作者: 谢瑞阳 10225101483 徐翔宇 10225101535
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

298 lines
9.5 KiB

  1. // Portions copyright (c) 2011 The LevelDB Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style license that can be
  3. // found in the LICENSE file. See the AUTHORS file for names of contributors.
  4. //
  5. // This module provides a slow but portable implementation of
  6. // the SHA1 hash function.
  7. //
  8. // It is adapted from free code written by Paul E. Jones
  9. // <paulej@packetizer.com>. See http://www.packetizer.com/security/sha1/
  10. //
  11. // The license for the original code is:
  12. /*
  13. Copyright (C) 1998, 2009
  14. Paul E. Jones <paulej@packetizer.com>
  15. Freeware Public License (FPL)
  16. This software is licensed as "freeware." Permission to distribute
  17. this software in source and binary forms, including incorporation
  18. into other products, is hereby granted without a fee. THIS SOFTWARE
  19. IS PROVIDED 'AS IS' AND WITHOUT ANY EXPRESSED OR IMPLIED WARRANTIES,
  20. INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
  21. AND FITNESS FOR A PARTICULAR PURPOSE. THE AUTHOR SHALL NOT BE HELD
  22. LIABLE FOR ANY DAMAGES RESULTING FROM THE USE OF THIS SOFTWARE, EITHER
  23. DIRECTLY OR INDIRECTLY, INCLUDING, BUT NOT LIMITED TO, LOSS OF DATA
  24. OR DATA BEING RENDERED INACCURATE.
  25. */
  26. #include "port/sha1_portable.h"
  27. #include <stdio.h>
  28. #include <stdlib.h>
  29. #include <stdint.h>
  30. namespace leveldb {
  31. namespace port {
  32. /*
  33. * Description:
  34. * This class implements the Secure Hashing Standard as defined
  35. * in FIPS PUB 180-1 published April 17, 1995.
  36. */
  37. /*
  38. * This structure will hold context information for the hashing
  39. * operation
  40. */
  41. typedef struct SHA1Context {
  42. unsigned Message_Digest[5]; /* Message Digest (output) */
  43. unsigned Length_Low; /* Message length in bits */
  44. unsigned Length_High; /* Message length in bits */
  45. unsigned char Message_Block[64]; /* 512-bit message blocks */
  46. int Message_Block_Index; /* Index into message block array */
  47. bool Computed; /* Is the digest computed? */
  48. bool Corrupted; /* Is the message digest corruped? */
  49. } SHA1Context;
  50. /*
  51. * Portability Issues:
  52. * SHA-1 is defined in terms of 32-bit "words". This code was
  53. * written with the expectation that the processor has at least
  54. * a 32-bit machine word size. If the machine word size is larger,
  55. * the code should still function properly. One caveat to that
  56. * is that the input functions taking characters and character
  57. * arrays assume that only 8 bits of information are stored in each
  58. * character.
  59. */
  60. /*
  61. * Define the circular shift macro
  62. */
  63. #define SHA1CircularShift(bits,word) \
  64. ((((word) << (bits)) & 0xFFFFFFFF) | \
  65. ((word) >> (32-(bits))))
  66. /* Function prototypes */
  67. static void SHA1ProcessMessageBlock(SHA1Context *);
  68. static void SHA1PadMessage(SHA1Context *);
  69. // Initialize the SHA1Context in preparation for computing a new
  70. // message digest.
  71. static void SHA1Reset(SHA1Context* context) {
  72. context->Length_Low = 0;
  73. context->Length_High = 0;
  74. context->Message_Block_Index = 0;
  75. context->Message_Digest[0] = 0x67452301;
  76. context->Message_Digest[1] = 0xEFCDAB89;
  77. context->Message_Digest[2] = 0x98BADCFE;
  78. context->Message_Digest[3] = 0x10325476;
  79. context->Message_Digest[4] = 0xC3D2E1F0;
  80. context->Computed = false;
  81. context->Corrupted = false;
  82. }
  83. // This function will return the 160-bit message digest into the
  84. // Message_Digest array within the SHA1Context provided
  85. static bool SHA1Result(SHA1Context *context) {
  86. if (context->Corrupted) {
  87. return false;
  88. }
  89. if (!context->Computed) {
  90. SHA1PadMessage(context);
  91. context->Computed = true;
  92. }
  93. return true;
  94. }
  95. // This function accepts an array of bytes as the next portion of
  96. // the message.
  97. static void SHA1Input(SHA1Context *context,
  98. const unsigned char *message_array,
  99. unsigned length) {
  100. if (!length) return;
  101. if (context->Computed || context->Corrupted) {
  102. context->Corrupted = true;
  103. return;
  104. }
  105. while(length-- && !context->Corrupted) {
  106. context->Message_Block[context->Message_Block_Index++] =
  107. (*message_array & 0xFF);
  108. context->Length_Low += 8;
  109. /* Force it to 32 bits */
  110. context->Length_Low &= 0xFFFFFFFF;
  111. if (context->Length_Low == 0) {
  112. context->Length_High++;
  113. /* Force it to 32 bits */
  114. context->Length_High &= 0xFFFFFFFF;
  115. if (context->Length_High == 0)
  116. {
  117. /* Message is too long */
  118. context->Corrupted = true;
  119. }
  120. }
  121. if (context->Message_Block_Index == 64)
  122. {
  123. SHA1ProcessMessageBlock(context);
  124. }
  125. message_array++;
  126. }
  127. }
  128. // This function will process the next 512 bits of the message stored
  129. // in the Message_Block array.
  130. static void SHA1ProcessMessageBlock(SHA1Context *context) {
  131. const unsigned K[] = // Constants defined in SHA-1
  132. {
  133. 0x5A827999,
  134. 0x6ED9EBA1,
  135. 0x8F1BBCDC,
  136. 0xCA62C1D6
  137. };
  138. int t; // Loop counter
  139. unsigned temp; // Temporary word value
  140. unsigned W[80]; // Word sequence
  141. unsigned A, B, C, D, E; // Word buffers
  142. // Initialize the first 16 words in the array W
  143. for(t = 0; t < 16; t++) {
  144. W[t] = ((unsigned) context->Message_Block[t * 4]) << 24;
  145. W[t] |= ((unsigned) context->Message_Block[t * 4 + 1]) << 16;
  146. W[t] |= ((unsigned) context->Message_Block[t * 4 + 2]) << 8;
  147. W[t] |= ((unsigned) context->Message_Block[t * 4 + 3]);
  148. }
  149. for(t = 16; t < 80; t++) {
  150. W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
  151. }
  152. A = context->Message_Digest[0];
  153. B = context->Message_Digest[1];
  154. C = context->Message_Digest[2];
  155. D = context->Message_Digest[3];
  156. E = context->Message_Digest[4];
  157. for(t = 0; t < 20; t++) {
  158. temp = SHA1CircularShift(5,A) +
  159. ((B & C) | ((~B) & D)) + E + W[t] + K[0];
  160. temp &= 0xFFFFFFFF;
  161. E = D;
  162. D = C;
  163. C = SHA1CircularShift(30,B);
  164. B = A;
  165. A = temp;
  166. }
  167. for(t = 20; t < 40; t++) {
  168. temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
  169. temp &= 0xFFFFFFFF;
  170. E = D;
  171. D = C;
  172. C = SHA1CircularShift(30,B);
  173. B = A;
  174. A = temp;
  175. }
  176. for(t = 40; t < 60; t++) {
  177. temp = SHA1CircularShift(5,A) +
  178. ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
  179. temp &= 0xFFFFFFFF;
  180. E = D;
  181. D = C;
  182. C = SHA1CircularShift(30,B);
  183. B = A;
  184. A = temp;
  185. }
  186. for(t = 60; t < 80; t++) {
  187. temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
  188. temp &= 0xFFFFFFFF;
  189. E = D;
  190. D = C;
  191. C = SHA1CircularShift(30,B);
  192. B = A;
  193. A = temp;
  194. }
  195. context->Message_Digest[0] = (context->Message_Digest[0] + A) & 0xFFFFFFFF;
  196. context->Message_Digest[1] = (context->Message_Digest[1] + B) & 0xFFFFFFFF;
  197. context->Message_Digest[2] = (context->Message_Digest[2] + C) & 0xFFFFFFFF;
  198. context->Message_Digest[3] = (context->Message_Digest[3] + D) & 0xFFFFFFFF;
  199. context->Message_Digest[4] = (context->Message_Digest[4] + E) & 0xFFFFFFFF;
  200. context->Message_Block_Index = 0;
  201. }
  202. // According to the standard, the message must be padded to an even
  203. // 512 bits. The first padding bit must be a '1'. The last 64 bits
  204. // represent the length of the original message. All bits in between
  205. // should be 0. This function will pad the message according to those
  206. // rules by filling the Message_Block array accordingly. It will also
  207. // call SHA1ProcessMessageBlock() appropriately. When it returns, it
  208. // can be assumed that the message digest has been computed.
  209. static void SHA1PadMessage(SHA1Context *context) {
  210. // Check to see if the current message block is too small to hold
  211. // the initial padding bits and length. If so, we will pad the
  212. // block, process it, and then continue padding into a second block.
  213. if (context->Message_Block_Index > 55) {
  214. context->Message_Block[context->Message_Block_Index++] = 0x80;
  215. while(context->Message_Block_Index < 64) {
  216. context->Message_Block[context->Message_Block_Index++] = 0;
  217. }
  218. SHA1ProcessMessageBlock(context);
  219. while(context->Message_Block_Index < 56) {
  220. context->Message_Block[context->Message_Block_Index++] = 0;
  221. }
  222. } else {
  223. context->Message_Block[context->Message_Block_Index++] = 0x80;
  224. while(context->Message_Block_Index < 56) {
  225. context->Message_Block[context->Message_Block_Index++] = 0;
  226. }
  227. }
  228. // Store the message length as the last 8 octets
  229. context->Message_Block[56] = (context->Length_High >> 24) & 0xFF;
  230. context->Message_Block[57] = (context->Length_High >> 16) & 0xFF;
  231. context->Message_Block[58] = (context->Length_High >> 8) & 0xFF;
  232. context->Message_Block[59] = (context->Length_High) & 0xFF;
  233. context->Message_Block[60] = (context->Length_Low >> 24) & 0xFF;
  234. context->Message_Block[61] = (context->Length_Low >> 16) & 0xFF;
  235. context->Message_Block[62] = (context->Length_Low >> 8) & 0xFF;
  236. context->Message_Block[63] = (context->Length_Low) & 0xFF;
  237. SHA1ProcessMessageBlock(context);
  238. }
  239. void SHA1_Hash_Portable(const char* data, size_t len, char* hash_array) {
  240. SHA1Context context;
  241. SHA1Reset(&context);
  242. SHA1Input(&context, reinterpret_cast<const unsigned char*>(data), len);
  243. bool ok = SHA1Result(&context);
  244. if (!ok) {
  245. fprintf(stderr, "Unexpected error in SHA1_Hash_Portable code\n");
  246. exit(1);
  247. }
  248. for (int i = 0; i < 5; i++) {
  249. uint32_t value = context.Message_Digest[i];
  250. hash_array[i*4 + 0] = (value >> 24) & 0xff;
  251. hash_array[i*4 + 1] = (value >> 16) & 0xff;
  252. hash_array[i*4 + 2] = (value >> 8) & 0xff;
  253. hash_array[i*4 + 3] = value & 0xff;
  254. }
  255. }
  256. }
  257. }