storin.{tests,debug}-ref: Ancient versions of the test output.

[storin] / sha.c

/* -*-c-*-
 *
 * $Id$
 *
 * Implementation of the SHA-1 hash function
 *
 * (c) 1999 Straylight/Edgeware
 * (c) 2000 Mark Wooding
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * Copyright (c) 2000 Mark Wooding
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 * 
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 
 * 2, Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 
 * 3. The name of the authors may not be used to endorse or promote
 *    products derived from this software without specific prior written
 *    permission.
 * 
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN
 * NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 * 
 * Instead of accepting the above terms, you may redistribute and/or modify
 * this software under the terms of either the GNU General Public License,
 * or the GNU Library General Public License, published by the Free
 * Software Foundation; either version 2 of the License, or (at your
 * option) any later version.
 */

/*----- Header files ------------------------------------------------------*/

#include <string.h>

#include "bits.h"
#include "sha.h"

/*----- Main code ---------------------------------------------------------*/

/* --- @sha_compress@ --- *
 *
 * Arguments:   @sha_ctx *ctx@ = pointer to context block
 *              @const void *sbuf@ = pointer to buffer of appropriate size
 *
 * Returns:     ---
 *
 * Use:         SHA-1 compression function.
 */

void sha_compress(sha_ctx *ctx, const void *sbuf)
{
  uint32 a, b, c, d, e;
  uint32 buf[80];

  /* --- Fetch the chaining variables --- */

  a = ctx->a;
  b = ctx->b;
  c = ctx->c;
  d = ctx->d;
  e = ctx->e;

  /* --- Fetch and expand the buffer contents --- */

  {
    int i;
    const octet *p;

    for (i = 0, p = sbuf; i < 16; i++, p += 4)
      buf[i] = LOAD32(p);
    for (i = 16; i < 80; i++) {
      uint32 x = buf[i - 3] ^ buf[i - 8] ^ buf[i - 14] ^ buf[i - 16];
      buf[i] = ROL32(x, 1);
    }
  }

  /* --- Definitions for round functions --- */

#define F(x, y, z) (((x) & (y)) | (~(x) & (z)))
#define G(x, y, z) ((x) ^ (y) ^ (z))
#define H(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))

#define T(v, w, x, y, z, i, f, k) do {                                  \
  uint32 _x;                                                            \
  z = ROL32(v, 5) + f(w, x, y) + z + buf[i] + k;                        \
  w = ROR32(w, 2);                                                      \
  _x = v; v = z; z = y; y = x; x = w; w = _x;                           \
} while (0)

#define FF(v, w, x, y, z, i) T(v, w, x, y, z, i, F, 0x5a827999)
#define GG(v, w, x, y, z, i) T(v, w, x, y, z, i, G, 0x6ed9eba1)
#define HH(v, w, x, y, z, i) T(v, w, x, y, z, i, H, 0x8f1bbcdc)
#define II(v, w, x, y, z, i) T(v, w, x, y, z, i, G, 0xca62c1d6)

  /* --- The main compression function --- */

  {
    unsigned i;
    for (i = 0; i < 20; i++)
      FF(a, b, c, d, e, i);
    for (i = 20; i < 40; i++)
      GG(a, b, c, d, e, i);
    for (i = 40; i < 60; i++)
      HH(a, b, c, d, e, i);
    for (i = 60; i < 80; i++)
      II(a, b, c, d, e, i);
  }

  ctx->a += a;
  ctx->b += b;
  ctx->c += c;
  ctx->d += d;
  ctx->e += e;
}

/* --- @sha_init@ --- *
 *
 * Arguments:   @sha_ctx *ctx@ = pointer to context block to initialize
 *
 * Returns:     ---
 *
 * Use:         Initializes a context block ready for hashing.
 */

void sha_init(sha_ctx *ctx)
{
  ctx->a = 0x67452301;
  ctx->b = 0xefcdab89;
  ctx->c = 0x98badcfe;
  ctx->d = 0x10325476;
  ctx->e = 0xc3d2e1f0;
  ctx->off = 0;
  ctx->nl = ctx->nh = 0;
}

/* --- @sha_hash@ --- *
 *
 * Arguments:   @sha_ctx *ctx@ = pointer to context block
 *              @const void *buf@ = buffer of data to hash
 *              @size_t sz@ = size of buffer to hash
 *
 * Returns:     ---
 *
 * Use:         Hashes a buffer of data.  The buffer may be of any size and
 *              alignment.
 */

void sha_hash(sha_ctx *ctx, const void *buf, size_t sz)
{
  sha_ctx *_bctx = (ctx);
  size_t _bsz = (sz);
  const octet *_bbuf = (octet *) (buf);

  {
    uint32 _l = ((uint32) ((_bsz) & MASK32));
    uint32 _h = ((_bsz & ~MASK32) >> 16) >> 16;
    _bctx->nh += _h;
    _bctx->nl += _l;
    if (_bctx->nl < _l || _bctx->nl & ~MASK32)
      _bctx->nh++;
  }
  if (_bctx->off + _bsz < SHA_BUFSZ) {
    memcpy(_bctx->buf + _bctx->off, _bbuf, _bsz);
    _bctx->off += _bsz;
  } else {
    if (_bctx->off) {
      size_t s = SHA_BUFSZ - _bctx->off;
      memcpy(_bctx->buf + _bctx->off, _bbuf, s);
      sha_compress(_bctx, _bctx->buf);
      _bsz -= s;
      _bbuf += s;
    }
    while (_bsz >= SHA_BUFSZ) {
      sha_compress(_bctx, _bbuf);
      _bsz -= SHA_BUFSZ;
      _bbuf += SHA_BUFSZ;
    }
    if (_bsz)
      memcpy(_bctx->buf, _bbuf, _bsz);
    _bctx->off = _bsz;
  }
}

/* --- @sha_done@ --- *
 *
 * Arguments:   @sha_ctx *ctx@ = pointer to context block
 *              @void *hash@ = pointer to output buffer
 *
 * Returns:     ---
 *
 * Use:         Returns the hash of the data read so far.
 */

void sha_done(sha_ctx *ctx, void *hash)
{
  octet *p = hash;
  {
    sha_ctx *_pctx = (ctx);
    _pctx->buf[_pctx->off] = 0x80;
    _pctx->off++;
    if (_pctx->off > SHA_BUFSZ - 8) {
      if (_pctx->off < SHA_BUFSZ)
        memset(_pctx->buf + _pctx->off, 0, SHA_BUFSZ - _pctx->off);
      sha_compress(_pctx, _pctx->buf);
      memset(_pctx->buf, 0, SHA_BUFSZ - 8);
    } else
      memset(_pctx->buf + _pctx->off, 0, SHA_BUFSZ - _pctx->off - 8);
  }
  STORE32(ctx->buf + SHA_BUFSZ - 8, (ctx->nl >> 29) | (ctx->nh << 3));
  STORE32(ctx->buf + SHA_BUFSZ - 4, ctx->nl << 3);
  sha_compress(ctx, ctx->buf);
  STORE32(p +  0, ctx->a);
  STORE32(p +  4, ctx->b);
  STORE32(p +  8, ctx->c);
  STORE32(p + 12, ctx->d);
  STORE32(p + 16, ctx->e);
}

/*----- Testing -----------------------------------------------------------*/

/* --- Quick test --- */
  
#ifdef QUICK_TEST

#include <stdio.h>
#include <stdlib.h>

int main(void)
{
  octet buf[SHA_HASHSZ] = { 0x67, 0x45, 0x23, 0x01, 0xef, 0xcd, 0xab, 0x89,
                            0x98, 0xba, 0xdc, 0xfe, 0x10, 0x32, 0x54, 0x76,
                            0xc3, 0xd2, 0xe1, 0xf0 };
  octet v[SHA_HASHSZ] = { 0xf7, 0x4d, 0x36, 0xbf, 0x17, 0xee, 0x23, 0xc4,
                          0x6e, 0xc1, 0x66, 0xa4, 0x8a, 0x24, 0xda, 0x6a,
                          0xb9, 0x99, 0xea, 0xea };
  sha_ctx s;
  int i;

  sha_set(&s, buf, 0);
  for (i = 0; i < 23; i++) {
    sha_hash(&s,
             "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n",
             63);
  }
  sha_done(&s, buf);

  if (memcmp(buf, v, SHA_HASHSZ) != 0) {
    fprintf(stderr, "SHA validation error\n");
    return (EXIT_FAILURE);
  }

  return (0);
}

#endif    

/*----- That's all, folks -------------------------------------------------*/