WIP. send a large constant string twice a second, in order to test out the transport with something indicative of our required load.
Dependencies: FXOS8700CQ NTPClient azure_umqtt_c iothub_mqtt_transport mbed-rtos mbed wolfSSL Socket lwip-eth lwip-sys lwip
Fork of FXOS8700CQ_To_Azure_IoT by
azure_c_shared_utility/sha1.c@3:c0556ff7b8e3, 2016-12-08 (annotated)
- Committer:
- markrad
- Date:
- Thu Dec 08 00:11:40 2016 +0000
- Revision:
- 3:c0556ff7b8e3
Hack the code to get restart working
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
markrad | 3:c0556ff7b8e3 | 1 | // Copyright (c) Microsoft. All rights reserved. |
markrad | 3:c0556ff7b8e3 | 2 | // Licensed under the MIT license. See LICENSE file in the project root for full license information. |
markrad | 3:c0556ff7b8e3 | 3 | |
markrad | 3:c0556ff7b8e3 | 4 | /**************************** sha1.c ****************************/ |
markrad | 3:c0556ff7b8e3 | 5 | /******************** See RFC 4634 for details ******************/ |
markrad | 3:c0556ff7b8e3 | 6 | /* |
markrad | 3:c0556ff7b8e3 | 7 | * Description: |
markrad | 3:c0556ff7b8e3 | 8 | * This file implements the Secure Hash Signature Standard |
markrad | 3:c0556ff7b8e3 | 9 | * algorithms as defined in the National Institute of Standards |
markrad | 3:c0556ff7b8e3 | 10 | * and Technology Federal Information Processing Standards |
markrad | 3:c0556ff7b8e3 | 11 | * Publication (FIPS PUB) 180-1 published on April 17, 1995, 180-2 |
markrad | 3:c0556ff7b8e3 | 12 | * published on August 1, 2002, and the FIPS PUB 180-2 Change |
markrad | 3:c0556ff7b8e3 | 13 | * Notice published on February 28, 2004. |
markrad | 3:c0556ff7b8e3 | 14 | * |
markrad | 3:c0556ff7b8e3 | 15 | * A combined document showing all algorithms is available at |
markrad | 3:c0556ff7b8e3 | 16 | * http://csrc.nist.gov/publications/fips/ |
markrad | 3:c0556ff7b8e3 | 17 | * fips180-2/fips180-2withchangenotice.pdf |
markrad | 3:c0556ff7b8e3 | 18 | * |
markrad | 3:c0556ff7b8e3 | 19 | * The SHA-1 algorithm produces a 160-bit message digest for a |
markrad | 3:c0556ff7b8e3 | 20 | * given data stream. It should take about 2**n steps to find a |
markrad | 3:c0556ff7b8e3 | 21 | * message with the same digest as a given message and |
markrad | 3:c0556ff7b8e3 | 22 | * 2**(n/2) to find any two messages with the same digest, |
markrad | 3:c0556ff7b8e3 | 23 | * when n is the digest size in bits. Therefore, this |
markrad | 3:c0556ff7b8e3 | 24 | * algorithm can serve as a means of providing a |
markrad | 3:c0556ff7b8e3 | 25 | * "fingerprint" for a message. |
markrad | 3:c0556ff7b8e3 | 26 | * |
markrad | 3:c0556ff7b8e3 | 27 | * Portability Issues: |
markrad | 3:c0556ff7b8e3 | 28 | * SHA-1 is defined in terms of 32-bit "words". This code |
markrad | 3:c0556ff7b8e3 | 29 | * uses <stdint.h> (included via "sha.h") to define 32 and 8 |
markrad | 3:c0556ff7b8e3 | 30 | * bit unsigned integer types. If your C compiler does not |
markrad | 3:c0556ff7b8e3 | 31 | * support 32 bit unsigned integers, this code is not |
markrad | 3:c0556ff7b8e3 | 32 | * appropriate. |
markrad | 3:c0556ff7b8e3 | 33 | * |
markrad | 3:c0556ff7b8e3 | 34 | * Caveats: |
markrad | 3:c0556ff7b8e3 | 35 | * SHA-1 is designed to work with messages less than 2^64 bits |
markrad | 3:c0556ff7b8e3 | 36 | * long. This implementation uses SHA1Input() to hash the bits |
markrad | 3:c0556ff7b8e3 | 37 | * that are a multiple of the size of an 8-bit character, and then |
markrad | 3:c0556ff7b8e3 | 38 | * uses SHA1FinalBits() to hash the final few bits of the input. |
markrad | 3:c0556ff7b8e3 | 39 | */ |
markrad | 3:c0556ff7b8e3 | 40 | |
markrad | 3:c0556ff7b8e3 | 41 | #include <stdlib.h> |
markrad | 3:c0556ff7b8e3 | 42 | #ifdef _CRTDBG_MAP_ALLOC |
markrad | 3:c0556ff7b8e3 | 43 | #include <crtdbg.h> |
markrad | 3:c0556ff7b8e3 | 44 | #endif |
markrad | 3:c0556ff7b8e3 | 45 | #include "azure_c_shared_utility/gballoc.h" |
markrad | 3:c0556ff7b8e3 | 46 | |
markrad | 3:c0556ff7b8e3 | 47 | #include "azure_c_shared_utility/sha.h" |
markrad | 3:c0556ff7b8e3 | 48 | #include "azure_c_shared_utility/sha-private.h" |
markrad | 3:c0556ff7b8e3 | 49 | |
markrad | 3:c0556ff7b8e3 | 50 | /* |
markrad | 3:c0556ff7b8e3 | 51 | * Define the SHA1 circular left shift macro |
markrad | 3:c0556ff7b8e3 | 52 | */ |
markrad | 3:c0556ff7b8e3 | 53 | #define SHA1_ROTL(bits,word) \ |
markrad | 3:c0556ff7b8e3 | 54 | (((word) << (bits)) | ((word) >> (32-(bits)))) |
markrad | 3:c0556ff7b8e3 | 55 | |
markrad | 3:c0556ff7b8e3 | 56 | /* |
markrad | 3:c0556ff7b8e3 | 57 | * add "length" to the length |
markrad | 3:c0556ff7b8e3 | 58 | */ |
markrad | 3:c0556ff7b8e3 | 59 | #define SHA1AddLength(context, length) \ |
markrad | 3:c0556ff7b8e3 | 60 | (addTemp = (context)->Length_Low, \ |
markrad | 3:c0556ff7b8e3 | 61 | (context)->Corrupted = \ |
markrad | 3:c0556ff7b8e3 | 62 | (((context)->Length_Low += (length)) < addTemp) && \ |
markrad | 3:c0556ff7b8e3 | 63 | (++(context)->Length_High == 0) ? 1 : 0) |
markrad | 3:c0556ff7b8e3 | 64 | |
markrad | 3:c0556ff7b8e3 | 65 | /* Local Function Prototypes */ |
markrad | 3:c0556ff7b8e3 | 66 | static void SHA1Finalize(SHA1Context *context, uint8_t Pad_Byte); |
markrad | 3:c0556ff7b8e3 | 67 | static void SHA1PadMessage(SHA1Context *, uint8_t Pad_Byte); |
markrad | 3:c0556ff7b8e3 | 68 | static void SHA1ProcessMessageBlock(SHA1Context *); |
markrad | 3:c0556ff7b8e3 | 69 | |
markrad | 3:c0556ff7b8e3 | 70 | /* |
markrad | 3:c0556ff7b8e3 | 71 | * SHA1Reset |
markrad | 3:c0556ff7b8e3 | 72 | * |
markrad | 3:c0556ff7b8e3 | 73 | * Description: |
markrad | 3:c0556ff7b8e3 | 74 | * This function will initialize the SHA1Context in preparation |
markrad | 3:c0556ff7b8e3 | 75 | * for computing a new SHA1 message digest. |
markrad | 3:c0556ff7b8e3 | 76 | * |
markrad | 3:c0556ff7b8e3 | 77 | * Parameters: |
markrad | 3:c0556ff7b8e3 | 78 | * context: [in/out] |
markrad | 3:c0556ff7b8e3 | 79 | * The context to reset. |
markrad | 3:c0556ff7b8e3 | 80 | * |
markrad | 3:c0556ff7b8e3 | 81 | * Returns: |
markrad | 3:c0556ff7b8e3 | 82 | * sha Error Code. |
markrad | 3:c0556ff7b8e3 | 83 | * |
markrad | 3:c0556ff7b8e3 | 84 | */ |
markrad | 3:c0556ff7b8e3 | 85 | int SHA1Reset(SHA1Context *context) |
markrad | 3:c0556ff7b8e3 | 86 | { |
markrad | 3:c0556ff7b8e3 | 87 | if (!context) |
markrad | 3:c0556ff7b8e3 | 88 | return shaNull; |
markrad | 3:c0556ff7b8e3 | 89 | |
markrad | 3:c0556ff7b8e3 | 90 | context->Length_Low = 0; |
markrad | 3:c0556ff7b8e3 | 91 | context->Length_High = 0; |
markrad | 3:c0556ff7b8e3 | 92 | context->Message_Block_Index = 0; |
markrad | 3:c0556ff7b8e3 | 93 | |
markrad | 3:c0556ff7b8e3 | 94 | |
markrad | 3:c0556ff7b8e3 | 95 | /* Initial Hash Values: FIPS-180-2 section 5.3.1 */ |
markrad | 3:c0556ff7b8e3 | 96 | context->Intermediate_Hash[0] = 0x67452301; |
markrad | 3:c0556ff7b8e3 | 97 | context->Intermediate_Hash[1] = 0xEFCDAB89; |
markrad | 3:c0556ff7b8e3 | 98 | context->Intermediate_Hash[2] = 0x98BADCFE; |
markrad | 3:c0556ff7b8e3 | 99 | context->Intermediate_Hash[3] = 0x10325476; |
markrad | 3:c0556ff7b8e3 | 100 | context->Intermediate_Hash[4] = 0xC3D2E1F0; |
markrad | 3:c0556ff7b8e3 | 101 | |
markrad | 3:c0556ff7b8e3 | 102 | context->Computed = 0; |
markrad | 3:c0556ff7b8e3 | 103 | context->Corrupted = 0; |
markrad | 3:c0556ff7b8e3 | 104 | |
markrad | 3:c0556ff7b8e3 | 105 | return shaSuccess; |
markrad | 3:c0556ff7b8e3 | 106 | } |
markrad | 3:c0556ff7b8e3 | 107 | |
markrad | 3:c0556ff7b8e3 | 108 | /* |
markrad | 3:c0556ff7b8e3 | 109 | * SHA1Input |
markrad | 3:c0556ff7b8e3 | 110 | * |
markrad | 3:c0556ff7b8e3 | 111 | * Description: |
markrad | 3:c0556ff7b8e3 | 112 | * This function accepts an array of octets as the next portion |
markrad | 3:c0556ff7b8e3 | 113 | * of the message. |
markrad | 3:c0556ff7b8e3 | 114 | * |
markrad | 3:c0556ff7b8e3 | 115 | * Parameters: |
markrad | 3:c0556ff7b8e3 | 116 | * context: [in/out] |
markrad | 3:c0556ff7b8e3 | 117 | * The SHA context to update |
markrad | 3:c0556ff7b8e3 | 118 | * message_array: [in] |
markrad | 3:c0556ff7b8e3 | 119 | * An array of characters representing the next portion of |
markrad | 3:c0556ff7b8e3 | 120 | * the message. |
markrad | 3:c0556ff7b8e3 | 121 | * length: [in] |
markrad | 3:c0556ff7b8e3 | 122 | * The length of the message in message_array |
markrad | 3:c0556ff7b8e3 | 123 | * |
markrad | 3:c0556ff7b8e3 | 124 | * Returns: |
markrad | 3:c0556ff7b8e3 | 125 | * sha Error Code. |
markrad | 3:c0556ff7b8e3 | 126 | * |
markrad | 3:c0556ff7b8e3 | 127 | */ |
markrad | 3:c0556ff7b8e3 | 128 | int SHA1Input(SHA1Context *context, |
markrad | 3:c0556ff7b8e3 | 129 | const uint8_t *message_array, unsigned length) |
markrad | 3:c0556ff7b8e3 | 130 | { |
markrad | 3:c0556ff7b8e3 | 131 | uint32_t addTemp; |
markrad | 3:c0556ff7b8e3 | 132 | if (!length) |
markrad | 3:c0556ff7b8e3 | 133 | return shaSuccess; |
markrad | 3:c0556ff7b8e3 | 134 | |
markrad | 3:c0556ff7b8e3 | 135 | if (!context || !message_array) |
markrad | 3:c0556ff7b8e3 | 136 | return shaNull; |
markrad | 3:c0556ff7b8e3 | 137 | |
markrad | 3:c0556ff7b8e3 | 138 | if (context->Computed) { |
markrad | 3:c0556ff7b8e3 | 139 | context->Corrupted = shaStateError; |
markrad | 3:c0556ff7b8e3 | 140 | return shaStateError; |
markrad | 3:c0556ff7b8e3 | 141 | } |
markrad | 3:c0556ff7b8e3 | 142 | |
markrad | 3:c0556ff7b8e3 | 143 | if (context->Corrupted) |
markrad | 3:c0556ff7b8e3 | 144 | return context->Corrupted; |
markrad | 3:c0556ff7b8e3 | 145 | |
markrad | 3:c0556ff7b8e3 | 146 | while (length-- && !context->Corrupted) { |
markrad | 3:c0556ff7b8e3 | 147 | context->Message_Block[context->Message_Block_Index++] = |
markrad | 3:c0556ff7b8e3 | 148 | (*message_array & 0xFF); |
markrad | 3:c0556ff7b8e3 | 149 | |
markrad | 3:c0556ff7b8e3 | 150 | if (!SHA1AddLength(context, 8) && |
markrad | 3:c0556ff7b8e3 | 151 | (context->Message_Block_Index == SHA1_Message_Block_Size)) |
markrad | 3:c0556ff7b8e3 | 152 | SHA1ProcessMessageBlock(context); |
markrad | 3:c0556ff7b8e3 | 153 | |
markrad | 3:c0556ff7b8e3 | 154 | message_array++; |
markrad | 3:c0556ff7b8e3 | 155 | } |
markrad | 3:c0556ff7b8e3 | 156 | |
markrad | 3:c0556ff7b8e3 | 157 | return shaSuccess; |
markrad | 3:c0556ff7b8e3 | 158 | } |
markrad | 3:c0556ff7b8e3 | 159 | |
markrad | 3:c0556ff7b8e3 | 160 | /* |
markrad | 3:c0556ff7b8e3 | 161 | * SHA1FinalBits |
markrad | 3:c0556ff7b8e3 | 162 | * |
markrad | 3:c0556ff7b8e3 | 163 | * Description: |
markrad | 3:c0556ff7b8e3 | 164 | * This function will add in any final bits of the message. |
markrad | 3:c0556ff7b8e3 | 165 | * |
markrad | 3:c0556ff7b8e3 | 166 | * Parameters: |
markrad | 3:c0556ff7b8e3 | 167 | * context: [in/out] |
markrad | 3:c0556ff7b8e3 | 168 | * The SHA context to update |
markrad | 3:c0556ff7b8e3 | 169 | * message_bits: [in] |
markrad | 3:c0556ff7b8e3 | 170 | * The final bits of the message, in the upper portion of the |
markrad | 3:c0556ff7b8e3 | 171 | * byte. (Use 0b###00000 instead of 0b00000### to input the |
markrad | 3:c0556ff7b8e3 | 172 | * three bits ###.) |
markrad | 3:c0556ff7b8e3 | 173 | * length: [in] |
markrad | 3:c0556ff7b8e3 | 174 | * The number of bits in message_bits, between 1 and 7. |
markrad | 3:c0556ff7b8e3 | 175 | * |
markrad | 3:c0556ff7b8e3 | 176 | * Returns: |
markrad | 3:c0556ff7b8e3 | 177 | * sha Error Code. |
markrad | 3:c0556ff7b8e3 | 178 | */ |
markrad | 3:c0556ff7b8e3 | 179 | int SHA1FinalBits(SHA1Context *context, const uint8_t message_bits, |
markrad | 3:c0556ff7b8e3 | 180 | unsigned int length) |
markrad | 3:c0556ff7b8e3 | 181 | { |
markrad | 3:c0556ff7b8e3 | 182 | uint32_t addTemp; |
markrad | 3:c0556ff7b8e3 | 183 | |
markrad | 3:c0556ff7b8e3 | 184 | uint8_t masks[8] = { |
markrad | 3:c0556ff7b8e3 | 185 | /* 0 0b00000000 */ 0x00, /* 1 0b10000000 */ 0x80, |
markrad | 3:c0556ff7b8e3 | 186 | /* 2 0b11000000 */ 0xC0, /* 3 0b11100000 */ 0xE0, |
markrad | 3:c0556ff7b8e3 | 187 | /* 4 0b11110000 */ 0xF0, /* 5 0b11111000 */ 0xF8, |
markrad | 3:c0556ff7b8e3 | 188 | /* 6 0b11111100 */ 0xFC, /* 7 0b11111110 */ 0xFE |
markrad | 3:c0556ff7b8e3 | 189 | }; |
markrad | 3:c0556ff7b8e3 | 190 | uint8_t markbit[8] = { |
markrad | 3:c0556ff7b8e3 | 191 | /* 0 0b10000000 */ 0x80, /* 1 0b01000000 */ 0x40, |
markrad | 3:c0556ff7b8e3 | 192 | /* 2 0b00100000 */ 0x20, /* 3 0b00010000 */ 0x10, |
markrad | 3:c0556ff7b8e3 | 193 | /* 4 0b00001000 */ 0x08, /* 5 0b00000100 */ 0x04, |
markrad | 3:c0556ff7b8e3 | 194 | /* 6 0b00000010 */ 0x02, /* 7 0b00000001 */ 0x01 |
markrad | 3:c0556ff7b8e3 | 195 | }; |
markrad | 3:c0556ff7b8e3 | 196 | |
markrad | 3:c0556ff7b8e3 | 197 | if (!length) |
markrad | 3:c0556ff7b8e3 | 198 | return shaSuccess; |
markrad | 3:c0556ff7b8e3 | 199 | |
markrad | 3:c0556ff7b8e3 | 200 | if (!context) |
markrad | 3:c0556ff7b8e3 | 201 | return shaNull; |
markrad | 3:c0556ff7b8e3 | 202 | |
markrad | 3:c0556ff7b8e3 | 203 | if (context->Computed || (length >= 8) || (length == 0)) { |
markrad | 3:c0556ff7b8e3 | 204 | context->Corrupted = shaStateError; |
markrad | 3:c0556ff7b8e3 | 205 | return shaStateError; |
markrad | 3:c0556ff7b8e3 | 206 | } |
markrad | 3:c0556ff7b8e3 | 207 | |
markrad | 3:c0556ff7b8e3 | 208 | if (context->Corrupted) |
markrad | 3:c0556ff7b8e3 | 209 | return context->Corrupted; |
markrad | 3:c0556ff7b8e3 | 210 | |
markrad | 3:c0556ff7b8e3 | 211 | SHA1AddLength(context, length); |
markrad | 3:c0556ff7b8e3 | 212 | SHA1Finalize(context, |
markrad | 3:c0556ff7b8e3 | 213 | (uint8_t)((message_bits & masks[length]) | markbit[length])); |
markrad | 3:c0556ff7b8e3 | 214 | |
markrad | 3:c0556ff7b8e3 | 215 | return shaSuccess; |
markrad | 3:c0556ff7b8e3 | 216 | } |
markrad | 3:c0556ff7b8e3 | 217 | |
markrad | 3:c0556ff7b8e3 | 218 | /* |
markrad | 3:c0556ff7b8e3 | 219 | * SHA1Result |
markrad | 3:c0556ff7b8e3 | 220 | * |
markrad | 3:c0556ff7b8e3 | 221 | * Description: |
markrad | 3:c0556ff7b8e3 | 222 | * This function will return the 160-bit message digest into the |
markrad | 3:c0556ff7b8e3 | 223 | * Message_Digest array provided by the caller. |
markrad | 3:c0556ff7b8e3 | 224 | * NOTE: The first octet of hash is stored in the 0th element, |
markrad | 3:c0556ff7b8e3 | 225 | * the last octet of hash in the 19th element. |
markrad | 3:c0556ff7b8e3 | 226 | * |
markrad | 3:c0556ff7b8e3 | 227 | * Parameters: |
markrad | 3:c0556ff7b8e3 | 228 | * context: [in/out] |
markrad | 3:c0556ff7b8e3 | 229 | * The context to use to calculate the SHA-1 hash. |
markrad | 3:c0556ff7b8e3 | 230 | * Message_Digest: [out] |
markrad | 3:c0556ff7b8e3 | 231 | * Where the digest is returned. |
markrad | 3:c0556ff7b8e3 | 232 | * |
markrad | 3:c0556ff7b8e3 | 233 | * Returns: |
markrad | 3:c0556ff7b8e3 | 234 | * sha Error Code. |
markrad | 3:c0556ff7b8e3 | 235 | * |
markrad | 3:c0556ff7b8e3 | 236 | */ |
markrad | 3:c0556ff7b8e3 | 237 | int SHA1Result(SHA1Context *context, |
markrad | 3:c0556ff7b8e3 | 238 | uint8_t Message_Digest[SHA1HashSize]) |
markrad | 3:c0556ff7b8e3 | 239 | { |
markrad | 3:c0556ff7b8e3 | 240 | int i; |
markrad | 3:c0556ff7b8e3 | 241 | |
markrad | 3:c0556ff7b8e3 | 242 | if (!context || !Message_Digest) |
markrad | 3:c0556ff7b8e3 | 243 | return shaNull; |
markrad | 3:c0556ff7b8e3 | 244 | |
markrad | 3:c0556ff7b8e3 | 245 | if (context->Corrupted) |
markrad | 3:c0556ff7b8e3 | 246 | return context->Corrupted; |
markrad | 3:c0556ff7b8e3 | 247 | |
markrad | 3:c0556ff7b8e3 | 248 | if (!context->Computed) |
markrad | 3:c0556ff7b8e3 | 249 | SHA1Finalize(context, 0x80); |
markrad | 3:c0556ff7b8e3 | 250 | |
markrad | 3:c0556ff7b8e3 | 251 | for (i = 0; i < SHA1HashSize; ++i) |
markrad | 3:c0556ff7b8e3 | 252 | Message_Digest[i] = (uint8_t)(context->Intermediate_Hash[i >> 2] |
markrad | 3:c0556ff7b8e3 | 253 | >> 8 * (3 - (i & 0x03))); |
markrad | 3:c0556ff7b8e3 | 254 | |
markrad | 3:c0556ff7b8e3 | 255 | return shaSuccess; |
markrad | 3:c0556ff7b8e3 | 256 | } |
markrad | 3:c0556ff7b8e3 | 257 | |
markrad | 3:c0556ff7b8e3 | 258 | /* |
markrad | 3:c0556ff7b8e3 | 259 | * SHA1Finalize |
markrad | 3:c0556ff7b8e3 | 260 | * |
markrad | 3:c0556ff7b8e3 | 261 | * Description: |
markrad | 3:c0556ff7b8e3 | 262 | * This helper function finishes off the digest calculations. |
markrad | 3:c0556ff7b8e3 | 263 | * |
markrad | 3:c0556ff7b8e3 | 264 | * Parameters: |
markrad | 3:c0556ff7b8e3 | 265 | * context: [in/out] |
markrad | 3:c0556ff7b8e3 | 266 | * The SHA context to update |
markrad | 3:c0556ff7b8e3 | 267 | * Pad_Byte: [in] |
markrad | 3:c0556ff7b8e3 | 268 | * The last byte to add to the digest before the 0-padding |
markrad | 3:c0556ff7b8e3 | 269 | * and length. This will contain the last bits of the message |
markrad | 3:c0556ff7b8e3 | 270 | * followed by another single bit. If the message was an |
markrad | 3:c0556ff7b8e3 | 271 | * exact multiple of 8-bits long, Pad_Byte will be 0x80. |
markrad | 3:c0556ff7b8e3 | 272 | * |
markrad | 3:c0556ff7b8e3 | 273 | * Returns: |
markrad | 3:c0556ff7b8e3 | 274 | * sha Error Code. |
markrad | 3:c0556ff7b8e3 | 275 | * |
markrad | 3:c0556ff7b8e3 | 276 | */ |
markrad | 3:c0556ff7b8e3 | 277 | static void SHA1Finalize(SHA1Context *context, uint8_t Pad_Byte) |
markrad | 3:c0556ff7b8e3 | 278 | { |
markrad | 3:c0556ff7b8e3 | 279 | int i; |
markrad | 3:c0556ff7b8e3 | 280 | SHA1PadMessage(context, Pad_Byte); |
markrad | 3:c0556ff7b8e3 | 281 | /* message may be sensitive, clear it out */ |
markrad | 3:c0556ff7b8e3 | 282 | for (i = 0; i < SHA1_Message_Block_Size; ++i) |
markrad | 3:c0556ff7b8e3 | 283 | context->Message_Block[i] = 0; |
markrad | 3:c0556ff7b8e3 | 284 | context->Length_Low = 0; /* and clear length */ |
markrad | 3:c0556ff7b8e3 | 285 | context->Length_High = 0; |
markrad | 3:c0556ff7b8e3 | 286 | context->Computed = 1; |
markrad | 3:c0556ff7b8e3 | 287 | } |
markrad | 3:c0556ff7b8e3 | 288 | |
markrad | 3:c0556ff7b8e3 | 289 | /* |
markrad | 3:c0556ff7b8e3 | 290 | * SHA1PadMessage |
markrad | 3:c0556ff7b8e3 | 291 | * |
markrad | 3:c0556ff7b8e3 | 292 | * Description: |
markrad | 3:c0556ff7b8e3 | 293 | * According to the standard, the message must be padded to an |
markrad | 3:c0556ff7b8e3 | 294 | * even 512 bits. The first padding bit must be a '1'. The last |
markrad | 3:c0556ff7b8e3 | 295 | * 64 bits represent the length of the original message. All bits |
markrad | 3:c0556ff7b8e3 | 296 | * in between should be 0. This helper function will pad the |
markrad | 3:c0556ff7b8e3 | 297 | * message according to those rules by filling the Message_Block |
markrad | 3:c0556ff7b8e3 | 298 | * array accordingly. When it returns, it can be assumed that the |
markrad | 3:c0556ff7b8e3 | 299 | * message digest has been computed. |
markrad | 3:c0556ff7b8e3 | 300 | * |
markrad | 3:c0556ff7b8e3 | 301 | * Parameters: |
markrad | 3:c0556ff7b8e3 | 302 | * context: [in/out] |
markrad | 3:c0556ff7b8e3 | 303 | * The context to pad |
markrad | 3:c0556ff7b8e3 | 304 | * Pad_Byte: [in] |
markrad | 3:c0556ff7b8e3 | 305 | * The last byte to add to the digest before the 0-padding |
markrad | 3:c0556ff7b8e3 | 306 | * and length. This will contain the last bits of the message |
markrad | 3:c0556ff7b8e3 | 307 | * followed by another single bit. If the message was an |
markrad | 3:c0556ff7b8e3 | 308 | * exact multiple of 8-bits long, Pad_Byte will be 0x80. |
markrad | 3:c0556ff7b8e3 | 309 | * |
markrad | 3:c0556ff7b8e3 | 310 | * Returns: |
markrad | 3:c0556ff7b8e3 | 311 | * Nothing. |
markrad | 3:c0556ff7b8e3 | 312 | */ |
markrad | 3:c0556ff7b8e3 | 313 | static void SHA1PadMessage(SHA1Context *context, uint8_t Pad_Byte) |
markrad | 3:c0556ff7b8e3 | 314 | { |
markrad | 3:c0556ff7b8e3 | 315 | /* |
markrad | 3:c0556ff7b8e3 | 316 | * Check to see if the current message block is too small to hold |
markrad | 3:c0556ff7b8e3 | 317 | * the initial padding bits and length. If so, we will pad the |
markrad | 3:c0556ff7b8e3 | 318 | * block, process it, and then continue padding into a second |
markrad | 3:c0556ff7b8e3 | 319 | * block. |
markrad | 3:c0556ff7b8e3 | 320 | */ |
markrad | 3:c0556ff7b8e3 | 321 | if (context->Message_Block_Index >= (SHA1_Message_Block_Size - 8)) { |
markrad | 3:c0556ff7b8e3 | 322 | context->Message_Block[context->Message_Block_Index++] = Pad_Byte; |
markrad | 3:c0556ff7b8e3 | 323 | while (context->Message_Block_Index < SHA1_Message_Block_Size) |
markrad | 3:c0556ff7b8e3 | 324 | context->Message_Block[context->Message_Block_Index++] = 0; |
markrad | 3:c0556ff7b8e3 | 325 | |
markrad | 3:c0556ff7b8e3 | 326 | SHA1ProcessMessageBlock(context); |
markrad | 3:c0556ff7b8e3 | 327 | } |
markrad | 3:c0556ff7b8e3 | 328 | else |
markrad | 3:c0556ff7b8e3 | 329 | context->Message_Block[context->Message_Block_Index++] = Pad_Byte; |
markrad | 3:c0556ff7b8e3 | 330 | |
markrad | 3:c0556ff7b8e3 | 331 | while (context->Message_Block_Index < (SHA1_Message_Block_Size - 8)) |
markrad | 3:c0556ff7b8e3 | 332 | context->Message_Block[context->Message_Block_Index++] = 0; |
markrad | 3:c0556ff7b8e3 | 333 | |
markrad | 3:c0556ff7b8e3 | 334 | /* |
markrad | 3:c0556ff7b8e3 | 335 | * Store the message length as the last 8 octets |
markrad | 3:c0556ff7b8e3 | 336 | */ |
markrad | 3:c0556ff7b8e3 | 337 | context->Message_Block[56] = (uint8_t)(context->Length_High >> 24); |
markrad | 3:c0556ff7b8e3 | 338 | context->Message_Block[57] = (uint8_t)(context->Length_High >> 16); |
markrad | 3:c0556ff7b8e3 | 339 | |
markrad | 3:c0556ff7b8e3 | 340 | context->Message_Block[58] = (uint8_t)(context->Length_High >> 8); |
markrad | 3:c0556ff7b8e3 | 341 | context->Message_Block[59] = (uint8_t)(context->Length_High); |
markrad | 3:c0556ff7b8e3 | 342 | context->Message_Block[60] = (uint8_t)(context->Length_Low >> 24); |
markrad | 3:c0556ff7b8e3 | 343 | context->Message_Block[61] = (uint8_t)(context->Length_Low >> 16); |
markrad | 3:c0556ff7b8e3 | 344 | context->Message_Block[62] = (uint8_t)(context->Length_Low >> 8); |
markrad | 3:c0556ff7b8e3 | 345 | context->Message_Block[63] = (uint8_t)(context->Length_Low); |
markrad | 3:c0556ff7b8e3 | 346 | |
markrad | 3:c0556ff7b8e3 | 347 | SHA1ProcessMessageBlock(context); |
markrad | 3:c0556ff7b8e3 | 348 | } |
markrad | 3:c0556ff7b8e3 | 349 | |
markrad | 3:c0556ff7b8e3 | 350 | /* |
markrad | 3:c0556ff7b8e3 | 351 | * SHA1ProcessMessageBlock |
markrad | 3:c0556ff7b8e3 | 352 | * |
markrad | 3:c0556ff7b8e3 | 353 | * Description: |
markrad | 3:c0556ff7b8e3 | 354 | * This helper function will process the next 512 bits of the |
markrad | 3:c0556ff7b8e3 | 355 | * message stored in the Message_Block array. |
markrad | 3:c0556ff7b8e3 | 356 | * |
markrad | 3:c0556ff7b8e3 | 357 | * Parameters: |
markrad | 3:c0556ff7b8e3 | 358 | * None. |
markrad | 3:c0556ff7b8e3 | 359 | * |
markrad | 3:c0556ff7b8e3 | 360 | * Returns: |
markrad | 3:c0556ff7b8e3 | 361 | * Nothing. |
markrad | 3:c0556ff7b8e3 | 362 | * |
markrad | 3:c0556ff7b8e3 | 363 | * Comments: |
markrad | 3:c0556ff7b8e3 | 364 | * Many of the variable names in this code, especially the |
markrad | 3:c0556ff7b8e3 | 365 | * single character names, were used because those were the |
markrad | 3:c0556ff7b8e3 | 366 | * names used in the publication. |
markrad | 3:c0556ff7b8e3 | 367 | */ |
markrad | 3:c0556ff7b8e3 | 368 | static void SHA1ProcessMessageBlock(SHA1Context *context) |
markrad | 3:c0556ff7b8e3 | 369 | { |
markrad | 3:c0556ff7b8e3 | 370 | /* Constants defined in FIPS-180-2, section 4.2.1 */ |
markrad | 3:c0556ff7b8e3 | 371 | const uint32_t K[4] = { |
markrad | 3:c0556ff7b8e3 | 372 | 0x5A827999, 0x6ED9EBA1, 0x8F1BBCDC, 0xCA62C1D6 |
markrad | 3:c0556ff7b8e3 | 373 | }; |
markrad | 3:c0556ff7b8e3 | 374 | int t; /* Loop counter */ |
markrad | 3:c0556ff7b8e3 | 375 | uint32_t temp; /* Temporary word value */ |
markrad | 3:c0556ff7b8e3 | 376 | uint32_t W[80]; /* Word sequence */ |
markrad | 3:c0556ff7b8e3 | 377 | uint32_t A, B, C, D, E; /* Word buffers */ |
markrad | 3:c0556ff7b8e3 | 378 | |
markrad | 3:c0556ff7b8e3 | 379 | /* |
markrad | 3:c0556ff7b8e3 | 380 | * Initialize the first 16 words in the array W |
markrad | 3:c0556ff7b8e3 | 381 | */ |
markrad | 3:c0556ff7b8e3 | 382 | for (t = 0; t < 16; t++) { |
markrad | 3:c0556ff7b8e3 | 383 | W[t] = ((uint32_t)context->Message_Block[t * 4]) << 24; |
markrad | 3:c0556ff7b8e3 | 384 | W[t] |= ((uint32_t)context->Message_Block[t * 4 + 1]) << 16; |
markrad | 3:c0556ff7b8e3 | 385 | W[t] |= ((uint32_t)context->Message_Block[t * 4 + 2]) << 8; |
markrad | 3:c0556ff7b8e3 | 386 | W[t] |= ((uint32_t)context->Message_Block[t * 4 + 3]); |
markrad | 3:c0556ff7b8e3 | 387 | } |
markrad | 3:c0556ff7b8e3 | 388 | |
markrad | 3:c0556ff7b8e3 | 389 | for (t = 16; t < 80; t++) |
markrad | 3:c0556ff7b8e3 | 390 | W[t] = SHA1_ROTL(1, W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16]); |
markrad | 3:c0556ff7b8e3 | 391 | |
markrad | 3:c0556ff7b8e3 | 392 | A = context->Intermediate_Hash[0]; |
markrad | 3:c0556ff7b8e3 | 393 | B = context->Intermediate_Hash[1]; |
markrad | 3:c0556ff7b8e3 | 394 | C = context->Intermediate_Hash[2]; |
markrad | 3:c0556ff7b8e3 | 395 | D = context->Intermediate_Hash[3]; |
markrad | 3:c0556ff7b8e3 | 396 | E = context->Intermediate_Hash[4]; |
markrad | 3:c0556ff7b8e3 | 397 | |
markrad | 3:c0556ff7b8e3 | 398 | for (t = 0; t < 20; t++) { |
markrad | 3:c0556ff7b8e3 | 399 | temp = SHA1_ROTL(5, A) + SHA_Ch(B, C, D) + E + W[t] + K[0]; |
markrad | 3:c0556ff7b8e3 | 400 | E = D; |
markrad | 3:c0556ff7b8e3 | 401 | D = C; |
markrad | 3:c0556ff7b8e3 | 402 | C = SHA1_ROTL(30, B); |
markrad | 3:c0556ff7b8e3 | 403 | B = A; |
markrad | 3:c0556ff7b8e3 | 404 | A = temp; |
markrad | 3:c0556ff7b8e3 | 405 | } |
markrad | 3:c0556ff7b8e3 | 406 | |
markrad | 3:c0556ff7b8e3 | 407 | for (t = 20; t < 40; t++) { |
markrad | 3:c0556ff7b8e3 | 408 | temp = SHA1_ROTL(5, A) + SHA_Parity(B, C, D) + E + W[t] + K[1]; |
markrad | 3:c0556ff7b8e3 | 409 | E = D; |
markrad | 3:c0556ff7b8e3 | 410 | D = C; |
markrad | 3:c0556ff7b8e3 | 411 | C = SHA1_ROTL(30, B); |
markrad | 3:c0556ff7b8e3 | 412 | B = A; |
markrad | 3:c0556ff7b8e3 | 413 | A = temp; |
markrad | 3:c0556ff7b8e3 | 414 | } |
markrad | 3:c0556ff7b8e3 | 415 | |
markrad | 3:c0556ff7b8e3 | 416 | for (t = 40; t < 60; t++) { |
markrad | 3:c0556ff7b8e3 | 417 | temp = SHA1_ROTL(5, A) + SHA_Maj(B, C, D) + E + W[t] + K[2]; |
markrad | 3:c0556ff7b8e3 | 418 | E = D; |
markrad | 3:c0556ff7b8e3 | 419 | D = C; |
markrad | 3:c0556ff7b8e3 | 420 | C = SHA1_ROTL(30, B); |
markrad | 3:c0556ff7b8e3 | 421 | B = A; |
markrad | 3:c0556ff7b8e3 | 422 | A = temp; |
markrad | 3:c0556ff7b8e3 | 423 | } |
markrad | 3:c0556ff7b8e3 | 424 | |
markrad | 3:c0556ff7b8e3 | 425 | for (t = 60; t < 80; t++) { |
markrad | 3:c0556ff7b8e3 | 426 | temp = SHA1_ROTL(5, A) + SHA_Parity(B, C, D) + E + W[t] + K[3]; |
markrad | 3:c0556ff7b8e3 | 427 | E = D; |
markrad | 3:c0556ff7b8e3 | 428 | D = C; |
markrad | 3:c0556ff7b8e3 | 429 | C = SHA1_ROTL(30, B); |
markrad | 3:c0556ff7b8e3 | 430 | B = A; |
markrad | 3:c0556ff7b8e3 | 431 | A = temp; |
markrad | 3:c0556ff7b8e3 | 432 | } |
markrad | 3:c0556ff7b8e3 | 433 | |
markrad | 3:c0556ff7b8e3 | 434 | context->Intermediate_Hash[0] += A; |
markrad | 3:c0556ff7b8e3 | 435 | context->Intermediate_Hash[1] += B; |
markrad | 3:c0556ff7b8e3 | 436 | context->Intermediate_Hash[2] += C; |
markrad | 3:c0556ff7b8e3 | 437 | |
markrad | 3:c0556ff7b8e3 | 438 | context->Intermediate_Hash[3] += D; |
markrad | 3:c0556ff7b8e3 | 439 | context->Intermediate_Hash[4] += E; |
markrad | 3:c0556ff7b8e3 | 440 | |
markrad | 3:c0556ff7b8e3 | 441 | context->Message_Block_Index = 0; |
markrad | 3:c0556ff7b8e3 | 442 | } |
markrad | 3:c0556ff7b8e3 | 443 |