| blob | 88629da5bb91f3129551b0ca0385095b3a76798e |
1 /*
2 * sha1.c
3 *
4 * Copyright (C) 1998
5 * Paul E. Jones <paulej@arid.us>
6 * All Rights Reserved
7 *
8 * This software is licensed as "freeware." Permission to distribute
9 * this software in source and binary forms is hereby granted without
10 * a fee. THIS SOFTWARE IS PROVIDED 'AS IS' AND WITHOUT ANY EXPRESSED
11 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
12 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
13 * THE AUTHOR SHALL NOT BE HELD LIABLE FOR ANY DAMAGES RESULTING
14 * FROM THE USE OF THIS SOFTWARE, EITHER DIRECTLY OR INDIRECTLY, INCLUDING,
15 * BUT NOT LIMITED TO, LOSS OF DATA OR DATA BEING RENDERED INACCURATE.
16 *
17 *****************************************************************************
18 * $Id: sha1.c,v 1.2 2004/03/27 18:00:33 paulej Exp $
19 *****************************************************************************
20 *
21 * Description:
22 * This file implements the Secure Hashing Standard as defined
23 * in FIPS PUB 180-1 published April 17, 1995.
24 *
25 * The Secure Hashing Standard, which uses the Secure Hashing
26 * Algorithm (SHA), produces a 160-bit message digest for a
27 * given data stream. In theory, it is highly improbable that
28 * two messages will produce the same message digest. Therefore,
29 * this algorithm can serve as a means of providing a "fingerprint"
30 * for a message.
31 *
32 * Portability Issues:
33 * SHA-1 is defined in terms of 32-bit "words". This code was
34 * written with the expectation that the processor has at least
35 * a 32-bit machine word size. If the machine word size is larger,
36 * the code should still function properly. One caveat to that
37 * is that the input functions taking characters and character
38 * arrays assume that only 8 bits of information are stored in each
39 * character.
40 *
41 * Caveats:
42 * SHA-1 is designed to work with messages less than 2^64 bits
43 * long. Although SHA-1 allows a message digest to be generated for
44 * messages of any number of bits less than 2^64, this
45 * implementation only works with messages with a length that is a
46 * multiple of the size of an 8-bit character.
47 *
48 */
52 /*
53 * Define the circular shift macro
54 */
55 #define SHA1CircularShift(bits,word) \
56 ((((word) << (bits)) & 0xFFFFFFFF) | \
57 ((word) >> (32-(bits))))
59 /* Function prototypes */
63 /*
64 * SHA1Reset
65 *
66 * Description:
67 * This function will initialize the SHA1Context in preparation
68 * for computing a new message digest.
69 *
70 * Parameters:
71 * context: [in/out]
72 * The context to reset.
73 *
74 * Returns:
75 * Nothing.
76 *
77 * Comments:
78 *
79 */
81 {
94 }
96 /*
97 * SHA1Result
98 *
99 * Description:
100 * This function will return the 160-bit message digest into the
101 * Message_Digest array within the SHA1Context provided
102 *
103 * Parameters:
104 * context: [in/out]
105 * The context to use to calculate the SHA-1 hash.
106 *
107 * Returns:
108 * 1 if successful, 0 if it failed.
109 *
110 * Comments:
111 *
112 */
114 {
117 {
119 }
122 {
125 }
128 }
130 /*
131 * SHA1Input
132 *
133 * Description:
134 * This function accepts an array of octets as the next portion of
135 * the message.
136 *
137 * Parameters:
138 * context: [in/out]
139 * The SHA-1 context to update
140 * message_array: [in]
141 * An array of characters representing the next portion of the
142 * message.
143 * length: [in]
144 * The length of the message in message_array
145 *
146 * Returns:
147 * Nothing.
148 *
149 * Comments:
150 *
151 */
155 {
157 {
159 }
162 {
165 }
168 {
173 /* Force it to 32 bits */
176 {
178 /* Force it to 32 bits */
181 {
182 /* Message is too long */
184 }
185 }
188 {
190 }
192 message_array++;
193 }
194 }
196 /*
197 * SHA1ProcessMessageBlock
198 *
199 * Description:
200 * This function will process the next 512 bits of the message
201 * stored in the Message_Block array.
202 *
203 * Parameters:
204 * None.
205 *
206 * Returns:
207 * Nothing.
208 *
209 * Comments:
210 * Many of the variable names in the SHAContext, especially the
211 * single character names, were used because those were the names
212 * used in the publication.
213 *
214 *
215 */
217 {
219 {
223 0xCA62C1D6
224 };
230 /*
231 * Initialize the first 16 words in the array W
232 */
234 {
239 }
242 {
244 }
253 {
262 }
265 {
273 }
276 {
285 }
288 {
296 }
310 }
312 /*
313 * SHA1PadMessage
314 *
315 * Description:
316 * According to the standard, the message must be padded to an even
317 * 512 bits. The first padding bit must be a '1'. The last 64
318 * bits represent the length of the original message. All bits in
319 * between should be 0. This function will pad the message
320 * according to those rules by filling the Message_Block array
321 * accordingly. It will also call SHA1ProcessMessageBlock()
322 * appropriately. When it returns, it can be assumed that the
323 * message digest has been computed.
324 *
325 * Parameters:
326 * context: [in/out]
327 * The context to pad
328 *
329 * Returns:
330 * Nothing.
331 *
332 * Comments:
333 *
334 */
336 {
337 /*
338 * Check to see if the current message block is too small to hold
339 * the initial padding bits and length. If so, we will pad the
340 * block, process it, and then continue padding into a second
341 * block.
342 */
344 {
347 {
349 }
354 {
356 }
357 }
358 else
359 {
362 {
364 }
365 }
367 /*
368 * Store the message length as the last 8 octets
369 */
380 }