1*78acc472SPeter Tyser /* 2*78acc472SPeter Tyser * Heiko Schocher, DENX Software Engineering, hs@denx.de. 3*78acc472SPeter Tyser * based on: 4*78acc472SPeter Tyser * FIPS-180-1 compliant SHA-1 implementation 5*78acc472SPeter Tyser * 6*78acc472SPeter Tyser * Copyright (C) 2003-2006 Christophe Devine 7*78acc472SPeter Tyser * 8*78acc472SPeter Tyser * This library is free software; you can redistribute it and/or 9*78acc472SPeter Tyser * modify it under the terms of the GNU Lesser General Public 10*78acc472SPeter Tyser * License, version 2.1 as published by the Free Software Foundation. 11*78acc472SPeter Tyser * 12*78acc472SPeter Tyser * This library is distributed in the hope that it will be useful, 13*78acc472SPeter Tyser * but WITHOUT ANY WARRANTY; without even the implied warranty of 14*78acc472SPeter Tyser * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 15*78acc472SPeter Tyser * Lesser General Public License for more details. 16*78acc472SPeter Tyser * 17*78acc472SPeter Tyser * You should have received a copy of the GNU Lesser General Public 18*78acc472SPeter Tyser * License along with this library; if not, write to the Free Software 19*78acc472SPeter Tyser * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, 20*78acc472SPeter Tyser * MA 02110-1301 USA 21*78acc472SPeter Tyser */ 22*78acc472SPeter Tyser /* 23*78acc472SPeter Tyser * The SHA-1 standard was published by NIST in 1993. 24*78acc472SPeter Tyser * 25*78acc472SPeter Tyser * http://www.itl.nist.gov/fipspubs/fip180-1.htm 26*78acc472SPeter Tyser */ 27*78acc472SPeter Tyser 28*78acc472SPeter Tyser #ifndef _CRT_SECURE_NO_DEPRECATE 29*78acc472SPeter Tyser #define _CRT_SECURE_NO_DEPRECATE 1 30*78acc472SPeter Tyser #endif 31*78acc472SPeter Tyser 32*78acc472SPeter Tyser #ifndef USE_HOSTCC 33*78acc472SPeter Tyser #include <common.h> 34*78acc472SPeter Tyser #include <linux/string.h> 35*78acc472SPeter Tyser #else 36*78acc472SPeter Tyser #include <string.h> 37*78acc472SPeter Tyser #endif /* USE_HOSTCC */ 38*78acc472SPeter Tyser #include <watchdog.h> 39*78acc472SPeter Tyser #include "sha1.h" 40*78acc472SPeter Tyser 41*78acc472SPeter Tyser /* 42*78acc472SPeter Tyser * 32-bit integer manipulation macros (big endian) 43*78acc472SPeter Tyser */ 44*78acc472SPeter Tyser #ifndef GET_UINT32_BE 45*78acc472SPeter Tyser #define GET_UINT32_BE(n,b,i) { \ 46*78acc472SPeter Tyser (n) = ( (unsigned long) (b)[(i) ] << 24 ) \ 47*78acc472SPeter Tyser | ( (unsigned long) (b)[(i) + 1] << 16 ) \ 48*78acc472SPeter Tyser | ( (unsigned long) (b)[(i) + 2] << 8 ) \ 49*78acc472SPeter Tyser | ( (unsigned long) (b)[(i) + 3] ); \ 50*78acc472SPeter Tyser } 51*78acc472SPeter Tyser #endif 52*78acc472SPeter Tyser #ifndef PUT_UINT32_BE 53*78acc472SPeter Tyser #define PUT_UINT32_BE(n,b,i) { \ 54*78acc472SPeter Tyser (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 55*78acc472SPeter Tyser (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 56*78acc472SPeter Tyser (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 57*78acc472SPeter Tyser (b)[(i) + 3] = (unsigned char) ( (n) ); \ 58*78acc472SPeter Tyser } 59*78acc472SPeter Tyser #endif 60*78acc472SPeter Tyser 61*78acc472SPeter Tyser /* 62*78acc472SPeter Tyser * SHA-1 context setup 63*78acc472SPeter Tyser */ 64*78acc472SPeter Tyser void sha1_starts (sha1_context * ctx) 65*78acc472SPeter Tyser { 66*78acc472SPeter Tyser ctx->total[0] = 0; 67*78acc472SPeter Tyser ctx->total[1] = 0; 68*78acc472SPeter Tyser 69*78acc472SPeter Tyser ctx->state[0] = 0x67452301; 70*78acc472SPeter Tyser ctx->state[1] = 0xEFCDAB89; 71*78acc472SPeter Tyser ctx->state[2] = 0x98BADCFE; 72*78acc472SPeter Tyser ctx->state[3] = 0x10325476; 73*78acc472SPeter Tyser ctx->state[4] = 0xC3D2E1F0; 74*78acc472SPeter Tyser } 75*78acc472SPeter Tyser 76*78acc472SPeter Tyser static void sha1_process (sha1_context * ctx, unsigned char data[64]) 77*78acc472SPeter Tyser { 78*78acc472SPeter Tyser unsigned long temp, W[16], A, B, C, D, E; 79*78acc472SPeter Tyser 80*78acc472SPeter Tyser GET_UINT32_BE (W[0], data, 0); 81*78acc472SPeter Tyser GET_UINT32_BE (W[1], data, 4); 82*78acc472SPeter Tyser GET_UINT32_BE (W[2], data, 8); 83*78acc472SPeter Tyser GET_UINT32_BE (W[3], data, 12); 84*78acc472SPeter Tyser GET_UINT32_BE (W[4], data, 16); 85*78acc472SPeter Tyser GET_UINT32_BE (W[5], data, 20); 86*78acc472SPeter Tyser GET_UINT32_BE (W[6], data, 24); 87*78acc472SPeter Tyser GET_UINT32_BE (W[7], data, 28); 88*78acc472SPeter Tyser GET_UINT32_BE (W[8], data, 32); 89*78acc472SPeter Tyser GET_UINT32_BE (W[9], data, 36); 90*78acc472SPeter Tyser GET_UINT32_BE (W[10], data, 40); 91*78acc472SPeter Tyser GET_UINT32_BE (W[11], data, 44); 92*78acc472SPeter Tyser GET_UINT32_BE (W[12], data, 48); 93*78acc472SPeter Tyser GET_UINT32_BE (W[13], data, 52); 94*78acc472SPeter Tyser GET_UINT32_BE (W[14], data, 56); 95*78acc472SPeter Tyser GET_UINT32_BE (W[15], data, 60); 96*78acc472SPeter Tyser 97*78acc472SPeter Tyser #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) 98*78acc472SPeter Tyser 99*78acc472SPeter Tyser #define R(t) ( \ 100*78acc472SPeter Tyser temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \ 101*78acc472SPeter Tyser W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \ 102*78acc472SPeter Tyser ( W[t & 0x0F] = S(temp,1) ) \ 103*78acc472SPeter Tyser ) 104*78acc472SPeter Tyser 105*78acc472SPeter Tyser #define P(a,b,c,d,e,x) { \ 106*78acc472SPeter Tyser e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \ 107*78acc472SPeter Tyser } 108*78acc472SPeter Tyser 109*78acc472SPeter Tyser A = ctx->state[0]; 110*78acc472SPeter Tyser B = ctx->state[1]; 111*78acc472SPeter Tyser C = ctx->state[2]; 112*78acc472SPeter Tyser D = ctx->state[3]; 113*78acc472SPeter Tyser E = ctx->state[4]; 114*78acc472SPeter Tyser 115*78acc472SPeter Tyser #define F(x,y,z) (z ^ (x & (y ^ z))) 116*78acc472SPeter Tyser #define K 0x5A827999 117*78acc472SPeter Tyser 118*78acc472SPeter Tyser P (A, B, C, D, E, W[0]); 119*78acc472SPeter Tyser P (E, A, B, C, D, W[1]); 120*78acc472SPeter Tyser P (D, E, A, B, C, W[2]); 121*78acc472SPeter Tyser P (C, D, E, A, B, W[3]); 122*78acc472SPeter Tyser P (B, C, D, E, A, W[4]); 123*78acc472SPeter Tyser P (A, B, C, D, E, W[5]); 124*78acc472SPeter Tyser P (E, A, B, C, D, W[6]); 125*78acc472SPeter Tyser P (D, E, A, B, C, W[7]); 126*78acc472SPeter Tyser P (C, D, E, A, B, W[8]); 127*78acc472SPeter Tyser P (B, C, D, E, A, W[9]); 128*78acc472SPeter Tyser P (A, B, C, D, E, W[10]); 129*78acc472SPeter Tyser P (E, A, B, C, D, W[11]); 130*78acc472SPeter Tyser P (D, E, A, B, C, W[12]); 131*78acc472SPeter Tyser P (C, D, E, A, B, W[13]); 132*78acc472SPeter Tyser P (B, C, D, E, A, W[14]); 133*78acc472SPeter Tyser P (A, B, C, D, E, W[15]); 134*78acc472SPeter Tyser P (E, A, B, C, D, R (16)); 135*78acc472SPeter Tyser P (D, E, A, B, C, R (17)); 136*78acc472SPeter Tyser P (C, D, E, A, B, R (18)); 137*78acc472SPeter Tyser P (B, C, D, E, A, R (19)); 138*78acc472SPeter Tyser 139*78acc472SPeter Tyser #undef K 140*78acc472SPeter Tyser #undef F 141*78acc472SPeter Tyser 142*78acc472SPeter Tyser #define F(x,y,z) (x ^ y ^ z) 143*78acc472SPeter Tyser #define K 0x6ED9EBA1 144*78acc472SPeter Tyser 145*78acc472SPeter Tyser P (A, B, C, D, E, R (20)); 146*78acc472SPeter Tyser P (E, A, B, C, D, R (21)); 147*78acc472SPeter Tyser P (D, E, A, B, C, R (22)); 148*78acc472SPeter Tyser P (C, D, E, A, B, R (23)); 149*78acc472SPeter Tyser P (B, C, D, E, A, R (24)); 150*78acc472SPeter Tyser P (A, B, C, D, E, R (25)); 151*78acc472SPeter Tyser P (E, A, B, C, D, R (26)); 152*78acc472SPeter Tyser P (D, E, A, B, C, R (27)); 153*78acc472SPeter Tyser P (C, D, E, A, B, R (28)); 154*78acc472SPeter Tyser P (B, C, D, E, A, R (29)); 155*78acc472SPeter Tyser P (A, B, C, D, E, R (30)); 156*78acc472SPeter Tyser P (E, A, B, C, D, R (31)); 157*78acc472SPeter Tyser P (D, E, A, B, C, R (32)); 158*78acc472SPeter Tyser P (C, D, E, A, B, R (33)); 159*78acc472SPeter Tyser P (B, C, D, E, A, R (34)); 160*78acc472SPeter Tyser P (A, B, C, D, E, R (35)); 161*78acc472SPeter Tyser P (E, A, B, C, D, R (36)); 162*78acc472SPeter Tyser P (D, E, A, B, C, R (37)); 163*78acc472SPeter Tyser P (C, D, E, A, B, R (38)); 164*78acc472SPeter Tyser P (B, C, D, E, A, R (39)); 165*78acc472SPeter Tyser 166*78acc472SPeter Tyser #undef K 167*78acc472SPeter Tyser #undef F 168*78acc472SPeter Tyser 169*78acc472SPeter Tyser #define F(x,y,z) ((x & y) | (z & (x | y))) 170*78acc472SPeter Tyser #define K 0x8F1BBCDC 171*78acc472SPeter Tyser 172*78acc472SPeter Tyser P (A, B, C, D, E, R (40)); 173*78acc472SPeter Tyser P (E, A, B, C, D, R (41)); 174*78acc472SPeter Tyser P (D, E, A, B, C, R (42)); 175*78acc472SPeter Tyser P (C, D, E, A, B, R (43)); 176*78acc472SPeter Tyser P (B, C, D, E, A, R (44)); 177*78acc472SPeter Tyser P (A, B, C, D, E, R (45)); 178*78acc472SPeter Tyser P (E, A, B, C, D, R (46)); 179*78acc472SPeter Tyser P (D, E, A, B, C, R (47)); 180*78acc472SPeter Tyser P (C, D, E, A, B, R (48)); 181*78acc472SPeter Tyser P (B, C, D, E, A, R (49)); 182*78acc472SPeter Tyser P (A, B, C, D, E, R (50)); 183*78acc472SPeter Tyser P (E, A, B, C, D, R (51)); 184*78acc472SPeter Tyser P (D, E, A, B, C, R (52)); 185*78acc472SPeter Tyser P (C, D, E, A, B, R (53)); 186*78acc472SPeter Tyser P (B, C, D, E, A, R (54)); 187*78acc472SPeter Tyser P (A, B, C, D, E, R (55)); 188*78acc472SPeter Tyser P (E, A, B, C, D, R (56)); 189*78acc472SPeter Tyser P (D, E, A, B, C, R (57)); 190*78acc472SPeter Tyser P (C, D, E, A, B, R (58)); 191*78acc472SPeter Tyser P (B, C, D, E, A, R (59)); 192*78acc472SPeter Tyser 193*78acc472SPeter Tyser #undef K 194*78acc472SPeter Tyser #undef F 195*78acc472SPeter Tyser 196*78acc472SPeter Tyser #define F(x,y,z) (x ^ y ^ z) 197*78acc472SPeter Tyser #define K 0xCA62C1D6 198*78acc472SPeter Tyser 199*78acc472SPeter Tyser P (A, B, C, D, E, R (60)); 200*78acc472SPeter Tyser P (E, A, B, C, D, R (61)); 201*78acc472SPeter Tyser P (D, E, A, B, C, R (62)); 202*78acc472SPeter Tyser P (C, D, E, A, B, R (63)); 203*78acc472SPeter Tyser P (B, C, D, E, A, R (64)); 204*78acc472SPeter Tyser P (A, B, C, D, E, R (65)); 205*78acc472SPeter Tyser P (E, A, B, C, D, R (66)); 206*78acc472SPeter Tyser P (D, E, A, B, C, R (67)); 207*78acc472SPeter Tyser P (C, D, E, A, B, R (68)); 208*78acc472SPeter Tyser P (B, C, D, E, A, R (69)); 209*78acc472SPeter Tyser P (A, B, C, D, E, R (70)); 210*78acc472SPeter Tyser P (E, A, B, C, D, R (71)); 211*78acc472SPeter Tyser P (D, E, A, B, C, R (72)); 212*78acc472SPeter Tyser P (C, D, E, A, B, R (73)); 213*78acc472SPeter Tyser P (B, C, D, E, A, R (74)); 214*78acc472SPeter Tyser P (A, B, C, D, E, R (75)); 215*78acc472SPeter Tyser P (E, A, B, C, D, R (76)); 216*78acc472SPeter Tyser P (D, E, A, B, C, R (77)); 217*78acc472SPeter Tyser P (C, D, E, A, B, R (78)); 218*78acc472SPeter Tyser P (B, C, D, E, A, R (79)); 219*78acc472SPeter Tyser 220*78acc472SPeter Tyser #undef K 221*78acc472SPeter Tyser #undef F 222*78acc472SPeter Tyser 223*78acc472SPeter Tyser ctx->state[0] += A; 224*78acc472SPeter Tyser ctx->state[1] += B; 225*78acc472SPeter Tyser ctx->state[2] += C; 226*78acc472SPeter Tyser ctx->state[3] += D; 227*78acc472SPeter Tyser ctx->state[4] += E; 228*78acc472SPeter Tyser } 229*78acc472SPeter Tyser 230*78acc472SPeter Tyser /* 231*78acc472SPeter Tyser * SHA-1 process buffer 232*78acc472SPeter Tyser */ 233*78acc472SPeter Tyser void sha1_update (sha1_context * ctx, unsigned char *input, int ilen) 234*78acc472SPeter Tyser { 235*78acc472SPeter Tyser int fill; 236*78acc472SPeter Tyser unsigned long left; 237*78acc472SPeter Tyser 238*78acc472SPeter Tyser if (ilen <= 0) 239*78acc472SPeter Tyser return; 240*78acc472SPeter Tyser 241*78acc472SPeter Tyser left = ctx->total[0] & 0x3F; 242*78acc472SPeter Tyser fill = 64 - left; 243*78acc472SPeter Tyser 244*78acc472SPeter Tyser ctx->total[0] += ilen; 245*78acc472SPeter Tyser ctx->total[0] &= 0xFFFFFFFF; 246*78acc472SPeter Tyser 247*78acc472SPeter Tyser if (ctx->total[0] < (unsigned long) ilen) 248*78acc472SPeter Tyser ctx->total[1]++; 249*78acc472SPeter Tyser 250*78acc472SPeter Tyser if (left && ilen >= fill) { 251*78acc472SPeter Tyser memcpy ((void *) (ctx->buffer + left), (void *) input, fill); 252*78acc472SPeter Tyser sha1_process (ctx, ctx->buffer); 253*78acc472SPeter Tyser input += fill; 254*78acc472SPeter Tyser ilen -= fill; 255*78acc472SPeter Tyser left = 0; 256*78acc472SPeter Tyser } 257*78acc472SPeter Tyser 258*78acc472SPeter Tyser while (ilen >= 64) { 259*78acc472SPeter Tyser sha1_process (ctx, input); 260*78acc472SPeter Tyser input += 64; 261*78acc472SPeter Tyser ilen -= 64; 262*78acc472SPeter Tyser } 263*78acc472SPeter Tyser 264*78acc472SPeter Tyser if (ilen > 0) { 265*78acc472SPeter Tyser memcpy ((void *) (ctx->buffer + left), (void *) input, ilen); 266*78acc472SPeter Tyser } 267*78acc472SPeter Tyser } 268*78acc472SPeter Tyser 269*78acc472SPeter Tyser static const unsigned char sha1_padding[64] = { 270*78acc472SPeter Tyser 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 271*78acc472SPeter Tyser 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 272*78acc472SPeter Tyser 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 273*78acc472SPeter Tyser 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 274*78acc472SPeter Tyser }; 275*78acc472SPeter Tyser 276*78acc472SPeter Tyser /* 277*78acc472SPeter Tyser * SHA-1 final digest 278*78acc472SPeter Tyser */ 279*78acc472SPeter Tyser void sha1_finish (sha1_context * ctx, unsigned char output[20]) 280*78acc472SPeter Tyser { 281*78acc472SPeter Tyser unsigned long last, padn; 282*78acc472SPeter Tyser unsigned long high, low; 283*78acc472SPeter Tyser unsigned char msglen[8]; 284*78acc472SPeter Tyser 285*78acc472SPeter Tyser high = (ctx->total[0] >> 29) 286*78acc472SPeter Tyser | (ctx->total[1] << 3); 287*78acc472SPeter Tyser low = (ctx->total[0] << 3); 288*78acc472SPeter Tyser 289*78acc472SPeter Tyser PUT_UINT32_BE (high, msglen, 0); 290*78acc472SPeter Tyser PUT_UINT32_BE (low, msglen, 4); 291*78acc472SPeter Tyser 292*78acc472SPeter Tyser last = ctx->total[0] & 0x3F; 293*78acc472SPeter Tyser padn = (last < 56) ? (56 - last) : (120 - last); 294*78acc472SPeter Tyser 295*78acc472SPeter Tyser sha1_update (ctx, (unsigned char *) sha1_padding, padn); 296*78acc472SPeter Tyser sha1_update (ctx, msglen, 8); 297*78acc472SPeter Tyser 298*78acc472SPeter Tyser PUT_UINT32_BE (ctx->state[0], output, 0); 299*78acc472SPeter Tyser PUT_UINT32_BE (ctx->state[1], output, 4); 300*78acc472SPeter Tyser PUT_UINT32_BE (ctx->state[2], output, 8); 301*78acc472SPeter Tyser PUT_UINT32_BE (ctx->state[3], output, 12); 302*78acc472SPeter Tyser PUT_UINT32_BE (ctx->state[4], output, 16); 303*78acc472SPeter Tyser } 304*78acc472SPeter Tyser 305*78acc472SPeter Tyser /* 306*78acc472SPeter Tyser * Output = SHA-1( input buffer ) 307*78acc472SPeter Tyser */ 308*78acc472SPeter Tyser void sha1_csum (unsigned char *input, int ilen, unsigned char output[20]) 309*78acc472SPeter Tyser { 310*78acc472SPeter Tyser sha1_context ctx; 311*78acc472SPeter Tyser 312*78acc472SPeter Tyser sha1_starts (&ctx); 313*78acc472SPeter Tyser sha1_update (&ctx, input, ilen); 314*78acc472SPeter Tyser sha1_finish (&ctx, output); 315*78acc472SPeter Tyser } 316*78acc472SPeter Tyser 317*78acc472SPeter Tyser /* 318*78acc472SPeter Tyser * Output = SHA-1( input buffer ). Trigger the watchdog every 'chunk_sz' 319*78acc472SPeter Tyser * bytes of input processed. 320*78acc472SPeter Tyser */ 321*78acc472SPeter Tyser void sha1_csum_wd (unsigned char *input, int ilen, unsigned char output[20], 322*78acc472SPeter Tyser unsigned int chunk_sz) 323*78acc472SPeter Tyser { 324*78acc472SPeter Tyser sha1_context ctx; 325*78acc472SPeter Tyser #if defined(CONFIG_HW_WATCHDOG) || defined(CONFIG_WATCHDOG) 326*78acc472SPeter Tyser unsigned char *end, *curr; 327*78acc472SPeter Tyser int chunk; 328*78acc472SPeter Tyser #endif 329*78acc472SPeter Tyser 330*78acc472SPeter Tyser sha1_starts (&ctx); 331*78acc472SPeter Tyser 332*78acc472SPeter Tyser #if defined(CONFIG_HW_WATCHDOG) || defined(CONFIG_WATCHDOG) 333*78acc472SPeter Tyser curr = input; 334*78acc472SPeter Tyser end = input + ilen; 335*78acc472SPeter Tyser while (curr < end) { 336*78acc472SPeter Tyser chunk = end - curr; 337*78acc472SPeter Tyser if (chunk > chunk_sz) 338*78acc472SPeter Tyser chunk = chunk_sz; 339*78acc472SPeter Tyser sha1_update (&ctx, curr, chunk); 340*78acc472SPeter Tyser curr += chunk; 341*78acc472SPeter Tyser WATCHDOG_RESET (); 342*78acc472SPeter Tyser } 343*78acc472SPeter Tyser #else 344*78acc472SPeter Tyser sha1_update (&ctx, input, ilen); 345*78acc472SPeter Tyser #endif 346*78acc472SPeter Tyser 347*78acc472SPeter Tyser sha1_finish (&ctx, output); 348*78acc472SPeter Tyser } 349*78acc472SPeter Tyser 350*78acc472SPeter Tyser /* 351*78acc472SPeter Tyser * Output = HMAC-SHA-1( input buffer, hmac key ) 352*78acc472SPeter Tyser */ 353*78acc472SPeter Tyser void sha1_hmac (unsigned char *key, int keylen, 354*78acc472SPeter Tyser unsigned char *input, int ilen, unsigned char output[20]) 355*78acc472SPeter Tyser { 356*78acc472SPeter Tyser int i; 357*78acc472SPeter Tyser sha1_context ctx; 358*78acc472SPeter Tyser unsigned char k_ipad[64]; 359*78acc472SPeter Tyser unsigned char k_opad[64]; 360*78acc472SPeter Tyser unsigned char tmpbuf[20]; 361*78acc472SPeter Tyser 362*78acc472SPeter Tyser memset (k_ipad, 0x36, 64); 363*78acc472SPeter Tyser memset (k_opad, 0x5C, 64); 364*78acc472SPeter Tyser 365*78acc472SPeter Tyser for (i = 0; i < keylen; i++) { 366*78acc472SPeter Tyser if (i >= 64) 367*78acc472SPeter Tyser break; 368*78acc472SPeter Tyser 369*78acc472SPeter Tyser k_ipad[i] ^= key[i]; 370*78acc472SPeter Tyser k_opad[i] ^= key[i]; 371*78acc472SPeter Tyser } 372*78acc472SPeter Tyser 373*78acc472SPeter Tyser sha1_starts (&ctx); 374*78acc472SPeter Tyser sha1_update (&ctx, k_ipad, 64); 375*78acc472SPeter Tyser sha1_update (&ctx, input, ilen); 376*78acc472SPeter Tyser sha1_finish (&ctx, tmpbuf); 377*78acc472SPeter Tyser 378*78acc472SPeter Tyser sha1_starts (&ctx); 379*78acc472SPeter Tyser sha1_update (&ctx, k_opad, 64); 380*78acc472SPeter Tyser sha1_update (&ctx, tmpbuf, 20); 381*78acc472SPeter Tyser sha1_finish (&ctx, output); 382*78acc472SPeter Tyser 383*78acc472SPeter Tyser memset (k_ipad, 0, 64); 384*78acc472SPeter Tyser memset (k_opad, 0, 64); 385*78acc472SPeter Tyser memset (tmpbuf, 0, 20); 386*78acc472SPeter Tyser memset (&ctx, 0, sizeof (sha1_context)); 387*78acc472SPeter Tyser } 388*78acc472SPeter Tyser 389*78acc472SPeter Tyser static const char _sha1_src[] = "_sha1_src"; 390*78acc472SPeter Tyser 391*78acc472SPeter Tyser #ifdef SELF_TEST 392*78acc472SPeter Tyser /* 393*78acc472SPeter Tyser * FIPS-180-1 test vectors 394*78acc472SPeter Tyser */ 395*78acc472SPeter Tyser static const char sha1_test_str[3][57] = { 396*78acc472SPeter Tyser {"abc"}, 397*78acc472SPeter Tyser {"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"}, 398*78acc472SPeter Tyser {""} 399*78acc472SPeter Tyser }; 400*78acc472SPeter Tyser 401*78acc472SPeter Tyser static const unsigned char sha1_test_sum[3][20] = { 402*78acc472SPeter Tyser {0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 403*78acc472SPeter Tyser 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D}, 404*78acc472SPeter Tyser {0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE, 405*78acc472SPeter Tyser 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1}, 406*78acc472SPeter Tyser {0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E, 407*78acc472SPeter Tyser 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F} 408*78acc472SPeter Tyser }; 409*78acc472SPeter Tyser 410*78acc472SPeter Tyser /* 411*78acc472SPeter Tyser * Checkup routine 412*78acc472SPeter Tyser */ 413*78acc472SPeter Tyser int sha1_self_test (void) 414*78acc472SPeter Tyser { 415*78acc472SPeter Tyser int i, j; 416*78acc472SPeter Tyser unsigned char buf[1000]; 417*78acc472SPeter Tyser unsigned char sha1sum[20]; 418*78acc472SPeter Tyser sha1_context ctx; 419*78acc472SPeter Tyser 420*78acc472SPeter Tyser for (i = 0; i < 3; i++) { 421*78acc472SPeter Tyser printf (" SHA-1 test #%d: ", i + 1); 422*78acc472SPeter Tyser 423*78acc472SPeter Tyser sha1_starts (&ctx); 424*78acc472SPeter Tyser 425*78acc472SPeter Tyser if (i < 2) 426*78acc472SPeter Tyser sha1_update (&ctx, (unsigned char *) sha1_test_str[i], 427*78acc472SPeter Tyser strlen (sha1_test_str[i])); 428*78acc472SPeter Tyser else { 429*78acc472SPeter Tyser memset (buf, 'a', 1000); 430*78acc472SPeter Tyser for (j = 0; j < 1000; j++) 431*78acc472SPeter Tyser sha1_update (&ctx, buf, 1000); 432*78acc472SPeter Tyser } 433*78acc472SPeter Tyser 434*78acc472SPeter Tyser sha1_finish (&ctx, sha1sum); 435*78acc472SPeter Tyser 436*78acc472SPeter Tyser if (memcmp (sha1sum, sha1_test_sum[i], 20) != 0) { 437*78acc472SPeter Tyser printf ("failed\n"); 438*78acc472SPeter Tyser return (1); 439*78acc472SPeter Tyser } 440*78acc472SPeter Tyser 441*78acc472SPeter Tyser printf ("passed\n"); 442*78acc472SPeter Tyser } 443*78acc472SPeter Tyser 444*78acc472SPeter Tyser printf ("\n"); 445*78acc472SPeter Tyser return (0); 446*78acc472SPeter Tyser } 447*78acc472SPeter Tyser #else 448*78acc472SPeter Tyser int sha1_self_test (void) 449*78acc472SPeter Tyser { 450*78acc472SPeter Tyser return (0); 451*78acc472SPeter Tyser } 452*78acc472SPeter Tyser #endif 453