corrade-nucleus-nucleons – Blame information for rev 22

Subversion Repositories:
Rev:
Rev Author Line No. Line
22 office 1 /**
2 * Secure Hash Algorithm with 160-bit digest (SHA-1) implementation.
3 *
4 * @author Dave Longley
5 *
6 * Copyright (c) 2010-2015 Digital Bazaar, Inc.
7 */
8 var forge = require('./forge');
9 require('./md');
10 require('./util');
11  
12 var sha1 = module.exports = forge.sha1 = forge.sha1 || {};
13 forge.md.sha1 = forge.md.algorithms.sha1 = sha1;
14  
15 /**
16 * Creates a SHA-1 message digest object.
17 *
18 * @return a message digest object.
19 */
20 sha1.create = function() {
21 // do initialization as necessary
22 if(!_initialized) {
23 _init();
24 }
25  
26 // SHA-1 state contains five 32-bit integers
27 var _state = null;
28  
29 // input buffer
30 var _input = forge.util.createBuffer();
31  
32 // used for word storage
33 var _w = new Array(80);
34  
35 // message digest object
36 var md = {
37 algorithm: 'sha1',
38 blockLength: 64,
39 digestLength: 20,
40 // 56-bit length of message so far (does not including padding)
41 messageLength: 0,
42 // true message length
43 fullMessageLength: null,
44 // size of message length in bytes
45 messageLengthSize: 8
46 };
47  
48 /**
49 * Starts the digest.
50 *
51 * @return this digest object.
52 */
53 md.start = function() {
54 // up to 56-bit message length for convenience
55 md.messageLength = 0;
56  
57 // full message length (set md.messageLength64 for backwards-compatibility)
58 md.fullMessageLength = md.messageLength64 = [];
59 var int32s = md.messageLengthSize / 4;
60 for(var i = 0; i < int32s; ++i) {
61 < int32s; ++i) { md.fullMessageLength.push(0);
62 < int32s; ++i) { }
63 < int32s; ++i) { _input = forge.util.createBuffer();
64 < int32s; ++i) { _state = {
65 < int32s; ++i) { h0: 0x67452301,
66 < int32s; ++i) { h1: 0xEFCDAB89,
67 < int32s; ++i) { h2: 0x98BADCFE,
68 < int32s; ++i) { h3: 0x10325476,
69 < int32s; ++i) { h4: 0xC3D2E1F0
70 < int32s; ++i) { };
71 < int32s; ++i) { return md;
72 < int32s; ++i) { };
73 < int32s; ++i) { // start digest automatically for first time
74 < int32s; ++i) { md.start();
75  
76 < int32s; ++i) { /**
77 < int32s; ++i) { * Updates the digest with the given message input. The given input can
78 < int32s; ++i) { * treated as raw input (no encoding will be applied) or an encoding of
79 < int32s; ++i) { * 'utf8' maybe given to encode the input using UTF-8.
80 < int32s; ++i) { *
81 < int32s; ++i) { * @param msg the message input to update with.
82 < int32s; ++i) { * @param encoding the encoding to use (default: 'raw', other: 'utf8').
83 < int32s; ++i) { *
84 < int32s; ++i) { * @return this digest object.
85 < int32s; ++i) { */
86 < int32s; ++i) { md.update = function(msg, encoding) {
87 < int32s; ++i) { if(encoding === 'utf8') {
88 < int32s; ++i) { msg = forge.util.encodeUtf8(msg);
89 < int32s; ++i) { }
90  
91 < int32s; ++i) { // update message length
92 < int32s; ++i) { var len = msg.length;
93 < int32s; ++i) { md.messageLength += len;
94 < int32s; ++i) { len = [(len / 0x100000000) >>> 0, len >>> 0];
95 < int32s; ++i) { for(var i = md.fullMessageLength.length - 1; i >= 0; --i) {
96 < int32s; ++i) { md.fullMessageLength[i] += len[1];
97 < int32s; ++i) { len[1] = len[0] + ((md.fullMessageLength[i] / 0x100000000) >>> 0);
98 < int32s; ++i) { md.fullMessageLength[i] = md.fullMessageLength[i] >>> 0;
99 < int32s; ++i) { len[0] = ((len[1] / 0x100000000) >>> 0);
100 < int32s; ++i) { }
101  
102 < int32s; ++i) { // add bytes to input buffer
103 < int32s; ++i) { _input.putBytes(msg);
104  
105 < int32s; ++i) { // process bytes
106 < int32s; ++i) { _update(_state, _w, _input);
107  
108 < int32s; ++i) { // compact input buffer every 2K or if empty
109 < int32s; ++i) { if(_input.read > 2048 || _input.length() === 0) {
110 < int32s; ++i) { _input.compact();
111 < int32s; ++i) { }
112  
113 < int32s; ++i) { return md;
114 < int32s; ++i) { };
115  
116 < int32s; ++i) { /**
117 < int32s; ++i) { * Produces the digest.
118 < int32s; ++i) { *
119 < int32s; ++i) { * @return a byte buffer containing the digest value.
120 < int32s; ++i) { */
121 < int32s; ++i) { md.digest = function() {
122 < int32s; ++i) { /* Note: Here we copy the remaining bytes in the input buffer and
123 < int32s; ++i) { add the appropriate SHA-1 padding. Then we do the final update
124 < int32s; ++i) { on a copy of the state so that if the user wants to get
125 < int32s; ++i) { intermediate digests they can do so. */
126  
127 < int32s; ++i) { /* Determine the number of bytes that must be added to the message
128 < int32s; ++i) { to ensure its length is congruent to 448 mod 512. In other words,
129 < int32s; ++i) { the data to be digested must be a multiple of 512 bits (or 128 bytes).
130 < int32s; ++i) { This data includes the message, some padding, and the length of the
131 < int32s; ++i) { message. Since the length of the message will be encoded as 8 bytes (64
132 < int32s; ++i) { bits), that means that the last segment of the data must have 56 bytes
133 < int32s; ++i) { (448 bits) of message and padding. Therefore, the length of the message
134 < int32s; ++i) { plus the padding must be congruent to 448 mod 512 because
135 < int32s; ++i) { 512 - 128 = 448.
136  
137 < int32s; ++i) { In order to fill up the message length it must be filled with
138 < int32s; ++i) { padding that begins with 1 bit followed by all 0 bits. Padding
139 < int32s; ++i) { must *always* be present, so if the message length is already
140 < int32s; ++i) { congruent to 448 mod 512, then 512 padding bits must be added. */
141  
142 < int32s; ++i) { var finalBlock = forge.util.createBuffer();
143 < int32s; ++i) { finalBlock.putBytes(_input.bytes());
144  
145 < int32s; ++i) { // compute remaining size to be digested (include message length size)
146 < int32s; ++i) { var remaining = (
147 < int32s; ++i) { md.fullMessageLength[md.fullMessageLength.length - 1] +
148 < int32s; ++i) { md.messageLengthSize);
149  
150 < int32s; ++i) { // add padding for overflow blockSize - overflow
151 < int32s; ++i) { // _padding starts with 1 byte with first bit is set (byte value 128), then
152 < int32s; ++i) { // there may be up to (blockSize - 1) other pad bytes
153 < int32s; ++i) { var overflow = remaining & (md.blockLength - 1);
154 < int32s; ++i) { finalBlock.putBytes(_padding.substr(0, md.blockLength - overflow));
155  
156 < int32s; ++i) { // serialize message length in bits in big-endian order; since length
157 < int32s; ++i) { // is stored in bytes we multiply by 8 and add carry from next int
158 < int32s; ++i) { var next, carry;
159 < int32s; ++i) { var bits = md.fullMessageLength[0] * 8;
160 < int32s; ++i) { for(var i = 0; i < md.fullMessageLength.length - 1; ++i) {
161 < int32s; ++i) { next = md.fullMessageLength[i + 1] * 8;
162 < int32s; ++i) { carry = (next / 0x100000000) >>> 0;
163 < int32s; ++i) { bits += carry;
164 < int32s; ++i) { finalBlock.putInt32(bits >>> 0);
165 < int32s; ++i) { bits = next >>> 0;
166 < int32s; ++i) { }
167 < int32s; ++i) { finalBlock.putInt32(bits);
168  
169 < int32s; ++i) { var s2 = {
170 < int32s; ++i) { h0: _state.h0,
171 < int32s; ++i) { h1: _state.h1,
172 < int32s; ++i) { h2: _state.h2,
173 < int32s; ++i) { h3: _state.h3,
174 < int32s; ++i) { h4: _state.h4
175 < int32s; ++i) { };
176 < int32s; ++i) { _update(s2, _w, finalBlock);
177 < int32s; ++i) { var rval = forge.util.createBuffer();
178 < int32s; ++i) { rval.putInt32(s2.h0);
179 < int32s; ++i) { rval.putInt32(s2.h1);
180 < int32s; ++i) { rval.putInt32(s2.h2);
181 < int32s; ++i) { rval.putInt32(s2.h3);
182 < int32s; ++i) { rval.putInt32(s2.h4);
183 < int32s; ++i) { return rval;
184 < int32s; ++i) { };
185  
186 < int32s; ++i) { return md;
187 < int32s; ++i) {};
188  
189 < int32s; ++i) {// sha-1 padding bytes not initialized yet
190 < int32s; ++i) {var _padding = null;
191 < int32s; ++i) {var _initialized = false;
192  
193 < int32s; ++i) {/**
194 < int32s; ++i) { * Initializes the constant tables.
195 < int32s; ++i) { */
196 < int32s; ++i) {function _init() {
197 < int32s; ++i) { // create padding
198 < int32s; ++i) { _padding = String.fromCharCode(128);
199 < int32s; ++i) { _padding += forge.util.fillString(String.fromCharCode(0x00), 64);
200  
201 < int32s; ++i) { // now initialized
202 < int32s; ++i) { _initialized = true;
203 < int32s; ++i) {}
204  
205 < int32s; ++i) {/**
206 < int32s; ++i) { * Updates a SHA-1 state with the given byte buffer.
207 < int32s; ++i) { *
208 < int32s; ++i) { * @param s the SHA-1 state to update.
209 < int32s; ++i) { * @param w the array to use to store words.
210 < int32s; ++i) { * @param bytes the byte buffer to update with.
211 < int32s; ++i) { */
212 < int32s; ++i) {function _update(s, w, bytes) {
213 < int32s; ++i) { // consume 512 bit (64 byte) chunks
214 < int32s; ++i) { var t, a, b, c, d, e, f, i;
215 < int32s; ++i) { var len = bytes.length();
216 < int32s; ++i) { while(len >= 64) {
217 < int32s; ++i) { // the w array will be populated with sixteen 32-bit big-endian words
218 < int32s; ++i) { // and then extended into 80 32-bit words according to SHA-1 algorithm
219 < int32s; ++i) { // and for 32-79 using Max Locktyukhin's optimization
220  
221 < int32s; ++i) { // initialize hash value for this chunk
222 < int32s; ++i) { a = s.h0;
223 < int32s; ++i) { b = s.h1;
224 < int32s; ++i) { c = s.h2;
225 < int32s; ++i) { d = s.h3;
226 < int32s; ++i) { e = s.h4;
227  
228 < int32s; ++i) { // round 1
229 < int32s; ++i) { for(i = 0; i < 16; ++i) {
230 < int32s; ++i) {< 16; ++i) { t = bytes.getInt32();
231 < int32s; ++i) {< 16; ++i) { w[i] = t;
232 < int32s; ++i) {< 16; ++i) { f = d ^ (b & (c ^ d));
233 < int32s; ++i) {< 16; ++i) { t = ((a << 5) | (a >>> 27)) + f + e + 0x5A827999 + t;
234 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > e = d;
235 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > d = c;
236 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // `>>> 0` necessary to avoid iOS/Safari 10 optimization bug
237 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > c = ((b << 30) | (b >>> 2)) >>> 0;
238 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > b = a;
239 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > a = t;
240 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > }
241 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > for(; i < 20; ++i) {
242 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16]);
243 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (t << 1) | (t >>> 31);
244 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > w[i] = t;
245 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > f = d ^ (b & (c ^ d));
246 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = ((a << 5) | (a >>> 27)) + f + e + 0x5A827999 + t;
247 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > e = d;
248 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > d = c;
249 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // `>>> 0` necessary to avoid iOS/Safari 10 optimization bug
250 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > c = ((b << 30) | (b >>> 2)) >>> 0;
251 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > b = a;
252 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > a = t;
253 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > }
254 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // round 2
255 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > for(; i < 32; ++i) {
256 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16]);
257 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (t << 1) | (t >>> 31);
258 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > w[i] = t;
259 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > f = b ^ c ^ d;
260 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = ((a << 5) | (a >>> 27)) + f + e + 0x6ED9EBA1 + t;
261 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > e = d;
262 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > d = c;
263 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // `>>> 0` necessary to avoid iOS/Safari 10 optimization bug
264 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > c = ((b << 30) | (b >>> 2)) >>> 0;
265 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > b = a;
266 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > a = t;
267 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > }
268 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > for(; i < 40; ++i) {
269 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (w[i - 6] ^ w[i - 16] ^ w[i - 28] ^ w[i - 32]);
270 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (t << 2) | (t >>> 30);
271 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > w[i] = t;
272 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > f = b ^ c ^ d;
273 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = ((a << 5) | (a >>> 27)) + f + e + 0x6ED9EBA1 + t;
274 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > e = d;
275 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > d = c;
276 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // `>>> 0` necessary to avoid iOS/Safari 10 optimization bug
277 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > c = ((b << 30) | (b >>> 2)) >>> 0;
278 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > b = a;
279 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > a = t;
280 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > }
281 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // round 3
282 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > for(; i < 60; ++i) {
283 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (w[i - 6] ^ w[i - 16] ^ w[i - 28] ^ w[i - 32]);
284 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (t << 2) | (t >>> 30);
285 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > w[i] = t;
286 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > f = (b & c) | (d & (b ^ c));
287 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = ((a << 5) | (a >>> 27)) + f + e + 0x8F1BBCDC + t;
288 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > e = d;
289 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > d = c;
290 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // `>>> 0` necessary to avoid iOS/Safari 10 optimization bug
291 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > c = ((b << 30) | (b >>> 2)) >>> 0;
292 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > b = a;
293 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > a = t;
294 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > }
295 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // round 4
296 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > for(; i < 80; ++i) {
297 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (w[i - 6] ^ w[i - 16] ^ w[i - 28] ^ w[i - 32]);
298 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = (t << 2) | (t >>> 30);
299 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > w[i] = t;
300 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > f = b ^ c ^ d;
301 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > t = ((a << 5) | (a >>> 27)) + f + e + 0xCA62C1D6 + t;
302 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > e = d;
303 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > d = c;
304 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // `>>> 0` necessary to avoid iOS/Safari 10 optimization bug
305 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > c = ((b << 30) | (b >>> 2)) >>> 0;
306 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > b = a;
307 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > a = t;
308 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > }
309  
310 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > // update hash state
311 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > s.h0 = (s.h0 + a) | 0;
312 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > s.h1 = (s.h1 + b) | 0;
313 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > s.h2 = (s.h2 + c) | 0;
314 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > s.h3 = (s.h3 + d) | 0;
315 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > s.h4 = (s.h4 + e) | 0;
316  
317 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > len -= 64;
318 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a > }
319 < int32s; ++i) {< 16; ++i) {<< 5) | (a >< 5) | (a >}