PolarSSL v1.3.9
sha1.c
Go to the documentation of this file.
1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
4 * Copyright (C) 2006-2014, Brainspark B.V.
5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8 *
9 * All rights reserved.
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25/*
26 * The SHA-1 standard was published by NIST in 1993.
27 *
28 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
29 */
30
31#if !defined(POLARSSL_CONFIG_FILE)
32#include "polarssl/config.h"
33#else
34#include POLARSSL_CONFIG_FILE
35#endif
36
37#if defined(POLARSSL_SHA1_C)
38
39#include "polarssl/sha1.h"
40
41#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
42#include <stdio.h>
43#endif
44
45#if defined(POLARSSL_PLATFORM_C)
46#include "polarssl/platform.h"
47#else
48#define polarssl_printf printf
49#endif
50
51/* Implementation that should never be optimized out by the compiler */
52static void polarssl_zeroize( void *v, size_t n ) {
53 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
54}
55
56#if !defined(POLARSSL_SHA1_ALT)
57
58/*
59 * 32-bit integer manipulation macros (big endian)
60 */
61#ifndef GET_UINT32_BE
62#define GET_UINT32_BE(n,b,i) \
63{ \
64 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
65 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
66 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
67 | ( (uint32_t) (b)[(i) + 3] ); \
68}
69#endif
70
71#ifndef PUT_UINT32_BE
72#define PUT_UINT32_BE(n,b,i) \
73{ \
74 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
75 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
76 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
77 (b)[(i) + 3] = (unsigned char) ( (n) ); \
78}
79#endif
80
81void sha1_init( sha1_context *ctx )
82{
83 memset( ctx, 0, sizeof( sha1_context ) );
84}
85
86void sha1_free( sha1_context *ctx )
87{
88 if( ctx == NULL )
89 return;
90
91 polarssl_zeroize( ctx, sizeof( sha1_context ) );
92}
93
94/*
95 * SHA-1 context setup
96 */
97void sha1_starts( sha1_context *ctx )
98{
99 ctx->total[0] = 0;
100 ctx->total[1] = 0;
101
102 ctx->state[0] = 0x67452301;
103 ctx->state[1] = 0xEFCDAB89;
104 ctx->state[2] = 0x98BADCFE;
105 ctx->state[3] = 0x10325476;
106 ctx->state[4] = 0xC3D2E1F0;
107}
108
109void sha1_process( sha1_context *ctx, const unsigned char data[64] )
110{
111 uint32_t temp, W[16], A, B, C, D, E;
112
113 GET_UINT32_BE( W[ 0], data, 0 );
114 GET_UINT32_BE( W[ 1], data, 4 );
115 GET_UINT32_BE( W[ 2], data, 8 );
116 GET_UINT32_BE( W[ 3], data, 12 );
117 GET_UINT32_BE( W[ 4], data, 16 );
118 GET_UINT32_BE( W[ 5], data, 20 );
119 GET_UINT32_BE( W[ 6], data, 24 );
120 GET_UINT32_BE( W[ 7], data, 28 );
121 GET_UINT32_BE( W[ 8], data, 32 );
122 GET_UINT32_BE( W[ 9], data, 36 );
123 GET_UINT32_BE( W[10], data, 40 );
124 GET_UINT32_BE( W[11], data, 44 );
125 GET_UINT32_BE( W[12], data, 48 );
126 GET_UINT32_BE( W[13], data, 52 );
127 GET_UINT32_BE( W[14], data, 56 );
128 GET_UINT32_BE( W[15], data, 60 );
129
130#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
131
132#define R(t) \
133( \
134 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
135 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
136 ( W[t & 0x0F] = S(temp,1) ) \
137)
138
139#define P(a,b,c,d,e,x) \
140{ \
141 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
142}
143
144 A = ctx->state[0];
145 B = ctx->state[1];
146 C = ctx->state[2];
147 D = ctx->state[3];
148 E = ctx->state[4];
149
150#define F(x,y,z) (z ^ (x & (y ^ z)))
151#define K 0x5A827999
152
153 P( A, B, C, D, E, W[0] );
154 P( E, A, B, C, D, W[1] );
155 P( D, E, A, B, C, W[2] );
156 P( C, D, E, A, B, W[3] );
157 P( B, C, D, E, A, W[4] );
158 P( A, B, C, D, E, W[5] );
159 P( E, A, B, C, D, W[6] );
160 P( D, E, A, B, C, W[7] );
161 P( C, D, E, A, B, W[8] );
162 P( B, C, D, E, A, W[9] );
163 P( A, B, C, D, E, W[10] );
164 P( E, A, B, C, D, W[11] );
165 P( D, E, A, B, C, W[12] );
166 P( C, D, E, A, B, W[13] );
167 P( B, C, D, E, A, W[14] );
168 P( A, B, C, D, E, W[15] );
169 P( E, A, B, C, D, R(16) );
170 P( D, E, A, B, C, R(17) );
171 P( C, D, E, A, B, R(18) );
172 P( B, C, D, E, A, R(19) );
173
174#undef K
175#undef F
176
177#define F(x,y,z) (x ^ y ^ z)
178#define K 0x6ED9EBA1
179
180 P( A, B, C, D, E, R(20) );
181 P( E, A, B, C, D, R(21) );
182 P( D, E, A, B, C, R(22) );
183 P( C, D, E, A, B, R(23) );
184 P( B, C, D, E, A, R(24) );
185 P( A, B, C, D, E, R(25) );
186 P( E, A, B, C, D, R(26) );
187 P( D, E, A, B, C, R(27) );
188 P( C, D, E, A, B, R(28) );
189 P( B, C, D, E, A, R(29) );
190 P( A, B, C, D, E, R(30) );
191 P( E, A, B, C, D, R(31) );
192 P( D, E, A, B, C, R(32) );
193 P( C, D, E, A, B, R(33) );
194 P( B, C, D, E, A, R(34) );
195 P( A, B, C, D, E, R(35) );
196 P( E, A, B, C, D, R(36) );
197 P( D, E, A, B, C, R(37) );
198 P( C, D, E, A, B, R(38) );
199 P( B, C, D, E, A, R(39) );
200
201#undef K
202#undef F
203
204#define F(x,y,z) ((x & y) | (z & (x | y)))
205#define K 0x8F1BBCDC
206
207 P( A, B, C, D, E, R(40) );
208 P( E, A, B, C, D, R(41) );
209 P( D, E, A, B, C, R(42) );
210 P( C, D, E, A, B, R(43) );
211 P( B, C, D, E, A, R(44) );
212 P( A, B, C, D, E, R(45) );
213 P( E, A, B, C, D, R(46) );
214 P( D, E, A, B, C, R(47) );
215 P( C, D, E, A, B, R(48) );
216 P( B, C, D, E, A, R(49) );
217 P( A, B, C, D, E, R(50) );
218 P( E, A, B, C, D, R(51) );
219 P( D, E, A, B, C, R(52) );
220 P( C, D, E, A, B, R(53) );
221 P( B, C, D, E, A, R(54) );
222 P( A, B, C, D, E, R(55) );
223 P( E, A, B, C, D, R(56) );
224 P( D, E, A, B, C, R(57) );
225 P( C, D, E, A, B, R(58) );
226 P( B, C, D, E, A, R(59) );
227
228#undef K
229#undef F
230
231#define F(x,y,z) (x ^ y ^ z)
232#define K 0xCA62C1D6
233
234 P( A, B, C, D, E, R(60) );
235 P( E, A, B, C, D, R(61) );
236 P( D, E, A, B, C, R(62) );
237 P( C, D, E, A, B, R(63) );
238 P( B, C, D, E, A, R(64) );
239 P( A, B, C, D, E, R(65) );
240 P( E, A, B, C, D, R(66) );
241 P( D, E, A, B, C, R(67) );
242 P( C, D, E, A, B, R(68) );
243 P( B, C, D, E, A, R(69) );
244 P( A, B, C, D, E, R(70) );
245 P( E, A, B, C, D, R(71) );
246 P( D, E, A, B, C, R(72) );
247 P( C, D, E, A, B, R(73) );
248 P( B, C, D, E, A, R(74) );
249 P( A, B, C, D, E, R(75) );
250 P( E, A, B, C, D, R(76) );
251 P( D, E, A, B, C, R(77) );
252 P( C, D, E, A, B, R(78) );
253 P( B, C, D, E, A, R(79) );
254
255#undef K
256#undef F
257
258 ctx->state[0] += A;
259 ctx->state[1] += B;
260 ctx->state[2] += C;
261 ctx->state[3] += D;
262 ctx->state[4] += E;
263}
264
265/*
266 * SHA-1 process buffer
267 */
268void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
269{
270 size_t fill;
271 uint32_t left;
272
273 if( ilen == 0 )
274 return;
275
276 left = ctx->total[0] & 0x3F;
277 fill = 64 - left;
278
279 ctx->total[0] += (uint32_t) ilen;
280 ctx->total[0] &= 0xFFFFFFFF;
281
282 if( ctx->total[0] < (uint32_t) ilen )
283 ctx->total[1]++;
284
285 if( left && ilen >= fill )
286 {
287 memcpy( (void *) (ctx->buffer + left), input, fill );
288 sha1_process( ctx, ctx->buffer );
289 input += fill;
290 ilen -= fill;
291 left = 0;
292 }
293
294 while( ilen >= 64 )
295 {
296 sha1_process( ctx, input );
297 input += 64;
298 ilen -= 64;
299 }
300
301 if( ilen > 0 )
302 memcpy( (void *) (ctx->buffer + left), input, ilen );
303}
304
305static const unsigned char sha1_padding[64] =
306{
307 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
308 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
309 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
310 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
311};
312
313/*
314 * SHA-1 final digest
315 */
316void sha1_finish( sha1_context *ctx, unsigned char output[20] )
317{
318 uint32_t last, padn;
319 uint32_t high, low;
320 unsigned char msglen[8];
321
322 high = ( ctx->total[0] >> 29 )
323 | ( ctx->total[1] << 3 );
324 low = ( ctx->total[0] << 3 );
325
326 PUT_UINT32_BE( high, msglen, 0 );
327 PUT_UINT32_BE( low, msglen, 4 );
328
329 last = ctx->total[0] & 0x3F;
330 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
331
332 sha1_update( ctx, sha1_padding, padn );
333 sha1_update( ctx, msglen, 8 );
334
335 PUT_UINT32_BE( ctx->state[0], output, 0 );
336 PUT_UINT32_BE( ctx->state[1], output, 4 );
337 PUT_UINT32_BE( ctx->state[2], output, 8 );
338 PUT_UINT32_BE( ctx->state[3], output, 12 );
339 PUT_UINT32_BE( ctx->state[4], output, 16 );
340}
341
342#endif /* !POLARSSL_SHA1_ALT */
343
344/*
345 * output = SHA-1( input buffer )
346 */
347void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
348{
349 sha1_context ctx;
350
351 sha1_init( &ctx );
352 sha1_starts( &ctx );
353 sha1_update( &ctx, input, ilen );
354 sha1_finish( &ctx, output );
355 sha1_free( &ctx );
356}
357
358#if defined(POLARSSL_FS_IO)
359/*
360 * output = SHA-1( file contents )
361 */
362int sha1_file( const char *path, unsigned char output[20] )
363{
364 FILE *f;
365 size_t n;
366 sha1_context ctx;
367 unsigned char buf[1024];
368
369 if( ( f = fopen( path, "rb" ) ) == NULL )
370 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
371
372 sha1_init( &ctx );
373 sha1_starts( &ctx );
374
375 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
376 sha1_update( &ctx, buf, n );
377
378 sha1_finish( &ctx, output );
379 sha1_free( &ctx );
380
381 if( ferror( f ) != 0 )
382 {
383 fclose( f );
384 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
385 }
386
387 fclose( f );
388 return( 0 );
389}
390#endif /* POLARSSL_FS_IO */
391
392/*
393 * SHA-1 HMAC context setup
394 */
395void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
396 size_t keylen )
397{
398 size_t i;
399 unsigned char sum[20];
400
401 if( keylen > 64 )
402 {
403 sha1( key, keylen, sum );
404 keylen = 20;
405 key = sum;
406 }
407
408 memset( ctx->ipad, 0x36, 64 );
409 memset( ctx->opad, 0x5C, 64 );
410
411 for( i = 0; i < keylen; i++ )
412 {
413 ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
414 ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
415 }
416
417 sha1_starts( ctx );
418 sha1_update( ctx, ctx->ipad, 64 );
419
420 polarssl_zeroize( sum, sizeof( sum ) );
421}
422
423/*
424 * SHA-1 HMAC process buffer
425 */
426void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
427 size_t ilen )
428{
429 sha1_update( ctx, input, ilen );
430}
431
432/*
433 * SHA-1 HMAC final digest
434 */
435void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
436{
437 unsigned char tmpbuf[20];
438
439 sha1_finish( ctx, tmpbuf );
440 sha1_starts( ctx );
441 sha1_update( ctx, ctx->opad, 64 );
442 sha1_update( ctx, tmpbuf, 20 );
443 sha1_finish( ctx, output );
444
445 polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
446}
447
448/*
449 * SHA1 HMAC context reset
450 */
451void sha1_hmac_reset( sha1_context *ctx )
452{
453 sha1_starts( ctx );
454 sha1_update( ctx, ctx->ipad, 64 );
455}
456
457/*
458 * output = HMAC-SHA-1( hmac key, input buffer )
459 */
460void sha1_hmac( const unsigned char *key, size_t keylen,
461 const unsigned char *input, size_t ilen,
462 unsigned char output[20] )
463{
464 sha1_context ctx;
465
466 sha1_init( &ctx );
467 sha1_hmac_starts( &ctx, key, keylen );
468 sha1_hmac_update( &ctx, input, ilen );
469 sha1_hmac_finish( &ctx, output );
470 sha1_free( &ctx );
471}
472
473#if defined(POLARSSL_SELF_TEST)
474/*
475 * FIPS-180-1 test vectors
476 */
477static unsigned char sha1_test_buf[3][57] =
478{
479 { "abc" },
480 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
481 { "" }
482};
483
484static const int sha1_test_buflen[3] =
485{
486 3, 56, 1000
487};
488
489static const unsigned char sha1_test_sum[3][20] =
490{
491 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
492 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
493 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
494 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
495 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
496 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
497};
498
499/*
500 * RFC 2202 test vectors
501 */
502static unsigned char sha1_hmac_test_key[7][26] =
503{
504 { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
505 "\x0B\x0B\x0B\x0B" },
506 { "Jefe" },
507 { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
508 "\xAA\xAA\xAA\xAA" },
509 { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
510 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
511 { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
512 "\x0C\x0C\x0C\x0C" },
513 { "" }, /* 0xAA 80 times */
514 { "" }
515};
516
517static const int sha1_hmac_test_keylen[7] =
518{
519 20, 4, 20, 25, 20, 80, 80
520};
521
522static unsigned char sha1_hmac_test_buf[7][74] =
523{
524 { "Hi There" },
525 { "what do ya want for nothing?" },
526 { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
527 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
528 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
529 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
530 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
531 { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
532 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
533 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
534 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
535 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
536 { "Test With Truncation" },
537 { "Test Using Larger Than Block-Size Key - Hash Key First" },
538 { "Test Using Larger Than Block-Size Key and Larger"
539 " Than One Block-Size Data" }
540};
541
542static const int sha1_hmac_test_buflen[7] =
543{
544 8, 28, 50, 50, 20, 54, 73
545};
546
547static const unsigned char sha1_hmac_test_sum[7][20] =
548{
549 { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
550 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
551 { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
552 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
553 { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
554 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
555 { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
556 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
557 { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
558 0x7B, 0xE1 },
559 { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
560 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
561 { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
562 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
563};
564
565/*
566 * Checkup routine
567 */
568int sha1_self_test( int verbose )
569{
570 int i, j, buflen, ret = 0;
571 unsigned char buf[1024];
572 unsigned char sha1sum[20];
573 sha1_context ctx;
574
575 sha1_init( &ctx );
576
577 /*
578 * SHA-1
579 */
580 for( i = 0; i < 3; i++ )
581 {
582 if( verbose != 0 )
583 polarssl_printf( " SHA-1 test #%d: ", i + 1 );
584
585 sha1_starts( &ctx );
586
587 if( i == 2 )
588 {
589 memset( buf, 'a', buflen = 1000 );
590
591 for( j = 0; j < 1000; j++ )
592 sha1_update( &ctx, buf, buflen );
593 }
594 else
595 sha1_update( &ctx, sha1_test_buf[i],
596 sha1_test_buflen[i] );
597
598 sha1_finish( &ctx, sha1sum );
599
600 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
601 {
602 if( verbose != 0 )
603 polarssl_printf( "failed\n" );
604
605 ret = 1;
606 goto exit;
607 }
608
609 if( verbose != 0 )
610 polarssl_printf( "passed\n" );
611 }
612
613 if( verbose != 0 )
614 polarssl_printf( "\n" );
615
616 for( i = 0; i < 7; i++ )
617 {
618 if( verbose != 0 )
619 polarssl_printf( " HMAC-SHA-1 test #%d: ", i + 1 );
620
621 if( i == 5 || i == 6 )
622 {
623 memset( buf, '\xAA', buflen = 80 );
624 sha1_hmac_starts( &ctx, buf, buflen );
625 }
626 else
627 sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
628 sha1_hmac_test_keylen[i] );
629
630 sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
631 sha1_hmac_test_buflen[i] );
632
633 sha1_hmac_finish( &ctx, sha1sum );
634
635 buflen = ( i == 4 ) ? 12 : 20;
636
637 if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
638 {
639 if( verbose != 0 )
640 polarssl_printf( "failed\n" );
641
642 ret = 1;
643 goto exit;
644 }
645
646 if( verbose != 0 )
647 polarssl_printf( "passed\n" );
648 }
649
650 if( verbose != 0 )
651 polarssl_printf( "\n" );
652
653exit:
654 sha1_free( &ctx );
655
656 return( ret );
657}
658
659#endif /* POLARSSL_SELF_TEST */
660
661#endif /* POLARSSL_SHA1_C */
config.h
Configuration options (set of defines)
platform.h
PolarSSL Platform abstraction layer.
sha1.h
SHA-1 cryptographic hash function.
sha1
void sha1(const unsigned char *input, size_t ilen, unsigned char output[20])
Output = SHA-1( input buffer )
sha1_starts
void sha1_starts(sha1_context *ctx)
SHA-1 context setup.
sha1_hmac
void sha1_hmac(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[20])
Output = HMAC-SHA-1( hmac key, input buffer )
sha1_file
int sha1_file(const char *path, unsigned char output[20])
Output = SHA-1( file contents )
sha1_update
void sha1_update(sha1_context *ctx, const unsigned char *input, size_t ilen)
SHA-1 process buffer.
sha1_hmac_finish
void sha1_hmac_finish(sha1_context *ctx, unsigned char output[20])
SHA-1 HMAC final digest.
sha1_self_test
int sha1_self_test(int verbose)
Checkup routine.
sha1_hmac_update
void sha1_hmac_update(sha1_context *ctx, const unsigned char *input, size_t ilen)
SHA-1 HMAC process buffer.
sha1_init
void sha1_init(sha1_context *ctx)
Initialize SHA-1 context.
POLARSSL_ERR_SHA1_FILE_IO_ERROR
#define POLARSSL_ERR_SHA1_FILE_IO_ERROR
Read/write error in file.
Definition: sha1.h:45
sha1_finish
void sha1_finish(sha1_context *ctx, unsigned char output[20])
SHA-1 final digest.
sha1_hmac_starts
void sha1_hmac_starts(sha1_context *ctx, const unsigned char *key, size_t keylen)
SHA-1 HMAC context setup.
sha1_free
void sha1_free(sha1_context *ctx)
Clear SHA-1 context.
sha1_hmac_reset
void sha1_hmac_reset(sha1_context *ctx)
SHA-1 HMAC context reset.
sha1_process
void sha1_process(sha1_context *ctx, const unsigned char data[64])
sha1_context
SHA-1 context structure.
Definition: sha1.h:59
sha1_context::state
uint32_t state[5]
Definition: sha1.h:61
sha1_context::total
uint32_t total[2]
Definition: sha1.h:60
sha1_context::buffer
unsigned char buffer[64]
Definition: sha1.h:62
sha1_context::ipad
unsigned char ipad[64]
Definition: sha1.h:64
sha1_context::opad
unsigned char opad[64]
Definition: sha1.h:65
GET_UINT32_BE
#define GET_UINT32_BE(n, b, i)
Definition: test_suite_aes.cbc.c:39
PUT_UINT32_BE
#define PUT_UINT32_BE(n, b, i)
Definition: test_suite_aes.cbc.c:49
polarssl_printf
#define polarssl_printf
Definition: test_suite_aes.cbc.c:309
Generated on Sat Jul 2 2022 03:36:41 for PolarSSL v1.3.9 by doxygen 1.9.3