * RSA Data Security, Inc. makes no representations concerning either *
23 * the merchantability of this software or the suitability of this *
24 * software for any particular purpose. It is provided "as is" *
25 * without express or implied warranty of any kind. *
26 * *
27 * These notices must be retained in any copies of any part of this *
28 * documentation and/or software. *
29 **********************************************************************/
30
31 /*======= Modified by RWCox for inclusion in the NIML package ========*/
32 /*------- These changes are released to the public domain --------*/
33
34 /* prototypes for some internal functions */
35
36 static void MD5Transform (UINT4 [4], unsigned char [64]);
37 static void Encode (unsigned char *, UINT4 *, unsigned int);
38 static void Decode (UINT4 *, unsigned char *, unsigned int);
39
40 /* Constants for MD5Transform routine. */
41
42 #define S11 7
43 #define S12 12
44 #define S13 17
45 #define S14 22
46 #define S21 5
47 #define S22 9
48 #define S23 14
49 #define S24 20
50 #define S31 4
51 #define S32 11
52 #define S33 16
53 #define S34 23
54 #define S41 6
55 #define S42 10
56 #define S43 15
57 #define S44 21
58
59 static unsigned char PADDING[64] = {
60 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
61 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
62 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
63 };
64
65 /* F, G, H and I are basic MD5 functions. */
66
67 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
68 #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
69 #define H(x, y, z) ((x) ^ (y) ^ (z))
70 #define I(x, y, z) ((y) ^ ((x) | (~z)))
71
72 /* ROTATE_LEFT rotates x left n bits. */
73
74 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
75
76 /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
77 Rotation is separate from addition to prevent recomputation. */
78
79 #define FF(a, b, c, d, x, s, ac) { \
80 (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
81 (a) = ROTATE_LEFT ((a), (s)); \
82 (a) += (b); \
83 }
84
85 #define GG(a, b, c, d, x, s, ac) { \
86 (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
87 (a) = ROTATE_LEFT ((a), (s)); \
88 (a) += (b); \
89 }
90
91 #define HH(a, b, c, d, x, s, ac) { \
92 (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
93 (a) = ROTATE_LEFT ((a), (s)); \
94 (a) += (b); \
95 }
96
97 #define II(a, b, c, d, x, s, ac) { \
98 (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
99 (a) = ROTATE_LEFT ((a), (s)); \
100 (a) += (b); \
101 }
102
103 /*----------------------------------------------------------------------*/
104 /* #define USE_XOR
105 ZSS: Apr. 15 2015
106 I have no idea at the moment why USE_XOR ends up causing SUMA labels
107 to get written on top of each other in the viewer. This happens on mac
108 and linux versions. This definition might also be causing
109 other mysterious crashes in SUMA when opening the surface controller
110 as reported on the message borad.
111 For now, it will stay off until we sort out why this is causing grief.
112 Valgrind did not point to anything fishy related to USE_XOR.
113 */
114 #ifdef USE_XOR
115 # define XOR_NUM 1024
116 static int XOR_iii = -1 ;
117 static unsigned char *XOR_bbb = NULL ;
118 static int XOR_use = 1 ;
119 #endif /* USE_XOR */
120
MD5_set_xor_use(int xx)121 void MD5_set_xor_use(int xx){
122 #ifdef USE_XOR
123 XOR_use = xx ;
124 #endif
125 }
126 /*----------------------------------------------------------------------*/
127
128 /*----------------------------------------------------------------------*/
129 /*! MD5 initialization. Begins an MD5 operation, writing a new context.
130 ------------------------------------------------------------------------*/
131
MD5Init(MD5_CTX * context)132 void MD5Init (MD5_CTX *context)
133 {
134 context->count[0] = context->count[1] = 0;
135
136 /* Load magic initialization constants */
137
138 context->state[0] = 0x67452301;
139 context->state[1] = 0xefcdab89;
140 context->state[2] = 0x98badcfe;
141 context->state[3] = 0x10325476;
142
143 #ifdef USE_XOR
144 if( XOR_iii < 0 ){
145 XOR_bbb = (unsigned char *)malloc(sizeof(unsigned char)*XOR_NUM) ;
146 for( XOR_iii=0 ; XOR_iii < XOR_NUM ; XOR_iii++ )
147 XOR_bbb[XOR_iii] = (unsigned char)((XOR_iii*557+1021)%255) ;
148 XOR_iii = 0 ;
149 }
150 #endif
151
152 return ;
153 }
154
155 /*----------------------------------------------------------------------*/
156 /*! MD5 block update operation. Continues an MD5 message-digest
157 operation, processing another message block, and updating the
158 context.
159 ------------------------------------------------------------------------*/
160
MD5Update(MD5_CTX * context,unsigned char * input,unsigned int inputLen)161 void MD5Update (MD5_CTX *context, unsigned char *input,
162 unsigned int inputLen )
163 {
164 unsigned int i, index, partLen;
165
166 /* Compute number of bytes mod 64 */
167
168 index = (unsigned int)((context->count[0] >> 3) & 0x3F);
169
170 /* Update number of bits */
171
172 if( (context->count[0] += ((UINT4)inputLen << 3)) < ((UINT4)inputLen << 3) )
173 context->count[1]++;
174
175 context->count[1] += ((UINT4)inputLen >> 29);
176
177 partLen = 64 - index;
178
179 /* Transform as many times as possible. */
180
181 if (inputLen >= partLen) {
182
183 memcpy ((POINTER)&context->buffer[index], (POINTER)input, partLen);
184
185 MD5Transform (context->state, context->buffer);
186
187 for (i = partLen; i + 63 < inputLen; i += 64)
188 MD5Transform (context->state, &input[i]);
189
190 index = 0;
191 }
192 else
193 i = 0;
194
195 /* Buffer remaining input */
196
197 memcpy ((POINTER)&context->buffer[index], (POINTER)&input[i],
198 inputLen-i);
199 }
200
201 /*----------------------------------------------------------------------*/
202 /*! MD5 finalization. Ends an MD5 message-digest operation, writing the
203 the message digest and zeroizing the context.
204 ------------------------------------------------------------------------*/
205
MD5Final(unsigned char digest[16],MD5_CTX * context)206 void MD5Final (unsigned char digest[16], MD5_CTX *context)
207 {
208 unsigned char bits[8];
209 unsigned int index, padLen;
210
211 /* Save number of bits */
212
213 Encode (bits, context->count, 8);
214
215 /* Pad out to 56 mod 64. */
216
217 index = (unsigned int)((context->count[0] >> 3) & 0x3f);
218 padLen = (index < 56) ? (56 - index) : (120 - index);
219 MD5Update (context, PADDING, padLen);
220
221 /* Append length (before padding) */
222
223 MD5Update (context, bits, 8);
224
225 /* Store state in digest */
226
227 Encode (digest, context->state, 16);
228
229 /* Zeroize sensitive information. */
230
231 memset ((POINTER)context, 0, sizeof (*context));
232 }
233
234 /*----------------------------------------------------------------------*/
235 /*! MD5 basic transformation. Transforms state based on block.
236 ------------------------------------------------------------------------*/
237
MD5Transform(UINT4 state[4],unsigned char block[64])238 static void MD5Transform (UINT4 state[4], unsigned char block[64])
239 {
240 UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
241
242 #ifdef USE_XOR
243 { register int qq ;
244 for( qq=0 ; qq < 64 ; qq++ ){
245 block[qq] ^= XOR_bbb[XOR_iii] ; XOR_iii = (XOR_iii+1)%XOR_NUM ;
246 }
247 }
248 #endif
249
250 Decode (x, block, 64);
251
252 /* Round 1 */
253
254 FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
255 FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
256 FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
257 FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
258 FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
259 FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
260 FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
261 FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
262 FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
263 FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
264 FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
265 FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
266 FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
267 FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
268 FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
269 FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
270
271 /* Round 2 */
272
273 GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
274 GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
275 GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
276 GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
277 GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
278 GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
279 GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
280 GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
281 GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
282 GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
283 GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
284 GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
285 GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
286 GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
287 GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
288 GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
289
290 /* Round 3 */
291
292 HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
293 HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
294 HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
295 HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
296 HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
297 HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
298 HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
299 HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
300 HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
301 HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
302 HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
303 HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
304 HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
305 HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
306 HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
307 HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
308
309 /* Round 4 */
310
311 II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
312 II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
313 II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
314 II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
315 II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
316 II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
317 II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
318 II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
319 II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
320 II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
321 II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
322 II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
323 II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
324 II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
325 II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
326 II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
327
328 state[0] += a;
329 state[1] += b;
330 state[2] += c;
331 state[3] += d;
332
333 /* Zeroize sensitive information. */
334
335 memset ((POINTER)x, 0, sizeof (x));
336 }
337
338 /*----------------------------------------------------------------------*/
339 /*! Encodes input (UINT4) into output (unsigned char). Assumes len is
340 a multiple of 4.
341 ------------------------------------------------------------------------*/
342
Encode(unsigned char * output,UINT4 * input,unsigned int len)343 static void Encode (unsigned char *output, UINT4 *input, unsigned int len)
344 {
345 unsigned int i, j;
346
347 for (i = 0, j = 0; j < len; i++, j += 4) {
348 output[j] = (unsigned char)(input[i] & 0xff);
349 output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
350 output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
351 output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
352 }
353 }
354
355 /*----------------------------------------------------------------------*/
356 /*! Decodes input (unsigned char) into output (UINT4). Assumes len is
357 a multiple of 4.
358 ------------------------------------------------------------------------*/
359
Decode(UINT4 * output,unsigned char * input,unsigned int len)360 static void Decode (UINT4 *output, unsigned char *input, unsigned int len)
361 {
362 unsigned int i, j;
363
364 for (i = 0, j = 0; j < len; i++, j += 4)
365 output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
366 (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24) ;
367 }
368
369 /*======================================================================
370 The stuff below is some MD5 interface routines, by RWCox
371 ========================================================================*/
372
373 /*----------------------------------------------------------------------*/
374 /*! Function to print a 128 bit digest into a static 32 char string.
375 ------------------------------------------------------------------------*/
376
MD5_static_printf(unsigned char digest[16])377 static char * MD5_static_printf( unsigned char digest[16] )
378 {
379 static char st[33] ;
380
381 sprintf(st,
382 "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x" ,
383 digest[0] , digest[1] , digest[2] , digest[3] , digest[4] ,
384 digest[5] , digest[6] , digest[7] , digest[8] , digest[9] ,
385 digest[10], digest[11], digest[12], digest[13], digest[14],
386 digest[15]
387 ) ;
388
389 return st ;
390 }
391
392 /*----------------------------------------------------------------------*/
393 /*! Digest an array and returns the printable string of the result,
394 stored in a static array (length=32+1 bytes).
395 ------------------------------------------------------------------------*/
396
MD5_static_array(int n,char * bytes)397 char * MD5_static_array( int n , char *bytes )
398 {
399 MD5_CTX context;
400 unsigned char digest[16];
401
402 if( n < 0 || bytes == NULL ) return NULL ;
403
404 MD5Init( &context ) ;
405 MD5Update( &context, (unsigned char *)bytes, n ) ;
406 MD5Final( digest, &context ) ;
407
408 return MD5_static_printf(digest) ;
409 }
410
411 /*----------------------------------------------------------------------*/
412 /*! Digest an array and returns the printable string of the result,
413 stored in a malloc()-ed array (length=32+1 bytes).
414 ------------------------------------------------------------------------*/
415
MD5_malloc_array(int n,char * bytes)416 char * MD5_malloc_array( int n , char *bytes )
417 {
418 char *st , *dy ;
419 st = MD5_static_array( n , bytes ) ;
420 if( st == NULL ) return NULL ;
421 dy = (char *) malloc(33) ; strcpy(dy,st) ; return dy ;
422 }
423
424 /*----------------------------------------------------------------------*/
425 /*! Digest a C string and returns the printable string of the result,
426 stored in a static array (length=32+1 bytes).
427 ------------------------------------------------------------------------*/
428
MD5_static_string(char * string)429 char * MD5_static_string( char *string )
430 {
431 if( string == NULL ) string = "ElvisTheKing" ;
432 return MD5_static_array( strlen(string) , string ) ;
433 }
434
435 /*----------------------------------------------------------------------*/
436 /*! Digest a C string and returns the printable string of the result,
437 stored in a malloc()-ed array (length=32+1 bytes).
438 ------------------------------------------------------------------------*/
439
MD5_malloc_string(char * string)440 char * MD5_malloc_string( char *string )
441 {
442 if( string == NULL ) string = "ElvisTheKing" ;
443 return MD5_malloc_array( strlen(string)+1 , string ) ;
444 }
445
446 /*----------------------------------------------------------------------*/
447 /*! Digests a file and prints the result, stored in a static array
448 (length=32+1 bytes).
449 ------------------------------------------------------------------------*/
450
MD5_static_file(char * filename)451 char * MD5_static_file(char *filename)
452 {
453 FILE *file;
454 MD5_CTX context;
455 int len;
456 unsigned char buffer[1024] ;
457 unsigned char digest[16] ;
458
459 if( (file = fopen(filename, "rb")) == NULL ) return NULL ;
460
461 MD5Init( &context ) ;
462
463 while( (len = fread(buffer, 1, 1024, file)) )
464 MD5Update( &context, buffer, len ) ;
465
466 MD5Final( digest, &context );
467 fclose (file);
468
469 return MD5_static_printf( digest ) ;
470 }
471
472 /*----------------------------------------------------------------------*/
473 /*! Digests a file and prints the result, stored in a malloc()-ed array
474 (length=32+1 bytes).
475 ------------------------------------------------------------------------*/
476
MD5_malloc_file(char * filename)477 char * MD5_malloc_file(char *filename)
478 {
479 char *st , *dy ;
480
481 st = MD5_static_file( filename ) ;
482 if( st == NULL ) return NULL ;
483 dy = (char *) malloc(33) ; strcpy(dy,st) ; return dy ;
484 }
485
486 /*----------------------------------------------------------------------------*/
487 /*! Convert a MD5 hex string to a Base64-ed string.
488 * strlen(result) is 22 instead of 32
489 * result is malloc()-ed and should be free()-d when appropriate
490 ------------------------------------------------------------------------------*/
491
MD5_to_B64(unsigned char digest[16])492 static char * MD5_to_B64( unsigned char digest[16] )
493 {
494 int nb64=0 ; byte *b64=NULL ;
495
496 B64_to_base64( 16 , (byte *)digest , &nb64 , &b64 ) ;
497 if( nb64 <= 0 || b64 == NULL ) return NULL ;
498 b64[nb64-3] = '\0' ; /* remove trailing "==" */
499 if( isspace(b64[nb64-4]) ) b64[nb64-4]='\0' ;
500 return (char *)b64 ;
501 }
502
503 /*----------------------------------------------------------------------------*/
504 /*! Return the MD5 hash of an array as a Base64 string, instead of a hex
505 string.
506 * strlen(result) is 22 instead of 32
507 * result is malloc()-ed and should be free()-d when appropriate
508 ------------------------------------------------------------------------------*/
509
MD5_B64_array(int n,char * bytes)510 char * MD5_B64_array( int n , char *bytes )
511 {
512 MD5_CTX context;
513 unsigned char digest[16];
514
515 if( n < 0 || bytes == NULL ) return NULL ;
516
517 MD5Init( &context ) ;
518 MD5Update( &context, (unsigned char *)bytes, n ) ;
519 MD5Final( digest, &context ) ;
520
521 return MD5_to_B64( digest ) ;
522 }
523
524 /*----------------------------------------------------------------------------*/
525 /*! Return the MD5 hash of a C string as a Base64 string, instead of a hex
526 string.
527 * strlen(result) is 22 instead of 32
528 * result is malloc()-ed and should be free()-d when appropriate
529 ------------------------------------------------------------------------------*/
530
MD5_B64_string(char * string)531 char * MD5_B64_string( char *string )
532 {
533 if( string == NULL ) string = "ElvisTheKing" ;
534 return MD5_B64_array( strlen(string) , string ) ;
535 }
536
537 /*----------------------------------------------------------------------------*/
538 /*! Return the MD5 hash of a file as a Base64 string, instead of a hex
539 string.
540 - strlen(result) is 22 instead of 32
541 - result is malloc()-ed and should be free()-d when appropriate
542 ------------------------------------------------------------------------------*/
543
MD5_B64_file(char * filename)544 char * MD5_B64_file(char *filename)
545 {
546 FILE *file;
547 MD5_CTX context;
548 int len;
549 unsigned char buffer[1024] ;
550 unsigned char digest[16] ;
551
552 if( (file=fopen (filename, "rb")) == NULL ) return NULL ;
553
554 MD5Init( &context ) ;
555
556 while( (len = fread(buffer, 1, 1024, file)) )
557 MD5Update( &context, buffer, len ) ;
558
559 MD5Final( digest, &context );
560 fclose (file);
561
562 return MD5_to_B64( digest ) ;
563 }
564
565 /*##########################################################################*/
566 /*----------------------- SHA-256 Hash Functions ---------------------------*/
567 /*##########################################################################*/
568
569 #ifndef uint8
570 #define uint8 unsigned char
571 #endif
572
573 #ifndef uint32
574 #define uint32 unsigned long int
575 #endif
576
577 typedef struct {
578 uint32 total[2];
579 uint32 state[8];
580 uint8 buffer[64];
581 } sha256_context;
582
583 static void sha256_starts( sha256_context *ctx );
584 static void sha256_update( sha256_context *ctx, uint8 *input, uint32 length );
585 static void sha256_finish( sha256_context *ctx, uint8 digest[32] );
586
587 /*
588 * FIPS-180-2 compliant SHA-256 implementation
589 *
590 * Copyright (C) 2001-2003 Christophe Devine
591 *
592 * This program is free software; you can redistribute it and/or modify
593 * it under the terms of the GNU General Public License as published by
594 * the Free Software Foundation; either version 2 of the License, or
595 * (at your option) any later version.
596 *
597 * This program is distributed in the hope that it will be useful,
598 * but WITHOUT ANY WARRANTY; without even the implied warranty of
599 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
600 * GNU General Public License for more details.
601 *
602 * You should have received a copy of the GNU General Public License
603 * along with this program; if not, write to the Free Software
604 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
605 */
606
607 #include <string.h>
608
609 /*----------------------------------------------------------------------*/
610
611 #define GET_UINT32(n,b,i) \
612 { \
613 (n) = ( (uint32) (b)[(i) ] << 24 ) \
614 | ( (uint32) (b)[(i) + 1] << 16 ) \
615 | ( (uint32) (b)[(i) + 2] << 8 ) \
616 | ( (uint32) (b)[(i) + 3] ); \
617 }
618
619 /*----------------------------------------------------------------------*/
620
621 #define PUT_UINT32(n,b,i) \
622 { \
623 (b)[(i) ] = (uint8) ( (n) >> 24 ); \
624 (b)[(i) + 1] = (uint8) ( (n) >> 16 ); \
625 (b)[(i) + 2] = (uint8) ( (n) >> 8 ); \
626 (b)[(i) + 3] = (uint8) ( (n) ); \
627 }
628
629 /*----------------------------------------------------------------------*/
630
sha256_starts(sha256_context * ctx)631 static void sha256_starts( sha256_context *ctx )
632 {
633 ctx->total[0] = 0;
634 ctx->total[1] = 0;
635
636 ctx->state[0] = 0x6A09E667;
637 ctx->state[1] = 0xBB67AE85;
638 ctx->state[2] = 0x3C6EF372;
639 ctx->state[3] = 0xA54FF53A;
640 ctx->state[4] = 0x510E527F;
641 ctx->state[5] = 0x9B05688C;
642 ctx->state[6] = 0x1F83D9AB;
643 ctx->state[7] = 0x5BE0CD19;
644 }
645
646 /*----------------------------------------------------------------------*/
647
sha256_process(sha256_context * ctx,uint8 data[64])648 static void sha256_process( sha256_context *ctx, uint8 data[64] )
649 {
650 uint32 temp1, temp2, W[64];
651 uint32 A, B, C, D, E, F, G, H;
652
653 GET_UINT32( W[0], data, 0 );
654 GET_UINT32( W[1], data, 4 );
655 GET_UINT32( W[2], data, 8 );
656 GET_UINT32( W[3], data, 12 );
657 GET_UINT32( W[4], data, 16 );
658 GET_UINT32( W[5], data, 20 );
659 GET_UINT32( W[6], data, 24 );
660 GET_UINT32( W[7], data, 28 );
661 GET_UINT32( W[8], data, 32 );
662 GET_UINT32( W[9], data, 36 );
663 GET_UINT32( W[10], data, 40 );
664 GET_UINT32( W[11], data, 44 );
665 GET_UINT32( W[12], data, 48 );
666 GET_UINT32( W[13], data, 52 );
667 GET_UINT32( W[14], data, 56 );
668 GET_UINT32( W[15], data, 60 );
669
670 #define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
671 #define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
672
673 #undef S0
674 #undef S1
675 #define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
676 #define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
677
678 #undef S2
679 #undef S3
680 #define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
681 #define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
682
683 #undef F0
684 #undef F1
685 #define F0(x,y,z) ((x & y) | (z & (x | y)))
686 #define F1(x,y,z) (z ^ (x & (y ^ z)))
687
688 #define R(t) \
689 ( \
690 W[t] = S1(W[t - 2]) + W[t - 7] + \
691 S0(W[t - 15]) + W[t - 16] \
692 )
693
694 #define P(a,b,c,d,e,f,g,h,x,K) \
695 { \
696 temp1 = h + S3(e) + F1(e,f,g) + K + x; \
697 temp2 = S2(a) + F0(a,b,c); \
698 d += temp1; h = temp1 + temp2; \
699 }
700
701 A = ctx->state[0];
702 B = ctx->state[1];
703 C = ctx->state[2];
704 D = ctx->state[3];
705 E = ctx->state[4];
706 F = ctx->state[5];
707 G = ctx->state[6];
708 H = ctx->state[7];
709
710 P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 );
711 P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 );
712 P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF );
713 P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 );
714 P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B );
715 P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 );
716 P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 );
717 P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 );
718 P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 );
719 P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 );
720 P( G, H, A, B, C, D, E, F, W[10], 0x243185BE );
721 P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 );
722 P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 );
723 P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE );
724 P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 );
725 P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 );
726 P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 );
727 P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 );
728 P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 );
729 P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC );
730 P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F );
731 P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA );
732 P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC );
733 P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA );
734 P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 );
735 P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D );
736 P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 );
737 P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 );
738 P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 );
739 P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 );
740 P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 );
741 P( B, C, D, E, F, G, H, A, R(31), 0x14292967 );
742 P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 );
743 P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 );
744 P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC );
745 P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 );
746 P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 );
747 P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB );
748 P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E );
749 P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 );
750 P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 );
751 P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B );
752 P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 );
753 P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 );
754 P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 );
755 P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 );
756 P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 );
757 P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 );
758 P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 );
759 P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 );
760 P( G, H, A, B, C, D, E, F, R(50), 0x2748774C );
761 P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 );
762 P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 );
763 P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A );
764 P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F );
765 P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 );
766 P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE );
767 P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F );
768 P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 );
769 P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 );
770 P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA );
771 P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB );
772 P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 );
773 P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 );
774
775 ctx->state[0] += A;
776 ctx->state[1] += B;
777 ctx->state[2] += C;
778 ctx->state[3] += D;
779 ctx->state[4] += E;
780 ctx->state[5] += F;
781 ctx->state[6] += G;
782 ctx->state[7] += H;
783 }
784
785 /*----------------------------------------------------------------------*/
786
sha256_update(sha256_context * ctx,uint8 * input,uint32 length)787 static void sha256_update( sha256_context *ctx, uint8 *input, uint32 length )
788 {
789 uint32 left, fill;
790
791 if( ! length ) return;
792
793 left = ctx->total[0] & 0x3F;
794 fill = 64 - left;
795
796 ctx->total[0] += length;
797 ctx->total[0] &= 0xFFFFFFFF;
798
799 if( ctx->total[0] < length )
800 ctx->total[1]++;
801
802 if( left && length >= fill )
803 {
804 memcpy( (void *) (ctx->buffer + left),
805 (void *) input, fill );
806 sha256_process( ctx, ctx->buffer );
807 length -= fill;
808 input += fill;
809 left = 0;
810 }
811
812 while( length >= 64 )
813 {
814 sha256_process( ctx, input );
815 length -= 64;
816 input += 64;
817 }
818
819 if( length )
820 {
821 memcpy( (void *) (ctx->buffer + left),
822 (void *) input, length );
823 }
824 }
825
826 /*----------------------------------------------------------------------*/
827
828 static uint8 sha256_padding[64] =
829 {
830 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
831 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
832 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
833 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
834 };
835
836 /*----------------------------------------------------------------------*/
837
sha256_finish(sha256_context * ctx,uint8 digest[32])838 static void sha256_finish( sha256_context *ctx, uint8 digest[32] )
839 {
840 uint32 last, padn;
841 uint32 high, low;
842 uint8 msglen[8];
843
844 high = ( ctx->total[0] >> 29 )
845 | ( ctx->total[1] << 3 );
846 low = ( ctx->total[0] << 3 );
847
848 PUT_UINT32( high, msglen, 0 );
849 PUT_UINT32( low, msglen, 4 );
850
851 last = ctx->total[0] & 0x3F;
852 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
853
854 sha256_update( ctx, sha256_padding, padn );
855 sha256_update( ctx, msglen, 8 );
856
857 PUT_UINT32( ctx->state[0], digest, 0 );
858 PUT_UINT32( ctx->state[1], digest, 4 );
859 PUT_UINT32( ctx->state[2], digest, 8 );
860 PUT_UINT32( ctx->state[3], digest, 12 );
861 PUT_UINT32( ctx->state[4], digest, 16 );
862 PUT_UINT32( ctx->state[5], digest, 20 );
863 PUT_UINT32( ctx->state[6], digest, 24 );
864 PUT_UINT32( ctx->state[7], digest, 28 );
865 }
866
867 /*----------------------------------------------------------------------*/
868
SHA256_sum(int n,char * bytes,unsigned char * sum)869 void SHA256_sum( int n , char *bytes , unsigned char *sum )
870 {
871 sha256_context ctx;
872
873 if( bytes == NULL || sum == NULL ) return ;
874 if( n < 0 ) n = 0 ;
875
876 sha256_starts( &ctx );
877 sha256_update( &ctx , (uint8 *)bytes , (uint32)n ) ;
878 sha256_finish( &ctx, sum );
879 }
880