| blob | fa36d3a11f5dfe8ec64986a304920c37e2bd87d9 |
1 /*
2 * Copyright (C) The Internet Society (2001). All Rights Reserved.
3 *
4 * This document and translations of it may be copied and furnished to
5 * others, and derivative works that comment on or otherwise explain it
6 * or assist in its implementation may be prepared, copied, published
7 * and distributed, in whole or in part, without restriction of any
8 * kind, provided that the above copyright notice and this paragraph are
9 * included on all such copies and derivative works. However, this
10 * document itself may not be modified in any way, such as by removing
11 * the copyright notice or references to the Internet Society or other
12 * Internet organizations, except as needed for the purpose of
13 * developing Internet standards in which case the procedures for
14 * copyrights defined in the Internet Standards process must be
15 * followed, or as required to translate it into languages other than
16 * English.
17 *
18 * The limited permissions granted above are perpetual and will not be
19 * revoked by the Internet Society or its successors or assigns.
20 *
21 * This document and the information contained herein is provided on an
22 * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
23 * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
24 * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
25 * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
26 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
27 *
28 * Copyright (C) 2010, Broadcom Corporation
29 * All Rights Reserved.
30 *
31 * This is UNPUBLISHED PROPRIETARY SOURCE CODE of Broadcom Corporation;
32 * the contents of this file may not be disclosed to third parties, copied
33 * or duplicated in any form, in whole or in part, without the prior
34 * written permission of Broadcom Corporation.
35 *
36 * $Id: sha1.c,v 1.14 2009-02-26 21:37:35 Exp $
37 *
38 * From rfc3174.txt
39 */
41 /*
42 * sha1.c
43 *
44 * Description:
45 * This file implements the Secure Hashing Algorithm 1 as
46 * defined in FIPS PUB 180-1 published April 17, 1995.
47 *
48 * The SHA-1, produces a 160-bit message digest for a given
49 * data stream. It should take about 2**n steps to find a
50 * message with the same digest as a given message and
51 * 2**(n/2) to find any two messages with the same digest,
52 * when n is the digest size in bits. Therefore, this
53 * algorithm can serve as a means of providing a
54 * "fingerprint" for a message.
55 *
56 * Portability Issues:
57 * SHA-1 is defined in terms of 32-bit "words". This code
58 * uses <stdint.h> (included via "sha1.h" to define 32 and 8
59 * bit unsigned integer types. If your C compiler does not
60 * support 32 bit unsigned integers, this code is not
61 * appropriate.
62 *
63 * Caveats:
64 * SHA-1 is designed to work with messages less than 2^64 bits
65 * long. Although SHA-1 allows a message digest to be generated
66 * for messages of any number of bits less than 2^64, this
67 * implementation only works with messages with a length that is
68 * a multiple of the size of an 8-bit character.
69 *
70 */
72 #include <bcmcrypto/sha1.h>
74 #ifdef BCMDRIVER
75 #include <osl.h>
76 #else
77 #if defined(__GNUC__)
80 #else
81 #define bcmp(b1, b2, len) memcmp((b1), (b2), (len))
85 /*
86 * Define the SHA1 circular left shift macro
87 */
88 #define SHA1CircularShift(bits, word) \
89 (((word) << (bits)) | ((word) >> (32-(bits))))
91 /* Local Function Prototyptes */
95 /*
96 * SHA1Reset
97 *
98 * Description:
99 * This function will initialize the SHA1Context in preparation
100 * for computing a new SHA1 message digest.
101 *
102 * Parameters:
103 * context: [in/out]
104 * The context to reset.
105 *
106 * Returns:
107 * sha Error Code.
108 *
109 */
110 int
112 {
115 }
131 }
133 /*
134 * SHA1Result
135 *
136 * Description:
137 * This function will return the 160-bit message digest into the
138 * Message_Digest array provided by the caller.
139 * NOTE: The first octet of hash is stored in the 0th element,
140 * the last octet of hash in the 19th element.
141 *
142 * Parameters:
143 * context: [in/out]
144 * The context to use to calculate the SHA-1 hash.
145 * Message_Digest: [out]
146 * Where the digest is returned.
147 *
148 * Returns:
149 * sha Error Code.
150 *
151 */
152 int
154 {
159 }
163 }
168 /* message may be sensitive, clear it out */
170 }
174 }
179 }
182 }
184 /*
185 * SHA1Input
186 *
187 * Description:
188 * This function accepts an array of octets as the next portion
189 * of the message.
190 *
191 * Parameters:
192 * context: [in/out]
193 * The SHA context to update
194 * message_array: [in]
195 * An array of characters representing the next portion of
196 * the message.
197 * length: [in]
198 * The length of the message in message_array
199 *
200 * Returns:
201 * sha Error Code.
202 *
203 */
204 int
206 {
209 }
213 }
218 }
222 }
231 /* Message is too long */
233 }
234 }
238 }
240 message_array++;
241 }
244 }
246 /*
247 * SHA1ProcessMessageBlock
248 *
249 * Description:
250 * This function will process the next 512 bits of the message
251 * stored in the Message_Block array.
252 *
253 * Parameters:
254 * None.
255 *
256 * Returns:
257 * Nothing.
258 *
259 * Comments:
260 * Many of the variable names in this code, especially the
261 * single character names, were used because those were the
262 * names used in the publication.
263 *
264 *
265 */
266 static void
268 {
273 0xCA62C1D6
274 };
280 /*
281 * Initialize the first 16 words in the array W
282 */
288 }
292 }
308 }
317 }
327 }
336 }
345 }
348 /*
349 * SHA1PadMessage
350 *
351 * Description:
352 * According to the standard, the message must be padded to an even
353 * 512 bits. The first padding bit must be a '1'. The last 64
354 * bits represent the length of the original message. All bits in
355 * between should be 0. This function will pad the message
356 * according to those rules by filling the Message_Block array
357 * accordingly. It will also call the ProcessMessageBlock function
358 * provided appropriately. When it returns, it can be assumed that
359 * the message digest has been computed.
360 *
361 * Parameters:
362 * context: [in/out]
363 * The context to pad
364 * ProcessMessageBlock: [in]
365 * The appropriate SHA*ProcessMessageBlock function
366 * Returns:
367 * Nothing.
368 *
369 */
372 {
373 /*
374 * Check to see if the current message block is too small to hold
375 * the initial padding bits and length. If so, we will pad the
376 * block, process it, and then continue padding into a second
377 * block.
378 */
383 }
389 }
394 }
395 }
397 /*
398 * Store the message length as the last 8 octets
399 */
410 }
412 #ifdef BCMSHA1_TEST
413 /*
414 * sha1test.c
415 *
416 * Description:
417 * This file will exercise the SHA-1 code performing the three
418 * tests documented in FIPS PUB 180-1 plus one which calls
419 * SHA1Input with an exact multiple of 512 bits, plus a few
420 * error test checks.
421 *
422 * Portability Issues:
423 * None.
424 *
425 */
427 #include <stdio.h>
429 /*
430 * Define patterns for testing
431 */
435 #define TEST2 TEST2a TEST2b
439 /* an exact multiple of 512 bits */
440 #define TEST4 TEST4a TEST4b
442 {
443 TEST1,
444 TEST2,
445 TEST3,
446 TEST4
447 };
450 {
459 };
462 {
463 SHA1Context sha;
467 /*
468 * Perform SHA-1 tests
469 */
477 }
486 }
487 }
493 err);
498 }
500 }
505 }
508 }
510 /* Test some error returns */
521 }