]>
Commit | Line | Data |
---|---|---|
1 | // | |
2 | // Copyright (c) 2013-2017 Vinnie Falco (vinnie dot falco at gmail dot com) | |
3 | // | |
4 | // Distributed under the Boost Software License, Version 1.0. (See accompanying | |
5 | // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) | |
6 | // | |
7 | ||
8 | #ifndef BEAST_DETAIL_SHA1_HPP | |
9 | #define BEAST_DETAIL_SHA1_HPP | |
10 | ||
11 | #include <algorithm> | |
12 | #include <cstdint> | |
13 | #include <cstring> | |
14 | ||
15 | // Based on https://github.com/vog/sha1 | |
16 | /* | |
17 | Original authors: | |
18 | Steve Reid (Original C Code) | |
19 | Bruce Guenter (Small changes to fit into bglibs) | |
20 | Volker Grabsch (Translation to simpler C++ Code) | |
21 | Eugene Hopkinson (Safety improvements) | |
22 | Vincent Falco (beast adaptation) | |
23 | */ | |
24 | ||
25 | namespace beast { | |
26 | namespace detail { | |
27 | ||
28 | namespace sha1 { | |
29 | ||
30 | static std::size_t constexpr BLOCK_INTS = 16; | |
31 | static std::size_t constexpr BLOCK_BYTES = 64; | |
32 | static std::size_t constexpr DIGEST_BYTES = 20; | |
33 | ||
34 | inline | |
35 | std::uint32_t | |
36 | rol(std::uint32_t value, std::size_t bits) | |
37 | { | |
38 | return (value << bits) | (value >> (32 - bits)); | |
39 | } | |
40 | ||
41 | inline | |
42 | std::uint32_t | |
43 | blk(std::uint32_t block[BLOCK_INTS], std::size_t i) | |
44 | { | |
45 | return rol( | |
46 | block[(i+13)&15] ^ block[(i+8)&15] ^ | |
47 | block[(i+2)&15] ^ block[i], 1); | |
48 | } | |
49 | ||
50 | inline | |
51 | void | |
52 | R0(std::uint32_t block[BLOCK_INTS], std::uint32_t v, | |
53 | std::uint32_t &w, std::uint32_t x, std::uint32_t y, | |
54 | std::uint32_t &z, std::size_t i) | |
55 | { | |
56 | z += ((w&(x^y))^y) + block[i] + 0x5a827999 + rol(v, 5); | |
57 | w = rol(w, 30); | |
58 | } | |
59 | ||
60 | ||
61 | inline | |
62 | void | |
63 | R1(std::uint32_t block[BLOCK_INTS], std::uint32_t v, | |
64 | std::uint32_t &w, std::uint32_t x, std::uint32_t y, | |
65 | std::uint32_t &z, std::size_t i) | |
66 | { | |
67 | block[i] = blk(block, i); | |
68 | z += ((w&(x^y))^y) + block[i] + 0x5a827999 + rol(v, 5); | |
69 | w = rol(w, 30); | |
70 | } | |
71 | ||
72 | inline | |
73 | void | |
74 | R2(std::uint32_t block[BLOCK_INTS], std::uint32_t v, | |
75 | std::uint32_t &w, std::uint32_t x, std::uint32_t y, | |
76 | std::uint32_t &z, std::size_t i) | |
77 | { | |
78 | block[i] = blk(block, i); | |
79 | z += (w^x^y) + block[i] + 0x6ed9eba1 + rol(v, 5); | |
80 | w = rol(w, 30); | |
81 | } | |
82 | ||
83 | inline | |
84 | void | |
85 | R3(std::uint32_t block[BLOCK_INTS], std::uint32_t v, | |
86 | std::uint32_t &w, std::uint32_t x, std::uint32_t y, | |
87 | std::uint32_t &z, std::size_t i) | |
88 | { | |
89 | block[i] = blk(block, i); | |
90 | z += (((w|x)&y)|(w&x)) + block[i] + 0x8f1bbcdc + rol(v, 5); | |
91 | w = rol(w, 30); | |
92 | } | |
93 | ||
94 | inline | |
95 | void | |
96 | R4(std::uint32_t block[BLOCK_INTS], std::uint32_t v, | |
97 | std::uint32_t &w, std::uint32_t x, std::uint32_t y, | |
98 | std::uint32_t &z, std::size_t i) | |
99 | { | |
100 | block[i] = blk(block, i); | |
101 | z += (w^x^y) + block[i] + 0xca62c1d6 + rol(v, 5); | |
102 | w = rol(w, 30); | |
103 | } | |
104 | ||
105 | inline | |
106 | void | |
107 | make_block(std::uint8_t const* p, | |
108 | std::uint32_t block[BLOCK_INTS]) | |
109 | { | |
110 | for(std::size_t i = 0; i < BLOCK_INTS; i++) | |
111 | block[i] = | |
112 | (static_cast<std::uint32_t>(p[4*i+3])) | | |
113 | (static_cast<std::uint32_t>(p[4*i+2]))<< 8 | | |
114 | (static_cast<std::uint32_t>(p[4*i+1]))<<16 | | |
115 | (static_cast<std::uint32_t>(p[4*i+0]))<<24; | |
116 | } | |
117 | ||
118 | template<class = void> | |
119 | void | |
120 | transform( | |
121 | std::uint32_t digest[], std::uint32_t block[BLOCK_INTS]) | |
122 | { | |
123 | std::uint32_t a = digest[0]; | |
124 | std::uint32_t b = digest[1]; | |
125 | std::uint32_t c = digest[2]; | |
126 | std::uint32_t d = digest[3]; | |
127 | std::uint32_t e = digest[4]; | |
128 | ||
129 | R0(block, a, b, c, d, e, 0); | |
130 | R0(block, e, a, b, c, d, 1); | |
131 | R0(block, d, e, a, b, c, 2); | |
132 | R0(block, c, d, e, a, b, 3); | |
133 | R0(block, b, c, d, e, a, 4); | |
134 | R0(block, a, b, c, d, e, 5); | |
135 | R0(block, e, a, b, c, d, 6); | |
136 | R0(block, d, e, a, b, c, 7); | |
137 | R0(block, c, d, e, a, b, 8); | |
138 | R0(block, b, c, d, e, a, 9); | |
139 | R0(block, a, b, c, d, e, 10); | |
140 | R0(block, e, a, b, c, d, 11); | |
141 | R0(block, d, e, a, b, c, 12); | |
142 | R0(block, c, d, e, a, b, 13); | |
143 | R0(block, b, c, d, e, a, 14); | |
144 | R0(block, a, b, c, d, e, 15); | |
145 | R1(block, e, a, b, c, d, 0); | |
146 | R1(block, d, e, a, b, c, 1); | |
147 | R1(block, c, d, e, a, b, 2); | |
148 | R1(block, b, c, d, e, a, 3); | |
149 | R2(block, a, b, c, d, e, 4); | |
150 | R2(block, e, a, b, c, d, 5); | |
151 | R2(block, d, e, a, b, c, 6); | |
152 | R2(block, c, d, e, a, b, 7); | |
153 | R2(block, b, c, d, e, a, 8); | |
154 | R2(block, a, b, c, d, e, 9); | |
155 | R2(block, e, a, b, c, d, 10); | |
156 | R2(block, d, e, a, b, c, 11); | |
157 | R2(block, c, d, e, a, b, 12); | |
158 | R2(block, b, c, d, e, a, 13); | |
159 | R2(block, a, b, c, d, e, 14); | |
160 | R2(block, e, a, b, c, d, 15); | |
161 | R2(block, d, e, a, b, c, 0); | |
162 | R2(block, c, d, e, a, b, 1); | |
163 | R2(block, b, c, d, e, a, 2); | |
164 | R2(block, a, b, c, d, e, 3); | |
165 | R2(block, e, a, b, c, d, 4); | |
166 | R2(block, d, e, a, b, c, 5); | |
167 | R2(block, c, d, e, a, b, 6); | |
168 | R2(block, b, c, d, e, a, 7); | |
169 | R3(block, a, b, c, d, e, 8); | |
170 | R3(block, e, a, b, c, d, 9); | |
171 | R3(block, d, e, a, b, c, 10); | |
172 | R3(block, c, d, e, a, b, 11); | |
173 | R3(block, b, c, d, e, a, 12); | |
174 | R3(block, a, b, c, d, e, 13); | |
175 | R3(block, e, a, b, c, d, 14); | |
176 | R3(block, d, e, a, b, c, 15); | |
177 | R3(block, c, d, e, a, b, 0); | |
178 | R3(block, b, c, d, e, a, 1); | |
179 | R3(block, a, b, c, d, e, 2); | |
180 | R3(block, e, a, b, c, d, 3); | |
181 | R3(block, d, e, a, b, c, 4); | |
182 | R3(block, c, d, e, a, b, 5); | |
183 | R3(block, b, c, d, e, a, 6); | |
184 | R3(block, a, b, c, d, e, 7); | |
185 | R3(block, e, a, b, c, d, 8); | |
186 | R3(block, d, e, a, b, c, 9); | |
187 | R3(block, c, d, e, a, b, 10); | |
188 | R3(block, b, c, d, e, a, 11); | |
189 | R4(block, a, b, c, d, e, 12); | |
190 | R4(block, e, a, b, c, d, 13); | |
191 | R4(block, d, e, a, b, c, 14); | |
192 | R4(block, c, d, e, a, b, 15); | |
193 | R4(block, b, c, d, e, a, 0); | |
194 | R4(block, a, b, c, d, e, 1); | |
195 | R4(block, e, a, b, c, d, 2); | |
196 | R4(block, d, e, a, b, c, 3); | |
197 | R4(block, c, d, e, a, b, 4); | |
198 | R4(block, b, c, d, e, a, 5); | |
199 | R4(block, a, b, c, d, e, 6); | |
200 | R4(block, e, a, b, c, d, 7); | |
201 | R4(block, d, e, a, b, c, 8); | |
202 | R4(block, c, d, e, a, b, 9); | |
203 | R4(block, b, c, d, e, a, 10); | |
204 | R4(block, a, b, c, d, e, 11); | |
205 | R4(block, e, a, b, c, d, 12); | |
206 | R4(block, d, e, a, b, c, 13); | |
207 | R4(block, c, d, e, a, b, 14); | |
208 | R4(block, b, c, d, e, a, 15); | |
209 | ||
210 | digest[0] += a; | |
211 | digest[1] += b; | |
212 | digest[2] += c; | |
213 | digest[3] += d; | |
214 | digest[4] += e; | |
215 | } | |
216 | ||
217 | } // sha1 | |
218 | ||
219 | struct sha1_context | |
220 | { | |
221 | static unsigned int constexpr block_size = sha1::BLOCK_BYTES; | |
222 | static unsigned int constexpr digest_size = 20; | |
223 | ||
224 | std::size_t buflen; | |
225 | std::size_t blocks; | |
226 | std::uint32_t digest[5]; | |
227 | std::uint8_t buf[block_size]; | |
228 | }; | |
229 | ||
230 | template<class = void> | |
231 | void | |
232 | init(sha1_context& ctx) noexcept | |
233 | { | |
234 | ctx.buflen = 0; | |
235 | ctx.blocks = 0; | |
236 | ctx.digest[0] = 0x67452301; | |
237 | ctx.digest[1] = 0xefcdab89; | |
238 | ctx.digest[2] = 0x98badcfe; | |
239 | ctx.digest[3] = 0x10325476; | |
240 | ctx.digest[4] = 0xc3d2e1f0; | |
241 | } | |
242 | ||
243 | template<class = void> | |
244 | void | |
245 | update(sha1_context& ctx, | |
246 | void const* message, std::size_t size) noexcept | |
247 | { | |
248 | auto p = reinterpret_cast< | |
249 | std::uint8_t const*>(message); | |
250 | for(;;) | |
251 | { | |
252 | auto const n = (std::min)( | |
253 | size, sizeof(ctx.buf) - ctx.buflen); | |
254 | std::memcpy(ctx.buf + ctx.buflen, p, n); | |
255 | ctx.buflen += n; | |
256 | if(ctx.buflen != 64) | |
257 | return; | |
258 | p += n; | |
259 | size -= n; | |
260 | ctx.buflen = 0; | |
261 | std::uint32_t block[sha1::BLOCK_INTS]; | |
262 | sha1::make_block(ctx.buf, block); | |
263 | sha1::transform(ctx.digest, block); | |
264 | ++ctx.blocks; | |
265 | } | |
266 | } | |
267 | ||
268 | template<class = void> | |
269 | void | |
270 | finish(sha1_context& ctx, void* digest) noexcept | |
271 | { | |
272 | using sha1::BLOCK_INTS; | |
273 | using sha1::BLOCK_BYTES; | |
274 | ||
275 | std::uint64_t total_bits = | |
276 | (ctx.blocks*64 + ctx.buflen) * 8; | |
277 | // pad | |
278 | ctx.buf[ctx.buflen++] = 0x80; | |
279 | auto const buflen = ctx.buflen; | |
280 | while(ctx.buflen < 64) | |
281 | ctx.buf[ctx.buflen++] = 0x00; | |
282 | std::uint32_t block[BLOCK_INTS]; | |
283 | sha1::make_block(ctx.buf, block); | |
284 | if(buflen > BLOCK_BYTES - 8) | |
285 | { | |
286 | sha1::transform(ctx.digest, block); | |
287 | for(size_t i = 0; i < BLOCK_INTS - 2; i++) | |
288 | block[i] = 0; | |
289 | } | |
290 | ||
291 | /* Append total_bits, split this uint64_t into two uint32_t */ | |
292 | block[BLOCK_INTS - 1] = total_bits & 0xffffffff; | |
293 | block[BLOCK_INTS - 2] = (total_bits >> 32); | |
294 | sha1::transform(ctx.digest, block); | |
295 | for(std::size_t i = 0; i < sha1::DIGEST_BYTES/4; i++) | |
296 | { | |
297 | std::uint8_t* d = | |
298 | reinterpret_cast<std::uint8_t*>(digest) + 4 * i; | |
299 | d[3] = ctx.digest[i] & 0xff; | |
300 | d[2] = (ctx.digest[i] >> 8) & 0xff; | |
301 | d[1] = (ctx.digest[i] >> 16) & 0xff; | |
302 | d[0] = (ctx.digest[i] >> 24) & 0xff; | |
303 | } | |
304 | } | |
305 | ||
306 | } // detail | |
307 | } // beast | |
308 | ||
309 | #endif |