Logo Search packages:      
Sourcecode: bacula version File versions

sha1.c

/*
 *  sha1.c
 *
 *  Description:
 *    This file implements the Secure Hashing Algorithm 1 as
 *    defined in FIPS PUB 180-1 published April 17, 1995.
 *
 *    The SHA-1, produces a 160-bit message digest for a given
 *    data stream.  It should take about 2**n steps to find a
 *    message with the same digest as a given message and
 *    2**(n/2) to find any two messages with the same digest,
 *    when n is the digest size in bits.  Therefore, this
 *    algorithm can serve as a means of providing a
 *      "fingerprint" for a message.
 *
 *  Portability Issues:
 *      SHA-1 is defined in terms of 32-bit "words".  This code
 *      uses <stdint.h> (included via "sha1.h" to define 32 and 8
 *    bit unsigned integer types.  If your C compiler does not
 *    support 32 bit unsigned integers, this code is not
 *    appropriate.
 *
 *  Caveats:
 *    SHA-1 is designed to work with messages less than 2^64 bits
 *    long.  Although SHA-1 allows a message digest to be generated
 *    for messages of any number of bits less than 2^64, this
 *    implementation only works with messages with a length that is
 *    a multiple of the size of an 8-bit character.
 *
 *  See sha1.h for copyright
 */

#include "sha1.h"

/*
 *  Define the SHA1 circular left shift macro
 */
#define SHA1CircularShift(bits,word) \
            (((word) << (bits)) | ((word) >> (32-(bits))))

/* Local Function Prototyptes */
static void SHA1PadMessage(SHA1Context *);
static void SHA1ProcessMessageBlock(SHA1Context *);

/*
 *  SHA1Init
 *
 *  Description:
 *    This function will initialize the SHA1Context in preparation
 *    for computing a new SHA1 message digest.
 *
 *  Parameters:
 *    context: [in/out]
 *        The context to reset.
 *
 *  Returns:
 *    sha Error Code.
 *
 */
int SHA1Init(SHA1Context *context)
{
    if (!context)
    {
      return shaNull;
    }

    context->Length_Low           = 0;
    context->Length_High          = 0;
    context->Message_Block_Index    = 0;

    context->Intermediate_Hash[0]   = 0x67452301;
    context->Intermediate_Hash[1]   = 0xEFCDAB89;
    context->Intermediate_Hash[2]   = 0x98BADCFE;
    context->Intermediate_Hash[3]   = 0x10325476;
    context->Intermediate_Hash[4]   = 0xC3D2E1F0;

    context->Computed   = 0;
    context->Corrupted  = 0;

    return shaSuccess;
}

/*
 *  SHA1Final
 *
 *  Description:
 *    This function will return the 160-bit message digest into the
 *    Message_Digest array  provided by the caller.
 *    NOTE: The first octet of hash is stored in the 0th element,
 *          the last octet of hash in the 19th element.
 *
 *  Parameters:
 *    context: [in/out]
 *        The context to use to calculate the SHA-1 hash.
 *    Message_Digest: [out]
 *        Where the digest is returned.
 *
 *  Returns:
 *    sha Error Code.
 *
 */
int SHA1Final(SHA1Context *context,
            uint8_t Message_Digest[SHA1HashSize])
{
    int i;

    if (!context || !Message_Digest) {
      return shaNull;
    }

    if (context->Corrupted) {
      return context->Corrupted;
    }

    if (!context->Computed) {
      SHA1PadMessage(context);
      for(i=0; i<64; ++i) {
          /* message may be sensitive, clear it out */
          context->Message_Block[i] = 0;
      }
      context->Length_Low = 0;    /* and clear length */
      context->Length_High = 0;
      context->Computed = 1;

    }

    for(i = 0; i < SHA1HashSize; ++i) {
      Message_Digest[i] = context->Intermediate_Hash[i>>2]
                      >> 8 * ( 3 - ( i & 0x03 ) );
    }

    return shaSuccess;
}

/*
 *  SHA1Update
 *
 *  Description:
 *    This function accepts an array of octets as the next portion
 *    of the message.
 *
 *  Parameters:
 *    context: [in/out]
 *        The SHA context to update
 *    message_array: [in]
 *        An array of characters representing the next portion of
 *        the message.
 *    length: [in]
 *        The length of the message in message_array
 *
 *  Returns:
 *    sha Error Code.
 *
 */
int SHA1Update(SHA1Context    *context,
             const uint8_t  *message_array,
             unsigned       length)
{
    if (!length) {
      return shaSuccess;
    }

    if (!context || !message_array) {
      return shaNull;
    }

    if (context->Computed) {
      context->Corrupted = shaStateError;

      return shaStateError;
    }

    if (context->Corrupted) {
       return context->Corrupted;
    }
    while(length-- && !context->Corrupted) {
       context->Message_Block[context->Message_Block_Index++] =
                (*message_array & 0xFF);

       context->Length_Low += 8;
       if (context->Length_Low == 0) {
         context->Length_High++;
         if (context->Length_High == 0) {
             /* Message is too long */
             context->Corrupted = 1;
         }
       }

       if (context->Message_Block_Index == 64) {
         SHA1ProcessMessageBlock(context);
       }

       message_array++;
    }

    return shaSuccess;
}

/*
 *  SHA1ProcessMessageBlock
 *
 *  Description:
 *    This function will process the next 512 bits of the message
 *    stored in the Message_Block array.
 *
 *  Parameters:
 *    None.
 *
 *  Returns:
 *    Nothing.
 *
 *  Comments:

 *    Many of the variable names in this code, especially the
 *    single character names, were used because those were the
 *    names used in the publication.
 *
 *
 */
static void SHA1ProcessMessageBlock(SHA1Context *context)
{
    const uint32_t K[] =    {     /* Constants defined in SHA-1   */
                      0x5A827999,
                      0x6ED9EBA1,
                      0x8F1BBCDC,
                      0xCA62C1D6
                      };
    int       t;             /* Loop counter              */
    uint32_t        temp;          /* Temporary word value      */
    uint32_t        W[80];         /* Word sequence             */
    uint32_t        A, B, C, D, E;     /* Word buffers                */

    /*
     *      Initialize the first 16 words in the array W
     */
    for(t = 0; t < 16; t++) {
      W[t] = context->Message_Block[t * 4] << 24;
      W[t] |= context->Message_Block[t * 4 + 1] << 16;
      W[t] |= context->Message_Block[t * 4 + 2] << 8;
      W[t] |= context->Message_Block[t * 4 + 3];
    }

    for(t = 16; t < 80; t++) {
       W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
    }

    A = context->Intermediate_Hash[0];
    B = context->Intermediate_Hash[1];
    C = context->Intermediate_Hash[2];
    D = context->Intermediate_Hash[3];
    E = context->Intermediate_Hash[4];

    for(t = 0; t < 20; t++) {
      temp =      SHA1CircularShift(5,A) +
            ((B & C) | ((~B) & D)) + E + W[t] + K[0];
      E = D;
      D = C;
      C = SHA1CircularShift(30,B);

      B = A;
      A = temp;
    }

    for(t = 20; t < 40; t++) {
      temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
      E = D;
      D = C;
      C = SHA1CircularShift(30,B);
      B = A;
      A = temp;
    }

    for(t = 40; t < 60; t++) {
      temp = SHA1CircularShift(5,A) +
             ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
      E = D;
      D = C;
      C = SHA1CircularShift(30,B);
      B = A;
      A = temp;
    }

    for(t = 60; t < 80; t++) {
      temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
      E = D;
      D = C;
      C = SHA1CircularShift(30,B);
      B = A;
      A = temp;
    }

    context->Intermediate_Hash[0] += A;
    context->Intermediate_Hash[1] += B;
    context->Intermediate_Hash[2] += C;
    context->Intermediate_Hash[3] += D;
    context->Intermediate_Hash[4] += E;

    context->Message_Block_Index = 0;
}

/*
 *  SHA1PadMessage
 *

 *  Description:
 *    According to the standard, the message must be padded to an even
 *      512 bits.  The first padding bit must be a '1'.  The last 64
 *    bits represent the length of the original message.  All bits in
 *    between should be 0.  This function will pad the message
 *    according to those rules by filling the Message_Block array
 *    accordingly.  It will also call the ProcessMessageBlock function
 *    provided appropriately.  When it returns, it can be assumed that
 *    the message digest has been computed.
 *
 *  Parameters:
 *    context: [in/out]
 *        The context to pad
 *    ProcessMessageBlock: [in]
 *        The appropriate SHA*ProcessMessageBlock function
 *  Returns:
 *    Nothing.
 *
 */

static void SHA1PadMessage(SHA1Context *context)
{
    /*
     *      Check to see if the current message block is too small to hold
     *      the initial padding bits and length.  If so, we will pad the
     *      block, process it, and then continue padding into a second
     *      block.
     */
    if (context->Message_Block_Index > 55) {
      context->Message_Block[context->Message_Block_Index++] = 0x80;
      while(context->Message_Block_Index < 64) {
          context->Message_Block[context->Message_Block_Index++] = 0;
      }

      SHA1ProcessMessageBlock(context);

      while(context->Message_Block_Index < 56) {
          context->Message_Block[context->Message_Block_Index++] = 0;
      }
    } else {
      context->Message_Block[context->Message_Block_Index++] = 0x80;
      while(context->Message_Block_Index < 56) {

          context->Message_Block[context->Message_Block_Index++] = 0;
      }
    }

    /*
     *      Store the message length as the last 8 octets
     */
    context->Message_Block[56] = context->Length_High >> 24;
    context->Message_Block[57] = context->Length_High >> 16;
    context->Message_Block[58] = context->Length_High >> 8;
    context->Message_Block[59] = context->Length_High;
    context->Message_Block[60] = context->Length_Low >> 24;
    context->Message_Block[61] = context->Length_Low >> 16;
    context->Message_Block[62] = context->Length_Low >> 8;
    context->Message_Block[63] = context->Length_Low;

    SHA1ProcessMessageBlock(context);
}

#ifdef TEST_DRIVER

/*
 *  sha1test.c
 *
 *  Description:
 *    This file will exercise the SHA-1 code performing the three
 *    tests documented in FIPS PUB 180-1 plus one which calls
 *    SHA1Input with an exact multiple of 512 bits, plus a few
 *    error test checks.
 *
 *  Portability Issues:
 *    None.
 *
 */

#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include "sha1.h"

/*
 *  Define patterns for testing
 */
#define TEST1   "abc"
#define TEST2a  "abcdbcdecdefdefgefghfghighijhi"

#define TEST2b  "jkijkljklmklmnlmnomnopnopq"
#define TEST2     TEST2a TEST2b
#define TEST3   "a"
#define TEST4a  "01234567012345670123456701234567"
#define TEST4b  "01234567012345670123456701234567"
    /* an exact multiple of 512 bits */
#define TEST4     TEST4a TEST4b
char *testarray[4] =
{
    TEST1,
    TEST2,
    TEST3,
    TEST4
};
long int repeatcount[4] = { 1, 1, 1000000, 10 };
char *resultarray[4] =
{
    "A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D",
    "84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1",
    "34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F",
    "DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52"
};

int main()
{
    SHA1Context sha;
    int i, j, err;
    uint8_t Message_Digest[20];

    /*
     *      Perform SHA-1 tests
     */
    for(j = 0; j < 4; ++j) {
        printf( "\nTest %d: %d, '%s'\n",
            j+1,
            repeatcount[j],
            testarray[j]);

      err = SHA1Init(&sha);
      if (err) {
            fprintf(stderr, "SHA1Reset Error %d.\n", err );
          break;    /* out of for j loop */
      }

      for(i = 0; i < repeatcount[j]; ++i) {

          err = SHA1Input(&sha,
              (const unsigned char *) testarray[j],
              strlen(testarray[j]));
          if (err) {
                fprintf(stderr, "SHA1Input Error %d.\n", err );
            break;        /* out of for i loop */
          }
      }

      err = SHA1Final(&sha, Message_Digest);
      if (err) {
          fprintf(stderr,
            "SHA1Result Error %d, could not compute message digest.\n",
          err );
      }
      else
      {
            printf("\t");
          for(i = 0; i < 20 ; ++i) {
                printf("%02X ", Message_Digest[i]);
          }
            printf("\n");
      }
        printf("Should match:\n");
        printf("\t%s\n", resultarray[j]);
    }

    /* Test some error returns */
    err = SHA1Input(&sha,(const unsigned char *) testarray[1], 1);
    printf ("\nError %d. Should be %d.\n", err, shaStateError );
    err = SHA1Init(0);
    printf ("\nError %d. Should be %d.\n", err, shaNull );
    return 0;
}

#endif /* TEST_DRIVER */

#ifdef SHA1_SUM
/*
 * Reads a single ASCII file and prints the HEX sha1 sum.
 */
#include <stdio.h>
int main(int argc, char *argv[]) 
{
   FILE *fd;
   SHA1Context ctx;
   char buf[5000];
   char signature[25];

   if (argc < 1) {
      printf("Must have filename\n");
      exit(1);
   }
   fd = fopen(argv[1], "r");
   if (!fd) {
      printf("Could not open %s: ERR=%s\n", argv[1], strerror(errno));
      exit(1);
   }
   SHA1Init(&ctx);
   while (fgets(buf, sizeof(buf), fd)) {
      SHA1Update(&ctx, (unsigned char *)buf, strlen(buf));
   }
   SHA1Final(&ctx, (unsigned char *)signature);
   for (int i=0; i < 20; i++) {
      printf("%02x", signature[i]& 0xFF);
   }
   printf("  %s\n", argv[1]);
}
#endif

Generated by  Doxygen 1.6.0   Back to index