1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
// SPDX-License-Identifier: GPL-2.0-only
/*
* SHA-1 message digest algorithm
*
* Copyright 2025 Google LLC
*/
#include <linux/bitops.h>
#include <linux/kernel.h>
#include <linux/unaligned.h>
#include <string.h>
#include "sha1.h"
#define SHA1_BLOCK_SIZE 64
static const u32 sha1_K[4] = { 0x5A827999, 0x6ED9EBA1, 0x8F1BBCDC, 0xCA62C1D6 };
#define SHA1_ROUND(i, a, b, c, d, e) \
do { \
if ((i) >= 16) \
w[i] = rol32(w[(i) - 16] ^ w[(i) - 14] ^ w[(i) - 8] ^ \
w[(i) - 3], \
1); \
e += w[i] + rol32(a, 5) + sha1_K[(i) / 20]; \
if ((i) < 20) \
e += (b & (c ^ d)) ^ d; \
else if ((i) < 40 || (i) >= 60) \
e += b ^ c ^ d; \
else \
e += (c & d) ^ (b & (c ^ d)); \
b = rol32(b, 30); \
/* The new (a, b, c, d, e) is the old (e, a, b, c, d). */ \
} while (0)
#define SHA1_5ROUNDS(i) \
do { \
SHA1_ROUND((i) + 0, a, b, c, d, e); \
SHA1_ROUND((i) + 1, e, a, b, c, d); \
SHA1_ROUND((i) + 2, d, e, a, b, c); \
SHA1_ROUND((i) + 3, c, d, e, a, b); \
SHA1_ROUND((i) + 4, b, c, d, e, a); \
} while (0)
#define SHA1_20ROUNDS(i) \
do { \
SHA1_5ROUNDS((i) + 0); \
SHA1_5ROUNDS((i) + 5); \
SHA1_5ROUNDS((i) + 10); \
SHA1_5ROUNDS((i) + 15); \
} while (0)
static void sha1_blocks(u32 h[5], const u8 *data, size_t nblocks)
{
while (nblocks--) {
u32 a = h[0];
u32 b = h[1];
u32 c = h[2];
u32 d = h[3];
u32 e = h[4];
u32 w[80];
for (int i = 0; i < 16; i++)
w[i] = get_unaligned_be32(&data[i * 4]);
SHA1_20ROUNDS(0);
SHA1_20ROUNDS(20);
SHA1_20ROUNDS(40);
SHA1_20ROUNDS(60);
h[0] += a;
h[1] += b;
h[2] += c;
h[3] += d;
h[4] += e;
data += SHA1_BLOCK_SIZE;
}
}
/* Calculate the SHA-1 message digest of the given data. */
void sha1(const void *data, size_t len, u8 out[SHA1_DIGEST_SIZE])
{
u32 h[5] = { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476,
0xC3D2E1F0 };
u8 final_data[2 * SHA1_BLOCK_SIZE] = { 0 };
size_t final_len = len % SHA1_BLOCK_SIZE;
sha1_blocks(h, data, len / SHA1_BLOCK_SIZE);
memcpy(final_data, data + len - final_len, final_len);
final_data[final_len] = 0x80;
final_len = round_up(final_len + 9, SHA1_BLOCK_SIZE);
put_unaligned_be64((u64)len * 8, &final_data[final_len - 8]);
sha1_blocks(h, final_data, final_len / SHA1_BLOCK_SIZE);
for (int i = 0; i < 5; i++)
put_unaligned_be32(h[i], &out[i * 4]);
}
|
