1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <string.h>
4 #include <assert.h>
5 #include "aes_core.h"
6
7 #ifndef uint32_t
8 #define uint32_t unsigned int
9 #endif
10
11 /**
12 * \brief SHA-1 context structure
13 */
14 typedef struct
15 {
16 uint32_t total[2]; /*!< number of bytes processed */
17 uint32_t state[5]; /*!< intermediate digest state */
18 unsigned char buffer[64]; /*!< data block being processed */
19 }
20 RK_SHA1_CTX;
21
22 /* Implementation that should never be optimized out by the compiler */
mbedtls_zeroize(void * v,size_t n)23 static void mbedtls_zeroize( void *v, size_t n ) {
24 volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
25 }
26
27 /*
28 * 32-bit integer manipulation macros (big endian)
29 */
30 #ifndef GET_UINT32_BE
31 #define GET_UINT32_BE(n,b,i) \
32 { \
33 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
34 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
35 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
36 | ( (uint32_t) (b)[(i) + 3] ); \
37 }
38 #endif
39
40 #ifndef PUT_UINT32_BE
41 #define PUT_UINT32_BE(n,b,i) \
42 { \
43 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
44 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
45 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
46 (b)[(i) + 3] = (unsigned char) ( (n) ); \
47 }
48 #endif
49
mbedtls_sha1_init(RK_SHA1_CTX * ctx)50 void mbedtls_sha1_init( RK_SHA1_CTX *ctx )
51 {
52 memset( ctx, 0, sizeof( RK_SHA1_CTX ) );
53 }
54
mbedtls_sha1_free(RK_SHA1_CTX * ctx)55 void mbedtls_sha1_free( RK_SHA1_CTX *ctx )
56 {
57 if( ctx == NULL )
58 return;
59
60 mbedtls_zeroize( ctx, sizeof( RK_SHA1_CTX ) );
61 }
62
mbedtls_sha1_clone(RK_SHA1_CTX * dst,const RK_SHA1_CTX * src)63 void mbedtls_sha1_clone( RK_SHA1_CTX *dst,
64 const RK_SHA1_CTX *src )
65 {
66 *dst = *src;
67 }
68
69 /*
70 * SHA-1 context setup
71 */
mbedtls_sha1_starts(RK_SHA1_CTX * ctx)72 void mbedtls_sha1_starts( RK_SHA1_CTX *ctx )
73 {
74 ctx->total[0] = 0;
75 ctx->total[1] = 0;
76
77 ctx->state[0] = 0x67452301;
78 ctx->state[1] = 0xEFCDAB89;
79 ctx->state[2] = 0x98BADCFE;
80 ctx->state[3] = 0x10325476;
81 ctx->state[4] = 0xC3D2E1F0;
82 }
83
84 #if !defined(MBEDTLS_SHA1_PROCESS_ALT)
mbedtls_sha1_process(RK_SHA1_CTX * ctx,const unsigned char data[64])85 void mbedtls_sha1_process( RK_SHA1_CTX *ctx, const unsigned char data[64] )
86 {
87 uint32_t temp, W[16], A, B, C, D, E;
88
89 GET_UINT32_BE( W[ 0], data, 0 );
90 GET_UINT32_BE( W[ 1], data, 4 );
91 GET_UINT32_BE( W[ 2], data, 8 );
92 GET_UINT32_BE( W[ 3], data, 12 );
93 GET_UINT32_BE( W[ 4], data, 16 );
94 GET_UINT32_BE( W[ 5], data, 20 );
95 GET_UINT32_BE( W[ 6], data, 24 );
96 GET_UINT32_BE( W[ 7], data, 28 );
97 GET_UINT32_BE( W[ 8], data, 32 );
98 GET_UINT32_BE( W[ 9], data, 36 );
99 GET_UINT32_BE( W[10], data, 40 );
100 GET_UINT32_BE( W[11], data, 44 );
101 GET_UINT32_BE( W[12], data, 48 );
102 GET_UINT32_BE( W[13], data, 52 );
103 GET_UINT32_BE( W[14], data, 56 );
104 GET_UINT32_BE( W[15], data, 60 );
105
106 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
107
108 #define R(t) \
109 ( \
110 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
111 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
112 ( W[t & 0x0F] = S(temp,1) ) \
113 )
114
115 #define P(a,b,c,d,e,x) \
116 { \
117 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
118 }
119
120 A = ctx->state[0];
121 B = ctx->state[1];
122 C = ctx->state[2];
123 D = ctx->state[3];
124 E = ctx->state[4];
125
126 #define F(x,y,z) (z ^ (x & (y ^ z)))
127 #define K 0x5A827999
128
129 P( A, B, C, D, E, W[0] );
130 P( E, A, B, C, D, W[1] );
131 P( D, E, A, B, C, W[2] );
132 P( C, D, E, A, B, W[3] );
133 P( B, C, D, E, A, W[4] );
134 P( A, B, C, D, E, W[5] );
135 P( E, A, B, C, D, W[6] );
136 P( D, E, A, B, C, W[7] );
137 P( C, D, E, A, B, W[8] );
138 P( B, C, D, E, A, W[9] );
139 P( A, B, C, D, E, W[10] );
140 P( E, A, B, C, D, W[11] );
141 P( D, E, A, B, C, W[12] );
142 P( C, D, E, A, B, W[13] );
143 P( B, C, D, E, A, W[14] );
144 P( A, B, C, D, E, W[15] );
145 P( E, A, B, C, D, R(16) );
146 P( D, E, A, B, C, R(17) );
147 P( C, D, E, A, B, R(18) );
148 P( B, C, D, E, A, R(19) );
149
150 #undef K
151 #undef F
152
153 #define F(x,y,z) (x ^ y ^ z)
154 #define K 0x6ED9EBA1
155
156 P( A, B, C, D, E, R(20) );
157 P( E, A, B, C, D, R(21) );
158 P( D, E, A, B, C, R(22) );
159 P( C, D, E, A, B, R(23) );
160 P( B, C, D, E, A, R(24) );
161 P( A, B, C, D, E, R(25) );
162 P( E, A, B, C, D, R(26) );
163 P( D, E, A, B, C, R(27) );
164 P( C, D, E, A, B, R(28) );
165 P( B, C, D, E, A, R(29) );
166 P( A, B, C, D, E, R(30) );
167 P( E, A, B, C, D, R(31) );
168 P( D, E, A, B, C, R(32) );
169 P( C, D, E, A, B, R(33) );
170 P( B, C, D, E, A, R(34) );
171 P( A, B, C, D, E, R(35) );
172 P( E, A, B, C, D, R(36) );
173 P( D, E, A, B, C, R(37) );
174 P( C, D, E, A, B, R(38) );
175 P( B, C, D, E, A, R(39) );
176
177 #undef K
178 #undef F
179
180 #define F(x,y,z) ((x & y) | (z & (x | y)))
181 #define K 0x8F1BBCDC
182
183 P( A, B, C, D, E, R(40) );
184 P( E, A, B, C, D, R(41) );
185 P( D, E, A, B, C, R(42) );
186 P( C, D, E, A, B, R(43) );
187 P( B, C, D, E, A, R(44) );
188 P( A, B, C, D, E, R(45) );
189 P( E, A, B, C, D, R(46) );
190 P( D, E, A, B, C, R(47) );
191 P( C, D, E, A, B, R(48) );
192 P( B, C, D, E, A, R(49) );
193 P( A, B, C, D, E, R(50) );
194 P( E, A, B, C, D, R(51) );
195 P( D, E, A, B, C, R(52) );
196 P( C, D, E, A, B, R(53) );
197 P( B, C, D, E, A, R(54) );
198 P( A, B, C, D, E, R(55) );
199 P( E, A, B, C, D, R(56) );
200 P( D, E, A, B, C, R(57) );
201 P( C, D, E, A, B, R(58) );
202 P( B, C, D, E, A, R(59) );
203
204 #undef K
205 #undef F
206
207 #define F(x,y,z) (x ^ y ^ z)
208 #define K 0xCA62C1D6
209
210 P( A, B, C, D, E, R(60) );
211 P( E, A, B, C, D, R(61) );
212 P( D, E, A, B, C, R(62) );
213 P( C, D, E, A, B, R(63) );
214 P( B, C, D, E, A, R(64) );
215 P( A, B, C, D, E, R(65) );
216 P( E, A, B, C, D, R(66) );
217 P( D, E, A, B, C, R(67) );
218 P( C, D, E, A, B, R(68) );
219 P( B, C, D, E, A, R(69) );
220 P( A, B, C, D, E, R(70) );
221 P( E, A, B, C, D, R(71) );
222 P( D, E, A, B, C, R(72) );
223 P( C, D, E, A, B, R(73) );
224 P( B, C, D, E, A, R(74) );
225 P( A, B, C, D, E, R(75) );
226 P( E, A, B, C, D, R(76) );
227 P( D, E, A, B, C, R(77) );
228 P( C, D, E, A, B, R(78) );
229 P( B, C, D, E, A, R(79) );
230
231 #undef K
232 #undef F
233
234 ctx->state[0] += A;
235 ctx->state[1] += B;
236 ctx->state[2] += C;
237 ctx->state[3] += D;
238 ctx->state[4] += E;
239 }
240 #endif /* !MBEDTLS_SHA1_PROCESS_ALT */
241
242 /*
243 * SHA-1 process buffer
244 */
mbedtls_sha1_update(RK_SHA1_CTX * ctx,const unsigned char * input,size_t ilen)245 void mbedtls_sha1_update( RK_SHA1_CTX *ctx, const unsigned char *input, size_t ilen )
246 {
247 size_t fill;
248 uint32_t left;
249
250 if( ilen == 0 )
251 return;
252
253 left = ctx->total[0] & 0x3F;
254 fill = 64 - left;
255
256 ctx->total[0] += (uint32_t) ilen;
257 ctx->total[0] &= 0xFFFFFFFF;
258
259 if( ctx->total[0] < (uint32_t) ilen )
260 ctx->total[1]++;
261
262 if( left && ilen >= fill )
263 {
264 memcpy( (void *) (ctx->buffer + left), input, fill );
265 mbedtls_sha1_process( ctx, ctx->buffer );
266 input += fill;
267 ilen -= fill;
268 left = 0;
269 }
270
271 while( ilen >= 64 )
272 {
273 mbedtls_sha1_process( ctx, input );
274 input += 64;
275 ilen -= 64;
276 }
277
278 if( ilen > 0 )
279 memcpy( (void *) (ctx->buffer + left), input, ilen );
280 }
281
282 static const unsigned char sha1_padding[64] =
283 {
284 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
285 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
286 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
287 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
288 };
289
290 /*
291 * SHA-1 final digest
292 */
mbedtls_sha1_finish(RK_SHA1_CTX * ctx,unsigned char output[20])293 void mbedtls_sha1_finish( RK_SHA1_CTX *ctx, unsigned char output[20] )
294 {
295 uint32_t last, padn;
296 uint32_t high, low;
297 unsigned char msglen[8];
298
299 high = ( ctx->total[0] >> 29 )
300 | ( ctx->total[1] << 3 );
301 low = ( ctx->total[0] << 3 );
302
303 PUT_UINT32_BE( high, msglen, 0 );
304 PUT_UINT32_BE( low, msglen, 4 );
305
306 last = ctx->total[0] & 0x3F;
307 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
308
309 mbedtls_sha1_update( ctx, sha1_padding, padn );
310 mbedtls_sha1_update( ctx, msglen, 8 );
311
312 PUT_UINT32_BE( ctx->state[0], output, 0 );
313 PUT_UINT32_BE( ctx->state[1], output, 4 );
314 PUT_UINT32_BE( ctx->state[2], output, 8 );
315 PUT_UINT32_BE( ctx->state[3], output, 12 );
316 PUT_UINT32_BE( ctx->state[4], output, 16 );
317 }
318
319 /*
320 * output = SHA-1( input buffer )
321 */
rk_hash_sha1(const unsigned char * in,unsigned int in_len,unsigned char * out,unsigned int * out_len)322 int rk_hash_sha1(const unsigned char *in, unsigned int in_len,
323 unsigned char *out, unsigned int *out_len)
324 {
325 RK_SHA1_CTX ctx;
326
327 if (in == NULL && in_len != 0)
328 return -1;
329
330 if(out == NULL || out_len == NULL)
331 return -1;
332
333 mbedtls_sha1_init( &ctx );
334 mbedtls_sha1_starts( &ctx );
335 mbedtls_sha1_update( &ctx, in, in_len );
336 mbedtls_sha1_finish( &ctx, out);
337 mbedtls_sha1_free( &ctx );
338 *out_len = 20;
339 return 0;
340 }
341
342