2 * Copyright 2017 Marc Stevens <marc@marc-stevens.nl>, Dan Shumow (danshu@microsoft.com)
3 * Distributed under the MIT Software License.
4 * See accompanying file LICENSE.txt or copy at
5 * https://opensource.org/licenses/MIT
8 #ifndef SHA1DC_NO_STANDARD_INCLUDES
15 #ifdef SHA1DC_CUSTOM_INCLUDE_SHA1_C
16 #include SHA1DC_CUSTOM_INCLUDE_SHA1_C
19 #ifndef SHA1DC_INIT_SAFE_HASH_DEFAULT
20 #define SHA1DC_INIT_SAFE_HASH_DEFAULT 1
24 #include "ubc_check.h"
28 Because Little-Endian architectures are most common,
29 we only set SHA1DC_BIGENDIAN if one of these conditions is met.
30 Note that all MSFT platforms are little endian,
31 so none of these will be defined under the MSC compiler.
32 If you are compiling on a big endian platform and your compiler does not define one of these,
33 you will have to add whatever macros your tool chain defines to indicate Big-Endianness.
35 #ifdef SHA1DC_BIGENDIAN
36 #undef SHA1DC_BIGENDIAN
38 #if (!defined SHA1DC_FORCE_LITTLEENDIAN) && \
39 ((defined(__BYTE_ORDER) && (__BYTE_ORDER == __BIG_ENDIAN)) || \
40 (defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)) || \
41 defined(_BIG_ENDIAN) || defined(__BIG_ENDIAN__) || defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \
42 defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__) || defined(SHA1DC_FORCE_BIGENDIAN))
44 #define SHA1DC_BIGENDIAN
46 #endif /*ENDIANNESS SELECTION*/
48 #if (defined SHA1DC_FORCE_UNALIGNED_ACCESS || \
49 defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) || \
50 defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) || \
51 defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(__X86__) || \
52 defined(_X86_) || defined(__THW_INTEL__) || defined(__I86__) || defined(__INTEL__) || \
53 defined(__386) || defined(_M_X64) || defined(_M_AMD64))
55 #define SHA1DC_ALLOW_UNALIGNED_ACCESS
57 #endif /*UNALIGNMENT DETECTION*/
60 #define rotate_right(x,n) (((x)>>(n))|((x)<<(32-(n))))
61 #define rotate_left(x,n) (((x)<<(n))|((x)>>(32-(n))))
63 #define sha1_bswap32(x) \
64 {x = ((x << 8) & 0xFF00FF00) | ((x >> 8) & 0xFF00FF); x = (x << 16) | (x >> 16);}
66 #define sha1_mix(W, t) (rotate_left(W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16], 1))
68 #ifdef SHA1DC_BIGENDIAN
69 #define sha1_load(m, t, temp) { temp = m[t]; }
71 #define sha1_load(m, t, temp) { temp = m[t]; sha1_bswap32(temp); }
74 #define sha1_store(W, t, x) *(volatile uint32_t *)&W[t] = x
76 #define sha1_f1(b,c,d) ((d)^((b)&((c)^(d))))
77 #define sha1_f2(b,c,d) ((b)^(c)^(d))
78 #define sha1_f3(b,c,d) (((b)&(c))+((d)&((b)^(c))))
79 #define sha1_f4(b,c,d) ((b)^(c)^(d))
81 #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, m, t) \
82 { e += rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; b = rotate_left(b, 30); }
83 #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, m, t) \
84 { e += rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; b = rotate_left(b, 30); }
85 #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, m, t) \
86 { e += rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; b = rotate_left(b, 30); }
87 #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, m, t) \
88 { e += rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; b = rotate_left(b, 30); }
90 #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, m, t) \
91 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; }
92 #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, m, t) \
93 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; }
94 #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, m, t) \
95 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; }
96 #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, m, t) \
97 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; }
99 #define SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, t, temp) \
100 {sha1_load(m, t, temp); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30);}
102 #define SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(a, b, c, d, e, W, t, temp) \
103 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30); }
105 #define SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, t, temp) \
106 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1; b = rotate_left(b, 30); }
108 #define SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, t, temp) \
109 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC; b = rotate_left(b, 30); }
111 #define SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, t, temp) \
112 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6; b = rotate_left(b, 30); }
115 #define SHA1_STORE_STATE(i) states[i][0] = a; states[i][1] = b; states[i][2] = c; states[i][3] = d; states[i][4] = e;
117 #ifdef BUILDNOCOLLDETECTSHA1COMPRESSION
118 void sha1_compression(uint32_t ihv
[5], const uint32_t m
[16])
124 memcpy(W
, m
, 16 * 4);
125 for (i
= 16; i
< 80; ++i
)
126 W
[i
] = sha1_mix(W
, i
);
128 a
= ihv
[0]; b
= ihv
[1]; c
= ihv
[2]; d
= ihv
[3]; e
= ihv
[4];
130 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 0);
131 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 1);
132 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 2);
133 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 3);
134 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 4);
135 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 5);
136 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 6);
137 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 7);
138 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 8);
139 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 9);
140 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 10);
141 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 11);
142 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 12);
143 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 13);
144 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 14);
145 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 15);
146 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 16);
147 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 17);
148 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 18);
149 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 19);
151 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 20);
152 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 21);
153 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 22);
154 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 23);
155 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 24);
156 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 25);
157 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 26);
158 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 27);
159 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 28);
160 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 29);
161 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 30);
162 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 31);
163 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 32);
164 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 33);
165 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 34);
166 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 35);
167 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 36);
168 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 37);
169 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 38);
170 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 39);
172 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 40);
173 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 41);
174 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 42);
175 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 43);
176 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 44);
177 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 45);
178 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 46);
179 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 47);
180 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 48);
181 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 49);
182 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 50);
183 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 51);
184 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 52);
185 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 53);
186 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 54);
187 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 55);
188 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 56);
189 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 57);
190 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 58);
191 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 59);
193 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 60);
194 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 61);
195 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 62);
196 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 63);
197 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 64);
198 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 65);
199 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 66);
200 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 67);
201 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 68);
202 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 69);
203 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 70);
204 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 71);
205 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 72);
206 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 73);
207 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 74);
208 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 75);
209 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 76);
210 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 77);
211 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 78);
212 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 79);
214 ihv
[0] += a
; ihv
[1] += b
; ihv
[2] += c
; ihv
[3] += d
; ihv
[4] += e
;
216 #endif /*BUILDNOCOLLDETECTSHA1COMPRESSION*/
219 static void sha1_compression_W(uint32_t ihv
[5], const uint32_t W
[80])
221 uint32_t a
= ihv
[0], b
= ihv
[1], c
= ihv
[2], d
= ihv
[3], e
= ihv
[4];
223 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 0);
224 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 1);
225 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 2);
226 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 3);
227 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 4);
228 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 5);
229 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 6);
230 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 7);
231 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 8);
232 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 9);
233 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 10);
234 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 11);
235 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 12);
236 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 13);
237 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 14);
238 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a
, b
, c
, d
, e
, W
, 15);
239 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e
, a
, b
, c
, d
, W
, 16);
240 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d
, e
, a
, b
, c
, W
, 17);
241 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c
, d
, e
, a
, b
, W
, 18);
242 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b
, c
, d
, e
, a
, W
, 19);
244 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 20);
245 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 21);
246 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 22);
247 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 23);
248 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 24);
249 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 25);
250 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 26);
251 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 27);
252 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 28);
253 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 29);
254 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 30);
255 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 31);
256 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 32);
257 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 33);
258 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 34);
259 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 35);
260 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 36);
261 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 37);
262 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 38);
263 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 39);
265 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 40);
266 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 41);
267 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 42);
268 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 43);
269 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 44);
270 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 45);
271 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 46);
272 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 47);
273 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 48);
274 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 49);
275 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 50);
276 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 51);
277 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 52);
278 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 53);
279 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 54);
280 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 55);
281 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 56);
282 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 57);
283 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 58);
284 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 59);
286 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 60);
287 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 61);
288 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 62);
289 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 63);
290 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 64);
291 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 65);
292 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 66);
293 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 67);
294 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 68);
295 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 69);
296 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 70);
297 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 71);
298 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 72);
299 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 73);
300 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 74);
301 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 75);
302 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 76);
303 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 77);
304 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 78);
305 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 79);
307 ihv
[0] += a
; ihv
[1] += b
; ihv
[2] += c
; ihv
[3] += d
; ihv
[4] += e
;
312 void sha1_compression_states(uint32_t ihv
[5], const uint32_t m
[16], uint32_t W
[80], uint32_t states
[80][5])
314 uint32_t a
= ihv
[0], b
= ihv
[1], c
= ihv
[2], d
= ihv
[3], e
= ihv
[4];
317 #ifdef DOSTORESTATE00
320 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a
, b
, c
, d
, e
, m
, W
, 0, temp
);
322 #ifdef DOSTORESTATE01
325 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e
, a
, b
, c
, d
, m
, W
, 1, temp
);
327 #ifdef DOSTORESTATE02
330 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d
, e
, a
, b
, c
, m
, W
, 2, temp
);
332 #ifdef DOSTORESTATE03
335 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c
, d
, e
, a
, b
, m
, W
, 3, temp
);
337 #ifdef DOSTORESTATE04
340 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b
, c
, d
, e
, a
, m
, W
, 4, temp
);
342 #ifdef DOSTORESTATE05
345 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a
, b
, c
, d
, e
, m
, W
, 5, temp
);
347 #ifdef DOSTORESTATE06
350 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e
, a
, b
, c
, d
, m
, W
, 6, temp
);
352 #ifdef DOSTORESTATE07
355 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d
, e
, a
, b
, c
, m
, W
, 7, temp
);
357 #ifdef DOSTORESTATE08
360 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c
, d
, e
, a
, b
, m
, W
, 8, temp
);
362 #ifdef DOSTORESTATE09
365 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b
, c
, d
, e
, a
, m
, W
, 9, temp
);
367 #ifdef DOSTORESTATE10
370 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a
, b
, c
, d
, e
, m
, W
, 10, temp
);
372 #ifdef DOSTORESTATE11
375 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e
, a
, b
, c
, d
, m
, W
, 11, temp
);
377 #ifdef DOSTORESTATE12
380 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d
, e
, a
, b
, c
, m
, W
, 12, temp
);
382 #ifdef DOSTORESTATE13
385 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c
, d
, e
, a
, b
, m
, W
, 13, temp
);
387 #ifdef DOSTORESTATE14
390 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b
, c
, d
, e
, a
, m
, W
, 14, temp
);
392 #ifdef DOSTORESTATE15
395 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a
, b
, c
, d
, e
, m
, W
, 15, temp
);
397 #ifdef DOSTORESTATE16
400 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(e
, a
, b
, c
, d
, W
, 16, temp
);
402 #ifdef DOSTORESTATE17
405 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(d
, e
, a
, b
, c
, W
, 17, temp
);
407 #ifdef DOSTORESTATE18
410 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(c
, d
, e
, a
, b
, W
, 18, temp
);
412 #ifdef DOSTORESTATE19
415 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(b
, c
, d
, e
, a
, W
, 19, temp
);
419 #ifdef DOSTORESTATE20
422 SHA1COMPRESS_FULL_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 20, temp
);
424 #ifdef DOSTORESTATE21
427 SHA1COMPRESS_FULL_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 21, temp
);
429 #ifdef DOSTORESTATE22
432 SHA1COMPRESS_FULL_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 22, temp
);
434 #ifdef DOSTORESTATE23
437 SHA1COMPRESS_FULL_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 23, temp
);
439 #ifdef DOSTORESTATE24
442 SHA1COMPRESS_FULL_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 24, temp
);
444 #ifdef DOSTORESTATE25
447 SHA1COMPRESS_FULL_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 25, temp
);
449 #ifdef DOSTORESTATE26
452 SHA1COMPRESS_FULL_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 26, temp
);
454 #ifdef DOSTORESTATE27
457 SHA1COMPRESS_FULL_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 27, temp
);
459 #ifdef DOSTORESTATE28
462 SHA1COMPRESS_FULL_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 28, temp
);
464 #ifdef DOSTORESTATE29
467 SHA1COMPRESS_FULL_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 29, temp
);
469 #ifdef DOSTORESTATE30
472 SHA1COMPRESS_FULL_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 30, temp
);
474 #ifdef DOSTORESTATE31
477 SHA1COMPRESS_FULL_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 31, temp
);
479 #ifdef DOSTORESTATE32
482 SHA1COMPRESS_FULL_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 32, temp
);
484 #ifdef DOSTORESTATE33
487 SHA1COMPRESS_FULL_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 33, temp
);
489 #ifdef DOSTORESTATE34
492 SHA1COMPRESS_FULL_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 34, temp
);
494 #ifdef DOSTORESTATE35
497 SHA1COMPRESS_FULL_ROUND2_STEP(a
, b
, c
, d
, e
, W
, 35, temp
);
499 #ifdef DOSTORESTATE36
502 SHA1COMPRESS_FULL_ROUND2_STEP(e
, a
, b
, c
, d
, W
, 36, temp
);
504 #ifdef DOSTORESTATE37
507 SHA1COMPRESS_FULL_ROUND2_STEP(d
, e
, a
, b
, c
, W
, 37, temp
);
509 #ifdef DOSTORESTATE38
512 SHA1COMPRESS_FULL_ROUND2_STEP(c
, d
, e
, a
, b
, W
, 38, temp
);
514 #ifdef DOSTORESTATE39
517 SHA1COMPRESS_FULL_ROUND2_STEP(b
, c
, d
, e
, a
, W
, 39, temp
);
521 #ifdef DOSTORESTATE40
524 SHA1COMPRESS_FULL_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 40, temp
);
526 #ifdef DOSTORESTATE41
529 SHA1COMPRESS_FULL_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 41, temp
);
531 #ifdef DOSTORESTATE42
534 SHA1COMPRESS_FULL_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 42, temp
);
536 #ifdef DOSTORESTATE43
539 SHA1COMPRESS_FULL_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 43, temp
);
541 #ifdef DOSTORESTATE44
544 SHA1COMPRESS_FULL_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 44, temp
);
546 #ifdef DOSTORESTATE45
549 SHA1COMPRESS_FULL_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 45, temp
);
551 #ifdef DOSTORESTATE46
554 SHA1COMPRESS_FULL_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 46, temp
);
556 #ifdef DOSTORESTATE47
559 SHA1COMPRESS_FULL_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 47, temp
);
561 #ifdef DOSTORESTATE48
564 SHA1COMPRESS_FULL_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 48, temp
);
566 #ifdef DOSTORESTATE49
569 SHA1COMPRESS_FULL_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 49, temp
);
571 #ifdef DOSTORESTATE50
574 SHA1COMPRESS_FULL_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 50, temp
);
576 #ifdef DOSTORESTATE51
579 SHA1COMPRESS_FULL_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 51, temp
);
581 #ifdef DOSTORESTATE52
584 SHA1COMPRESS_FULL_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 52, temp
);
586 #ifdef DOSTORESTATE53
589 SHA1COMPRESS_FULL_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 53, temp
);
591 #ifdef DOSTORESTATE54
594 SHA1COMPRESS_FULL_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 54, temp
);
596 #ifdef DOSTORESTATE55
599 SHA1COMPRESS_FULL_ROUND3_STEP(a
, b
, c
, d
, e
, W
, 55, temp
);
601 #ifdef DOSTORESTATE56
604 SHA1COMPRESS_FULL_ROUND3_STEP(e
, a
, b
, c
, d
, W
, 56, temp
);
606 #ifdef DOSTORESTATE57
609 SHA1COMPRESS_FULL_ROUND3_STEP(d
, e
, a
, b
, c
, W
, 57, temp
);
611 #ifdef DOSTORESTATE58
614 SHA1COMPRESS_FULL_ROUND3_STEP(c
, d
, e
, a
, b
, W
, 58, temp
);
616 #ifdef DOSTORESTATE59
619 SHA1COMPRESS_FULL_ROUND3_STEP(b
, c
, d
, e
, a
, W
, 59, temp
);
624 #ifdef DOSTORESTATE60
627 SHA1COMPRESS_FULL_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 60, temp
);
629 #ifdef DOSTORESTATE61
632 SHA1COMPRESS_FULL_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 61, temp
);
634 #ifdef DOSTORESTATE62
637 SHA1COMPRESS_FULL_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 62, temp
);
639 #ifdef DOSTORESTATE63
642 SHA1COMPRESS_FULL_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 63, temp
);
644 #ifdef DOSTORESTATE64
647 SHA1COMPRESS_FULL_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 64, temp
);
649 #ifdef DOSTORESTATE65
652 SHA1COMPRESS_FULL_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 65, temp
);
654 #ifdef DOSTORESTATE66
657 SHA1COMPRESS_FULL_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 66, temp
);
659 #ifdef DOSTORESTATE67
662 SHA1COMPRESS_FULL_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 67, temp
);
664 #ifdef DOSTORESTATE68
667 SHA1COMPRESS_FULL_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 68, temp
);
669 #ifdef DOSTORESTATE69
672 SHA1COMPRESS_FULL_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 69, temp
);
674 #ifdef DOSTORESTATE70
677 SHA1COMPRESS_FULL_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 70, temp
);
679 #ifdef DOSTORESTATE71
682 SHA1COMPRESS_FULL_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 71, temp
);
684 #ifdef DOSTORESTATE72
687 SHA1COMPRESS_FULL_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 72, temp
);
689 #ifdef DOSTORESTATE73
692 SHA1COMPRESS_FULL_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 73, temp
);
694 #ifdef DOSTORESTATE74
697 SHA1COMPRESS_FULL_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 74, temp
);
699 #ifdef DOSTORESTATE75
702 SHA1COMPRESS_FULL_ROUND4_STEP(a
, b
, c
, d
, e
, W
, 75, temp
);
704 #ifdef DOSTORESTATE76
707 SHA1COMPRESS_FULL_ROUND4_STEP(e
, a
, b
, c
, d
, W
, 76, temp
);
709 #ifdef DOSTORESTATE77
712 SHA1COMPRESS_FULL_ROUND4_STEP(d
, e
, a
, b
, c
, W
, 77, temp
);
714 #ifdef DOSTORESTATE78
717 SHA1COMPRESS_FULL_ROUND4_STEP(c
, d
, e
, a
, b
, W
, 78, temp
);
719 #ifdef DOSTORESTATE79
722 SHA1COMPRESS_FULL_ROUND4_STEP(b
, c
, d
, e
, a
, W
, 79, temp
);
726 ihv
[0] += a
; ihv
[1] += b
; ihv
[2] += c
; ihv
[3] += d
; ihv
[4] += e
;
732 #define SHA1_RECOMPRESS(t) \
733 static void sha1recompress_fast_ ## t (uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5]) \
735 uint32_t a = state[0], b = state[1], c = state[2], d = state[3], e = state[4]; \
736 if (t > 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 79); \
737 if (t > 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 78); \
738 if (t > 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 77); \
739 if (t > 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 76); \
740 if (t > 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 75); \
741 if (t > 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 74); \
742 if (t > 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 73); \
743 if (t > 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 72); \
744 if (t > 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 71); \
745 if (t > 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 70); \
746 if (t > 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 69); \
747 if (t > 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 68); \
748 if (t > 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 67); \
749 if (t > 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 66); \
750 if (t > 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 65); \
751 if (t > 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 64); \
752 if (t > 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 63); \
753 if (t > 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 62); \
754 if (t > 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 61); \
755 if (t > 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 60); \
756 if (t > 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 59); \
757 if (t > 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 58); \
758 if (t > 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 57); \
759 if (t > 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 56); \
760 if (t > 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 55); \
761 if (t > 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 54); \
762 if (t > 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 53); \
763 if (t > 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 52); \
764 if (t > 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 51); \
765 if (t > 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 50); \
766 if (t > 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 49); \
767 if (t > 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 48); \
768 if (t > 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 47); \
769 if (t > 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 46); \
770 if (t > 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 45); \
771 if (t > 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 44); \
772 if (t > 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 43); \
773 if (t > 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 42); \
774 if (t > 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 41); \
775 if (t > 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 40); \
776 if (t > 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 39); \
777 if (t > 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 38); \
778 if (t > 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 37); \
779 if (t > 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 36); \
780 if (t > 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 35); \
781 if (t > 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 34); \
782 if (t > 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 33); \
783 if (t > 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 32); \
784 if (t > 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 31); \
785 if (t > 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 30); \
786 if (t > 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 29); \
787 if (t > 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 28); \
788 if (t > 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 27); \
789 if (t > 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 26); \
790 if (t > 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 25); \
791 if (t > 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 24); \
792 if (t > 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 23); \
793 if (t > 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 22); \
794 if (t > 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 21); \
795 if (t > 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 20); \
796 if (t > 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 19); \
797 if (t > 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 18); \
798 if (t > 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 17); \
799 if (t > 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 16); \
800 if (t > 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 15); \
801 if (t > 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 14); \
802 if (t > 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 13); \
803 if (t > 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 12); \
804 if (t > 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 11); \
805 if (t > 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 10); \
806 if (t > 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 9); \
807 if (t > 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 8); \
808 if (t > 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 7); \
809 if (t > 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 6); \
810 if (t > 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 5); \
811 if (t > 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 4); \
812 if (t > 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 3); \
813 if (t > 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 2); \
814 if (t > 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 1); \
815 if (t > 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 0); \
816 ihvin[0] = a; ihvin[1] = b; ihvin[2] = c; ihvin[3] = d; ihvin[4] = e; \
817 a = state[0]; b = state[1]; c = state[2]; d = state[3]; e = state[4]; \
818 if (t <= 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 0); \
819 if (t <= 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 1); \
820 if (t <= 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 2); \
821 if (t <= 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 3); \
822 if (t <= 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 4); \
823 if (t <= 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 5); \
824 if (t <= 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 6); \
825 if (t <= 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 7); \
826 if (t <= 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 8); \
827 if (t <= 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 9); \
828 if (t <= 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 10); \
829 if (t <= 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 11); \
830 if (t <= 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 12); \
831 if (t <= 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 13); \
832 if (t <= 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 14); \
833 if (t <= 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 15); \
834 if (t <= 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 16); \
835 if (t <= 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 17); \
836 if (t <= 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 18); \
837 if (t <= 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 19); \
838 if (t <= 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 20); \
839 if (t <= 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 21); \
840 if (t <= 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 22); \
841 if (t <= 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 23); \
842 if (t <= 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 24); \
843 if (t <= 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 25); \
844 if (t <= 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 26); \
845 if (t <= 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 27); \
846 if (t <= 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 28); \
847 if (t <= 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 29); \
848 if (t <= 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 30); \
849 if (t <= 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 31); \
850 if (t <= 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 32); \
851 if (t <= 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 33); \
852 if (t <= 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 34); \
853 if (t <= 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 35); \
854 if (t <= 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 36); \
855 if (t <= 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 37); \
856 if (t <= 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 38); \
857 if (t <= 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 39); \
858 if (t <= 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 40); \
859 if (t <= 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 41); \
860 if (t <= 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 42); \
861 if (t <= 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 43); \
862 if (t <= 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 44); \
863 if (t <= 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 45); \
864 if (t <= 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 46); \
865 if (t <= 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 47); \
866 if (t <= 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 48); \
867 if (t <= 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 49); \
868 if (t <= 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 50); \
869 if (t <= 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 51); \
870 if (t <= 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 52); \
871 if (t <= 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 53); \
872 if (t <= 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 54); \
873 if (t <= 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 55); \
874 if (t <= 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 56); \
875 if (t <= 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 57); \
876 if (t <= 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 58); \
877 if (t <= 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 59); \
878 if (t <= 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 60); \
879 if (t <= 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 61); \
880 if (t <= 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 62); \
881 if (t <= 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 63); \
882 if (t <= 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 64); \
883 if (t <= 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 65); \
884 if (t <= 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 66); \
885 if (t <= 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 67); \
886 if (t <= 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 68); \
887 if (t <= 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 69); \
888 if (t <= 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 70); \
889 if (t <= 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 71); \
890 if (t <= 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 72); \
891 if (t <= 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 73); \
892 if (t <= 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 74); \
893 if (t <= 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 75); \
894 if (t <= 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 76); \
895 if (t <= 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 77); \
896 if (t <= 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 78); \
897 if (t <= 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 79); \
898 ihvout[0] = ihvin[0] + a; ihvout[1] = ihvin[1] + b; ihvout[2] = ihvin[2] + c; ihvout[3] = ihvin[3] + d; ihvout[4] = ihvin[4] + e; \
902 #pragma warning(push)
903 #pragma warning(disable: 4127) /* Complier complains about the checks in the above macro being constant. */
946 #ifdef DOSTORESTATE10
950 #ifdef DOSTORESTATE11
954 #ifdef DOSTORESTATE12
958 #ifdef DOSTORESTATE13
962 #ifdef DOSTORESTATE14
966 #ifdef DOSTORESTATE15
970 #ifdef DOSTORESTATE16
974 #ifdef DOSTORESTATE17
978 #ifdef DOSTORESTATE18
982 #ifdef DOSTORESTATE19
986 #ifdef DOSTORESTATE20
990 #ifdef DOSTORESTATE21
994 #ifdef DOSTORESTATE22
998 #ifdef DOSTORESTATE23
1002 #ifdef DOSTORESTATE24
1006 #ifdef DOSTORESTATE25
1010 #ifdef DOSTORESTATE26
1014 #ifdef DOSTORESTATE27
1018 #ifdef DOSTORESTATE28
1022 #ifdef DOSTORESTATE29
1026 #ifdef DOSTORESTATE30
1030 #ifdef DOSTORESTATE31
1034 #ifdef DOSTORESTATE32
1038 #ifdef DOSTORESTATE33
1042 #ifdef DOSTORESTATE34
1046 #ifdef DOSTORESTATE35
1050 #ifdef DOSTORESTATE36
1054 #ifdef DOSTORESTATE37
1058 #ifdef DOSTORESTATE38
1062 #ifdef DOSTORESTATE39
1066 #ifdef DOSTORESTATE40
1070 #ifdef DOSTORESTATE41
1074 #ifdef DOSTORESTATE42
1078 #ifdef DOSTORESTATE43
1082 #ifdef DOSTORESTATE44
1086 #ifdef DOSTORESTATE45
1090 #ifdef DOSTORESTATE46
1094 #ifdef DOSTORESTATE47
1098 #ifdef DOSTORESTATE48
1102 #ifdef DOSTORESTATE49
1106 #ifdef DOSTORESTATE50
1110 #ifdef DOSTORESTATE51
1114 #ifdef DOSTORESTATE52
1118 #ifdef DOSTORESTATE53
1122 #ifdef DOSTORESTATE54
1126 #ifdef DOSTORESTATE55
1130 #ifdef DOSTORESTATE56
1134 #ifdef DOSTORESTATE57
1138 #ifdef DOSTORESTATE58
1142 #ifdef DOSTORESTATE59
1146 #ifdef DOSTORESTATE60
1150 #ifdef DOSTORESTATE61
1154 #ifdef DOSTORESTATE62
1158 #ifdef DOSTORESTATE63
1162 #ifdef DOSTORESTATE64
1166 #ifdef DOSTORESTATE65
1170 #ifdef DOSTORESTATE66
1174 #ifdef DOSTORESTATE67
1178 #ifdef DOSTORESTATE68
1182 #ifdef DOSTORESTATE69
1186 #ifdef DOSTORESTATE70
1190 #ifdef DOSTORESTATE71
1194 #ifdef DOSTORESTATE72
1198 #ifdef DOSTORESTATE73
1202 #ifdef DOSTORESTATE74
1206 #ifdef DOSTORESTATE75
1210 #ifdef DOSTORESTATE76
1214 #ifdef DOSTORESTATE77
1218 #ifdef DOSTORESTATE78
1222 #ifdef DOSTORESTATE79
1227 #pragma warning(pop)
1230 static void sha1_recompression_step(uint32_t step
, uint32_t ihvin
[5], uint32_t ihvout
[5], const uint32_t me2
[80], const uint32_t state
[5])
1234 #ifdef DOSTORESTATE0
1236 sha1recompress_fast_0(ihvin
, ihvout
, me2
, state
);
1239 #ifdef DOSTORESTATE1
1241 sha1recompress_fast_1(ihvin
, ihvout
, me2
, state
);
1244 #ifdef DOSTORESTATE2
1246 sha1recompress_fast_2(ihvin
, ihvout
, me2
, state
);
1249 #ifdef DOSTORESTATE3
1251 sha1recompress_fast_3(ihvin
, ihvout
, me2
, state
);
1254 #ifdef DOSTORESTATE4
1256 sha1recompress_fast_4(ihvin
, ihvout
, me2
, state
);
1259 #ifdef DOSTORESTATE5
1261 sha1recompress_fast_5(ihvin
, ihvout
, me2
, state
);
1264 #ifdef DOSTORESTATE6
1266 sha1recompress_fast_6(ihvin
, ihvout
, me2
, state
);
1269 #ifdef DOSTORESTATE7
1271 sha1recompress_fast_7(ihvin
, ihvout
, me2
, state
);
1274 #ifdef DOSTORESTATE8
1276 sha1recompress_fast_8(ihvin
, ihvout
, me2
, state
);
1279 #ifdef DOSTORESTATE9
1281 sha1recompress_fast_9(ihvin
, ihvout
, me2
, state
);
1284 #ifdef DOSTORESTATE10
1286 sha1recompress_fast_10(ihvin
, ihvout
, me2
, state
);
1289 #ifdef DOSTORESTATE11
1291 sha1recompress_fast_11(ihvin
, ihvout
, me2
, state
);
1294 #ifdef DOSTORESTATE12
1296 sha1recompress_fast_12(ihvin
, ihvout
, me2
, state
);
1299 #ifdef DOSTORESTATE13
1301 sha1recompress_fast_13(ihvin
, ihvout
, me2
, state
);
1304 #ifdef DOSTORESTATE14
1306 sha1recompress_fast_14(ihvin
, ihvout
, me2
, state
);
1309 #ifdef DOSTORESTATE15
1311 sha1recompress_fast_15(ihvin
, ihvout
, me2
, state
);
1314 #ifdef DOSTORESTATE16
1316 sha1recompress_fast_16(ihvin
, ihvout
, me2
, state
);
1319 #ifdef DOSTORESTATE17
1321 sha1recompress_fast_17(ihvin
, ihvout
, me2
, state
);
1324 #ifdef DOSTORESTATE18
1326 sha1recompress_fast_18(ihvin
, ihvout
, me2
, state
);
1329 #ifdef DOSTORESTATE19
1331 sha1recompress_fast_19(ihvin
, ihvout
, me2
, state
);
1334 #ifdef DOSTORESTATE20
1336 sha1recompress_fast_20(ihvin
, ihvout
, me2
, state
);
1339 #ifdef DOSTORESTATE21
1341 sha1recompress_fast_21(ihvin
, ihvout
, me2
, state
);
1344 #ifdef DOSTORESTATE22
1346 sha1recompress_fast_22(ihvin
, ihvout
, me2
, state
);
1349 #ifdef DOSTORESTATE23
1351 sha1recompress_fast_23(ihvin
, ihvout
, me2
, state
);
1354 #ifdef DOSTORESTATE24
1356 sha1recompress_fast_24(ihvin
, ihvout
, me2
, state
);
1359 #ifdef DOSTORESTATE25
1361 sha1recompress_fast_25(ihvin
, ihvout
, me2
, state
);
1364 #ifdef DOSTORESTATE26
1366 sha1recompress_fast_26(ihvin
, ihvout
, me2
, state
);
1369 #ifdef DOSTORESTATE27
1371 sha1recompress_fast_27(ihvin
, ihvout
, me2
, state
);
1374 #ifdef DOSTORESTATE28
1376 sha1recompress_fast_28(ihvin
, ihvout
, me2
, state
);
1379 #ifdef DOSTORESTATE29
1381 sha1recompress_fast_29(ihvin
, ihvout
, me2
, state
);
1384 #ifdef DOSTORESTATE30
1386 sha1recompress_fast_30(ihvin
, ihvout
, me2
, state
);
1389 #ifdef DOSTORESTATE31
1391 sha1recompress_fast_31(ihvin
, ihvout
, me2
, state
);
1394 #ifdef DOSTORESTATE32
1396 sha1recompress_fast_32(ihvin
, ihvout
, me2
, state
);
1399 #ifdef DOSTORESTATE33
1401 sha1recompress_fast_33(ihvin
, ihvout
, me2
, state
);
1404 #ifdef DOSTORESTATE34
1406 sha1recompress_fast_34(ihvin
, ihvout
, me2
, state
);
1409 #ifdef DOSTORESTATE35
1411 sha1recompress_fast_35(ihvin
, ihvout
, me2
, state
);
1414 #ifdef DOSTORESTATE36
1416 sha1recompress_fast_36(ihvin
, ihvout
, me2
, state
);
1419 #ifdef DOSTORESTATE37
1421 sha1recompress_fast_37(ihvin
, ihvout
, me2
, state
);
1424 #ifdef DOSTORESTATE38
1426 sha1recompress_fast_38(ihvin
, ihvout
, me2
, state
);
1429 #ifdef DOSTORESTATE39
1431 sha1recompress_fast_39(ihvin
, ihvout
, me2
, state
);
1434 #ifdef DOSTORESTATE40
1436 sha1recompress_fast_40(ihvin
, ihvout
, me2
, state
);
1439 #ifdef DOSTORESTATE41
1441 sha1recompress_fast_41(ihvin
, ihvout
, me2
, state
);
1444 #ifdef DOSTORESTATE42
1446 sha1recompress_fast_42(ihvin
, ihvout
, me2
, state
);
1449 #ifdef DOSTORESTATE43
1451 sha1recompress_fast_43(ihvin
, ihvout
, me2
, state
);
1454 #ifdef DOSTORESTATE44
1456 sha1recompress_fast_44(ihvin
, ihvout
, me2
, state
);
1459 #ifdef DOSTORESTATE45
1461 sha1recompress_fast_45(ihvin
, ihvout
, me2
, state
);
1464 #ifdef DOSTORESTATE46
1466 sha1recompress_fast_46(ihvin
, ihvout
, me2
, state
);
1469 #ifdef DOSTORESTATE47
1471 sha1recompress_fast_47(ihvin
, ihvout
, me2
, state
);
1474 #ifdef DOSTORESTATE48
1476 sha1recompress_fast_48(ihvin
, ihvout
, me2
, state
);
1479 #ifdef DOSTORESTATE49
1481 sha1recompress_fast_49(ihvin
, ihvout
, me2
, state
);
1484 #ifdef DOSTORESTATE50
1486 sha1recompress_fast_50(ihvin
, ihvout
, me2
, state
);
1489 #ifdef DOSTORESTATE51
1491 sha1recompress_fast_51(ihvin
, ihvout
, me2
, state
);
1494 #ifdef DOSTORESTATE52
1496 sha1recompress_fast_52(ihvin
, ihvout
, me2
, state
);
1499 #ifdef DOSTORESTATE53
1501 sha1recompress_fast_53(ihvin
, ihvout
, me2
, state
);
1504 #ifdef DOSTORESTATE54
1506 sha1recompress_fast_54(ihvin
, ihvout
, me2
, state
);
1509 #ifdef DOSTORESTATE55
1511 sha1recompress_fast_55(ihvin
, ihvout
, me2
, state
);
1514 #ifdef DOSTORESTATE56
1516 sha1recompress_fast_56(ihvin
, ihvout
, me2
, state
);
1519 #ifdef DOSTORESTATE57
1521 sha1recompress_fast_57(ihvin
, ihvout
, me2
, state
);
1524 #ifdef DOSTORESTATE58
1526 sha1recompress_fast_58(ihvin
, ihvout
, me2
, state
);
1529 #ifdef DOSTORESTATE59
1531 sha1recompress_fast_59(ihvin
, ihvout
, me2
, state
);
1534 #ifdef DOSTORESTATE60
1536 sha1recompress_fast_60(ihvin
, ihvout
, me2
, state
);
1539 #ifdef DOSTORESTATE61
1541 sha1recompress_fast_61(ihvin
, ihvout
, me2
, state
);
1544 #ifdef DOSTORESTATE62
1546 sha1recompress_fast_62(ihvin
, ihvout
, me2
, state
);
1549 #ifdef DOSTORESTATE63
1551 sha1recompress_fast_63(ihvin
, ihvout
, me2
, state
);
1554 #ifdef DOSTORESTATE64
1556 sha1recompress_fast_64(ihvin
, ihvout
, me2
, state
);
1559 #ifdef DOSTORESTATE65
1561 sha1recompress_fast_65(ihvin
, ihvout
, me2
, state
);
1564 #ifdef DOSTORESTATE66
1566 sha1recompress_fast_66(ihvin
, ihvout
, me2
, state
);
1569 #ifdef DOSTORESTATE67
1571 sha1recompress_fast_67(ihvin
, ihvout
, me2
, state
);
1574 #ifdef DOSTORESTATE68
1576 sha1recompress_fast_68(ihvin
, ihvout
, me2
, state
);
1579 #ifdef DOSTORESTATE69
1581 sha1recompress_fast_69(ihvin
, ihvout
, me2
, state
);
1584 #ifdef DOSTORESTATE70
1586 sha1recompress_fast_70(ihvin
, ihvout
, me2
, state
);
1589 #ifdef DOSTORESTATE71
1591 sha1recompress_fast_71(ihvin
, ihvout
, me2
, state
);
1594 #ifdef DOSTORESTATE72
1596 sha1recompress_fast_72(ihvin
, ihvout
, me2
, state
);
1599 #ifdef DOSTORESTATE73
1601 sha1recompress_fast_73(ihvin
, ihvout
, me2
, state
);
1604 #ifdef DOSTORESTATE74
1606 sha1recompress_fast_74(ihvin
, ihvout
, me2
, state
);
1609 #ifdef DOSTORESTATE75
1611 sha1recompress_fast_75(ihvin
, ihvout
, me2
, state
);
1614 #ifdef DOSTORESTATE76
1616 sha1recompress_fast_76(ihvin
, ihvout
, me2
, state
);
1619 #ifdef DOSTORESTATE77
1621 sha1recompress_fast_77(ihvin
, ihvout
, me2
, state
);
1624 #ifdef DOSTORESTATE78
1626 sha1recompress_fast_78(ihvin
, ihvout
, me2
, state
);
1629 #ifdef DOSTORESTATE79
1631 sha1recompress_fast_79(ihvin
, ihvout
, me2
, state
);
1642 static void sha1_process(SHA1_CTX
* ctx
, const uint32_t block
[16])
1645 uint32_t ubc_dv_mask
[DVMASKSIZE
] = { 0xFFFFFFFF };
1648 ctx
->ihv1
[0] = ctx
->ihv
[0];
1649 ctx
->ihv1
[1] = ctx
->ihv
[1];
1650 ctx
->ihv1
[2] = ctx
->ihv
[2];
1651 ctx
->ihv1
[3] = ctx
->ihv
[3];
1652 ctx
->ihv1
[4] = ctx
->ihv
[4];
1654 sha1_compression_states(ctx
->ihv
, block
, ctx
->m1
, ctx
->states
);
1656 if (ctx
->detect_coll
)
1660 ubc_check(ctx
->m1
, ubc_dv_mask
);
1663 if (ubc_dv_mask
[0] != 0)
1665 for (i
= 0; sha1_dvs
[i
].dvType
!= 0; ++i
)
1667 if (ubc_dv_mask
[0] & ((uint32_t)(1) << sha1_dvs
[i
].maskb
))
1669 for (j
= 0; j
< 80; ++j
)
1670 ctx
->m2
[j
] = ctx
->m1
[j
] ^ sha1_dvs
[i
].dm
[j
];
1672 sha1_recompression_step(sha1_dvs
[i
].testt
, ctx
->ihv2
, ihvtmp
, ctx
->m2
, ctx
->states
[sha1_dvs
[i
].testt
]);
1674 /* to verify SHA-1 collision detection code with collisions for reduced-step SHA-1 */
1675 if ((0 == ((ihvtmp
[0] ^ ctx
->ihv
[0]) | (ihvtmp
[1] ^ ctx
->ihv
[1]) | (ihvtmp
[2] ^ ctx
->ihv
[2]) | (ihvtmp
[3] ^ ctx
->ihv
[3]) | (ihvtmp
[4] ^ ctx
->ihv
[4])))
1676 || (ctx
->reduced_round_coll
&& 0==((ctx
->ihv1
[0] ^ ctx
->ihv2
[0]) | (ctx
->ihv1
[1] ^ ctx
->ihv2
[1]) | (ctx
->ihv1
[2] ^ ctx
->ihv2
[2]) | (ctx
->ihv1
[3] ^ ctx
->ihv2
[3]) | (ctx
->ihv1
[4] ^ ctx
->ihv2
[4]))))
1678 ctx
->found_collision
= 1;
1682 sha1_compression_W(ctx
->ihv
, ctx
->m1
);
1683 sha1_compression_W(ctx
->ihv
, ctx
->m1
);
1694 void SHA1DCInit(SHA1_CTX
* ctx
)
1697 ctx
->ihv
[0] = 0x67452301;
1698 ctx
->ihv
[1] = 0xEFCDAB89;
1699 ctx
->ihv
[2] = 0x98BADCFE;
1700 ctx
->ihv
[3] = 0x10325476;
1701 ctx
->ihv
[4] = 0xC3D2E1F0;
1702 ctx
->found_collision
= 0;
1703 ctx
->safe_hash
= SHA1DC_INIT_SAFE_HASH_DEFAULT
;
1705 ctx
->detect_coll
= 1;
1706 ctx
->reduced_round_coll
= 0;
1707 ctx
->callback
= NULL
;
1710 void SHA1DCSetSafeHash(SHA1_CTX
* ctx
, int safehash
)
1719 void SHA1DCSetUseUBC(SHA1_CTX
* ctx
, int ubc_check
)
1727 void SHA1DCSetUseDetectColl(SHA1_CTX
* ctx
, int detect_coll
)
1730 ctx
->detect_coll
= 1;
1732 ctx
->detect_coll
= 0;
1735 void SHA1DCSetDetectReducedRoundCollision(SHA1_CTX
* ctx
, int reduced_round_coll
)
1737 if (reduced_round_coll
)
1738 ctx
->reduced_round_coll
= 1;
1740 ctx
->reduced_round_coll
= 0;
1743 void SHA1DCSetCallback(SHA1_CTX
* ctx
, collision_block_callback callback
)
1745 ctx
->callback
= callback
;
1748 void SHA1DCUpdate(SHA1_CTX
* ctx
, const char* buf
, size_t len
)
1750 unsigned left
, fill
;
1755 left
= ctx
->total
& 63;
1758 if (left
&& len
>= fill
)
1761 memcpy(ctx
->buffer
+ left
, buf
, fill
);
1762 sha1_process(ctx
, (uint32_t*)(ctx
->buffer
));
1771 #if defined(SHA1DC_ALLOW_UNALIGNED_ACCESS)
1772 sha1_process(ctx
, (uint32_t*)(buf
));
1774 memcpy(ctx
->buffer
, buf
, 64);
1775 sha1_process(ctx
, (uint32_t*)(ctx
->buffer
));
1776 #endif /* defined(SHA1DC_ALLOW_UNALIGNED_ACCESS) */
1783 memcpy(ctx
->buffer
+ left
, buf
, len
);
1787 static const unsigned char sha1_padding
[64] =
1789 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1790 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1791 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1792 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
1795 int SHA1DCFinal(unsigned char output
[20], SHA1_CTX
*ctx
)
1797 uint32_t last
= ctx
->total
& 63;
1798 uint32_t padn
= (last
< 56) ? (56 - last
) : (120 - last
);
1800 SHA1DCUpdate(ctx
, (const char*)(sha1_padding
), padn
);
1802 total
= ctx
->total
- padn
;
1804 ctx
->buffer
[56] = (unsigned char)(total
>> 56);
1805 ctx
->buffer
[57] = (unsigned char)(total
>> 48);
1806 ctx
->buffer
[58] = (unsigned char)(total
>> 40);
1807 ctx
->buffer
[59] = (unsigned char)(total
>> 32);
1808 ctx
->buffer
[60] = (unsigned char)(total
>> 24);
1809 ctx
->buffer
[61] = (unsigned char)(total
>> 16);
1810 ctx
->buffer
[62] = (unsigned char)(total
>> 8);
1811 ctx
->buffer
[63] = (unsigned char)(total
);
1812 sha1_process(ctx
, (uint32_t*)(ctx
->buffer
));
1813 output
[0] = (unsigned char)(ctx
->ihv
[0] >> 24);
1814 output
[1] = (unsigned char)(ctx
->ihv
[0] >> 16);
1815 output
[2] = (unsigned char)(ctx
->ihv
[0] >> 8);
1816 output
[3] = (unsigned char)(ctx
->ihv
[0]);
1817 output
[4] = (unsigned char)(ctx
->ihv
[1] >> 24);
1818 output
[5] = (unsigned char)(ctx
->ihv
[1] >> 16);
1819 output
[6] = (unsigned char)(ctx
->ihv
[1] >> 8);
1820 output
[7] = (unsigned char)(ctx
->ihv
[1]);
1821 output
[8] = (unsigned char)(ctx
->ihv
[2] >> 24);
1822 output
[9] = (unsigned char)(ctx
->ihv
[2] >> 16);
1823 output
[10] = (unsigned char)(ctx
->ihv
[2] >> 8);
1824 output
[11] = (unsigned char)(ctx
->ihv
[2]);
1825 output
[12] = (unsigned char)(ctx
->ihv
[3] >> 24);
1826 output
[13] = (unsigned char)(ctx
->ihv
[3] >> 16);
1827 output
[14] = (unsigned char)(ctx
->ihv
[3] >> 8);
1828 output
[15] = (unsigned char)(ctx
->ihv
[3]);
1829 output
[16] = (unsigned char)(ctx
->ihv
[4] >> 24);
1830 output
[17] = (unsigned char)(ctx
->ihv
[4] >> 16);
1831 output
[18] = (unsigned char)(ctx
->ihv
[4] >> 8);
1832 output
[19] = (unsigned char)(ctx
->ihv
[4]);
1833 return ctx
->found_collision
;
1836 #ifdef SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C
1837 #include SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C