sha2.C

Go to the documentation of this file.
00001 /*!@file Util/sha2.C general sha2 (256-bit) message-digest implementation */
00002 
00003 // This code is from http://www.cr0.net:8040/code/crypto/sha256/, also
00004 // under the GPL (see original copyright notice below).
00005 
00006 /*
00007  *  FIPS-180-2 compliant SHA-256 implementation
00008  *
00009  *  Copyright (C) 2001-2003  Christophe Devine
00010  *
00011  *  This program is free software; you can redistribute it and/or modify
00012  *  it under the terms of the GNU General Public License as published by
00013  *  the Free Software Foundation; either version 2 of the License, or
00014  *  (at your option) any later version.
00015  *
00016  *  This program is distributed in the hope that it will be useful,
00017  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00018  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00019  *  GNU General Public License for more details.
00020  *
00021  *  You should have received a copy of the GNU General Public License
00022  *  along with this program; if not, write to the Free Software
00023  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
00024  */
00025 
00026 //
00027 // Primary maintainer for this file: Rob Peters <rjpeters at usc dot edu>
00028 // $HeadURL: svn://isvn.usc.edu/software/invt/trunk/saliency/src/Util/sha2.C $
00029 // $Id: sha2.C 5367 2005-08-22 21:45:50Z rjpeters $
00030 //
00031 
00032 #ifndef UTIL_SHA2_C_DEFINED
00033 #define UTIL_SHA2_C_DEFINED
00034 
00035 #include "Util/sha2.H"
00036 
00037 #include <string.h>
00038 
00039 typedef byte uint8;
00040 
00041 #define GET_UINT32(n,b,i)                       \
00042 {                                               \
00043     (n) = ( (uint32) (b)[(i)    ] << 24 )       \
00044         | ( (uint32) (b)[(i) + 1] << 16 )       \
00045         | ( (uint32) (b)[(i) + 2] <<  8 )       \
00046         | ( (uint32) (b)[(i) + 3]       );      \
00047 }
00048 
00049 #define PUT_UINT32(n,b,i)                       \
00050 {                                               \
00051     (b)[(i)    ] = (uint8) ( (n) >> 24 );       \
00052     (b)[(i) + 1] = (uint8) ( (n) >> 16 );       \
00053     (b)[(i) + 2] = (uint8) ( (n) >>  8 );       \
00054     (b)[(i) + 3] = (uint8) ( (n)       );       \
00055 }
00056 
00057 void sha256_starts( sha256_context *ctx )
00058 {
00059     ctx->total[0] = 0;
00060     ctx->total[1] = 0;
00061 
00062     ctx->state[0] = 0x6A09E667;
00063     ctx->state[1] = 0xBB67AE85;
00064     ctx->state[2] = 0x3C6EF372;
00065     ctx->state[3] = 0xA54FF53A;
00066     ctx->state[4] = 0x510E527F;
00067     ctx->state[5] = 0x9B05688C;
00068     ctx->state[6] = 0x1F83D9AB;
00069     ctx->state[7] = 0x5BE0CD19;
00070 }
00071 
00072 void sha256_process( sha256_context *ctx, const uint8 data[64] )
00073 {
00074     uint32 temp1, temp2, W[64];
00075     uint32 A, B, C, D, E, F, G, H;
00076 
00077     GET_UINT32( W[0],  data,  0 );
00078     GET_UINT32( W[1],  data,  4 );
00079     GET_UINT32( W[2],  data,  8 );
00080     GET_UINT32( W[3],  data, 12 );
00081     GET_UINT32( W[4],  data, 16 );
00082     GET_UINT32( W[5],  data, 20 );
00083     GET_UINT32( W[6],  data, 24 );
00084     GET_UINT32( W[7],  data, 28 );
00085     GET_UINT32( W[8],  data, 32 );
00086     GET_UINT32( W[9],  data, 36 );
00087     GET_UINT32( W[10], data, 40 );
00088     GET_UINT32( W[11], data, 44 );
00089     GET_UINT32( W[12], data, 48 );
00090     GET_UINT32( W[13], data, 52 );
00091     GET_UINT32( W[14], data, 56 );
00092     GET_UINT32( W[15], data, 60 );
00093 
00094 #define  SHR(x,n) ((x & 0xFFFFFFFF) >> n)
00095 #define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
00096 
00097 #define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^  SHR(x, 3))
00098 #define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^  SHR(x,10))
00099 
00100 #define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
00101 #define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
00102 
00103 #define F0(x,y,z) ((x & y) | (z & (x | y)))
00104 #define F1(x,y,z) (z ^ (x & (y ^ z)))
00105 
00106 #define R(t)                                    \
00107 (                                               \
00108     W[t] = S1(W[t -  2]) + W[t -  7] +          \
00109            S0(W[t - 15]) + W[t - 16]            \
00110 )
00111 
00112 #define P(a,b,c,d,e,f,g,h,x,K)                  \
00113 {                                               \
00114     temp1 = h + S3(e) + F1(e,f,g) + K + x;      \
00115     temp2 = S2(a) + F0(a,b,c);                  \
00116     d += temp1; h = temp1 + temp2;              \
00117 }
00118 
00119     A = ctx->state[0];
00120     B = ctx->state[1];
00121     C = ctx->state[2];
00122     D = ctx->state[3];
00123     E = ctx->state[4];
00124     F = ctx->state[5];
00125     G = ctx->state[6];
00126     H = ctx->state[7];
00127 
00128     P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 );
00129     P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 );
00130     P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF );
00131     P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 );
00132     P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B );
00133     P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 );
00134     P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 );
00135     P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 );
00136     P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 );
00137     P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 );
00138     P( G, H, A, B, C, D, E, F, W[10], 0x243185BE );
00139     P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 );
00140     P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 );
00141     P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE );
00142     P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 );
00143     P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 );
00144     P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 );
00145     P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 );
00146     P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 );
00147     P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC );
00148     P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F );
00149     P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA );
00150     P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC );
00151     P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA );
00152     P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 );
00153     P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D );
00154     P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 );
00155     P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 );
00156     P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 );
00157     P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 );
00158     P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 );
00159     P( B, C, D, E, F, G, H, A, R(31), 0x14292967 );
00160     P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 );
00161     P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 );
00162     P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC );
00163     P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 );
00164     P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 );
00165     P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB );
00166     P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E );
00167     P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 );
00168     P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 );
00169     P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B );
00170     P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 );
00171     P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 );
00172     P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 );
00173     P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 );
00174     P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 );
00175     P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 );
00176     P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 );
00177     P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 );
00178     P( G, H, A, B, C, D, E, F, R(50), 0x2748774C );
00179     P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 );
00180     P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 );
00181     P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A );
00182     P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F );
00183     P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 );
00184     P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE );
00185     P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F );
00186     P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 );
00187     P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 );
00188     P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA );
00189     P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB );
00190     P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 );
00191     P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 );
00192 
00193     ctx->state[0] += A;
00194     ctx->state[1] += B;
00195     ctx->state[2] += C;
00196     ctx->state[3] += D;
00197     ctx->state[4] += E;
00198     ctx->state[5] += F;
00199     ctx->state[6] += G;
00200     ctx->state[7] += H;
00201 }
00202 
00203 void sha256_update( sha256_context *ctx, const uint8 *input, uint32 length )
00204 {
00205     uint32 left, fill;
00206 
00207     if( ! length ) return;
00208 
00209     left = ctx->total[0] & 0x3F;
00210     fill = 64 - left;
00211 
00212     ctx->total[0] += length;
00213     ctx->total[0] &= 0xFFFFFFFF;
00214 
00215     if( ctx->total[0] < length )
00216         ctx->total[1]++;
00217 
00218     if( left && length >= fill )
00219     {
00220         memcpy( (void *) (ctx->buffer + left),
00221                 (void *) input, fill );
00222         sha256_process( ctx, ctx->buffer );
00223         length -= fill;
00224         input  += fill;
00225         left = 0;
00226     }
00227 
00228     while( length >= 64 )
00229     {
00230         sha256_process( ctx, input );
00231         length -= 64;
00232         input  += 64;
00233     }
00234 
00235     if( length )
00236     {
00237         memcpy( (void *) (ctx->buffer + left),
00238                 (void *) input, length );
00239     }
00240 }
00241 
00242 static uint8 sha256_padding[64] =
00243 {
00244  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
00245     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
00246     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
00247     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
00248 };
00249 
00250 void sha256_finish( sha256_context *ctx, uint8 digest[32] )
00251 {
00252     uint32 last, padn;
00253     uint32 high, low;
00254     uint8 msglen[8];
00255 
00256     high = ( ctx->total[0] >> 29 )
00257          | ( ctx->total[1] <<  3 );
00258     low  = ( ctx->total[0] <<  3 );
00259 
00260     PUT_UINT32( high, msglen, 0 );
00261     PUT_UINT32( low,  msglen, 4 );
00262 
00263     last = ctx->total[0] & 0x3F;
00264     padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
00265 
00266     sha256_update( ctx, sha256_padding, padn );
00267     sha256_update( ctx, msglen, 8 );
00268 
00269     PUT_UINT32( ctx->state[0], digest,  0 );
00270     PUT_UINT32( ctx->state[1], digest,  4 );
00271     PUT_UINT32( ctx->state[2], digest,  8 );
00272     PUT_UINT32( ctx->state[3], digest, 12 );
00273     PUT_UINT32( ctx->state[4], digest, 16 );
00274     PUT_UINT32( ctx->state[5], digest, 20 );
00275     PUT_UINT32( ctx->state[6], digest, 24 );
00276     PUT_UINT32( ctx->state[7], digest, 28 );
00277 }
00278 
00279 // ######################################################################
00280 /* So things look consistent in everyone's emacs... */
00281 /* Local Variables: */
00282 /* indent-tabs-mode: nil */
00283 /* End: */
00284 
00285 #endif // UTIL_SHA2_C_DEFINED
Generated on Sun May 8 08:42:31 2011 for iLab Neuromorphic Vision Toolkit by  doxygen 1.6.3