2 * Copyright 2017 Marc Stevens <marc@marc-stevens.nl>, Dan Shumow (danshu@microsoft.com)
3 * Distributed under the MIT Software License.
4 * See accompanying file LICENSE.txt or copy at
5 * https://opensource.org/licenses/MIT
8 #ifndef SHA1DC_NO_STANDARD_INCLUDES
15 #ifdef SHA1DC_CUSTOM_INCLUDE_SHA1_C
16 #include SHA1DC_CUSTOM_INCLUDE_SHA1_C
19 #ifndef SHA1DC_INIT_SAFE_HASH_DEFAULT
20 #define SHA1DC_INIT_SAFE_HASH_DEFAULT 1
24 #include "ubc_check.h"
28 Because Little-Endian architectures are most common,
29 we only set SHA1DC_BIGENDIAN if one of these conditions is met.
30 Note that all MSFT platforms are little endian,
31 so none of these will be defined under the MSC compiler.
32 If you are compiling on a big endian platform and your compiler does not define one of these,
33 you will have to add whatever macros your tool chain defines to indicate Big-Endianness.
35 #ifdef SHA1DC_BIGENDIAN
36 #undef SHA1DC_BIGENDIAN
39 #if (defined(_BYTE_ORDER) || defined(__BYTE_ORDER) || defined(__BYTE_ORDER__))
41 #if ((defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)) || \
42 (defined(__BYTE_ORDER) && (__BYTE_ORDER == __BIG_ENDIAN)) || \
43 (defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)) )
44 #define SHA1DC_BIGENDIAN
49 #if (defined(_BIG_ENDIAN) || defined(__BIG_ENDIAN) || defined(__BIG_ENDIAN__) || \
50 defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \
51 defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || \
53 #define SHA1DC_BIGENDIAN
58 #if (defined(SHA1DC_FORCE_LITTLEENDIAN) && defined(SHA1DC_BIGENDIAN))
59 #undef SHA1DC_BIGENDIAN
61 #if (defined(SHA1DC_FORCE_BIGENDIAN) && !defined(SHA1DC_BIGENDIAN))
62 #define SHA1DC_BIGENDIAN
64 /*ENDIANNESS SELECTION*/
66 #if (defined SHA1DC_FORCE_UNALIGNED_ACCESS || \
67 defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) || \
68 defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) || \
69 defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(__X86__) || \
70 defined(_X86_) || defined(__THW_INTEL__) || defined(__I86__) || defined(__INTEL__) || \
71 defined(__386) || defined(_M_X64) || defined(_M_AMD64))
73 #define SHA1DC_ALLOW_UNALIGNED_ACCESS
75 #endif /*UNALIGNMENT DETECTION*/
78 #define rotate_right(x,n) (((x)>>(n))|((x)<<(32-(n))))
79 #define rotate_left(x,n) (((x)<<(n))|((x)>>(32-(n))))
81 #define sha1_bswap32(x) \
82 {x = ((x << 8) & 0xFF00FF00) | ((x >> 8) & 0xFF00FF); x = (x << 16) | (x >> 16);}
84 #define sha1_mix(W, t) (rotate_left(W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16], 1))
86 #ifdef SHA1DC_BIGENDIAN
87 #define sha1_load(m, t, temp) { temp = m[t]; }
89 #define sha1_load(m, t, temp) { temp = m[t]; sha1_bswap32(temp); }
92 #define sha1_store(W, t, x) *(volatile uint32_t *)&W[t] = x
94 #define sha1_f1(b,c,d) ((d)^((b)&((c)^(d))))
95 #define sha1_f2(b,c,d) ((b)^(c)^(d))
96 #define sha1_f3(b,c,d) (((b)&(c))+((d)&((b)^(c))))
97 #define sha1_f4(b,c,d) ((b)^(c)^(d))
99 #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, m, t) \
100 { e += rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; b = rotate_left(b, 30); }
101 #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, m, t) \
102 { e += rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; b = rotate_left(b, 30); }
103 #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, m, t) \
104 { e += rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; b = rotate_left(b, 30); }
105 #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, m, t) \
106 { e += rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; b = rotate_left(b, 30); }
108 #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, m, t) \
109 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; }
110 #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, m, t) \
111 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; }
112 #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, m, t) \
113 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; }
114 #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, m, t) \
115 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; }
117 #define SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, t, temp) \
118 {sha1_load(m, t, temp); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30);}
120 #define SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(a, b, c, d, e, W, t, temp) \
121 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30); }
123 #define SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, t, temp) \
124 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1; b = rotate_left(b, 30); }
126 #define SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, t, temp) \
127 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC; b = rotate_left(b, 30); }
129 #define SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, t, temp) \
130 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6; b = rotate_left(b, 30); }
133 #define SHA1_STORE_STATE(i) states[i][0] = a; states[i][1] = b; states[i][2] = c; states[i][3] = d; states[i][4] = e;
135 #ifdef BUILDNOCOLLDETECTSHA1COMPRESSION
136 void sha1_compression(uint32_t ihv
[5], const uint32_t m
[16])
142 memcpy(W
, m
, 16 * 4);
143 for (i
= 16; i
< 80; ++i
)
144 W
[i
] = sha1_mix(W
, i
);
146 a
= ihv
[0]; b
= ihv
[1]; c
= ihv
[2]; d
= ihv
[3]; e
= ihv
[4];
148 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 0);
149 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 1);
150 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 2);
151 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 3);
152 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 4);
153 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 5);
154 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 6);
155 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 7);
156 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 8);
157 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 9);
158 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 10);
159 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 11);
160 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 12);
161 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 13);
162 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 14);
163 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 15);
164 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 16);
165 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 17);
166 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 18);
167 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 19);
169 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 20);
170 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 21);
171 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 22);
172 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 23);
173 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 24);
174 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 25);
175 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 26);
176 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 27);
177 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 28);
178 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 29);
179 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 30);
180 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 31);
181 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 32);
182 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 33);
183 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 34);
184 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 35);
185 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 36);
186 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 37);
187 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 38);
188 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 39);
190 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 40);
191 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 41);
192 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 42);
193 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 43);
194 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 44);
195 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 45);
196 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 46);
197 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 47);
198 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 48);
199 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 49);
200 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 50);
201 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 51);
202 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 52);
203 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 53);
204 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 54);
205 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 55);
206 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 56);
207 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 57);
208 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 58);
209 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 59);
211 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 60);
212 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 61);
213 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 62);
214 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 63);
215 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 64);
216 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 65);
217 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 66);
218 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 67);
219 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 68);
220 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 69);
221 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 70);
222 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 71);
223 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 72);
224 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 73);
225 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 74);
226 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 75);
227 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 76);
228 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 77);
229 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 78);
230 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 79);
232 ihv
[0] += a
; ihv
[1] += b
; ihv
[2] += c
; ihv
[3] += d
; ihv
[4] += e
;
234 #endif /*BUILDNOCOLLDETECTSHA1COMPRESSION*/
237 static void sha1_compression_W(uint32_t ihv
[5], const uint32_t W
[80])
239 uint32_t a
= ihv
[0], b
= ihv
[1], c
= ihv
[2], d
= ihv
[3], e
= ihv
[4];
241 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 0);
242 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 1);
243 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 2);
244 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 3);
245 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 4);
246 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 5);
247 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 6);
248 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 7);
249 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 8);
250 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 9);
251 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 10);
252 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 11);
253 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 12);
254 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 13);
255 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 14);
256 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 15);
257 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 16);
258 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 17);
259 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 18);
260 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 19);
262 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 20);
263 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 21);
264 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 22);
265 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 23);
266 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 24);
267 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 25);
268 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 26);
269 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 27);
270 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 28);
271 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 29);
272 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 30);
273 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 31);
274 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 32);
275 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 33);
276 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 34);
277 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 35);
278 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 36);
279 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 37);
280 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 38);
281 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 39);
283 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 40);
284 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 41);
285 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 42);
286 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 43);
287 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 44);
288 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 45);
289 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 46);
290 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 47);
291 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 48);
292 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 49);
293 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 50);
294 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 51);
295 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 52);
296 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 53);
297 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 54);
298 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 55);
299 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 56);
300 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 57);
301 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 58);
302 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 59);
304 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 60);
305 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 61);
306 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 62);
307 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 63);
308 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 64);
309 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 65);
310 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 66);
311 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 67);
312 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 68);
313 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 69);
314 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 70);
315 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 71);
316 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 72);
317 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 73);
318 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 74);
319 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 75);
320 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 76);
321 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 77);
322 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 78);
323 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 79);
325 ihv
[0] += a
; ihv
[1] += b
; ihv
[2] += c
; ihv
[3] += d
; ihv
[4] += e
;
330 void sha1_compression_states(uint32_t ihv
[5], const uint32_t m
[16], uint32_t W
[80], uint32_t states
[80][5])
332 uint32_t a
= ihv
[0], b
= ihv
[1], c
= ihv
[2], d
= ihv
[3], e
= ihv
[4];
335 #ifdef DOSTORESTATE00
338 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a
, b
, c
, d
, e
, m
, W
, 0, temp
);
340 #ifdef DOSTORESTATE01
343 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e
, a
, b
, c
, d
, m
, W
, 1, temp
);
345 #ifdef DOSTORESTATE02
348 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d
, e
, a
, b
, c
, m
, W
, 2, temp
);
350 #ifdef DOSTORESTATE03
353 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c
, d
, e
, a
, b
, m
, W
, 3, temp
);
355 #ifdef DOSTORESTATE04
358 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b
, c
, d
, e
, a
, m
, W
, 4, temp
);
360 #ifdef DOSTORESTATE05
363 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a
, b
, c
, d
, e
, m
, W
, 5, temp
);
365 #ifdef DOSTORESTATE06
368 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e
, a
, b
, c
, d
, m
, W
, 6, temp
);
370 #ifdef DOSTORESTATE07
373 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d
, e
, a
, b
, c
, m
, W
, 7, temp
);
375 #ifdef DOSTORESTATE08
378 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c
, d
, e
, a
, b
, m
, W
, 8, temp
);
380 #ifdef DOSTORESTATE09
383 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b
, c
, d
, e
, a
, m
, W
, 9, temp
);
385 #ifdef DOSTORESTATE10
388 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a
, b
, c
, d
, e
, m
, W
, 10, temp
);
390 #ifdef DOSTORESTATE11
393 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e
, a
, b
, c
, d
, m
, W
, 11, temp
);
395 #ifdef DOSTORESTATE12
398 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d
, e
, a
, b
, c
, m
, W
, 12, temp
);
400 #ifdef DOSTORESTATE13
403 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c
, d
, e
, a
, b
, m
, W
, 13, temp
);
405 #ifdef DOSTORESTATE14
408 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b
, c
, d
, e
, a
, m
, W
, 14, temp
);
410 #ifdef DOSTORESTATE15
413 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a
, b
, c
, d
, e
, m
, W
, 15, temp
);
415 #ifdef DOSTORESTATE16
418 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(e
, a
, b
, c
, d
, W
, 16, temp
);
420 #ifdef DOSTORESTATE17
423 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(d
, e
, a
, b
, c
, W
, 17, temp
);
425 #ifdef DOSTORESTATE18
428 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(c
, d
, e
, a
, b
, W
, 18, temp
);
430 #ifdef DOSTORESTATE19
433 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(b
, c
, d
, e
, a
, W
, 19, temp
);
437 #ifdef DOSTORESTATE20
440 SHA1COMPRESS_FULL_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 20, temp
);
442 #ifdef DOSTORESTATE21
445 SHA1COMPRESS_FULL_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 21, temp
);
447 #ifdef DOSTORESTATE22
450 SHA1COMPRESS_FULL_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 22, temp
);
452 #ifdef DOSTORESTATE23
455 SHA1COMPRESS_FULL_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 23, temp
);
457 #ifdef DOSTORESTATE24
460 SHA1COMPRESS_FULL_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 24, temp
);
462 #ifdef DOSTORESTATE25
465 SHA1COMPRESS_FULL_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 25, temp
);
467 #ifdef DOSTORESTATE26
470 SHA1COMPRESS_FULL_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 26, temp
);
472 #ifdef DOSTORESTATE27
475 SHA1COMPRESS_FULL_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 27, temp
);
477 #ifdef DOSTORESTATE28
480 SHA1COMPRESS_FULL_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 28, temp
);
482 #ifdef DOSTORESTATE29
485 SHA1COMPRESS_FULL_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 29, temp
);
487 #ifdef DOSTORESTATE30
490 SHA1COMPRESS_FULL_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 30, temp
);
492 #ifdef DOSTORESTATE31
495 SHA1COMPRESS_FULL_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 31, temp
);
497 #ifdef DOSTORESTATE32
500 SHA1COMPRESS_FULL_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 32, temp
);
502 #ifdef DOSTORESTATE33
505 SHA1COMPRESS_FULL_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 33, temp
);
507 #ifdef DOSTORESTATE34
510 SHA1COMPRESS_FULL_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 34, temp
);
512 #ifdef DOSTORESTATE35
515 SHA1COMPRESS_FULL_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 35, temp
);
517 #ifdef DOSTORESTATE36
520 SHA1COMPRESS_FULL_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 36, temp
);
522 #ifdef DOSTORESTATE37
525 SHA1COMPRESS_FULL_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 37, temp
);
527 #ifdef DOSTORESTATE38
530 SHA1COMPRESS_FULL_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 38, temp
);
532 #ifdef DOSTORESTATE39
535 SHA1COMPRESS_FULL_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 39, temp
);
539 #ifdef DOSTORESTATE40
542 SHA1COMPRESS_FULL_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 40, temp
);
544 #ifdef DOSTORESTATE41
547 SHA1COMPRESS_FULL_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 41, temp
);
549 #ifdef DOSTORESTATE42
552 SHA1COMPRESS_FULL_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 42, temp
);
554 #ifdef DOSTORESTATE43
557 SHA1COMPRESS_FULL_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 43, temp
);
559 #ifdef DOSTORESTATE44
562 SHA1COMPRESS_FULL_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 44, temp
);
564 #ifdef DOSTORESTATE45
567 SHA1COMPRESS_FULL_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 45, temp
);
569 #ifdef DOSTORESTATE46
572 SHA1COMPRESS_FULL_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 46, temp
);
574 #ifdef DOSTORESTATE47
577 SHA1COMPRESS_FULL_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 47, temp
);
579 #ifdef DOSTORESTATE48
582 SHA1COMPRESS_FULL_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 48, temp
);
584 #ifdef DOSTORESTATE49
587 SHA1COMPRESS_FULL_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 49, temp
);
589 #ifdef DOSTORESTATE50
592 SHA1COMPRESS_FULL_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 50, temp
);
594 #ifdef DOSTORESTATE51
597 SHA1COMPRESS_FULL_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 51, temp
);
599 #ifdef DOSTORESTATE52
602 SHA1COMPRESS_FULL_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 52, temp
);
604 #ifdef DOSTORESTATE53
607 SHA1COMPRESS_FULL_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 53, temp
);
609 #ifdef DOSTORESTATE54
612 SHA1COMPRESS_FULL_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 54, temp
);
614 #ifdef DOSTORESTATE55
617 SHA1COMPRESS_FULL_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 55, temp
);
619 #ifdef DOSTORESTATE56
622 SHA1COMPRESS_FULL_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 56, temp
);
624 #ifdef DOSTORESTATE57
627 SHA1COMPRESS_FULL_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 57, temp
);
629 #ifdef DOSTORESTATE58
632 SHA1COMPRESS_FULL_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 58, temp
);
634 #ifdef DOSTORESTATE59
637 SHA1COMPRESS_FULL_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 59, temp
);
642 #ifdef DOSTORESTATE60
645 SHA1COMPRESS_FULL_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 60, temp
);
647 #ifdef DOSTORESTATE61
650 SHA1COMPRESS_FULL_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 61, temp
);
652 #ifdef DOSTORESTATE62
655 SHA1COMPRESS_FULL_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 62, temp
);
657 #ifdef DOSTORESTATE63
660 SHA1COMPRESS_FULL_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 63, temp
);
662 #ifdef DOSTORESTATE64
665 SHA1COMPRESS_FULL_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 64, temp
);
667 #ifdef DOSTORESTATE65
670 SHA1COMPRESS_FULL_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 65, temp
);
672 #ifdef DOSTORESTATE66
675 SHA1COMPRESS_FULL_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 66, temp
);
677 #ifdef DOSTORESTATE67
680 SHA1COMPRESS_FULL_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 67, temp
);
682 #ifdef DOSTORESTATE68
685 SHA1COMPRESS_FULL_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 68, temp
);
687 #ifdef DOSTORESTATE69
690 SHA1COMPRESS_FULL_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 69, temp
);
692 #ifdef DOSTORESTATE70
695 SHA1COMPRESS_FULL_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 70, temp
);
697 #ifdef DOSTORESTATE71
700 SHA1COMPRESS_FULL_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 71, temp
);
702 #ifdef DOSTORESTATE72
705 SHA1COMPRESS_FULL_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 72, temp
);
707 #ifdef DOSTORESTATE73
710 SHA1COMPRESS_FULL_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 73, temp
);
712 #ifdef DOSTORESTATE74
715 SHA1COMPRESS_FULL_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 74, temp
);
717 #ifdef DOSTORESTATE75
720 SHA1COMPRESS_FULL_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 75, temp
);
722 #ifdef DOSTORESTATE76
725 SHA1COMPRESS_FULL_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 76, temp
);
727 #ifdef DOSTORESTATE77
730 SHA1COMPRESS_FULL_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 77, temp
);
732 #ifdef DOSTORESTATE78
735 SHA1COMPRESS_FULL_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 78, temp
);
737 #ifdef DOSTORESTATE79
740 SHA1COMPRESS_FULL_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 79, temp
);
744 ihv
[0] += a
; ihv
[1] += b
; ihv
[2] += c
; ihv
[3] += d
; ihv
[4] += e
;
750 #define SHA1_RECOMPRESS(t) \
751 static void sha1recompress_fast_ ## t (uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5]) \
753 uint32_t a = state[0], b = state[1], c = state[2], d = state[3], e = state[4]; \
754 if (t > 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 79); \
755 if (t > 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 78); \
756 if (t > 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 77); \
757 if (t > 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 76); \
758 if (t > 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 75); \
759 if (t > 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 74); \
760 if (t > 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 73); \
761 if (t > 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 72); \
762 if (t > 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 71); \
763 if (t > 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 70); \
764 if (t > 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 69); \
765 if (t > 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 68); \
766 if (t > 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 67); \
767 if (t > 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 66); \
768 if (t > 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 65); \
769 if (t > 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 64); \
770 if (t > 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 63); \
771 if (t > 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 62); \
772 if (t > 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 61); \
773 if (t > 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 60); \
774 if (t > 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 59); \
775 if (t > 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 58); \
776 if (t > 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 57); \
777 if (t > 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 56); \
778 if (t > 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 55); \
779 if (t > 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 54); \
780 if (t > 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 53); \
781 if (t > 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 52); \
782 if (t > 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 51); \
783 if (t > 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 50); \
784 if (t > 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 49); \
785 if (t > 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 48); \
786 if (t > 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 47); \
787 if (t > 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 46); \
788 if (t > 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 45); \
789 if (t > 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 44); \
790 if (t > 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 43); \
791 if (t > 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 42); \
792 if (t > 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 41); \
793 if (t > 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 40); \
794 if (t > 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 39); \
795 if (t > 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 38); \
796 if (t > 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 37); \
797 if (t > 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 36); \
798 if (t > 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 35); \
799 if (t > 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 34); \
800 if (t > 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 33); \
801 if (t > 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 32); \
802 if (t > 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 31); \
803 if (t > 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 30); \
804 if (t > 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 29); \
805 if (t > 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 28); \
806 if (t > 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 27); \
807 if (t > 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 26); \
808 if (t > 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 25); \
809 if (t > 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 24); \
810 if (t > 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 23); \
811 if (t > 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 22); \
812 if (t > 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 21); \
813 if (t > 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 20); \
814 if (t > 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 19); \
815 if (t > 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 18); \
816 if (t > 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 17); \
817 if (t > 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 16); \
818 if (t > 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 15); \
819 if (t > 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 14); \
820 if (t > 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 13); \
821 if (t > 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 12); \
822 if (t > 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 11); \
823 if (t > 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 10); \
824 if (t > 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 9); \
825 if (t > 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 8); \
826 if (t > 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 7); \
827 if (t > 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 6); \
828 if (t > 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 5); \
829 if (t > 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 4); \
830 if (t > 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 3); \
831 if (t > 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 2); \
832 if (t > 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 1); \
833 if (t > 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 0); \
834 ihvin[0] = a; ihvin[1] = b; ihvin[2] = c; ihvin[3] = d; ihvin[4] = e; \
835 a = state[0]; b = state[1]; c = state[2]; d = state[3]; e = state[4]; \
836 if (t <= 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 0); \
837 if (t <= 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 1); \
838 if (t <= 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 2); \
839 if (t <= 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 3); \
840 if (t <= 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 4); \
841 if (t <= 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 5); \
842 if (t <= 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 6); \
843 if (t <= 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 7); \
844 if (t <= 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 8); \
845 if (t <= 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 9); \
846 if (t <= 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 10); \
847 if (t <= 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 11); \
848 if (t <= 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 12); \
849 if (t <= 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 13); \
850 if (t <= 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 14); \
851 if (t <= 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 15); \
852 if (t <= 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 16); \
853 if (t <= 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 17); \
854 if (t <= 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 18); \
855 if (t <= 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 19); \
856 if (t <= 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 20); \
857 if (t <= 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 21); \
858 if (t <= 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 22); \
859 if (t <= 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 23); \
860 if (t <= 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 24); \
861 if (t <= 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 25); \
862 if (t <= 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 26); \
863 if (t <= 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 27); \
864 if (t <= 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 28); \
865 if (t <= 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 29); \
866 if (t <= 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 30); \
867 if (t <= 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 31); \
868 if (t <= 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 32); \
869 if (t <= 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 33); \
870 if (t <= 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 34); \
871 if (t <= 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 35); \
872 if (t <= 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 36); \
873 if (t <= 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 37); \
874 if (t <= 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 38); \
875 if (t <= 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 39); \
876 if (t <= 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 40); \
877 if (t <= 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 41); \
878 if (t <= 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 42); \
879 if (t <= 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 43); \
880 if (t <= 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 44); \
881 if (t <= 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 45); \
882 if (t <= 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 46); \
883 if (t <= 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 47); \
884 if (t <= 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 48); \
885 if (t <= 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 49); \
886 if (t <= 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 50); \
887 if (t <= 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 51); \
888 if (t <= 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 52); \
889 if (t <= 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 53); \
890 if (t <= 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 54); \
891 if (t <= 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 55); \
892 if (t <= 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 56); \
893 if (t <= 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 57); \
894 if (t <= 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 58); \
895 if (t <= 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 59); \
896 if (t <= 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 60); \
897 if (t <= 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 61); \
898 if (t <= 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 62); \
899 if (t <= 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 63); \
900 if (t <= 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 64); \
901 if (t <= 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 65); \
902 if (t <= 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 66); \
903 if (t <= 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 67); \
904 if (t <= 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 68); \
905 if (t <= 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 69); \
906 if (t <= 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 70); \
907 if (t <= 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 71); \
908 if (t <= 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 72); \
909 if (t <= 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 73); \
910 if (t <= 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 74); \
911 if (t <= 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 75); \
912 if (t <= 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 76); \
913 if (t <= 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 77); \
914 if (t <= 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 78); \
915 if (t <= 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 79); \
916 ihvout[0] = ihvin[0] + a; ihvout[1] = ihvin[1] + b; ihvout[2] = ihvin[2] + c; ihvout[3] = ihvin[3] + d; ihvout[4] = ihvin[4] + e; \
920 #pragma warning(push)
921 #pragma warning(disable: 4127) /* Complier complains about the checks in the above macro being constant. */
964 #ifdef DOSTORESTATE10
968 #ifdef DOSTORESTATE11
972 #ifdef DOSTORESTATE12
976 #ifdef DOSTORESTATE13
980 #ifdef DOSTORESTATE14
984 #ifdef DOSTORESTATE15
988 #ifdef DOSTORESTATE16
992 #ifdef DOSTORESTATE17
996 #ifdef DOSTORESTATE18
1000 #ifdef DOSTORESTATE19
1004 #ifdef DOSTORESTATE20
1008 #ifdef DOSTORESTATE21
1012 #ifdef DOSTORESTATE22
1016 #ifdef DOSTORESTATE23
1020 #ifdef DOSTORESTATE24
1024 #ifdef DOSTORESTATE25
1028 #ifdef DOSTORESTATE26
1032 #ifdef DOSTORESTATE27
1036 #ifdef DOSTORESTATE28
1040 #ifdef DOSTORESTATE29
1044 #ifdef DOSTORESTATE30
1048 #ifdef DOSTORESTATE31
1052 #ifdef DOSTORESTATE32
1056 #ifdef DOSTORESTATE33
1060 #ifdef DOSTORESTATE34
1064 #ifdef DOSTORESTATE35
1068 #ifdef DOSTORESTATE36
1072 #ifdef DOSTORESTATE37
1076 #ifdef DOSTORESTATE38
1080 #ifdef DOSTORESTATE39
1084 #ifdef DOSTORESTATE40
1088 #ifdef DOSTORESTATE41
1092 #ifdef DOSTORESTATE42
1096 #ifdef DOSTORESTATE43
1100 #ifdef DOSTORESTATE44
1104 #ifdef DOSTORESTATE45
1108 #ifdef DOSTORESTATE46
1112 #ifdef DOSTORESTATE47
1116 #ifdef DOSTORESTATE48
1120 #ifdef DOSTORESTATE49
1124 #ifdef DOSTORESTATE50
1128 #ifdef DOSTORESTATE51
1132 #ifdef DOSTORESTATE52
1136 #ifdef DOSTORESTATE53
1140 #ifdef DOSTORESTATE54
1144 #ifdef DOSTORESTATE55
1148 #ifdef DOSTORESTATE56
1152 #ifdef DOSTORESTATE57
1156 #ifdef DOSTORESTATE58
1160 #ifdef DOSTORESTATE59
1164 #ifdef DOSTORESTATE60
1168 #ifdef DOSTORESTATE61
1172 #ifdef DOSTORESTATE62
1176 #ifdef DOSTORESTATE63
1180 #ifdef DOSTORESTATE64
1184 #ifdef DOSTORESTATE65
1188 #ifdef DOSTORESTATE66
1192 #ifdef DOSTORESTATE67
1196 #ifdef DOSTORESTATE68
1200 #ifdef DOSTORESTATE69
1204 #ifdef DOSTORESTATE70
1208 #ifdef DOSTORESTATE71
1212 #ifdef DOSTORESTATE72
1216 #ifdef DOSTORESTATE73
1220 #ifdef DOSTORESTATE74
1224 #ifdef DOSTORESTATE75
1228 #ifdef DOSTORESTATE76
1232 #ifdef DOSTORESTATE77
1236 #ifdef DOSTORESTATE78
1240 #ifdef DOSTORESTATE79
1245 #pragma warning(pop)
1248 static void sha1_recompression_step(uint32_t step
, uint32_t ihvin
[5], uint32_t ihvout
[5], const uint32_t me2
[80], const uint32_t state
[5])
1252 #ifdef DOSTORESTATE0
1254 sha1recompress_fast_0(ihvin
, ihvout
, me2
, state
);
1257 #ifdef DOSTORESTATE1
1259 sha1recompress_fast_1(ihvin
, ihvout
, me2
, state
);
1262 #ifdef DOSTORESTATE2
1264 sha1recompress_fast_2(ihvin
, ihvout
, me2
, state
);
1267 #ifdef DOSTORESTATE3
1269 sha1recompress_fast_3(ihvin
, ihvout
, me2
, state
);
1272 #ifdef DOSTORESTATE4
1274 sha1recompress_fast_4(ihvin
, ihvout
, me2
, state
);
1277 #ifdef DOSTORESTATE5
1279 sha1recompress_fast_5(ihvin
, ihvout
, me2
, state
);
1282 #ifdef DOSTORESTATE6
1284 sha1recompress_fast_6(ihvin
, ihvout
, me2
, state
);
1287 #ifdef DOSTORESTATE7
1289 sha1recompress_fast_7(ihvin
, ihvout
, me2
, state
);
1292 #ifdef DOSTORESTATE8
1294 sha1recompress_fast_8(ihvin
, ihvout
, me2
, state
);
1297 #ifdef DOSTORESTATE9
1299 sha1recompress_fast_9(ihvin
, ihvout
, me2
, state
);
1302 #ifdef DOSTORESTATE10
1304 sha1recompress_fast_10(ihvin
, ihvout
, me2
, state
);
1307 #ifdef DOSTORESTATE11
1309 sha1recompress_fast_11(ihvin
, ihvout
, me2
, state
);
1312 #ifdef DOSTORESTATE12
1314 sha1recompress_fast_12(ihvin
, ihvout
, me2
, state
);
1317 #ifdef DOSTORESTATE13
1319 sha1recompress_fast_13(ihvin
, ihvout
, me2
, state
);
1322 #ifdef DOSTORESTATE14
1324 sha1recompress_fast_14(ihvin
, ihvout
, me2
, state
);
1327 #ifdef DOSTORESTATE15
1329 sha1recompress_fast_15(ihvin
, ihvout
, me2
, state
);
1332 #ifdef DOSTORESTATE16
1334 sha1recompress_fast_16(ihvin
, ihvout
, me2
, state
);
1337 #ifdef DOSTORESTATE17
1339 sha1recompress_fast_17(ihvin
, ihvout
, me2
, state
);
1342 #ifdef DOSTORESTATE18
1344 sha1recompress_fast_18(ihvin
, ihvout
, me2
, state
);
1347 #ifdef DOSTORESTATE19
1349 sha1recompress_fast_19(ihvin
, ihvout
, me2
, state
);
1352 #ifdef DOSTORESTATE20
1354 sha1recompress_fast_20(ihvin
, ihvout
, me2
, state
);
1357 #ifdef DOSTORESTATE21
1359 sha1recompress_fast_21(ihvin
, ihvout
, me2
, state
);
1362 #ifdef DOSTORESTATE22
1364 sha1recompress_fast_22(ihvin
, ihvout
, me2
, state
);
1367 #ifdef DOSTORESTATE23
1369 sha1recompress_fast_23(ihvin
, ihvout
, me2
, state
);
1372 #ifdef DOSTORESTATE24
1374 sha1recompress_fast_24(ihvin
, ihvout
, me2
, state
);
1377 #ifdef DOSTORESTATE25
1379 sha1recompress_fast_25(ihvin
, ihvout
, me2
, state
);
1382 #ifdef DOSTORESTATE26
1384 sha1recompress_fast_26(ihvin
, ihvout
, me2
, state
);
1387 #ifdef DOSTORESTATE27
1389 sha1recompress_fast_27(ihvin
, ihvout
, me2
, state
);
1392 #ifdef DOSTORESTATE28
1394 sha1recompress_fast_28(ihvin
, ihvout
, me2
, state
);
1397 #ifdef DOSTORESTATE29
1399 sha1recompress_fast_29(ihvin
, ihvout
, me2
, state
);
1402 #ifdef DOSTORESTATE30
1404 sha1recompress_fast_30(ihvin
, ihvout
, me2
, state
);
1407 #ifdef DOSTORESTATE31
1409 sha1recompress_fast_31(ihvin
, ihvout
, me2
, state
);
1412 #ifdef DOSTORESTATE32
1414 sha1recompress_fast_32(ihvin
, ihvout
, me2
, state
);
1417 #ifdef DOSTORESTATE33
1419 sha1recompress_fast_33(ihvin
, ihvout
, me2
, state
);
1422 #ifdef DOSTORESTATE34
1424 sha1recompress_fast_34(ihvin
, ihvout
, me2
, state
);
1427 #ifdef DOSTORESTATE35
1429 sha1recompress_fast_35(ihvin
, ihvout
, me2
, state
);
1432 #ifdef DOSTORESTATE36
1434 sha1recompress_fast_36(ihvin
, ihvout
, me2
, state
);
1437 #ifdef DOSTORESTATE37
1439 sha1recompress_fast_37(ihvin
, ihvout
, me2
, state
);
1442 #ifdef DOSTORESTATE38
1444 sha1recompress_fast_38(ihvin
, ihvout
, me2
, state
);
1447 #ifdef DOSTORESTATE39
1449 sha1recompress_fast_39(ihvin
, ihvout
, me2
, state
);
1452 #ifdef DOSTORESTATE40
1454 sha1recompress_fast_40(ihvin
, ihvout
, me2
, state
);
1457 #ifdef DOSTORESTATE41
1459 sha1recompress_fast_41(ihvin
, ihvout
, me2
, state
);
1462 #ifdef DOSTORESTATE42
1464 sha1recompress_fast_42(ihvin
, ihvout
, me2
, state
);
1467 #ifdef DOSTORESTATE43
1469 sha1recompress_fast_43(ihvin
, ihvout
, me2
, state
);
1472 #ifdef DOSTORESTATE44
1474 sha1recompress_fast_44(ihvin
, ihvout
, me2
, state
);
1477 #ifdef DOSTORESTATE45
1479 sha1recompress_fast_45(ihvin
, ihvout
, me2
, state
);
1482 #ifdef DOSTORESTATE46
1484 sha1recompress_fast_46(ihvin
, ihvout
, me2
, state
);
1487 #ifdef DOSTORESTATE47
1489 sha1recompress_fast_47(ihvin
, ihvout
, me2
, state
);
1492 #ifdef DOSTORESTATE48
1494 sha1recompress_fast_48(ihvin
, ihvout
, me2
, state
);
1497 #ifdef DOSTORESTATE49
1499 sha1recompress_fast_49(ihvin
, ihvout
, me2
, state
);
1502 #ifdef DOSTORESTATE50
1504 sha1recompress_fast_50(ihvin
, ihvout
, me2
, state
);
1507 #ifdef DOSTORESTATE51
1509 sha1recompress_fast_51(ihvin
, ihvout
, me2
, state
);
1512 #ifdef DOSTORESTATE52
1514 sha1recompress_fast_52(ihvin
, ihvout
, me2
, state
);
1517 #ifdef DOSTORESTATE53
1519 sha1recompress_fast_53(ihvin
, ihvout
, me2
, state
);
1522 #ifdef DOSTORESTATE54
1524 sha1recompress_fast_54(ihvin
, ihvout
, me2
, state
);
1527 #ifdef DOSTORESTATE55
1529 sha1recompress_fast_55(ihvin
, ihvout
, me2
, state
);
1532 #ifdef DOSTORESTATE56
1534 sha1recompress_fast_56(ihvin
, ihvout
, me2
, state
);
1537 #ifdef DOSTORESTATE57
1539 sha1recompress_fast_57(ihvin
, ihvout
, me2
, state
);
1542 #ifdef DOSTORESTATE58
1544 sha1recompress_fast_58(ihvin
, ihvout
, me2
, state
);
1547 #ifdef DOSTORESTATE59
1549 sha1recompress_fast_59(ihvin
, ihvout
, me2
, state
);
1552 #ifdef DOSTORESTATE60
1554 sha1recompress_fast_60(ihvin
, ihvout
, me2
, state
);
1557 #ifdef DOSTORESTATE61
1559 sha1recompress_fast_61(ihvin
, ihvout
, me2
, state
);
1562 #ifdef DOSTORESTATE62
1564 sha1recompress_fast_62(ihvin
, ihvout
, me2
, state
);
1567 #ifdef DOSTORESTATE63
1569 sha1recompress_fast_63(ihvin
, ihvout
, me2
, state
);
1572 #ifdef DOSTORESTATE64
1574 sha1recompress_fast_64(ihvin
, ihvout
, me2
, state
);
1577 #ifdef DOSTORESTATE65
1579 sha1recompress_fast_65(ihvin
, ihvout
, me2
, state
);
1582 #ifdef DOSTORESTATE66
1584 sha1recompress_fast_66(ihvin
, ihvout
, me2
, state
);
1587 #ifdef DOSTORESTATE67
1589 sha1recompress_fast_67(ihvin
, ihvout
, me2
, state
);
1592 #ifdef DOSTORESTATE68
1594 sha1recompress_fast_68(ihvin
, ihvout
, me2
, state
);
1597 #ifdef DOSTORESTATE69
1599 sha1recompress_fast_69(ihvin
, ihvout
, me2
, state
);
1602 #ifdef DOSTORESTATE70
1604 sha1recompress_fast_70(ihvin
, ihvout
, me2
, state
);
1607 #ifdef DOSTORESTATE71
1609 sha1recompress_fast_71(ihvin
, ihvout
, me2
, state
);
1612 #ifdef DOSTORESTATE72
1614 sha1recompress_fast_72(ihvin
, ihvout
, me2
, state
);
1617 #ifdef DOSTORESTATE73
1619 sha1recompress_fast_73(ihvin
, ihvout
, me2
, state
);
1622 #ifdef DOSTORESTATE74
1624 sha1recompress_fast_74(ihvin
, ihvout
, me2
, state
);
1627 #ifdef DOSTORESTATE75
1629 sha1recompress_fast_75(ihvin
, ihvout
, me2
, state
);
1632 #ifdef DOSTORESTATE76
1634 sha1recompress_fast_76(ihvin
, ihvout
, me2
, state
);
1637 #ifdef DOSTORESTATE77
1639 sha1recompress_fast_77(ihvin
, ihvout
, me2
, state
);
1642 #ifdef DOSTORESTATE78
1644 sha1recompress_fast_78(ihvin
, ihvout
, me2
, state
);
1647 #ifdef DOSTORESTATE79
1649 sha1recompress_fast_79(ihvin
, ihvout
, me2
, state
);
1660 static void sha1_process(SHA1_CTX
* ctx
, const uint32_t block
[16])
1663 uint32_t ubc_dv_mask
[DVMASKSIZE
] = { 0xFFFFFFFF };
1666 ctx
->ihv1
[0] = ctx
->ihv
[0];
1667 ctx
->ihv1
[1] = ctx
->ihv
[1];
1668 ctx
->ihv1
[2] = ctx
->ihv
[2];
1669 ctx
->ihv1
[3] = ctx
->ihv
[3];
1670 ctx
->ihv1
[4] = ctx
->ihv
[4];
1672 sha1_compression_states(ctx
->ihv
, block
, ctx
->m1
, ctx
->states
);
1674 if (ctx
->detect_coll
)
1678 ubc_check(ctx
->m1
, ubc_dv_mask
);
1681 if (ubc_dv_mask
[0] != 0)
1683 for (i
= 0; sha1_dvs
[i
].dvType
!= 0; ++i
)
1685 if (ubc_dv_mask
[0] & ((uint32_t)(1) << sha1_dvs
[i
].maskb
))
1687 for (j
= 0; j
< 80; ++j
)
1688 ctx
->m2
[j
] = ctx
->m1
[j
] ^ sha1_dvs
[i
].dm
[j
];
1690 sha1_recompression_step(sha1_dvs
[i
].testt
, ctx
->ihv2
, ihvtmp
, ctx
->m2
, ctx
->states
[sha1_dvs
[i
].testt
]);
1692 /* to verify SHA-1 collision detection code with collisions for reduced-step SHA-1 */
1693 if ((0 == ((ihvtmp
[0] ^ ctx
->ihv
[0]) | (ihvtmp
[1] ^ ctx
->ihv
[1]) | (ihvtmp
[2] ^ ctx
->ihv
[2]) | (ihvtmp
[3] ^ ctx
->ihv
[3]) | (ihvtmp
[4] ^ ctx
->ihv
[4])))
1694 || (ctx
->reduced_round_coll
&& 0==((ctx
->ihv1
[0] ^ ctx
->ihv2
[0]) | (ctx
->ihv1
[1] ^ ctx
->ihv2
[1]) | (ctx
->ihv1
[2] ^ ctx
->ihv2
[2]) | (ctx
->ihv1
[3] ^ ctx
->ihv2
[3]) | (ctx
->ihv1
[4] ^ ctx
->ihv2
[4]))))
1696 ctx
->found_collision
= 1;
1700 sha1_compression_W(ctx
->ihv
, ctx
->m1
);
1701 sha1_compression_W(ctx
->ihv
, ctx
->m1
);
1712 void SHA1DCInit(SHA1_CTX
* ctx
)
1715 ctx
->ihv
[0] = 0x67452301;
1716 ctx
->ihv
[1] = 0xEFCDAB89;
1717 ctx
->ihv
[2] = 0x98BADCFE;
1718 ctx
->ihv
[3] = 0x10325476;
1719 ctx
->ihv
[4] = 0xC3D2E1F0;
1720 ctx
->found_collision
= 0;
1721 ctx
->safe_hash
= SHA1DC_INIT_SAFE_HASH_DEFAULT
;
1723 ctx
->detect_coll
= 1;
1724 ctx
->reduced_round_coll
= 0;
1725 ctx
->callback
= NULL
;
1728 void SHA1DCSetSafeHash(SHA1_CTX
* ctx
, int safehash
)
1737 void SHA1DCSetUseUBC(SHA1_CTX
* ctx
, int ubc_check
)
1745 void SHA1DCSetUseDetectColl(SHA1_CTX
* ctx
, int detect_coll
)
1748 ctx
->detect_coll
= 1;
1750 ctx
->detect_coll
= 0;
1753 void SHA1DCSetDetectReducedRoundCollision(SHA1_CTX
* ctx
, int reduced_round_coll
)
1755 if (reduced_round_coll
)
1756 ctx
->reduced_round_coll
= 1;
1758 ctx
->reduced_round_coll
= 0;
1761 void SHA1DCSetCallback(SHA1_CTX
* ctx
, collision_block_callback callback
)
1763 ctx
->callback
= callback
;
1766 void SHA1DCUpdate(SHA1_CTX
* ctx
, const char* buf
, size_t len
)
1768 unsigned left
, fill
;
1773 left
= ctx
->total
& 63;
1776 if (left
&& len
>= fill
)
1779 memcpy(ctx
->buffer
+ left
, buf
, fill
);
1780 sha1_process(ctx
, (uint32_t*)(ctx
->buffer
));
1789 #if defined(SHA1DC_ALLOW_UNALIGNED_ACCESS)
1790 sha1_process(ctx
, (uint32_t*)(buf
));
1792 memcpy(ctx
->buffer
, buf
, 64);
1793 sha1_process(ctx
, (uint32_t*)(ctx
->buffer
));
1794 #endif /* defined(SHA1DC_ALLOW_UNALIGNED_ACCESS) */
1801 memcpy(ctx
->buffer
+ left
, buf
, len
);
1805 static const unsigned char sha1_padding
[64] =
1807 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1808 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1809 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1810 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
1813 int SHA1DCFinal(unsigned char output
[20], SHA1_CTX
*ctx
)
1815 uint32_t last
= ctx
->total
& 63;
1816 uint32_t padn
= (last
< 56) ? (56 - last
) : (120 - last
);
1818 SHA1DCUpdate(ctx
, (const char*)(sha1_padding
), padn
);
1820 total
= ctx
->total
- padn
;
1822 ctx
->buffer
[56] = (unsigned char)(total
>> 56);
1823 ctx
->buffer
[57] = (unsigned char)(total
>> 48);
1824 ctx
->buffer
[58] = (unsigned char)(total
>> 40);
1825 ctx
->buffer
[59] = (unsigned char)(total
>> 32);
1826 ctx
->buffer
[60] = (unsigned char)(total
>> 24);
1827 ctx
->buffer
[61] = (unsigned char)(total
>> 16);
1828 ctx
->buffer
[62] = (unsigned char)(total
>> 8);
1829 ctx
->buffer
[63] = (unsigned char)(total
);
1830 sha1_process(ctx
, (uint32_t*)(ctx
->buffer
));
1831 output
[0] = (unsigned char)(ctx
->ihv
[0] >> 24);
1832 output
[1] = (unsigned char)(ctx
->ihv
[0] >> 16);
1833 output
[2] = (unsigned char)(ctx
->ihv
[0] >> 8);
1834 output
[3] = (unsigned char)(ctx
->ihv
[0]);
1835 output
[4] = (unsigned char)(ctx
->ihv
[1] >> 24);
1836 output
[5] = (unsigned char)(ctx
->ihv
[1] >> 16);
1837 output
[6] = (unsigned char)(ctx
->ihv
[1] >> 8);
1838 output
[7] = (unsigned char)(ctx
->ihv
[1]);
1839 output
[8] = (unsigned char)(ctx
->ihv
[2] >> 24);
1840 output
[9] = (unsigned char)(ctx
->ihv
[2] >> 16);
1841 output
[10] = (unsigned char)(ctx
->ihv
[2] >> 8);
1842 output
[11] = (unsigned char)(ctx
->ihv
[2]);
1843 output
[12] = (unsigned char)(ctx
->ihv
[3] >> 24);
1844 output
[13] = (unsigned char)(ctx
->ihv
[3] >> 16);
1845 output
[14] = (unsigned char)(ctx
->ihv
[3] >> 8);
1846 output
[15] = (unsigned char)(ctx
->ihv
[3]);
1847 output
[16] = (unsigned char)(ctx
->ihv
[4] >> 24);
1848 output
[17] = (unsigned char)(ctx
->ihv
[4] >> 16);
1849 output
[18] = (unsigned char)(ctx
->ihv
[4] >> 8);
1850 output
[19] = (unsigned char)(ctx
->ihv
[4]);
1851 return ctx
->found_collision
;
1854 #ifdef SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C
1855 #include SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C