3 By Steve Reid <sreid@sea-to-sky.net>
8 By James H. Brown <jbrown@burgoyne.com>
9 Still 100% Public Domain
11 Corrected a problem which generated improper hash values on 16 bit machines
12 Routine SHA1Update changed from
13 void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int
16 void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned
19 The 'len' parameter was declared an int which works fine on 32 bit machines.
20 However, on 16 bit machines an int is too small for the shifts being done
22 it. This caused the hash function to generate incorrect values if len was
23 greater than 8191 (8K - 1) due to the 'len << 3' on line 3 of SHA1Update().
25 Since the file IO in main() reads 16K at a time, any file 8K or larger would
26 be guaranteed to generate the wrong hash (e.g. Test Vector #3, a million
29 I also changed the declaration of variables i & j in SHA1Update to
30 unsigned long from unsigned int for the same reason.
32 These changes should make no difference to any 32 bit implementations since
34 int and a long are the same size in those environments.
37 I also corrected a few compiler warnings generated by Borland C.
38 1. Added #include <process.h> for exit() prototype
39 2. Removed unused variable 'j' in SHA1Final
40 3. Changed exit(0) to return(0) at end of main.
42 ALL changes I made can be located by searching for comments containing 'JHB'
45 By Steve Reid <sreid@sea-to-sky.net>
46 Still 100% public domain
48 1- Removed #include <process.h> and used return() instead of exit()
49 2- Fixed overwriting of finalcount in SHA1Final() (discovered by Chris Hall)
50 3- Changed email address from steve@edmweb.com to sreid@sea-to-sky.net
54 By Saul Kravitz <Saul.Kravitz@celera.com>
56 Modified to run on Compaq Alpha hardware.
62 Test Vectors (from FIPS PUB 180-1)
64 A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
65 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
66 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
67 A million repetitions of "a"
68 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
71 /* #define SHA1HANDSOFF */
77 #include "common/h/Types.h"
78 #include "common/h/sha1.h"
79 /* #include <process.h> */ /* prototype for exit() - JHB */
80 /* Using return() instead of exit() - SWR */
85 unsigned char buffer[64];
88 void SHA1Transform(uint32_t state[5], unsigned char buffer[64]);
89 void SHA1Init(SHA1_CTX* context);
90 void SHA1Update(SHA1_CTX* context, unsigned char* data, uint32_t len); /*JHB */
91 void SHA1Final(unsigned char digest[20], SHA1_CTX* context);
93 #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
95 /* blk0() and blk() perform the initial expand. */
96 /* I got the idea of expanding during the round function from SSLeay */
97 #if defined(arch_sparc) || defined(arch_power) //Big Endian
98 #define blk0(i) block->l[i]
100 #define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
101 |(rol(block->l[i],8)&0x00FF00FF))
103 #define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
104 ^block->l[(i+2)&15]^block->l[i&15],1))
106 /* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
107 #define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
108 #define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
109 #define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
110 #define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
111 #define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
114 #ifdef VERBOSE /* SAK */
115 void SHAPrintContext(SHA1_CTX *context, char *msg){
116 printf("%s (%d,%d) %x %x %x %x %x\n",
118 context->count[0], context->count[1],
127 /* Hash a single 512-bit block. This is the core of the algorithm. */
129 void SHA1Transform(uint32_t state[5], unsigned char buffer[64])
131 uint32_t a, b, c, d, e;
138 static unsigned char workspace[64];
139 block = (CHAR64LONG16*)workspace;
140 memcpy(block, buffer, 64);
142 block = (CHAR64LONG16*)(void*)buffer;
144 /* Copy context->state[] to working vars */
150 /* 4 rounds of 20 operations each. Loop unrolled. */
151 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
152 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
153 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
154 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
155 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
156 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
157 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
158 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
159 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
160 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
161 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
162 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
163 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
164 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
165 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
166 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
167 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
168 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
169 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
170 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
171 /* Add the working vars back into context.state[] */
178 a = b = c = d = e = 0;
182 /* SHA1Init - Initialize new context */
184 void SHA1Init(SHA1_CTX* context)
186 /* SHA1 initialization constants */
187 context->state[0] = 0x67452301;
188 context->state[1] = 0xEFCDAB89;
189 context->state[2] = 0x98BADCFE;
190 context->state[3] = 0x10325476;
191 context->state[4] = 0xC3D2E1F0;
192 context->count[0] = context->count[1] = 0;
196 /* Run your data through this. */
198 void SHA1Update(SHA1_CTX* context, unsigned char* data, uint32_t len) /*JHB */
200 uint32_t i, j; /* JHB */
203 SHAPrintContext(context, "before");
205 j = (context->count[0] >> 3) & 63;
206 if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++;
207 context->count[1] += (len >> 29);
208 if ((j + len) > 63) {
209 memcpy(&context->buffer[j], data, (i = 64-j));
210 SHA1Transform(context->state, context->buffer);
211 for ( ; i + 63 < len; i += 64) {
212 SHA1Transform(context->state, &data[i]);
217 memcpy(&context->buffer[j], &data[i], len - i);
219 SHAPrintContext(context, "after ");
224 /* Add padding and return the message digest. */
226 void SHA1Final(unsigned char digest[20], SHA1_CTX* context)
228 uint32_t i; /* JHB */
229 unsigned char finalcount[8];
231 for (i = 0; i < 8; i++) {
232 finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
233 >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
235 SHA1Update(context, (unsigned char *)const_cast< char *>("\200"), 1);
236 while ((context->count[0] & 504) != 448) {
237 SHA1Update(context, (unsigned char *)const_cast<char *>("\0"), 1);
239 SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
240 for (i = 0; i < 20; i++) {
241 digest[i] = (unsigned char)
242 ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
246 memset(context->buffer, 0, 64);
247 memset(context->state, 0, 20);
248 memset(context->count, 0, 8);
249 memset(finalcount, 0, 8); /* SWR */
250 #ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */
251 SHA1Transform(context->state, context->buffer);
255 /*************************************************************/
257 char *sha1_file(const char *filename, char *result_ptr)
259 static char result[SHA1_STRING_LEN] = {0};
262 unsigned char buf[16384];
264 if (result_ptr == NULL)
267 FILE *fd = fopen(filename, "r");
268 if (!fd) return NULL;
272 unsigned long len = fread((char *)buf, sizeof(char), sizeof(buf), fd);
277 SHA1Update(&ctx, buf, len);
279 SHA1Final(buf, &ctx);
283 for (unsigned int i = 0; i < SHA1_DIGEST_LEN; ++i)
284 sprintf(&result_ptr[i*2], "%02x", buf[i]);