| /* |
| * Copyright (C) 2011 Google Inc. All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions are |
| * met: |
| * |
| * * Redistributions of source code must retain the above copyright |
| * notice, this list of conditions and the following disclaimer. |
| * * Redistributions in binary form must reproduce the above |
| * copyright notice, this list of conditions and the following disclaimer |
| * in the documentation and/or other materials provided with the |
| * distribution. |
| * * Neither the name of Google Inc. nor the names of its |
| * contributors may be used to endorse or promote products derived from |
| * this software without specific prior written permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| // A straightforward SHA-1 implementation based on RFC 3174. |
| // http://www.ietf.org/rfc/rfc3174.txt |
| // The names of functions and variables (such as "a", "b", and "f") follow notations in RFC 3174. |
| |
| #include "config.h" |
| #include "SHA1.h" |
| |
| #include "Assertions.h" |
| |
| #include "StringExtras.h" |
| #include "text/CString.h" |
| |
| namespace WTF { |
| |
| #ifdef NDEBUG |
| static inline void testSHA1() { } |
| #else |
| static bool isTestSHA1Done; |
| |
| static void expectSHA1(CString input, int repeat, CString expected) |
| { |
| SHA1 sha1; |
| for (int i = 0; i < repeat; ++i) |
| sha1.addBytes(input); |
| CString actual = sha1.computeHexDigest(); |
| ASSERT_WITH_MESSAGE(actual == expected, "input: %s, repeat: %d, actual: %s, expected: %s", input.data(), repeat, actual.data(), expected.data()); |
| } |
| |
| static void testSHA1() |
| { |
| if (isTestSHA1Done) |
| return; |
| isTestSHA1Done = true; |
| |
| // Examples taken from sample code in RFC 3174. |
| expectSHA1("abc", 1, "A9993E364706816ABA3E25717850C26C9CD0D89D"); |
| expectSHA1("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1, "84983E441C3BD26EBAAE4AA1F95129E5E54670F1"); |
| expectSHA1("a", 1000000, "34AA973CD4C4DAA4F61EEB2BDBAD27316534016F"); |
| expectSHA1("0123456701234567012345670123456701234567012345670123456701234567", 10, "DEA356A2CDDD90C7A7ECEDC5EBB563934F460452"); |
| } |
| #endif |
| |
| static inline uint32_t f(int t, uint32_t b, uint32_t c, uint32_t d) |
| { |
| ASSERT(t >= 0 && t < 80); |
| if (t < 20) |
| return (b & c) | ((~b) & d); |
| if (t < 40) |
| return b ^ c ^ d; |
| if (t < 60) |
| return (b & c) | (b & d) | (c & d); |
| return b ^ c ^ d; |
| } |
| |
| static inline uint32_t k(int t) |
| { |
| ASSERT(t >= 0 && t < 80); |
| if (t < 20) |
| return 0x5a827999; |
| if (t < 40) |
| return 0x6ed9eba1; |
| if (t < 60) |
| return 0x8f1bbcdc; |
| return 0xca62c1d6; |
| } |
| |
| static inline uint32_t rotateLeft(int n, uint32_t x) |
| { |
| ASSERT(n >= 0 && n < 32); |
| return (x << n) | (x >> (32 - n)); |
| } |
| |
| SHA1::SHA1() |
| { |
| // FIXME: Move unit tests somewhere outside the constructor. See bug 55853. |
| testSHA1(); |
| reset(); |
| } |
| |
| void SHA1::addBytes(const uint8_t* input, size_t length) |
| { |
| while (length--) { |
| ASSERT(m_cursor < 64); |
| m_buffer[m_cursor++] = *input++; |
| ++m_totalBytes; |
| if (m_cursor == 64) |
| processBlock(); |
| } |
| } |
| |
| void SHA1::computeHash(Vector<uint8_t, 20>& digest) |
| { |
| finalize(); |
| |
| digest.clear(); |
| digest.resize(20); |
| for (size_t i = 0; i < 5; ++i) { |
| // Treat hashValue as a big-endian value. |
| uint32_t hashValue = m_hash[i]; |
| for (int j = 0; j < 4; ++j) { |
| digest[4 * i + (3 - j)] = hashValue & 0xFF; |
| hashValue >>= 8; |
| } |
| } |
| |
| reset(); |
| } |
| |
| CString SHA1::hexDigest(const Vector<uint8_t, 20>& digest) |
| { |
| char* start = 0; |
| CString result = CString::newUninitialized(40, start); |
| char* buffer = start; |
| for (size_t i = 0; i < 20; ++i) { |
| snprintf(buffer, 3, "%02X", digest.at(i)); |
| buffer += 2; |
| } |
| return result; |
| } |
| |
| CString SHA1::computeHexDigest() |
| { |
| Vector<uint8_t, 20> digest; |
| computeHash(digest); |
| return hexDigest(digest); |
| } |
| |
| void SHA1::finalize() |
| { |
| ASSERT(m_cursor < 64); |
| m_buffer[m_cursor++] = 0x80; |
| if (m_cursor > 56) { |
| // Pad out to next block. |
| while (m_cursor < 64) |
| m_buffer[m_cursor++] = 0x00; |
| processBlock(); |
| } |
| |
| for (size_t i = m_cursor; i < 56; ++i) |
| m_buffer[i] = 0x00; |
| |
| // Write the length as a big-endian 64-bit value. |
| uint64_t bits = m_totalBytes * 8; |
| for (int i = 0; i < 8; ++i) { |
| m_buffer[56 + (7 - i)] = bits & 0xFF; |
| bits >>= 8; |
| } |
| m_cursor = 64; |
| processBlock(); |
| } |
| |
| void SHA1::processBlock() |
| { |
| ASSERT(m_cursor == 64); |
| |
| uint32_t w[80] = { 0 }; |
| for (int t = 0; t < 16; ++t) |
| w[t] = (m_buffer[t * 4] << 24) | (m_buffer[t * 4 + 1] << 16) | (m_buffer[t * 4 + 2] << 8) | m_buffer[t * 4 + 3]; |
| for (int t = 16; t < 80; ++t) |
| w[t] = rotateLeft(1, w[t - 3] ^ w[t - 8] ^ w[t - 14] ^ w[t - 16]); |
| |
| uint32_t a = m_hash[0]; |
| uint32_t b = m_hash[1]; |
| uint32_t c = m_hash[2]; |
| uint32_t d = m_hash[3]; |
| uint32_t e = m_hash[4]; |
| |
| for (int t = 0; t < 80; ++t) { |
| uint32_t temp = rotateLeft(5, a) + f(t, b, c, d) + e + w[t] + k(t); |
| e = d; |
| d = c; |
| c = rotateLeft(30, b); |
| b = a; |
| a = temp; |
| } |
| |
| m_hash[0] += a; |
| m_hash[1] += b; |
| m_hash[2] += c; |
| m_hash[3] += d; |
| m_hash[4] += e; |
| |
| m_cursor = 0; |
| } |
| |
| void SHA1::reset() |
| { |
| m_cursor = 0; |
| m_totalBytes = 0; |
| m_hash[0] = 0x67452301; |
| m_hash[1] = 0xefcdab89; |
| m_hash[2] = 0x98badcfe; |
| m_hash[3] = 0x10325476; |
| m_hash[4] = 0xc3d2e1f0; |
| |
| // Clear the buffer after use in case it's sensitive. |
| memset(m_buffer, 0, sizeof(m_buffer)); |
| } |
| |
| } // namespace WTF |