rmd160c.c revision 44301
1/* crypto/ripemd/rmd_dgst.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 * 58 * $Id$ 59 */ 60 61#include <sys/types.h> 62 63#include <stdio.h> 64 65#if 0 66#include <machine/ansi.h> /* we use the __ variants of bit-sized types */ 67#endif 68#include <machine/endian.h> 69 70#include "rmd_locl.h" 71 72/* 73 * The assembly-language code is not position-independent, so don't 74 * try to use it in a shared library. 75 */ 76#ifdef PIC 77#undef RMD160_ASM 78#endif 79 80char *RMD160_version="RIPEMD160 part of SSLeay 0.9.0b 11-Oct-1998"; 81 82#ifdef RMD160_ASM 83void ripemd160_block_x86(RIPEMD160_CTX *c, const u_int32_t *p,int num); 84#define ripemd160_block ripemd160_block_x86 85#else 86void ripemd160_block(RIPEMD160_CTX *c, const u_int32_t *p,int num); 87#endif 88 89void RIPEMD160_Init(c) 90RIPEMD160_CTX *c; 91 { 92 c->A=RIPEMD160_A; 93 c->B=RIPEMD160_B; 94 c->C=RIPEMD160_C; 95 c->D=RIPEMD160_D; 96 c->E=RIPEMD160_E; 97 c->Nl=0; 98 c->Nh=0; 99 c->num=0; 100 } 101 102void RIPEMD160_Update(c, data, len) 103RIPEMD160_CTX *c; 104const unsigned char *data; 105size_t len; 106 { 107 register u_int32_t *p; 108 int sw,sc; 109 u_int32_t l; 110 111 if (len == 0) return; 112 113 l=(c->Nl+(len<<3))&0xffffffffL; 114 if (l < c->Nl) /* overflow */ 115 c->Nh++; 116 c->Nh+=(len>>29); 117 c->Nl=l; 118 119 if (c->num != 0) 120 { 121 p=c->data; 122 sw=c->num>>2; 123 sc=c->num&0x03; 124 125 if ((c->num+len) >= RIPEMD160_CBLOCK) 126 { 127 l= p[sw]; 128 p_c2l(data,l,sc); 129 p[sw++]=l; 130 for (; sw<RIPEMD160_LBLOCK; sw++) 131 { 132 c2l(data,l); 133 p[sw]=l; 134 } 135 len-=(RIPEMD160_CBLOCK-c->num); 136 137 ripemd160_block(c,p,64); 138 c->num=0; 139 /* drop through and do the rest */ 140 } 141 else 142 { 143 int ew,ec; 144 145 c->num+=(int)len; 146 if ((sc+len) < 4) /* ugly, add char's to a word */ 147 { 148 l= p[sw]; 149 p_c2l_p(data,l,sc,len); 150 p[sw]=l; 151 } 152 else 153 { 154 ew=(c->num>>2); 155 ec=(c->num&0x03); 156 l= p[sw]; 157 p_c2l(data,l,sc); 158 p[sw++]=l; 159 for (; sw < ew; sw++) 160 { c2l(data,l); p[sw]=l; } 161 if (ec) 162 { 163 c2l_p(data,l,ec); 164 p[sw]=l; 165 } 166 } 167 return; 168 } 169 } 170 /* we now can process the input data in blocks of RIPEMD160_CBLOCK 171 * chars and save the leftovers to c->data. */ 172#if BYTE_ORDER == LITTLE_ENDIAN 173 if ((((unsigned long)data)%sizeof(u_int32_t)) == 0) 174 { 175 sw=(int)len/RIPEMD160_CBLOCK; 176 if (sw > 0) 177 { 178 sw*=RIPEMD160_CBLOCK; 179 ripemd160_block(c,(u_int32_t *)data,sw); 180 data+=sw; 181 len-=sw; 182 } 183 } 184#endif 185 p=c->data; 186 while (len >= RIPEMD160_CBLOCK) 187 { 188#if BYTE_ORDER == LITTLE_ENDIAN || BYTE_ORDER == BIG_ENDIAN 189 if (p != (u_int32_t *)data) 190 memcpy(p,data,RIPEMD160_CBLOCK); 191 data+=RIPEMD160_CBLOCK; 192#if BYTE_ORDER == BIG_ENDIAN 193 for (sw=(RIPEMD160_LBLOCK/4); sw; sw--) 194 { 195 Endian_Reverse32(p[0]); 196 Endian_Reverse32(p[1]); 197 Endian_Reverse32(p[2]); 198 Endian_Reverse32(p[3]); 199 p+=4; 200 } 201#endif 202#else 203 for (sw=(RIPEMD160_LBLOCK/4); sw; sw--) 204 { 205 c2l(data,l); *(p++)=l; 206 c2l(data,l); *(p++)=l; 207 c2l(data,l); *(p++)=l; 208 c2l(data,l); *(p++)=l; 209 } 210#endif 211 p=c->data; 212 ripemd160_block(c,p,64); 213 len-=RIPEMD160_CBLOCK; 214 } 215 sc=(int)len; 216 c->num=sc; 217 if (sc) 218 { 219 sw=sc>>2; /* words to copy */ 220#if BYTE_ORDER == LITTLE_ENDIAN 221 p[sw]=0; 222 memcpy(p,data,sc); 223#else 224 sc&=0x03; 225 for ( ; sw; sw--) 226 { c2l(data,l); *(p++)=l; } 227 c2l_p(data,l,sc); 228 *p=l; 229#endif 230 } 231 } 232 233void RIPEMD160_Transform(c,b) 234RIPEMD160_CTX *c; 235unsigned char *b; 236 { 237 u_int32_t p[16]; 238#if BYTE_ORDER != LITTLE_ENDIAN 239 u_int32_t *q; 240 int i; 241#endif 242 243#if BYTE_ORDER == BIG_ENDIAN || BYTE_ORDER == LITTLE_ENDIAN 244 memcpy(p,b,64); 245#if BYTE_ORDER == BIG_ENDIAN 246 q=p; 247 for (i=(RIPEMD160_LBLOCK/4); i; i--) 248 { 249 Endian_Reverse32(q[0]); 250 Endian_Reverse32(q[1]); 251 Endian_Reverse32(q[2]); 252 Endian_Reverse32(q[3]); 253 q+=4; 254 } 255#endif 256#else 257 q=p; 258 for (i=(RIPEMD160_LBLOCK/4); i; i--) 259 { 260 u_int32_t l; 261 c2l(b,l); *(q++)=l; 262 c2l(b,l); *(q++)=l; 263 c2l(b,l); *(q++)=l; 264 c2l(b,l); *(q++)=l; 265 } 266#endif 267 ripemd160_block(c,p,64); 268 } 269 270#ifndef RMD160_ASM 271 272void ripemd160_block(ctx, X, num) 273RIPEMD160_CTX *ctx; 274const u_int32_t *X; 275int num; 276 { 277 register u_int32_t A,B,C,D,E; 278 u_int32_t a,b,c,d,e; 279 280 for (;;) 281 { 282 A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; 283 284 RIP1(A,B,C,D,E,WL00,SL00); 285 RIP1(E,A,B,C,D,WL01,SL01); 286 RIP1(D,E,A,B,C,WL02,SL02); 287 RIP1(C,D,E,A,B,WL03,SL03); 288 RIP1(B,C,D,E,A,WL04,SL04); 289 RIP1(A,B,C,D,E,WL05,SL05); 290 RIP1(E,A,B,C,D,WL06,SL06); 291 RIP1(D,E,A,B,C,WL07,SL07); 292 RIP1(C,D,E,A,B,WL08,SL08); 293 RIP1(B,C,D,E,A,WL09,SL09); 294 RIP1(A,B,C,D,E,WL10,SL10); 295 RIP1(E,A,B,C,D,WL11,SL11); 296 RIP1(D,E,A,B,C,WL12,SL12); 297 RIP1(C,D,E,A,B,WL13,SL13); 298 RIP1(B,C,D,E,A,WL14,SL14); 299 RIP1(A,B,C,D,E,WL15,SL15); 300 301 RIP2(E,A,B,C,D,WL16,SL16,KL1); 302 RIP2(D,E,A,B,C,WL17,SL17,KL1); 303 RIP2(C,D,E,A,B,WL18,SL18,KL1); 304 RIP2(B,C,D,E,A,WL19,SL19,KL1); 305 RIP2(A,B,C,D,E,WL20,SL20,KL1); 306 RIP2(E,A,B,C,D,WL21,SL21,KL1); 307 RIP2(D,E,A,B,C,WL22,SL22,KL1); 308 RIP2(C,D,E,A,B,WL23,SL23,KL1); 309 RIP2(B,C,D,E,A,WL24,SL24,KL1); 310 RIP2(A,B,C,D,E,WL25,SL25,KL1); 311 RIP2(E,A,B,C,D,WL26,SL26,KL1); 312 RIP2(D,E,A,B,C,WL27,SL27,KL1); 313 RIP2(C,D,E,A,B,WL28,SL28,KL1); 314 RIP2(B,C,D,E,A,WL29,SL29,KL1); 315 RIP2(A,B,C,D,E,WL30,SL30,KL1); 316 RIP2(E,A,B,C,D,WL31,SL31,KL1); 317 318 RIP3(D,E,A,B,C,WL32,SL32,KL2); 319 RIP3(C,D,E,A,B,WL33,SL33,KL2); 320 RIP3(B,C,D,E,A,WL34,SL34,KL2); 321 RIP3(A,B,C,D,E,WL35,SL35,KL2); 322 RIP3(E,A,B,C,D,WL36,SL36,KL2); 323 RIP3(D,E,A,B,C,WL37,SL37,KL2); 324 RIP3(C,D,E,A,B,WL38,SL38,KL2); 325 RIP3(B,C,D,E,A,WL39,SL39,KL2); 326 RIP3(A,B,C,D,E,WL40,SL40,KL2); 327 RIP3(E,A,B,C,D,WL41,SL41,KL2); 328 RIP3(D,E,A,B,C,WL42,SL42,KL2); 329 RIP3(C,D,E,A,B,WL43,SL43,KL2); 330 RIP3(B,C,D,E,A,WL44,SL44,KL2); 331 RIP3(A,B,C,D,E,WL45,SL45,KL2); 332 RIP3(E,A,B,C,D,WL46,SL46,KL2); 333 RIP3(D,E,A,B,C,WL47,SL47,KL2); 334 335 RIP4(C,D,E,A,B,WL48,SL48,KL3); 336 RIP4(B,C,D,E,A,WL49,SL49,KL3); 337 RIP4(A,B,C,D,E,WL50,SL50,KL3); 338 RIP4(E,A,B,C,D,WL51,SL51,KL3); 339 RIP4(D,E,A,B,C,WL52,SL52,KL3); 340 RIP4(C,D,E,A,B,WL53,SL53,KL3); 341 RIP4(B,C,D,E,A,WL54,SL54,KL3); 342 RIP4(A,B,C,D,E,WL55,SL55,KL3); 343 RIP4(E,A,B,C,D,WL56,SL56,KL3); 344 RIP4(D,E,A,B,C,WL57,SL57,KL3); 345 RIP4(C,D,E,A,B,WL58,SL58,KL3); 346 RIP4(B,C,D,E,A,WL59,SL59,KL3); 347 RIP4(A,B,C,D,E,WL60,SL60,KL3); 348 RIP4(E,A,B,C,D,WL61,SL61,KL3); 349 RIP4(D,E,A,B,C,WL62,SL62,KL3); 350 RIP4(C,D,E,A,B,WL63,SL63,KL3); 351 352 RIP5(B,C,D,E,A,WL64,SL64,KL4); 353 RIP5(A,B,C,D,E,WL65,SL65,KL4); 354 RIP5(E,A,B,C,D,WL66,SL66,KL4); 355 RIP5(D,E,A,B,C,WL67,SL67,KL4); 356 RIP5(C,D,E,A,B,WL68,SL68,KL4); 357 RIP5(B,C,D,E,A,WL69,SL69,KL4); 358 RIP5(A,B,C,D,E,WL70,SL70,KL4); 359 RIP5(E,A,B,C,D,WL71,SL71,KL4); 360 RIP5(D,E,A,B,C,WL72,SL72,KL4); 361 RIP5(C,D,E,A,B,WL73,SL73,KL4); 362 RIP5(B,C,D,E,A,WL74,SL74,KL4); 363 RIP5(A,B,C,D,E,WL75,SL75,KL4); 364 RIP5(E,A,B,C,D,WL76,SL76,KL4); 365 RIP5(D,E,A,B,C,WL77,SL77,KL4); 366 RIP5(C,D,E,A,B,WL78,SL78,KL4); 367 RIP5(B,C,D,E,A,WL79,SL79,KL4); 368 369 a=A; b=B; c=C; d=D; e=E; 370 /* Do other half */ 371 A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; 372 373 RIP5(A,B,C,D,E,WR00,SR00,KR0); 374 RIP5(E,A,B,C,D,WR01,SR01,KR0); 375 RIP5(D,E,A,B,C,WR02,SR02,KR0); 376 RIP5(C,D,E,A,B,WR03,SR03,KR0); 377 RIP5(B,C,D,E,A,WR04,SR04,KR0); 378 RIP5(A,B,C,D,E,WR05,SR05,KR0); 379 RIP5(E,A,B,C,D,WR06,SR06,KR0); 380 RIP5(D,E,A,B,C,WR07,SR07,KR0); 381 RIP5(C,D,E,A,B,WR08,SR08,KR0); 382 RIP5(B,C,D,E,A,WR09,SR09,KR0); 383 RIP5(A,B,C,D,E,WR10,SR10,KR0); 384 RIP5(E,A,B,C,D,WR11,SR11,KR0); 385 RIP5(D,E,A,B,C,WR12,SR12,KR0); 386 RIP5(C,D,E,A,B,WR13,SR13,KR0); 387 RIP5(B,C,D,E,A,WR14,SR14,KR0); 388 RIP5(A,B,C,D,E,WR15,SR15,KR0); 389 390 RIP4(E,A,B,C,D,WR16,SR16,KR1); 391 RIP4(D,E,A,B,C,WR17,SR17,KR1); 392 RIP4(C,D,E,A,B,WR18,SR18,KR1); 393 RIP4(B,C,D,E,A,WR19,SR19,KR1); 394 RIP4(A,B,C,D,E,WR20,SR20,KR1); 395 RIP4(E,A,B,C,D,WR21,SR21,KR1); 396 RIP4(D,E,A,B,C,WR22,SR22,KR1); 397 RIP4(C,D,E,A,B,WR23,SR23,KR1); 398 RIP4(B,C,D,E,A,WR24,SR24,KR1); 399 RIP4(A,B,C,D,E,WR25,SR25,KR1); 400 RIP4(E,A,B,C,D,WR26,SR26,KR1); 401 RIP4(D,E,A,B,C,WR27,SR27,KR1); 402 RIP4(C,D,E,A,B,WR28,SR28,KR1); 403 RIP4(B,C,D,E,A,WR29,SR29,KR1); 404 RIP4(A,B,C,D,E,WR30,SR30,KR1); 405 RIP4(E,A,B,C,D,WR31,SR31,KR1); 406 407 RIP3(D,E,A,B,C,WR32,SR32,KR2); 408 RIP3(C,D,E,A,B,WR33,SR33,KR2); 409 RIP3(B,C,D,E,A,WR34,SR34,KR2); 410 RIP3(A,B,C,D,E,WR35,SR35,KR2); 411 RIP3(E,A,B,C,D,WR36,SR36,KR2); 412 RIP3(D,E,A,B,C,WR37,SR37,KR2); 413 RIP3(C,D,E,A,B,WR38,SR38,KR2); 414 RIP3(B,C,D,E,A,WR39,SR39,KR2); 415 RIP3(A,B,C,D,E,WR40,SR40,KR2); 416 RIP3(E,A,B,C,D,WR41,SR41,KR2); 417 RIP3(D,E,A,B,C,WR42,SR42,KR2); 418 RIP3(C,D,E,A,B,WR43,SR43,KR2); 419 RIP3(B,C,D,E,A,WR44,SR44,KR2); 420 RIP3(A,B,C,D,E,WR45,SR45,KR2); 421 RIP3(E,A,B,C,D,WR46,SR46,KR2); 422 RIP3(D,E,A,B,C,WR47,SR47,KR2); 423 424 RIP2(C,D,E,A,B,WR48,SR48,KR3); 425 RIP2(B,C,D,E,A,WR49,SR49,KR3); 426 RIP2(A,B,C,D,E,WR50,SR50,KR3); 427 RIP2(E,A,B,C,D,WR51,SR51,KR3); 428 RIP2(D,E,A,B,C,WR52,SR52,KR3); 429 RIP2(C,D,E,A,B,WR53,SR53,KR3); 430 RIP2(B,C,D,E,A,WR54,SR54,KR3); 431 RIP2(A,B,C,D,E,WR55,SR55,KR3); 432 RIP2(E,A,B,C,D,WR56,SR56,KR3); 433 RIP2(D,E,A,B,C,WR57,SR57,KR3); 434 RIP2(C,D,E,A,B,WR58,SR58,KR3); 435 RIP2(B,C,D,E,A,WR59,SR59,KR3); 436 RIP2(A,B,C,D,E,WR60,SR60,KR3); 437 RIP2(E,A,B,C,D,WR61,SR61,KR3); 438 RIP2(D,E,A,B,C,WR62,SR62,KR3); 439 RIP2(C,D,E,A,B,WR63,SR63,KR3); 440 441 RIP1(B,C,D,E,A,WR64,SR64); 442 RIP1(A,B,C,D,E,WR65,SR65); 443 RIP1(E,A,B,C,D,WR66,SR66); 444 RIP1(D,E,A,B,C,WR67,SR67); 445 RIP1(C,D,E,A,B,WR68,SR68); 446 RIP1(B,C,D,E,A,WR69,SR69); 447 RIP1(A,B,C,D,E,WR70,SR70); 448 RIP1(E,A,B,C,D,WR71,SR71); 449 RIP1(D,E,A,B,C,WR72,SR72); 450 RIP1(C,D,E,A,B,WR73,SR73); 451 RIP1(B,C,D,E,A,WR74,SR74); 452 RIP1(A,B,C,D,E,WR75,SR75); 453 RIP1(E,A,B,C,D,WR76,SR76); 454 RIP1(D,E,A,B,C,WR77,SR77); 455 RIP1(C,D,E,A,B,WR78,SR78); 456 RIP1(B,C,D,E,A,WR79,SR79); 457 458 D =ctx->B+c+D; 459 ctx->B=ctx->C+d+E; 460 ctx->C=ctx->D+e+A; 461 ctx->D=ctx->E+a+B; 462 ctx->E=ctx->A+b+C; 463 ctx->A=D; 464 465 X+=16; 466 num-=64; 467 if (num <= 0) break; 468 } 469 } 470#endif 471 472void RIPEMD160_Final(md, c) 473unsigned char *md; 474RIPEMD160_CTX *c; 475 { 476 register int i,j; 477 register u_int32_t l; 478 register u_int32_t *p; 479 static unsigned char end[4]={0x80,0x00,0x00,0x00}; 480 unsigned char *cp=end; 481 482 /* c->num should definitly have room for at least one more byte. */ 483 p=c->data; 484 j=c->num; 485 i=j>>2; 486 487 /* purify often complains about the following line as an 488 * Uninitialized Memory Read. While this can be true, the 489 * following p_c2l macro will reset l when that case is true. 490 * This is because j&0x03 contains the number of 'valid' bytes 491 * already in p[i]. If and only if j&0x03 == 0, the UMR will 492 * occur but this is also the only time p_c2l will do 493 * l= *(cp++) instead of l|= *(cp++) 494 * Many thanks to Alex Tang <altitude@cic.net> for pickup this 495 * 'potential bug' */ 496#ifdef PURIFY 497 if ((j&0x03) == 0) p[i]=0; 498#endif 499 l=p[i]; 500 p_c2l(cp,l,j&0x03); 501 p[i]=l; 502 i++; 503 /* i is the next 'undefined word' */ 504 if (c->num >= RIPEMD160_LAST_BLOCK) 505 { 506 for (; i<RIPEMD160_LBLOCK; i++) 507 p[i]=0; 508 ripemd160_block(c,p,64); 509 i=0; 510 } 511 for (; i<(RIPEMD160_LBLOCK-2); i++) 512 p[i]=0; 513 p[RIPEMD160_LBLOCK-2]=c->Nl; 514 p[RIPEMD160_LBLOCK-1]=c->Nh; 515 ripemd160_block(c,p,64); 516 cp=md; 517 l=c->A; l2c(l,cp); 518 l=c->B; l2c(l,cp); 519 l=c->C; l2c(l,cp); 520 l=c->D; l2c(l,cp); 521 l=c->E; l2c(l,cp); 522 523 /* clear stuff, ripemd160_block may be leaving some stuff on the stack 524 * but I'm not worried :-) */ 525 c->num=0; 526/* memset((char *)&c,0,sizeof(c));*/ 527 } 528 529#ifdef undef 530int printit(l) 531unsigned long *l; 532 { 533 int i,ii; 534 535 for (i=0; i<2; i++) 536 { 537 for (ii=0; ii<8; ii++) 538 { 539 fprintf(stderr,"%08lx ",l[i*8+ii]); 540 } 541 fprintf(stderr,"\n"); 542 } 543 } 544#endif 545