2 * Based on shasum from http://www.netsw.org/crypto/hash/
3 * Majorly hacked up to use Dr Brian Gladman's sha1 code
5 * Copyright (C) 2003 Glenn L. McGrath
6 * Copyright (C) 2003 Erik Andersen
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
38 ---------------------------------------------------------------------------
39 Begin Dr. Gladman's sha1 code
40 ---------------------------------------------------------------------------
44 ---------------------------------------------------------------------------
45 Copyright (c) 2002, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
50 The free distribution and use of this software in both source and binary
51 form is allowed (with or without changes) provided that:
53 1. distributions of this source code include the above copyright
54 notice, this list of conditions and the following disclaimer;
56 2. distributions in binary form include the above copyright
57 notice, this list of conditions and the following disclaimer
58 in the documentation and/or other associated materials;
60 3. the copyright holder's name is not used to endorse products
61 built using this software without specific written permission.
63 ALTERNATIVELY, provided that this notice is retained in full, this product
64 may be distributed under the terms of the GNU General Public License (GPL),
65 in which case the provisions of the GPL apply INSTEAD OF those given above.
69 This software is provided 'as is' with no explicit or implied warranties
70 in respect of its properties, including, but not limited to, correctness
71 and/or fitness for purpose.
72 ---------------------------------------------------------------------------
73 Issue Date: 10/11/2002
75 This is a byte oriented version of SHA1 that operates on arrays of bytes
76 stored in memory. It runs at 22 cycles per byte on a Pentium P4 processor
79 # define SHA1_BLOCK_SIZE 64
80 # define SHA1_DIGEST_SIZE 20
81 # define SHA1_HASH_SIZE SHA1_DIGEST_SIZE
85 # define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
87 # if __BYTE_ORDER == __BIG_ENDIAN
88 # define swap_b32(x) (x)
89 # elif defined(bswap_32)
90 # define swap_b32(x) bswap_32(x)
92 # define swap_b32(x) ((rotl32((x), 8) & 0x00ff00ff) | (rotl32((x), 24) & 0xff00ff00))
93 # endif /* __BYTE_ORDER */
95 # define SHA1_MASK (SHA1_BLOCK_SIZE - 1)
97 /* reverse byte order in 32-bit words */
98 # define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z)))
99 # define parity(x,y,z) ((x) ^ (y) ^ (z))
100 # define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
102 /* A normal version as set out in the FIPS. This version uses */
103 /* partial loop unrolling and is optimised for the Pentium 4 */
105 t = a; a = rotl32(a,5) + f(b,c,d) + e + k + w[i]; \
106 e = d; d = c; c = rotl32(b, 30); b = t
108 /* type to hold the SHA1 context */
109 typedef struct sha1_ctx_s {
115 static void sha1_compile(sha1_ctx_t *ctx)
117 uint32_t w[80], i, a, b, c, d, e, t;
119 /* note that words are compiled from the buffer into 32-bit */
120 /* words in big-endian order so an order reversal is needed */
121 /* here on little endian machines */
122 for (i = 0; i < SHA1_BLOCK_SIZE / 4; ++i)
123 w[i] = swap_b32(ctx->wbuf[i]);
125 for (i = SHA1_BLOCK_SIZE / 4; i < 80; ++i)
126 w[i] = rotl32(w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16], 1);
134 for (i = 0; i < 20; ++i) {
138 for (i = 20; i < 40; ++i) {
139 rnd(parity, 0x6ed9eba1);
142 for (i = 40; i < 60; ++i) {
143 rnd(maj, 0x8f1bbcdc);
146 for (i = 60; i < 80; ++i) {
147 rnd(parity, 0xca62c1d6);
157 static void sha1_begin(sha1_ctx_t *ctx)
159 ctx->count[0] = ctx->count[1] = 0;
160 ctx->hash[0] = 0x67452301;
161 ctx->hash[1] = 0xefcdab89;
162 ctx->hash[2] = 0x98badcfe;
163 ctx->hash[3] = 0x10325476;
164 ctx->hash[4] = 0xc3d2e1f0;
167 /* SHA1 hash data in an array of bytes into hash buffer and call the */
168 /* hash_compile function as required. */
169 static void sha1_hash(const unsigned char data[], unsigned int len, sha1_ctx_t *ctx)
171 uint32_t pos = (uint32_t) (ctx->count[0] & SHA1_MASK),
172 freeb = SHA1_BLOCK_SIZE - pos;
173 const unsigned char *sp = data;
175 if ((ctx->count[0] += len) < len)
178 while (len >= freeb) { /* tranfer whole blocks while possible */
179 memcpy(((unsigned char *) ctx->wbuf) + pos, sp, freeb);
182 freeb = SHA1_BLOCK_SIZE;
187 memcpy(((unsigned char *) ctx->wbuf) + pos, sp, len);
190 /* SHA1 Final padding and digest calculation */
191 # if __BYTE_ORDER == __LITTLE_ENDIAN
192 static uint32_t mask[4] = { 0x00000000, 0x000000ff, 0x0000ffff, 0x00ffffff };
193 static uint32_t bits[4] = { 0x00000080, 0x00008000, 0x00800000, 0x80000000 };
195 static uint32_t mask[4] = { 0x00000000, 0xff000000, 0xffff0000, 0xffffff00 };
196 static uint32_t bits[4] = { 0x80000000, 0x00800000, 0x00008000, 0x00000080 };
197 # endif /* __BYTE_ORDER */
199 void sha1_end(unsigned char hval[], sha1_ctx_t *ctx)
201 uint32_t i, cnt = (uint32_t) (ctx->count[0] & SHA1_MASK);
203 /* mask out the rest of any partial 32-bit word and then set */
204 /* the next byte to 0x80. On big-endian machines any bytes in */
205 /* the buffer will be at the top end of 32 bit words, on little */
206 /* endian machines they will be at the bottom. Hence the AND */
207 /* and OR masks above are reversed for little endian systems */
208 ctx->wbuf[cnt >> 2] =
209 (ctx->wbuf[cnt >> 2] & mask[cnt & 3]) | bits[cnt & 3];
211 /* we need 9 or more empty positions, one for the padding byte */
212 /* (above) and eight for the length count. If there is not */
213 /* enough space pad and empty the buffer */
214 if (cnt > SHA1_BLOCK_SIZE - 9) {
219 } else /* compute a word index for the empty buffer positions */
220 cnt = (cnt >> 2) + 1;
222 while (cnt < 14) /* and zero pad all but last two positions */
223 ctx->wbuf[cnt++] = 0;
225 /* assemble the eight byte counter in the buffer in big-endian */
228 ctx->wbuf[14] = swap_b32((ctx->count[1] << 3) | (ctx->count[0] >> 29));
229 ctx->wbuf[15] = swap_b32(ctx->count[0] << 3);
233 /* extract the hash value as bytes in case the hash buffer is */
234 /* misaligned for 32-bit words */
236 for (i = 0; i < SHA1_DIGEST_SIZE; ++i)
237 hval[i] = (unsigned char) (ctx->hash[i >> 2] >> 8 * (~i & 3));
241 ---------------------------------------------------------------------------
242 End of Dr. Gladman's sha1 code
243 ---------------------------------------------------------------------------
245 #endif /* CONFIG_SHA1 */
253 * md5sum.c - Compute MD5 checksum of files or strings according to the
254 * definition of MD5 in RFC 1321 from April 1992.
256 * Copyright (C) 1995-1999 Free Software Foundation, Inc.
257 * Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995.
260 * June 29, 2001 Manuel Novoa III
262 * Added MD5SUM_SIZE_VS_SPEED configuration option.
264 * Current valid values, with data from my system for comparison, are:
265 * (using uClibc and running on linux-2.4.4.tar.bz2)
266 * user times (sec) text size (386)
267 * 0 (fastest) 1.1 6144
270 * 3 (smallest) 5.1 4912
273 # define MD5SUM_SIZE_VS_SPEED 2
275 /* Handle endian-ness */
276 # if __BYTE_ORDER == __LITTLE_ENDIAN
279 # define SWAP(n) ((n << 24) | ((n&65280)<<8) | ((n&16711680)>>8) | (n>>24))
282 # if MD5SUM_SIZE_VS_SPEED == 0
283 /* This array contains the bytes used to pad the buffer to the next
284 64-byte boundary. (RFC 1321, 3.1: Step 1) */
285 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
286 # endif /* MD5SUM_SIZE_VS_SPEED == 0 */
288 typedef u_int32_t md5_uint32;
290 /* Structure to save state of computation between the single steps. */
291 typedef struct md5_ctx_s {
302 /* Initialize structure containing state of computation.
303 * (RFC 1321, 3.3: Step 3)
305 static void md5_begin(md5_ctx_t *ctx)
312 ctx->total[0] = ctx->total[1] = 0;
316 /* These are the four functions used in the four steps of the MD5 algorithm
317 * and defined in the RFC 1321. The first function is a little bit optimized
318 * (as found in Colin Plumbs public domain implementation).
319 * #define FF(b, c, d) ((b & c) | (~b & d))
321 # define FF(b, c, d) (d ^ (b & (c ^ d)))
322 # define FG(b, c, d) FF (d, b, c)
323 # define FH(b, c, d) (b ^ c ^ d)
324 # define FI(b, c, d) (c ^ (b | ~d))
326 /* Starting with the result of former calls of this function (or the
327 * initialization function update the context for the next LEN bytes
328 * starting at BUFFER.
329 * It is necessary that LEN is a multiple of 64!!!
331 static void md5_hash_block(const void *buffer, size_t len, md5_ctx_t *ctx)
333 md5_uint32 correct_words[16];
334 const md5_uint32 *words = buffer;
335 size_t nwords = len / sizeof(md5_uint32);
336 const md5_uint32 *endp = words + nwords;
338 # if MD5SUM_SIZE_VS_SPEED > 0
339 static const md5_uint32 C_array[] = {
341 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
342 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501,
343 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be,
344 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821,
346 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa,
347 0xd62f105d, 0x2441453, 0xd8a1e681, 0xe7d3fbc8,
348 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed,
349 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a,
351 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c,
352 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70,
353 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x4881d05,
354 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665,
356 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039,
357 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1,
358 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
359 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391
362 static const char P_array[] = {
363 # if MD5SUM_SIZE_VS_SPEED > 1
364 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, /* 1 */
365 # endif /* MD5SUM_SIZE_VS_SPEED > 1 */
366 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, /* 2 */
367 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, /* 3 */
368 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9 /* 4 */
371 # if MD5SUM_SIZE_VS_SPEED > 1
372 static const char S_array[] = {
378 # endif /* MD5SUM_SIZE_VS_SPEED > 1 */
381 md5_uint32 A = ctx->A;
382 md5_uint32 B = ctx->B;
383 md5_uint32 C = ctx->C;
384 md5_uint32 D = ctx->D;
386 /* First increment the byte count. RFC 1321 specifies the possible
387 length of the file up to 2^64 bits. Here we only compute the
388 number of bytes. Do a double word increment. */
389 ctx->total[0] += len;
390 if (ctx->total[0] < len)
393 /* Process all bytes in the buffer with 64 bytes in each round of
395 while (words < endp) {
396 md5_uint32 *cwp = correct_words;
397 md5_uint32 A_save = A;
398 md5_uint32 B_save = B;
399 md5_uint32 C_save = C;
400 md5_uint32 D_save = D;
402 # if MD5SUM_SIZE_VS_SPEED > 1
403 # define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
405 const md5_uint32 *pc;
411 for (i = 0; i < 16; i++) {
412 cwp[i] = SWAP(words[i]);
416 # if MD5SUM_SIZE_VS_SPEED > 2
421 for (i = 0; i < 64; i++) {
438 temp += cwp[(int) (*pp++)] + *pc++;
439 CYCLIC(temp, ps[i & 3]);
451 for (i = 0; i < 16; i++) {
452 temp = A + FF(B, C, D) + cwp[(int) (*pp++)] + *pc++;
453 CYCLIC(temp, ps[i & 3]);
462 for (i = 0; i < 16; i++) {
463 temp = A + FG(B, C, D) + cwp[(int) (*pp++)] + *pc++;
464 CYCLIC(temp, ps[i & 3]);
472 for (i = 0; i < 16; i++) {
473 temp = A + FH(B, C, D) + cwp[(int) (*pp++)] + *pc++;
474 CYCLIC(temp, ps[i & 3]);
482 for (i = 0; i < 16; i++) {
483 temp = A + FI(B, C, D) + cwp[(int) (*pp++)] + *pc++;
484 CYCLIC(temp, ps[i & 3]);
492 # endif /* MD5SUM_SIZE_VS_SPEED > 2 */
494 /* First round: using the given function, the context and a constant
495 the next context is computed. Because the algorithms processing
496 unit is a 32-bit word and it is determined to work on words in
497 little endian byte order we perhaps have to change the byte order
498 before the computation. To reduce the work for the next steps
499 we store the swapped words in the array CORRECT_WORDS. */
501 # define OP(a, b, c, d, s, T) \
504 a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \
511 /* It is unfortunate that C does not provide an operator for
512 cyclic rotation. Hope the C compiler is smart enough. */
513 /* gcc 2.95.4 seems to be --aaronl */
514 # define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
516 /* Before we start, one word to the strange constants.
517 They are defined in RFC 1321 as
519 T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
522 # if MD5SUM_SIZE_VS_SPEED == 1
523 const md5_uint32 *pc;
526 # endif /* MD5SUM_SIZE_VS_SPEED */
529 # if MD5SUM_SIZE_VS_SPEED == 1
531 for (i = 0; i < 4; i++) {
532 OP(A, B, C, D, 7, *pc++);
533 OP(D, A, B, C, 12, *pc++);
534 OP(C, D, A, B, 17, *pc++);
535 OP(B, C, D, A, 22, *pc++);
538 OP(A, B, C, D, 7, 0xd76aa478);
539 OP(D, A, B, C, 12, 0xe8c7b756);
540 OP(C, D, A, B, 17, 0x242070db);
541 OP(B, C, D, A, 22, 0xc1bdceee);
542 OP(A, B, C, D, 7, 0xf57c0faf);
543 OP(D, A, B, C, 12, 0x4787c62a);
544 OP(C, D, A, B, 17, 0xa8304613);
545 OP(B, C, D, A, 22, 0xfd469501);
546 OP(A, B, C, D, 7, 0x698098d8);
547 OP(D, A, B, C, 12, 0x8b44f7af);
548 OP(C, D, A, B, 17, 0xffff5bb1);
549 OP(B, C, D, A, 22, 0x895cd7be);
550 OP(A, B, C, D, 7, 0x6b901122);
551 OP(D, A, B, C, 12, 0xfd987193);
552 OP(C, D, A, B, 17, 0xa679438e);
553 OP(B, C, D, A, 22, 0x49b40821);
554 # endif /* MD5SUM_SIZE_VS_SPEED == 1 */
556 /* For the second to fourth round we have the possibly swapped words
557 in CORRECT_WORDS. Redefine the macro to take an additional first
558 argument specifying the function to use. */
560 # define OP(f, a, b, c, d, k, s, T) \
563 a += f (b, c, d) + correct_words[k] + T; \
570 # if MD5SUM_SIZE_VS_SPEED == 1
572 for (i = 0; i < 4; i++) {
573 OP(FG, A, B, C, D, (int) (*pp++), 5, *pc++);
574 OP(FG, D, A, B, C, (int) (*pp++), 9, *pc++);
575 OP(FG, C, D, A, B, (int) (*pp++), 14, *pc++);
576 OP(FG, B, C, D, A, (int) (*pp++), 20, *pc++);
579 OP(FG, A, B, C, D, 1, 5, 0xf61e2562);
580 OP(FG, D, A, B, C, 6, 9, 0xc040b340);
581 OP(FG, C, D, A, B, 11, 14, 0x265e5a51);
582 OP(FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
583 OP(FG, A, B, C, D, 5, 5, 0xd62f105d);
584 OP(FG, D, A, B, C, 10, 9, 0x02441453);
585 OP(FG, C, D, A, B, 15, 14, 0xd8a1e681);
586 OP(FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
587 OP(FG, A, B, C, D, 9, 5, 0x21e1cde6);
588 OP(FG, D, A, B, C, 14, 9, 0xc33707d6);
589 OP(FG, C, D, A, B, 3, 14, 0xf4d50d87);
590 OP(FG, B, C, D, A, 8, 20, 0x455a14ed);
591 OP(FG, A, B, C, D, 13, 5, 0xa9e3e905);
592 OP(FG, D, A, B, C, 2, 9, 0xfcefa3f8);
593 OP(FG, C, D, A, B, 7, 14, 0x676f02d9);
594 OP(FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
595 # endif /* MD5SUM_SIZE_VS_SPEED == 1 */
598 # if MD5SUM_SIZE_VS_SPEED == 1
599 for (i = 0; i < 4; i++) {
600 OP(FH, A, B, C, D, (int) (*pp++), 4, *pc++);
601 OP(FH, D, A, B, C, (int) (*pp++), 11, *pc++);
602 OP(FH, C, D, A, B, (int) (*pp++), 16, *pc++);
603 OP(FH, B, C, D, A, (int) (*pp++), 23, *pc++);
606 OP(FH, A, B, C, D, 5, 4, 0xfffa3942);
607 OP(FH, D, A, B, C, 8, 11, 0x8771f681);
608 OP(FH, C, D, A, B, 11, 16, 0x6d9d6122);
609 OP(FH, B, C, D, A, 14, 23, 0xfde5380c);
610 OP(FH, A, B, C, D, 1, 4, 0xa4beea44);
611 OP(FH, D, A, B, C, 4, 11, 0x4bdecfa9);
612 OP(FH, C, D, A, B, 7, 16, 0xf6bb4b60);
613 OP(FH, B, C, D, A, 10, 23, 0xbebfbc70);
614 OP(FH, A, B, C, D, 13, 4, 0x289b7ec6);
615 OP(FH, D, A, B, C, 0, 11, 0xeaa127fa);
616 OP(FH, C, D, A, B, 3, 16, 0xd4ef3085);
617 OP(FH, B, C, D, A, 6, 23, 0x04881d05);
618 OP(FH, A, B, C, D, 9, 4, 0xd9d4d039);
619 OP(FH, D, A, B, C, 12, 11, 0xe6db99e5);
620 OP(FH, C, D, A, B, 15, 16, 0x1fa27cf8);
621 OP(FH, B, C, D, A, 2, 23, 0xc4ac5665);
622 # endif /* MD5SUM_SIZE_VS_SPEED == 1 */
625 # if MD5SUM_SIZE_VS_SPEED == 1
626 for (i = 0; i < 4; i++) {
627 OP(FI, A, B, C, D, (int) (*pp++), 6, *pc++);
628 OP(FI, D, A, B, C, (int) (*pp++), 10, *pc++);
629 OP(FI, C, D, A, B, (int) (*pp++), 15, *pc++);
630 OP(FI, B, C, D, A, (int) (*pp++), 21, *pc++);
633 OP(FI, A, B, C, D, 0, 6, 0xf4292244);
634 OP(FI, D, A, B, C, 7, 10, 0x432aff97);
635 OP(FI, C, D, A, B, 14, 15, 0xab9423a7);
636 OP(FI, B, C, D, A, 5, 21, 0xfc93a039);
637 OP(FI, A, B, C, D, 12, 6, 0x655b59c3);
638 OP(FI, D, A, B, C, 3, 10, 0x8f0ccc92);
639 OP(FI, C, D, A, B, 10, 15, 0xffeff47d);
640 OP(FI, B, C, D, A, 1, 21, 0x85845dd1);
641 OP(FI, A, B, C, D, 8, 6, 0x6fa87e4f);
642 OP(FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
643 OP(FI, C, D, A, B, 6, 15, 0xa3014314);
644 OP(FI, B, C, D, A, 13, 21, 0x4e0811a1);
645 OP(FI, A, B, C, D, 4, 6, 0xf7537e82);
646 OP(FI, D, A, B, C, 11, 10, 0xbd3af235);
647 OP(FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
648 OP(FI, B, C, D, A, 9, 21, 0xeb86d391);
649 # endif /* MD5SUM_SIZE_VS_SPEED == 1 */
650 # endif /* MD5SUM_SIZE_VS_SPEED > 1 */
652 /* Add the starting values of the context. */
659 /* Put checksum in context given as argument. */
666 /* Starting with the result of former calls of this function (or the
667 * initialization function update the context for the next LEN bytes
668 * starting at BUFFER.
669 * It is NOT required that LEN is a multiple of 64.
672 static void md5_hash_bytes(const void *buffer, size_t len, md5_ctx_t *ctx)
674 /* When we already have some bits in our internal buffer concatenate
675 both inputs first. */
676 if (ctx->buflen != 0) {
677 size_t left_over = ctx->buflen;
678 size_t add = 128 - left_over > len ? len : 128 - left_over;
680 memcpy(&ctx->buffer[left_over], buffer, add);
683 if (left_over + add > 64) {
684 md5_hash_block(ctx->buffer, (left_over + add) & ~63, ctx);
685 /* The regions in the following copy operation cannot overlap. */
686 memcpy(ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
687 (left_over + add) & 63);
688 ctx->buflen = (left_over + add) & 63;
691 buffer = (const char *) buffer + add;
695 /* Process available complete blocks. */
697 md5_hash_block(buffer, len & ~63, ctx);
698 buffer = (const char *) buffer + (len & ~63);
702 /* Move remaining bytes in internal buffer. */
704 memcpy(ctx->buffer, buffer, len);
709 /* Process the remaining bytes in the buffer and put result from CTX
710 * in first 16 bytes following RESBUF. The result is always in little
711 * endian byte order, so that a byte-wise output yields to the wanted
712 * ASCII representation of the message digest.
714 * IMPORTANT: On some systems it is required that RESBUF is correctly
715 * aligned for a 32 bits value.
717 static void *md5_end(void *resbuf, md5_ctx_t *ctx)
719 /* Take yet unprocessed bytes into account. */
720 md5_uint32 bytes = ctx->buflen;
723 /* Now count remaining bytes. */
724 ctx->total[0] += bytes;
725 if (ctx->total[0] < bytes)
728 pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
729 # if MD5SUM_SIZE_VS_SPEED > 0
730 memset(&ctx->buffer[bytes], 0, pad);
731 ctx->buffer[bytes] = 0x80;
733 memcpy(&ctx->buffer[bytes], fillbuf, pad);
734 # endif /* MD5SUM_SIZE_VS_SPEED > 0 */
736 /* Put the 64-bit file length in *bits* at the end of the buffer. */
737 *(md5_uint32 *) & ctx->buffer[bytes + pad] = SWAP(ctx->total[0] << 3);
738 *(md5_uint32 *) & ctx->buffer[bytes + pad + 4] =
739 SWAP(((ctx->total[1] << 3) | (ctx->total[0] >> 29)));
741 /* Process last bytes. */
742 md5_hash_block(ctx->buffer, bytes + pad + 8, ctx);
744 /* Put result from CTX in first 16 bytes following RESBUF. The result is
745 * always in little endian byte order, so that a byte-wise output yields
746 * to the wanted ASCII representation of the message digest.
748 * IMPORTANT: On some systems it is required that RESBUF is correctly
749 * aligned for a 32 bits value.
751 ((md5_uint32 *) resbuf)[0] = SWAP(ctx->A);
752 ((md5_uint32 *) resbuf)[1] = SWAP(ctx->B);
753 ((md5_uint32 *) resbuf)[2] = SWAP(ctx->C);
754 ((md5_uint32 *) resbuf)[3] = SWAP(ctx->D);
758 #endif /* CONFIG_MD5SUM */
763 extern int hash_fd(int src_fd, const off_t size, const uint8_t hash_algo,
766 int result = EXIT_SUCCESS;
767 off_t hashed_count = 0;
768 unsigned int blocksize = 0;
769 unsigned char *buffer = NULL;
770 #ifdef CONFIG_SHA1SUM
778 #ifdef CONFIG_SHA1SUM
779 if (hash_algo == HASH_SHA1) {
780 /* Ensure that BLOCKSIZE is a multiple of 64. */
782 buffer = malloc(blocksize);
786 if (hash_algo == HASH_MD5) {
788 buffer = malloc(blocksize + 72);
792 /* Initialize the computation context. */
793 #ifdef CONFIG_SHA1SUM
794 if (hash_algo == HASH_SHA1) {
795 sha1_begin(&sha1_cx);
799 if (hash_algo == HASH_MD5) {
803 /* Iterate over full file contents. */
805 const ssize_t count = bb_full_read(src_fd, buffer, blocksize);
808 /* count == 0 means short read
809 * count == -1 means read error */
813 hashed_count += count;
816 #ifdef CONFIG_SHA1SUM
817 if (hash_algo == HASH_SHA1) {
818 sha1_hash(buffer, count, &sha1_cx);
822 if (hash_algo == HASH_MD5) {
823 if (count % 64 == 0) {
824 md5_hash_block(buffer, count, &md5_cx);
826 md5_hash_bytes(buffer, count, &md5_cx);
830 } while ((size == (off_t) - 1) || (hashed_count < size));
832 /* Finalize and write the hash into our buffer. */
833 #ifdef CONFIG_SHA1SUM
834 if (hash_algo == HASH_SHA1) {
835 sha1_end(hashval, &sha1_cx);
839 if (hash_algo == HASH_MD5) {
840 md5_end(hashval, &md5_cx);
projects / oweals / busybox.git / blob