coreboot-libre-fam15h-rdimm/3rdparty/chromeec/common/sha1.c

175 lines
3.9 KiB
C
Raw Permalink Normal View History

2024-03-04 11:14:53 +01:00
/* Copyright 2010 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* SHA-1 implementation largely based on libmincrypt in the the Android
* Open Source Project (platorm/system/core.git/libmincrypt/sha.c
*/
#include "sha1.h"
static uint32_t ror27(uint32_t val)
{
return (val >> 27) | (val << 5);
}
static uint32_t ror2(uint32_t val)
{
return (val >> 2) | (val << 30);
}
static uint32_t ror31(uint32_t val)
{
return (val >> 31) | (val << 1);
}
static void sha1_transform(struct sha1_ctx *ctx)
{
uint32_t W[80];
register uint32_t A, B, C, D, E;
int t;
A = ctx->state[0];
B = ctx->state[1];
C = ctx->state[2];
D = ctx->state[3];
E = ctx->state[4];
#define SHA_F1(A, B, C, D, E, t) \
E += ror27(A) + \
(W[t] = __builtin_bswap32(ctx->buf.w[t])) + \
(D^(B&(C^D))) + 0x5A827999; \
B = ror2(B);
for (t = 0; t < 15; t += 5) {
SHA_F1(A, B, C, D, E, t + 0);
SHA_F1(E, A, B, C, D, t + 1);
SHA_F1(D, E, A, B, C, t + 2);
SHA_F1(C, D, E, A, B, t + 3);
SHA_F1(B, C, D, E, A, t + 4);
}
SHA_F1(A, B, C, D, E, t + 0); /* 16th one, t == 15 */
#undef SHA_F1
#define SHA_F1(A, B, C, D, E, t) \
E += ror27(A) + \
(W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) + \
(D^(B&(C^D))) + 0x5A827999; \
B = ror2(B);
SHA_F1(E, A, B, C, D, t + 1);
SHA_F1(D, E, A, B, C, t + 2);
SHA_F1(C, D, E, A, B, t + 3);
SHA_F1(B, C, D, E, A, t + 4);
#undef SHA_F1
#define SHA_F2(A, B, C, D, E, t) \
E += ror27(A) + \
(W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) + \
(B^C^D) + 0x6ED9EBA1; \
B = ror2(B);
for (t = 20; t < 40; t += 5) {
SHA_F2(A, B, C, D, E, t + 0);
SHA_F2(E, A, B, C, D, t + 1);
SHA_F2(D, E, A, B, C, t + 2);
SHA_F2(C, D, E, A, B, t + 3);
SHA_F2(B, C, D, E, A, t + 4);
}
#undef SHA_F2
#define SHA_F3(A, B, C, D, E, t) \
E += ror27(A) + \
(W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) + \
((B&C)|(D&(B|C))) + 0x8F1BBCDC; \
B = ror2(B);
for (; t < 60; t += 5) {
SHA_F3(A, B, C, D, E, t + 0);
SHA_F3(E, A, B, C, D, t + 1);
SHA_F3(D, E, A, B, C, t + 2);
SHA_F3(C, D, E, A, B, t + 3);
SHA_F3(B, C, D, E, A, t + 4);
}
#undef SHA_F3
#define SHA_F4(A, B, C, D, E, t) \
E += ror27(A) + \
(W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) + \
(B^C^D) + 0xCA62C1D6; \
B = ror2(B);
for (; t < 80; t += 5) {
SHA_F4(A, B, C, D, E, t + 0);
SHA_F4(E, A, B, C, D, t + 1);
SHA_F4(D, E, A, B, C, t + 2);
SHA_F4(C, D, E, A, B, t + 3);
SHA_F4(B, C, D, E, A, t + 4);
}
#undef SHA_F4
ctx->state[0] += A;
ctx->state[1] += B;
ctx->state[2] += C;
ctx->state[3] += D;
ctx->state[4] += E;
}
void sha1_update(struct sha1_ctx *ctx, const uint8_t *data, uint32_t len)
{
int i = ctx->count % sizeof(ctx->buf);
const uint8_t *p = (const uint8_t *)data;
ctx->count += len;
while (len > sizeof(ctx->buf) - i) {
memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
len -= sizeof(ctx->buf) - i;
p += sizeof(ctx->buf) - i;
sha1_transform(ctx);
i = 0;
}
while (len--) {
ctx->buf.b[i++] = *p++;
if (i == sizeof(ctx->buf)) {
sha1_transform(ctx);
i = 0;
}
}
}
uint8_t *sha1_final(struct sha1_ctx *ctx)
{
uint32_t cnt = ctx->count * 8;
int i;
sha1_update(ctx, (uint8_t *)"\x80", 1);
while ((ctx->count % sizeof(ctx->buf)) != (sizeof(ctx->buf) - 8))
sha1_update(ctx, (uint8_t *)"\0", 1);
for (i = 0; i < 8; ++i) {
uint8_t tmp = cnt >> ((7 - i) * 8);
sha1_update(ctx, &tmp, 1);
}
for (i = 0; i < 5; i++)
ctx->buf.w[i] = __builtin_bswap32(ctx->state[i]);
return ctx->buf.b;
}
void sha1_init(struct sha1_ctx *ctx)
{
ctx->state[0] = 0x67452301;
ctx->state[1] = 0xEFCDAB89;
ctx->state[2] = 0x98BADCFE;
ctx->state[3] = 0x10325476;
ctx->state[4] = 0xC3D2E1F0;
ctx->count = 0;
}