| blob | e799dc714a79cc1c505ed26ab469a94d225b7b26 |
1 /*
2 * Copyright (C) The Internet Society (2001). All Rights Reserved.
3 *
4 * This document and translations of it may be copied and furnished to
5 * others, and derivative works that comment on or otherwise explain it
6 * or assist in its implementation may be prepared, copied, published
7 * and distributed, in whole or in part, without restriction of any
8 * kind, provided that the above copyright notice and this paragraph are
9 * included on all such copies and derivative works. However, this
10 * document itself may not be modified in any way, such as by removing
11 * the copyright notice or references to the Internet Society or other
12 * Internet organizations, except as needed for the purpose of
13 * developing Internet standards in which case the procedures for
14 * copyrights defined in the Internet Standards process must be
15 * followed, or as required to translate it into languages other than
16 * English.
17 *
18 * The limited permissions granted above are perpetual and will not be
19 * revoked by the Internet Society or its successors or assigns.
20 *
21 * This document and the information contained herein is provided on an
22 * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
23 * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
24 * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
25 * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
26 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
27 *
28 * Copyright (C) 2012, Broadcom Corporation
29 * All Rights Reserved.
30 *
31 * This is UNPUBLISHED PROPRIETARY SOURCE CODE of Broadcom Corporation;
32 * the contents of this file may not be disclosed to third parties, copied
33 * or duplicated in any form, in whole or in part, without the prior
34 * written permission of Broadcom Corporation.
35 *
36 * $Id: sha1.c 241182 2011-02-17 21:50:03Z $
37 *
38 * From rfc3174.txt
39 */
41 /*
42 * sha1.c
43 *
44 * Description:
45 * This file implements the Secure Hashing Algorithm 1 as
46 * defined in FIPS PUB 180-1 published April 17, 1995.
47 *
48 * The SHA-1, produces a 160-bit message digest for a given
49 * data stream. It should take about 2**n steps to find a
50 * message with the same digest as a given message and
51 * 2**(n/2) to find any two messages with the same digest,
52 * when n is the digest size in bits. Therefore, this
53 * algorithm can serve as a means of providing a
54 * "fingerprint" for a message.
55 *
56 * Portability Issues:
57 * SHA-1 is defined in terms of 32-bit "words". This code
58 * uses <stdint.h> (included via "sha1.h" to define 32 and 8
59 * bit unsigned integer types. If your C compiler does not
60 * support 32 bit unsigned integers, this code is not
61 * appropriate.
62 *
63 * Caveats:
64 * SHA-1 is designed to work with messages less than 2^64 bits
65 * long. Although SHA-1 allows a message digest to be generated
66 * for messages of any number of bits less than 2^64, this
67 * implementation only works with messages with a length that is
68 * a multiple of the size of an 8-bit character.
69 *
70 */
72 #include <bcmcrypto/sha1.h>
74 #ifdef BCMDRIVER
75 #include <osl.h>
76 #else
77 #include <string.h>
80 /*
81 * Define the SHA1 circular left shift macro
82 */
83 #define SHA1CircularShift(bits, word) \
84 (((word) << (bits)) | ((word) >> (32-(bits))))
86 /* Local Function Prototyptes */
90 /*
91 * SHA1Reset
92 *
93 * Description:
94 * This function will initialize the SHA1Context in preparation
95 * for computing a new SHA1 message digest.
96 *
97 * Parameters:
98 * context: [in/out]
99 * The context to reset.
100 *
101 * Returns:
102 * sha Error Code.
103 *
104 */
105 int
107 {
110 }
126 }
128 /*
129 * SHA1Result
130 *
131 * Description:
132 * This function will return the 160-bit message digest into the
133 * Message_Digest array provided by the caller.
134 * NOTE: The first octet of hash is stored in the 0th element,
135 * the last octet of hash in the 19th element.
136 *
137 * Parameters:
138 * context: [in/out]
139 * The context to use to calculate the SHA-1 hash.
140 * Message_Digest: [out]
141 * Where the digest is returned.
142 *
143 * Returns:
144 * sha Error Code.
145 *
146 */
147 int
149 {
154 }
158 }
163 /* message may be sensitive, clear it out */
165 }
169 }
174 }
177 }
179 /*
180 * SHA1Input
181 *
182 * Description:
183 * This function accepts an array of octets as the next portion
184 * of the message.
185 *
186 * Parameters:
187 * context: [in/out]
188 * The SHA context to update
189 * message_array: [in]
190 * An array of characters representing the next portion of
191 * the message.
192 * length: [in]
193 * The length of the message in message_array
194 *
195 * Returns:
196 * sha Error Code.
197 *
198 */
199 int
201 {
204 }
208 }
213 }
217 }
226 /* Message is too long */
228 }
229 }
233 }
235 message_array++;
236 }
239 }
241 /*
242 * SHA1ProcessMessageBlock
243 *
244 * Description:
245 * This function will process the next 512 bits of the message
246 * stored in the Message_Block array.
247 *
248 * Parameters:
249 * None.
250 *
251 * Returns:
252 * Nothing.
253 *
254 * Comments:
255 * Many of the variable names in this code, especially the
256 * single character names, were used because those were the
257 * names used in the publication.
258 *
259 *
260 */
261 static void
263 {
268 0xCA62C1D6
269 };
275 /*
276 * Initialize the first 16 words in the array W
277 */
283 }
287 }
303 }
312 }
322 }
331 }
340 }
343 /*
344 * SHA1PadMessage
345 *
346 * Description:
347 * According to the standard, the message must be padded to an even
348 * 512 bits. The first padding bit must be a '1'. The last 64
349 * bits represent the length of the original message. All bits in
350 * between should be 0. This function will pad the message
351 * according to those rules by filling the Message_Block array
352 * accordingly. It will also call the ProcessMessageBlock function
353 * provided appropriately. When it returns, it can be assumed that
354 * the message digest has been computed.
355 *
356 * Parameters:
357 * context: [in/out]
358 * The context to pad
359 * ProcessMessageBlock: [in]
360 * The appropriate SHA*ProcessMessageBlock function
361 * Returns:
362 * Nothing.
363 *
364 */
366 static void
368 {
369 /*
370 * Check to see if the current message block is too small to hold
371 * the initial padding bits and length. If so, we will pad the
372 * block, process it, and then continue padding into a second
373 * block.
374 */
379 }
385 }
390 }
391 }
393 /*
394 * Store the message length as the last 8 octets
395 */
406 }
408 #ifdef BCMSHA1_TEST
409 /*
410 * sha1test.c
411 *
412 * Description:
413 * This file will exercise the SHA-1 code performing the three
414 * tests documented in FIPS PUB 180-1 plus one which calls
415 * SHA1Input with an exact multiple of 512 bits, plus a few
416 * error test checks.
417 *
418 * Portability Issues:
419 * None.
420 *
421 */
423 #include <stdio.h>
425 /*
426 * Define patterns for testing
427 */
431 #define TEST2 TEST2a TEST2b
435 /* an exact multiple of 512 bits */
436 #define TEST4 TEST4a TEST4b
438 {
439 TEST1,
440 TEST2,
441 TEST3,
442 TEST4
443 };
446 {
455 };
457 int
459 {
460 SHA1Context sha;
464 /*
465 * Perform SHA-1 tests
466 */
474 }
483 }
484 }
490 err);
495 }
497 }
502 }
505 }
507 /* Test some error returns */
518 }