diff options
Diffstat (limited to 'crypto/sha1.h')
| -rw-r--r-- | crypto/sha1.h | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/crypto/sha1.h b/crypto/sha1.h new file mode 100644 index 00000000..2cdba0d4 --- /dev/null +++ b/crypto/sha1.h @@ -0,0 +1,109 @@ +/* + * Definitions likely to be helpful to multiple SHA-1 implementations. + */ + +/* + * The 'extra' structure used by SHA-1 implementations is used to + * include information about how to check if a given implementation is + * available at run time, and whether we've already checked. + */ +struct sha1_extra_mutable; +struct sha1_extra { + /* Function to check availability. Might be expensive, so we don't + * want to call it more than once. */ + bool (*check_available)(void); + + /* Point to a writable substructure. */ + struct sha1_extra_mutable *mut; +}; +struct sha1_extra_mutable { + bool checked_availability; + bool is_available; +}; +static inline bool check_availability(const struct sha1_extra *extra) +{ + if (!extra->mut->checked_availability) { + extra->mut->is_available = extra->check_available(); + extra->mut->checked_availability = true; + } + + return extra->mut->is_available; +} + +/* + * Macro to define a SHA-1 vtable together with its 'extra' + * structure. + */ +#define SHA1_VTABLE(impl_c, impl_display) \ + static struct sha1_extra_mutable sha1_ ## impl_c ## _extra_mut; \ + static const struct sha1_extra sha1_ ## impl_c ## _extra = { \ + .check_available = sha1_ ## impl_c ## _available, \ + .mut = &sha1_ ## impl_c ## _extra_mut, \ + }; \ + const ssh_hashalg ssh_sha1_ ## impl_c = { \ + .new = sha1_ ## impl_c ## _new, \ + .reset = sha1_ ## impl_c ## _reset, \ + .copyfrom = sha1_ ## impl_c ## _copyfrom, \ + .digest = sha1_ ## impl_c ## _digest, \ + .free = sha1_ ## impl_c ## _free, \ + .hlen = 20, \ + .blocklen = 64, \ + HASHALG_NAMES_ANNOTATED("SHA-1", impl_display), \ + .extra = &sha1_ ## impl_c ## _extra, \ + } + +extern const uint32_t sha1_initial_state[5]; + +#define SHA1_ROUNDS_PER_STAGE 20 +#define SHA1_STAGE0_CONSTANT 0x5a827999 +#define SHA1_STAGE1_CONSTANT 0x6ed9eba1 +#define SHA1_STAGE2_CONSTANT 0x8f1bbcdc +#define SHA1_STAGE3_CONSTANT 0xca62c1d6 +#define SHA1_ROUNDS (4 * SHA1_ROUNDS_PER_STAGE) + +typedef struct sha1_block sha1_block; +struct sha1_block { + uint8_t block[64]; + size_t used; + uint64_t len; +}; + +static inline void sha1_block_setup(sha1_block *blk) +{ + blk->used = 0; + blk->len = 0; +} + +static inline bool sha1_block_write( + sha1_block *blk, const void **vdata, size_t *len) +{ + size_t blkleft = sizeof(blk->block) - blk->used; + size_t chunk = *len < blkleft ? *len : blkleft; + + const uint8_t *p = *vdata; + memcpy(blk->block + blk->used, p, chunk); + *vdata = p + chunk; + *len -= chunk; + blk->used += chunk; + blk->len += chunk; + + if (blk->used == sizeof(blk->block)) { + blk->used = 0; + return true; + } + + return false; +} + +static inline void sha1_block_pad(sha1_block *blk, BinarySink *bs) +{ + uint64_t final_len = blk->len << 3; + size_t pad = 1 + (63 & (55 - blk->used)); + + put_byte(bs, 0x80); + for (size_t i = 1; i < pad; i++) + put_byte(bs, 0); + put_uint64(bs, final_len); + + assert(blk->used == 0 && "Should have exactly hit a block boundary"); +} |