Path: blob/master/Unofficial miners/STM32/src/sha1.h
922 views
/**1* @file sha1.c2* @date 09.09.20173* @author Steve Reid <[email protected]>4*5* from: http://www.virtualbox.org/svn/vbox/trunk/src/recompiler/tests/sha1.c6*/78/* from valgrind tests */910/* ================ sha1.c ================ */11/*12SHA-1 in C13By Steve Reid <[email protected]>14Maintained by Charlie Wade15100% Public Domain1617Test Vectors (from FIPS PUB 180-1)18"abc"19A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D20"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"2184983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F122A million repetitions of "a"2334AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F24*/2526/* #define LITTLE_ENDIAN * This should be #define'd already, if true. */27/* #define SHA1HANDSOFF * Copies data before messing with it. */2829#include <Arduino.h>3031typedef struct32{33uint32_t state[5];34uint32_t count[2];35unsigned char buffer[64];36} SHA1_CTX;3738SHA1_CTX SHA1Copy(SHA1_CTX ctx)39{40SHA1_CTX temp;41memcpy(&temp, &ctx, sizeof(ctx));42return temp;43}4445#define SHA1HANDSOFF4647//#include <stdio.h>48//#include <string.h>49//#include <stdint.h>5051//#include <endian.h>5253#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))5455/* blk0() and blk() perform the initial expand. */56/* I got the idea of expanding during the round function from SSLeay */57#if BYTE_ORDER == LITTLE_ENDIAN58#define blk0(i) (block->l[i] = (rol(block->l[i], 24) & 0xFF00FF00) | (rol(block->l[i], 8) & 0x00FF00FF))59#elif BYTE_ORDER == BIG_ENDIAN60#define blk0(i) block->l[i]61#else62#error "Endianness not defined!"63#endif64#define blk(i) (block->l[i & 15] = rol(block->l[(i + 13) & 15] ^ block->l[(i + 8) & 15] ^ block->l[(i + 2) & 15] ^ block->l[i & 15], 1))6566/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */67#define R0(v, w, x, y, z, i) \68z += ((w & (x ^ y)) ^ y) + blk0(i) + 0x5A827999 + rol(v, 5); \69w = rol(w, 30);70#define R1(v, w, x, y, z, i) \71z += ((w & (x ^ y)) ^ y) + blk(i) + 0x5A827999 + rol(v, 5); \72w = rol(w, 30);73#define R2(v, w, x, y, z, i) \74z += (w ^ x ^ y) + blk(i) + 0x6ED9EBA1 + rol(v, 5); \75w = rol(w, 30);76#define R3(v, w, x, y, z, i) \77z += (((w | x) & y) | (w & x)) + blk(i) + 0x8F1BBCDC + rol(v, 5); \78w = rol(w, 30);79#define R4(v, w, x, y, z, i) \80z += (w ^ x ^ y) + blk(i) + 0xCA62C1D6 + rol(v, 5); \81w = rol(w, 30);8283/* Hash a single 512-bit block. This is the core of the algorithm. */8485void SHA1Transform(uint32_t state[5], uint8_t buffer[64])86{87uint32_t a, b, c, d, e;88typedef union89{90unsigned char c[64];91uint32_t l[16];92} CHAR64LONG16;93#ifdef SHA1HANDSOFF94CHAR64LONG16 block[1]; /* use array to appear as a pointer */95memcpy(block, buffer, 64);96#else97/* The following had better never be used because it causes the98* pointer-to-const buffer to be cast into a pointer to non-const.99* And the result is written through. I threw a "const" in, hoping100* this will cause a diagnostic.101*/102CHAR64LONG16 *block = (const CHAR64LONG16 *)buffer;103#endif104/* Copy context->state[] to working vars */105a = state[0];106b = state[1];107c = state[2];108d = state[3];109e = state[4];110/* 4 rounds of 20 operations each. Loop unrolled. */111R0(a, b, c, d, e, 0);112R0(e, a, b, c, d, 1);113R0(d, e, a, b, c, 2);114R0(c, d, e, a, b, 3);115R0(b, c, d, e, a, 4);116R0(a, b, c, d, e, 5);117R0(e, a, b, c, d, 6);118R0(d, e, a, b, c, 7);119R0(c, d, e, a, b, 8);120R0(b, c, d, e, a, 9);121R0(a, b, c, d, e, 10);122R0(e, a, b, c, d, 11);123R0(d, e, a, b, c, 12);124R0(c, d, e, a, b, 13);125R0(b, c, d, e, a, 14);126R0(a, b, c, d, e, 15);127R1(e, a, b, c, d, 16);128R1(d, e, a, b, c, 17);129R1(c, d, e, a, b, 18);130R1(b, c, d, e, a, 19);131R2(a, b, c, d, e, 20);132R2(e, a, b, c, d, 21);133R2(d, e, a, b, c, 22);134R2(c, d, e, a, b, 23);135R2(b, c, d, e, a, 24);136R2(a, b, c, d, e, 25);137R2(e, a, b, c, d, 26);138R2(d, e, a, b, c, 27);139R2(c, d, e, a, b, 28);140R2(b, c, d, e, a, 29);141R2(a, b, c, d, e, 30);142R2(e, a, b, c, d, 31);143R2(d, e, a, b, c, 32);144R2(c, d, e, a, b, 33);145R2(b, c, d, e, a, 34);146R2(a, b, c, d, e, 35);147R2(e, a, b, c, d, 36);148R2(d, e, a, b, c, 37);149R2(c, d, e, a, b, 38);150R2(b, c, d, e, a, 39);151R3(a, b, c, d, e, 40);152R3(e, a, b, c, d, 41);153R3(d, e, a, b, c, 42);154R3(c, d, e, a, b, 43);155R3(b, c, d, e, a, 44);156R3(a, b, c, d, e, 45);157R3(e, a, b, c, d, 46);158R3(d, e, a, b, c, 47);159R3(c, d, e, a, b, 48);160R3(b, c, d, e, a, 49);161R3(a, b, c, d, e, 50);162R3(e, a, b, c, d, 51);163R3(d, e, a, b, c, 52);164R3(c, d, e, a, b, 53);165R3(b, c, d, e, a, 54);166R3(a, b, c, d, e, 55);167R3(e, a, b, c, d, 56);168R3(d, e, a, b, c, 57);169R3(c, d, e, a, b, 58);170R3(b, c, d, e, a, 59);171R4(a, b, c, d, e, 60);172R4(e, a, b, c, d, 61);173R4(d, e, a, b, c, 62);174R4(c, d, e, a, b, 63);175R4(b, c, d, e, a, 64);176R4(a, b, c, d, e, 65);177R4(e, a, b, c, d, 66);178R4(d, e, a, b, c, 67);179R4(c, d, e, a, b, 68);180R4(b, c, d, e, a, 69);181R4(a, b, c, d, e, 70);182R4(e, a, b, c, d, 71);183R4(d, e, a, b, c, 72);184R4(c, d, e, a, b, 73);185R4(b, c, d, e, a, 74);186R4(a, b, c, d, e, 75);187R4(e, a, b, c, d, 76);188R4(d, e, a, b, c, 77);189R4(c, d, e, a, b, 78);190R4(b, c, d, e, a, 79);191/* Add the working vars back into context.state[] */192state[0] += a;193state[1] += b;194state[2] += c;195state[3] += d;196state[4] += e;197/* Wipe variables */198a = b = c = d = e = 0;199#ifdef SHA1HANDSOFF200memset(block, '\0', sizeof(block));201#endif202}203204/* SHA1Init - Initialize new context */205206void SHA1Init(SHA1_CTX *context)207{208/* SHA1 initialization constants */209context->state[0] = 0x67452301;210context->state[1] = 0xEFCDAB89;211context->state[2] = 0x98BADCFE;212context->state[3] = 0x10325476;213context->state[4] = 0xC3D2E1F0;214context->count[0] = context->count[1] = 0;215}216217/* Run your data through this. */218219void SHA1Update(SHA1_CTX *context, uint8_t *data, uint32_t len)220{221uint32_t i;222uint32_t j;223224j = context->count[0];225if ((context->count[0] += len << 3) < j)226context->count[1]++;227context->count[1] += (len >> 29);228j = (j >> 3) & 63;229if ((j + len) > 63)230{231memcpy(&context->buffer[j], data, (i = 64 - j));232SHA1Transform(context->state, context->buffer);233for (; i + 63 < len; i += 64)234{235SHA1Transform(context->state, &data[i]);236}237j = 0;238}239else240i = 0;241memcpy(&context->buffer[j], &data[i], len - i);242}243244/* Add padding and return the message digest. */245246void SHA1Final(unsigned char digest[20], SHA1_CTX *context)247{248unsigned i;249unsigned char finalcount[8];250unsigned char c;251252#if 0 /* untested "improvement" by DHR */253/* Convert context->count to a sequence of bytes254* in finalcount. Second element first, but255* big-endian order within element.256* But we do it all backwards.257*/258unsigned char *fcp = &finalcount[8];259260for (i = 0; i < 2; i++)261{262uint32_t t = context->count[i];263int j;264265for (j = 0; j < 4; t >>= 8, j++)266*--fcp = (unsigned char) t;267}268#else269for (i = 0; i < 8; i++)270{271finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] >> ((3 - (i & 3)) * 8)) & 255); /* Endian independent */272}273#endif274c = 0200;275SHA1Update(context, &c, 1);276while ((context->count[0] & 504) != 448)277{278c = 0000;279SHA1Update(context, &c, 1);280}281SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */282for (i = 0; i < 20; i++)283{284digest[i] = (unsigned char)((context->state[i >> 2] >> ((3 - (i & 3)) * 8)) & 255);285}286/* Wipe variables */287memset(context, '\0', sizeof(*context));288memset(&finalcount, '\0', sizeof(finalcount));289}290/* ================ end of sha1.c ================ */291292void sha1(uint8_t *data, uint32_t size, uint8_t hash[20])293{294SHA1_CTX ctx;295SHA1Init(&ctx);296SHA1Update(&ctx, data, size);297SHA1Final(hash, &ctx);298}299300