📄 rfc3174.txt
字号:
A = context->Intermediate_Hash[0];
B = context->Intermediate_Hash[1];
C = context->Intermediate_Hash[2];
D = context->Intermediate_Hash[3];
E = context->Intermediate_Hash[4];
for(t = 0; t < 20; t++)
{
temp = SHA1CircularShift(5,A) +
((B & C) | ((~B) & D)) + E + W[t] + K[0];
E = D;
D = C;
C = SHA1CircularShift(30,B);
Eastlake & Jones Informational [Page 15]
RFC 3174 US Secure Hash Algorithm 1 (SHA1) September 2001
B = A;
A = temp;
}
for(t = 20; t < 40; t++)
{
temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
E = D;
D = C;
C = SHA1CircularShift(30,B);
B = A;
A = temp;
}
for(t = 40; t < 60; t++)
{
temp = SHA1CircularShift(5,A) +
((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
E = D;
D = C;
C = SHA1CircularShift(30,B);
B = A;
A = temp;
}
for(t = 60; t < 80; t++)
{
temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
E = D;
D = C;
C = SHA1CircularShift(30,B);
B = A;
A = temp;
}
context->Intermediate_Hash[0] += A;
context->Intermediate_Hash[1] += B;
context->Intermediate_Hash[2] += C;
context->Intermediate_Hash[3] += D;
context->Intermediate_Hash[4] += E;
context->Message_Block_Index = 0;
}
/*
* SHA1PadMessage
*
Eastlake & Jones Informational [Page 16]
RFC 3174 US Secure Hash Algorithm 1 (SHA1) September 2001
* Description:
* According to the standard, the message must be padded to an even
* 512 bits. The first padding bit must be a '1'. The last 64
* bits represent the length of the original message. All bits in
* between should be 0. This function will pad the message
* according to those rules by filling the Message_Block array
* accordingly. It will also call the ProcessMessageBlock function
* provided appropriately. When it returns, it can be assumed that
* the message digest has been computed.
*
* Parameters:
* context: [in/out]
* The context to pad
* ProcessMessageBlock: [in]
* The appropriate SHA*ProcessMessageBlock function
* Returns:
* Nothing.
*
*/
void SHA1PadMessage(SHA1Context *context)
{
/*
* Check to see if the current message block is too small to hold
* the initial padding bits and length. If so, we will pad the
* block, process it, and then continue padding into a second
* block.
*/
if (context->Message_Block_Index > 55)
{
context->Message_Block[context->Message_Block_Index++] = 0x80;
while(context->Message_Block_Index < 64)
{
context->Message_Block[context->Message_Block_Index++] = 0;
}
SHA1ProcessMessageBlock(context);
while(context->Message_Block_Index < 56)
{
context->Message_Block[context->Message_Block_Index++] = 0;
}
}
else
{
context->Message_Block[context->Message_Block_Index++] = 0x80;
while(context->Message_Block_Index < 56)
{
Eastlake & Jones Informational [Page 17]
RFC 3174 US Secure Hash Algorithm 1 (SHA1) September 2001
context->Message_Block[context->Message_Block_Index++] = 0;
}
}
/*
* Store the message length as the last 8 octets
*/
context->Message_Block[56] = context->Length_High >> 24;
context->Message_Block[57] = context->Length_High >> 16;
context->Message_Block[58] = context->Length_High >> 8;
context->Message_Block[59] = context->Length_High;
context->Message_Block[60] = context->Length_Low >> 24;
context->Message_Block[61] = context->Length_Low >> 16;
context->Message_Block[62] = context->Length_Low >> 8;
context->Message_Block[63] = context->Length_Low;
SHA1ProcessMessageBlock(context);
}
7.3 Test Driver
The following code is a main program test driver to exercise the code
in sha1.c.
/*
* sha1test.c
*
* Description:
* This file will exercise the SHA-1 code performing the three
* tests documented in FIPS PUB 180-1 plus one which calls
* SHA1Input with an exact multiple of 512 bits, plus a few
* error test checks.
*
* Portability Issues:
* None.
*
*/
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include "sha1.h"
/*
* Define patterns for testing
*/
#define TEST1 "abc"
#define TEST2a "abcdbcdecdefdefgefghfghighijhi"
Eastlake & Jones Informational [Page 18]
RFC 3174 US Secure Hash Algorithm 1 (SHA1) September 2001
#define TEST2b "jkijkljklmklmnlmnomnopnopq"
#define TEST2 TEST2a TEST2b
#define TEST3 "a"
#define TEST4a "01234567012345670123456701234567"
#define TEST4b "01234567012345670123456701234567"
/* an exact multiple of 512 bits */
#define TEST4 TEST4a TEST4b
char *testarray[4] =
{
TEST1,
TEST2,
TEST3,
TEST4
};
long int repeatcount[4] = { 1, 1, 1000000, 10 };
char *resultarray[4] =
{
"A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D",
"84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1",
"34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F",
"DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52"
};
int main()
{
SHA1Context sha;
int i, j, err;
uint8_t Message_Digest[20];
/*
* Perform SHA-1 tests
*/
for(j = 0; j < 4; ++j)
{
printf( "\nTest %d: %d, '%s'\n",
j+1,
repeatcount[j],
testarray[j]);
err = SHA1Reset(&sha);
if (err)
{
fprintf(stderr, "SHA1Reset Error %d.\n", err );
break; /* out of for j loop */
}
for(i = 0; i < repeatcount[j]; ++i)
{
Eastlake & Jones Informational [Page 19]
RFC 3174 US Secure Hash Algorithm 1 (SHA1) September 2001
err = SHA1Input(&sha,
(const unsigned char *) testarray[j],
strlen(testarray[j]));
if (err)
{
fprintf(stderr, "SHA1Input Error %d.\n", err );
break; /* out of for i loop */
}
}
err = SHA1Result(&sha, Message_Digest);
if (err)
{
fprintf(stderr,
"SHA1Result Error %d, could not compute message digest.\n",
err );
}
else
{
printf("\t");
for(i = 0; i < 20 ; ++i)
{
printf("%02X ", Message_Digest[i]);
}
printf("\n");
}
printf("Should match:\n");
printf("\t%s\n", resultarray[j]);
}
/* Test some error returns */
err = SHA1Input(&sha,(const unsigned char *) testarray[1], 1);
printf ("\nError %d. Should be %d.\n", err, shaStateError );
err = SHA1Reset(0);
printf ("\nError %d. Should be %d.\n", err, shaNull );
return 0;
}
8. Security Considerations
This document is intended to provide convenient open source access by
the Internet community to the United States of America Federal
Information Processing Standard Secure Hash Function SHA-1 [FIPS
180-1]. No independent assertion of the security of this hash
function by the authors for any particular use is intended.
Eastlake & Jones Informational [Page 20]
RFC 3174 US Secure Hash Algorithm 1 (SHA1) September 2001
References
[FIPS 180-1] "Secure Hash Standard", United States of American,
National Institute of Science and Technology, Federal
Information Processing Standard (FIPS) 180-1, April
1993.
[MD4] "The MD4 Message Digest Algorithm," Advances in
Cryptology - CRYPTO '90 Proceedings, Springer-Verlag,
1991, pp. 303-311.
[RFC 1320] Rivest, R., "The MD4 Message-Digest Algorithm", RFC
1320, April 1992.
[RFC 1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC
1321, April 1992.
[RFC 1750] Eastlake, D., Crocker, S. and J. Schiller, "Randomness
Requirements for Security", RFC 1750, December 1994.
Authors' Addresses
Donald E. Eastlake, 3rd
Motorola
155 Beaver Street
Milford, MA 01757 USA
Phone: +1 508-634-2066 (h)
+1 508-261-5434 (w)
Fax: +1 508-261-4777
EMail: Donald.Eastlake@motorola.com
Paul E. Jones
Cisco Systems, Inc.
7025 Kit Creek Road
Research Triangle Park, NC 27709 USA
Phone: +1 919 392 6948
EMail: paulej@packetizer.com
Eastlake & Jones Informational [Page 21]
RFC 3174 US Secure Hash Algorithm 1 (SHA1) September 2001
Full Copyright Statement
Copyright (C) The Internet Society (2001). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Eastlake & Jones Informational [Page 22]
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -