xref: /optee_os/core/lib/libtomcrypt/src/hashes/rmd320.c (revision 9f34db38245c9b3a4e6e7e63eb78a75e23ab2da3) 
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis */
2 /* SPDX-License-Identifier: Unlicense */
3 #include "tomcrypt_private.h"
4 
5 /**
6    @file rmd320.c
7    RMD320 hash function
8 */
9 
10 #ifdef LTC_RIPEMD320
11 
12 const struct ltc_hash_descriptor rmd320_desc =
13 {
14     "rmd320",
15     14,
16     40,
17     64,
18 
19     /* OID ... does not exist
20      * http://oid-info.com/get/1.3.36.3.2 */
21    { 0 },
22    0,
23 
24     &rmd320_init,
25     &rmd320_process,
26     &rmd320_done,
27     &rmd320_test,
28     NULL
29 };
30 
31 /* the five basic functions F(), G() and H() */
32 #define F(x, y, z)        ((x) ^ (y) ^ (z))
33 #define G(x, y, z)        (((x) & (y)) | (~(x) & (z)))
34 #define H(x, y, z)        (((x) | ~(y)) ^ (z))
35 #define I(x, y, z)        (((x) & (z)) | ((y) & ~(z)))
36 #define J(x, y, z)        ((x) ^ ((y) | ~(z)))
37 
38 /* the ten basic operations FF() through III() */
39 #define FF(a, b, c, d, e, x, s)        \
40       (a) += F((b), (c), (d)) + (x);\
41       (a) = ROLc((a), (s)) + (e);\
42       (c) = ROLc((c), 10);
43 
44 #define GG(a, b, c, d, e, x, s)        \
45       (a) += G((b), (c), (d)) + (x) + 0x5a827999UL;\
46       (a) = ROLc((a), (s)) + (e);\
47       (c) = ROLc((c), 10);
48 
49 #define HH(a, b, c, d, e, x, s)        \
50       (a) += H((b), (c), (d)) + (x) + 0x6ed9eba1UL;\
51       (a) = ROLc((a), (s)) + (e);\
52       (c) = ROLc((c), 10);
53 
54 #define II(a, b, c, d, e, x, s)        \
55       (a) += I((b), (c), (d)) + (x) + 0x8f1bbcdcUL;\
56       (a) = ROLc((a), (s)) + (e);\
57       (c) = ROLc((c), 10);
58 
59 #define JJ(a, b, c, d, e, x, s)        \
60       (a) += J((b), (c), (d)) + (x) + 0xa953fd4eUL;\
61       (a) = ROLc((a), (s)) + (e);\
62       (c) = ROLc((c), 10);
63 
64 #define FFF(a, b, c, d, e, x, s)        \
65       (a) += F((b), (c), (d)) + (x);\
66       (a) = ROLc((a), (s)) + (e);\
67       (c) = ROLc((c), 10);
68 
69 #define GGG(a, b, c, d, e, x, s)        \
70       (a) += G((b), (c), (d)) + (x) + 0x7a6d76e9UL;\
71       (a) = ROLc((a), (s)) + (e);\
72       (c) = ROLc((c), 10);
73 
74 #define HHH(a, b, c, d, e, x, s)        \
75       (a) += H((b), (c), (d)) + (x) + 0x6d703ef3UL;\
76       (a) = ROLc((a), (s)) + (e);\
77       (c) = ROLc((c), 10);
78 
79 #define III(a, b, c, d, e, x, s)        \
80       (a) += I((b), (c), (d)) + (x) + 0x5c4dd124UL;\
81       (a) = ROLc((a), (s)) + (e);\
82       (c) = ROLc((c), 10);
83 
84 #define JJJ(a, b, c, d, e, x, s)        \
85       (a) += J((b), (c), (d)) + (x) + 0x50a28be6UL;\
86       (a) = ROLc((a), (s)) + (e);\
87       (c) = ROLc((c), 10);
88 
89 
90 #ifdef LTC_CLEAN_STACK
91 static int ss_rmd320_compress(hash_state *md, const unsigned char *buf)
92 #else
93 static int  s_rmd320_compress(hash_state *md, const unsigned char *buf)
94 #endif
95 {
96    ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,tmp,X[16];
97    int i;
98 
99    /* load words X */
100    for (i = 0; i < 16; i++){
101       LOAD32L(X[i], buf + (4 * i));
102    }
103 
104    /* load state */
105    aa = md->rmd320.state[0];
106    bb = md->rmd320.state[1];
107    cc = md->rmd320.state[2];
108    dd = md->rmd320.state[3];
109    ee = md->rmd320.state[4];
110    aaa = md->rmd320.state[5];
111    bbb = md->rmd320.state[6];
112    ccc = md->rmd320.state[7];
113    ddd = md->rmd320.state[8];
114    eee = md->rmd320.state[9];
115 
116    /* round 1 */
117    FF(aa, bb, cc, dd, ee, X[ 0], 11);
118    FF(ee, aa, bb, cc, dd, X[ 1], 14);
119    FF(dd, ee, aa, bb, cc, X[ 2], 15);
120    FF(cc, dd, ee, aa, bb, X[ 3], 12);
121    FF(bb, cc, dd, ee, aa, X[ 4],  5);
122    FF(aa, bb, cc, dd, ee, X[ 5],  8);
123    FF(ee, aa, bb, cc, dd, X[ 6],  7);
124    FF(dd, ee, aa, bb, cc, X[ 7],  9);
125    FF(cc, dd, ee, aa, bb, X[ 8], 11);
126    FF(bb, cc, dd, ee, aa, X[ 9], 13);
127    FF(aa, bb, cc, dd, ee, X[10], 14);
128    FF(ee, aa, bb, cc, dd, X[11], 15);
129    FF(dd, ee, aa, bb, cc, X[12],  6);
130    FF(cc, dd, ee, aa, bb, X[13],  7);
131    FF(bb, cc, dd, ee, aa, X[14],  9);
132    FF(aa, bb, cc, dd, ee, X[15],  8);
133 
134    /* parallel round 1 */
135    JJJ(aaa, bbb, ccc, ddd, eee, X[ 5],  8);
136    JJJ(eee, aaa, bbb, ccc, ddd, X[14],  9);
137    JJJ(ddd, eee, aaa, bbb, ccc, X[ 7],  9);
138    JJJ(ccc, ddd, eee, aaa, bbb, X[ 0], 11);
139    JJJ(bbb, ccc, ddd, eee, aaa, X[ 9], 13);
140    JJJ(aaa, bbb, ccc, ddd, eee, X[ 2], 15);
141    JJJ(eee, aaa, bbb, ccc, ddd, X[11], 15);
142    JJJ(ddd, eee, aaa, bbb, ccc, X[ 4],  5);
143    JJJ(ccc, ddd, eee, aaa, bbb, X[13],  7);
144    JJJ(bbb, ccc, ddd, eee, aaa, X[ 6],  7);
145    JJJ(aaa, bbb, ccc, ddd, eee, X[15],  8);
146    JJJ(eee, aaa, bbb, ccc, ddd, X[ 8], 11);
147    JJJ(ddd, eee, aaa, bbb, ccc, X[ 1], 14);
148    JJJ(ccc, ddd, eee, aaa, bbb, X[10], 14);
149    JJJ(bbb, ccc, ddd, eee, aaa, X[ 3], 12);
150    JJJ(aaa, bbb, ccc, ddd, eee, X[12],  6);
151 
152    tmp = aa; aa = aaa; aaa = tmp;
153 
154    /* round 2 */
155    GG(ee, aa, bb, cc, dd, X[ 7],  7);
156    GG(dd, ee, aa, bb, cc, X[ 4],  6);
157    GG(cc, dd, ee, aa, bb, X[13],  8);
158    GG(bb, cc, dd, ee, aa, X[ 1], 13);
159    GG(aa, bb, cc, dd, ee, X[10], 11);
160    GG(ee, aa, bb, cc, dd, X[ 6],  9);
161    GG(dd, ee, aa, bb, cc, X[15],  7);
162    GG(cc, dd, ee, aa, bb, X[ 3], 15);
163    GG(bb, cc, dd, ee, aa, X[12],  7);
164    GG(aa, bb, cc, dd, ee, X[ 0], 12);
165    GG(ee, aa, bb, cc, dd, X[ 9], 15);
166    GG(dd, ee, aa, bb, cc, X[ 5],  9);
167    GG(cc, dd, ee, aa, bb, X[ 2], 11);
168    GG(bb, cc, dd, ee, aa, X[14],  7);
169    GG(aa, bb, cc, dd, ee, X[11], 13);
170    GG(ee, aa, bb, cc, dd, X[ 8], 12);
171 
172    /* parallel round 2 */
173    III(eee, aaa, bbb, ccc, ddd, X[ 6],  9);
174    III(ddd, eee, aaa, bbb, ccc, X[11], 13);
175    III(ccc, ddd, eee, aaa, bbb, X[ 3], 15);
176    III(bbb, ccc, ddd, eee, aaa, X[ 7],  7);
177    III(aaa, bbb, ccc, ddd, eee, X[ 0], 12);
178    III(eee, aaa, bbb, ccc, ddd, X[13],  8);
179    III(ddd, eee, aaa, bbb, ccc, X[ 5],  9);
180    III(ccc, ddd, eee, aaa, bbb, X[10], 11);
181    III(bbb, ccc, ddd, eee, aaa, X[14],  7);
182    III(aaa, bbb, ccc, ddd, eee, X[15],  7);
183    III(eee, aaa, bbb, ccc, ddd, X[ 8], 12);
184    III(ddd, eee, aaa, bbb, ccc, X[12],  7);
185    III(ccc, ddd, eee, aaa, bbb, X[ 4],  6);
186    III(bbb, ccc, ddd, eee, aaa, X[ 9], 15);
187    III(aaa, bbb, ccc, ddd, eee, X[ 1], 13);
188    III(eee, aaa, bbb, ccc, ddd, X[ 2], 11);
189 
190    tmp = bb; bb = bbb; bbb = tmp;
191 
192    /* round 3 */
193    HH(dd, ee, aa, bb, cc, X[ 3], 11);
194    HH(cc, dd, ee, aa, bb, X[10], 13);
195    HH(bb, cc, dd, ee, aa, X[14],  6);
196    HH(aa, bb, cc, dd, ee, X[ 4],  7);
197    HH(ee, aa, bb, cc, dd, X[ 9], 14);
198    HH(dd, ee, aa, bb, cc, X[15],  9);
199    HH(cc, dd, ee, aa, bb, X[ 8], 13);
200    HH(bb, cc, dd, ee, aa, X[ 1], 15);
201    HH(aa, bb, cc, dd, ee, X[ 2], 14);
202    HH(ee, aa, bb, cc, dd, X[ 7],  8);
203    HH(dd, ee, aa, bb, cc, X[ 0], 13);
204    HH(cc, dd, ee, aa, bb, X[ 6],  6);
205    HH(bb, cc, dd, ee, aa, X[13],  5);
206    HH(aa, bb, cc, dd, ee, X[11], 12);
207    HH(ee, aa, bb, cc, dd, X[ 5],  7);
208    HH(dd, ee, aa, bb, cc, X[12],  5);
209 
210    /* parallel round 3 */
211    HHH(ddd, eee, aaa, bbb, ccc, X[15],  9);
212    HHH(ccc, ddd, eee, aaa, bbb, X[ 5],  7);
213    HHH(bbb, ccc, ddd, eee, aaa, X[ 1], 15);
214    HHH(aaa, bbb, ccc, ddd, eee, X[ 3], 11);
215    HHH(eee, aaa, bbb, ccc, ddd, X[ 7],  8);
216    HHH(ddd, eee, aaa, bbb, ccc, X[14],  6);
217    HHH(ccc, ddd, eee, aaa, bbb, X[ 6],  6);
218    HHH(bbb, ccc, ddd, eee, aaa, X[ 9], 14);
219    HHH(aaa, bbb, ccc, ddd, eee, X[11], 12);
220    HHH(eee, aaa, bbb, ccc, ddd, X[ 8], 13);
221    HHH(ddd, eee, aaa, bbb, ccc, X[12],  5);
222    HHH(ccc, ddd, eee, aaa, bbb, X[ 2], 14);
223    HHH(bbb, ccc, ddd, eee, aaa, X[10], 13);
224    HHH(aaa, bbb, ccc, ddd, eee, X[ 0], 13);
225    HHH(eee, aaa, bbb, ccc, ddd, X[ 4],  7);
226    HHH(ddd, eee, aaa, bbb, ccc, X[13],  5);
227 
228    tmp = cc; cc = ccc; ccc = tmp;
229 
230    /* round 4 */
231    II(cc, dd, ee, aa, bb, X[ 1], 11);
232    II(bb, cc, dd, ee, aa, X[ 9], 12);
233    II(aa, bb, cc, dd, ee, X[11], 14);
234    II(ee, aa, bb, cc, dd, X[10], 15);
235    II(dd, ee, aa, bb, cc, X[ 0], 14);
236    II(cc, dd, ee, aa, bb, X[ 8], 15);
237    II(bb, cc, dd, ee, aa, X[12],  9);
238    II(aa, bb, cc, dd, ee, X[ 4],  8);
239    II(ee, aa, bb, cc, dd, X[13],  9);
240    II(dd, ee, aa, bb, cc, X[ 3], 14);
241    II(cc, dd, ee, aa, bb, X[ 7],  5);
242    II(bb, cc, dd, ee, aa, X[15],  6);
243    II(aa, bb, cc, dd, ee, X[14],  8);
244    II(ee, aa, bb, cc, dd, X[ 5],  6);
245    II(dd, ee, aa, bb, cc, X[ 6],  5);
246    II(cc, dd, ee, aa, bb, X[ 2], 12);
247 
248    /* parallel round 4 */
249    GGG(ccc, ddd, eee, aaa, bbb, X[ 8], 15);
250    GGG(bbb, ccc, ddd, eee, aaa, X[ 6],  5);
251    GGG(aaa, bbb, ccc, ddd, eee, X[ 4],  8);
252    GGG(eee, aaa, bbb, ccc, ddd, X[ 1], 11);
253    GGG(ddd, eee, aaa, bbb, ccc, X[ 3], 14);
254    GGG(ccc, ddd, eee, aaa, bbb, X[11], 14);
255    GGG(bbb, ccc, ddd, eee, aaa, X[15],  6);
256    GGG(aaa, bbb, ccc, ddd, eee, X[ 0], 14);
257    GGG(eee, aaa, bbb, ccc, ddd, X[ 5],  6);
258    GGG(ddd, eee, aaa, bbb, ccc, X[12],  9);
259    GGG(ccc, ddd, eee, aaa, bbb, X[ 2], 12);
260    GGG(bbb, ccc, ddd, eee, aaa, X[13],  9);
261    GGG(aaa, bbb, ccc, ddd, eee, X[ 9], 12);
262    GGG(eee, aaa, bbb, ccc, ddd, X[ 7],  5);
263    GGG(ddd, eee, aaa, bbb, ccc, X[10], 15);
264    GGG(ccc, ddd, eee, aaa, bbb, X[14],  8);
265 
266    tmp = dd; dd = ddd; ddd = tmp;
267 
268    /* round 5 */
269    JJ(bb, cc, dd, ee, aa, X[ 4],  9);
270    JJ(aa, bb, cc, dd, ee, X[ 0], 15);
271    JJ(ee, aa, bb, cc, dd, X[ 5],  5);
272    JJ(dd, ee, aa, bb, cc, X[ 9], 11);
273    JJ(cc, dd, ee, aa, bb, X[ 7],  6);
274    JJ(bb, cc, dd, ee, aa, X[12],  8);
275    JJ(aa, bb, cc, dd, ee, X[ 2], 13);
276    JJ(ee, aa, bb, cc, dd, X[10], 12);
277    JJ(dd, ee, aa, bb, cc, X[14],  5);
278    JJ(cc, dd, ee, aa, bb, X[ 1], 12);
279    JJ(bb, cc, dd, ee, aa, X[ 3], 13);
280    JJ(aa, bb, cc, dd, ee, X[ 8], 14);
281    JJ(ee, aa, bb, cc, dd, X[11], 11);
282    JJ(dd, ee, aa, bb, cc, X[ 6],  8);
283    JJ(cc, dd, ee, aa, bb, X[15],  5);
284    JJ(bb, cc, dd, ee, aa, X[13],  6);
285 
286    /* parallel round 5 */
287    FFF(bbb, ccc, ddd, eee, aaa, X[12] ,  8);
288    FFF(aaa, bbb, ccc, ddd, eee, X[15] ,  5);
289    FFF(eee, aaa, bbb, ccc, ddd, X[10] , 12);
290    FFF(ddd, eee, aaa, bbb, ccc, X[ 4] ,  9);
291    FFF(ccc, ddd, eee, aaa, bbb, X[ 1] , 12);
292    FFF(bbb, ccc, ddd, eee, aaa, X[ 5] ,  5);
293    FFF(aaa, bbb, ccc, ddd, eee, X[ 8] , 14);
294    FFF(eee, aaa, bbb, ccc, ddd, X[ 7] ,  6);
295    FFF(ddd, eee, aaa, bbb, ccc, X[ 6] ,  8);
296    FFF(ccc, ddd, eee, aaa, bbb, X[ 2] , 13);
297    FFF(bbb, ccc, ddd, eee, aaa, X[13] ,  6);
298    FFF(aaa, bbb, ccc, ddd, eee, X[14] ,  5);
299    FFF(eee, aaa, bbb, ccc, ddd, X[ 0] , 15);
300    FFF(ddd, eee, aaa, bbb, ccc, X[ 3] , 13);
301    FFF(ccc, ddd, eee, aaa, bbb, X[ 9] , 11);
302    FFF(bbb, ccc, ddd, eee, aaa, X[11] , 11);
303 
304    tmp = ee; ee = eee; eee = tmp;
305 
306    /* combine results */
307    md->rmd320.state[0] += aa;
308    md->rmd320.state[1] += bb;
309    md->rmd320.state[2] += cc;
310    md->rmd320.state[3] += dd;
311    md->rmd320.state[4] += ee;
312    md->rmd320.state[5] += aaa;
313    md->rmd320.state[6] += bbb;
314    md->rmd320.state[7] += ccc;
315    md->rmd320.state[8] += ddd;
316    md->rmd320.state[9] += eee;
317 
318    return CRYPT_OK;
319 }
320 
321 #ifdef LTC_CLEAN_STACK
322 static int s_rmd320_compress(hash_state *md, const unsigned char *buf)
323 {
324    int err;
325    err = ss_rmd320_compress(md, buf);
326    burn_stack(sizeof(ulong32) * 27 + sizeof(int));
327    return err;
328 }
329 #endif
330 
331 /**
332    Initialize the hash state
333    @param md   The hash state you wish to initialize
334    @return CRYPT_OK if successful
335 */
336 int rmd320_init(hash_state * md)
337 {
338    LTC_ARGCHK(md != NULL);
339    md->rmd320.state[0] = 0x67452301UL;
340    md->rmd320.state[1] = 0xefcdab89UL;
341    md->rmd320.state[2] = 0x98badcfeUL;
342    md->rmd320.state[3] = 0x10325476UL;
343    md->rmd320.state[4] = 0xc3d2e1f0UL;
344    md->rmd320.state[5] = 0x76543210UL;
345    md->rmd320.state[6] = 0xfedcba98UL;
346    md->rmd320.state[7] = 0x89abcdefUL;
347    md->rmd320.state[8] = 0x01234567UL;
348    md->rmd320.state[9] = 0x3c2d1e0fUL;
349    md->rmd320.curlen   = 0;
350    md->rmd320.length   = 0;
351    return CRYPT_OK;
352 }
353 
354 /**
355    Process a block of memory though the hash
356    @param md     The hash state
357    @param in     The data to hash
358    @param inlen  The length of the data (octets)
359    @return CRYPT_OK if successful
360 */
361 HASH_PROCESS(rmd320_process, s_rmd320_compress, rmd320, 64)
362 
363 /**
364    Terminate the hash to get the digest
365    @param md  The hash state
366    @param out [out] The destination of the hash (20 bytes)
367    @return CRYPT_OK if successful
368 */
369 int rmd320_done(hash_state * md, unsigned char *out)
370 {
371     int i;
372 
373     LTC_ARGCHK(md  != NULL);
374     LTC_ARGCHK(out != NULL);
375 
376     if (md->rmd320.curlen >= sizeof(md->rmd320.buf)) {
377        return CRYPT_INVALID_ARG;
378     }
379 
380 
381     /* increase the length of the message */
382     md->rmd320.length += md->rmd320.curlen * 8;
383 
384     /* append the '1' bit */
385     md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0x80;
386 
387     /* if the length is currently above 56 bytes we append zeros
388      * then compress.  Then we can fall back to padding zeros and length
389      * encoding like normal.
390      */
391     if (md->rmd320.curlen > 56) {
392         while (md->rmd320.curlen < 64) {
393             md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0;
394         }
395         s_rmd320_compress(md, md->rmd320.buf);
396         md->rmd320.curlen = 0;
397     }
398 
399     /* pad upto 56 bytes of zeroes */
400     while (md->rmd320.curlen < 56) {
401         md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0;
402     }
403 
404     /* store length */
405     STORE64L(md->rmd320.length, md->rmd320.buf+56);
406     s_rmd320_compress(md, md->rmd320.buf);
407 
408     /* copy output */
409     for (i = 0; i < 10; i++) {
410         STORE32L(md->rmd320.state[i], out+(4*i));
411     }
412 #ifdef LTC_CLEAN_STACK
413     zeromem(md, sizeof(hash_state));
414 #endif
415     return CRYPT_OK;
416 }
417 
418 /**
419   Self-test the hash
420   @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
421 */
422 int rmd320_test(void)
423 {
424 #ifndef LTC_TEST
425    return CRYPT_NOP;
426 #else
427    static const struct {
428         const char *msg;
429         unsigned char hash[40];
430    } tests[] = {
431    { "",
432      { 0x22, 0xd6, 0x5d, 0x56, 0x61, 0x53, 0x6c, 0xdc, 0x75, 0xc1,
433        0xfd, 0xf5, 0xc6, 0xde, 0x7b, 0x41, 0xb9, 0xf2, 0x73, 0x25,
434        0xeb, 0xc6, 0x1e, 0x85, 0x57, 0x17, 0x7d, 0x70, 0x5a, 0x0e,
435        0xc8, 0x80, 0x15, 0x1c, 0x3a, 0x32, 0xa0, 0x08, 0x99, 0xb8 }
436    },
437    { "a",
438      { 0xce, 0x78, 0x85, 0x06, 0x38, 0xf9, 0x26, 0x58, 0xa5, 0xa5,
439        0x85, 0x09, 0x75, 0x79, 0x92, 0x6d, 0xda, 0x66, 0x7a, 0x57,
440        0x16, 0x56, 0x2c, 0xfc, 0xf6, 0xfb, 0xe7, 0x7f, 0x63, 0x54,
441        0x2f, 0x99, 0xb0, 0x47, 0x05, 0xd6, 0x97, 0x0d, 0xff, 0x5d }
442    },
443    { "abc",
444      { 0xde, 0x4c, 0x01, 0xb3, 0x05, 0x4f, 0x89, 0x30, 0xa7, 0x9d,
445        0x09, 0xae, 0x73, 0x8e, 0x92, 0x30, 0x1e, 0x5a, 0x17, 0x08,
446        0x5b, 0xef, 0xfd, 0xc1, 0xb8, 0xd1, 0x16, 0x71, 0x3e, 0x74,
447        0xf8, 0x2f, 0xa9, 0x42, 0xd6, 0x4c, 0xdb, 0xc4, 0x68, 0x2d }
448    },
449    { "message digest",
450      { 0x3a, 0x8e, 0x28, 0x50, 0x2e, 0xd4, 0x5d, 0x42, 0x2f, 0x68,
451        0x84, 0x4f, 0x9d, 0xd3, 0x16, 0xe7, 0xb9, 0x85, 0x33, 0xfa,
452        0x3f, 0x2a, 0x91, 0xd2, 0x9f, 0x84, 0xd4, 0x25, 0xc8, 0x8d,
453        0x6b, 0x4e, 0xff, 0x72, 0x7d, 0xf6, 0x6a, 0x7c, 0x01, 0x97 }
454    },
455    { "abcdefghijklmnopqrstuvwxyz",
456      { 0xca, 0xbd, 0xb1, 0x81, 0x0b, 0x92, 0x47, 0x0a, 0x20, 0x93,
457        0xaa, 0x6b, 0xce, 0x05, 0x95, 0x2c, 0x28, 0x34, 0x8c, 0xf4,
458        0x3f, 0xf6, 0x08, 0x41, 0x97, 0x51, 0x66, 0xbb, 0x40, 0xed,
459        0x23, 0x40, 0x04, 0xb8, 0x82, 0x44, 0x63, 0xe6, 0xb0, 0x09 }
460    },
461    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
462      { 0xd0, 0x34, 0xa7, 0x95, 0x0c, 0xf7, 0x22, 0x02, 0x1b, 0xa4,
463        0xb8, 0x4d, 0xf7, 0x69, 0xa5, 0xde, 0x20, 0x60, 0xe2, 0x59,
464        0xdf, 0x4c, 0x9b, 0xb4, 0xa4, 0x26, 0x8c, 0x0e, 0x93, 0x5b,
465        0xbc, 0x74, 0x70, 0xa9, 0x69, 0xc9, 0xd0, 0x72, 0xa1, 0xac }
466    }
467    };
468 
469    int i;
470    unsigned char tmp[40];
471    hash_state md;
472 
473    for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
474        rmd320_init(&md);
475        rmd320_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg));
476        rmd320_done(&md, tmp);
477        if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD320", i)) {
478           return CRYPT_FAIL_TESTVECTOR;
479        }
480    }
481    return CRYPT_OK;
482 #endif
483 }
484 
485 #endif
486