2 * Based on shasum from http://www.netsw.org/crypto/hash/
3 * Majorly hacked up to use Dr Brian Gladman's sha1 code
5 * Copyright (C) 2003 Glenn L. McGrath
6 * Copyright (C) 2003 Erik Andersen
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
38 ---------------------------------------------------------------------------
39 Begin Dr. Gladman's sha1 code
40 ---------------------------------------------------------------------------
44 ---------------------------------------------------------------------------
45 Copyright (c) 2002, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
50 The free distribution and use of this software in both source and binary
51 form is allowed (with or without changes) provided that:
53 1. distributions of this source code include the above copyright
54 notice, this list of conditions and the following disclaimer;
56 2. distributions in binary form include the above copyright
57 notice, this list of conditions and the following disclaimer
58 in the documentation and/or other associated materials;
60 3. the copyright holder's name is not used to endorse products
61 built using this software without specific written permission.
63 ALTERNATIVELY, provided that this notice is retained in full, this product
64 may be distributed under the terms of the GNU General Public License (GPL),
65 in which case the provisions of the GPL apply INSTEAD OF those given above.
69 This software is provided 'as is' with no explicit or implied warranties
70 in respect of its properties, including, but not limited to, correctness
71 and/or fitness for purpose.
72 ---------------------------------------------------------------------------
73 Issue Date: 10/11/2002
75 This is a byte oriented version of SHA1 that operates on arrays of bytes
76 stored in memory. It runs at 22 cycles per byte on a Pentium P4 processor
79 # define SHA1_BLOCK_SIZE 64
80 # define SHA1_DIGEST_SIZE 20
81 # define SHA1_HASH_SIZE SHA1_DIGEST_SIZE
85 # define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
87 # if __BYTE_ORDER == __BIG_ENDIAN
88 # define swap_b32(x) (x)
89 # elif defined(bswap_32)
90 # define swap_b32(x) bswap_32(x)
92 # define swap_b32(x) ((rotl32((x), 8) & 0x00ff00ff) | (rotl32((x), 24) & 0xff00ff00))
93 # endif /* __BYTE_ORDER */
95 # define SHA1_MASK (SHA1_BLOCK_SIZE - 1)
97 /* reverse byte order in 32-bit words */
98 # define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z)))
99 # define parity(x,y,z) ((x) ^ (y) ^ (z))
100 # define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
102 /* A normal version as set out in the FIPS. This version uses */
103 /* partial loop unrolling and is optimised for the Pentium 4 */
105 t = a; a = rotl32(a,5) + f(b,c,d) + e + k + w[i]; \
106 e = d; d = c; c = rotl32(b, 30); b = t
108 /* type to hold the SHA1 context */
115 static void sha1_compile(sha1_ctx ctx[1])
117 uint32_t w[80], i, a, b, c, d, e, t;
119 /* note that words are compiled from the buffer into 32-bit */
120 /* words in big-endian order so an order reversal is needed */
121 /* here on little endian machines */
122 for (i = 0; i < SHA1_BLOCK_SIZE / 4; ++i)
123 w[i] = swap_b32(ctx->wbuf[i]);
125 for (i = SHA1_BLOCK_SIZE / 4; i < 80; ++i)
126 w[i] = rotl32(w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16], 1);
134 for (i = 0; i < 20; ++i) {
138 for (i = 20; i < 40; ++i) {
139 rnd(parity, 0x6ed9eba1);
142 for (i = 40; i < 60; ++i) {
143 rnd(maj, 0x8f1bbcdc);
146 for (i = 60; i < 80; ++i) {
147 rnd(parity, 0xca62c1d6);
157 static void sha1_begin(sha1_ctx ctx[1])
159 ctx->count[0] = ctx->count[1] = 0;
160 ctx->hash[0] = 0x67452301;
161 ctx->hash[1] = 0xefcdab89;
162 ctx->hash[2] = 0x98badcfe;
163 ctx->hash[3] = 0x10325476;
164 ctx->hash[4] = 0xc3d2e1f0;
167 /* SHA1 hash data in an array of bytes into hash buffer and call the */
168 /* hash_compile function as required. */
169 static void sha1_hash(const unsigned char data[], unsigned int len, sha1_ctx ctx[1])
171 uint32_t pos = (uint32_t) (ctx->count[0] & SHA1_MASK),
172 freeb = SHA1_BLOCK_SIZE - pos;
173 const unsigned char *sp = data;
175 if ((ctx->count[0] += len) < len)
178 while (len >= freeb) { /* tranfer whole blocks while possible */
179 memcpy(((unsigned char *) ctx->wbuf) + pos, sp, freeb);
182 freeb = SHA1_BLOCK_SIZE;
187 memcpy(((unsigned char *) ctx->wbuf) + pos, sp, len);
190 /* SHA1 Final padding and digest calculation */
191 # if __BYTE_ORDER == __LITTLE_ENDIAN
192 static uint32_t mask[4] = { 0x00000000, 0x000000ff, 0x0000ffff, 0x00ffffff };
193 static uint32_t bits[4] = { 0x00000080, 0x00008000, 0x00800000, 0x80000000 };
195 static uint32_t mask[4] = { 0x00000000, 0xff000000, 0xffff0000, 0xffffff00 };
196 static uint32_t bits[4] = { 0x80000000, 0x00800000, 0x00008000, 0x00000080 };
197 # endif /* __BYTE_ORDER */
199 void sha1_end(unsigned char hval[], sha1_ctx ctx[1])
201 uint32_t i, cnt = (uint32_t) (ctx->count[0] & SHA1_MASK);
203 /* mask out the rest of any partial 32-bit word and then set */
204 /* the next byte to 0x80. On big-endian machines any bytes in */
205 /* the buffer will be at the top end of 32 bit words, on little */
206 /* endian machines they will be at the bottom. Hence the AND */
207 /* and OR masks above are reversed for little endian systems */
208 ctx->wbuf[cnt >> 2] =
209 (ctx->wbuf[cnt >> 2] & mask[cnt & 3]) | bits[cnt & 3];
211 /* we need 9 or more empty positions, one for the padding byte */
212 /* (above) and eight for the length count. If there is not */
213 /* enough space pad and empty the buffer */
214 if (cnt > SHA1_BLOCK_SIZE - 9) {
219 } else /* compute a word index for the empty buffer positions */
220 cnt = (cnt >> 2) + 1;
222 while (cnt < 14) /* and zero pad all but last two positions */
223 ctx->wbuf[cnt++] = 0;
225 /* assemble the eight byte counter in the buffer in big-endian */
228 ctx->wbuf[14] = swap_b32((ctx->count[1] << 3) | (ctx->count[0] >> 29));
229 ctx->wbuf[15] = swap_b32(ctx->count[0] << 3);
233 /* extract the hash value as bytes in case the hash buffer is */
234 /* misaligned for 32-bit words */
236 for (i = 0; i < SHA1_DIGEST_SIZE; ++i)
237 hval[i] = (unsigned char) (ctx->hash[i >> 2] >> 8 * (~i & 3));
241 ---------------------------------------------------------------------------
242 End of Dr. Gladman's sha1 code
243 ---------------------------------------------------------------------------
245 #endif /* CONFIG_SHA1 */
253 * md5sum.c - Compute MD5 checksum of files or strings according to the
254 * definition of MD5 in RFC 1321 from April 1992.
256 * Copyright (C) 1995-1999 Free Software Foundation, Inc.
257 * Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995.
260 * June 29, 2001 Manuel Novoa III
262 * Added MD5SUM_SIZE_VS_SPEED configuration option.
264 * Current valid values, with data from my system for comparison, are:
265 * (using uClibc and running on linux-2.4.4.tar.bz2)
266 * user times (sec) text size (386)
267 * 0 (fastest) 1.1 6144
270 * 3 (smallest) 5.1 4912
273 # define MD5SUM_SIZE_VS_SPEED 2
275 /* Handle endian-ness */
276 # if __BYTE_ORDER == __LITTLE_ENDIAN
279 # define SWAP(n) ((n << 24) | ((n&65280)<<8) | ((n&16711680)>>8) | (n>>24))
282 # if MD5SUM_SIZE_VS_SPEED == 0
283 /* This array contains the bytes used to pad the buffer to the next
284 64-byte boundary. (RFC 1321, 3.1: Step 1) */
285 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
286 # endif /* MD5SUM_SIZE_VS_SPEED == 0 */
288 typedef u_int32_t md5_uint32;
290 /* Structure to save state of computation between the single steps. */
302 /* Initialize structure containing state of computation.
303 * (RFC 1321, 3.3: Step 3)
305 static void md5_begin(struct md5_ctx *ctx)
312 ctx->total[0] = ctx->total[1] = 0;
316 /* These are the four functions used in the four steps of the MD5 algorithm
317 * and defined in the RFC 1321. The first function is a little bit optimized
318 * (as found in Colin Plumbs public domain implementation).
319 * #define FF(b, c, d) ((b & c) | (~b & d))
321 # define FF(b, c, d) (d ^ (b & (c ^ d)))
322 # define FG(b, c, d) FF (d, b, c)
323 # define FH(b, c, d) (b ^ c ^ d)
324 # define FI(b, c, d) (c ^ (b | ~d))
326 /* Starting with the result of former calls of this function (or the
327 * initialization function update the context for the next LEN bytes
328 * starting at BUFFER.
329 * It is necessary that LEN is a multiple of 64!!!
331 static void md5_hash_block(const void *buffer, size_t len,
334 md5_uint32 correct_words[16];
335 const md5_uint32 *words = buffer;
336 size_t nwords = len / sizeof(md5_uint32);
337 const md5_uint32 *endp = words + nwords;
339 # if MD5SUM_SIZE_VS_SPEED > 0
340 static const md5_uint32 C_array[] = {
342 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
343 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501,
344 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be,
345 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821,
347 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa,
348 0xd62f105d, 0x2441453, 0xd8a1e681, 0xe7d3fbc8,
349 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed,
350 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a,
352 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c,
353 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70,
354 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x4881d05,
355 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665,
357 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039,
358 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1,
359 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
360 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391
363 static const char P_array[] = {
364 # if MD5SUM_SIZE_VS_SPEED > 1
365 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, /* 1 */
366 # endif /* MD5SUM_SIZE_VS_SPEED > 1 */
367 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, /* 2 */
368 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, /* 3 */
369 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9 /* 4 */
372 # if MD5SUM_SIZE_VS_SPEED > 1
373 static const char S_array[] = {
379 # endif /* MD5SUM_SIZE_VS_SPEED > 1 */
382 md5_uint32 A = ctx->A;
383 md5_uint32 B = ctx->B;
384 md5_uint32 C = ctx->C;
385 md5_uint32 D = ctx->D;
387 /* First increment the byte count. RFC 1321 specifies the possible
388 length of the file up to 2^64 bits. Here we only compute the
389 number of bytes. Do a double word increment. */
390 ctx->total[0] += len;
391 if (ctx->total[0] < len)
394 /* Process all bytes in the buffer with 64 bytes in each round of
396 while (words < endp) {
397 md5_uint32 *cwp = correct_words;
398 md5_uint32 A_save = A;
399 md5_uint32 B_save = B;
400 md5_uint32 C_save = C;
401 md5_uint32 D_save = D;
403 # if MD5SUM_SIZE_VS_SPEED > 1
404 # define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
406 const md5_uint32 *pc;
412 for (i = 0; i < 16; i++) {
413 cwp[i] = SWAP(words[i]);
417 # if MD5SUM_SIZE_VS_SPEED > 2
422 for (i = 0; i < 64; i++) {
439 temp += cwp[(int) (*pp++)] + *pc++;
440 CYCLIC(temp, ps[i & 3]);
452 for (i = 0; i < 16; i++) {
453 temp = A + FF(B, C, D) + cwp[(int) (*pp++)] + *pc++;
454 CYCLIC(temp, ps[i & 3]);
463 for (i = 0; i < 16; i++) {
464 temp = A + FG(B, C, D) + cwp[(int) (*pp++)] + *pc++;
465 CYCLIC(temp, ps[i & 3]);
473 for (i = 0; i < 16; i++) {
474 temp = A + FH(B, C, D) + cwp[(int) (*pp++)] + *pc++;
475 CYCLIC(temp, ps[i & 3]);
483 for (i = 0; i < 16; i++) {
484 temp = A + FI(B, C, D) + cwp[(int) (*pp++)] + *pc++;
485 CYCLIC(temp, ps[i & 3]);
493 # endif /* MD5SUM_SIZE_VS_SPEED > 2 */
495 /* First round: using the given function, the context and a constant
496 the next context is computed. Because the algorithms processing
497 unit is a 32-bit word and it is determined to work on words in
498 little endian byte order we perhaps have to change the byte order
499 before the computation. To reduce the work for the next steps
500 we store the swapped words in the array CORRECT_WORDS. */
502 # define OP(a, b, c, d, s, T) \
505 a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \
512 /* It is unfortunate that C does not provide an operator for
513 cyclic rotation. Hope the C compiler is smart enough. */
514 /* gcc 2.95.4 seems to be --aaronl */
515 # define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
517 /* Before we start, one word to the strange constants.
518 They are defined in RFC 1321 as
520 T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
523 # if MD5SUM_SIZE_VS_SPEED == 1
524 const md5_uint32 *pc;
527 # endif /* MD5SUM_SIZE_VS_SPEED */
530 # if MD5SUM_SIZE_VS_SPEED == 1
532 for (i = 0; i < 4; i++) {
533 OP(A, B, C, D, 7, *pc++);
534 OP(D, A, B, C, 12, *pc++);
535 OP(C, D, A, B, 17, *pc++);
536 OP(B, C, D, A, 22, *pc++);
539 OP(A, B, C, D, 7, 0xd76aa478);
540 OP(D, A, B, C, 12, 0xe8c7b756);
541 OP(C, D, A, B, 17, 0x242070db);
542 OP(B, C, D, A, 22, 0xc1bdceee);
543 OP(A, B, C, D, 7, 0xf57c0faf);
544 OP(D, A, B, C, 12, 0x4787c62a);
545 OP(C, D, A, B, 17, 0xa8304613);
546 OP(B, C, D, A, 22, 0xfd469501);
547 OP(A, B, C, D, 7, 0x698098d8);
548 OP(D, A, B, C, 12, 0x8b44f7af);
549 OP(C, D, A, B, 17, 0xffff5bb1);
550 OP(B, C, D, A, 22, 0x895cd7be);
551 OP(A, B, C, D, 7, 0x6b901122);
552 OP(D, A, B, C, 12, 0xfd987193);
553 OP(C, D, A, B, 17, 0xa679438e);
554 OP(B, C, D, A, 22, 0x49b40821);
555 # endif /* MD5SUM_SIZE_VS_SPEED == 1 */
557 /* For the second to fourth round we have the possibly swapped words
558 in CORRECT_WORDS. Redefine the macro to take an additional first
559 argument specifying the function to use. */
561 # define OP(f, a, b, c, d, k, s, T) \
564 a += f (b, c, d) + correct_words[k] + T; \
571 # if MD5SUM_SIZE_VS_SPEED == 1
573 for (i = 0; i < 4; i++) {
574 OP(FG, A, B, C, D, (int) (*pp++), 5, *pc++);
575 OP(FG, D, A, B, C, (int) (*pp++), 9, *pc++);
576 OP(FG, C, D, A, B, (int) (*pp++), 14, *pc++);
577 OP(FG, B, C, D, A, (int) (*pp++), 20, *pc++);
580 OP(FG, A, B, C, D, 1, 5, 0xf61e2562);
581 OP(FG, D, A, B, C, 6, 9, 0xc040b340);
582 OP(FG, C, D, A, B, 11, 14, 0x265e5a51);
583 OP(FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
584 OP(FG, A, B, C, D, 5, 5, 0xd62f105d);
585 OP(FG, D, A, B, C, 10, 9, 0x02441453);
586 OP(FG, C, D, A, B, 15, 14, 0xd8a1e681);
587 OP(FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
588 OP(FG, A, B, C, D, 9, 5, 0x21e1cde6);
589 OP(FG, D, A, B, C, 14, 9, 0xc33707d6);
590 OP(FG, C, D, A, B, 3, 14, 0xf4d50d87);
591 OP(FG, B, C, D, A, 8, 20, 0x455a14ed);
592 OP(FG, A, B, C, D, 13, 5, 0xa9e3e905);
593 OP(FG, D, A, B, C, 2, 9, 0xfcefa3f8);
594 OP(FG, C, D, A, B, 7, 14, 0x676f02d9);
595 OP(FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
596 # endif /* MD5SUM_SIZE_VS_SPEED == 1 */
599 # if MD5SUM_SIZE_VS_SPEED == 1
600 for (i = 0; i < 4; i++) {
601 OP(FH, A, B, C, D, (int) (*pp++), 4, *pc++);
602 OP(FH, D, A, B, C, (int) (*pp++), 11, *pc++);
603 OP(FH, C, D, A, B, (int) (*pp++), 16, *pc++);
604 OP(FH, B, C, D, A, (int) (*pp++), 23, *pc++);
607 OP(FH, A, B, C, D, 5, 4, 0xfffa3942);
608 OP(FH, D, A, B, C, 8, 11, 0x8771f681);
609 OP(FH, C, D, A, B, 11, 16, 0x6d9d6122);
610 OP(FH, B, C, D, A, 14, 23, 0xfde5380c);
611 OP(FH, A, B, C, D, 1, 4, 0xa4beea44);
612 OP(FH, D, A, B, C, 4, 11, 0x4bdecfa9);
613 OP(FH, C, D, A, B, 7, 16, 0xf6bb4b60);
614 OP(FH, B, C, D, A, 10, 23, 0xbebfbc70);
615 OP(FH, A, B, C, D, 13, 4, 0x289b7ec6);
616 OP(FH, D, A, B, C, 0, 11, 0xeaa127fa);
617 OP(FH, C, D, A, B, 3, 16, 0xd4ef3085);
618 OP(FH, B, C, D, A, 6, 23, 0x04881d05);
619 OP(FH, A, B, C, D, 9, 4, 0xd9d4d039);
620 OP(FH, D, A, B, C, 12, 11, 0xe6db99e5);
621 OP(FH, C, D, A, B, 15, 16, 0x1fa27cf8);
622 OP(FH, B, C, D, A, 2, 23, 0xc4ac5665);
623 # endif /* MD5SUM_SIZE_VS_SPEED == 1 */
626 # if MD5SUM_SIZE_VS_SPEED == 1
627 for (i = 0; i < 4; i++) {
628 OP(FI, A, B, C, D, (int) (*pp++), 6, *pc++);
629 OP(FI, D, A, B, C, (int) (*pp++), 10, *pc++);
630 OP(FI, C, D, A, B, (int) (*pp++), 15, *pc++);
631 OP(FI, B, C, D, A, (int) (*pp++), 21, *pc++);
634 OP(FI, A, B, C, D, 0, 6, 0xf4292244);
635 OP(FI, D, A, B, C, 7, 10, 0x432aff97);
636 OP(FI, C, D, A, B, 14, 15, 0xab9423a7);
637 OP(FI, B, C, D, A, 5, 21, 0xfc93a039);
638 OP(FI, A, B, C, D, 12, 6, 0x655b59c3);
639 OP(FI, D, A, B, C, 3, 10, 0x8f0ccc92);
640 OP(FI, C, D, A, B, 10, 15, 0xffeff47d);
641 OP(FI, B, C, D, A, 1, 21, 0x85845dd1);
642 OP(FI, A, B, C, D, 8, 6, 0x6fa87e4f);
643 OP(FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
644 OP(FI, C, D, A, B, 6, 15, 0xa3014314);
645 OP(FI, B, C, D, A, 13, 21, 0x4e0811a1);
646 OP(FI, A, B, C, D, 4, 6, 0xf7537e82);
647 OP(FI, D, A, B, C, 11, 10, 0xbd3af235);
648 OP(FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
649 OP(FI, B, C, D, A, 9, 21, 0xeb86d391);
650 # endif /* MD5SUM_SIZE_VS_SPEED == 1 */
651 # endif /* MD5SUM_SIZE_VS_SPEED > 1 */
653 /* Add the starting values of the context. */
660 /* Put checksum in context given as argument. */
667 /* Starting with the result of former calls of this function (or the
668 * initialization function update the context for the next LEN bytes
669 * starting at BUFFER.
670 * It is NOT required that LEN is a multiple of 64.
673 static void md5_hash_bytes(const void *buffer, size_t len,
676 /* When we already have some bits in our internal buffer concatenate
677 both inputs first. */
678 if (ctx->buflen != 0) {
679 size_t left_over = ctx->buflen;
680 size_t add = 128 - left_over > len ? len : 128 - left_over;
682 memcpy(&ctx->buffer[left_over], buffer, add);
685 if (left_over + add > 64) {
686 md5_hash_block(ctx->buffer, (left_over + add) & ~63, ctx);
687 /* The regions in the following copy operation cannot overlap. */
688 memcpy(ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
689 (left_over + add) & 63);
690 ctx->buflen = (left_over + add) & 63;
693 buffer = (const char *) buffer + add;
697 /* Process available complete blocks. */
699 md5_hash_block(buffer, len & ~63, ctx);
700 buffer = (const char *) buffer + (len & ~63);
704 /* Move remaining bytes in internal buffer. */
706 memcpy(ctx->buffer, buffer, len);
711 /* Process the remaining bytes in the buffer and put result from CTX
712 * in first 16 bytes following RESBUF. The result is always in little
713 * endian byte order, so that a byte-wise output yields to the wanted
714 * ASCII representation of the message digest.
716 * IMPORTANT: On some systems it is required that RESBUF is correctly
717 * aligned for a 32 bits value.
719 static void *md5_end(void *resbuf, struct md5_ctx *ctx)
721 /* Take yet unprocessed bytes into account. */
722 md5_uint32 bytes = ctx->buflen;
725 /* Now count remaining bytes. */
726 ctx->total[0] += bytes;
727 if (ctx->total[0] < bytes)
730 pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
731 # if MD5SUM_SIZE_VS_SPEED > 0
732 memset(&ctx->buffer[bytes], 0, pad);
733 ctx->buffer[bytes] = 0x80;
735 memcpy(&ctx->buffer[bytes], fillbuf, pad);
736 # endif /* MD5SUM_SIZE_VS_SPEED > 0 */
738 /* Put the 64-bit file length in *bits* at the end of the buffer. */
739 *(md5_uint32 *) & ctx->buffer[bytes + pad] = SWAP(ctx->total[0] << 3);
740 *(md5_uint32 *) & ctx->buffer[bytes + pad + 4] =
741 SWAP(((ctx->total[1] << 3) | (ctx->total[0] >> 29)));
743 /* Process last bytes. */
744 md5_hash_block(ctx->buffer, bytes + pad + 8, ctx);
746 /* Put result from CTX in first 16 bytes following RESBUF. The result is
747 * always in little endian byte order, so that a byte-wise output yields
748 * to the wanted ASCII representation of the message digest.
750 * IMPORTANT: On some systems it is required that RESBUF is correctly
751 * aligned for a 32 bits value.
753 ((md5_uint32 *) resbuf)[0] = SWAP(ctx->A);
754 ((md5_uint32 *) resbuf)[1] = SWAP(ctx->B);
755 ((md5_uint32 *) resbuf)[2] = SWAP(ctx->C);
756 ((md5_uint32 *) resbuf)[3] = SWAP(ctx->D);
760 #endif /* CONFIG_MD5SUM */
765 extern int hash_fd(int src_fd, const off_t size, const uint8_t hash_algo,
768 int result = EXIT_SUCCESS;
769 off_t hashed_count = 0;
770 unsigned int blocksize = 0;
771 unsigned char *buffer = NULL;
772 #ifdef CONFIG_SHA1SUM
776 struct md5_ctx md5_cx;
780 #ifdef CONFIG_SHA1SUM
781 if (hash_algo == HASH_SHA1) {
782 /* Ensure that BLOCKSIZE is a multiple of 64. */
784 buffer = malloc(blocksize);
788 if (hash_algo == HASH_MD5) {
790 buffer = malloc(blocksize + 72);
794 /* Initialize the computation context. */
795 #ifdef CONFIG_SHA1SUM
796 if (hash_algo == HASH_SHA1) {
801 if (hash_algo == HASH_MD5) {
805 /* Iterate over full file contents. */
807 const ssize_t count = bb_full_read(src_fd, buffer, blocksize);
810 /* count == 0 means short read
811 * count == -1 means read error */
815 hashed_count += count;
818 #ifdef CONFIG_SHA1SUM
819 if (hash_algo == HASH_SHA1) {
820 sha1_hash(buffer, count, sha1_cx);
824 if (hash_algo == HASH_MD5) {
825 if (count % 64 == 0) {
826 md5_hash_block(buffer, count, &md5_cx);
828 md5_hash_bytes(buffer, count, &md5_cx);
832 } while ((size == (off_t) - 1) || (hashed_count < size));
834 /* Finalize and write the hash into our buffer. */
835 #ifdef CONFIG_SHA1SUM
836 if (hash_algo == HASH_SHA1) {
837 sha1_end(hashval, sha1_cx);
841 if (hash_algo == HASH_MD5) {
842 md5_end(hashval, &md5_cx);
projects / oweals / busybox.git / blob