sha256.diff

dragonfly, 04/28/2006 09:32 PM

Download (24 KB)

View differences:

lib/libmd/Makefile 26 Apr 2006 19:25:53 -0000
4 4
LIB=	md
5 5
SRCS=	md2c.c md4c.c md5c.c md2hl.c md4hl.c md5hl.c \
6 6
	rmd160c.c rmd160hl.c \
7
	sha0c.c sha0hl.c sha1c.c sha1hl.c
8
INCS=	md2.h md4.h md5.h ripemd.h sha.h
7
	sha0c.c sha0hl.c sha1c.c sha1hl.c \
8
	sha256c.c sha256hl.c
9
INCS=	md2.h md4.h md5.h ripemd.h sha.h sha256.h
9 10

  
10
MAN+=	md2.3 md4.3 md5.3 ripemd.3 sha.3
11
MAN+=	md2.3 md4.3 md5.3 ripemd.3 sha.3 sha256.3
11 12
MLINKS+=md2.3 MD2Init.3 md2.3 MD2Update.3 md2.3 MD2Final.3
12 13
MLINKS+=md2.3 MD2End.3  md2.3 MD2File.3   md2.3 MD2Data.3
13 14
MLINKS+=md4.3 MD4Init.3 md4.3 MD4Update.3 md4.3 MD4Final.3
......
21 22
MLINKS+=sha.3 SHA_End.3   sha.3 SHA_File.3    sha.3 SHA_Data.3
22 23
MLINKS+=sha.3 SHA1_Init.3 sha.3 SHA1_Update.3 sha.3 SHA1_Final.3
23 24
MLINKS+=sha.3 SHA1_End.3  sha.3 SHA1_File.3   sha.3 SHA1_Data.3
25
MLINKS+=sha256.3 SHA256_Init.3  sha256.3 SHA256_Update.3
26
MLINKS+=sha256.3 SHA256_Final.3 sha256.3 SHA256_End.3
27
MLINKS+=sha256.3 SHA256_File.3 sha256.3 SHA256_FileChunk.3
28
MLINKS+=sha256.3 SHA256_Data.3
24 29
CLEANFILES+=	md[245]hl.c md[245].ref md[245].3 mddriver \
25 30
		rmd160.ref rmd160hl.c rmddriver \
26
		sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver
31
		sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \
32
		sha256.ref sha256hl.c
27 33
CFLAGS+= -I${.CURDIR}
28 34
.PATH: ${.CURDIR}/${MACHINE_ARCH}
29 35

  
......
58 64
		sed -e 's/mdX/sha/g' -e 's/MDX/SHA1_/g' -e 's/SHA1__/SHA1_/g' \
59 65
		${.ALLSRC}) > ${.TARGET}
60 66

  
67
sha256hl.c: mdXhl.c
68
	(echo '#define LENGTH 32'; \
69
		sed -e 's/mdX/sha256/g' -e 's/MDX/SHA256_/g'    \
70
			-e  's/SHA256__/SHA256_/g' \
71
			${.ALLSRC}) > ${.TARGET}
72

  
61 73
rmd160hl.c: mdXhl.c
62 74
	(echo '#define LENGTH 20'; \
63 75
		sed -e 's/mdX/ripemd/g' -e 's/MDX/RIPEMD160_/g' \
......
101 113
	@echo 'MD5 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 57edf4a22be3c955ac49da2e2107b67a' >> ${.TARGET}
102 114

  
103 115
sha0.ref:
104
	(echo 'SHA-0 test suite:'; \
105
	echo 'SHA-0 ("") = f96cea198ad1dd5617ac084a3d92c6107708c0ef'; \
106
	echo 'SHA-0 ("abc") = 0164b8a914cd2a5e74c4f7ff082c4d97f1edf880'; \
107
	echo 'SHA-0 ("message digest") =' \
108
		'c1b0f222d150ebb9aa36a40cafdc8bcbed830b14'; \
109
	echo 'SHA-0 ("abcdefghijklmnopqrstuvwxyz") =' \
110
		'b40ce07a430cfd3c033039b9fe9afec95dc1bdcd'; \
111
	echo 'SHA-0 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
112
		'79e966f7a3a990df33e40e3d7f8f18d2caebadfa'; \
113
	echo 'SHA-0 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
114
		'4aa29d14d171522ece47bee8957e35a41f3e9cff' ) > ${.TARGET}
116
	echo 'SHA-0 test suite:' > ${.TARGET}
117
	@echo 'SHA-0 ("") = f96cea198ad1dd5617ac084a3d92c6107708c0ef' >> ${.TARGET}
118
	@echo 'SHA-0 ("abc") = 0164b8a914cd2a5e74c4f7ff082c4d97f1edf880' >> ${.TARGET}
119
	@echo 'SHA-0 ("message digest") = c1b0f222d150ebb9aa36a40cafdc8bcbed830b14' >> ${.TARGET}
120
	@echo 'SHA-0 ("abcdefghijklmnopqrstuvwxyz") = b40ce07a430cfd3c033039b9fe9afec95dc1bdcd' >> ${.TARGET}
121
	@echo 'SHA-0 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = 79e966f7a3a990df33e40e3d7f8f18d2caebadfa' >> ${.TARGET}
122
	@echo 'SHA-0 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 4aa29d14d171522ece47bee8957e35a41f3e9cff' >> ${.TARGET}
115 123

  
116 124
sha1.ref:
117
	(echo 'SHA-1 test suite:'; \
118
	echo 'SHA-1 ("") = da39a3ee5e6b4b0d3255bfef95601890afd80709'; \
119
	echo 'SHA-1 ("abc") = a9993e364706816aba3e25717850c26c9cd0d89d'; \
120
	echo 'SHA-1 ("message digest") =' \
121
		'c12252ceda8be8994d5fa0290a47231c1d16aae3'; \
122
	echo 'SHA-1 ("abcdefghijklmnopqrstuvwxyz") =' \
123
		'32d10c7b8cf96570ca04ce37f2a19d84240d3a89'; \
124
	echo 'SHA-1 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
125
		'761c457bf73b14d27e9e9265c46f4b4dda11f940'; \
126
	echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
127
		'50abf5706a150990a08b2c5ea40fa0e585554732' ) > ${.TARGET}
125
	echo 'SHA-1 test suite:' > ${.TARGET}
126
	@echo 'SHA-1 ("") = da39a3ee5e6b4b0d3255bfef95601890afd80709' >> ${.TARGET}
127
	@echo 'SHA-1 ("abc") = a9993e364706816aba3e25717850c26c9cd0d89d' >> ${.TARGET}
128
	@echo 'SHA-1 ("message digest") = c12252ceda8be8994d5fa0290a47231c1d16aae3' >> ${.TARGET}
129
	@echo 'SHA-1 ("abcdefghijklmnopqrstuvwxyz") = 32d10c7b8cf96570ca04ce37f2a19d84240d3a89' >> ${.TARGET}
130
	@echo 'SHA-1 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = 761c457bf73b14d27e9e9265c46f4b4dda11f940' >> ${.TARGET}
131
	@echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 50abf5706a150990a08b2c5ea40fa0e585554732' >> ${.TARGET}
132

  
133
sha256.ref:
134
	echo 'SHA-256 test suite:' > ${.TARGET}
135
	@echo 'SHA-256 ("") = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855' >> ${.TARGET}
136
	@echo 'SHA-256 ("abc") = ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad' >> ${.TARGET}
137
	@echo 'SHA-256 ("message digest") = f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650' >> ${.TARGET}
138
	@echo 'SHA-256 ("abcdefghijklmnopqrstuvwxyz") = 71c480df93d6ae2f1efad1447c66c9525e316218cf51fc8d9ed832f2daf18b73' >> ${.TARGET}
139
	@echo 'SHA-256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0' >> ${.TARGET}
140
	@echo 'SHA-256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = f371bc4a311f2b009eef952dd83ca80e2b60026c8e935592d0f9c308453c813e' >> ${.TARGET}
128 141

  
129 142
rmd160.ref:
130
	(echo 'RIPEMD160 test suite:'; \
131
	echo 'RIPEMD160 ("") = 9c1185a5c5e9fc54612808977ee8f548b2258d31'; \
132
	echo 'RIPEMD160 ("abc") = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc'; \
133
	echo 'RIPEMD160 ("message digest") =' \
134
		'5d0689ef49d2fae572b881b123a85ffa21595f36'; \
135
	echo 'RIPEMD160 ("abcdefghijklmnopqrstuvwxyz") =' \
136
		'f71c27109c692c1b56bbdceb5b9d2865b3708dbc'; \
137
	echo 'RIPEMD160 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
138
		'b0e20b6e3116640286ed3a87a5713079b21f5189'; \
139
	echo 'RIPEMD160 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
140
		'9b752e45573d4b39f4dbd3323cab82bf63326bfb' ) > ${.TARGET}
143
	echo 'RIPEMD160 test suite:' > ${.TARGET}
144
	@echo 'RIPEMD160 ("") = 9c1185a5c5e9fc54612808977ee8f548b2258d31' >> ${.TARGET}
145
	@echo 'RIPEMD160 ("abc") = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc' >> ${.TARGET}
146
	@echo 'RIPEMD160 ("message digest") = 5d0689ef49d2fae572b881b123a85ffa21595f36' >> ${.TARGET}
147
	@echo 'RIPEMD160 ("abcdefghijklmnopqrstuvwxyz") = f71c27109c692c1b56bbdceb5b9d2865b3708dbc' >> ${.TARGET}
148
	@echo 'RIPEMD160 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = b0e20b6e3116640286ed3a87a5713079b21f5189' >> ${.TARGET}
149
	@echo 'RIPEMD160 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 9b752e45573d4b39f4dbd3323cab82bf63326bfb' >> ${.TARGET}
141 150

  
142
test:	md2.ref md4.ref md5.ref sha0.ref rmd160.ref sha1.ref
151
test:	md2.ref md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref
143 152
	@${ECHO} if any of these test fail, the code produces wrong results
144 153
	@${ECHO} and should NOT be used.
145 154
	${CC} -static ${CFLAGS} ${LDFLAGS} -DMD=2 -o mddriver ${.CURDIR}/mddriver.c -L. -lmd
146 155
	./mddriver | cmp md2.ref -
147 156
	@${ECHO} MD2 passed test
157
	-rm -f mddriver
148 158
	${CC} -static ${CFLAGS} ${LDFLAGS} -DMD=4 -o mddriver ${.CURDIR}/mddriver.c -L. -lmd
149 159
	./mddriver | cmp md4.ref -
150 160
	@${ECHO} MD4 passed test
161
	-rm -f mddriver
151 162
	${CC} -static ${CFLAGS} ${LDFLAGS} -DMD=5 -o mddriver ${.CURDIR}/mddriver.c -L. -lmd
152 163
	./mddriver | cmp md5.ref -
153 164
	@${ECHO} MD5 passed test
......
159 170
	${CC} -static ${CFLAGS} ${LDFLAGS} -DSHA=0 -o shadriver ${.CURDIR}/shadriver.c -L. -lmd
160 171
	./shadriver | cmp sha0.ref -
161 172
	@${ECHO} SHA-0 passed test
173
	-rm -f shadriver
162 174
	${CC} -static ${CFLAGS} ${LDFLAGS} -DSHA=1 -o shadriver ${.CURDIR}/shadriver.c -L. -lmd
163 175
	./shadriver | cmp sha1.ref -
164 176
	@${ECHO} SHA-1 passed test
165 177
	-rm -f shadriver
178
	${CC} -static ${CFLAGS} ${LDFLAGS} -DSHA=256 -o shadriver ${.CURDIR}/shadriver.c -L. -lmd
179
	./shadriver | cmp sha256.ref -
180
	@${ECHO} SHA-256 passed test
181
	-rm -f shadriver
166 182

  
167 183
.include <bsd.lib.mk>
lib/libmd/sha256.3 24 Apr 2006 21:08:58 -0000
1
.\"
2
.\" ----------------------------------------------------------------------------
3
.\" "THE BEER-WARE LICENSE" (Revision 42):
4
.\" <phk@FreeBSD.org> wrote this file.  As long as you retain this notice you
5
.\" can do whatever you want with this stuff. If we meet some day, and you think
6
.\" this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
7
.\" ----------------------------------------------------------------------------
8
.\"
9
.\" 	From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp
10
.\" $FreeBSD: src/lib/libmd/sha256.3,v 1.2.4.1 2005/10/08 21:46:23 pjd Exp $
11
.\" $DragonFly: $
12
.\"
13
.Dd March 9, 2005
14
.Dt SHA256 3
15
.Os
16
.Sh NAME
17
.Nm SHA256_Init ,
18
.Nm SHA256_Update ,
19
.Nm SHA256_Final ,
20
.Nm SHA256_End ,
21
.Nm SHA256_File ,
22
.Nm SHA256_FileChunk ,
23
.Nm SHA256_Data
24
.Nd calculate the FIPS 180-2 ``SHA-256'' message digest
25
.Sh LIBRARY
26
.Lb libmd
27
.Sh SYNOPSIS
28
.In sys/types.h
29
.In sha256.h
30
.Ft void
31
.Fn SHA256_Init "SHA256_CTX *context"
32
.Ft void
33
.Fn SHA256_Update "SHA256_CTX *context" "const unsigned char *data" "size_t len"
34
.Ft void
35
.Fn SHA256_Final "unsigned char digest[32]" "SHA256_CTX *context"
36
.Ft "char *"
37
.Fn SHA256_End "SHA256_CTX *context" "char *buf"
38
.Ft "char *"
39
.Fn SHA256_File "const char *filename" "char *buf"
40
.Ft "char *"
41
.Fn SHA256_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
42
.Ft "char *"
43
.Fn SHA256_Data "const unsigned char *data" "unsigned int len" "char *buf"
44
.Sh DESCRIPTION
45
The
46
.Li SHA256_
47
functions calculate a 256-bit cryptographic checksum (digest)
48
for any number of input bytes.
49
A cryptographic checksum is a one-way
50
hash function; that is, it is computationally impractical to find
51
the input corresponding to a particular output.
52
This net result is
53
a
54
.Dq fingerprint
55
of the input-data, which does not disclose the actual input.
56
.Pp
57
The
58
.Fn SHA256_Init ,
59
.Fn SHA256_Update ,
60
and
61
.Fn SHA256_Final
62
functions are the core functions.
63
Allocate an
64
.Vt SHA256_CTX ,
65
initialize it with
66
.Fn SHA256_Init ,
67
run over the data with
68
.Fn SHA256_Update ,
69
and finally extract the result using
70
.Fn SHA256_Final .
71
.Pp
72
.Fn SHA256_End
73
is a wrapper for
74
.Fn SHA256_Final
75
which converts the return value to a 65-character
76
(including the terminating '\e0')
77
.Tn ASCII
78
string which represents the 256 bits in hexadecimal.
79
.Pp
80
.Fn SHA256_File
81
calculates the digest of a file, and uses
82
.Fn SHA256_End
83
to return the result.
84
If the file cannot be opened, a null pointer is returned.
85
.Fn SHA256_FileChunk
86
is similar to
87
.Fn SHA256_File ,
88
but it only calculates the digest over a byte-range of the file specified,
89
starting at
90
.Fa offset
91
and spanning
92
.Fa length
93
bytes.
94
If the
95
.Fa length
96
parameter is specified as 0, or more than the length of the remaining part
97
of the file,
98
.Fn SHA256_FileChunk
99
calculates the digest from
100
.Fa offset
101
to the end of file.
102
.Fn SHA256_Data
103
calculates the digest of a chunk of data in memory, and uses
104
.Fn SHA256_End
105
to return the result.
106
.Pp
107
When using
108
.Fn SHA256_End ,
109
.Fn SHA256_File ,
110
or
111
.Fn SHA256_Data ,
112
the
113
.Fa buf
114
argument can be a null pointer, in which case the returned string
115
is allocated with
116
.Xr malloc 3
117
and subsequently must be explicitly deallocated using
118
.Xr free 3
119
after use.
120
If the
121
.Fa buf
122
argument is non-null it must point to at least 65 characters of buffer space.
123
.Sh SEE ALSO
124
.Xr md2 3 ,
125
.Xr md4 3 ,
126
.Xr md5 3 ,
127
.Xr ripemd 3 ,
128
.Xr sha 3
129
.Sh HISTORY
130
These functions appeared in
131
.Fx 4.0 .
132
.Sh AUTHORS
133
The core hash routines were implemented by Colin Percival based on
134
the published
135
.Tn FIPS 180-2
136
standard.
137
.Sh BUGS
138
No method is known to exist which finds two files having the same hash value,
139
nor to find a file with a specific hash value.
140
There is on the other hand no guarantee that such a method does not exist.
lib/libmd/sha256.h 24 Apr 2006 21:09:21 -0000
1
/*-
2
 * Copyright 2005 Colin Percival
3
 * All rights reserved.
4
 *
5
 * Redistribution and use in source and binary forms, with or without
6
 * modification, are permitted provided that the following conditions
7
 * are met:
8
 * 1. Redistributions of source code must retain the above copyright
9
 *    notice, this list of conditions and the following disclaimer.
10
 * 2. Redistributions in binary form must reproduce the above copyright
11
 *    notice, this list of conditions and the following disclaimer in the
12
 *    documentation and/or other materials provided with the distribution.
13
 *
14
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24
 * SUCH DAMAGE.
25
 *
26
 * $FreeBSD: src/lib/libmd/sha256.h,v 1.1 2005/03/09 19:23:04 cperciva Exp $
27
 * $DragonFly: $
28
 */
29

  
30
#ifndef _SHA256_H_
31
#define _SHA256_H_
32

  
33
#include <sys/types.h>
34

  
35
typedef struct SHA256Context {
36
	uint32_t state[8];
37
	uint32_t count[2];
38
	unsigned char buf[64];
39
} SHA256_CTX;
40

  
41
__BEGIN_DECLS
42
void	SHA256_Init(SHA256_CTX *);
43
void	SHA256_Update(SHA256_CTX *, const unsigned char *, size_t);
44
void	SHA256_Final(unsigned char [32], SHA256_CTX *);
45
char   *SHA256_End(SHA256_CTX *, char *);
46
char   *SHA256_File(const char *, char *);
47
char   *SHA256_FileChunk(const char *, char *, off_t, off_t);
48
char   *SHA256_Data(const unsigned char *, unsigned int, char *);
49
__END_DECLS
50

  
51
#endif /* !_SHA256_H_ */
lib/libmd/sha256c.c 24 Apr 2006 21:09:51 -0000
1
/*-
2
 * Copyright 2005 Colin Percival
3
 * All rights reserved.
4
 *
5
 * Redistribution and use in source and binary forms, with or without
6
 * modification, are permitted provided that the following conditions
7
 * are met:
8
 * 1. Redistributions of source code must retain the above copyright
9
 *    notice, this list of conditions and the following disclaimer.
10
 * 2. Redistributions in binary form must reproduce the above copyright
11
 *    notice, this list of conditions and the following disclaimer in the
12
 *    documentation and/or other materials provided with the distribution.
13
 *
14
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24
 * SUCH DAMAGE.
25
 *
26
 * $FreeBSD: src/lib/libmd/sha256c.c,v 1.1 2005/03/09 19:23:04 cperciva Exp $
27
 * $DragonFly: $
28
 */
29

  
30
#include <sys/cdefs.h>
31
#include <sys/endian.h>
32
#include <sys/types.h>
33

  
34
#include <string.h>
35

  
36
#include "sha256.h"
37

  
38
#if BYTE_ORDER == BIG_ENDIAN
39

  
40
/* Copy a vector of big-endian uint32_t into a vector of bytes */
41
#define be32enc_vect(dst, src, len)	\
42
	memcpy((void *)dst, (const void *)src, (size_t)len)
43

  
44
/* Copy a vector of bytes into a vector of big-endian uint32_t */
45
#define be32dec_vect(dst, src, len)	\
46
	memcpy((void *)dst, (const void *)src, (size_t)len)
47

  
48
#else /* BYTE_ORDER != BIG_ENDIAN */
49

  
50
/*
51
 * Encode a length len/4 vector of (uint32_t) into a length len vector of
52
 * (unsigned char) in big-endian form.  Assumes len is a multiple of 4.
53
 */
54
static void
55
be32enc_vect(unsigned char *dst, const uint32_t *src, size_t len)
56
{
57
	size_t i;
58

  
59
	for (i = 0; i < len / 4; i++)
60
		be32enc(dst + i * 4, src[i]);
61
}
62

  
63
/*
64
 * Decode a big-endian length len vector of (unsigned char) into a length
65
 * len/4 vector of (uint32_t).  Assumes len is a multiple of 4.
66
 */
67
static void
68
be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len)
69
{
70
	size_t i;
71

  
72
	for (i = 0; i < len / 4; i++)
73
		dst[i] = be32dec(src + i * 4);
74
}
75

  
76
#endif /* BYTE_ORDER != BIG_ENDIAN */
77

  
78
/* Elementary functions used by SHA256 */
79
#define Ch(x, y, z)	((x & (y ^ z)) ^ z)
80
#define Maj(x, y, z)	((x & (y | z)) | (y & z))
81
#define SHR(x, n)	(x >> n)
82
#define ROTR(x, n)	((x >> n) | (x << (32 - n)))
83
#define S0(x)		(ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22))
84
#define S1(x)		(ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
85
#define s0(x)		(ROTR(x, 7) ^ ROTR(x, 18) ^ SHR(x, 3))
86
#define s1(x)		(ROTR(x, 17) ^ ROTR(x, 19) ^ SHR(x, 10))
87

  
88
/* SHA256 round function */
89
#define RND(a, b, c, d, e, f, g, h, k)			\
90
	t0 = h + S1(e) + Ch(e, f, g) + k;		\
91
	t1 = S0(a) + Maj(a, b, c);			\
92
	d += t0;					\
93
	h  = t0 + t1;
94

  
95
/* Adjusted round function for rotating state */
96
#define RNDr(S, W, i, k)			\
97
	RND(S[(64 - i) % 8], S[(65 - i) % 8],	\
98
	    S[(66 - i) % 8], S[(67 - i) % 8],	\
99
	    S[(68 - i) % 8], S[(69 - i) % 8],	\
100
	    S[(70 - i) % 8], S[(71 - i) % 8],	\
101
	    W[i] + k)
102

  
103
/*
104
 * SHA256 block compression function.  The 256-bit state is transformed via
105
 * the 512-bit input block to produce a new state.
106
 */
107
static void
108
SHA256_Transform(uint32_t * state, const unsigned char block[64])
109
{
110
	uint32_t W[64];
111
	uint32_t S[8];
112
	uint32_t t0, t1;
113
	int i;
114

  
115
	/* 1. Prepare message schedule W. */
116
	be32dec_vect(W, block, 64);
117
	for (i = 16; i < 64; i++)
118
		W[i] = s1(W[i - 2]) + W[i - 7] + s0(W[i - 15]) + W[i - 16];
119

  
120
	/* 2. Initialize working variables. */
121
	memcpy(S, state, 32);
122

  
123
	/* 3. Mix. */
124
	RNDr(S, W, 0, 0x428a2f98);
125
	RNDr(S, W, 1, 0x71374491);
126
	RNDr(S, W, 2, 0xb5c0fbcf);
127
	RNDr(S, W, 3, 0xe9b5dba5);
128
	RNDr(S, W, 4, 0x3956c25b);
129
	RNDr(S, W, 5, 0x59f111f1);
130
	RNDr(S, W, 6, 0x923f82a4);
131
	RNDr(S, W, 7, 0xab1c5ed5);
132
	RNDr(S, W, 8, 0xd807aa98);
133
	RNDr(S, W, 9, 0x12835b01);
134
	RNDr(S, W, 10, 0x243185be);
135
	RNDr(S, W, 11, 0x550c7dc3);
136
	RNDr(S, W, 12, 0x72be5d74);
137
	RNDr(S, W, 13, 0x80deb1fe);
138
	RNDr(S, W, 14, 0x9bdc06a7);
139
	RNDr(S, W, 15, 0xc19bf174);
140
	RNDr(S, W, 16, 0xe49b69c1);
141
	RNDr(S, W, 17, 0xefbe4786);
142
	RNDr(S, W, 18, 0x0fc19dc6);
143
	RNDr(S, W, 19, 0x240ca1cc);
144
	RNDr(S, W, 20, 0x2de92c6f);
145
	RNDr(S, W, 21, 0x4a7484aa);
146
	RNDr(S, W, 22, 0x5cb0a9dc);
147
	RNDr(S, W, 23, 0x76f988da);
148
	RNDr(S, W, 24, 0x983e5152);
149
	RNDr(S, W, 25, 0xa831c66d);
150
	RNDr(S, W, 26, 0xb00327c8);
151
	RNDr(S, W, 27, 0xbf597fc7);
152
	RNDr(S, W, 28, 0xc6e00bf3);
153
	RNDr(S, W, 29, 0xd5a79147);
154
	RNDr(S, W, 30, 0x06ca6351);
155
	RNDr(S, W, 31, 0x14292967);
156
	RNDr(S, W, 32, 0x27b70a85);
157
	RNDr(S, W, 33, 0x2e1b2138);
158
	RNDr(S, W, 34, 0x4d2c6dfc);
159
	RNDr(S, W, 35, 0x53380d13);
160
	RNDr(S, W, 36, 0x650a7354);
161
	RNDr(S, W, 37, 0x766a0abb);
162
	RNDr(S, W, 38, 0x81c2c92e);
163
	RNDr(S, W, 39, 0x92722c85);
164
	RNDr(S, W, 40, 0xa2bfe8a1);
165
	RNDr(S, W, 41, 0xa81a664b);
166
	RNDr(S, W, 42, 0xc24b8b70);
167
	RNDr(S, W, 43, 0xc76c51a3);
168
	RNDr(S, W, 44, 0xd192e819);
169
	RNDr(S, W, 45, 0xd6990624);
170
	RNDr(S, W, 46, 0xf40e3585);
171
	RNDr(S, W, 47, 0x106aa070);
172
	RNDr(S, W, 48, 0x19a4c116);
173
	RNDr(S, W, 49, 0x1e376c08);
174
	RNDr(S, W, 50, 0x2748774c);
175
	RNDr(S, W, 51, 0x34b0bcb5);
176
	RNDr(S, W, 52, 0x391c0cb3);
177
	RNDr(S, W, 53, 0x4ed8aa4a);
178
	RNDr(S, W, 54, 0x5b9cca4f);
179
	RNDr(S, W, 55, 0x682e6ff3);
180
	RNDr(S, W, 56, 0x748f82ee);
181
	RNDr(S, W, 57, 0x78a5636f);
182
	RNDr(S, W, 58, 0x84c87814);
183
	RNDr(S, W, 59, 0x8cc70208);
184
	RNDr(S, W, 60, 0x90befffa);
185
	RNDr(S, W, 61, 0xa4506ceb);
186
	RNDr(S, W, 62, 0xbef9a3f7);
187
	RNDr(S, W, 63, 0xc67178f2);
188

  
189
	/* 4. Mix local working variables into global state */
190
	for (i = 0; i < 8; i++)
191
		state[i] += S[i];
192
}
193

  
194
static unsigned char PAD[64] = {
195
	0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
196
	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
197
	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
198
	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
199
};
200

  
201
/* Add padding and terminating bit-count. */
202
static void
203
SHA256_Pad(SHA256_CTX * ctx)
204
{
205
	unsigned char len[8];
206
	uint32_t r, plen;
207

  
208
	/*
209
	 * Convert length to a vector of bytes -- we do this now rather
210
	 * than later because the length will change after we pad.
211
	 */
212
	be32enc_vect(len, ctx->count, 8);
213

  
214
	/* Add 1--64 bytes so that the resulting length is 56 mod 64 */
215
	r = (ctx->count[1] >> 3) & 0x3f;
216
	plen = (r < 56) ? (56 - r) : (120 - r);
217
	SHA256_Update(ctx, PAD, (size_t)plen);
218

  
219
	/* Add the terminating bit-count */
220
	SHA256_Update(ctx, len, 8);
221
}
222

  
223
/* SHA-256 initialization.  Begins a SHA-256 operation. */
224
void
225
SHA256_Init(SHA256_CTX * ctx)
226
{
227

  
228
	/* Zero bits processed so far */
229
	ctx->count[0] = ctx->count[1] = 0;
230

  
231
	/* Magic initialization constants */
232
	ctx->state[0] = 0x6A09E667;
233
	ctx->state[1] = 0xBB67AE85;
234
	ctx->state[2] = 0x3C6EF372;
235
	ctx->state[3] = 0xA54FF53A;
236
	ctx->state[4] = 0x510E527F;
237
	ctx->state[5] = 0x9B05688C;
238
	ctx->state[6] = 0x1F83D9AB;
239
	ctx->state[7] = 0x5BE0CD19;
240
}
241

  
242
/* Add bytes into the hash */
243
void
244
SHA256_Update(SHA256_CTX * ctx, const unsigned char *src, size_t len)
245
{
246
	uint32_t bitlen[2];
247
	uint32_t r;
248

  
249
	/* Number of bytes left in the buffer from previous updates */
250
	r = (ctx->count[1] >> 3) & 0x3f;
251

  
252
	/* Convert the length into a number of bits */
253
	bitlen[1] = ((uint32_t)len) << 3;
254
	bitlen[0] = (uint32_t)(len >> 29);
255

  
256
	/* Update number of bits */
257
	if ((ctx->count[1] += bitlen[1]) < bitlen[1])
258
		ctx->count[0]++;
259
	ctx->count[0] += bitlen[0];
260

  
261
	/* Handle the case where we don't need to perform any transforms */
262
	if (len < 64 - r) {
263
		memcpy(&ctx->buf[r], src, len);
264
		return;
265
	}
266

  
267
	/* Finish the current block */
268
	memcpy(&ctx->buf[r], src, 64 - r);
269
	SHA256_Transform(ctx->state, ctx->buf);
270
	src += 64 - r;
271
	len -= 64 - r;
272

  
273
	/* Perform complete blocks */
274
	while (len >= 64) {
275
		SHA256_Transform(ctx->state, src);
276
		src += 64;
277
		len -= 64;
278
	}
279

  
280
	/* Copy left over data into buffer */
281
	memcpy(ctx->buf, src, len);
282
}
283

  
284
/*
285
 * SHA-256 finalization.  Pads the input data, exports the hash value,
286
 * and clears the context state.
287
 */
288
void
289
SHA256_Final(unsigned char digest[32], SHA256_CTX * ctx)
290
{
291

  
292
	/* Add padding */
293
	SHA256_Pad(ctx);
294

  
295
	/* Write the hash */
296
	be32enc_vect(digest, ctx->state, 32);
297

  
298
	/* Clear the context state */
299
	memset((void *)ctx, 0, sizeof(*ctx));
300
}
lib/libmd/shadriver.c 24 Apr 2006 20:30:12 -0000
28 28
#include <time.h>
29 29
#include <string.h>
30 30
#include "sha.h"
31
#include "sha256.h"
31 32
#if SHA == 1
32 33
#define SHA_Data SHA1_Data
34
#elif SHA == 256
35
#define SHA_Data SHA256_Data
33 36
#endif
34 37

  
35 38
/* Digests a string and prints the result.
......
37 40
static void SHAString (string)
38 41
char *string;
39 42
{
40
  char buf[2*20+1];
43
  char buf[2*32+1];
41 44

  
42 45
  printf ("SHA-%d (\"%s\") = %s\n", 
43 46
	SHA, string, SHA_Data(string,strlen(string),buf));