Gitiles
Code Review Sign In
192.168.1.100 / T108 / 53e86564e32edf239ae53d8aabda4ddc91e81dd3 / . / scripts / mkhash.c
blob: a28d5fd5372ff396d7c289e64a8a36345b1a05d0 [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame]1/*
2 * Copyright (C) 2016 Felix Fietkau <nbd@nbd.name>
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 *
16 * -- MD5 code:
17 *
18 * This is an OpenSSL-compatible implementation of the RSA Data Security, Inc.
19 * MD5 Message-Digest Algorithm (RFC 1321).
20 *
21 * Homepage:
22 * http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5
23 *
24 * Author:
25 * Alexander Peslyak, better known as Solar Designer <solar at openwall.com>
26 *
27 * This software was written by Alexander Peslyak in 2001. No copyright is
28 * claimed, and the software is hereby placed in the public domain.
29 * In case this attempt to disclaim copyright and place the software in the
30 * public domain is deemed null and void, then the software is
31 * Copyright (c) 2001 Alexander Peslyak and it is hereby released to the
32 * general public under the following terms:
33 *
34 * Redistribution and use in source and binary forms, with or without
35 * modification, are permitted.
36 *
37 * There's ABSOLUTELY NO WARRANTY, express or implied.
38 *
39 * (This is a heavily cut-down "BSD license".)
40 *
41 * This differs from Colin Plumb's older public domain implementation in that
42 * no exactly 32-bit integer data type is required (any 32-bit or wider
43 * unsigned integer data type will do), there's no compile-time endianness
44 * configuration, and the function prototypes match OpenSSL's. No code from
45 * Colin Plumb's implementation has been reused; this comment merely compares
46 * the properties of the two independent implementations.
47 *
48 * The primary goals of this implementation are portability and ease of use.
49 * It is meant to be fast, but not as fast as possible. Some known
50 * optimizations are not included to reduce source code size and avoid
51 * compile-time configuration.
52 *
53 * -- SHA256 Code:
54 *
55 * Copyright 2005 Colin Percival
56 * All rights reserved.
57 *
58 * Redistribution and use in source and binary forms, with or without
59 * modification, are permitted provided that the following conditions
60 * are met:
61 * 1. Redistributions of source code must retain the above copyright
62 * notice, this list of conditions and the following disclaimer.
63 * 2. Redistributions in binary form must reproduce the above copyright
64 * notice, this list of conditions and the following disclaimer in the
65 * documentation and/or other materials provided with the distribution.
66 *
67 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
68 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
69 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
70 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
71 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
72 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
73 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
74 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
75 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
76 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
77 * SUCH DAMAGE.
78 */
79
80
81
82#ifndef __FreeBSD__
83#include <endian.h>
84#else
85#include <sys/endian.h>
86#endif
87
88#include <stdio.h>
89#include <string.h>
90#include <stdint.h>
91#include <stdbool.h>
92#include <unistd.h>
93#include <sys/stat.h>
94
95#define ARRAY_SIZE(_n) (sizeof(_n) / sizeof((_n)[0]))
96
97#ifndef __FreeBSD__
98static void
99be32enc(void *buf, uint32_t u)
100{
101 uint8_t *p = buf;
102
103 p[0] = ((uint8_t) ((u >> 24) & 0xff));
104 p[1] = ((uint8_t) ((u >> 16) & 0xff));
105 p[2] = ((uint8_t) ((u >> 8) & 0xff));
106 p[3] = ((uint8_t) (u & 0xff));
107}
108
109static void
110be64enc(void *buf, uint64_t u)
111{
112 uint8_t *p = buf;
113
114 be32enc(p, ((uint32_t) (u >> 32)));
115 be32enc(p + 4, ((uint32_t) (u & 0xffffffffULL)));
116}
117
118
119static uint16_t
120be16dec(const void *buf)
121{
122 const uint8_t *p = buf;
123
124 return (((uint16_t) p[0]) << 8) | p[1];
125}
126
127static uint32_t
128be32dec(const void *buf)
129{
130 const uint8_t *p = buf;
131
132 return (((uint32_t) be16dec(p)) << 16) | be16dec(p + 2);
133}
134#endif
135
136#define MD5_DIGEST_LENGTH 16
137
138typedef struct MD5_CTX {
139 uint32_t lo, hi;
140 uint32_t a, b, c, d;
141 unsigned char buffer[64];
142} MD5_CTX;
143
144/*
145 * The basic MD5 functions.
146 *
147 * F and G are optimized compared to their RFC 1321 definitions for
148 * architectures that lack an AND-NOT instruction, just like in Colin Plumb's
149 * implementation.
150 */
151#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
152#define G(x, y, z) ((y) ^ ((z) & ((x) ^ (y))))
153#define H(x, y, z) (((x) ^ (y)) ^ (z))
154#define H2(x, y, z) ((x) ^ ((y) ^ (z)))
155#define I(x, y, z) ((y) ^ ((x) | ~(z)))
156
157/*
158 * The MD5 transformation for all four rounds.
159 */
160#define STEP(f, a, b, c, d, x, t, s) \
161 (a) += f((b), (c), (d)) + (x) + (t); \
162 (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
163 (a) += (b);
164
165/*
166 * SET reads 4 input bytes in little-endian byte order and stores them
167 * in a properly aligned word in host byte order.
168 */
169#if __BYTE_ORDER == __LITTLE_ENDIAN
170#define SET(n) \
171 (*(uint32_t *)&ptr[(n) * 4])
172#define GET(n) \
173 SET(n)
174#else
175#define SET(n) \
176 (block[(n)] = \
177 (uint32_t)ptr[(n) * 4] | \
178 ((uint32_t)ptr[(n) * 4 + 1] << 8) | \
179 ((uint32_t)ptr[(n) * 4 + 2] << 16) | \
180 ((uint32_t)ptr[(n) * 4 + 3] << 24))
181#define GET(n) \
182 (block[(n)])
183#endif
184
185/*
186 * This processes one or more 64-byte data blocks, but does NOT update
187 * the bit counters. There are no alignment requirements.
188 */
189static const void *MD5_body(MD5_CTX *ctx, const void *data, unsigned long size)
190{
191 const unsigned char *ptr;
192 uint32_t a, b, c, d;
193 uint32_t saved_a, saved_b, saved_c, saved_d;
194#if __BYTE_ORDER != __LITTLE_ENDIAN
195 uint32_t block[16];
196#endif
197
198 ptr = (const unsigned char *)data;
199
200 a = ctx->a;
201 b = ctx->b;
202 c = ctx->c;
203 d = ctx->d;
204
205 do {
206 saved_a = a;
207 saved_b = b;
208 saved_c = c;
209 saved_d = d;
210
211/* Round 1 */
212 STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7)
213 STEP(F, d, a, b, c, SET(1), 0xe8c7b756, 12)
214 STEP(F, c, d, a, b, SET(2), 0x242070db, 17)
215 STEP(F, b, c, d, a, SET(3), 0xc1bdceee, 22)
216 STEP(F, a, b, c, d, SET(4), 0xf57c0faf, 7)
217 STEP(F, d, a, b, c, SET(5), 0x4787c62a, 12)
218 STEP(F, c, d, a, b, SET(6), 0xa8304613, 17)
219 STEP(F, b, c, d, a, SET(7), 0xfd469501, 22)
220 STEP(F, a, b, c, d, SET(8), 0x698098d8, 7)
221 STEP(F, d, a, b, c, SET(9), 0x8b44f7af, 12)
222 STEP(F, c, d, a, b, SET(10), 0xffff5bb1, 17)
223 STEP(F, b, c, d, a, SET(11), 0x895cd7be, 22)
224 STEP(F, a, b, c, d, SET(12), 0x6b901122, 7)
225 STEP(F, d, a, b, c, SET(13), 0xfd987193, 12)
226 STEP(F, c, d, a, b, SET(14), 0xa679438e, 17)
227 STEP(F, b, c, d, a, SET(15), 0x49b40821, 22)
228
229/* Round 2 */
230 STEP(G, a, b, c, d, GET(1), 0xf61e2562, 5)
231 STEP(G, d, a, b, c, GET(6), 0xc040b340, 9)
232 STEP(G, c, d, a, b, GET(11), 0x265e5a51, 14)
233 STEP(G, b, c, d, a, GET(0), 0xe9b6c7aa, 20)
234 STEP(G, a, b, c, d, GET(5), 0xd62f105d, 5)
235 STEP(G, d, a, b, c, GET(10), 0x02441453, 9)
236 STEP(G, c, d, a, b, GET(15), 0xd8a1e681, 14)
237 STEP(G, b, c, d, a, GET(4), 0xe7d3fbc8, 20)
238 STEP(G, a, b, c, d, GET(9), 0x21e1cde6, 5)
239 STEP(G, d, a, b, c, GET(14), 0xc33707d6, 9)
240 STEP(G, c, d, a, b, GET(3), 0xf4d50d87, 14)
241 STEP(G, b, c, d, a, GET(8), 0x455a14ed, 20)
242 STEP(G, a, b, c, d, GET(13), 0xa9e3e905, 5)
243 STEP(G, d, a, b, c, GET(2), 0xfcefa3f8, 9)
244 STEP(G, c, d, a, b, GET(7), 0x676f02d9, 14)
245 STEP(G, b, c, d, a, GET(12), 0x8d2a4c8a, 20)
246
247/* Round 3 */
248 STEP(H, a, b, c, d, GET(5), 0xfffa3942, 4)
249 STEP(H2, d, a, b, c, GET(8), 0x8771f681, 11)
250 STEP(H, c, d, a, b, GET(11), 0x6d9d6122, 16)
251 STEP(H2, b, c, d, a, GET(14), 0xfde5380c, 23)
252 STEP(H, a, b, c, d, GET(1), 0xa4beea44, 4)
253 STEP(H2, d, a, b, c, GET(4), 0x4bdecfa9, 11)
254 STEP(H, c, d, a, b, GET(7), 0xf6bb4b60, 16)
255 STEP(H2, b, c, d, a, GET(10), 0xbebfbc70, 23)
256 STEP(H, a, b, c, d, GET(13), 0x289b7ec6, 4)
257 STEP(H2, d, a, b, c, GET(0), 0xeaa127fa, 11)
258 STEP(H, c, d, a, b, GET(3), 0xd4ef3085, 16)
259 STEP(H2, b, c, d, a, GET(6), 0x04881d05, 23)
260 STEP(H, a, b, c, d, GET(9), 0xd9d4d039, 4)
261 STEP(H2, d, a, b, c, GET(12), 0xe6db99e5, 11)
262 STEP(H, c, d, a, b, GET(15), 0x1fa27cf8, 16)
263 STEP(H2, b, c, d, a, GET(2), 0xc4ac5665, 23)
264
265/* Round 4 */
266 STEP(I, a, b, c, d, GET(0), 0xf4292244, 6)
267 STEP(I, d, a, b, c, GET(7), 0x432aff97, 10)
268 STEP(I, c, d, a, b, GET(14), 0xab9423a7, 15)
269 STEP(I, b, c, d, a, GET(5), 0xfc93a039, 21)
270 STEP(I, a, b, c, d, GET(12), 0x655b59c3, 6)
271 STEP(I, d, a, b, c, GET(3), 0x8f0ccc92, 10)
272 STEP(I, c, d, a, b, GET(10), 0xffeff47d, 15)
273 STEP(I, b, c, d, a, GET(1), 0x85845dd1, 21)
274 STEP(I, a, b, c, d, GET(8), 0x6fa87e4f, 6)
275 STEP(I, d, a, b, c, GET(15), 0xfe2ce6e0, 10)
276 STEP(I, c, d, a, b, GET(6), 0xa3014314, 15)
277 STEP(I, b, c, d, a, GET(13), 0x4e0811a1, 21)
278 STEP(I, a, b, c, d, GET(4), 0xf7537e82, 6)
279 STEP(I, d, a, b, c, GET(11), 0xbd3af235, 10)
280 STEP(I, c, d, a, b, GET(2), 0x2ad7d2bb, 15)
281 STEP(I, b, c, d, a, GET(9), 0xeb86d391, 21)
282
283 a += saved_a;
284 b += saved_b;
285 c += saved_c;
286 d += saved_d;
287
288 ptr += 64;
289 } while (size -= 64);
290
291 ctx->a = a;
292 ctx->b = b;
293 ctx->c = c;
294 ctx->d = d;
295
296 return ptr;
297}
298
299void MD5_begin(MD5_CTX *ctx)
300{
301 ctx->a = 0x67452301;
302 ctx->b = 0xefcdab89;
303 ctx->c = 0x98badcfe;
304 ctx->d = 0x10325476;
305
306 ctx->lo = 0;
307 ctx->hi = 0;
308}
309
310static void
311MD5_hash(const void *data, size_t size, MD5_CTX *ctx)
312{
313 uint32_t saved_lo;
314 unsigned long used, available;
315
316 saved_lo = ctx->lo;
317 if ((ctx->lo = (saved_lo + size) & 0x1fffffff) < saved_lo)
318 ctx->hi++;
319 ctx->hi += size >> 29;
320
321 used = saved_lo & 0x3f;
322
323 if (used) {
324 available = 64 - used;
325
326 if (size < available) {
327 memcpy(&ctx->buffer[used], data, size);
328 return;
329 }
330
331 memcpy(&ctx->buffer[used], data, available);
332 data = (const unsigned char *)data + available;
333 size -= available;
334 MD5_body(ctx, ctx->buffer, 64);
335 }
336
337 if (size >= 64) {
338 data = MD5_body(ctx, data, size & ~((size_t) 0x3f));
339 size &= 0x3f;
340 }
341
342 memcpy(ctx->buffer, data, size);
343}
344
345static void
346MD5_end(void *resbuf, MD5_CTX *ctx)
347{
348 unsigned char *result = resbuf;
349 unsigned long used, available;
350
351 used = ctx->lo & 0x3f;
352
353 ctx->buffer[used++] = 0x80;
354
355 available = 64 - used;
356
357 if (available < 8) {
358 memset(&ctx->buffer[used], 0, available);
359 MD5_body(ctx, ctx->buffer, 64);
360 used = 0;
361 available = 64;
362 }
363
364 memset(&ctx->buffer[used], 0, available - 8);
365
366 ctx->lo <<= 3;
367 ctx->buffer[56] = ctx->lo;
368 ctx->buffer[57] = ctx->lo >> 8;
369 ctx->buffer[58] = ctx->lo >> 16;
370 ctx->buffer[59] = ctx->lo >> 24;
371 ctx->buffer[60] = ctx->hi;
372 ctx->buffer[61] = ctx->hi >> 8;
373 ctx->buffer[62] = ctx->hi >> 16;
374 ctx->buffer[63] = ctx->hi >> 24;
375
376 MD5_body(ctx, ctx->buffer, 64);
377
378 result[0] = ctx->a;
379 result[1] = ctx->a >> 8;
380 result[2] = ctx->a >> 16;
381 result[3] = ctx->a >> 24;
382 result[4] = ctx->b;
383 result[5] = ctx->b >> 8;
384 result[6] = ctx->b >> 16;
385 result[7] = ctx->b >> 24;
386 result[8] = ctx->c;
387 result[9] = ctx->c >> 8;
388 result[10] = ctx->c >> 16;
389 result[11] = ctx->c >> 24;
390 result[12] = ctx->d;
391 result[13] = ctx->d >> 8;
392 result[14] = ctx->d >> 16;
393 result[15] = ctx->d >> 24;
394
395 memset(ctx, 0, sizeof(*ctx));
396}
397
398#define SHA256_BLOCK_LENGTH 64
399#define SHA256_DIGEST_LENGTH 32
400#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1)
401
402typedef struct SHA256Context {
403 uint32_t state[8];
404 uint64_t count;
405 uint8_t buf[SHA256_BLOCK_LENGTH];
406} SHA256_CTX;
407
408#if BYTE_ORDER == BIG_ENDIAN
409
410/* Copy a vector of big-endian uint32_t into a vector of bytes */
411#define be32enc_vect(dst, src, len) \
412 memcpy((void *)dst, (const void *)src, (size_t)len)
413
414/* Copy a vector of bytes into a vector of big-endian uint32_t */
415#define be32dec_vect(dst, src, len) \
416 memcpy((void *)dst, (const void *)src, (size_t)len)
417
418#else /* BYTE_ORDER != BIG_ENDIAN */
419
420/*
421 * Encode a length len/4 vector of (uint32_t) into a length len vector of
422 * (unsigned char) in big-endian form. Assumes len is a multiple of 4.
423 */
424static void
425be32enc_vect(unsigned char *dst, const uint32_t *src, size_t len)
426{
427 size_t i;
428
429 for (i = 0; i < len / 4; i++)
430 be32enc(dst + i * 4, src[i]);
431}
432
433/*
434 * Decode a big-endian length len vector of (unsigned char) into a length
435 * len/4 vector of (uint32_t). Assumes len is a multiple of 4.
436 */
437static void
438be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len)
439{
440 size_t i;
441
442 for (i = 0; i < len / 4; i++)
443 dst[i] = be32dec(src + i * 4);
444}
445
446#endif /* BYTE_ORDER != BIG_ENDIAN */
447
448
449/* Elementary functions used by SHA256 */
450#define Ch(x, y, z) ((x & (y ^ z)) ^ z)
451#define Maj(x, y, z) ((x & (y | z)) | (y & z))
452#define ROTR(x, n) ((x >> n) | (x << (32 - n)))
453
454/*
455 * SHA256 block compression function. The 256-bit state is transformed via
456 * the 512-bit input block to produce a new state.
457 */
458static void
459SHA256_Transform(uint32_t * state, const unsigned char block[64])
460{
461 /* SHA256 round constants. */
462 static const uint32_t K[64] = {
463 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
464 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
465 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
466 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
467 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
468 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
469 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
470 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
471 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
472 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
473 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
474 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
475 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
476 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
477 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
478 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
479 };
480 uint32_t W[64];
481 uint32_t S[8];
482 int i;
483
484#define S0(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22))
485#define S1(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
486#define s0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ (x >> 3))
487#define s1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ (x >> 10))
488
489/* SHA256 round function */
490#define RND(a, b, c, d, e, f, g, h, k) \
491 h += S1(e) + Ch(e, f, g) + k; \
492 d += h; \
493 h += S0(a) + Maj(a, b, c);
494
495/* Adjusted round function for rotating state */
496#define RNDr(S, W, i, ii) \
497 RND(S[(64 - i) % 8], S[(65 - i) % 8], \
498 S[(66 - i) % 8], S[(67 - i) % 8], \
499 S[(68 - i) % 8], S[(69 - i) % 8], \
500 S[(70 - i) % 8], S[(71 - i) % 8], \
501 W[i + ii] + K[i + ii])
502
503/* Message schedule computation */
504#define MSCH(W, ii, i) \
505 W[i + ii + 16] = s1(W[i + ii + 14]) + W[i + ii + 9] + s0(W[i + ii + 1]) + W[i + ii]
506
507 /* 1. Prepare the first part of the message schedule W. */
508 be32dec_vect(W, block, 64);
509
510 /* 2. Initialize working variables. */
511 memcpy(S, state, 32);
512
513 /* 3. Mix. */
514 for (i = 0; i < 64; i += 16) {
515 RNDr(S, W, 0, i);
516 RNDr(S, W, 1, i);
517 RNDr(S, W, 2, i);
518 RNDr(S, W, 3, i);
519 RNDr(S, W, 4, i);
520 RNDr(S, W, 5, i);
521 RNDr(S, W, 6, i);
522 RNDr(S, W, 7, i);
523 RNDr(S, W, 8, i);
524 RNDr(S, W, 9, i);
525 RNDr(S, W, 10, i);
526 RNDr(S, W, 11, i);
527 RNDr(S, W, 12, i);
528 RNDr(S, W, 13, i);
529 RNDr(S, W, 14, i);
530 RNDr(S, W, 15, i);
531
532 if (i == 48)
533 break;
534 MSCH(W, 0, i);
535 MSCH(W, 1, i);
536 MSCH(W, 2, i);
537 MSCH(W, 3, i);
538 MSCH(W, 4, i);
539 MSCH(W, 5, i);
540 MSCH(W, 6, i);
541 MSCH(W, 7, i);
542 MSCH(W, 8, i);
543 MSCH(W, 9, i);
544 MSCH(W, 10, i);
545 MSCH(W, 11, i);
546 MSCH(W, 12, i);
547 MSCH(W, 13, i);
548 MSCH(W, 14, i);
549 MSCH(W, 15, i);
550 }
551
552#undef S0
553#undef s0
554#undef S1
555#undef s1
556#undef RND
557#undef RNDr
558#undef MSCH
559
560 /* 4. Mix local working variables into global state */
561 for (i = 0; i < 8; i++)
562 state[i] += S[i];
563}
564
565static unsigned char PAD[64] = {
566 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
567 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
568 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
569 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
570};
571
572/* Add padding and terminating bit-count. */
573static void
574SHA256_Pad(SHA256_CTX * ctx)
575{
576 size_t r;
577
578 /* Figure out how many bytes we have buffered. */
579 r = (ctx->count >> 3) & 0x3f;
580
581 /* Pad to 56 mod 64, transforming if we finish a block en route. */
582 if (r < 56) {
583 /* Pad to 56 mod 64. */
584 memcpy(&ctx->buf[r], PAD, 56 - r);
585 } else {
586 /* Finish the current block and mix. */
587 memcpy(&ctx->buf[r], PAD, 64 - r);
588 SHA256_Transform(ctx->state, ctx->buf);
589
590 /* The start of the final block is all zeroes. */
591 memset(&ctx->buf[0], 0, 56);
592 }
593
594 /* Add the terminating bit-count. */
595 be64enc(&ctx->buf[56], ctx->count);
596
597 /* Mix in the final block. */
598 SHA256_Transform(ctx->state, ctx->buf);
599}
600
601/* SHA-256 initialization. Begins a SHA-256 operation. */
602static void
603SHA256_Init(SHA256_CTX * ctx)
604{
605
606 /* Zero bits processed so far */
607 ctx->count = 0;
608
609 /* Magic initialization constants */
610 ctx->state[0] = 0x6A09E667;
611 ctx->state[1] = 0xBB67AE85;
612 ctx->state[2] = 0x3C6EF372;
613 ctx->state[3] = 0xA54FF53A;
614 ctx->state[4] = 0x510E527F;
615 ctx->state[5] = 0x9B05688C;
616 ctx->state[6] = 0x1F83D9AB;
617 ctx->state[7] = 0x5BE0CD19;
618}
619
620/* Add bytes into the hash */
621static void
622SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len)
623{
624 uint64_t bitlen;
625 uint32_t r;
626 const unsigned char *src = in;
627
628 /* Number of bytes left in the buffer from previous updates */
629 r = (ctx->count >> 3) & 0x3f;
630
631 /* Convert the length into a number of bits */
632 bitlen = len << 3;
633
634 /* Update number of bits */
635 ctx->count += bitlen;
636
637 /* Handle the case where we don't need to perform any transforms */
638 if (len < 64 - r) {
639 memcpy(&ctx->buf[r], src, len);
640 return;
641 }
642
643 /* Finish the current block */
644 memcpy(&ctx->buf[r], src, 64 - r);
645 SHA256_Transform(ctx->state, ctx->buf);
646 src += 64 - r;
647 len -= 64 - r;
648
649 /* Perform complete blocks */
650 while (len >= 64) {
651 SHA256_Transform(ctx->state, src);
652 src += 64;
653 len -= 64;
654 }
655
656 /* Copy left over data into buffer */
657 memcpy(ctx->buf, src, len);
658}
659
660/*
661 * SHA-256 finalization. Pads the input data, exports the hash value,
662 * and clears the context state.
663 */
664static void
665SHA256_Final(unsigned char digest[static SHA256_DIGEST_LENGTH], SHA256_CTX *ctx)
666{
667 /* Add padding */
668 SHA256_Pad(ctx);
669
670 /* Write the hash */
671 be32enc_vect(digest, ctx->state, SHA256_DIGEST_LENGTH);
672
673 /* Clear the context state */
674 memset(ctx, 0, sizeof(*ctx));
675}
676
677static void *hash_buf(FILE *f, int *len)
678{
679 static char buf[1024];
680
681 *len = fread(buf, 1, sizeof(buf), f);
682
683 return *len > 0 ? buf : NULL;
684}
685
686static char *hash_string(unsigned char *buf, int len)
687{
688 static char str[SHA256_DIGEST_LENGTH * 2 + 1];
689 int i;
690
691 if (len * 2 + 1 > sizeof(str))
692 return NULL;
693
694 for (i = 0; i < len; i++)
695 sprintf(&str[i * 2], "%02x", buf[i]);
696
697 return str;
698}
699
700static const char *md5_hash(FILE *f)
701{
702 MD5_CTX ctx;
703 unsigned char val[MD5_DIGEST_LENGTH];
704 void *buf;
705 int len;
706
707 MD5_begin(&ctx);
708 while ((buf = hash_buf(f, &len)) != NULL)
709 MD5_hash(buf, len, &ctx);
710 MD5_end(val, &ctx);
711
712 return hash_string(val, MD5_DIGEST_LENGTH);
713}
714
715static const char *sha256_hash(FILE *f)
716{
717 SHA256_CTX ctx;
718 unsigned char val[SHA256_DIGEST_LENGTH];
719 void *buf;
720 int len;
721
722 SHA256_Init(&ctx);
723 while ((buf = hash_buf(f, &len)) != NULL)
724 SHA256_Update(&ctx, buf, len);
725 SHA256_Final(val, &ctx);
726
727 return hash_string(val, SHA256_DIGEST_LENGTH);
728}
729
730
731struct hash_type {
732 const char *name;
733 const char *(*func)(FILE *f);
734 int len;
735};
736
737struct hash_type types[] = {
738 { "md5", md5_hash, MD5_DIGEST_LENGTH },
739 { "sha256", sha256_hash, SHA256_DIGEST_LENGTH },
740};
741
742
743static int usage(const char *progname)
744{
745 int i;
746
747 fprintf(stderr, "Usage: %s <hash type> [options] [<file>...]\n"
748 "Options:\n"
749 " -n Print filename(s)\n"
750 " -N Suppress trailing newline\n"
751 "\n"
752 "Supported hash types:", progname);
753
754 for (i = 0; i < ARRAY_SIZE(types); i++)
755 fprintf(stderr, "%s %s", i ? "," : "", types[i].name);
756
757 fprintf(stderr, "\n");
758 return 1;
759}
760
761static struct hash_type *get_hash_type(const char *name)
762{
763 int i;
764
765 for (i = 0; i < ARRAY_SIZE(types); i++) {
766 struct hash_type *t = &types[i];
767
768 if (!strcmp(t->name, name))
769 return t;
770 }
771 return NULL;
772}
773
774
775static int hash_file(struct hash_type *t, const char *filename, bool add_filename,
776 bool no_newline)
777{
778 const char *str;
779
780 if (!filename || !strcmp(filename, "-")) {
781 str = t->func(stdin);
782 } else {
783 struct stat path_stat;
784 stat(filename, &path_stat);
785 if (S_ISDIR(path_stat.st_mode)) {
786 fprintf(stderr, "Failed to open '%s': Is a directory\n", filename);
787 return 1;
788 }
789
790 FILE *f = fopen(filename, "r");
791
792 if (!f) {
793 fprintf(stderr, "Failed to open '%s'\n", filename);
794 return 1;
795 }
796 str = t->func(f);
797 fclose(f);
798 }
799
800 if (!str) {
801 fprintf(stderr, "Failed to generate hash\n");
802 return 1;
803 }
804
805 if (add_filename)
806 printf("%s %s%s", str, filename ? filename : "-",
807 no_newline ? "" : "\n");
808 else
809 printf("%s%s", str, no_newline ? "" : "\n");
810 return 0;
811}
812
813
814int main(int argc, char **argv)
815{
816 struct hash_type *t;
817 const char *progname = argv[0];
818 int i, ch;
819 bool add_filename = false, no_newline = false;
820
821 while ((ch = getopt(argc, argv, "nN")) != -1) {
822 switch (ch) {
823 case 'n':
824 add_filename = true;
825 break;
826 case 'N':
827 no_newline = true;
828 break;
829 default:
830 return usage(progname);
831 }
832 }
833
834 argc -= optind;
835 argv += optind;
836
837 if (argc < 1)
838 return usage(progname);
839
840 t = get_hash_type(argv[0]);
841 if (!t)
842 return usage(progname);
843
844 if (argc < 2)
845 return hash_file(t, NULL, add_filename, no_newline);
846
847 for (i = 0; i < argc - 1; i++) {
848 int ret = hash_file(t, argv[1 + i], add_filename, no_newline);
849 if (ret)
850 return ret;
851 }
852
853 return 0;
854}