sha.cpp

SSL加密库源码

/* sha.cpp                                
 *
 * Copyright (C) 2003 Sawtooth Consulting Ltd.
 *
 * This file is part of yaSSL, an SSL implementation written by Todd A Ouska
 * (todd at yassl.com, see www.yassl.com).
 *
 * yaSSL is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * There are special exceptions to the terms and conditions of the GPL as it
 * is applied to yaSSL. View the full text of the exception in the file
 * FLOSS-EXCEPTIONS in the directory of this software distribution.
 *
 * yaSSL is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
 */

/* based on Wei Dai's sha.cpp from CryptoPP */

#include "runtime.hpp"
#include <string.h>
#include "sha.hpp"
#ifdef USE_SYS_STL
    #include <algorithm>
#else
    #include "algorithm.hpp"
#endif


namespace STL = STL_NAMESPACE;



namespace TaoCrypt {

#define blk0(i) (W[i] = buffer_[i])
#define blk1(i) (W[i&15] = \
                 rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))

#define f1(x,y,z) (z^(x &(y^z)))
#define f2(x,y,z) (x^y^z)
#define f3(x,y,z) ((x&y)|(z&(x|y)))
#define f4(x,y,z) (x^y^z)

// (R0+R1), R2, R3, R4 are the different operations used in SHA1
#define R0(v,w,x,y,z,i) z+= f1(w,x,y) + blk0(i) + 0x5A827999+ \
                        rotlFixed(v,5); w = rotlFixed(w,30);
#define R1(v,w,x,y,z,i) z+= f1(w,x,y) + blk1(i) + 0x5A827999+ \
                        rotlFixed(v,5); w = rotlFixed(w,30);
#define R2(v,w,x,y,z,i) z+= f2(w,x,y) + blk1(i) + 0x6ED9EBA1+ \
                        rotlFixed(v,5); w = rotlFixed(w,30);
#define R3(v,w,x,y,z,i) z+= f3(w,x,y) + blk1(i) + 0x8F1BBCDC+ \
                        rotlFixed(v,5); w = rotlFixed(w,30);
#define R4(v,w,x,y,z,i) z+= f4(w,x,y) + blk1(i) + 0xCA62C1D6+ \
                        rotlFixed(v,5); w = rotlFixed(w,30);


void SHA::Init()
{
    digest_[0] = 0x67452301L;
    digest_[1] = 0xEFCDAB89L;
    digest_[2] = 0x98BADCFEL;
    digest_[3] = 0x10325476L;
    digest_[4] = 0xC3D2E1F0L;

    buffLen_ = 0;
    loLen_  = 0;
    hiLen_  = 0;
}

void SHA256::Init()
{
    digest_[0] = 0x6A09E667L;
    digest_[1] = 0xBB67AE85L;
    digest_[2] = 0x3C6EF372L;
    digest_[3] = 0xA54FF53AL;
    digest_[4] = 0x510E527FL;
    digest_[5] = 0x9B05688CL;
    digest_[6] = 0x1F83D9ABL;
    digest_[7] = 0x5BE0CD19L;

    buffLen_ = 0;
    loLen_  = 0;
    hiLen_  = 0;
}


void SHA224::Init()
{
    digest_[0] = 0xc1059ed8;
    digest_[1] = 0x367cd507;
    digest_[2] = 0x3070dd17;
    digest_[3] = 0xf70e5939;
    digest_[4] = 0xffc00b31;
    digest_[5] = 0x68581511;
    digest_[6] = 0x64f98fa7;
    digest_[7] = 0xbefa4fa4;

    buffLen_ = 0;
    loLen_  = 0;
    hiLen_  = 0;
}


#ifdef WORD64_AVAILABLE

void SHA512::Init()
{
    digest_[0] = W64LIT(0x6a09e667f3bcc908);
    digest_[1] = W64LIT(0xbb67ae8584caa73b);
    digest_[2] = W64LIT(0x3c6ef372fe94f82b);
    digest_[3] = W64LIT(0xa54ff53a5f1d36f1);
    digest_[4] = W64LIT(0x510e527fade682d1);
    digest_[5] = W64LIT(0x9b05688c2b3e6c1f);
    digest_[6] = W64LIT(0x1f83d9abfb41bd6b);
    digest_[7] = W64LIT(0x5be0cd19137e2179);

    buffLen_ = 0;
    loLen_  = 0;
    hiLen_  = 0;
}


void SHA384::Init()
{
    digest_[0] = W64LIT(0xcbbb9d5dc1059ed8);
    digest_[1] = W64LIT(0x629a292a367cd507);
    digest_[2] = W64LIT(0x9159015a3070dd17);
    digest_[3] = W64LIT(0x152fecd8f70e5939);
    digest_[4] = W64LIT(0x67332667ffc00b31);
    digest_[5] = W64LIT(0x8eb44a8768581511);
    digest_[6] = W64LIT(0xdb0c2e0d64f98fa7);
    digest_[7] = W64LIT(0x47b5481dbefa4fa4);

    buffLen_ = 0;
    loLen_  = 0;
    hiLen_  = 0;
}

#endif // WORD64_AVAILABLE


SHA::SHA(const SHA& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32),
                                              BLOCK_SIZE) 
{ 
    buffLen_ = that.buffLen_;
    loLen_   = that.loLen_;
    hiLen_   = that.hiLen_;

    memcpy(digest_, that.digest_, DIGEST_SIZE);
    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
}


SHA256::SHA256(const SHA256& that) : HASHwithTransform(DIGEST_SIZE /
                                       sizeof(word32), BLOCK_SIZE) 
{ 
    buffLen_ = that.buffLen_;
    loLen_   = that.loLen_;
    hiLen_   = that.hiLen_;

    memcpy(digest_, that.digest_, DIGEST_SIZE);
    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
}


SHA224::SHA224(const SHA224& that) : HASHwithTransform(SHA256::DIGEST_SIZE /
                                       sizeof(word32), BLOCK_SIZE) 
{ 
    buffLen_ = that.buffLen_;
    loLen_   = that.loLen_;
    hiLen_   = that.hiLen_;

    memcpy(digest_, that.digest_, DIGEST_SIZE);
    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
}


#ifdef WORD64_AVAILABLE 

SHA512::SHA512(const SHA512& that) : HASH64withTransform(DIGEST_SIZE /
                                       sizeof(word64), BLOCK_SIZE) 
{ 
    buffLen_ = that.buffLen_;
    loLen_   = that.loLen_;
    hiLen_   = that.hiLen_;

    memcpy(digest_, that.digest_, DIGEST_SIZE);
    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
}


SHA384::SHA384(const SHA384& that) : HASH64withTransform(SHA512::DIGEST_SIZE /
                                       sizeof(word64), BLOCK_SIZE) 
{ 
    buffLen_ = that.buffLen_;
    loLen_   = that.loLen_;
    hiLen_   = that.hiLen_;

    memcpy(digest_, that.digest_, DIGEST_SIZE);
    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
}

#endif // WORD64_AVAILABLE


SHA& SHA::operator= (const SHA& that)
{
    SHA tmp(that);
    Swap(tmp);

    return *this;
}


SHA256& SHA256::operator= (const SHA256& that)
{
    SHA256 tmp(that);
    Swap(tmp);

    return *this;
}


SHA224& SHA224::operator= (const SHA224& that)
{
    SHA224 tmp(that);
    Swap(tmp);

    return *this;
}


#ifdef WORD64_AVAILABLE

SHA512& SHA512::operator= (const SHA512& that)
{
    SHA512 tmp(that);
    Swap(tmp);

    return *this;
}


SHA384& SHA384::operator= (const SHA384& that)
{
    SHA384 tmp(that);
    Swap(tmp);

    return *this;
}

#endif // WORD64_AVAILABLE


void SHA::Swap(SHA& other)
{
    STL::swap(loLen_,   other.loLen_);
    STL::swap(hiLen_,   other.hiLen_);
    STL::swap(buffLen_, other.buffLen_);

    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
}


void SHA256::Swap(SHA256& other)
{
    STL::swap(loLen_,   other.loLen_);
    STL::swap(hiLen_,   other.hiLen_);
    STL::swap(buffLen_, other.buffLen_);

    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
}


void SHA224::Swap(SHA224& other)
{
    STL::swap(loLen_,   other.loLen_);
    STL::swap(hiLen_,   other.hiLen_);
    STL::swap(buffLen_, other.buffLen_);

    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
}


#ifdef WORD64_AVAILABLE

void SHA512::Swap(SHA512& other)
{
    STL::swap(loLen_,   other.loLen_);
    STL::swap(hiLen_,   other.hiLen_);
    STL::swap(buffLen_, other.buffLen_);

    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
}


void SHA384::Swap(SHA384& other)
{
    STL::swap(loLen_,   other.loLen_);
    STL::swap(hiLen_,   other.hiLen_);
    STL::swap(buffLen_, other.buffLen_);

    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
}

#endif // WORD64_AVIALABLE


#ifdef DO_SHA_ASM

// Update digest with data of size len
void SHA::Update(const byte* data, word32 len)
{
    if (!isMMX) {
        HASHwithTransform::Update(data, len);
        return;
    }

    byte* local = reinterpret_cast<byte*>(buffer_);

    // remove buffered data if possible
    if (buffLen_)  {   
        word32 add = min(len, BLOCK_SIZE - buffLen_);
        memcpy(&local[buffLen_], data, add);

        buffLen_ += add;
        data     += add;
        len      -= add;