Merge branch 'bw/protocol-v1'
[git.git] / sha1dc / sha1.c
blob25eded1399a8c3ae1532074ccdd388b24e660071
1 /***
2 * Copyright 2017 Marc Stevens <marc@marc-stevens.nl>, Dan Shumow (danshu@microsoft.com)
3 * Distributed under the MIT Software License.
4 * See accompanying file LICENSE.txt or copy at
5 * https://opensource.org/licenses/MIT
6 ***/
8 #ifndef SHA1DC_NO_STANDARD_INCLUDES
9 #include <string.h>
10 #include <memory.h>
11 #include <stdio.h>
12 #include <stdlib.h>
13 #ifdef __unix__
14 #include <sys/types.h> /* make sure macros like _BIG_ENDIAN visible */
15 #endif
16 #endif
18 #ifdef SHA1DC_CUSTOM_INCLUDE_SHA1_C
19 #include SHA1DC_CUSTOM_INCLUDE_SHA1_C
20 #endif
22 #ifndef SHA1DC_INIT_SAFE_HASH_DEFAULT
23 #define SHA1DC_INIT_SAFE_HASH_DEFAULT 1
24 #endif
26 #include "sha1.h"
27 #include "ubc_check.h"
29 #if (defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) || \
30 defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) || \
31 defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(__X86__) || \
32 defined(_X86_) || defined(__THW_INTEL__) || defined(__I86__) || defined(__INTEL__) || \
33 defined(__386) || defined(_M_X64) || defined(_M_AMD64))
34 #define SHA1DC_ON_INTEL_LIKE_PROCESSOR
35 #endif
38 Because Little-Endian architectures are most common,
39 we only set SHA1DC_BIGENDIAN if one of these conditions is met.
40 Note that all MSFT platforms are little endian,
41 so none of these will be defined under the MSC compiler.
42 If you are compiling on a big endian platform and your compiler does not define one of these,
43 you will have to add whatever macros your tool chain defines to indicate Big-Endianness.
46 #if defined(__BYTE_ORDER__) && defined(__ORDER_BIG_ENDIAN__)
48 * Should detect Big Endian under GCC since at least 4.6.0 (gcc svn
49 * rev #165881). See
50 * https://gcc.gnu.org/onlinedocs/cpp/Common-Predefined-Macros.html
52 * This also works under clang since 3.2, it copied the GCC-ism. See
53 * clang.git's 3b198a97d2 ("Preprocessor: add __BYTE_ORDER__
54 * predefined macro", 2012-07-27)
56 #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
57 #define SHA1DC_BIGENDIAN
58 #endif
60 /* Not under GCC-alike */
61 #elif defined(__BYTE_ORDER) && defined(__BIG_ENDIAN)
63 * Should detect Big Endian under glibc.git since 14245eb70e ("entered
64 * into RCS", 1992-11-25). Defined in <endian.h> which will have been
65 * brought in by standard headers. See glibc.git and
66 * https://sourceforge.net/p/predef/wiki/Endianness/
68 #if __BYTE_ORDER == __BIG_ENDIAN
69 #define SHA1DC_BIGENDIAN
70 #endif
72 /* Not under GCC-alike or glibc */
73 #elif defined(_BYTE_ORDER) && defined(_BIG_ENDIAN) && defined(_LITTLE_ENDIAN)
75 * *BSD and newlib (embeded linux, cygwin, etc).
76 * the defined(_BIG_ENDIAN) && defined(_LITTLE_ENDIAN) part prevents
77 * this condition from matching with Solaris/sparc.
78 * (Solaris defines only one endian macro)
80 #if _BYTE_ORDER == _BIG_ENDIAN
81 #define SHA1DC_BIGENDIAN
82 #endif
84 /* Not under GCC-alike or glibc or *BSD or newlib */
85 #elif (defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \
86 defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || \
87 defined(__sparc))
89 * Should define Big Endian for a whitelist of known processors. See
90 * https://sourceforge.net/p/predef/wiki/Endianness/ and
91 * http://www.oracle.com/technetwork/server-storage/solaris/portingtosolaris-138514.html
93 #define SHA1DC_BIGENDIAN
95 /* Not under GCC-alike or glibc or *BSD or newlib or <processor whitelist> */
96 #elif defined(SHA1DC_ON_INTEL_LIKE_PROCESSOR)
98 * As a last resort before we do anything else we're not 100% sure
99 * about below, we blacklist specific processors here. We could add
100 * more, see e.g. https://wiki.debian.org/ArchitectureSpecificsMemo
102 #else /* Not under GCC-alike or glibc or *BSD or newlib or <processor whitelist> or <processor blacklist> */
104 /* We do nothing more here for now */
105 /*#error "Uncomment this to see if you fall through all the detection"*/
107 #endif /* Big Endian detection */
109 #if (defined(SHA1DC_FORCE_LITTLEENDIAN) && defined(SHA1DC_BIGENDIAN))
110 #undef SHA1DC_BIGENDIAN
111 #endif
112 #if (defined(SHA1DC_FORCE_BIGENDIAN) && !defined(SHA1DC_BIGENDIAN))
113 #define SHA1DC_BIGENDIAN
114 #endif
115 /*ENDIANNESS SELECTION*/
117 #if defined(SHA1DC_FORCE_UNALIGNED_ACCESS) || defined(SHA1DC_ON_INTEL_LIKE_PROCESSOR)
118 #define SHA1DC_ALLOW_UNALIGNED_ACCESS
119 #endif /*UNALIGNMENT DETECTION*/
122 #define rotate_right(x,n) (((x)>>(n))|((x)<<(32-(n))))
123 #define rotate_left(x,n) (((x)<<(n))|((x)>>(32-(n))))
125 #define sha1_bswap32(x) \
126 {x = ((x << 8) & 0xFF00FF00) | ((x >> 8) & 0xFF00FF); x = (x << 16) | (x >> 16);}
128 #define sha1_mix(W, t) (rotate_left(W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16], 1))
130 #ifdef SHA1DC_BIGENDIAN
131 #define sha1_load(m, t, temp) { temp = m[t]; }
132 #else
133 #define sha1_load(m, t, temp) { temp = m[t]; sha1_bswap32(temp); }
134 #endif
136 #define sha1_store(W, t, x) *(volatile uint32_t *)&W[t] = x
138 #define sha1_f1(b,c,d) ((d)^((b)&((c)^(d))))
139 #define sha1_f2(b,c,d) ((b)^(c)^(d))
140 #define sha1_f3(b,c,d) (((b)&(c))+((d)&((b)^(c))))
141 #define sha1_f4(b,c,d) ((b)^(c)^(d))
143 #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, m, t) \
144 { e += rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; b = rotate_left(b, 30); }
145 #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, m, t) \
146 { e += rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; b = rotate_left(b, 30); }
147 #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, m, t) \
148 { e += rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; b = rotate_left(b, 30); }
149 #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, m, t) \
150 { e += rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; b = rotate_left(b, 30); }
152 #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, m, t) \
153 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; }
154 #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, m, t) \
155 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; }
156 #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, m, t) \
157 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; }
158 #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, m, t) \
159 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; }
161 #define SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, t, temp) \
162 {sha1_load(m, t, temp); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30);}
164 #define SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(a, b, c, d, e, W, t, temp) \
165 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30); }
167 #define SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, t, temp) \
168 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1; b = rotate_left(b, 30); }
170 #define SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, t, temp) \
171 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC; b = rotate_left(b, 30); }
173 #define SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, t, temp) \
174 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6; b = rotate_left(b, 30); }
177 #define SHA1_STORE_STATE(i) states[i][0] = a; states[i][1] = b; states[i][2] = c; states[i][3] = d; states[i][4] = e;
179 #ifdef BUILDNOCOLLDETECTSHA1COMPRESSION
180 void sha1_compression(uint32_t ihv[5], const uint32_t m[16])
182 uint32_t W[80];
183 uint32_t a,b,c,d,e;
184 unsigned i;
186 memcpy(W, m, 16 * 4);
187 for (i = 16; i < 80; ++i)
188 W[i] = sha1_mix(W, i);
190 a = ihv[0]; b = ihv[1]; c = ihv[2]; d = ihv[3]; e = ihv[4];
192 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 0);
193 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 1);
194 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 2);
195 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 3);
196 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 4);
197 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 5);
198 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 6);
199 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 7);
200 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 8);
201 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 9);
202 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 10);
203 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 11);
204 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 12);
205 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 13);
206 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 14);
207 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 15);
208 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 16);
209 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 17);
210 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 18);
211 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 19);
213 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 20);
214 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 21);
215 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 22);
216 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 23);
217 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 24);
218 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 25);
219 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 26);
220 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 27);
221 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 28);
222 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 29);
223 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 30);
224 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 31);
225 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 32);
226 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 33);
227 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 34);
228 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 35);
229 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 36);
230 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 37);
231 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 38);
232 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 39);
234 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 40);
235 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 41);
236 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 42);
237 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 43);
238 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 44);
239 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 45);
240 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 46);
241 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 47);
242 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 48);
243 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 49);
244 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 50);
245 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 51);
246 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 52);
247 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 53);
248 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 54);
249 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 55);
250 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 56);
251 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 57);
252 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 58);
253 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 59);
255 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 60);
256 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 61);
257 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 62);
258 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 63);
259 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 64);
260 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 65);
261 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 66);
262 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 67);
263 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 68);
264 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 69);
265 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 70);
266 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 71);
267 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 72);
268 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 73);
269 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 74);
270 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 75);
271 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 76);
272 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 77);
273 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 78);
274 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 79);
276 ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e;
278 #endif /*BUILDNOCOLLDETECTSHA1COMPRESSION*/
281 static void sha1_compression_W(uint32_t ihv[5], const uint32_t W[80])
283 uint32_t a = ihv[0], b = ihv[1], c = ihv[2], d = ihv[3], e = ihv[4];
285 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 0);
286 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 1);
287 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 2);
288 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 3);
289 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 4);
290 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 5);
291 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 6);
292 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 7);
293 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 8);
294 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 9);
295 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 10);
296 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 11);
297 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 12);
298 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 13);
299 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 14);
300 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 15);
301 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 16);
302 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 17);
303 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 18);
304 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 19);
306 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 20);
307 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 21);
308 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 22);
309 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 23);
310 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 24);
311 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 25);
312 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 26);
313 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 27);
314 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 28);
315 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 29);
316 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 30);
317 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 31);
318 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 32);
319 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 33);
320 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 34);
321 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 35);
322 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 36);
323 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 37);
324 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 38);
325 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 39);
327 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 40);
328 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 41);
329 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 42);
330 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 43);
331 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 44);
332 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 45);
333 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 46);
334 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 47);
335 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 48);
336 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 49);
337 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 50);
338 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 51);
339 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 52);
340 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 53);
341 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 54);
342 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 55);
343 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 56);
344 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 57);
345 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 58);
346 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 59);
348 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 60);
349 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 61);
350 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 62);
351 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 63);
352 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 64);
353 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 65);
354 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 66);
355 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 67);
356 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 68);
357 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 69);
358 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 70);
359 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 71);
360 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 72);
361 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 73);
362 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 74);
363 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 75);
364 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 76);
365 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 77);
366 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 78);
367 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 79);
369 ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e;
374 void sha1_compression_states(uint32_t ihv[5], const uint32_t m[16], uint32_t W[80], uint32_t states[80][5])
376 uint32_t a = ihv[0], b = ihv[1], c = ihv[2], d = ihv[3], e = ihv[4];
377 uint32_t temp;
379 #ifdef DOSTORESTATE00
380 SHA1_STORE_STATE(0)
381 #endif
382 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 0, temp);
384 #ifdef DOSTORESTATE01
385 SHA1_STORE_STATE(1)
386 #endif
387 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 1, temp);
389 #ifdef DOSTORESTATE02
390 SHA1_STORE_STATE(2)
391 #endif
392 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 2, temp);
394 #ifdef DOSTORESTATE03
395 SHA1_STORE_STATE(3)
396 #endif
397 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 3, temp);
399 #ifdef DOSTORESTATE04
400 SHA1_STORE_STATE(4)
401 #endif
402 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 4, temp);
404 #ifdef DOSTORESTATE05
405 SHA1_STORE_STATE(5)
406 #endif
407 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 5, temp);
409 #ifdef DOSTORESTATE06
410 SHA1_STORE_STATE(6)
411 #endif
412 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 6, temp);
414 #ifdef DOSTORESTATE07
415 SHA1_STORE_STATE(7)
416 #endif
417 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 7, temp);
419 #ifdef DOSTORESTATE08
420 SHA1_STORE_STATE(8)
421 #endif
422 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 8, temp);
424 #ifdef DOSTORESTATE09
425 SHA1_STORE_STATE(9)
426 #endif
427 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 9, temp);
429 #ifdef DOSTORESTATE10
430 SHA1_STORE_STATE(10)
431 #endif
432 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 10, temp);
434 #ifdef DOSTORESTATE11
435 SHA1_STORE_STATE(11)
436 #endif
437 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 11, temp);
439 #ifdef DOSTORESTATE12
440 SHA1_STORE_STATE(12)
441 #endif
442 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 12, temp);
444 #ifdef DOSTORESTATE13
445 SHA1_STORE_STATE(13)
446 #endif
447 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 13, temp);
449 #ifdef DOSTORESTATE14
450 SHA1_STORE_STATE(14)
451 #endif
452 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 14, temp);
454 #ifdef DOSTORESTATE15
455 SHA1_STORE_STATE(15)
456 #endif
457 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 15, temp);
459 #ifdef DOSTORESTATE16
460 SHA1_STORE_STATE(16)
461 #endif
462 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(e, a, b, c, d, W, 16, temp);
464 #ifdef DOSTORESTATE17
465 SHA1_STORE_STATE(17)
466 #endif
467 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(d, e, a, b, c, W, 17, temp);
469 #ifdef DOSTORESTATE18
470 SHA1_STORE_STATE(18)
471 #endif
472 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(c, d, e, a, b, W, 18, temp);
474 #ifdef DOSTORESTATE19
475 SHA1_STORE_STATE(19)
476 #endif
477 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(b, c, d, e, a, W, 19, temp);
481 #ifdef DOSTORESTATE20
482 SHA1_STORE_STATE(20)
483 #endif
484 SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 20, temp);
486 #ifdef DOSTORESTATE21
487 SHA1_STORE_STATE(21)
488 #endif
489 SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 21, temp);
491 #ifdef DOSTORESTATE22
492 SHA1_STORE_STATE(22)
493 #endif
494 SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 22, temp);
496 #ifdef DOSTORESTATE23
497 SHA1_STORE_STATE(23)
498 #endif
499 SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 23, temp);
501 #ifdef DOSTORESTATE24
502 SHA1_STORE_STATE(24)
503 #endif
504 SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 24, temp);
506 #ifdef DOSTORESTATE25
507 SHA1_STORE_STATE(25)
508 #endif
509 SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 25, temp);
511 #ifdef DOSTORESTATE26
512 SHA1_STORE_STATE(26)
513 #endif
514 SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 26, temp);
516 #ifdef DOSTORESTATE27
517 SHA1_STORE_STATE(27)
518 #endif
519 SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 27, temp);
521 #ifdef DOSTORESTATE28
522 SHA1_STORE_STATE(28)
523 #endif
524 SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 28, temp);
526 #ifdef DOSTORESTATE29
527 SHA1_STORE_STATE(29)
528 #endif
529 SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 29, temp);
531 #ifdef DOSTORESTATE30
532 SHA1_STORE_STATE(30)
533 #endif
534 SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 30, temp);
536 #ifdef DOSTORESTATE31
537 SHA1_STORE_STATE(31)
538 #endif
539 SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 31, temp);
541 #ifdef DOSTORESTATE32
542 SHA1_STORE_STATE(32)
543 #endif
544 SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 32, temp);
546 #ifdef DOSTORESTATE33
547 SHA1_STORE_STATE(33)
548 #endif
549 SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 33, temp);
551 #ifdef DOSTORESTATE34
552 SHA1_STORE_STATE(34)
553 #endif
554 SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 34, temp);
556 #ifdef DOSTORESTATE35
557 SHA1_STORE_STATE(35)
558 #endif
559 SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 35, temp);
561 #ifdef DOSTORESTATE36
562 SHA1_STORE_STATE(36)
563 #endif
564 SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 36, temp);
566 #ifdef DOSTORESTATE37
567 SHA1_STORE_STATE(37)
568 #endif
569 SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 37, temp);
571 #ifdef DOSTORESTATE38
572 SHA1_STORE_STATE(38)
573 #endif
574 SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 38, temp);
576 #ifdef DOSTORESTATE39
577 SHA1_STORE_STATE(39)
578 #endif
579 SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 39, temp);
583 #ifdef DOSTORESTATE40
584 SHA1_STORE_STATE(40)
585 #endif
586 SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 40, temp);
588 #ifdef DOSTORESTATE41
589 SHA1_STORE_STATE(41)
590 #endif
591 SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 41, temp);
593 #ifdef DOSTORESTATE42
594 SHA1_STORE_STATE(42)
595 #endif
596 SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 42, temp);
598 #ifdef DOSTORESTATE43
599 SHA1_STORE_STATE(43)
600 #endif
601 SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 43, temp);
603 #ifdef DOSTORESTATE44
604 SHA1_STORE_STATE(44)
605 #endif
606 SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 44, temp);
608 #ifdef DOSTORESTATE45
609 SHA1_STORE_STATE(45)
610 #endif
611 SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 45, temp);
613 #ifdef DOSTORESTATE46
614 SHA1_STORE_STATE(46)
615 #endif
616 SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 46, temp);
618 #ifdef DOSTORESTATE47
619 SHA1_STORE_STATE(47)
620 #endif
621 SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 47, temp);
623 #ifdef DOSTORESTATE48
624 SHA1_STORE_STATE(48)
625 #endif
626 SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 48, temp);
628 #ifdef DOSTORESTATE49
629 SHA1_STORE_STATE(49)
630 #endif
631 SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 49, temp);
633 #ifdef DOSTORESTATE50
634 SHA1_STORE_STATE(50)
635 #endif
636 SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 50, temp);
638 #ifdef DOSTORESTATE51
639 SHA1_STORE_STATE(51)
640 #endif
641 SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 51, temp);
643 #ifdef DOSTORESTATE52
644 SHA1_STORE_STATE(52)
645 #endif
646 SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 52, temp);
648 #ifdef DOSTORESTATE53
649 SHA1_STORE_STATE(53)
650 #endif
651 SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 53, temp);
653 #ifdef DOSTORESTATE54
654 SHA1_STORE_STATE(54)
655 #endif
656 SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 54, temp);
658 #ifdef DOSTORESTATE55
659 SHA1_STORE_STATE(55)
660 #endif
661 SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 55, temp);
663 #ifdef DOSTORESTATE56
664 SHA1_STORE_STATE(56)
665 #endif
666 SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 56, temp);
668 #ifdef DOSTORESTATE57
669 SHA1_STORE_STATE(57)
670 #endif
671 SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 57, temp);
673 #ifdef DOSTORESTATE58
674 SHA1_STORE_STATE(58)
675 #endif
676 SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 58, temp);
678 #ifdef DOSTORESTATE59
679 SHA1_STORE_STATE(59)
680 #endif
681 SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 59, temp);
686 #ifdef DOSTORESTATE60
687 SHA1_STORE_STATE(60)
688 #endif
689 SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 60, temp);
691 #ifdef DOSTORESTATE61
692 SHA1_STORE_STATE(61)
693 #endif
694 SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 61, temp);
696 #ifdef DOSTORESTATE62
697 SHA1_STORE_STATE(62)
698 #endif
699 SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 62, temp);
701 #ifdef DOSTORESTATE63
702 SHA1_STORE_STATE(63)
703 #endif
704 SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 63, temp);
706 #ifdef DOSTORESTATE64
707 SHA1_STORE_STATE(64)
708 #endif
709 SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 64, temp);
711 #ifdef DOSTORESTATE65
712 SHA1_STORE_STATE(65)
713 #endif
714 SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 65, temp);
716 #ifdef DOSTORESTATE66
717 SHA1_STORE_STATE(66)
718 #endif
719 SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 66, temp);
721 #ifdef DOSTORESTATE67
722 SHA1_STORE_STATE(67)
723 #endif
724 SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 67, temp);
726 #ifdef DOSTORESTATE68
727 SHA1_STORE_STATE(68)
728 #endif
729 SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 68, temp);
731 #ifdef DOSTORESTATE69
732 SHA1_STORE_STATE(69)
733 #endif
734 SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 69, temp);
736 #ifdef DOSTORESTATE70
737 SHA1_STORE_STATE(70)
738 #endif
739 SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 70, temp);
741 #ifdef DOSTORESTATE71
742 SHA1_STORE_STATE(71)
743 #endif
744 SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 71, temp);
746 #ifdef DOSTORESTATE72
747 SHA1_STORE_STATE(72)
748 #endif
749 SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 72, temp);
751 #ifdef DOSTORESTATE73
752 SHA1_STORE_STATE(73)
753 #endif
754 SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 73, temp);
756 #ifdef DOSTORESTATE74
757 SHA1_STORE_STATE(74)
758 #endif
759 SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 74, temp);
761 #ifdef DOSTORESTATE75
762 SHA1_STORE_STATE(75)
763 #endif
764 SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 75, temp);
766 #ifdef DOSTORESTATE76
767 SHA1_STORE_STATE(76)
768 #endif
769 SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 76, temp);
771 #ifdef DOSTORESTATE77
772 SHA1_STORE_STATE(77)
773 #endif
774 SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 77, temp);
776 #ifdef DOSTORESTATE78
777 SHA1_STORE_STATE(78)
778 #endif
779 SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 78, temp);
781 #ifdef DOSTORESTATE79
782 SHA1_STORE_STATE(79)
783 #endif
784 SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 79, temp);
788 ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e;
794 #define SHA1_RECOMPRESS(t) \
795 static void sha1recompress_fast_ ## t (uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5]) \
797 uint32_t a = state[0], b = state[1], c = state[2], d = state[3], e = state[4]; \
798 if (t > 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 79); \
799 if (t > 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 78); \
800 if (t > 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 77); \
801 if (t > 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 76); \
802 if (t > 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 75); \
803 if (t > 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 74); \
804 if (t > 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 73); \
805 if (t > 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 72); \
806 if (t > 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 71); \
807 if (t > 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 70); \
808 if (t > 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 69); \
809 if (t > 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 68); \
810 if (t > 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 67); \
811 if (t > 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 66); \
812 if (t > 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 65); \
813 if (t > 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 64); \
814 if (t > 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 63); \
815 if (t > 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 62); \
816 if (t > 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 61); \
817 if (t > 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 60); \
818 if (t > 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 59); \
819 if (t > 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 58); \
820 if (t > 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 57); \
821 if (t > 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 56); \
822 if (t > 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 55); \
823 if (t > 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 54); \
824 if (t > 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 53); \
825 if (t > 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 52); \
826 if (t > 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 51); \
827 if (t > 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 50); \
828 if (t > 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 49); \
829 if (t > 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 48); \
830 if (t > 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 47); \
831 if (t > 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 46); \
832 if (t > 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 45); \
833 if (t > 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 44); \
834 if (t > 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 43); \
835 if (t > 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 42); \
836 if (t > 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 41); \
837 if (t > 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 40); \
838 if (t > 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 39); \
839 if (t > 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 38); \
840 if (t > 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 37); \
841 if (t > 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 36); \
842 if (t > 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 35); \
843 if (t > 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 34); \
844 if (t > 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 33); \
845 if (t > 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 32); \
846 if (t > 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 31); \
847 if (t > 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 30); \
848 if (t > 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 29); \
849 if (t > 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 28); \
850 if (t > 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 27); \
851 if (t > 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 26); \
852 if (t > 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 25); \
853 if (t > 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 24); \
854 if (t > 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 23); \
855 if (t > 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 22); \
856 if (t > 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 21); \
857 if (t > 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 20); \
858 if (t > 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 19); \
859 if (t > 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 18); \
860 if (t > 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 17); \
861 if (t > 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 16); \
862 if (t > 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 15); \
863 if (t > 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 14); \
864 if (t > 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 13); \
865 if (t > 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 12); \
866 if (t > 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 11); \
867 if (t > 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 10); \
868 if (t > 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 9); \
869 if (t > 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 8); \
870 if (t > 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 7); \
871 if (t > 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 6); \
872 if (t > 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 5); \
873 if (t > 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 4); \
874 if (t > 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 3); \
875 if (t > 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 2); \
876 if (t > 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 1); \
877 if (t > 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 0); \
878 ihvin[0] = a; ihvin[1] = b; ihvin[2] = c; ihvin[3] = d; ihvin[4] = e; \
879 a = state[0]; b = state[1]; c = state[2]; d = state[3]; e = state[4]; \
880 if (t <= 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 0); \
881 if (t <= 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 1); \
882 if (t <= 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 2); \
883 if (t <= 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 3); \
884 if (t <= 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 4); \
885 if (t <= 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 5); \
886 if (t <= 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 6); \
887 if (t <= 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 7); \
888 if (t <= 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 8); \
889 if (t <= 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 9); \
890 if (t <= 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 10); \
891 if (t <= 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 11); \
892 if (t <= 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 12); \
893 if (t <= 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 13); \
894 if (t <= 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 14); \
895 if (t <= 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 15); \
896 if (t <= 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 16); \
897 if (t <= 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 17); \
898 if (t <= 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 18); \
899 if (t <= 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 19); \
900 if (t <= 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 20); \
901 if (t <= 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 21); \
902 if (t <= 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 22); \
903 if (t <= 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 23); \
904 if (t <= 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 24); \
905 if (t <= 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 25); \
906 if (t <= 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 26); \
907 if (t <= 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 27); \
908 if (t <= 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 28); \
909 if (t <= 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 29); \
910 if (t <= 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 30); \
911 if (t <= 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 31); \
912 if (t <= 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 32); \
913 if (t <= 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 33); \
914 if (t <= 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 34); \
915 if (t <= 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 35); \
916 if (t <= 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 36); \
917 if (t <= 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 37); \
918 if (t <= 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 38); \
919 if (t <= 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 39); \
920 if (t <= 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 40); \
921 if (t <= 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 41); \
922 if (t <= 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 42); \
923 if (t <= 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 43); \
924 if (t <= 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 44); \
925 if (t <= 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 45); \
926 if (t <= 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 46); \
927 if (t <= 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 47); \
928 if (t <= 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 48); \
929 if (t <= 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 49); \
930 if (t <= 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 50); \
931 if (t <= 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 51); \
932 if (t <= 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 52); \
933 if (t <= 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 53); \
934 if (t <= 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 54); \
935 if (t <= 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 55); \
936 if (t <= 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 56); \
937 if (t <= 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 57); \
938 if (t <= 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 58); \
939 if (t <= 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 59); \
940 if (t <= 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 60); \
941 if (t <= 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 61); \
942 if (t <= 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 62); \
943 if (t <= 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 63); \
944 if (t <= 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 64); \
945 if (t <= 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 65); \
946 if (t <= 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 66); \
947 if (t <= 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 67); \
948 if (t <= 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 68); \
949 if (t <= 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 69); \
950 if (t <= 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 70); \
951 if (t <= 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 71); \
952 if (t <= 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 72); \
953 if (t <= 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 73); \
954 if (t <= 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 74); \
955 if (t <= 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 75); \
956 if (t <= 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 76); \
957 if (t <= 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 77); \
958 if (t <= 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 78); \
959 if (t <= 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 79); \
960 ihvout[0] = ihvin[0] + a; ihvout[1] = ihvin[1] + b; ihvout[2] = ihvin[2] + c; ihvout[3] = ihvin[3] + d; ihvout[4] = ihvin[4] + e; \
963 #ifdef _MSC_VER
964 #pragma warning(push)
965 #pragma warning(disable: 4127) /* Compiler complains about the checks in the above macro being constant. */
966 #endif
968 #ifdef DOSTORESTATE0
969 SHA1_RECOMPRESS(0)
970 #endif
972 #ifdef DOSTORESTATE1
973 SHA1_RECOMPRESS(1)
974 #endif
976 #ifdef DOSTORESTATE2
977 SHA1_RECOMPRESS(2)
978 #endif
980 #ifdef DOSTORESTATE3
981 SHA1_RECOMPRESS(3)
982 #endif
984 #ifdef DOSTORESTATE4
985 SHA1_RECOMPRESS(4)
986 #endif
988 #ifdef DOSTORESTATE5
989 SHA1_RECOMPRESS(5)
990 #endif
992 #ifdef DOSTORESTATE6
993 SHA1_RECOMPRESS(6)
994 #endif
996 #ifdef DOSTORESTATE7
997 SHA1_RECOMPRESS(7)
998 #endif
1000 #ifdef DOSTORESTATE8
1001 SHA1_RECOMPRESS(8)
1002 #endif
1004 #ifdef DOSTORESTATE9
1005 SHA1_RECOMPRESS(9)
1006 #endif
1008 #ifdef DOSTORESTATE10
1009 SHA1_RECOMPRESS(10)
1010 #endif
1012 #ifdef DOSTORESTATE11
1013 SHA1_RECOMPRESS(11)
1014 #endif
1016 #ifdef DOSTORESTATE12
1017 SHA1_RECOMPRESS(12)
1018 #endif
1020 #ifdef DOSTORESTATE13
1021 SHA1_RECOMPRESS(13)
1022 #endif
1024 #ifdef DOSTORESTATE14
1025 SHA1_RECOMPRESS(14)
1026 #endif
1028 #ifdef DOSTORESTATE15
1029 SHA1_RECOMPRESS(15)
1030 #endif
1032 #ifdef DOSTORESTATE16
1033 SHA1_RECOMPRESS(16)
1034 #endif
1036 #ifdef DOSTORESTATE17
1037 SHA1_RECOMPRESS(17)
1038 #endif
1040 #ifdef DOSTORESTATE18
1041 SHA1_RECOMPRESS(18)
1042 #endif
1044 #ifdef DOSTORESTATE19
1045 SHA1_RECOMPRESS(19)
1046 #endif
1048 #ifdef DOSTORESTATE20
1049 SHA1_RECOMPRESS(20)
1050 #endif
1052 #ifdef DOSTORESTATE21
1053 SHA1_RECOMPRESS(21)
1054 #endif
1056 #ifdef DOSTORESTATE22
1057 SHA1_RECOMPRESS(22)
1058 #endif
1060 #ifdef DOSTORESTATE23
1061 SHA1_RECOMPRESS(23)
1062 #endif
1064 #ifdef DOSTORESTATE24
1065 SHA1_RECOMPRESS(24)
1066 #endif
1068 #ifdef DOSTORESTATE25
1069 SHA1_RECOMPRESS(25)
1070 #endif
1072 #ifdef DOSTORESTATE26
1073 SHA1_RECOMPRESS(26)
1074 #endif
1076 #ifdef DOSTORESTATE27
1077 SHA1_RECOMPRESS(27)
1078 #endif
1080 #ifdef DOSTORESTATE28
1081 SHA1_RECOMPRESS(28)
1082 #endif
1084 #ifdef DOSTORESTATE29
1085 SHA1_RECOMPRESS(29)
1086 #endif
1088 #ifdef DOSTORESTATE30
1089 SHA1_RECOMPRESS(30)
1090 #endif
1092 #ifdef DOSTORESTATE31
1093 SHA1_RECOMPRESS(31)
1094 #endif
1096 #ifdef DOSTORESTATE32
1097 SHA1_RECOMPRESS(32)
1098 #endif
1100 #ifdef DOSTORESTATE33
1101 SHA1_RECOMPRESS(33)
1102 #endif
1104 #ifdef DOSTORESTATE34
1105 SHA1_RECOMPRESS(34)
1106 #endif
1108 #ifdef DOSTORESTATE35
1109 SHA1_RECOMPRESS(35)
1110 #endif
1112 #ifdef DOSTORESTATE36
1113 SHA1_RECOMPRESS(36)
1114 #endif
1116 #ifdef DOSTORESTATE37
1117 SHA1_RECOMPRESS(37)
1118 #endif
1120 #ifdef DOSTORESTATE38
1121 SHA1_RECOMPRESS(38)
1122 #endif
1124 #ifdef DOSTORESTATE39
1125 SHA1_RECOMPRESS(39)
1126 #endif
1128 #ifdef DOSTORESTATE40
1129 SHA1_RECOMPRESS(40)
1130 #endif
1132 #ifdef DOSTORESTATE41
1133 SHA1_RECOMPRESS(41)
1134 #endif
1136 #ifdef DOSTORESTATE42
1137 SHA1_RECOMPRESS(42)
1138 #endif
1140 #ifdef DOSTORESTATE43
1141 SHA1_RECOMPRESS(43)
1142 #endif
1144 #ifdef DOSTORESTATE44
1145 SHA1_RECOMPRESS(44)
1146 #endif
1148 #ifdef DOSTORESTATE45
1149 SHA1_RECOMPRESS(45)
1150 #endif
1152 #ifdef DOSTORESTATE46
1153 SHA1_RECOMPRESS(46)
1154 #endif
1156 #ifdef DOSTORESTATE47
1157 SHA1_RECOMPRESS(47)
1158 #endif
1160 #ifdef DOSTORESTATE48
1161 SHA1_RECOMPRESS(48)
1162 #endif
1164 #ifdef DOSTORESTATE49
1165 SHA1_RECOMPRESS(49)
1166 #endif
1168 #ifdef DOSTORESTATE50
1169 SHA1_RECOMPRESS(50)
1170 #endif
1172 #ifdef DOSTORESTATE51
1173 SHA1_RECOMPRESS(51)
1174 #endif
1176 #ifdef DOSTORESTATE52
1177 SHA1_RECOMPRESS(52)
1178 #endif
1180 #ifdef DOSTORESTATE53
1181 SHA1_RECOMPRESS(53)
1182 #endif
1184 #ifdef DOSTORESTATE54
1185 SHA1_RECOMPRESS(54)
1186 #endif
1188 #ifdef DOSTORESTATE55
1189 SHA1_RECOMPRESS(55)
1190 #endif
1192 #ifdef DOSTORESTATE56
1193 SHA1_RECOMPRESS(56)
1194 #endif
1196 #ifdef DOSTORESTATE57
1197 SHA1_RECOMPRESS(57)
1198 #endif
1200 #ifdef DOSTORESTATE58
1201 SHA1_RECOMPRESS(58)
1202 #endif
1204 #ifdef DOSTORESTATE59
1205 SHA1_RECOMPRESS(59)
1206 #endif
1208 #ifdef DOSTORESTATE60
1209 SHA1_RECOMPRESS(60)
1210 #endif
1212 #ifdef DOSTORESTATE61
1213 SHA1_RECOMPRESS(61)
1214 #endif
1216 #ifdef DOSTORESTATE62
1217 SHA1_RECOMPRESS(62)
1218 #endif
1220 #ifdef DOSTORESTATE63
1221 SHA1_RECOMPRESS(63)
1222 #endif
1224 #ifdef DOSTORESTATE64
1225 SHA1_RECOMPRESS(64)
1226 #endif
1228 #ifdef DOSTORESTATE65
1229 SHA1_RECOMPRESS(65)
1230 #endif
1232 #ifdef DOSTORESTATE66
1233 SHA1_RECOMPRESS(66)
1234 #endif
1236 #ifdef DOSTORESTATE67
1237 SHA1_RECOMPRESS(67)
1238 #endif
1240 #ifdef DOSTORESTATE68
1241 SHA1_RECOMPRESS(68)
1242 #endif
1244 #ifdef DOSTORESTATE69
1245 SHA1_RECOMPRESS(69)
1246 #endif
1248 #ifdef DOSTORESTATE70
1249 SHA1_RECOMPRESS(70)
1250 #endif
1252 #ifdef DOSTORESTATE71
1253 SHA1_RECOMPRESS(71)
1254 #endif
1256 #ifdef DOSTORESTATE72
1257 SHA1_RECOMPRESS(72)
1258 #endif
1260 #ifdef DOSTORESTATE73
1261 SHA1_RECOMPRESS(73)
1262 #endif
1264 #ifdef DOSTORESTATE74
1265 SHA1_RECOMPRESS(74)
1266 #endif
1268 #ifdef DOSTORESTATE75
1269 SHA1_RECOMPRESS(75)
1270 #endif
1272 #ifdef DOSTORESTATE76
1273 SHA1_RECOMPRESS(76)
1274 #endif
1276 #ifdef DOSTORESTATE77
1277 SHA1_RECOMPRESS(77)
1278 #endif
1280 #ifdef DOSTORESTATE78
1281 SHA1_RECOMPRESS(78)
1282 #endif
1284 #ifdef DOSTORESTATE79
1285 SHA1_RECOMPRESS(79)
1286 #endif
1288 #ifdef _MSC_VER
1289 #pragma warning(pop)
1290 #endif
1292 static void sha1_recompression_step(uint32_t step, uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5])
1294 switch (step)
1296 #ifdef DOSTORESTATE0
1297 case 0:
1298 sha1recompress_fast_0(ihvin, ihvout, me2, state);
1299 break;
1300 #endif
1301 #ifdef DOSTORESTATE1
1302 case 1:
1303 sha1recompress_fast_1(ihvin, ihvout, me2, state);
1304 break;
1305 #endif
1306 #ifdef DOSTORESTATE2
1307 case 2:
1308 sha1recompress_fast_2(ihvin, ihvout, me2, state);
1309 break;
1310 #endif
1311 #ifdef DOSTORESTATE3
1312 case 3:
1313 sha1recompress_fast_3(ihvin, ihvout, me2, state);
1314 break;
1315 #endif
1316 #ifdef DOSTORESTATE4
1317 case 4:
1318 sha1recompress_fast_4(ihvin, ihvout, me2, state);
1319 break;
1320 #endif
1321 #ifdef DOSTORESTATE5
1322 case 5:
1323 sha1recompress_fast_5(ihvin, ihvout, me2, state);
1324 break;
1325 #endif
1326 #ifdef DOSTORESTATE6
1327 case 6:
1328 sha1recompress_fast_6(ihvin, ihvout, me2, state);
1329 break;
1330 #endif
1331 #ifdef DOSTORESTATE7
1332 case 7:
1333 sha1recompress_fast_7(ihvin, ihvout, me2, state);
1334 break;
1335 #endif
1336 #ifdef DOSTORESTATE8
1337 case 8:
1338 sha1recompress_fast_8(ihvin, ihvout, me2, state);
1339 break;
1340 #endif
1341 #ifdef DOSTORESTATE9
1342 case 9:
1343 sha1recompress_fast_9(ihvin, ihvout, me2, state);
1344 break;
1345 #endif
1346 #ifdef DOSTORESTATE10
1347 case 10:
1348 sha1recompress_fast_10(ihvin, ihvout, me2, state);
1349 break;
1350 #endif
1351 #ifdef DOSTORESTATE11
1352 case 11:
1353 sha1recompress_fast_11(ihvin, ihvout, me2, state);
1354 break;
1355 #endif
1356 #ifdef DOSTORESTATE12
1357 case 12:
1358 sha1recompress_fast_12(ihvin, ihvout, me2, state);
1359 break;
1360 #endif
1361 #ifdef DOSTORESTATE13
1362 case 13:
1363 sha1recompress_fast_13(ihvin, ihvout, me2, state);
1364 break;
1365 #endif
1366 #ifdef DOSTORESTATE14
1367 case 14:
1368 sha1recompress_fast_14(ihvin, ihvout, me2, state);
1369 break;
1370 #endif
1371 #ifdef DOSTORESTATE15
1372 case 15:
1373 sha1recompress_fast_15(ihvin, ihvout, me2, state);
1374 break;
1375 #endif
1376 #ifdef DOSTORESTATE16
1377 case 16:
1378 sha1recompress_fast_16(ihvin, ihvout, me2, state);
1379 break;
1380 #endif
1381 #ifdef DOSTORESTATE17
1382 case 17:
1383 sha1recompress_fast_17(ihvin, ihvout, me2, state);
1384 break;
1385 #endif
1386 #ifdef DOSTORESTATE18
1387 case 18:
1388 sha1recompress_fast_18(ihvin, ihvout, me2, state);
1389 break;
1390 #endif
1391 #ifdef DOSTORESTATE19
1392 case 19:
1393 sha1recompress_fast_19(ihvin, ihvout, me2, state);
1394 break;
1395 #endif
1396 #ifdef DOSTORESTATE20
1397 case 20:
1398 sha1recompress_fast_20(ihvin, ihvout, me2, state);
1399 break;
1400 #endif
1401 #ifdef DOSTORESTATE21
1402 case 21:
1403 sha1recompress_fast_21(ihvin, ihvout, me2, state);
1404 break;
1405 #endif
1406 #ifdef DOSTORESTATE22
1407 case 22:
1408 sha1recompress_fast_22(ihvin, ihvout, me2, state);
1409 break;
1410 #endif
1411 #ifdef DOSTORESTATE23
1412 case 23:
1413 sha1recompress_fast_23(ihvin, ihvout, me2, state);
1414 break;
1415 #endif
1416 #ifdef DOSTORESTATE24
1417 case 24:
1418 sha1recompress_fast_24(ihvin, ihvout, me2, state);
1419 break;
1420 #endif
1421 #ifdef DOSTORESTATE25
1422 case 25:
1423 sha1recompress_fast_25(ihvin, ihvout, me2, state);
1424 break;
1425 #endif
1426 #ifdef DOSTORESTATE26
1427 case 26:
1428 sha1recompress_fast_26(ihvin, ihvout, me2, state);
1429 break;
1430 #endif
1431 #ifdef DOSTORESTATE27
1432 case 27:
1433 sha1recompress_fast_27(ihvin, ihvout, me2, state);
1434 break;
1435 #endif
1436 #ifdef DOSTORESTATE28
1437 case 28:
1438 sha1recompress_fast_28(ihvin, ihvout, me2, state);
1439 break;
1440 #endif
1441 #ifdef DOSTORESTATE29
1442 case 29:
1443 sha1recompress_fast_29(ihvin, ihvout, me2, state);
1444 break;
1445 #endif
1446 #ifdef DOSTORESTATE30
1447 case 30:
1448 sha1recompress_fast_30(ihvin, ihvout, me2, state);
1449 break;
1450 #endif
1451 #ifdef DOSTORESTATE31
1452 case 31:
1453 sha1recompress_fast_31(ihvin, ihvout, me2, state);
1454 break;
1455 #endif
1456 #ifdef DOSTORESTATE32
1457 case 32:
1458 sha1recompress_fast_32(ihvin, ihvout, me2, state);
1459 break;
1460 #endif
1461 #ifdef DOSTORESTATE33
1462 case 33:
1463 sha1recompress_fast_33(ihvin, ihvout, me2, state);
1464 break;
1465 #endif
1466 #ifdef DOSTORESTATE34
1467 case 34:
1468 sha1recompress_fast_34(ihvin, ihvout, me2, state);
1469 break;
1470 #endif
1471 #ifdef DOSTORESTATE35
1472 case 35:
1473 sha1recompress_fast_35(ihvin, ihvout, me2, state);
1474 break;
1475 #endif
1476 #ifdef DOSTORESTATE36
1477 case 36:
1478 sha1recompress_fast_36(ihvin, ihvout, me2, state);
1479 break;
1480 #endif
1481 #ifdef DOSTORESTATE37
1482 case 37:
1483 sha1recompress_fast_37(ihvin, ihvout, me2, state);
1484 break;
1485 #endif
1486 #ifdef DOSTORESTATE38
1487 case 38:
1488 sha1recompress_fast_38(ihvin, ihvout, me2, state);
1489 break;
1490 #endif
1491 #ifdef DOSTORESTATE39
1492 case 39:
1493 sha1recompress_fast_39(ihvin, ihvout, me2, state);
1494 break;
1495 #endif
1496 #ifdef DOSTORESTATE40
1497 case 40:
1498 sha1recompress_fast_40(ihvin, ihvout, me2, state);
1499 break;
1500 #endif
1501 #ifdef DOSTORESTATE41
1502 case 41:
1503 sha1recompress_fast_41(ihvin, ihvout, me2, state);
1504 break;
1505 #endif
1506 #ifdef DOSTORESTATE42
1507 case 42:
1508 sha1recompress_fast_42(ihvin, ihvout, me2, state);
1509 break;
1510 #endif
1511 #ifdef DOSTORESTATE43
1512 case 43:
1513 sha1recompress_fast_43(ihvin, ihvout, me2, state);
1514 break;
1515 #endif
1516 #ifdef DOSTORESTATE44
1517 case 44:
1518 sha1recompress_fast_44(ihvin, ihvout, me2, state);
1519 break;
1520 #endif
1521 #ifdef DOSTORESTATE45
1522 case 45:
1523 sha1recompress_fast_45(ihvin, ihvout, me2, state);
1524 break;
1525 #endif
1526 #ifdef DOSTORESTATE46
1527 case 46:
1528 sha1recompress_fast_46(ihvin, ihvout, me2, state);
1529 break;
1530 #endif
1531 #ifdef DOSTORESTATE47
1532 case 47:
1533 sha1recompress_fast_47(ihvin, ihvout, me2, state);
1534 break;
1535 #endif
1536 #ifdef DOSTORESTATE48
1537 case 48:
1538 sha1recompress_fast_48(ihvin, ihvout, me2, state);
1539 break;
1540 #endif
1541 #ifdef DOSTORESTATE49
1542 case 49:
1543 sha1recompress_fast_49(ihvin, ihvout, me2, state);
1544 break;
1545 #endif
1546 #ifdef DOSTORESTATE50
1547 case 50:
1548 sha1recompress_fast_50(ihvin, ihvout, me2, state);
1549 break;
1550 #endif
1551 #ifdef DOSTORESTATE51
1552 case 51:
1553 sha1recompress_fast_51(ihvin, ihvout, me2, state);
1554 break;
1555 #endif
1556 #ifdef DOSTORESTATE52
1557 case 52:
1558 sha1recompress_fast_52(ihvin, ihvout, me2, state);
1559 break;
1560 #endif
1561 #ifdef DOSTORESTATE53
1562 case 53:
1563 sha1recompress_fast_53(ihvin, ihvout, me2, state);
1564 break;
1565 #endif
1566 #ifdef DOSTORESTATE54
1567 case 54:
1568 sha1recompress_fast_54(ihvin, ihvout, me2, state);
1569 break;
1570 #endif
1571 #ifdef DOSTORESTATE55
1572 case 55:
1573 sha1recompress_fast_55(ihvin, ihvout, me2, state);
1574 break;
1575 #endif
1576 #ifdef DOSTORESTATE56
1577 case 56:
1578 sha1recompress_fast_56(ihvin, ihvout, me2, state);
1579 break;
1580 #endif
1581 #ifdef DOSTORESTATE57
1582 case 57:
1583 sha1recompress_fast_57(ihvin, ihvout, me2, state);
1584 break;
1585 #endif
1586 #ifdef DOSTORESTATE58
1587 case 58:
1588 sha1recompress_fast_58(ihvin, ihvout, me2, state);
1589 break;
1590 #endif
1591 #ifdef DOSTORESTATE59
1592 case 59:
1593 sha1recompress_fast_59(ihvin, ihvout, me2, state);
1594 break;
1595 #endif
1596 #ifdef DOSTORESTATE60
1597 case 60:
1598 sha1recompress_fast_60(ihvin, ihvout, me2, state);
1599 break;
1600 #endif
1601 #ifdef DOSTORESTATE61
1602 case 61:
1603 sha1recompress_fast_61(ihvin, ihvout, me2, state);
1604 break;
1605 #endif
1606 #ifdef DOSTORESTATE62
1607 case 62:
1608 sha1recompress_fast_62(ihvin, ihvout, me2, state);
1609 break;
1610 #endif
1611 #ifdef DOSTORESTATE63
1612 case 63:
1613 sha1recompress_fast_63(ihvin, ihvout, me2, state);
1614 break;
1615 #endif
1616 #ifdef DOSTORESTATE64
1617 case 64:
1618 sha1recompress_fast_64(ihvin, ihvout, me2, state);
1619 break;
1620 #endif
1621 #ifdef DOSTORESTATE65
1622 case 65:
1623 sha1recompress_fast_65(ihvin, ihvout, me2, state);
1624 break;
1625 #endif
1626 #ifdef DOSTORESTATE66
1627 case 66:
1628 sha1recompress_fast_66(ihvin, ihvout, me2, state);
1629 break;
1630 #endif
1631 #ifdef DOSTORESTATE67
1632 case 67:
1633 sha1recompress_fast_67(ihvin, ihvout, me2, state);
1634 break;
1635 #endif
1636 #ifdef DOSTORESTATE68
1637 case 68:
1638 sha1recompress_fast_68(ihvin, ihvout, me2, state);
1639 break;
1640 #endif
1641 #ifdef DOSTORESTATE69
1642 case 69:
1643 sha1recompress_fast_69(ihvin, ihvout, me2, state);
1644 break;
1645 #endif
1646 #ifdef DOSTORESTATE70
1647 case 70:
1648 sha1recompress_fast_70(ihvin, ihvout, me2, state);
1649 break;
1650 #endif
1651 #ifdef DOSTORESTATE71
1652 case 71:
1653 sha1recompress_fast_71(ihvin, ihvout, me2, state);
1654 break;
1655 #endif
1656 #ifdef DOSTORESTATE72
1657 case 72:
1658 sha1recompress_fast_72(ihvin, ihvout, me2, state);
1659 break;
1660 #endif
1661 #ifdef DOSTORESTATE73
1662 case 73:
1663 sha1recompress_fast_73(ihvin, ihvout, me2, state);
1664 break;
1665 #endif
1666 #ifdef DOSTORESTATE74
1667 case 74:
1668 sha1recompress_fast_74(ihvin, ihvout, me2, state);
1669 break;
1670 #endif
1671 #ifdef DOSTORESTATE75
1672 case 75:
1673 sha1recompress_fast_75(ihvin, ihvout, me2, state);
1674 break;
1675 #endif
1676 #ifdef DOSTORESTATE76
1677 case 76:
1678 sha1recompress_fast_76(ihvin, ihvout, me2, state);
1679 break;
1680 #endif
1681 #ifdef DOSTORESTATE77
1682 case 77:
1683 sha1recompress_fast_77(ihvin, ihvout, me2, state);
1684 break;
1685 #endif
1686 #ifdef DOSTORESTATE78
1687 case 78:
1688 sha1recompress_fast_78(ihvin, ihvout, me2, state);
1689 break;
1690 #endif
1691 #ifdef DOSTORESTATE79
1692 case 79:
1693 sha1recompress_fast_79(ihvin, ihvout, me2, state);
1694 break;
1695 #endif
1696 default:
1697 abort();
1704 static void sha1_process(SHA1_CTX* ctx, const uint32_t block[16])
1706 unsigned i, j;
1707 uint32_t ubc_dv_mask[DVMASKSIZE] = { 0xFFFFFFFF };
1708 uint32_t ihvtmp[5];
1710 ctx->ihv1[0] = ctx->ihv[0];
1711 ctx->ihv1[1] = ctx->ihv[1];
1712 ctx->ihv1[2] = ctx->ihv[2];
1713 ctx->ihv1[3] = ctx->ihv[3];
1714 ctx->ihv1[4] = ctx->ihv[4];
1716 sha1_compression_states(ctx->ihv, block, ctx->m1, ctx->states);
1718 if (ctx->detect_coll)
1720 if (ctx->ubc_check)
1722 ubc_check(ctx->m1, ubc_dv_mask);
1725 if (ubc_dv_mask[0] != 0)
1727 for (i = 0; sha1_dvs[i].dvType != 0; ++i)
1729 if (ubc_dv_mask[0] & ((uint32_t)(1) << sha1_dvs[i].maskb))
1731 for (j = 0; j < 80; ++j)
1732 ctx->m2[j] = ctx->m1[j] ^ sha1_dvs[i].dm[j];
1734 sha1_recompression_step(sha1_dvs[i].testt, ctx->ihv2, ihvtmp, ctx->m2, ctx->states[sha1_dvs[i].testt]);
1736 /* to verify SHA-1 collision detection code with collisions for reduced-step SHA-1 */
1737 if ((0 == ((ihvtmp[0] ^ ctx->ihv[0]) | (ihvtmp[1] ^ ctx->ihv[1]) | (ihvtmp[2] ^ ctx->ihv[2]) | (ihvtmp[3] ^ ctx->ihv[3]) | (ihvtmp[4] ^ ctx->ihv[4])))
1738 || (ctx->reduced_round_coll && 0==((ctx->ihv1[0] ^ ctx->ihv2[0]) | (ctx->ihv1[1] ^ ctx->ihv2[1]) | (ctx->ihv1[2] ^ ctx->ihv2[2]) | (ctx->ihv1[3] ^ ctx->ihv2[3]) | (ctx->ihv1[4] ^ ctx->ihv2[4]))))
1740 ctx->found_collision = 1;
1742 if (ctx->safe_hash)
1744 sha1_compression_W(ctx->ihv, ctx->m1);
1745 sha1_compression_W(ctx->ihv, ctx->m1);
1748 break;
1756 void SHA1DCInit(SHA1_CTX* ctx)
1758 ctx->total = 0;
1759 ctx->ihv[0] = 0x67452301;
1760 ctx->ihv[1] = 0xEFCDAB89;
1761 ctx->ihv[2] = 0x98BADCFE;
1762 ctx->ihv[3] = 0x10325476;
1763 ctx->ihv[4] = 0xC3D2E1F0;
1764 ctx->found_collision = 0;
1765 ctx->safe_hash = SHA1DC_INIT_SAFE_HASH_DEFAULT;
1766 ctx->ubc_check = 1;
1767 ctx->detect_coll = 1;
1768 ctx->reduced_round_coll = 0;
1769 ctx->callback = NULL;
1772 void SHA1DCSetSafeHash(SHA1_CTX* ctx, int safehash)
1774 if (safehash)
1775 ctx->safe_hash = 1;
1776 else
1777 ctx->safe_hash = 0;
1781 void SHA1DCSetUseUBC(SHA1_CTX* ctx, int ubc_check)
1783 if (ubc_check)
1784 ctx->ubc_check = 1;
1785 else
1786 ctx->ubc_check = 0;
1789 void SHA1DCSetUseDetectColl(SHA1_CTX* ctx, int detect_coll)
1791 if (detect_coll)
1792 ctx->detect_coll = 1;
1793 else
1794 ctx->detect_coll = 0;
1797 void SHA1DCSetDetectReducedRoundCollision(SHA1_CTX* ctx, int reduced_round_coll)
1799 if (reduced_round_coll)
1800 ctx->reduced_round_coll = 1;
1801 else
1802 ctx->reduced_round_coll = 0;
1805 void SHA1DCSetCallback(SHA1_CTX* ctx, collision_block_callback callback)
1807 ctx->callback = callback;
1810 void SHA1DCUpdate(SHA1_CTX* ctx, const char* buf, size_t len)
1812 unsigned left, fill;
1814 if (len == 0)
1815 return;
1817 left = ctx->total & 63;
1818 fill = 64 - left;
1820 if (left && len >= fill)
1822 ctx->total += fill;
1823 memcpy(ctx->buffer + left, buf, fill);
1824 sha1_process(ctx, (uint32_t*)(ctx->buffer));
1825 buf += fill;
1826 len -= fill;
1827 left = 0;
1829 while (len >= 64)
1831 ctx->total += 64;
1833 #if defined(SHA1DC_ALLOW_UNALIGNED_ACCESS)
1834 sha1_process(ctx, (uint32_t*)(buf));
1835 #else
1836 memcpy(ctx->buffer, buf, 64);
1837 sha1_process(ctx, (uint32_t*)(ctx->buffer));
1838 #endif /* defined(SHA1DC_ALLOW_UNALIGNED_ACCESS) */
1839 buf += 64;
1840 len -= 64;
1842 if (len > 0)
1844 ctx->total += len;
1845 memcpy(ctx->buffer + left, buf, len);
1849 static const unsigned char sha1_padding[64] =
1851 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1852 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1853 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1854 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
1857 int SHA1DCFinal(unsigned char output[20], SHA1_CTX *ctx)
1859 uint32_t last = ctx->total & 63;
1860 uint32_t padn = (last < 56) ? (56 - last) : (120 - last);
1861 uint64_t total;
1862 SHA1DCUpdate(ctx, (const char*)(sha1_padding), padn);
1864 total = ctx->total - padn;
1865 total <<= 3;
1866 ctx->buffer[56] = (unsigned char)(total >> 56);
1867 ctx->buffer[57] = (unsigned char)(total >> 48);
1868 ctx->buffer[58] = (unsigned char)(total >> 40);
1869 ctx->buffer[59] = (unsigned char)(total >> 32);
1870 ctx->buffer[60] = (unsigned char)(total >> 24);
1871 ctx->buffer[61] = (unsigned char)(total >> 16);
1872 ctx->buffer[62] = (unsigned char)(total >> 8);
1873 ctx->buffer[63] = (unsigned char)(total);
1874 sha1_process(ctx, (uint32_t*)(ctx->buffer));
1875 output[0] = (unsigned char)(ctx->ihv[0] >> 24);
1876 output[1] = (unsigned char)(ctx->ihv[0] >> 16);
1877 output[2] = (unsigned char)(ctx->ihv[0] >> 8);
1878 output[3] = (unsigned char)(ctx->ihv[0]);
1879 output[4] = (unsigned char)(ctx->ihv[1] >> 24);
1880 output[5] = (unsigned char)(ctx->ihv[1] >> 16);
1881 output[6] = (unsigned char)(ctx->ihv[1] >> 8);
1882 output[7] = (unsigned char)(ctx->ihv[1]);
1883 output[8] = (unsigned char)(ctx->ihv[2] >> 24);
1884 output[9] = (unsigned char)(ctx->ihv[2] >> 16);
1885 output[10] = (unsigned char)(ctx->ihv[2] >> 8);
1886 output[11] = (unsigned char)(ctx->ihv[2]);
1887 output[12] = (unsigned char)(ctx->ihv[3] >> 24);
1888 output[13] = (unsigned char)(ctx->ihv[3] >> 16);
1889 output[14] = (unsigned char)(ctx->ihv[3] >> 8);
1890 output[15] = (unsigned char)(ctx->ihv[3]);
1891 output[16] = (unsigned char)(ctx->ihv[4] >> 24);
1892 output[17] = (unsigned char)(ctx->ihv[4] >> 16);
1893 output[18] = (unsigned char)(ctx->ihv[4] >> 8);
1894 output[19] = (unsigned char)(ctx->ihv[4]);
1895 return ctx->found_collision;
1898 #ifdef SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C
1899 #include SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C
1900 #endif