/* $Id: sph_ripemd.h 216 2010-06-08 09:46:57Z tp $ */1/**2* RIPEMD, RIPEMD-128 and RIPEMD-160 interface.3*4* RIPEMD was first described in: Research and Development in Advanced5* Communication Technologies in Europe, "RIPE Integrity Primitives:6* Final Report of RACE Integrity Primitives Evaluation (R1040)", RACE,7* June 1992.8*9* A new, strengthened version, dubbed RIPEMD-160, was published in: H.10* Dobbertin, A. Bosselaers, and B. Preneel, "RIPEMD-160, a strengthened11* version of RIPEMD", Fast Software Encryption - FSE'96, LNCS 1039,12* Springer (1996), pp. 71--82.13*14* This article describes both RIPEMD-160, with a 160-bit output, and a15* reduced version called RIPEMD-128, which has a 128-bit output. RIPEMD-12816* was meant as a "drop-in" replacement for any hash function with 128-bit17* output, especially the original RIPEMD.18*19* @warning Collisions, and an efficient method to build other collisions,20* have been published for the original RIPEMD, which is thus considered as21* cryptographically broken. It is also very rarely encountered, and there22* seems to exist no free description or implementation of RIPEMD (except23* the sphlib code, of course). As of january 2007, RIPEMD-128 and RIPEMD-16024* seem as secure as their output length allows.25*26* ==========================(LICENSE BEGIN)============================27*28* Copyright (c) 2007-2010 Projet RNRT SAPHIR29*30* Permission is hereby granted, free of charge, to any person obtaining31* a copy of this software and associated documentation files (the32* "Software"), to deal in the Software without restriction, including33* without limitation the rights to use, copy, modify, merge, publish,34* distribute, sublicense, and/or sell copies of the Software, and to35* permit persons to whom the Software is furnished to do so, subject to36* the following conditions:37*38* The above copyright notice and this permission notice shall be39* included in all copies or substantial portions of the Software.40*41* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,42* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF43* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.44* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY45* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,46* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE47* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.48*49* ===========================(LICENSE END)=============================50*51* @file sph_ripemd.h52* @author Thomas Pornin <[email protected]>53*/5455#ifndef SPH_RIPEMD_H__56#define SPH_RIPEMD_H__5758#include <stddef.h>59#include "sph_types.h"6061/**62* Output size (in bits) for RIPEMD.63*/64#define SPH_SIZE_ripemd 1286566/**67* Output size (in bits) for RIPEMD-128.68*/69#define SPH_SIZE_ripemd128 1287071/**72* Output size (in bits) for RIPEMD-160.73*/74#define SPH_SIZE_ripemd160 1607576/**77* This structure is a context for RIPEMD computations: it contains the78* intermediate values and some data from the last entered block. Once79* a RIPEMD computation has been performed, the context can be reused for80* another computation.81*82* The contents of this structure are private. A running RIPEMD computation83* can be cloned by copying the context (e.g. with a simple84* <code>memcpy()</code>).85*/86typedef struct {87#ifndef DOXYGEN_IGNORE88unsigned char buf[64]; /* first field, for alignment */89sph_u32 val[4];90#if SPH_6491sph_u64 count;92#else93sph_u32 count_high, count_low;94#endif95#endif96} sph_ripemd_context;9798/**99* Initialize a RIPEMD context. This process performs no memory allocation.100*101* @param cc the RIPEMD context (pointer to102* a <code>sph_ripemd_context</code>)103*/104void sph_ripemd_init(void *cc);105106/**107* Process some data bytes. It is acceptable that <code>len</code> is zero108* (in which case this function does nothing).109*110* @param cc the RIPEMD context111* @param data the input data112* @param len the input data length (in bytes)113*/114void sph_ripemd(void *cc, const void *data, size_t len);115116/**117* Terminate the current RIPEMD computation and output the result into the118* provided buffer. The destination buffer must be wide enough to119* accomodate the result (16 bytes). The context is automatically120* reinitialized.121*122* @param cc the RIPEMD context123* @param dst the destination buffer124*/125void sph_ripemd_close(void *cc, void *dst);126127/**128* Apply the RIPEMD compression function on the provided data. The129* <code>msg</code> parameter contains the 16 32-bit input blocks,130* as numerical values (hence after the little-endian decoding). The131* <code>val</code> parameter contains the 5 32-bit input blocks for132* the compression function; the output is written in place in this133* array.134*135* @param msg the message block (16 values)136* @param val the function 128-bit input and output137*/138void sph_ripemd_comp(const sph_u32 msg[16], sph_u32 val[4]);139140/* ===================================================================== */141142/**143* This structure is a context for RIPEMD-128 computations: it contains the144* intermediate values and some data from the last entered block. Once145* a RIPEMD-128 computation has been performed, the context can be reused for146* another computation.147*148* The contents of this structure are private. A running RIPEMD-128 computation149* can be cloned by copying the context (e.g. with a simple150* <code>memcpy()</code>).151*/152typedef struct {153#ifndef DOXYGEN_IGNORE154unsigned char buf[64]; /* first field, for alignment */155sph_u32 val[4];156#if SPH_64157sph_u64 count;158#else159sph_u32 count_high, count_low;160#endif161#endif162} sph_ripemd128_context;163164/**165* Initialize a RIPEMD-128 context. This process performs no memory allocation.166*167* @param cc the RIPEMD-128 context (pointer to168* a <code>sph_ripemd128_context</code>)169*/170void sph_ripemd128_init(void *cc);171172/**173* Process some data bytes. It is acceptable that <code>len</code> is zero174* (in which case this function does nothing).175*176* @param cc the RIPEMD-128 context177* @param data the input data178* @param len the input data length (in bytes)179*/180void sph_ripemd128(void *cc, const void *data, size_t len);181182/**183* Terminate the current RIPEMD-128 computation and output the result into the184* provided buffer. The destination buffer must be wide enough to185* accomodate the result (16 bytes). The context is automatically186* reinitialized.187*188* @param cc the RIPEMD-128 context189* @param dst the destination buffer190*/191void sph_ripemd128_close(void *cc, void *dst);192193/**194* Apply the RIPEMD-128 compression function on the provided data. The195* <code>msg</code> parameter contains the 16 32-bit input blocks,196* as numerical values (hence after the little-endian decoding). The197* <code>val</code> parameter contains the 5 32-bit input blocks for198* the compression function; the output is written in place in this199* array.200*201* @param msg the message block (16 values)202* @param val the function 128-bit input and output203*/204void sph_ripemd128_comp(const sph_u32 msg[16], sph_u32 val[4]);205206/* ===================================================================== */207208/**209* This structure is a context for RIPEMD-160 computations: it contains the210* intermediate values and some data from the last entered block. Once211* a RIPEMD-160 computation has been performed, the context can be reused for212* another computation.213*214* The contents of this structure are private. A running RIPEMD-160 computation215* can be cloned by copying the context (e.g. with a simple216* <code>memcpy()</code>).217*/218typedef struct {219#ifndef DOXYGEN_IGNORE220unsigned char buf[64]; /* first field, for alignment */221sph_u32 val[5];222#if SPH_64223sph_u64 count;224#else225sph_u32 count_high, count_low;226#endif227#endif228} sph_ripemd160_context;229230/**231* Initialize a RIPEMD-160 context. This process performs no memory allocation.232*233* @param cc the RIPEMD-160 context (pointer to234* a <code>sph_ripemd160_context</code>)235*/236void sph_ripemd160_init(void *cc);237238/**239* Process some data bytes. It is acceptable that <code>len</code> is zero240* (in which case this function does nothing).241*242* @param cc the RIPEMD-160 context243* @param data the input data244* @param len the input data length (in bytes)245*/246void sph_ripemd160(void *cc, const void *data, size_t len);247248/**249* Terminate the current RIPEMD-160 computation and output the result into the250* provided buffer. The destination buffer must be wide enough to251* accomodate the result (20 bytes). The context is automatically252* reinitialized.253*254* @param cc the RIPEMD-160 context255* @param dst the destination buffer256*/257void sph_ripemd160_close(void *cc, void *dst);258259/**260* Apply the RIPEMD-160 compression function on the provided data. The261* <code>msg</code> parameter contains the 16 32-bit input blocks,262* as numerical values (hence after the little-endian decoding). The263* <code>val</code> parameter contains the 5 32-bit input blocks for264* the compression function; the output is written in place in this265* array.266*267* @param msg the message block (16 values)268* @param val the function 160-bit input and output269*/270void sph_ripemd160_comp(const sph_u32 msg[16], sph_u32 val[5]);271272#endif273274275276