33 #if defined(POLARSSL_SHA1_C)
37 #if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
41 #if !defined(POLARSSL_SHA1_ALT)
47 #define GET_UINT32_BE(n,b,i) \
49 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
50 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
51 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
52 | ( (uint32_t) (b)[(i) + 3] ); \
57 #define PUT_UINT32_BE(n,b,i) \
59 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
60 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
61 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
62 (b)[(i) + 3] = (unsigned char) ( (n) ); \
74 ctx->
state[0] = 0x67452301;
75 ctx->
state[1] = 0xEFCDAB89;
76 ctx->
state[2] = 0x98BADCFE;
77 ctx->
state[3] = 0x10325476;
78 ctx->
state[4] = 0xC3D2E1F0;
83 uint32_t temp, W[16], A, B, C, D, E;
102 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
106 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \
107 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \
108 ( W[t & 0x0F] = S(temp,1) ) \
111 #define P(a,b,c,d,e,x) \
113 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
122 #define F(x,y,z) (z ^ (x & (y ^ z)))
125 P( A, B, C, D, E, W[0] );
126 P( E, A, B, C, D, W[1] );
127 P( D, E, A, B, C, W[2] );
128 P( C, D, E, A, B, W[3] );
129 P( B, C, D, E, A, W[4] );
130 P( A, B, C, D, E, W[5] );
131 P( E, A, B, C, D, W[6] );
132 P( D, E, A, B, C, W[7] );
133 P( C, D, E, A, B, W[8] );
134 P( B, C, D, E, A, W[9] );
135 P( A, B, C, D, E, W[10] );
136 P( E, A, B, C, D, W[11] );
137 P( D, E, A, B, C, W[12] );
138 P( C, D, E, A, B, W[13] );
139 P( B, C, D, E, A, W[14] );
140 P( A, B, C, D, E, W[15] );
141 P( E, A, B, C, D, R(16) );
142 P( D, E, A, B, C, R(17) );
143 P( C, D, E, A, B, R(18) );
144 P( B, C, D, E, A, R(19) );
149 #define F(x,y,z) (x ^ y ^ z)
152 P( A, B, C, D, E, R(20) );
153 P( E, A, B, C, D, R(21) );
154 P( D, E, A, B, C, R(22) );
155 P( C, D, E, A, B, R(23) );
156 P( B, C, D, E, A, R(24) );
157 P( A, B, C, D, E, R(25) );
158 P( E, A, B, C, D, R(26) );
159 P( D, E, A, B, C, R(27) );
160 P( C, D, E, A, B, R(28) );
161 P( B, C, D, E, A, R(29) );
162 P( A, B, C, D, E, R(30) );
163 P( E, A, B, C, D, R(31) );
164 P( D, E, A, B, C, R(32) );
165 P( C, D, E, A, B, R(33) );
166 P( B, C, D, E, A, R(34) );
167 P( A, B, C, D, E, R(35) );
168 P( E, A, B, C, D, R(36) );
169 P( D, E, A, B, C, R(37) );
170 P( C, D, E, A, B, R(38) );
171 P( B, C, D, E, A, R(39) );
176 #define F(x,y,z) ((x & y) | (z & (x | y)))
179 P( A, B, C, D, E, R(40) );
180 P( E, A, B, C, D, R(41) );
181 P( D, E, A, B, C, R(42) );
182 P( C, D, E, A, B, R(43) );
183 P( B, C, D, E, A, R(44) );
184 P( A, B, C, D, E, R(45) );
185 P( E, A, B, C, D, R(46) );
186 P( D, E, A, B, C, R(47) );
187 P( C, D, E, A, B, R(48) );
188 P( B, C, D, E, A, R(49) );
189 P( A, B, C, D, E, R(50) );
190 P( E, A, B, C, D, R(51) );
191 P( D, E, A, B, C, R(52) );
192 P( C, D, E, A, B, R(53) );
193 P( B, C, D, E, A, R(54) );
194 P( A, B, C, D, E, R(55) );
195 P( E, A, B, C, D, R(56) );
196 P( D, E, A, B, C, R(57) );
197 P( C, D, E, A, B, R(58) );
198 P( B, C, D, E, A, R(59) );
203 #define F(x,y,z) (x ^ y ^ z)
206 P( A, B, C, D, E, R(60) );
207 P( E, A, B, C, D, R(61) );
208 P( D, E, A, B, C, R(62) );
209 P( C, D, E, A, B, R(63) );
210 P( B, C, D, E, A, R(64) );
211 P( A, B, C, D, E, R(65) );
212 P( E, A, B, C, D, R(66) );
213 P( D, E, A, B, C, R(67) );
214 P( C, D, E, A, B, R(68) );
215 P( B, C, D, E, A, R(69) );
216 P( A, B, C, D, E, R(70) );
217 P( E, A, B, C, D, R(71) );
218 P( D, E, A, B, C, R(72) );
219 P( C, D, E, A, B, R(73) );
220 P( B, C, D, E, A, R(74) );
221 P( A, B, C, D, E, R(75) );
222 P( E, A, B, C, D, R(76) );
223 P( D, E, A, B, C, R(77) );
224 P( C, D, E, A, B, R(78) );
225 P( B, C, D, E, A, R(79) );
248 left = ctx->
total[0] & 0x3F;
251 ctx->
total[0] += (uint32_t) ilen;
252 ctx->
total[0] &= 0xFFFFFFFF;
254 if( ctx->
total[0] < (uint32_t) ilen )
257 if( left && ilen >= fill )
259 memcpy( (
void *) (ctx->
buffer + left), input, fill );
274 memcpy( (
void *) (ctx->
buffer + left), input, ilen );
277 static const unsigned char sha1_padding[64] =
279 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
280 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
281 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
282 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
292 unsigned char msglen[8];
294 high = ( ctx->
total[0] >> 29 )
295 | ( ctx->
total[1] << 3 );
296 low = ( ctx->
total[0] << 3 );
301 last = ctx->
total[0] & 0x3F;
302 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
319 void sha1(
const unsigned char *input,
size_t ilen,
unsigned char output[20] )
330 #if defined(POLARSSL_FS_IO)
334 int sha1_file(
const char *path,
unsigned char output[20] )
339 unsigned char buf[1024];
341 if( ( f = fopen( path,
"rb" ) ) == NULL )
346 while( ( n = fread( buf, 1,
sizeof( buf ), f ) ) > 0 )
353 if( ferror( f ) != 0 )
370 unsigned char sum[20];
374 sha1( key, keylen, sum );
379 memset( ctx->
ipad, 0x36, 64 );
380 memset( ctx->
opad, 0x5C, 64 );
382 for( i = 0; i < keylen; i++ )
384 ctx->
ipad[i] = (
unsigned char)( ctx->
ipad[i] ^ key[i] );
385 ctx->
opad[i] = (
unsigned char)( ctx->
opad[i] ^ key[i] );
391 memset( sum, 0,
sizeof( sum ) );
407 unsigned char tmpbuf[20];
415 memset( tmpbuf, 0,
sizeof( tmpbuf ) );
430 void sha1_hmac(
const unsigned char *key,
size_t keylen,
431 const unsigned char *input,
size_t ilen,
432 unsigned char output[20] )
443 #if defined(POLARSSL_SELF_TEST)
447 static unsigned char sha1_test_buf[3][57] =
450 {
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
454 static const int sha1_test_buflen[3] =
459 static const unsigned char sha1_test_sum[3][20] =
461 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
462 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
463 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
464 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
465 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
466 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
472 static unsigned char sha1_hmac_test_key[7][26] =
474 {
"\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
475 "\x0B\x0B\x0B\x0B" },
477 {
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
478 "\xAA\xAA\xAA\xAA" },
479 {
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
480 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
481 {
"\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
482 "\x0C\x0C\x0C\x0C" },
487 static const int sha1_hmac_test_keylen[7] =
489 20, 4, 20, 25, 20, 80, 80
492 static unsigned char sha1_hmac_test_buf[7][74] =
495 {
"what do ya want for nothing?" },
496 {
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
497 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
498 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
499 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
500 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
501 {
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
502 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
503 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
504 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
505 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
506 {
"Test With Truncation" },
507 {
"Test Using Larger Than Block-Size Key - Hash Key First" },
508 {
"Test Using Larger Than Block-Size Key and Larger"
509 " Than One Block-Size Data" }
512 static const int sha1_hmac_test_buflen[7] =
514 8, 28, 50, 50, 20, 54, 73
517 static const unsigned char sha1_hmac_test_sum[7][20] =
519 { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
520 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
521 { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
522 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
523 { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
524 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
525 { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
526 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
527 { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
529 { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
530 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
531 { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
532 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
541 unsigned char buf[1024];
542 unsigned char sha1sum[20];
548 for( i = 0; i < 3; i++ )
551 printf(
" SHA-1 test #%d: ", i + 1 );
557 memset( buf,
'a', buflen = 1000 );
559 for( j = 0; j < 1000; j++ )
564 sha1_test_buflen[i] );
568 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
571 printf(
"failed\n" );
577 printf(
"passed\n" );
583 for( i = 0; i < 7; i++ )
586 printf(
" HMAC-SHA-1 test #%d: ", i + 1 );
588 if( i == 5 || i == 6 )
590 memset( buf,
'\xAA', buflen = 80 );
595 sha1_hmac_test_keylen[i] );
598 sha1_hmac_test_buflen[i] );
602 buflen = ( i == 4 ) ? 12 : 20;
604 if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
607 printf(
"failed\n" );
613 printf(
"passed\n" );
void sha1_hmac_finish(sha1_context *ctx, unsigned char output[20])
SHA-1 HMAC final digest.
int sha1_self_test(int verbose)
Checkup routine.
void sha1(const unsigned char *input, size_t ilen, unsigned char output[20])
Output = SHA-1( input buffer )
void sha1_finish(sha1_context *ctx, unsigned char output[20])
SHA-1 final digest.
void sha1_hmac(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[20])
Output = HMAC-SHA-1( hmac key, input buffer )
Configuration options (set of defines)
#define PUT_UINT32_BE(n, b, i)
void sha1_hmac_reset(sha1_context *ctx)
SHA-1 HMAC context reset.
int sha1_file(const char *path, unsigned char output[20])
Output = SHA-1( file contents )
void sha1_hmac_starts(sha1_context *ctx, const unsigned char *key, size_t keylen)
SHA-1 HMAC context setup.
void sha1_starts(sha1_context *ctx)
SHA-1 context setup.
SHA-1 cryptographic hash function.
void sha1_update(sha1_context *ctx, const unsigned char *input, size_t ilen)
SHA-1 process buffer.
#define GET_UINT32_BE(n, b, i)
void sha1_process(sha1_context *ctx, const unsigned char data[64])
void sha1_hmac_update(sha1_context *ctx, const unsigned char *input, size_t ilen)
SHA-1 HMAC process buffer.
#define POLARSSL_ERR_SHA1_FILE_IO_ERROR
Read/write error in file.