diff options
| author | Marc Stevens <cr-marcstevens@users.noreply.github.com> | 2017-03-16 18:21:09 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-03-16 18:21:09 +0300 |
| commit | 007905a93c973f55b2daed6585f9f6c23545bf66 (patch) | |
| tree | 380b097cec0efed642520784f491d6f86b915a09 | |
| parent | 9c8e73cadb35776d3310e3f8ceda7183fa75a39f (diff) | |
| parent | 5c9843c861b676946a978587a0d4c55b7fa75586 (diff) | |
Merge pull request #20 from cr-marcstevens/feature/performance
Feature/performance
| -rw-r--r-- | Makefile | 14 | ||||
| -rw-r--r-- | lib/sha1.c | 980 | ||||
| -rw-r--r-- | lib/sha1.h | 15 | ||||
| -rw-r--r-- | lib/ubc_check.h | 9 | ||||
| -rw-r--r-- | src/main.c | 6 |
5 files changed, 836 insertions, 188 deletions
@@ -13,7 +13,7 @@ # 3. If any interfaces have been added since the last public release, then increment age. # 4. If any interfaces have been removed or changed since the last public release, # then set age to 0. -LIBCOMPAT=0:0:0 +LIBCOMPAT=1:0:0 PREFIX ?= /usr/local BINDIR=$(PREFIX)/bin @@ -66,6 +66,7 @@ SRC_DIR=src SRC_DEP_DIR=dep_src SRC_OBJ_DIR=obj_src +H_DEP:=$(shell find . -type f -name "*.h") FS_LIB=$(wildcard $(LIB_DIR)/*.c) FS_SRC=$(wildcard $(SRC_DIR)/*.c) FS_OBJ_LIB=$(FS_LIB:$(LIB_DIR)/%.c=$(LIB_OBJ_DIR)/%.lo) @@ -108,6 +109,13 @@ clean: .PHONY: test test: tools + test e98a60b463a6868a6ce351ab0166c0af0c8c4721 != `bin/sha1dcsum test/sha1_reducedsha_coll.bin | cut -d' ' -f1` || (echo "\nError: Compiled for incorrect endianness" && false) + test a56374e1cf4c3746499bc7c0acb39498ad2ee185 = `bin/sha1dcsum test/sha1_reducedsha_coll.bin | cut -d' ' -f1` + test 16e96b70000dd1e7c85b8368ee197754400e58ec = `bin/sha1dcsum test/shattered-1.pdf | cut -d' ' -f1` + test e1761773e6a35916d99f891b77663e6405313587 = `bin/sha1dcsum test/shattered-2.pdf | cut -d' ' -f1` + test dd39885a2a5d8f59030b451e00cb45da9f9d3828 = `bin/sha1dcsum_partialcoll test/sha1_reducedsha_coll.bin | cut -d' ' -f1` + test d3a1d09969c3b57113fd17b23e01dd3de74a99bb = `bin/sha1dcsum_partialcoll test/shattered-1.pdf | cut -d' ' -f1` + test 92246b0b718f4c704d37bb025717cbc66babf102 = `bin/sha1dcsum_partialcoll test/shattered-2.pdf | cut -d' ' -f1` bin/sha1dcsum test/* bin/sha1dcsum_partialcoll test/* @@ -143,14 +151,14 @@ bin/sha1dcsum_partialcoll: $(FS_OBJ_SRC) bin/libsha1detectcoll.$(LIB_EXT) $(SRC_DEP_DIR)/%.d: $(SRC_DIR)/%.c $(MKDIR) $(shell dirname $@) && $(CC_DEP) $(CFLAGS) -M -MF $@ $< -$(SRC_OBJ_DIR)/%.lo ${SRC_OBJ_DIR}/%.o: ${SRC_DIR}/%.c ${SRC_DEP_DIR}/%.d +$(SRC_OBJ_DIR)/%.lo ${SRC_OBJ_DIR}/%.o: ${SRC_DIR}/%.c ${SRC_DEP_DIR}/%.d $(H_DEP) $(MKDIR) $(shell dirname $@) && $(CC) $(CFLAGS) -o $@ -c $< $(LIB_DEP_DIR)/%.d: $(LIB_DIR)/%.c $(MKDIR) $(shell dirname $@) && $(CC_DEP) $(CFLAGS) -M -MF $@ $< -$(LIB_OBJ_DIR)/%.lo $(LIB_OBJ_DIR)/%.o: $(LIB_DIR)/%.c $(LIB_DEP_DIR)/%.d +$(LIB_OBJ_DIR)/%.lo $(LIB_OBJ_DIR)/%.o: $(LIB_DIR)/%.c $(LIB_DEP_DIR)/%.d $(H_DEP) $(MKDIR) $(shell dirname $@) && $(CC) $(CFLAGS) -o $@ -c $< -include $(FS_DEP) @@ -13,12 +13,43 @@ #include "sha1.h" #include "ubc_check.h" + +/* + Because Little-Endian architectures are most common, + we only set BIGENDIAN if one of these conditions is met. + Note that all MSFT platforms are little endian, + so none of these will be defined under the MSC compiler. + If you are compiling on a big endian platform and your compiler does not define one of these, + you will have to add whatever macros your tool chain defines to indicate Big-Endianness. + */ +#if (defined(__BYTE_ORDER) && (__BYTE_ORDER == __BIG_ENDIAN)) || \ + (defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)) || \ + defined(__BIG_ENDIAN__) || defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \ + defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__) + +#define BIGENDIAN (1) + +#endif /*ENDIANNESS SELECTION*/ + #define rotate_right(x,n) (((x)>>(n))|((x)<<(32-(n)))) #define rotate_left(x,n) (((x)<<(n))|((x)>>(32-(n)))) +#define sha1_bswap32(x) \ + {x = ((x << 8) & 0xFF00FF00) | ((x >> 8) & 0xFF00FF); x = (x << 16) | (x >> 16);} + +#define sha1_mix(W, t) (rotate_left(W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16], 1)) + +#if defined(BIGENDIAN) + #define sha1_load(m, t, temp) { temp = m[t]; } +#else + #define sha1_load(m, t, temp) { temp = m[t]; sha1_bswap32(temp); } +#endif /*define(BIGENDIAN)*/ + +#define sha1_store(W, t, x) *(volatile uint32_t *)&W[t] = x + #define sha1_f1(b,c,d) ((d)^((b)&((c)^(d)))) #define sha1_f2(b,c,d) ((b)^(c)^(d)) -#define sha1_f3(b,c,d) (((b) & ((c)|(d))) | ((c)&(d))) +#define sha1_f3(b,c,d) (((b)&(c))+((d)&((b)^(c)))) #define sha1_f4(b,c,d) ((b)^(c)^(d)) #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, m, t) \ @@ -39,18 +70,25 @@ #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, m, t) \ { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; } -#define SHA1_STORE_STATE(i) states[i][0] = a; states[i][1] = b; states[i][2] = c; states[i][3] = d; states[i][4] = e; +#define SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, t, temp) \ + {sha1_load(m, t, temp); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30);} +#define SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(a, b, c, d, e, W, t, temp) \ + {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30); } +#define SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, t, temp) \ + {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1; b = rotate_left(b, 30); } -static void sha1_message_expansion(uint32_t W[80]) -{ - unsigned i; - for (i = 16; i < 80; ++i) - W[i] = rotate_left(W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16], 1); -} +#define SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, t, temp) \ + {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC; b = rotate_left(b, 30); } + +#define SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, t, temp) \ + {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6; b = rotate_left(b, 30); } -/* + +#define SHA1_STORE_STATE(i) states[i][0] = a; states[i][1] = b; states[i][2] = c; states[i][3] = d; states[i][4] = e; + +#ifdef BUILDNOCOLLDETECTSHA1COMPRESSION void sha1_compression(uint32_t ihv[5], const uint32_t m[16]) { uint32_t W[80]; @@ -59,7 +97,7 @@ void sha1_compression(uint32_t ihv[5], const uint32_t m[16]) memcpy(W, m, 16 * 4); for (i = 16; i < 80; ++i) - W[i] = rotate_left(W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16], 1); + W[i] = sha1_mix(W, i); a = ihv[0]; b = ihv[1]; c = ihv[2]; d = ihv[3]; e = ihv[4]; @@ -149,7 +187,8 @@ void sha1_compression(uint32_t ihv[5], const uint32_t m[16]) ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e; } -*/ +#endif /*BUILDNOCOLLDETECTSHA1COMPRESSION*/ + static void sha1_compression_W(uint32_t ihv[5], const uint32_t W[80]) { @@ -243,313 +282,315 @@ static void sha1_compression_W(uint32_t ihv[5], const uint32_t W[80]) } -static void sha1_compression_states(uint32_t ihv[5], const uint32_t W[80], uint32_t states[80][5]) + +void sha1_compression_states(uint32_t ihv[5], const uint32_t m[16], uint32_t W[80], uint32_t states[80][5]) { uint32_t a = ihv[0], b = ihv[1], c = ihv[2], d = ihv[3], e = ihv[4]; + uint32_t temp; #ifdef DOSTORESTATE00 SHA1_STORE_STATE(0) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 0); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 0, temp); #ifdef DOSTORESTATE01 SHA1_STORE_STATE(1) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 1); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 1, temp); #ifdef DOSTORESTATE02 SHA1_STORE_STATE(2) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 2); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 2, temp); #ifdef DOSTORESTATE03 SHA1_STORE_STATE(3) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 3); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 3, temp); #ifdef DOSTORESTATE04 SHA1_STORE_STATE(4) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 4); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 4, temp); #ifdef DOSTORESTATE05 SHA1_STORE_STATE(5) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 5); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 5, temp); #ifdef DOSTORESTATE06 SHA1_STORE_STATE(6) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 6); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 6, temp); #ifdef DOSTORESTATE07 SHA1_STORE_STATE(7) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 7); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 7, temp); #ifdef DOSTORESTATE08 SHA1_STORE_STATE(8) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 8); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 8, temp); #ifdef DOSTORESTATE09 SHA1_STORE_STATE(9) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 9); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 9, temp); #ifdef DOSTORESTATE10 SHA1_STORE_STATE(10) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 10); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 10, temp); #ifdef DOSTORESTATE11 SHA1_STORE_STATE(11) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 11); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 11, temp); #ifdef DOSTORESTATE12 SHA1_STORE_STATE(12) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 12); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 12, temp); #ifdef DOSTORESTATE13 SHA1_STORE_STATE(13) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 13); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 13, temp); #ifdef DOSTORESTATE14 SHA1_STORE_STATE(14) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 14); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 14, temp); #ifdef DOSTORESTATE15 SHA1_STORE_STATE(15) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 15); + SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 15, temp); #ifdef DOSTORESTATE16 SHA1_STORE_STATE(16) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 16); + SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(e, a, b, c, d, W, 16, temp); #ifdef DOSTORESTATE17 SHA1_STORE_STATE(17) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 17); + SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(d, e, a, b, c, W, 17, temp); #ifdef DOSTORESTATE18 SHA1_STORE_STATE(18) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 18); + SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(c, d, e, a, b, W, 18, temp); #ifdef DOSTORESTATE19 SHA1_STORE_STATE(19) #endif - HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 19); + SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(b, c, d, e, a, W, 19, temp); #ifdef DOSTORESTATE20 SHA1_STORE_STATE(20) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 20); + SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 20, temp); #ifdef DOSTORESTATE21 SHA1_STORE_STATE(21) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 21); + SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 21, temp); #ifdef DOSTORESTATE22 SHA1_STORE_STATE(22) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 22); + SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 22, temp); #ifdef DOSTORESTATE23 SHA1_STORE_STATE(23) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 23); + SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 23, temp); #ifdef DOSTORESTATE24 SHA1_STORE_STATE(24) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 24); + SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 24, temp); #ifdef DOSTORESTATE25 SHA1_STORE_STATE(25) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 25); + SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 25, temp); #ifdef DOSTORESTATE26 SHA1_STORE_STATE(26) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 26); + SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 26, temp); #ifdef DOSTORESTATE27 SHA1_STORE_STATE(27) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 27); + SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 27, temp); #ifdef DOSTORESTATE28 SHA1_STORE_STATE(28) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 28); + SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 28, temp); #ifdef DOSTORESTATE29 SHA1_STORE_STATE(29) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 29); + SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 29, temp); #ifdef DOSTORESTATE30 SHA1_STORE_STATE(30) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 30); + SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 30, temp); #ifdef DOSTORESTATE31 SHA1_STORE_STATE(31) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 31); + SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 31, temp); #ifdef DOSTORESTATE32 SHA1_STORE_STATE(32) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 32); + SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 32, temp); #ifdef DOSTORESTATE33 SHA1_STORE_STATE(33) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 33); + SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 33, temp); #ifdef DOSTORESTATE34 SHA1_STORE_STATE(34) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 34); + SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 34, temp); #ifdef DOSTORESTATE35 SHA1_STORE_STATE(35) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 35); + SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 35, temp); #ifdef DOSTORESTATE36 SHA1_STORE_STATE(36) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 36); + SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 36, temp); #ifdef DOSTORESTATE37 SHA1_STORE_STATE(37) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 37); + SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 37, temp); #ifdef DOSTORESTATE38 SHA1_STORE_STATE(38) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 38); + SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 38, temp); #ifdef DOSTORESTATE39 SHA1_STORE_STATE(39) #endif - HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 39); + SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 39, temp); #ifdef DOSTORESTATE40 SHA1_STORE_STATE(40) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 40); + SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 40, temp); #ifdef DOSTORESTATE41 SHA1_STORE_STATE(41) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 41); + SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 41, temp); #ifdef DOSTORESTATE42 SHA1_STORE_STATE(42) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 42); + SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 42, temp); #ifdef DOSTORESTATE43 SHA1_STORE_STATE(43) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 43); + SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 43, temp); #ifdef DOSTORESTATE44 SHA1_STORE_STATE(44) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 44); + SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 44, temp); #ifdef DOSTORESTATE45 SHA1_STORE_STATE(45) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 45); + SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 45, temp); #ifdef DOSTORESTATE46 SHA1_STORE_STATE(46) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 46); + SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 46, temp); #ifdef DOSTORESTATE47 SHA1_STORE_STATE(47) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 47); + SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 47, temp); #ifdef DOSTORESTATE48 SHA1_STORE_STATE(48) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 48); + SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 48, temp); #ifdef DOSTORESTATE49 SHA1_STORE_STATE(49) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 49); + SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 49, temp); #ifdef DOSTORESTATE50 SHA1_STORE_STATE(50) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 50); + SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 50, temp); #ifdef DOSTORESTATE51 SHA1_STORE_STATE(51) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 51); + SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 51, temp); #ifdef DOSTORESTATE52 SHA1_STORE_STATE(52) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 52); + SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 52, temp); #ifdef DOSTORESTATE53 SHA1_STORE_STATE(53) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 53); + SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 53, temp); #ifdef DOSTORESTATE54 SHA1_STORE_STATE(54) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 54); + SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 54, temp); #ifdef DOSTORESTATE55 SHA1_STORE_STATE(55) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 55); + SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 55, temp); #ifdef DOSTORESTATE56 SHA1_STORE_STATE(56) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 56); + SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 56, temp); #ifdef DOSTORESTATE57 SHA1_STORE_STATE(57) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 57); + SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 57, temp); #ifdef DOSTORESTATE58 SHA1_STORE_STATE(58) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 58); + SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 58, temp); #ifdef DOSTORESTATE59 SHA1_STORE_STATE(59) #endif - HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 59); + SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 59, temp); @@ -557,102 +598,102 @@ static void sha1_compression_states(uint32_t ihv[5], const uint32_t W[80], uint3 #ifdef DOSTORESTATE60 SHA1_STORE_STATE(60) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 60); + SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 60, temp); #ifdef DOSTORESTATE61 SHA1_STORE_STATE(61) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 61); + SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 61, temp); #ifdef DOSTORESTATE62 SHA1_STORE_STATE(62) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 62); + SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 62, temp); #ifdef DOSTORESTATE63 SHA1_STORE_STATE(63) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 63); + SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 63, temp); #ifdef DOSTORESTATE64 SHA1_STORE_STATE(64) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 64); + SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 64, temp); #ifdef DOSTORESTATE65 SHA1_STORE_STATE(65) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 65); + SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 65, temp); #ifdef DOSTORESTATE66 SHA1_STORE_STATE(66) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 66); + SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 66, temp); #ifdef DOSTORESTATE67 SHA1_STORE_STATE(67) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 67); + SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 67, temp); #ifdef DOSTORESTATE68 SHA1_STORE_STATE(68) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 68); + SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 68, temp); #ifdef DOSTORESTATE69 SHA1_STORE_STATE(69) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 69); + SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 69, temp); #ifdef DOSTORESTATE70 SHA1_STORE_STATE(70) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 70); + SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 70, temp); #ifdef DOSTORESTATE71 SHA1_STORE_STATE(71) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 71); + SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 71, temp); #ifdef DOSTORESTATE72 SHA1_STORE_STATE(72) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 72); + SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 72, temp); #ifdef DOSTORESTATE73 SHA1_STORE_STATE(73) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 73); + SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 73, temp); #ifdef DOSTORESTATE74 SHA1_STORE_STATE(74) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 74); + SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 74, temp); #ifdef DOSTORESTATE75 SHA1_STORE_STATE(75) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 75); + SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 75, temp); #ifdef DOSTORESTATE76 SHA1_STORE_STATE(76) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 76); + SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 76, temp); #ifdef DOSTORESTATE77 SHA1_STORE_STATE(77) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 77); + SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 77, temp); #ifdef DOSTORESTATE78 SHA1_STORE_STATE(78) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 78); + SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 78, temp); #ifdef DOSTORESTATE79 SHA1_STORE_STATE(79) #endif - HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 79); + SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 79, temp); @@ -831,197 +872,792 @@ static void sha1recompress_fast_ ## t (uint32_t ihvin[5], uint32_t ihvout[5], co ihvout[0] = ihvin[0] + a; ihvout[1] = ihvin[1] + b; ihvout[2] = ihvin[2] + c; ihvout[3] = ihvin[3] + d; ihvout[4] = ihvin[4] + e; \ } -/* +#ifdef DOSTORESTATE0 SHA1_RECOMPRESS(0) +#endif + +#ifdef DOSTORESTATE1 SHA1_RECOMPRESS(1) +#endif + +#ifdef DOSTORESTATE2 SHA1_RECOMPRESS(2) +#endif + +#ifdef DOSTORESTATE3 SHA1_RECOMPRESS(3) +#endif + +#ifdef DOSTORESTATE4 SHA1_RECOMPRESS(4) +#endif + +#ifdef DOSTORESTATE5 SHA1_RECOMPRESS(5) +#endif + +#ifdef DOSTORESTATE6 SHA1_RECOMPRESS(6) +#endif + +#ifdef DOSTORESTATE7 SHA1_RECOMPRESS(7) +#endif + +#ifdef DOSTORESTATE8 SHA1_RECOMPRESS(8) +#endif + +#ifdef DOSTORESTATE9 SHA1_RECOMPRESS(9) +#endif +#ifdef DOSTORESTATE10 SHA1_RECOMPRESS(10) +#endif + +#ifdef DOSTORESTATE11 SHA1_RECOMPRESS(11) +#endif + +#ifdef DOSTORESTATE12 SHA1_RECOMPRESS(12) +#endif + +#ifdef DOSTORESTATE13 SHA1_RECOMPRESS(13) +#endif + +#ifdef DOSTORESTATE14 SHA1_RECOMPRESS(14) +#endif + +#ifdef DOSTORESTATE15 SHA1_RECOMPRESS(15) +#endif + +#ifdef DOSTORESTATE16 SHA1_RECOMPRESS(16) +#endif + +#ifdef DOSTORESTATE17 SHA1_RECOMPRESS(17) +#endif + +#ifdef DOSTORESTATE18 SHA1_RECOMPRESS(18) +#endif + +#ifdef DOSTORESTATE19 SHA1_RECOMPRESS(19) +#endif +#ifdef DOSTORESTATE20 SHA1_RECOMPRESS(20) +#endif + +#ifdef DOSTORESTATE21 SHA1_RECOMPRESS(21) +#endif + +#ifdef DOSTORESTATE22 SHA1_RECOMPRESS(22) +#endif + +#ifdef DOSTORESTATE23 SHA1_RECOMPRESS(23) +#endif + +#ifdef DOSTORESTATE24 SHA1_RECOMPRESS(24) +#endif + +#ifdef DOSTORESTATE25 SHA1_RECOMPRESS(25) +#endif + +#ifdef DOSTORESTATE26 SHA1_RECOMPRESS(26) +#endif + +#ifdef DOSTORESTATE27 SHA1_RECOMPRESS(27) +#endif + +#ifdef DOSTORESTATE28 SHA1_RECOMPRESS(28) +#endif + +#ifdef DOSTORESTATE29 SHA1_RECOMPRESS(29) +#endif +#ifdef DOSTORESTATE30 SHA1_RECOMPRESS(30) +#endif + +#ifdef DOSTORESTATE31 SHA1_RECOMPRESS(31) +#endif + +#ifdef DOSTORESTATE32 SHA1_RECOMPRESS(32) +#endif + +#ifdef DOSTORESTATE33 SHA1_RECOMPRESS(33) +#endif + +#ifdef DOSTORESTATE34 SHA1_RECOMPRESS(34) +#endif + +#ifdef DOSTORESTATE35 SHA1_RECOMPRESS(35) +#endif + +#ifdef DOSTORESTATE36 SHA1_RECOMPRESS(36) +#endif + +#ifdef DOSTORESTATE37 SHA1_RECOMPRESS(37) +#endif + +#ifdef DOSTORESTATE38 SHA1_RECOMPRESS(38) +#endif + +#ifdef DOSTORESTATE39 SHA1_RECOMPRESS(39) +#endif +#ifdef DOSTORESTATE40 SHA1_RECOMPRESS(40) +#endif + +#ifdef DOSTORESTATE41 SHA1_RECOMPRESS(41) +#endif + +#ifdef DOSTORESTATE42 SHA1_RECOMPRESS(42) +#endif + +#ifdef DOSTORESTATE43 SHA1_RECOMPRESS(43) +#endif + +#ifdef DOSTORESTATE44 SHA1_RECOMPRESS(44) +#endif + +#ifdef DOSTORESTATE45 SHA1_RECOMPRESS(45) +#endif + +#ifdef DOSTORESTATE46 SHA1_RECOMPRESS(46) +#endif + +#ifdef DOSTORESTATE47 SHA1_RECOMPRESS(47) +#endif + +#ifdef DOSTORESTATE48 SHA1_RECOMPRESS(48) +#endif + +#ifdef DOSTORESTATE49 SHA1_RECOMPRESS(49) +#endif +#ifdef DOSTORESTATE50 SHA1_RECOMPRESS(50) +#endif + +#ifdef DOSTORESTATE51 SHA1_RECOMPRESS(51) +#endif + +#ifdef DOSTORESTATE52 SHA1_RECOMPRESS(52) +#endif + +#ifdef DOSTORESTATE53 SHA1_RECOMPRESS(53) +#endif + +#ifdef DOSTORESTATE54 SHA1_RECOMPRESS(54) +#endif + +#ifdef DOSTORESTATE55 SHA1_RECOMPRESS(55) +#endif + +#ifdef DOSTORESTATE56 SHA1_RECOMPRESS(56) +#endif + +#ifdef DOSTORESTATE57 SHA1_RECOMPRESS(57) -*/ +#endif + +#ifdef DOSTORESTATE58 SHA1_RECOMPRESS(58) -/* +#endif + +#ifdef DOSTORESTATE59 SHA1_RECOMPRESS(59) +#endif +#ifdef DOSTORESTATE60 SHA1_RECOMPRESS(60) +#endif + +#ifdef DOSTORESTATE61 SHA1_RECOMPRESS(61) +#endif + +#ifdef DOSTORESTATE62 SHA1_RECOMPRESS(62) +#endif + +#ifdef DOSTORESTATE63 SHA1_RECOMPRESS(63) +#endif + +#ifdef DOSTORESTATE64 SHA1_RECOMPRESS(64) -*/ +#endif + +#ifdef DOSTORESTATE65 SHA1_RECOMPRESS(65) -/* +#endif + +#ifdef DOSTORESTATE66 SHA1_RECOMPRESS(66) +#endif + +#ifdef DOSTORESTATE67 SHA1_RECOMPRESS(67) +#endif + +#ifdef DOSTORESTATE68 SHA1_RECOMPRESS(68) +#endif + +#ifdef DOSTORESTATE69 SHA1_RECOMPRESS(69) +#endif +#ifdef DOSTORESTATE70 SHA1_RECOMPRESS(70) +#endif + +#ifdef DOSTORESTATE71 SHA1_RECOMPRESS(71) +#endif + +#ifdef DOSTORESTATE72 SHA1_RECOMPRESS(72) +#endif + +#ifdef DOSTORESTATE73 SHA1_RECOMPRESS(73) +#endif + +#ifdef DOSTORESTATE74 SHA1_RECOMPRESS(74) +#endif + +#ifdef DOSTORESTATE75 SHA1_RECOMPRESS(75) +#endif + +#ifdef DOSTORESTATE76 SHA1_RECOMPRESS(76) +#endif + +#ifdef DOSTORESTATE77 SHA1_RECOMPRESS(77) +#endif + +#ifdef DOSTORESTATE78 SHA1_RECOMPRESS(78) +#endif + +#ifdef DOSTORESTATE79 SHA1_RECOMPRESS(79) -*/ +#endif -/* -sha1_recompression_type sha1_recompression_step[80] = +static void sha1_recompression_step(uint32_t step, uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5]) { - sha1recompress_fast_0, sha1recompress_fast_1, sha1recompress_fast_2, sha1recompress_fast_3, sha1recompress_fast_4, sha1recompress_fast_5, sha1recompress_fast_6, sha1recompress_fast_7, sha1recompress_fast_8, sha1recompress_fast_9, - sha1recompress_fast_10, sha1recompress_fast_11, sha1recompress_fast_12, sha1recompress_fast_13, sha1recompress_fast_14, sha1recompress_fast_15, sha1recompress_fast_16, sha1recompress_fast_17, sha1recompress_fast_18, sha1recompress_fast_19, - sha1recompress_fast_20, sha1recompress_fast_21, sha1recompress_fast_22, sha1recompress_fast_23, sha1recompress_fast_24, sha1recompress_fast_25, sha1recompress_fast_26, sha1recompress_fast_27, sha1recompress_fast_28, sha1recompress_fast_29, - sha1recompress_fast_30, sha1recompress_fast_31, sha1recompress_fast_32, sha1recompress_fast_33, sha1recompress_fast_34, sha1recompress_fast_35, sha1recompress_fast_36, sha1recompress_fast_37, sha1recompress_fast_38, sha1recompress_fast_39, - sha1recompress_fast_40, sha1recompress_fast_41, sha1recompress_fast_42, sha1recompress_fast_43, sha1recompress_fast_44, sha1recompress_fast_45, sha1recompress_fast_46, sha1recompress_fast_47, sha1recompress_fast_48, sha1recompress_fast_49, - sha1recompress_fast_50, sha1recompress_fast_51, sha1recompress_fast_52, sha1recompress_fast_53, sha1recompress_fast_54, sha1recompress_fast_55, sha1recompress_fast_56, sha1recompress_fast_57, sha1recompress_fast_58, sha1recompress_fast_59, - sha1recompress_fast_60, sha1recompress_fast_61, sha1recompress_fast_62, sha1recompress_fast_63, sha1recompress_fast_64, sha1recompress_fast_65, sha1recompress_fast_66, sha1recompress_fast_67, sha1recompress_fast_68, sha1recompress_fast_69, - sha1recompress_fast_70, sha1recompress_fast_71, sha1recompress_fast_72, sha1recompress_fast_73, sha1recompress_fast_74, sha1recompress_fast_75, sha1recompress_fast_76, sha1recompress_fast_77, sha1recompress_fast_78, sha1recompress_fast_79, -}; -*/ + switch (step) + { +#ifdef DOSTORESTATE0 + case 0: + sha1recompress_fast_0(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE1 + case 1: + sha1recompress_fast_1(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE2 + case 2: + sha1recompress_fast_2(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE3 + case 3: + sha1recompress_fast_3(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE4 + case 4: + sha1recompress_fast_4(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE5 + case 5: + sha1recompress_fast_5(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE6 + case 6: + sha1recompress_fast_6(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE7 + case 7: + sha1recompress_fast_7(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE8 + case 8: + sha1recompress_fast_8(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE9 + case 9: + sha1recompress_fast_9(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE10 + case 10: + sha1recompress_fast_10(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE11 + case 11: + sha1recompress_fast_11(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE12 + case 12: + sha1recompress_fast_12(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE13 + case 13: + sha1recompress_fast_13(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE14 + case 14: + sha1recompress_fast_14(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE15 + case 15: + sha1recompress_fast_15(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE16 + case 16: + sha1recompress_fast_16(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE17 + case 17: + sha1recompress_fast_17(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE18 + case 18: + sha1recompress_fast_18(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE19 + case 19: + sha1recompress_fast_19(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE20 + case 20: + sha1recompress_fast_20(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE21 + case 21: + sha1recompress_fast_21(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE22 + case 22: + sha1recompress_fast_22(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE23 + case 23: + sha1recompress_fast_23(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE24 + case 24: + sha1recompress_fast_24(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE25 + case 25: + sha1recompress_fast_25(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE26 + case 26: + sha1recompress_fast_26(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE27 + case 27: + sha1recompress_fast_27(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE28 + case 28: + sha1recompress_fast_28(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE29 + case 29: + sha1recompress_fast_29(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE30 + case 30: + sha1recompress_fast_30(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE31 + case 31: + sha1recompress_fast_31(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE32 + case 32: + sha1recompress_fast_32(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE33 + case 33: + sha1recompress_fast_33(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE34 + case 34: + sha1recompress_fast_34(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE35 + case 35: + sha1recompress_fast_35(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE36 + case 36: + sha1recompress_fast_36(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE37 + case 37: + sha1recompress_fast_37(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE38 + case 38: + sha1recompress_fast_38(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE39 + case 39: + sha1recompress_fast_39(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE40 + case 40: + sha1recompress_fast_40(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE41 + case 41: + sha1recompress_fast_41(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE42 + case 42: + sha1recompress_fast_42(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE43 + case 43: + sha1recompress_fast_43(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE44 + case 44: + sha1recompress_fast_44(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE45 + case 45: + sha1recompress_fast_45(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE46 + case 46: + sha1recompress_fast_46(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE47 + case 47: + sha1recompress_fast_47(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE48 + case 48: + sha1recompress_fast_48(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE49 + case 49: + sha1recompress_fast_49(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE50 + case 50: + sha1recompress_fast_50(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE51 + case 51: + sha1recompress_fast_51(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE52 + case 52: + sha1recompress_fast_52(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE53 + case 53: + sha1recompress_fast_53(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE54 + case 54: + sha1recompress_fast_54(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE55 + case 55: + sha1recompress_fast_55(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE56 + case 56: + sha1recompress_fast_56(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE57 + case 57: + sha1recompress_fast_57(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE58 + case 58: + sha1recompress_fast_58(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE59 + case 59: + sha1recompress_fast_59(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE60 + case 60: + sha1recompress_fast_60(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE61 + case 61: + sha1recompress_fast_61(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE62 + case 62: + sha1recompress_fast_62(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE63 + case 63: + sha1recompress_fast_63(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE64 + case 64: + sha1recompress_fast_64(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE65 + case 65: + sha1recompress_fast_65(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE66 + case 66: + sha1recompress_fast_66(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE67 + case 67: + sha1recompress_fast_67(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE68 + case 68: + sha1recompress_fast_68(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE69 + case 69: + sha1recompress_fast_69(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE70 + case 70: + sha1recompress_fast_70(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE71 + case 71: + sha1recompress_fast_71(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE72 + case 72: + sha1recompress_fast_72(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE73 + case 73: + sha1recompress_fast_73(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE74 + case 74: + sha1recompress_fast_74(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE75 + case 75: + sha1recompress_fast_75(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE76 + case 76: + sha1recompress_fast_76(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE77 + case 77: + sha1recompress_fast_77(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE78 + case 78: + sha1recompress_fast_78(ihvin, ihvout, me2, state); + break; +#endif +#ifdef DOSTORESTATE79 + case 79: + sha1recompress_fast_79(ihvin, ihvout, me2, state); + break; +#endif + default: + abort(); + } +} -void sha1_process(SHA1_CTX* ctx, const uint32_t block[16]) +static void sha1_process(SHA1_CTX* ctx, const uint32_t block[16]) { unsigned i, j; - uint32_t ubc_dv_mask[DVMASKSIZE]; + uint32_t ubc_dv_mask[DVMASKSIZE] = { 0xFFFFFFFF }; uint32_t ihvtmp[5]; - for (i=0; i < DVMASKSIZE; ++i) - ubc_dv_mask[i]=0; + ctx->ihv1[0] = ctx->ihv[0]; ctx->ihv1[1] = ctx->ihv[1]; ctx->ihv1[2] = ctx->ihv[2]; ctx->ihv1[3] = ctx->ihv[3]; ctx->ihv1[4] = ctx->ihv[4]; - memcpy(ctx->m1, block, 64); - sha1_message_expansion(ctx->m1); - if (ctx->detect_coll && ctx->ubc_check) - { - ubc_check(ctx->m1, ubc_dv_mask); - } - sha1_compression_states(ctx->ihv, ctx->m1, ctx->states); + + sha1_compression_states(ctx->ihv, block, ctx->m1, ctx->states); + if (ctx->detect_coll) { - for (i = 0; sha1_dvs[i].dvType != 0; ++i) + if (ctx->ubc_check) { - if ((0 == ctx->ubc_check) || (((uint32_t)(1) << sha1_dvs[i].maskb) & ubc_dv_mask[sha1_dvs[i].maski])) - { - for (j = 0; j < 80; ++j) - ctx->m2[j] = ctx->m1[j] ^ sha1_dvs[i].dm[j]; + ubc_check(ctx->m1, ubc_dv_mask); + } - /* (sha1_recompression_step[sha1_dvs[i].testt])(ctx->ihv2, ihvtmp, ctx->m2, ctx->states[sha1_dvs[i].testt]); */ - switch (sha1_dvs[i].testt) - { - case 58: - sha1recompress_fast_58(ctx->ihv2, ihvtmp, ctx->m2, ctx->states[sha1_dvs[i].testt]); - break; - case 65: - sha1recompress_fast_65(ctx->ihv2, ihvtmp, ctx->m2, ctx->states[sha1_dvs[i].testt]); - break; - default: - abort(); - } - /* to verify SHA-1 collision detection code with collisions for reduced-step SHA-1 */ - if ((0 == ((ihvtmp[0] ^ ctx->ihv[0]) | (ihvtmp[1] ^ ctx->ihv[1]) | (ihvtmp[2] ^ ctx->ihv[2]) | (ihvtmp[3] ^ ctx->ihv[3]) | (ihvtmp[4] ^ ctx->ihv[4]))) - || (ctx->reduced_round_coll && 0==((ctx->ihv1[0] ^ ctx->ihv2[0]) | (ctx->ihv1[1] ^ ctx->ihv2[1]) | (ctx->ihv1[2] ^ ctx->ihv2[2]) | (ctx->ihv1[3] ^ ctx->ihv2[3]) | (ctx->ihv1[4] ^ ctx->ihv2[4])))) + if (ubc_dv_mask[0] != 0) + { + for (i = 0; sha1_dvs[i].dvType != 0; ++i) + { + if (ubc_dv_mask[0] & ((uint32_t)(1) << sha1_dvs[i].maskb)) { - ctx->found_collision = 1; + for (j = 0; j < 80; ++j) + ctx->m2[j] = ctx->m1[j] ^ sha1_dvs[i].dm[j]; - if (ctx->callback != NULL) - ctx->callback(ctx->total - 64, ctx->ihv1, ctx->ihv2, ctx->m1, ctx->m2); + sha1_recompression_step(sha1_dvs[i].testt, ctx->ihv2, ihvtmp, ctx->m2, ctx->states[sha1_dvs[i].testt]); - if (ctx->safe_hash) + /* to verify SHA-1 collision detection code with collisions for reduced-step SHA-1 */ + if ((0 == ((ihvtmp[0] ^ ctx->ihv[0]) | (ihvtmp[1] ^ ctx->ihv[1]) | (ihvtmp[2] ^ ctx->ihv[2]) | (ihvtmp[3] ^ ctx->ihv[3]) | (ihvtmp[4] ^ ctx->ihv[4]))) + || (ctx->reduced_round_coll && 0==((ctx->ihv1[0] ^ ctx->ihv2[0]) | (ctx->ihv1[1] ^ ctx->ihv2[1]) | (ctx->ihv1[2] ^ ctx->ihv2[2]) | (ctx->ihv1[3] ^ ctx->ihv2[3]) | (ctx->ihv1[4] ^ ctx->ihv2[4])))) { - sha1_compression_W(ctx->ihv, ctx->m1); - sha1_compression_W(ctx->ihv, ctx->m1); - } + ctx->found_collision = 1; + + if (ctx->safe_hash) + { + sha1_compression_W(ctx->ihv, ctx->m1); + sha1_compression_W(ctx->ihv, ctx->m1); + } - break; + break; + } } } } } } - - - - -void swap_bytes(uint32_t val[16]) -{ - unsigned i; - for (i = 0; i < 16; ++i) - { - val[i] = ((val[i] << 8) & 0xFF00FF00) | ((val[i] >> 8) & 0xFF00FF); - val[i] = (val[i] << 16) | (val[i] >> 16); - } -} - void SHA1DCInit(SHA1_CTX* ctx) { - static const union { unsigned char bytes[4]; uint32_t value; } endianness = { { 0, 1, 2, 3 } }; - static const uint32_t littleendian = 0x03020100; ctx->total = 0; ctx->ihv[0] = 0x67452301; ctx->ihv[1] = 0xEFCDAB89; @@ -1033,7 +1669,6 @@ void SHA1DCInit(SHA1_CTX* ctx) ctx->ubc_check = 1; ctx->detect_coll = 1; ctx->reduced_round_coll = 0; - ctx->bigendian = (endianness.value != littleendian); ctx->callback = NULL; } @@ -1088,8 +1723,6 @@ void SHA1DCUpdate(SHA1_CTX* ctx, const char* buf, size_t len) { ctx->total += fill; memcpy(ctx->buffer + left, buf, fill); - if (!ctx->bigendian) - swap_bytes((uint32_t*)(ctx->buffer)); sha1_process(ctx, (uint32_t*)(ctx->buffer)); buf += fill; len -= fill; @@ -1098,14 +1731,7 @@ void SHA1DCUpdate(SHA1_CTX* ctx, const char* buf, size_t len) while (len >= 64) { ctx->total += 64; - if (!ctx->bigendian) - { - memcpy(ctx->buffer, buf, 64); - swap_bytes((uint32_t*)(ctx->buffer)); - sha1_process(ctx, (uint32_t*)(ctx->buffer)); - } - else - sha1_process(ctx, (uint32_t*)(buf)); + sha1_process(ctx, (uint32_t*)(buf)); buf += 64; len -= 64; } @@ -1141,8 +1767,6 @@ int SHA1DCFinal(unsigned char output[20], SHA1_CTX *ctx) ctx->buffer[61] = (unsigned char)(total >> 16); ctx->buffer[62] = (unsigned char)(total >> 8); ctx->buffer[63] = (unsigned char)(total); - if (!ctx->bigendian) - swap_bytes((uint32_t*)(ctx->buffer)); sha1_process(ctx, (uint32_t*)(ctx->buffer)); output[0] = (unsigned char)(ctx->ihv[0] >> 24); output[1] = (unsigned char)(ctx->ihv[0] >> 16); @@ -5,6 +5,10 @@ * https://opensource.org/licenses/MIT ***/ +#if defined(__cplusplus) +extern "C" { +#endif + #include <stdint.h> /* uses SHA-1 message expansion to expand the first 16 words of W[] to 80 words */ @@ -16,7 +20,7 @@ void sha1_compression_W(uint32_t ihv[5], const uint32_t W[80]); */ /* same as sha1_compression_W, but additionally store intermediate states */ /* only stores states ii (the state between step ii-1 and step ii) when DOSTORESTATEii is defined in ubc_check.h */ -/* void sha1_compression_states(uint32_t ihv[5], const uint32_t W[80], uint32_t states[80][5]); */ +void sha1_compression_states(uint32_t[5], const uint32_t[16], uint32_t[80], uint32_t[80][5]); /* // function type for sha1_recompression_step_T (uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5]) @@ -41,7 +45,6 @@ typedef struct { uint64_t total; uint32_t ihv[5]; unsigned char buffer[64]; - int bigendian; int found_collision; int safe_hash; int detect_coll; @@ -80,7 +83,7 @@ void SHA1DCSetUseUBC(SHA1_CTX*, int); /* function to disable or enable the use of Collision Detection */ /* enabled by default */ -void SHA1DCSetUseDetectColl(SHA1_CTX* ctx, int detect_coll); +void SHA1DCSetUseDetectColl(SHA1_CTX*, int); /* function to disable or enable the detection of reduced-round SHA-1 collisions */ /* disabled by default */ @@ -95,4 +98,8 @@ void SHA1DCUpdate(SHA1_CTX*, const char*, size_t); /* obtain SHA-1 hash from SHA-1 context */ /* returns: 0 = no collision detected, otherwise = collision found => warn user for active attack */ -int SHA1DCFinal(unsigned char[20], SHA1_CTX*); +int SHA1DCFinal(unsigned char[20], SHA1_CTX*); + +#if defined(__cplusplus) +} +#endif diff --git a/lib/ubc_check.h b/lib/ubc_check.h index 88961b9..b349bed 100644 --- a/lib/ubc_check.h +++ b/lib/ubc_check.h @@ -23,6 +23,10 @@ #ifndef UBC_CHECK_H #define UBC_CHECK_H +#if defined(__cplusplus) +extern "C" { +#endif + #include <stdint.h> #define DVMASKSIZE 1 @@ -33,5 +37,10 @@ void ubc_check(const uint32_t W[80], uint32_t dvmask[DVMASKSIZE]); #define DOSTORESTATE58 #define DOSTORESTATE65 +#define CHECK_DVMASK(_DVMASK) (0 != _DVMASK[0]) + +#if defined(__cplusplus) +} +#endif #endif /* UBC_CHECK_H */ @@ -19,7 +19,7 @@ int main(int argc, char** argv) char buffer[65536]; size_t size; SHA1_CTX ctx2; - int i,j; + int i,j,foundcollision; if (argc < 2) { @@ -62,14 +62,14 @@ int main(int argc, char** argv) return 1; } - SHA1DCFinal(hash2,&ctx2); + foundcollision = SHA1DCFinal(hash2,&ctx2); for (j = 0; j < 20; ++j) { sprintf(buffer+(j*2), "%02x", hash2[j]); } buffer[20*2] = 0; - if (ctx2.found_collision) + if (foundcollision) { printf("%s *coll* %s\n", buffer, argv[i]); } |