OpenWrt – Blame information for rev 4
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
1 | office | 1 | /* |
2 | * Copyright (C) 2016 Felix Fietkau <nbd@nbd.name> |
||
3 | * |
||
4 | * Permission to use, copy, modify, and/or distribute this software for any |
||
5 | * purpose with or without fee is hereby granted, provided that the above |
||
6 | * copyright notice and this permission notice appear in all copies. |
||
7 | * |
||
8 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
||
9 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
||
10 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
||
11 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
||
12 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
||
13 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
||
15 | * |
||
16 | * -- MD5 code: |
||
17 | * |
||
18 | * This is an OpenSSL-compatible implementation of the RSA Data Security, Inc. |
||
19 | * MD5 Message-Digest Algorithm (RFC 1321). |
||
20 | * |
||
21 | * Homepage: |
||
22 | * http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5 |
||
23 | * |
||
24 | * Author: |
||
25 | * Alexander Peslyak, better known as Solar Designer <solar at openwall.com> |
||
26 | * |
||
27 | * This software was written by Alexander Peslyak in 2001. No copyright is |
||
28 | * claimed, and the software is hereby placed in the public domain. |
||
29 | * In case this attempt to disclaim copyright and place the software in the |
||
30 | * public domain is deemed null and void, then the software is |
||
31 | * Copyright (c) 2001 Alexander Peslyak and it is hereby released to the |
||
32 | * general public under the following terms: |
||
33 | * |
||
34 | * Redistribution and use in source and binary forms, with or without |
||
35 | * modification, are permitted. |
||
36 | * |
||
37 | * There's ABSOLUTELY NO WARRANTY, express or implied. |
||
38 | * |
||
39 | * (This is a heavily cut-down "BSD license".) |
||
40 | * |
||
41 | * This differs from Colin Plumb's older public domain implementation in that |
||
42 | * no exactly 32-bit integer data type is required (any 32-bit or wider |
||
43 | * unsigned integer data type will do), there's no compile-time endianness |
||
44 | * configuration, and the function prototypes match OpenSSL's. No code from |
||
45 | * Colin Plumb's implementation has been reused; this comment merely compares |
||
46 | * the properties of the two independent implementations. |
||
47 | * |
||
48 | * The primary goals of this implementation are portability and ease of use. |
||
49 | * It is meant to be fast, but not as fast as possible. Some known |
||
50 | * optimizations are not included to reduce source code size and avoid |
||
51 | * compile-time configuration. |
||
52 | * |
||
53 | * -- SHA256 Code: |
||
54 | * |
||
55 | * Copyright 2005 Colin Percival |
||
56 | * All rights reserved. |
||
57 | * |
||
58 | * Redistribution and use in source and binary forms, with or without |
||
59 | * modification, are permitted provided that the following conditions |
||
60 | * are met: |
||
61 | * 1. Redistributions of source code must retain the above copyright |
||
62 | * notice, this list of conditions and the following disclaimer. |
||
63 | * 2. Redistributions in binary form must reproduce the above copyright |
||
64 | * notice, this list of conditions and the following disclaimer in the |
||
65 | * documentation and/or other materials provided with the distribution. |
||
66 | * |
||
67 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND |
||
68 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
||
69 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
||
70 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
||
71 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
||
72 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
||
73 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
||
74 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
||
75 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
||
76 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
||
77 | * SUCH DAMAGE. |
||
78 | */ |
||
79 | |||
80 | |||
81 | |||
82 | #include <endian.h> |
||
83 | #include <stdio.h> |
||
84 | #include <string.h> |
||
85 | #include <stdint.h> |
||
86 | #include <stdbool.h> |
||
87 | #include <unistd.h> |
||
88 | |||
89 | #define ARRAY_SIZE(_n) (sizeof(_n) / sizeof((_n)[0])) |
||
90 | |||
91 | static void |
||
92 | be32enc(void *buf, uint32_t u) |
||
93 | { |
||
94 | uint8_t *p = buf; |
||
95 | |||
96 | p[0] = ((uint8_t) ((u >> 24) & 0xff)); |
||
97 | p[1] = ((uint8_t) ((u >> 16) & 0xff)); |
||
98 | p[2] = ((uint8_t) ((u >> 8) & 0xff)); |
||
99 | p[3] = ((uint8_t) (u & 0xff)); |
||
100 | } |
||
101 | |||
102 | static void |
||
103 | be64enc(void *buf, uint64_t u) |
||
104 | { |
||
105 | uint8_t *p = buf; |
||
106 | |||
107 | be32enc(p, ((uint32_t) (u >> 32))); |
||
108 | be32enc(p + 4, ((uint32_t) (u & 0xffffffffULL))); |
||
109 | } |
||
110 | |||
111 | |||
112 | static uint16_t |
||
113 | be16dec(const void *buf) |
||
114 | { |
||
115 | const uint8_t *p = buf; |
||
116 | |||
117 | return (((uint16_t) p[0]) << 8) | p[1]; |
||
118 | } |
||
119 | |||
120 | static uint32_t |
||
121 | be32dec(const void *buf) |
||
122 | { |
||
123 | const uint8_t *p = buf; |
||
124 | |||
125 | return (((uint32_t) be16dec(p)) << 16) | be16dec(p + 2); |
||
126 | } |
||
127 | |||
128 | #define MD5_DIGEST_LENGTH 16 |
||
129 | |||
130 | typedef struct MD5_CTX { |
||
131 | uint32_t lo, hi; |
||
132 | uint32_t a, b, c, d; |
||
133 | unsigned char buffer[64]; |
||
134 | } MD5_CTX; |
||
135 | |||
136 | /* |
||
137 | * The basic MD5 functions. |
||
138 | * |
||
139 | * F and G are optimized compared to their RFC 1321 definitions for |
||
140 | * architectures that lack an AND-NOT instruction, just like in Colin Plumb's |
||
141 | * implementation. |
||
142 | */ |
||
143 | #define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) |
||
144 | #define G(x, y, z) ((y) ^ ((z) & ((x) ^ (y)))) |
||
145 | #define H(x, y, z) (((x) ^ (y)) ^ (z)) |
||
146 | #define H2(x, y, z) ((x) ^ ((y) ^ (z))) |
||
147 | #define I(x, y, z) ((y) ^ ((x) | ~(z))) |
||
148 | |||
149 | /* |
||
150 | * The MD5 transformation for all four rounds. |
||
151 | */ |
||
152 | #define STEP(f, a, b, c, d, x, t, s) \ |
||
153 | (a) += f((b), (c), (d)) + (x) + (t); \ |
||
154 | (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \ |
||
155 | (a) += (b); |
||
156 | |||
157 | /* |
||
158 | * SET reads 4 input bytes in little-endian byte order and stores them |
||
159 | * in a properly aligned word in host byte order. |
||
160 | */ |
||
161 | #if __BYTE_ORDER == __LITTLE_ENDIAN |
||
162 | #define SET(n) \ |
||
163 | (*(uint32_t *)&ptr[(n) * 4]) |
||
164 | #define GET(n) \ |
||
165 | SET(n) |
||
166 | #else |
||
167 | #define SET(n) \ |
||
168 | (block[(n)] = \ |
||
169 | (uint32_t)ptr[(n) * 4] | \ |
||
170 | ((uint32_t)ptr[(n) * 4 + 1] << 8) | \ |
||
171 | ((uint32_t)ptr[(n) * 4 + 2] << 16) | \ |
||
172 | ((uint32_t)ptr[(n) * 4 + 3] << 24)) |
||
173 | #define GET(n) \ |
||
174 | (block[(n)]) |
||
175 | #endif |
||
176 | |||
177 | /* |
||
178 | * This processes one or more 64-byte data blocks, but does NOT update |
||
179 | * the bit counters. There are no alignment requirements. |
||
180 | */ |
||
181 | static const void *MD5_body(MD5_CTX *ctx, const void *data, unsigned long size) |
||
182 | { |
||
183 | const unsigned char *ptr; |
||
184 | uint32_t a, b, c, d; |
||
185 | uint32_t saved_a, saved_b, saved_c, saved_d; |
||
186 | #if __BYTE_ORDER != __LITTLE_ENDIAN |
||
187 | uint32_t block[16]; |
||
188 | #endif |
||
189 | |||
190 | ptr = (const unsigned char *)data; |
||
191 | |||
192 | a = ctx->a; |
||
193 | b = ctx->b; |
||
194 | c = ctx->c; |
||
195 | d = ctx->d; |
||
196 | |||
197 | do { |
||
198 | saved_a = a; |
||
199 | saved_b = b; |
||
200 | saved_c = c; |
||
201 | saved_d = d; |
||
202 | |||
203 | /* Round 1 */ |
||
204 | STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7) |
||
205 | STEP(F, d, a, b, c, SET(1), 0xe8c7b756, 12) |
||
206 | STEP(F, c, d, a, b, SET(2), 0x242070db, 17) |
||
207 | STEP(F, b, c, d, a, SET(3), 0xc1bdceee, 22) |
||
208 | STEP(F, a, b, c, d, SET(4), 0xf57c0faf, 7) |
||
209 | STEP(F, d, a, b, c, SET(5), 0x4787c62a, 12) |
||
210 | STEP(F, c, d, a, b, SET(6), 0xa8304613, 17) |
||
211 | STEP(F, b, c, d, a, SET(7), 0xfd469501, 22) |
||
212 | STEP(F, a, b, c, d, SET(8), 0x698098d8, 7) |
||
213 | STEP(F, d, a, b, c, SET(9), 0x8b44f7af, 12) |
||
214 | STEP(F, c, d, a, b, SET(10), 0xffff5bb1, 17) |
||
215 | STEP(F, b, c, d, a, SET(11), 0x895cd7be, 22) |
||
216 | STEP(F, a, b, c, d, SET(12), 0x6b901122, 7) |
||
217 | STEP(F, d, a, b, c, SET(13), 0xfd987193, 12) |
||
218 | STEP(F, c, d, a, b, SET(14), 0xa679438e, 17) |
||
219 | STEP(F, b, c, d, a, SET(15), 0x49b40821, 22) |
||
220 | |||
221 | /* Round 2 */ |
||
222 | STEP(G, a, b, c, d, GET(1), 0xf61e2562, 5) |
||
223 | STEP(G, d, a, b, c, GET(6), 0xc040b340, 9) |
||
224 | STEP(G, c, d, a, b, GET(11), 0x265e5a51, 14) |
||
225 | STEP(G, b, c, d, a, GET(0), 0xe9b6c7aa, 20) |
||
226 | STEP(G, a, b, c, d, GET(5), 0xd62f105d, 5) |
||
227 | STEP(G, d, a, b, c, GET(10), 0x02441453, 9) |
||
228 | STEP(G, c, d, a, b, GET(15), 0xd8a1e681, 14) |
||
229 | STEP(G, b, c, d, a, GET(4), 0xe7d3fbc8, 20) |
||
230 | STEP(G, a, b, c, d, GET(9), 0x21e1cde6, 5) |
||
231 | STEP(G, d, a, b, c, GET(14), 0xc33707d6, 9) |
||
232 | STEP(G, c, d, a, b, GET(3), 0xf4d50d87, 14) |
||
233 | STEP(G, b, c, d, a, GET(8), 0x455a14ed, 20) |
||
234 | STEP(G, a, b, c, d, GET(13), 0xa9e3e905, 5) |
||
235 | STEP(G, d, a, b, c, GET(2), 0xfcefa3f8, 9) |
||
236 | STEP(G, c, d, a, b, GET(7), 0x676f02d9, 14) |
||
237 | STEP(G, b, c, d, a, GET(12), 0x8d2a4c8a, 20) |
||
238 | |||
239 | /* Round 3 */ |
||
240 | STEP(H, a, b, c, d, GET(5), 0xfffa3942, 4) |
||
241 | STEP(H2, d, a, b, c, GET(8), 0x8771f681, 11) |
||
242 | STEP(H, c, d, a, b, GET(11), 0x6d9d6122, 16) |
||
243 | STEP(H2, b, c, d, a, GET(14), 0xfde5380c, 23) |
||
244 | STEP(H, a, b, c, d, GET(1), 0xa4beea44, 4) |
||
245 | STEP(H2, d, a, b, c, GET(4), 0x4bdecfa9, 11) |
||
246 | STEP(H, c, d, a, b, GET(7), 0xf6bb4b60, 16) |
||
247 | STEP(H2, b, c, d, a, GET(10), 0xbebfbc70, 23) |
||
248 | STEP(H, a, b, c, d, GET(13), 0x289b7ec6, 4) |
||
249 | STEP(H2, d, a, b, c, GET(0), 0xeaa127fa, 11) |
||
250 | STEP(H, c, d, a, b, GET(3), 0xd4ef3085, 16) |
||
251 | STEP(H2, b, c, d, a, GET(6), 0x04881d05, 23) |
||
252 | STEP(H, a, b, c, d, GET(9), 0xd9d4d039, 4) |
||
253 | STEP(H2, d, a, b, c, GET(12), 0xe6db99e5, 11) |
||
254 | STEP(H, c, d, a, b, GET(15), 0x1fa27cf8, 16) |
||
255 | STEP(H2, b, c, d, a, GET(2), 0xc4ac5665, 23) |
||
256 | |||
257 | /* Round 4 */ |
||
258 | STEP(I, a, b, c, d, GET(0), 0xf4292244, 6) |
||
259 | STEP(I, d, a, b, c, GET(7), 0x432aff97, 10) |
||
260 | STEP(I, c, d, a, b, GET(14), 0xab9423a7, 15) |
||
261 | STEP(I, b, c, d, a, GET(5), 0xfc93a039, 21) |
||
262 | STEP(I, a, b, c, d, GET(12), 0x655b59c3, 6) |
||
263 | STEP(I, d, a, b, c, GET(3), 0x8f0ccc92, 10) |
||
264 | STEP(I, c, d, a, b, GET(10), 0xffeff47d, 15) |
||
265 | STEP(I, b, c, d, a, GET(1), 0x85845dd1, 21) |
||
266 | STEP(I, a, b, c, d, GET(8), 0x6fa87e4f, 6) |
||
267 | STEP(I, d, a, b, c, GET(15), 0xfe2ce6e0, 10) |
||
268 | STEP(I, c, d, a, b, GET(6), 0xa3014314, 15) |
||
269 | STEP(I, b, c, d, a, GET(13), 0x4e0811a1, 21) |
||
270 | STEP(I, a, b, c, d, GET(4), 0xf7537e82, 6) |
||
271 | STEP(I, d, a, b, c, GET(11), 0xbd3af235, 10) |
||
272 | STEP(I, c, d, a, b, GET(2), 0x2ad7d2bb, 15) |
||
273 | STEP(I, b, c, d, a, GET(9), 0xeb86d391, 21) |
||
274 | |||
275 | a += saved_a; |
||
276 | b += saved_b; |
||
277 | c += saved_c; |
||
278 | d += saved_d; |
||
279 | |||
280 | ptr += 64; |
||
281 | } while (size -= 64); |
||
282 | |||
283 | ctx->a = a; |
||
284 | ctx->b = b; |
||
285 | ctx->c = c; |
||
286 | ctx->d = d; |
||
287 | |||
288 | return ptr; |
||
289 | } |
||
290 | |||
291 | void MD5_begin(MD5_CTX *ctx) |
||
292 | { |
||
293 | ctx->a = 0x67452301; |
||
294 | ctx->b = 0xefcdab89; |
||
295 | ctx->c = 0x98badcfe; |
||
296 | ctx->d = 0x10325476; |
||
297 | |||
298 | ctx->lo = 0; |
||
299 | ctx->hi = 0; |
||
300 | } |
||
301 | |||
302 | static void |
||
303 | MD5_hash(const void *data, size_t size, MD5_CTX *ctx) |
||
304 | { |
||
305 | uint32_t saved_lo; |
||
306 | unsigned long used, available; |
||
307 | |||
308 | saved_lo = ctx->lo; |
||
309 | if ((ctx->lo = (saved_lo + size) & 0x1fffffff) < saved_lo) |
||
310 | ctx->hi++; |
||
311 | ctx->hi += size >> 29; |
||
312 | |||
313 | used = saved_lo & 0x3f; |
||
314 | |||
315 | if (used) { |
||
316 | available = 64 - used; |
||
317 | |||
318 | if (size < available) { |
||
319 | memcpy(&ctx->buffer[used], data, size); |
||
320 | return; |
||
321 | } |
||
322 | |||
323 | memcpy(&ctx->buffer[used], data, available); |
||
324 | data = (const unsigned char *)data + available; |
||
325 | size -= available; |
||
326 | MD5_body(ctx, ctx->buffer, 64); |
||
327 | } |
||
328 | |||
329 | if (size >= 64) { |
||
330 | data = MD5_body(ctx, data, size & ~((size_t) 0x3f)); |
||
331 | size &= 0x3f; |
||
332 | } |
||
333 | |||
334 | memcpy(ctx->buffer, data, size); |
||
335 | } |
||
336 | |||
337 | static void |
||
338 | MD5_end(void *resbuf, MD5_CTX *ctx) |
||
339 | { |
||
340 | unsigned char *result = resbuf; |
||
341 | unsigned long used, available; |
||
342 | |||
343 | used = ctx->lo & 0x3f; |
||
344 | |||
345 | ctx->buffer[used++] = 0x80; |
||
346 | |||
347 | available = 64 - used; |
||
348 | |||
349 | if (available < 8) { |
||
350 | memset(&ctx->buffer[used], 0, available); |
||
351 | MD5_body(ctx, ctx->buffer, 64); |
||
352 | used = 0; |
||
353 | available = 64; |
||
354 | } |
||
355 | |||
356 | memset(&ctx->buffer[used], 0, available - 8); |
||
357 | |||
358 | ctx->lo <<= 3; |
||
359 | ctx->buffer[56] = ctx->lo; |
||
360 | ctx->buffer[57] = ctx->lo >> 8; |
||
361 | ctx->buffer[58] = ctx->lo >> 16; |
||
362 | ctx->buffer[59] = ctx->lo >> 24; |
||
363 | ctx->buffer[60] = ctx->hi; |
||
364 | ctx->buffer[61] = ctx->hi >> 8; |
||
365 | ctx->buffer[62] = ctx->hi >> 16; |
||
366 | ctx->buffer[63] = ctx->hi >> 24; |
||
367 | |||
368 | MD5_body(ctx, ctx->buffer, 64); |
||
369 | |||
370 | result[0] = ctx->a; |
||
371 | result[1] = ctx->a >> 8; |
||
372 | result[2] = ctx->a >> 16; |
||
373 | result[3] = ctx->a >> 24; |
||
374 | result[4] = ctx->b; |
||
375 | result[5] = ctx->b >> 8; |
||
376 | result[6] = ctx->b >> 16; |
||
377 | result[7] = ctx->b >> 24; |
||
378 | result[8] = ctx->c; |
||
379 | result[9] = ctx->c >> 8; |
||
380 | result[10] = ctx->c >> 16; |
||
381 | result[11] = ctx->c >> 24; |
||
382 | result[12] = ctx->d; |
||
383 | result[13] = ctx->d >> 8; |
||
384 | result[14] = ctx->d >> 16; |
||
385 | result[15] = ctx->d >> 24; |
||
386 | |||
387 | memset(ctx, 0, sizeof(*ctx)); |
||
388 | } |
||
389 | |||
390 | #define SHA256_BLOCK_LENGTH 64 |
||
391 | #define SHA256_DIGEST_LENGTH 32 |
||
392 | #define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1) |
||
393 | |||
394 | typedef struct SHA256Context { |
||
395 | uint32_t state[8]; |
||
396 | uint64_t count; |
||
397 | uint8_t buf[SHA256_BLOCK_LENGTH]; |
||
398 | } SHA256_CTX; |
||
399 | |||
400 | #if BYTE_ORDER == BIG_ENDIAN |
||
401 | |||
402 | /* Copy a vector of big-endian uint32_t into a vector of bytes */ |
||
403 | #define be32enc_vect(dst, src, len) \ |
||
404 | memcpy((void *)dst, (const void *)src, (size_t)len) |
||
405 | |||
406 | /* Copy a vector of bytes into a vector of big-endian uint32_t */ |
||
407 | #define be32dec_vect(dst, src, len) \ |
||
408 | memcpy((void *)dst, (const void *)src, (size_t)len) |
||
409 | |||
410 | #else /* BYTE_ORDER != BIG_ENDIAN */ |
||
411 | |||
412 | /* |
||
413 | * Encode a length len/4 vector of (uint32_t) into a length len vector of |
||
414 | * (unsigned char) in big-endian form. Assumes len is a multiple of 4. |
||
415 | */ |
||
416 | static void |
||
417 | be32enc_vect(unsigned char *dst, const uint32_t *src, size_t len) |
||
418 | { |
||
419 | size_t i; |
||
420 | |||
421 | for (i = 0; i < len / 4; i++) |
||
422 | be32enc(dst + i * 4, src[i]); |
||
423 | } |
||
424 | |||
425 | /* |
||
426 | * Decode a big-endian length len vector of (unsigned char) into a length |
||
427 | * len/4 vector of (uint32_t). Assumes len is a multiple of 4. |
||
428 | */ |
||
429 | static void |
||
430 | be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len) |
||
431 | { |
||
432 | size_t i; |
||
433 | |||
434 | for (i = 0; i < len / 4; i++) |
||
435 | dst[i] = be32dec(src + i * 4); |
||
436 | } |
||
437 | |||
438 | #endif /* BYTE_ORDER != BIG_ENDIAN */ |
||
439 | |||
440 | |||
441 | /* Elementary functions used by SHA256 */ |
||
442 | #define Ch(x, y, z) ((x & (y ^ z)) ^ z) |
||
443 | #define Maj(x, y, z) ((x & (y | z)) | (y & z)) |
||
444 | #define ROTR(x, n) ((x >> n) | (x << (32 - n))) |
||
445 | |||
446 | /* |
||
447 | * SHA256 block compression function. The 256-bit state is transformed via |
||
448 | * the 512-bit input block to produce a new state. |
||
449 | */ |
||
450 | static void |
||
451 | SHA256_Transform(uint32_t * state, const unsigned char block[64]) |
||
452 | { |
||
453 | /* SHA256 round constants. */ |
||
454 | static const uint32_t K[64] = { |
||
455 | 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, |
||
456 | 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, |
||
457 | 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, |
||
458 | 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, |
||
459 | 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, |
||
460 | 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, |
||
461 | 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, |
||
462 | 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, |
||
463 | 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, |
||
464 | 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, |
||
465 | 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, |
||
466 | 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, |
||
467 | 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, |
||
468 | 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, |
||
469 | 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, |
||
470 | 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 |
||
471 | }; |
||
472 | uint32_t W[64]; |
||
473 | uint32_t S[8]; |
||
474 | int i; |
||
475 | |||
476 | #define S0(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22)) |
||
477 | #define S1(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25)) |
||
478 | #define s0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ (x >> 3)) |
||
479 | #define s1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ (x >> 10)) |
||
480 | |||
481 | /* SHA256 round function */ |
||
482 | #define RND(a, b, c, d, e, f, g, h, k) \ |
||
483 | h += S1(e) + Ch(e, f, g) + k; \ |
||
484 | d += h; \ |
||
485 | h += S0(a) + Maj(a, b, c); |
||
486 | |||
487 | /* Adjusted round function for rotating state */ |
||
488 | #define RNDr(S, W, i, ii) \ |
||
489 | RND(S[(64 - i) % 8], S[(65 - i) % 8], \ |
||
490 | S[(66 - i) % 8], S[(67 - i) % 8], \ |
||
491 | S[(68 - i) % 8], S[(69 - i) % 8], \ |
||
492 | S[(70 - i) % 8], S[(71 - i) % 8], \ |
||
493 | W[i + ii] + K[i + ii]) |
||
494 | |||
495 | /* Message schedule computation */ |
||
496 | #define MSCH(W, ii, i) \ |
||
497 | W[i + ii + 16] = s1(W[i + ii + 14]) + W[i + ii + 9] + s0(W[i + ii + 1]) + W[i + ii] |
||
498 | |||
499 | /* 1. Prepare the first part of the message schedule W. */ |
||
500 | be32dec_vect(W, block, 64); |
||
501 | |||
502 | /* 2. Initialize working variables. */ |
||
503 | memcpy(S, state, 32); |
||
504 | |||
505 | /* 3. Mix. */ |
||
506 | for (i = 0; i < 64; i += 16) { |
||
507 | RNDr(S, W, 0, i); |
||
508 | RNDr(S, W, 1, i); |
||
509 | RNDr(S, W, 2, i); |
||
510 | RNDr(S, W, 3, i); |
||
511 | RNDr(S, W, 4, i); |
||
512 | RNDr(S, W, 5, i); |
||
513 | RNDr(S, W, 6, i); |
||
514 | RNDr(S, W, 7, i); |
||
515 | RNDr(S, W, 8, i); |
||
516 | RNDr(S, W, 9, i); |
||
517 | RNDr(S, W, 10, i); |
||
518 | RNDr(S, W, 11, i); |
||
519 | RNDr(S, W, 12, i); |
||
520 | RNDr(S, W, 13, i); |
||
521 | RNDr(S, W, 14, i); |
||
522 | RNDr(S, W, 15, i); |
||
523 | |||
524 | if (i == 48) |
||
525 | break; |
||
526 | MSCH(W, 0, i); |
||
527 | MSCH(W, 1, i); |
||
528 | MSCH(W, 2, i); |
||
529 | MSCH(W, 3, i); |
||
530 | MSCH(W, 4, i); |
||
531 | MSCH(W, 5, i); |
||
532 | MSCH(W, 6, i); |
||
533 | MSCH(W, 7, i); |
||
534 | MSCH(W, 8, i); |
||
535 | MSCH(W, 9, i); |
||
536 | MSCH(W, 10, i); |
||
537 | MSCH(W, 11, i); |
||
538 | MSCH(W, 12, i); |
||
539 | MSCH(W, 13, i); |
||
540 | MSCH(W, 14, i); |
||
541 | MSCH(W, 15, i); |
||
542 | } |
||
543 | |||
544 | #undef S0 |
||
545 | #undef s0 |
||
546 | #undef S1 |
||
547 | #undef s1 |
||
548 | #undef RND |
||
549 | #undef RNDr |
||
550 | #undef MSCH |
||
551 | |||
552 | /* 4. Mix local working variables into global state */ |
||
553 | for (i = 0; i < 8; i++) |
||
554 | state[i] += S[i]; |
||
555 | } |
||
556 | |||
557 | static unsigned char PAD[64] = { |
||
558 | 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, |
||
559 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, |
||
560 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, |
||
561 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 |
||
562 | }; |
||
563 | |||
564 | /* Add padding and terminating bit-count. */ |
||
565 | static void |
||
566 | SHA256_Pad(SHA256_CTX * ctx) |
||
567 | { |
||
568 | size_t r; |
||
569 | |||
570 | /* Figure out how many bytes we have buffered. */ |
||
571 | r = (ctx->count >> 3) & 0x3f; |
||
572 | |||
573 | /* Pad to 56 mod 64, transforming if we finish a block en route. */ |
||
574 | if (r < 56) { |
||
575 | /* Pad to 56 mod 64. */ |
||
576 | memcpy(&ctx->buf[r], PAD, 56 - r); |
||
577 | } else { |
||
578 | /* Finish the current block and mix. */ |
||
579 | memcpy(&ctx->buf[r], PAD, 64 - r); |
||
580 | SHA256_Transform(ctx->state, ctx->buf); |
||
581 | |||
582 | /* The start of the final block is all zeroes. */ |
||
583 | memset(&ctx->buf[0], 0, 56); |
||
584 | } |
||
585 | |||
586 | /* Add the terminating bit-count. */ |
||
587 | be64enc(&ctx->buf[56], ctx->count); |
||
588 | |||
589 | /* Mix in the final block. */ |
||
590 | SHA256_Transform(ctx->state, ctx->buf); |
||
591 | } |
||
592 | |||
593 | /* SHA-256 initialization. Begins a SHA-256 operation. */ |
||
594 | static void |
||
595 | SHA256_Init(SHA256_CTX * ctx) |
||
596 | { |
||
597 | |||
598 | /* Zero bits processed so far */ |
||
599 | ctx->count = 0; |
||
600 | |||
601 | /* Magic initialization constants */ |
||
602 | ctx->state[0] = 0x6A09E667; |
||
603 | ctx->state[1] = 0xBB67AE85; |
||
604 | ctx->state[2] = 0x3C6EF372; |
||
605 | ctx->state[3] = 0xA54FF53A; |
||
606 | ctx->state[4] = 0x510E527F; |
||
607 | ctx->state[5] = 0x9B05688C; |
||
608 | ctx->state[6] = 0x1F83D9AB; |
||
609 | ctx->state[7] = 0x5BE0CD19; |
||
610 | } |
||
611 | |||
612 | /* Add bytes into the hash */ |
||
613 | static void |
||
614 | SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len) |
||
615 | { |
||
616 | uint64_t bitlen; |
||
617 | uint32_t r; |
||
618 | const unsigned char *src = in; |
||
619 | |||
620 | /* Number of bytes left in the buffer from previous updates */ |
||
621 | r = (ctx->count >> 3) & 0x3f; |
||
622 | |||
623 | /* Convert the length into a number of bits */ |
||
624 | bitlen = len << 3; |
||
625 | |||
626 | /* Update number of bits */ |
||
627 | ctx->count += bitlen; |
||
628 | |||
629 | /* Handle the case where we don't need to perform any transforms */ |
||
630 | if (len < 64 - r) { |
||
631 | memcpy(&ctx->buf[r], src, len); |
||
632 | return; |
||
633 | } |
||
634 | |||
635 | /* Finish the current block */ |
||
636 | memcpy(&ctx->buf[r], src, 64 - r); |
||
637 | SHA256_Transform(ctx->state, ctx->buf); |
||
638 | src += 64 - r; |
||
639 | len -= 64 - r; |
||
640 | |||
641 | /* Perform complete blocks */ |
||
642 | while (len >= 64) { |
||
643 | SHA256_Transform(ctx->state, src); |
||
644 | src += 64; |
||
645 | len -= 64; |
||
646 | } |
||
647 | |||
648 | /* Copy left over data into buffer */ |
||
649 | memcpy(ctx->buf, src, len); |
||
650 | } |
||
651 | |||
652 | /* |
||
653 | * SHA-256 finalization. Pads the input data, exports the hash value, |
||
654 | * and clears the context state. |
||
655 | */ |
||
656 | static void |
||
657 | SHA256_Final(unsigned char digest[static SHA256_DIGEST_LENGTH], SHA256_CTX *ctx) |
||
658 | { |
||
659 | /* Add padding */ |
||
660 | SHA256_Pad(ctx); |
||
661 | |||
662 | /* Write the hash */ |
||
663 | be32enc_vect(digest, ctx->state, SHA256_DIGEST_LENGTH); |
||
664 | |||
665 | /* Clear the context state */ |
||
666 | memset(ctx, 0, sizeof(*ctx)); |
||
667 | } |
||
668 | |||
669 | static void *hash_buf(FILE *f, int *len) |
||
670 | { |
||
671 | static char buf[1024]; |
||
672 | |||
673 | *len = fread(buf, 1, sizeof(buf), f); |
||
674 | |||
675 | return *len > 0 ? buf : NULL; |
||
676 | } |
||
677 | |||
678 | static char *hash_string(unsigned char *buf, int len) |
||
679 | { |
||
680 | static char str[SHA256_DIGEST_LENGTH * 2 + 1]; |
||
681 | int i; |
||
682 | |||
683 | if (len * 2 + 1 > sizeof(str)) |
||
684 | return NULL; |
||
685 | |||
686 | for (i = 0; i < len; i++) |
||
687 | sprintf(&str[i * 2], "%02x", buf[i]); |
||
688 | |||
689 | return str; |
||
690 | } |
||
691 | |||
692 | static const char *md5_hash(FILE *f) |
||
693 | { |
||
694 | MD5_CTX ctx; |
||
695 | unsigned char val[MD5_DIGEST_LENGTH]; |
||
696 | void *buf; |
||
697 | int len; |
||
698 | |||
699 | MD5_begin(&ctx); |
||
700 | while ((buf = hash_buf(f, &len)) != NULL) |
||
701 | MD5_hash(buf, len, &ctx); |
||
702 | MD5_end(val, &ctx); |
||
703 | |||
704 | return hash_string(val, MD5_DIGEST_LENGTH); |
||
705 | } |
||
706 | |||
707 | static const char *sha256_hash(FILE *f) |
||
708 | { |
||
709 | SHA256_CTX ctx; |
||
710 | unsigned char val[SHA256_DIGEST_LENGTH]; |
||
711 | void *buf; |
||
712 | int len; |
||
713 | |||
714 | SHA256_Init(&ctx); |
||
715 | while ((buf = hash_buf(f, &len)) != NULL) |
||
716 | SHA256_Update(&ctx, buf, len); |
||
717 | SHA256_Final(val, &ctx); |
||
718 | |||
719 | return hash_string(val, SHA256_DIGEST_LENGTH); |
||
720 | } |
||
721 | |||
722 | |||
723 | struct hash_type { |
||
724 | const char *name; |
||
725 | const char *(*func)(FILE *f); |
||
726 | int len; |
||
727 | }; |
||
728 | |||
729 | struct hash_type types[] = { |
||
730 | { "md5", md5_hash, MD5_DIGEST_LENGTH }, |
||
731 | { "sha256", sha256_hash, SHA256_DIGEST_LENGTH }, |
||
732 | }; |
||
733 | |||
734 | |||
735 | static int usage(const char *progname) |
||
736 | { |
||
737 | int i; |
||
738 | |||
739 | fprintf(stderr, "Usage: %s <hash type> [<file>...]\n" |
||
740 | "Supported hash types:", progname); |
||
741 | |||
742 | for (i = 0; i < ARRAY_SIZE(types); i++) |
||
743 | fprintf(stderr, "%s %s", i ? "," : "", types[i].name); |
||
744 | |||
745 | fprintf(stderr, "\n"); |
||
746 | return 1; |
||
747 | } |
||
748 | |||
749 | static struct hash_type *get_hash_type(const char *name) |
||
750 | { |
||
751 | int i; |
||
752 | |||
753 | for (i = 0; i < ARRAY_SIZE(types); i++) { |
||
754 | struct hash_type *t = &types[i]; |
||
755 | |||
756 | if (!strcmp(t->name, name)) |
||
757 | return t; |
||
758 | } |
||
759 | return NULL; |
||
760 | } |
||
761 | |||
762 | |||
763 | static int hash_file(struct hash_type *t, const char *filename, bool add_filename) |
||
764 | { |
||
765 | const char *str; |
||
766 | |||
767 | if (!filename || !strcmp(filename, "-")) { |
||
768 | str = t->func(stdin); |
||
769 | } else { |
||
770 | FILE *f = fopen(filename, "r"); |
||
771 | |||
772 | if (!f) { |
||
773 | fprintf(stderr, "Failed to open '%s'\n", filename); |
||
774 | return 1; |
||
775 | } |
||
776 | str = t->func(f); |
||
777 | fclose(f); |
||
778 | } |
||
779 | |||
780 | if (!str) { |
||
781 | fprintf(stderr, "Failed to generate hash\n"); |
||
782 | return 1; |
||
783 | } |
||
784 | |||
785 | if (add_filename) |
||
786 | printf("%s %s\n", str, filename ? filename : "-"); |
||
787 | else |
||
788 | printf("%s\n", str); |
||
789 | return 0; |
||
790 | } |
||
791 | |||
792 | |||
793 | int main(int argc, char **argv) |
||
794 | { |
||
795 | struct hash_type *t; |
||
796 | const char *progname = argv[0]; |
||
797 | int i, ch; |
||
798 | bool add_filename = false; |
||
799 | |||
800 | while ((ch = getopt(argc, argv, "n")) != -1) { |
||
801 | switch (ch) { |
||
802 | case 'n': |
||
803 | add_filename = true; |
||
804 | break; |
||
805 | default: |
||
806 | return usage(progname); |
||
807 | } |
||
808 | } |
||
809 | |||
810 | argc -= optind; |
||
811 | argv += optind; |
||
812 | |||
813 | if (argc < 1) |
||
814 | return usage(progname); |
||
815 | |||
816 | t = get_hash_type(argv[0]); |
||
817 | if (!t) |
||
818 | return usage(progname); |
||
819 | |||
820 | if (argc < 2) |
||
821 | return hash_file(t, NULL, add_filename); |
||
822 | |||
823 | for (i = 0; i < argc - 1; i++) |
||
824 | hash_file(t, argv[1 + i], add_filename); |
||
825 | |||
826 | return 0; |
||
827 | } |