| blob | 16ddd6aa39bf3ade18b8aa97221dc20a44d463e8 |
1 /*
2 *
3 * Based on the RFC 3174
4 *
5 * Full Copyright Statement
6 *
7 * Copyright (C) The Internet Society (2001). All Rights Reserved.
8 *
9 * This document and translations of it may be copied and furnished to
10 * others, and derivative works that comment on or otherwise explain it
11 * or assist in its implementation may be prepared, copied, published
12 * and distributed, in whole or in part, without restriction of any
13 * kind, provided that the above copyright notice and this paragraph are
14 * included on all such copies and derivative works. However, this
15 * document itself may not be modified in any way, such as by removing
16 * the copyright notice or references to the Internet Society or other
17 * Internet organizations, except as needed for the purpose of
18 * developing Internet standards in which case the procedures for
19 * copyrights defined in the Internet Standards process must be
20 * followed, or as required to translate it into languages other than
21 * English.
22 *
23 * The limited permissions granted above are perpetual and will not be
24 * revoked by the Internet Society or its successors or assigns.
26 * This document and the information contained herein is provided on an
27 * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
28 * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
29 * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
30 * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
31 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
32 *
33 *
34 *
35 * Description:
36 * This file implements the Secure Hashing Algorithm 1 as
37 * defined in FIPS PUB 180-1 published April 17, 1995.
38 *
39 * The SHA-1, produces a 160-bit message digest for a given
40 * data stream. It should take about 2**n steps to find a
41 * message with the same digest as a given message and
42 * 2**(n/2) to find any two messages with the same digest,
43 * when n is the digest size in bits. Therefore, this
44 * algorithm can serve as a means of providing a
45 * "fingerprint" for a message.
46 *
47 * Portability Issues:
48 * SHA-1 is defined in terms of 32-bit "words". This code
49 * uses <stdint.h> (included via "sha1.h" to define 32 and 8
50 * bit unsigned integer types. If your C compiler does not
51 * support 32 bit unsigned integers, this code is not
52 * appropriate.
53 *
54 * Caveats:
55 * SHA-1 is designed to work with messages less than 2^64 bits
56 * long. Although SHA-1 allows a message digest to be generated
57 * for messages of any number of bits less than 2^64, this
58 * implementation only works with messages with a length that is
59 * a multiple of the size of an 8-bit character.
60 *
61 */
66 /*
67 * Define the SHA1 circular left shift macro
68 */
69 #define SHA1CircularShift(bits,word) \
70 (((word) << (bits)) | ((word) >> (32-(bits))))
72 /* Local Function Prototyptes */
76 /*
77 * SHA1Reset
78 *
79 * Description:
80 * This function will initialize the SHA1Context in preparation
81 * for computing a new SHA1 message digest.
82 *
83 * Parameters:
84 * context: [in/out]
85 * The context to reset.
86 *
87 * Returns:
88 * sha Error Code.
89 *
90 */
92 {
95 }
111 }
113 /*
114 * SHA1Result
115 *
116 * Description:
117 * This function will return the 160-bit message digest into the
118 * Message_Digest array provided by the caller.
119 * NOTE: The first octet of hash is stored in the 0th element,
120 * the last octet of hash in the 19th element.
121 *
122 * Parameters:
123 * context: [in/out]
124 * The context to use to calculate the SHA-1 hash.
125 * Message_Digest: [out]
126 * Where the digest is returned.
127 *
128 * Returns:
129 * sha Error Code.
130 *
131 */
134 {
139 }
143 }
148 /* message may be sensitive, clear it out */
150 }
154 }
158 }
161 }
163 /*
164 * SHA1Input
165 *
166 * Description:
167 * This function accepts an array of octets as the next portion
168 * of the message.
169 *
170 * Parameters:
171 * context: [in/out]
172 * The SHA context to update
173 * message_array: [in]
174 * An array of characters representing the next portion of
175 * the message.
176 * length: [in]
177 * The length of the message in message_array
178 *
179 * Returns:
180 * sha Error Code.
181 *
182 */
184 {
187 }
191 }
196 }
200 }
209 /* Message is too long */
211 }
212 }
216 }
218 message_array++;
219 }
222 }
224 /*
225 * SHA1ProcessMessageBlock
226 *
227 * Description:
228 * This function will process the next 512 bits of the message
229 * stored in the Message_Block array.
230 *
231 * Parameters:
232 * None.
233 *
234 * Returns:
235 * Nothing.
236 *
237 * Comments:
238 * Many of the variable names in this code, especially the
239 * single character names, were used because those were the
240 * names used in the publication.
241 *
242 *
243 */
245 {
250 0xCA62C1D6
251 };
257 /*
258 * Initialize the first 16 words in the array W
259 */
265 }
269 }
284 }
293 }
302 }
311 }
320 }
323 /*
324 * SHA1PadMessage
325 *
326 * Description:
327 * According to the standard, the message must be padded to an even
328 * 512 bits. The first padding bit must be a '1'. The last 64
329 * bits represent the length of the original message. All bits in
330 * between should be 0. This function will pad the message
331 * according to those rules by filling the Message_Block array
332 * accordingly. It will also call the ProcessMessageBlock function
333 * provided appropriately. When it returns, it can be assumed that
334 * the message digest has been computed.
335 *
336 * Parameters:
337 * context: [in/out]
338 * The context to pad
339 * ProcessMessageBlock: [in]
340 * The appropriate SHA*ProcessMessageBlock function
341 * Returns:
342 * Nothing.
343 *
344 */
347 {
348 /*
349 * Check to see if the current message block is too small to hold
350 * the initial padding bits and length. If so, we will pad the
351 * block, process it, and then continue padding into a second
352 * block.
353 */
358 }
364 }
369 }
370 }
372 /*
373 * Store the message length as the last 8 octets
374 */
385 }