source: azure_iot_hub_f767zi/trunk/asp_baseplatform/lwip/lwip-2.1.2/src/netif/ppp/polarssl/sha1.c@ 457

Last change on this file since 457 was 457, checked in by coas-nagasima, 4 years ago

ファイルを追加
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-csrc;charset=UTF-8
File size: 9.3 KB
Line 
1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
4 * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
5 *
6 * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
7 *
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 *
14 * * Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * * Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * * Neither the names of PolarSSL or XySSL nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
26 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35/*
36 * The SHA-1 standard was published by NIST in 1993.
37 *
38 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
39 */
40
41#include "netif/ppp/ppp_opts.h"
42#if PPP_SUPPORT && LWIP_INCLUDED_POLARSSL_SHA1
43
44#include "netif/ppp/polarssl/sha1.h"
45
46#include <string.h>
47
48/*
49 * 32-bit integer manipulation macros (big endian)
50 */
51#ifndef GET_ULONG_BE
52#define GET_ULONG_BE(n,b,i) \
53{ \
54 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \
55 | ( (unsigned long) (b)[(i) + 1] << 16 ) \
56 | ( (unsigned long) (b)[(i) + 2] << 8 ) \
57 | ( (unsigned long) (b)[(i) + 3] ); \
58}
59#endif
60
61#ifndef PUT_ULONG_BE
62#define PUT_ULONG_BE(n,b,i) \
63{ \
64 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
65 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
66 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
67 (b)[(i) + 3] = (unsigned char) ( (n) ); \
68}
69#endif
70
71/*
72 * SHA-1 context setup
73 */
74void sha1_starts( sha1_context *ctx )
75{
76 ctx->total[0] = 0;
77 ctx->total[1] = 0;
78
79 ctx->state[0] = 0x67452301;
80 ctx->state[1] = 0xEFCDAB89;
81 ctx->state[2] = 0x98BADCFE;
82 ctx->state[3] = 0x10325476;
83 ctx->state[4] = 0xC3D2E1F0;
84}
85
86static void sha1_process( sha1_context *ctx, const unsigned char data[64] )
87{
88 unsigned long temp, W[16], A, B, C, D, E;
89
90 GET_ULONG_BE( W[ 0], data, 0 );
91 GET_ULONG_BE( W[ 1], data, 4 );
92 GET_ULONG_BE( W[ 2], data, 8 );
93 GET_ULONG_BE( W[ 3], data, 12 );
94 GET_ULONG_BE( W[ 4], data, 16 );
95 GET_ULONG_BE( W[ 5], data, 20 );
96 GET_ULONG_BE( W[ 6], data, 24 );
97 GET_ULONG_BE( W[ 7], data, 28 );
98 GET_ULONG_BE( W[ 8], data, 32 );
99 GET_ULONG_BE( W[ 9], data, 36 );
100 GET_ULONG_BE( W[10], data, 40 );
101 GET_ULONG_BE( W[11], data, 44 );
102 GET_ULONG_BE( W[12], data, 48 );
103 GET_ULONG_BE( W[13], data, 52 );
104 GET_ULONG_BE( W[14], data, 56 );
105 GET_ULONG_BE( W[15], data, 60 );
106
107#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
108
109#define R(t) \
110( \
111 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \
112 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \
113 ( W[t & 0x0F] = S(temp,1) ) \
114)
115
116#define P(a,b,c,d,e,x) \
117{ \
118 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
119}
120
121 A = ctx->state[0];
122 B = ctx->state[1];
123 C = ctx->state[2];
124 D = ctx->state[3];
125 E = ctx->state[4];
126
127#define F(x,y,z) (z ^ (x & (y ^ z)))
128#define K 0x5A827999
129
130 P( A, B, C, D, E, W[0] );
131 P( E, A, B, C, D, W[1] );
132 P( D, E, A, B, C, W[2] );
133 P( C, D, E, A, B, W[3] );
134 P( B, C, D, E, A, W[4] );
135 P( A, B, C, D, E, W[5] );
136 P( E, A, B, C, D, W[6] );
137 P( D, E, A, B, C, W[7] );
138 P( C, D, E, A, B, W[8] );
139 P( B, C, D, E, A, W[9] );
140 P( A, B, C, D, E, W[10] );
141 P( E, A, B, C, D, W[11] );
142 P( D, E, A, B, C, W[12] );
143 P( C, D, E, A, B, W[13] );
144 P( B, C, D, E, A, W[14] );
145 P( A, B, C, D, E, W[15] );
146 P( E, A, B, C, D, R(16) );
147 P( D, E, A, B, C, R(17) );
148 P( C, D, E, A, B, R(18) );
149 P( B, C, D, E, A, R(19) );
150
151#undef K
152#undef F
153
154#define F(x,y,z) (x ^ y ^ z)
155#define K 0x6ED9EBA1
156
157 P( A, B, C, D, E, R(20) );
158 P( E, A, B, C, D, R(21) );
159 P( D, E, A, B, C, R(22) );
160 P( C, D, E, A, B, R(23) );
161 P( B, C, D, E, A, R(24) );
162 P( A, B, C, D, E, R(25) );
163 P( E, A, B, C, D, R(26) );
164 P( D, E, A, B, C, R(27) );
165 P( C, D, E, A, B, R(28) );
166 P( B, C, D, E, A, R(29) );
167 P( A, B, C, D, E, R(30) );
168 P( E, A, B, C, D, R(31) );
169 P( D, E, A, B, C, R(32) );
170 P( C, D, E, A, B, R(33) );
171 P( B, C, D, E, A, R(34) );
172 P( A, B, C, D, E, R(35) );
173 P( E, A, B, C, D, R(36) );
174 P( D, E, A, B, C, R(37) );
175 P( C, D, E, A, B, R(38) );
176 P( B, C, D, E, A, R(39) );
177
178#undef K
179#undef F
180
181#define F(x,y,z) ((x & y) | (z & (x | y)))
182#define K 0x8F1BBCDC
183
184 P( A, B, C, D, E, R(40) );
185 P( E, A, B, C, D, R(41) );
186 P( D, E, A, B, C, R(42) );
187 P( C, D, E, A, B, R(43) );
188 P( B, C, D, E, A, R(44) );
189 P( A, B, C, D, E, R(45) );
190 P( E, A, B, C, D, R(46) );
191 P( D, E, A, B, C, R(47) );
192 P( C, D, E, A, B, R(48) );
193 P( B, C, D, E, A, R(49) );
194 P( A, B, C, D, E, R(50) );
195 P( E, A, B, C, D, R(51) );
196 P( D, E, A, B, C, R(52) );
197 P( C, D, E, A, B, R(53) );
198 P( B, C, D, E, A, R(54) );
199 P( A, B, C, D, E, R(55) );
200 P( E, A, B, C, D, R(56) );
201 P( D, E, A, B, C, R(57) );
202 P( C, D, E, A, B, R(58) );
203 P( B, C, D, E, A, R(59) );
204
205#undef K
206#undef F
207
208#define F(x,y,z) (x ^ y ^ z)
209#define K 0xCA62C1D6
210
211 P( A, B, C, D, E, R(60) );
212 P( E, A, B, C, D, R(61) );
213 P( D, E, A, B, C, R(62) );
214 P( C, D, E, A, B, R(63) );
215 P( B, C, D, E, A, R(64) );
216 P( A, B, C, D, E, R(65) );
217 P( E, A, B, C, D, R(66) );
218 P( D, E, A, B, C, R(67) );
219 P( C, D, E, A, B, R(68) );
220 P( B, C, D, E, A, R(69) );
221 P( A, B, C, D, E, R(70) );
222 P( E, A, B, C, D, R(71) );
223 P( D, E, A, B, C, R(72) );
224 P( C, D, E, A, B, R(73) );
225 P( B, C, D, E, A, R(74) );
226 P( A, B, C, D, E, R(75) );
227 P( E, A, B, C, D, R(76) );
228 P( D, E, A, B, C, R(77) );
229 P( C, D, E, A, B, R(78) );
230 P( B, C, D, E, A, R(79) );
231
232#undef K
233#undef F
234
235 ctx->state[0] += A;
236 ctx->state[1] += B;
237 ctx->state[2] += C;
238 ctx->state[3] += D;
239 ctx->state[4] += E;
240}
241
242/*
243 * SHA-1 process buffer
244 */
245void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen )
246{
247 int fill;
248 unsigned long left;
249
250 if( ilen <= 0 )
251 return;
252
253 left = ctx->total[0] & 0x3F;
254 fill = 64 - left;
255
256 ctx->total[0] += ilen;
257 ctx->total[0] &= 0xFFFFFFFF;
258
259 if( ctx->total[0] < (unsigned long) ilen )
260 ctx->total[1]++;
261
262 if( left && ilen >= fill )
263 {
264 MEMCPY( (void *) (ctx->buffer + left),
265 input, fill );
266 sha1_process( ctx, ctx->buffer );
267 input += fill;
268 ilen -= fill;
269 left = 0;
270 }
271
272 while( ilen >= 64 )
273 {
274 sha1_process( ctx, input );
275 input += 64;
276 ilen -= 64;
277 }
278
279 if( ilen > 0 )
280 {
281 MEMCPY( (void *) (ctx->buffer + left),
282 input, ilen );
283 }
284}
285
286static const unsigned char sha1_padding[64] =
287{
288 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
289 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
290 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
291 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
292};
293
294/*
295 * SHA-1 final digest
296 */
297void sha1_finish( sha1_context *ctx, unsigned char output[20] )
298{
299 unsigned long last, padn;
300 unsigned long high, low;
301 unsigned char msglen[8];
302
303 high = ( ctx->total[0] >> 29 )
304 | ( ctx->total[1] << 3 );
305 low = ( ctx->total[0] << 3 );
306
307 PUT_ULONG_BE( high, msglen, 0 );
308 PUT_ULONG_BE( low, msglen, 4 );
309
310 last = ctx->total[0] & 0x3F;
311 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
312
313 sha1_update( ctx, sha1_padding, padn );
314 sha1_update( ctx, msglen, 8 );
315
316 PUT_ULONG_BE( ctx->state[0], output, 0 );
317 PUT_ULONG_BE( ctx->state[1], output, 4 );
318 PUT_ULONG_BE( ctx->state[2], output, 8 );
319 PUT_ULONG_BE( ctx->state[3], output, 12 );
320 PUT_ULONG_BE( ctx->state[4], output, 16 );
321}
322
323/*
324 * output = SHA-1( input buffer )
325 */
326void sha1( unsigned char *input, int ilen, unsigned char output[20] )
327{
328 sha1_context ctx;
329
330 sha1_starts( &ctx );
331 sha1_update( &ctx, input, ilen );
332 sha1_finish( &ctx, output );
333}
334
335#endif /* PPP_SUPPORT && LWIP_INCLUDED_POLARSSL_SHA1 */
Note: See TracBrowser for help on using the repository browser.