qwe/keepass2android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of c:/ph/keepass2android

Browse Source
This commit is contained in:
Philipp Crocoll
2019-10-03 17:19:35 +02:00
parent e27ff98517 b8d161ffee
commit 3f6f0b7430
14 changed files with 3251 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/java/KP2AKdbLibrary/app/src/main/jni/sha/.gitignore vendored
View File

@@ -1,13 +0,0 @@
brg_endian.h
brg_types.h
hmac.c
hmac.h
pwd2key.c
pwd2key.h
sha1b.c
sha1.c
sha1.h
sha2b.c
sha2.c
sha2.h
shasum.c

136
src/java/KP2AKdbLibrary/app/src/main/jni/sha/brg_endian.h Normal file
View File

@@ -0,0 +1,136 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue 20/10/2006
*/
#ifndef BRG_ENDIAN_H
#define BRG_ENDIAN_H
#define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */
#define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */
/* Include files where endian defines and byteswap functions may reside */
#if defined( __FreeBSD__ ) || defined( __OpenBSD__ ) || defined( __NetBSD__ )
# include <sys/endian.h>
#elif defined( BSD ) && ( BSD >= 199103 ) || defined( __APPLE__ ) || \
defined( __CYGWIN32__ ) || defined( __DJGPP__ ) || defined( __osf__ )
# include <machine/endian.h>
#elif defined( __linux__ ) || defined( __GNUC__ ) || defined( __GNU_LIBRARY__ )
# if !defined( __MINGW32__ )
# include <endian.h>
# if !defined( __BEOS__ )
# include <byteswap.h>
# endif
# endif
#endif
/* Now attempt to set the define for platform byte order using any */
/* of the four forms SYMBOL, _SYMBOL, __SYMBOL & __SYMBOL__, which */
/* seem to encompass most endian symbol definitions */
#if defined( BIG_ENDIAN ) && defined( LITTLE_ENDIAN )
# if defined( BYTE_ORDER ) && BYTE_ORDER == BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( BYTE_ORDER ) && BYTE_ORDER == LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( _BIG_ENDIAN ) && defined( _LITTLE_ENDIAN )
# if defined( _BYTE_ORDER ) && _BYTE_ORDER == _BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( _BYTE_ORDER ) && _BYTE_ORDER == _LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( _BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( _LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( __BIG_ENDIAN ) && defined( __LITTLE_ENDIAN )
# if defined( __BYTE_ORDER ) && __BYTE_ORDER == __BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( __BYTE_ORDER ) && __BYTE_ORDER == __LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( __BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( __LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( __BIG_ENDIAN__ ) && defined( __LITTLE_ENDIAN__ )
# if defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __BIG_ENDIAN__
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __LITTLE_ENDIAN__
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( __BIG_ENDIAN__ )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( __LITTLE_ENDIAN__ )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
/* if the platform byte order could not be determined, then try to */
/* set this define using common machine defines */
#if !defined(PLATFORM_BYTE_ORDER)
#if defined( __alpha__ ) || defined( __alpha ) || defined( i386 ) || \
defined( __i386__ ) || defined( _M_I86 ) || defined( _M_IX86 ) || \
defined( __OS2__ ) || defined( sun386 ) || defined( __TURBOC__ ) || \
defined( vax ) || defined( vms ) || defined( VMS ) || \
defined( __VMS ) || defined( _M_X64 )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#elif defined( AMIGA ) || defined( applec ) || defined( __AS400__ ) || \
defined( _CRAY ) || defined( __hppa ) || defined( __hp9000 ) || \
defined( ibm370 ) || defined( mc68000 ) || defined( m68k ) || \
defined( __MRC__ ) || defined( __MVS__ ) || defined( __MWERKS__ ) || \
defined( sparc ) || defined( __sparc) || defined( SYMANTEC_C ) || \
defined( __VOS__ ) || defined( __TIGCC__ ) || defined( __TANDEM ) || \
defined( THINK_C ) || defined( __VMCMS__ )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif 0 /* **** EDIT HERE IF NECESSARY **** */
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#elif 0 /* **** EDIT HERE IF NECESSARY **** */
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#else
# error Please edit lines 126 or 128 in brg_endian.h to set the platform byte order
#endif
#endif
#endif

184
src/java/KP2AKdbLibrary/app/src/main/jni/sha/brg_types.h Normal file
View File

@@ -0,0 +1,184 @@
/*
---------------------------------------------------------------------------
Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue 09/09/2006
The unsigned integer types defined here are of the form uint_<nn>t where
<nn> is the length of the type; for example, the unsigned 32-bit type is
'uint_32t'. These are NOT the same as the 'C99 integer types' that are
defined in the inttypes.h and stdint.h headers since attempts to use these
types have shown that support for them is still highly variable. However,
since the latter are of the form uint<nn>_t, a regular expression search
and replace (in VC++ search on 'uint_{:z}t' and replace with 'uint\1_t')
can be used to convert the types used here to the C99 standard types.
*/
#ifndef BRG_TYPES_H
#define BRG_TYPES_H
#if defined(__cplusplus)
extern "C" {
#endif
#include <limits.h>
#ifndef BRG_UI8
# define BRG_UI8
# if UCHAR_MAX == 255u
typedef unsigned char uint_8t;
# else
# error Please define uint_8t as an 8-bit unsigned integer type in brg_types.h
# endif
#endif
#ifndef BRG_UI16
# define BRG_UI16
# if USHRT_MAX == 65535u
typedef unsigned short uint_16t;
# else
# error Please define uint_16t as a 16-bit unsigned short type in brg_types.h
# endif
#endif
#ifndef BRG_UI32
# define BRG_UI32
# if UINT_MAX == 4294967295u
# define li_32(h) 0x##h##u
typedef unsigned int uint_32t;
# elif ULONG_MAX == 4294967295u
# define li_32(h) 0x##h##ul
typedef unsigned long uint_32t;
# elif defined( _CRAY )
# error This code needs 32-bit data types, which Cray machines do not provide
# else
# error Please define uint_32t as a 32-bit unsigned integer type in brg_types.h
# endif
#endif
#ifndef BRG_UI64
# if defined( __BORLANDC__ ) && !defined( __MSDOS__ )
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned __int64 uint_64t;
# elif defined( _MSC_VER ) && ( _MSC_VER < 1300 ) /* 1300 == VC++ 7.0 */
# define BRG_UI64
# define li_64(h) 0x##h##ui64
typedef unsigned __int64 uint_64t;
# elif defined( __sun ) && defined(ULONG_MAX) && ULONG_MAX == 0xfffffffful
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# elif defined( UINT_MAX ) && UINT_MAX > 4294967295u
# if UINT_MAX == 18446744073709551615u
# define BRG_UI64
# define li_64(h) 0x##h##u
typedef unsigned int uint_64t;
# endif
# elif defined( ULONG_MAX ) && ULONG_MAX > 4294967295u
# if ULONG_MAX == 18446744073709551615ul
# define BRG_UI64
# define li_64(h) 0x##h##ul
typedef unsigned long uint_64t;
# endif
# elif defined( ULLONG_MAX ) && ULLONG_MAX > 4294967295u
# if ULLONG_MAX == 18446744073709551615ull
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
# elif defined( ULONG_LONG_MAX ) && ULONG_LONG_MAX > 4294967295u
# if ULONG_LONG_MAX == 18446744073709551615ull
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
# endif
#endif
#if defined( NEED_UINT_64T ) && !defined( BRG_UI64 )
# error Please define uint_64t as an unsigned 64 bit type in brg_types.h
#endif
#ifndef RETURN_VALUES
# define RETURN_VALUES
# if defined( DLL_EXPORT )
# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER )
# define VOID_RETURN __declspec( dllexport ) void __stdcall
# define INT_RETURN __declspec( dllexport ) int __stdcall
# elif defined( __GNUC__ )
# define VOID_RETURN __declspec( __dllexport__ ) void
# define INT_RETURN __declspec( __dllexport__ ) int
# else
# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers
# endif
# elif defined( DLL_IMPORT )
# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER )
# define VOID_RETURN __declspec( dllimport ) void __stdcall
# define INT_RETURN __declspec( dllimport ) int __stdcall
# elif defined( __GNUC__ )
# define VOID_RETURN __declspec( __dllimport__ ) void
# define INT_RETURN __declspec( __dllimport__ ) int
# else
# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers
# endif
# elif defined( __WATCOMC__ )
# define VOID_RETURN void __cdecl
# define INT_RETURN int __cdecl
# else
# define VOID_RETURN void
# define INT_RETURN int
# endif
#endif
/* These defines are used to declare buffers in a way that allows
faster operations on longer variables to be used. In all these
defines 'size' must be a power of 2 and >= 8
dec_unit_type(size,x) declares a variable 'x' of length
'size' bits
dec_bufr_type(size,bsize,x) declares a buffer 'x' of length 'bsize'
bytes defined as an array of variables
each of 'size' bits (bsize must be a
multiple of size / 8)
ptr_cast(x,size) casts a pointer to a pointer to a
varaiable of length 'size' bits
*/
#define ui_type(size) uint_##size##t
#define dec_unit_type(size,x) typedef ui_type(size) x
#define dec_bufr_type(size,bsize,x) typedef ui_type(size) x[bsize / (size >> 3)]
#define ptr_cast(x,size) ((ui_type(size)*)(x))
#if defined(__cplusplus)
}
#endif
#endif

144
src/java/KP2AKdbLibrary/app/src/main/jni/sha/hmac.c Normal file
View File

@@ -0,0 +1,144 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 26/08/2003
This is an implementation of HMAC, the FIPS standard keyed hash function
*/
#include "hmac.h"
#if defined(__cplusplus)
extern "C"
{
#endif
/* initialise the HMAC context to zero */
void hmac_sha_begin(hmac_ctx cx[1])
{
memset(cx, 0, sizeof(hmac_ctx));
}
/* input the HMAC key (can be called multiple times) */
int hmac_sha_key(const unsigned char key[], unsigned long key_len, hmac_ctx cx[1])
{
if(cx->klen == HMAC_IN_DATA) /* error if further key input */
return HMAC_BAD_MODE; /* is attempted in data mode */
if(cx->klen + key_len > HASH_INPUT_SIZE) /* if the key has to be hashed */
{
if(cx->klen <= HASH_INPUT_SIZE) /* if the hash has not yet been */
{ /* started, initialise it and */
sha_begin(cx->ctx); /* hash stored key characters */
sha_hash(cx->key, cx->klen, cx->ctx);
}
sha_hash(key, key_len, cx->ctx); /* hash long key data into hash */
}
else /* otherwise store key data */
memcpy(cx->key + cx->klen, key, key_len);
cx->klen += key_len; /* update the key length count */
return HMAC_OK;
}
/* input the HMAC data (can be called multiple times) - */
/* note that this call terminates the key input phase */
void hmac_sha_data(const unsigned char data[], unsigned long data_len, hmac_ctx cx[1])
{ unsigned int i;
if(cx->klen != HMAC_IN_DATA) /* if not yet in data phase */
{
if(cx->klen > HASH_INPUT_SIZE) /* if key is being hashed */
{ /* complete the hash and */
sha_end(cx->key, cx->ctx); /* store the result as the */
cx->klen = HASH_OUTPUT_SIZE; /* key and set new length */
}
/* pad the key if necessary */
memset(cx->key + cx->klen, 0, HASH_INPUT_SIZE - cx->klen);
/* xor ipad into key value */
for(i = 0; i < (HASH_INPUT_SIZE >> 2); ++i)
((uint_32t*)cx->key)[i] ^= 0x36363636;
/* and start hash operation */
sha_begin(cx->ctx);
sha_hash(cx->key, HASH_INPUT_SIZE, cx->ctx);
/* mark as now in data mode */
cx->klen = HMAC_IN_DATA;
}
/* hash the data (if any) */
if(data_len)
sha_hash(data, data_len, cx->ctx);
}
/* compute and output the MAC value */
void hmac_sha_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1])
{ unsigned char dig[HASH_OUTPUT_SIZE];
unsigned int i;
/* if no data has been entered perform a null data phase */
if(cx->klen != HMAC_IN_DATA)
hmac_sha_data((const unsigned char*)0, 0, cx);
sha_end(dig, cx->ctx); /* complete the inner hash */
/* set outer key value using opad and removing ipad */
for(i = 0; i < (HASH_INPUT_SIZE >> 2); ++i)
((uint_32t*)cx->key)[i] ^= 0x36363636 ^ 0x5c5c5c5c;
/* perform the outer hash operation */
sha_begin(cx->ctx);
sha_hash(cx->key, HASH_INPUT_SIZE, cx->ctx);
sha_hash(dig, HASH_OUTPUT_SIZE, cx->ctx);
sha_end(dig, cx->ctx);
/* output the hash value */
for(i = 0; i < mac_len; ++i)
mac[i] = dig[i];
}
/* 'do it all in one go' subroutine */
void hmac_sha(const unsigned char key[], unsigned long key_len,
const unsigned char data[], unsigned long data_len,
unsigned char mac[], unsigned long mac_len)
{ hmac_ctx cx[1];
hmac_sha_begin(cx);
hmac_sha_key(key, key_len, cx);
hmac_sha_data(data, data_len, cx);
hmac_sha_end(mac, mac_len, cx);
}
#if defined(__cplusplus)
}
#endif

101
src/java/KP2AKdbLibrary/app/src/main/jni/sha/hmac.h Normal file
View File

@@ -0,0 +1,101 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 26/08/2003
This is an implementation of HMAC, the FIPS standard keyed hash function
*/
#ifndef _HMAC_H
#define _HMAC_H
#include <memory.h>
#if defined(__cplusplus)
extern "C"
{
#endif
#if !defined(USE_SHA1) && !defined(USE_SHA256)
#error define USE_SHA1 or USE_SHA256 to set the HMAC hash algorithm
#endif
#ifdef USE_SHA1
#include "sha1.h"
#define HASH_INPUT_SIZE SHA1_BLOCK_SIZE
#define HASH_OUTPUT_SIZE SHA1_DIGEST_SIZE
#define sha_ctx sha1_ctx
#define sha_begin sha1_begin
#define sha_hash sha1_hash
#define sha_end sha1_end
#endif
#ifdef USE_SHA256
#include "sha2.h"
#define HASH_INPUT_SIZE SHA256_BLOCK_SIZE
#define HASH_OUTPUT_SIZE SHA256_DIGEST_SIZE
#define sha_ctx sha256_ctx
#define sha_begin sha256_begin
#define sha_hash sha256_hash
#define sha_end sha256_end
#endif
#define HMAC_OK 0
#define HMAC_BAD_MODE -1
#define HMAC_IN_DATA 0xffffffff
typedef struct
{ unsigned char key[HASH_INPUT_SIZE];
sha_ctx ctx[1];
unsigned long klen;
} hmac_ctx;
void hmac_sha_begin(hmac_ctx cx[1]);
int hmac_sha_key(const unsigned char key[], unsigned long key_len, hmac_ctx cx[1]);
void hmac_sha_data(const unsigned char data[], unsigned long data_len, hmac_ctx cx[1]);
void hmac_sha_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1]);
void hmac_sha(const unsigned char key[], unsigned long key_len,
const unsigned char data[], unsigned long data_len,
unsigned char mac[], unsigned long mac_len);
#if defined(__cplusplus)
}
#endif
#endif

193
src/java/KP2AKdbLibrary/app/src/main/jni/sha/pwd2key.c Normal file
View File

@@ -0,0 +1,193 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 26/08/2003
This is an implementation of RFC2898, which specifies key derivation from
a password and a salt value.
*/
#include <memory.h>
#include "hmac.h"
#if defined(__cplusplus)
extern "C"
{
#endif
void derive_key(const unsigned char pwd[], /* the PASSWORD */
unsigned int pwd_len, /* and its length */
const unsigned char salt[], /* the SALT and its */
unsigned int salt_len, /* length */
unsigned int iter, /* the number of iterations */
unsigned char key[], /* space for the output key */
unsigned int key_len)/* and its required length */
{
unsigned int i, j, k, n_blk;
unsigned char uu[HASH_OUTPUT_SIZE], ux[HASH_OUTPUT_SIZE];
hmac_ctx c1[1], c2[1], c3[1];
/* set HMAC context (c1) for password */
hmac_sha_begin(c1);
hmac_sha_key(pwd, pwd_len, c1);
/* set HMAC context (c2) for password and salt */
memcpy(c2, c1, sizeof(hmac_ctx));
hmac_sha_data(salt, salt_len, c2);
/* find the number of SHA blocks in the key */
n_blk = 1 + (key_len - 1) / HASH_OUTPUT_SIZE;
for(i = 0; i < n_blk; ++i) /* for each block in key */
{
/* ux[] holds the running xor value */
memset(ux, 0, HASH_OUTPUT_SIZE);
/* set HMAC context (c3) for password and salt */
memcpy(c3, c2, sizeof(hmac_ctx));
/* enter additional data for 1st block into uu */
uu[0] = (unsigned char)((i + 1) >> 24);
uu[1] = (unsigned char)((i + 1) >> 16);
uu[2] = (unsigned char)((i + 1) >> 8);
uu[3] = (unsigned char)(i + 1);
/* this is the key mixing iteration */
for(j = 0, k = 4; j < iter; ++j)
{
/* add previous round data to HMAC */
hmac_sha_data(uu, k, c3);
/* obtain HMAC for uu[] */
hmac_sha_end(uu, HASH_OUTPUT_SIZE, c3);
/* xor into the running xor block */
for(k = 0; k < HASH_OUTPUT_SIZE; ++k)
ux[k] ^= uu[k];
/* set HMAC context (c3) for password */
memcpy(c3, c1, sizeof(hmac_ctx));
}
/* compile key blocks into the key output */
j = 0; k = i * HASH_OUTPUT_SIZE;
while(j < HASH_OUTPUT_SIZE && k < key_len)
key[k++] = ux[j++];
}
}
#ifdef TEST
#include <stdio.h>
struct
{ unsigned int pwd_len;
unsigned int salt_len;
unsigned int it_count;
unsigned char *pwd;
unsigned char salt[32];
unsigned char key[32];
} tests[] =
{
{ 8, 4, 5, (unsigned char*)"password",
{
0x12, 0x34, 0x56, 0x78
},
{
0x5c, 0x75, 0xce, 0xf0, 0x1a, 0x96, 0x0d, 0xf7,
0x4c, 0xb6, 0xb4, 0x9b, 0x9e, 0x38, 0xe6, 0xb5
}
},
{ 8, 8, 5, (unsigned char*)"password",
{
0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12
},
{
0xd1, 0xda, 0xa7, 0x86, 0x15, 0xf2, 0x87, 0xe6,
0xa1, 0xc8, 0xb1, 0x20, 0xd7, 0x06, 0x2a, 0x49
}
},
{ 8, 21, 1, (unsigned char*)"password",
{
"ATHENA.MIT.EDUraeburn"
},
{
0xcd, 0xed, 0xb5, 0x28, 0x1b, 0xb2, 0xf8, 0x01,
0x56, 0x5a, 0x11, 0x22, 0xb2, 0x56, 0x35, 0x15
}
},
{ 8, 21, 2, (unsigned char*)"password",
{
"ATHENA.MIT.EDUraeburn"
},
{
0x01, 0xdb, 0xee, 0x7f, 0x4a, 0x9e, 0x24, 0x3e,
0x98, 0x8b, 0x62, 0xc7, 0x3c, 0xda, 0x93, 0x5d
}
},
{ 8, 21, 1200, (unsigned char*)"password",
{
"ATHENA.MIT.EDUraeburn"
},
{
0x5c, 0x08, 0xeb, 0x61, 0xfd, 0xf7, 0x1e, 0x4e,
0x4e, 0xc3, 0xcf, 0x6b, 0xa1, 0xf5, 0x51, 0x2b
}
}
};
int main()
{ unsigned int i, j, key_len = 256;
unsigned char key[256];
printf("\nTest of RFC2898 Password Based Key Derivation");
for(i = 0; i < 5; ++i)
{
derive_key(tests[i].pwd, tests[i].pwd_len, tests[i].salt,
tests[i].salt_len, tests[i].it_count, key, key_len);
printf("\ntest %i: ", i + 1);
printf("key %s", memcmp(tests[i].key, key, 16) ? "is bad" : "is good");
for(j = 0; j < key_len && j < 64; j += 4)
{
if(j % 16 == 0)
printf("\n");
printf("0x%02x%02x%02x%02x ", key[j], key[j + 1], key[j + 2], key[j + 3]);
}
printf(j < key_len ? " ... \n" : "\n");
}
printf("\n");
return 0;
}
#if defined(__cplusplus)
}
#endif
#endif

57
src/java/KP2AKdbLibrary/app/src/main/jni/sha/pwd2key.h Normal file
View File

@@ -0,0 +1,57 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 26/08/2003
This is an implementation of RFC2898, which specifies key derivation from
a password and a salt value.
*/
#ifndef PWD2KEY_H
#define PWD2KEY_H
#if defined(__cplusplus)
extern "C"
{
#endif
void derive_key(
const unsigned char pwd[], /* the PASSWORD, and */
unsigned int pwd_len, /* its length */
const unsigned char salt[], /* the SALT and its */
unsigned int salt_len, /* length */
unsigned int iter, /* the number of iterations */
unsigned char key[], /* space for the output key */
unsigned int key_len); /* and its required length */
#if defined(__cplusplus)
}
#endif
#endif

258
src/java/KP2AKdbLibrary/app/src/main/jni/sha/sha1.c Normal file
View File

@@ -0,0 +1,258 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 01/08/2005
This is a byte oriented version of SHA1 that operates on arrays of bytes
stored in memory.
*/
#include <string.h> /* for memcpy() etc. */
#include "sha1.h"
#include "brg_endian.h"
#if defined(__cplusplus)
extern "C"
{
#endif
#if defined( _MSC_VER ) && ( _MSC_VER > 800 )
#pragma intrinsic(memcpy)
#endif
#if 0 && defined(_MSC_VER)
#define rotl32 _lrotl
#define rotr32 _lrotr
#else
#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n)))
#endif
#if !defined(bswap_32)
#define bswap_32(x) ((rotr32((x), 24) & 0x00ff00ff) | (rotr32((x), 8) & 0xff00ff00))
#endif
#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
#define SWAP_BYTES
#else
#undef SWAP_BYTES
#endif
#if defined(SWAP_BYTES)
#define bsw_32(p,n) \
{ int _i = (n); while(_i--) ((uint_32t*)p)[_i] = bswap_32(((uint_32t*)p)[_i]); }
#else
#define bsw_32(p,n)
#endif
#define SHA1_MASK (SHA1_BLOCK_SIZE - 1)
#if 0
#define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z)))
#define parity(x,y,z) ((x) ^ (y) ^ (z))
#define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#else /* Discovered by Rich Schroeppel and Colin Plumb */
#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define parity(x,y,z) ((x) ^ (y) ^ (z))
#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y))))
#endif
/* Compile 64 bytes of hash data into SHA1 context. Note */
/* that this routine assumes that the byte order in the */
/* ctx->wbuf[] at this point is in such an order that low */
/* address bytes in the ORIGINAL byte stream will go in */
/* this buffer to the high end of 32-bit words on BOTH big */
/* and little endian systems */
#ifdef ARRAY
#define q(v,n) v[n]
#else
#define q(v,n) v##n
#endif
#define one_cycle(v,a,b,c,d,e,f,k,h) \
q(v,e) += rotr32(q(v,a),27) + \
f(q(v,b),q(v,c),q(v,d)) + k + h; \
q(v,b) = rotr32(q(v,b), 2)
#define five_cycle(v,f,k,i) \
one_cycle(v, 0,1,2,3,4, f,k,hf(i )); \
one_cycle(v, 4,0,1,2,3, f,k,hf(i+1)); \
one_cycle(v, 3,4,0,1,2, f,k,hf(i+2)); \
one_cycle(v, 2,3,4,0,1, f,k,hf(i+3)); \
one_cycle(v, 1,2,3,4,0, f,k,hf(i+4))
VOID_RETURN sha1_compile(sha1_ctx ctx[1])
{ uint_32t *w = ctx->wbuf;
#ifdef ARRAY
uint_32t v[5];
memcpy(v, ctx->hash, 5 * sizeof(uint_32t));
#else
uint_32t v0, v1, v2, v3, v4;
v0 = ctx->hash[0]; v1 = ctx->hash[1];
v2 = ctx->hash[2]; v3 = ctx->hash[3];
v4 = ctx->hash[4];
#endif
#define hf(i) w[i]
five_cycle(v, ch, 0x5a827999, 0);
five_cycle(v, ch, 0x5a827999, 5);
five_cycle(v, ch, 0x5a827999, 10);
one_cycle(v,0,1,2,3,4, ch, 0x5a827999, hf(15)); \
#undef hf
#define hf(i) (w[(i) & 15] = rotl32( \
w[((i) + 13) & 15] ^ w[((i) + 8) & 15] \
^ w[((i) + 2) & 15] ^ w[(i) & 15], 1))
one_cycle(v,4,0,1,2,3, ch, 0x5a827999, hf(16));
one_cycle(v,3,4,0,1,2, ch, 0x5a827999, hf(17));
one_cycle(v,2,3,4,0,1, ch, 0x5a827999, hf(18));
one_cycle(v,1,2,3,4,0, ch, 0x5a827999, hf(19));
five_cycle(v, parity, 0x6ed9eba1, 20);
five_cycle(v, parity, 0x6ed9eba1, 25);
five_cycle(v, parity, 0x6ed9eba1, 30);
five_cycle(v, parity, 0x6ed9eba1, 35);
five_cycle(v, maj, 0x8f1bbcdc, 40);
five_cycle(v, maj, 0x8f1bbcdc, 45);
five_cycle(v, maj, 0x8f1bbcdc, 50);
five_cycle(v, maj, 0x8f1bbcdc, 55);
five_cycle(v, parity, 0xca62c1d6, 60);
five_cycle(v, parity, 0xca62c1d6, 65);
five_cycle(v, parity, 0xca62c1d6, 70);
five_cycle(v, parity, 0xca62c1d6, 75);
#ifdef ARRAY
ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
ctx->hash[4] += v[4];
#else
ctx->hash[0] += v0; ctx->hash[1] += v1;
ctx->hash[2] += v2; ctx->hash[3] += v3;
ctx->hash[4] += v4;
#endif
}
VOID_RETURN sha1_begin(sha1_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
ctx->hash[0] = 0x67452301;
ctx->hash[1] = 0xefcdab89;
ctx->hash[2] = 0x98badcfe;
ctx->hash[3] = 0x10325476;
ctx->hash[4] = 0xc3d2e1f0;
}
/* SHA1 hash data in an array of bytes into hash buffer and */
/* call the hash_compile function as required. */
VOID_RETURN sha1_hash(const unsigned char data[], unsigned long len, sha1_ctx ctx[1])
{ uint_32t pos = (uint_32t)(ctx->count[0] & SHA1_MASK),
space = SHA1_BLOCK_SIZE - pos;
const unsigned char *sp = data;
if((ctx->count[0] += len) < len)
++(ctx->count[1]);
while(len >= space) /* tranfer whole blocks if possible */
{
memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space);
sp += space; len -= space; space = SHA1_BLOCK_SIZE; pos = 0;
bsw_32(ctx->wbuf, SHA1_BLOCK_SIZE >> 2);
sha1_compile(ctx);
}
memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len);
}
/* SHA1 final padding and digest calculation */
VOID_RETURN sha1_end(unsigned char hval[], sha1_ctx ctx[1])
{ uint_32t i = (uint_32t)(ctx->count[0] & SHA1_MASK);
/* put bytes in the buffer in an order in which references to */
/* 32-bit words will put bytes with lower addresses into the */
/* top of 32 bit words on BOTH big and little endian machines */
bsw_32(ctx->wbuf, (i + 3) >> 2);
/* we now need to mask valid bytes and add the padding which is */
/* a single 1 bit and as many zero bits as necessary. Note that */
/* we can always add the first padding byte here because the */
/* buffer always has at least one empty slot */
ctx->wbuf[i >> 2] &= 0xffffff80 << 8 * (~i & 3);
ctx->wbuf[i >> 2] |= 0x00000080 << 8 * (~i & 3);
/* we need 9 or more empty positions, one for the padding byte */
/* (above) and eight for the length count. If there is not */
/* enough space, pad and empty the buffer */
if(i > SHA1_BLOCK_SIZE - 9)
{
if(i < 60) ctx->wbuf[15] = 0;
sha1_compile(ctx);
i = 0;
}
else /* compute a word index for the empty buffer positions */
i = (i >> 2) + 1;
while(i < 14) /* and zero pad all but last two positions */
ctx->wbuf[i++] = 0;
/* the following 32-bit length fields are assembled in the */
/* wrong byte order on little endian machines but this is */
/* corrected later since they are only ever used as 32-bit */
/* word values. */
ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29);
ctx->wbuf[15] = ctx->count[0] << 3;
sha1_compile(ctx);
/* extract the hash value as bytes in case the hash buffer is */
/* misaligned for 32-bit words */
for(i = 0; i < SHA1_DIGEST_SIZE; ++i)
hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3)));
}
VOID_RETURN sha1(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha1_ctx cx[1];
sha1_begin(cx); sha1_hash(data, len, cx); sha1_end(hval, cx);
}
#if defined(__cplusplus)
}
#endif

73
src/java/KP2AKdbLibrary/app/src/main/jni/sha/sha1.h Normal file
View File

@@ -0,0 +1,73 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 01/08/2005
*/
#ifndef _SHA1_H
#define _SHA1_H
#include <stdlib.h>
#include "brg_types.h"
#define SHA1_BLOCK_SIZE 64
#define SHA1_DIGEST_SIZE 20
#if defined(__cplusplus)
extern "C"
{
#endif
/* type to hold the SHA256 context */
typedef struct
{ uint_32t count[2];
uint_32t hash[5];
uint_32t wbuf[16];
} sha1_ctx;
/* Note that these prototypes are the same for both bit and */
/* byte oriented implementations. However the length fields */
/* are in bytes or bits as appropriate for the version used */
/* and bit sequences are input as arrays of bytes in which */
/* bit sequences run from the most to the least significant */
/* end of each byte */
VOID_RETURN sha1_compile(sha1_ctx ctx[1]);
VOID_RETURN sha1_begin(sha1_ctx ctx[1]);
VOID_RETURN sha1_hash(const unsigned char data[], unsigned long len, sha1_ctx ctx[1]);
VOID_RETURN sha1_end(unsigned char hval[], sha1_ctx ctx[1]);
VOID_RETURN sha1(unsigned char hval[], const unsigned char data[], unsigned long len);
#if defined(__cplusplus)
}
#endif
#endif

287
src/java/KP2AKdbLibrary/app/src/main/jni/sha/sha1b.c Normal file
View File

@@ -0,0 +1,287 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 01/08/2005
This is a bit oriented version of SHA1 that operates on arrays of bytes
stored in memory.
*/
#include <string.h> /* for memcpy() etc. */
#include "sha1.h"
#include "brg_endian.h"
#if defined(__cplusplus)
extern "C"
{
#endif
#if defined( _MSC_VER ) && ( _MSC_VER > 800 )
#pragma intrinsic(memcpy)
#endif
#if 0 && defined(_MSC_VER)
#define rotl32 _lrotl
#define rotr32 _lrotr
#else
#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n)))
#endif
#if !defined(bswap_32)
#define bswap_32(x) (rotr32((x), 24) & 0x00ff00ff | rotr32((x), 8) & 0xff00ff00)
#endif
#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
#define SWAP_BYTES
#else
#undef SWAP_BYTES
#endif
#if defined(SWAP_BYTES)
#define bsw_32(p,n) \
{ int _i = (n); while(_i--) ((uint_32t*)p)[_i] = bswap_32(((uint_32t*)p)[_i]); }
#else
#define bsw_32(p,n)
#endif
#define SHA1_MASK (SHA1_BLOCK_SIZE - 1)
#if 0
#define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z)))
#define parity(x,y,z) ((x) ^ (y) ^ (z))
#define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#else /* Discovered by Rich Schroeppel and Colin Plumb */
#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define parity(x,y,z) ((x) ^ (y) ^ (z))
#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y))))
#endif
/* Compile 64 bytes of hash data into SHA1 context. Note */
/* that this routine assumes that the byte order in the */
/* ctx->wbuf[] at this point is in such an order that low */
/* address bytes in the ORIGINAL byte stream in this buffer */
/* will go to the high end of 32-bit words on BOTH big and */
/* little endian systems */
#ifdef ARRAY
#define q(n) v[n]
#else
#define q(n) v##n
#endif
#define one_cycle(a,b,c,d,e,f,k,h) \
q(e) += rotr32(q(a),27) + f(q(b),q(c),q(d)) + k + h;\
q(b) = rotr32(q(b), 2)
#define five_cycle(f,k,i) \
one_cycle(0,1,2,3,4, f,k,hf(i )); \
one_cycle(4,0,1,2,3, f,k,hf(i+1)); \
one_cycle(3,4,0,1,2, f,k,hf(i+2)); \
one_cycle(2,3,4,0,1, f,k,hf(i+3)); \
one_cycle(1,2,3,4,0, f,k,hf(i+4))
VOID_RETURN sha1_compile(sha1_ctx ctx[1])
{ uint_32t *w = ctx->wbuf;
#ifdef ARRAY
uint_32t v[5];
memcpy(v, ctx->hash, 5 * sizeof(uint_32t));
#else
uint_32t v0, v1, v2, v3, v4;
v0 = ctx->hash[0]; v1 = ctx->hash[1];
v2 = ctx->hash[2]; v3 = ctx->hash[3];
v4 = ctx->hash[4];
#endif
#define hf(i) w[i]
five_cycle(ch, 0x5a827999, 0);
five_cycle(ch, 0x5a827999, 5);
five_cycle(ch, 0x5a827999, 10);
one_cycle(0,1,2,3,4, ch, 0x5a827999, hf(15)); \
#undef hf
#define hf(i) \
(w[(i) & 15] = rotl32(w[((i) + 13) & 15] ^ w[((i) + 8) & 15] \
^ w[((i) + 2) & 15] ^ w[(i) & 15], 1))
one_cycle(4,0,1,2,3, ch, 0x5a827999, hf(16));
one_cycle(3,4,0,1,2, ch, 0x5a827999, hf(17));
one_cycle(2,3,4,0,1, ch, 0x5a827999, hf(18));
one_cycle(1,2,3,4,0, ch, 0x5a827999, hf(19));
five_cycle(parity, 0x6ed9eba1, 20);
five_cycle(parity, 0x6ed9eba1, 25);
five_cycle(parity, 0x6ed9eba1, 30);
five_cycle(parity, 0x6ed9eba1, 35);
five_cycle(maj, 0x8f1bbcdc, 40);
five_cycle(maj, 0x8f1bbcdc, 45);
five_cycle(maj, 0x8f1bbcdc, 50);
five_cycle(maj, 0x8f1bbcdc, 55);
five_cycle(parity, 0xca62c1d6, 60);
five_cycle(parity, 0xca62c1d6, 65);
five_cycle(parity, 0xca62c1d6, 70);
five_cycle(parity, 0xca62c1d6, 75);
#ifdef ARRAY
ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
ctx->hash[4] += v[4];
#else
ctx->hash[0] += v0; ctx->hash[1] += v1;
ctx->hash[2] += v2; ctx->hash[3] += v3;
ctx->hash[4] += v4;
#endif
}
VOID_RETURN sha1_begin(sha1_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
ctx->hash[0] = 0x67452301;
ctx->hash[1] = 0xefcdab89;
ctx->hash[2] = 0x98badcfe;
ctx->hash[3] = 0x10325476;
ctx->hash[4] = 0xc3d2e1f0;
}
/* SHA1 hash data in an array of bytes into hash buffer and */
/* call the hash_compile function as required. */
VOID_RETURN sha1_hash(const unsigned char data[], unsigned long len, sha1_ctx ctx[1])
{ uint_32t pos = (uint_32t)((ctx->count[0] >> 3) & SHA1_MASK),
ofs = (ctx->count[0] & 7);
const unsigned char *sp = data;
unsigned char *w = (unsigned char*)ctx->wbuf;
if((ctx->count[0] += len) < len)
++(ctx->count[1]);
if(ofs) /* if not on a byte boundary */
{
if(ofs + len < 8) /* if no added bytes are needed */
{
w[pos] |= (*sp >> ofs);
}
else /* otherwise and add bytes */
{ unsigned char part = w[pos];
while((int)(ofs + (len -= 8)) >= 0)
{
w[pos++] = part | (*sp >> ofs);
part = *sp++ << (8 - ofs);
if(pos == SHA1_BLOCK_SIZE)
{
bsw_32(w, SHA1_BLOCK_SIZE >> 2);
sha1_compile(ctx); pos = 0;
}
}
w[pos] = part;
}
}
else /* data is byte aligned */
{ uint_32t space = SHA1_BLOCK_SIZE - pos;
while((int)(len - 8 * space) >= 0)
{
len -= 8 * space;
memcpy(w + pos, sp, space);
sp += space;
space = SHA1_BLOCK_SIZE;
bsw_32(w, SHA1_BLOCK_SIZE >> 2);
sha1_compile(ctx); pos = 0;
}
memcpy(w + pos, sp, (len + 7) >> 3);
}
}
/* SHA1 final padding and digest calculation */
VOID_RETURN sha1_end(unsigned char hval[], sha1_ctx ctx[1])
{ uint_32t i = (uint_32t)((ctx->count[0] >> 3) & SHA1_MASK), m1;
/* put bytes in the buffer in an order in which references to */
/* 32-bit words will put bytes with lower addresses into the */
/* top of 32 bit words on BOTH big and little endian machines */
bsw_32(ctx->wbuf, (i + 4) >> 2);
/* we now need to mask valid bytes and add the padding which is */
/* a single 1 bit and as many zero bits as necessary. Note that */
/* we can always add the first padding byte here because the */
/* buffer always has at least one empty slot */
m1 = (unsigned char)0x80 >> (ctx->count[0] & 7);
ctx->wbuf[i >> 2] &= ((0xffffff00 | (~m1 + 1)) << 8 * (~i & 3));
ctx->wbuf[i >> 2] |= (m1 << 8 * (~i & 3));
/* we need 9 or more empty positions, one for the padding byte */
/* (above) and eight for the length count. If there is not */
/* enough space, pad and empty the buffer */
if(i > SHA1_BLOCK_SIZE - 9)
{
if(i < 60) ctx->wbuf[15] = 0;
sha1_compile(ctx);
i = 0;
}
else /* compute a word index for the empty buffer positions */
i = (i >> 2) + 1;
while(i < 14) /* and zero pad all but last two positions */
ctx->wbuf[i++] = 0;
/* the following 32-bit length fields are assembled in the */
/* wrong byte order on little endian machines but this is */
/* corrected later since they are only ever used as 32-bit */
/* word values. */
ctx->wbuf[14] = ctx->count[1];
ctx->wbuf[15] = ctx->count[0];
sha1_compile(ctx);
/* extract the hash value as bytes in case the hash buffer is */
/* misaligned for 32-bit words */
for(i = 0; i < SHA1_DIGEST_SIZE; ++i)
hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3)));
}
VOID_RETURN sha1(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha1_ctx cx[1];
sha1_begin(cx); sha1_hash(data, len, cx); sha1_end(hval, cx);
}
#if defined(__cplusplus)
}
#endif

772
src/java/KP2AKdbLibrary/app/src/main/jni/sha/sha2.c Normal file
View File

@@ -0,0 +1,772 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 01/08/2005
This is a byte oriented version of SHA2 that operates on arrays of bytes
stored in memory. This code implements sha256, sha384 and sha512 but the
latter two functions rely on efficient 64-bit integer operations that
may not be very efficient on 32-bit machines
The sha256 functions use a type 'sha256_ctx' to hold details of the
current hash state and uses the following three calls:
void sha256_begin(sha256_ctx ctx[1])
void sha256_hash(const unsigned char data[],
unsigned long len, sha256_ctx ctx[1])
void sha_end1(unsigned char hval[], sha256_ctx ctx[1])
The first subroutine initialises a hash computation by setting up the
context in the sha256_ctx context. The second subroutine hashes 8-bit
bytes from array data[] into the hash state withinh sha256_ctx context,
the number of bytes to be hashed being given by the the unsigned long
integer len. The third subroutine completes the hash calculation and
places the resulting digest value in the array of 8-bit bytes hval[].
The sha384 and sha512 functions are similar and use the interfaces:
void sha384_begin(sha384_ctx ctx[1]);
void sha384_hash(const unsigned char data[],
unsigned long len, sha384_ctx ctx[1]);
void sha384_end(unsigned char hval[], sha384_ctx ctx[1]);
void sha512_begin(sha512_ctx ctx[1]);
void sha512_hash(const unsigned char data[],
unsigned long len, sha512_ctx ctx[1]);
void sha512_end(unsigned char hval[], sha512_ctx ctx[1]);
In addition there is a function sha2 that can be used to call all these
functions using a call with a hash length parameter as follows:
int sha2_begin(unsigned long len, sha2_ctx ctx[1]);
void sha2_hash(const unsigned char data[],
unsigned long len, sha2_ctx ctx[1]);
void sha2_end(unsigned char hval[], sha2_ctx ctx[1]);
My thanks to Erik Andersen <andersen@codepoet.org> for testing this code
on big-endian systems and for his assistance with corrections
*/
#if 0
#define UNROLL_SHA2 /* for SHA2 loop unroll */
#endif
#include <string.h> /* for memcpy() etc. */
#include "sha2.h"
#include "brg_endian.h"
#if defined(__cplusplus)
extern "C"
{
#endif
#if defined( _MSC_VER ) && ( _MSC_VER > 800 )
#pragma intrinsic(memcpy)
#endif
#if 0 && defined(_MSC_VER)
#define rotl32 _lrotl
#define rotr32 _lrotr
#else
#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n)))
#endif
#if !defined(bswap_32)
#define bswap_32(x) ((rotr32((x), 24) & 0x00ff00ff) | (rotr32((x), 8) & 0xff00ff00))
#endif
#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
#define SWAP_BYTES
#else
#undef SWAP_BYTES
#endif
#if 0
#define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z)))
#define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#else /* Thanks to Rich Schroeppel and Colin Plumb for the following */
#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y))))
#endif
/* round transforms for SHA256 and SHA512 compression functions */
#define vf(n,i) v[(n - i) & 7]
#define hf(i) (p[i & 15] += \
g_1(p[(i + 14) & 15]) + p[(i + 9) & 15] + g_0(p[(i + 1) & 15]))
#define v_cycle(i,j) \
vf(7,i) += (j ? hf(i) : p[i]) + k_0[i+j] \
+ s_1(vf(4,i)) + ch(vf(4,i),vf(5,i),vf(6,i)); \
vf(3,i) += vf(7,i); \
vf(7,i) += s_0(vf(0,i))+ maj(vf(0,i),vf(1,i),vf(2,i))
#if defined(SHA_224) || defined(SHA_256)
#define SHA256_MASK (SHA256_BLOCK_SIZE - 1)
#if defined(SWAP_BYTES)
#define bsw_32(p,n) \
{ int _i = (n); while(_i--) ((uint_32t*)p)[_i] = bswap_32(((uint_32t*)p)[_i]); }
#else
#define bsw_32(p,n)
#endif
#define s_0(x) (rotr32((x), 2) ^ rotr32((x), 13) ^ rotr32((x), 22))
#define s_1(x) (rotr32((x), 6) ^ rotr32((x), 11) ^ rotr32((x), 25))
#define g_0(x) (rotr32((x), 7) ^ rotr32((x), 18) ^ ((x) >> 3))
#define g_1(x) (rotr32((x), 17) ^ rotr32((x), 19) ^ ((x) >> 10))
#define k_0 k256
/* rotated SHA256 round definition. Rather than swapping variables as in */
/* FIPS-180, different variables are 'rotated' on each round, returning */
/* to their starting positions every eight rounds */
#define q(n) v##n
#define one_cycle(a,b,c,d,e,f,g,h,k,w) \
q(h) += s_1(q(e)) + ch(q(e), q(f), q(g)) + k + w; \
q(d) += q(h); q(h) += s_0(q(a)) + maj(q(a), q(b), q(c))
/* SHA256 mixing data */
const uint_32t k256[64] =
{ 0x428a2f98ul, 0x71374491ul, 0xb5c0fbcful, 0xe9b5dba5ul,
0x3956c25bul, 0x59f111f1ul, 0x923f82a4ul, 0xab1c5ed5ul,
0xd807aa98ul, 0x12835b01ul, 0x243185beul, 0x550c7dc3ul,
0x72be5d74ul, 0x80deb1feul, 0x9bdc06a7ul, 0xc19bf174ul,
0xe49b69c1ul, 0xefbe4786ul, 0x0fc19dc6ul, 0x240ca1ccul,
0x2de92c6ful, 0x4a7484aaul, 0x5cb0a9dcul, 0x76f988daul,
0x983e5152ul, 0xa831c66dul, 0xb00327c8ul, 0xbf597fc7ul,
0xc6e00bf3ul, 0xd5a79147ul, 0x06ca6351ul, 0x14292967ul,
0x27b70a85ul, 0x2e1b2138ul, 0x4d2c6dfcul, 0x53380d13ul,
0x650a7354ul, 0x766a0abbul, 0x81c2c92eul, 0x92722c85ul,
0xa2bfe8a1ul, 0xa81a664bul, 0xc24b8b70ul, 0xc76c51a3ul,
0xd192e819ul, 0xd6990624ul, 0xf40e3585ul, 0x106aa070ul,
0x19a4c116ul, 0x1e376c08ul, 0x2748774cul, 0x34b0bcb5ul,
0x391c0cb3ul, 0x4ed8aa4aul, 0x5b9cca4ful, 0x682e6ff3ul,
0x748f82eeul, 0x78a5636ful, 0x84c87814ul, 0x8cc70208ul,
0x90befffaul, 0xa4506cebul, 0xbef9a3f7ul, 0xc67178f2ul,
};
/* Compile 64 bytes of hash data into SHA256 digest value */
/* NOTE: this routine assumes that the byte order in the */
/* ctx->wbuf[] at this point is such that low address bytes */
/* in the ORIGINAL byte stream will go into the high end of */
/* words on BOTH big and little endian systems */
VOID_RETURN sha256_compile(sha256_ctx ctx[1])
{
#if !defined(UNROLL_SHA2)
uint_32t j, *p = ctx->wbuf, v[8];
memcpy(v, ctx->hash, 8 * sizeof(uint_32t));
for(j = 0; j < 64; j += 16)
{
v_cycle( 0, j); v_cycle( 1, j);
v_cycle( 2, j); v_cycle( 3, j);
v_cycle( 4, j); v_cycle( 5, j);
v_cycle( 6, j); v_cycle( 7, j);
v_cycle( 8, j); v_cycle( 9, j);
v_cycle(10, j); v_cycle(11, j);
v_cycle(12, j); v_cycle(13, j);
v_cycle(14, j); v_cycle(15, j);
}
ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
ctx->hash[4] += v[4]; ctx->hash[5] += v[5];
ctx->hash[6] += v[6]; ctx->hash[7] += v[7];
#else
uint_32t *p = ctx->wbuf,v0,v1,v2,v3,v4,v5,v6,v7;
v0 = ctx->hash[0]; v1 = ctx->hash[1];
v2 = ctx->hash[2]; v3 = ctx->hash[3];
v4 = ctx->hash[4]; v5 = ctx->hash[5];
v6 = ctx->hash[6]; v7 = ctx->hash[7];
one_cycle(0,1,2,3,4,5,6,7,k256[ 0],p[ 0]);
one_cycle(7,0,1,2,3,4,5,6,k256[ 1],p[ 1]);
one_cycle(6,7,0,1,2,3,4,5,k256[ 2],p[ 2]);
one_cycle(5,6,7,0,1,2,3,4,k256[ 3],p[ 3]);
one_cycle(4,5,6,7,0,1,2,3,k256[ 4],p[ 4]);
one_cycle(3,4,5,6,7,0,1,2,k256[ 5],p[ 5]);
one_cycle(2,3,4,5,6,7,0,1,k256[ 6],p[ 6]);
one_cycle(1,2,3,4,5,6,7,0,k256[ 7],p[ 7]);
one_cycle(0,1,2,3,4,5,6,7,k256[ 8],p[ 8]);
one_cycle(7,0,1,2,3,4,5,6,k256[ 9],p[ 9]);
one_cycle(6,7,0,1,2,3,4,5,k256[10],p[10]);
one_cycle(5,6,7,0,1,2,3,4,k256[11],p[11]);
one_cycle(4,5,6,7,0,1,2,3,k256[12],p[12]);
one_cycle(3,4,5,6,7,0,1,2,k256[13],p[13]);
one_cycle(2,3,4,5,6,7,0,1,k256[14],p[14]);
one_cycle(1,2,3,4,5,6,7,0,k256[15],p[15]);
one_cycle(0,1,2,3,4,5,6,7,k256[16],hf( 0));
one_cycle(7,0,1,2,3,4,5,6,k256[17],hf( 1));
one_cycle(6,7,0,1,2,3,4,5,k256[18],hf( 2));
one_cycle(5,6,7,0,1,2,3,4,k256[19],hf( 3));
one_cycle(4,5,6,7,0,1,2,3,k256[20],hf( 4));
one_cycle(3,4,5,6,7,0,1,2,k256[21],hf( 5));
one_cycle(2,3,4,5,6,7,0,1,k256[22],hf( 6));
one_cycle(1,2,3,4,5,6,7,0,k256[23],hf( 7));
one_cycle(0,1,2,3,4,5,6,7,k256[24],hf( 8));
one_cycle(7,0,1,2,3,4,5,6,k256[25],hf( 9));
one_cycle(6,7,0,1,2,3,4,5,k256[26],hf(10));
one_cycle(5,6,7,0,1,2,3,4,k256[27],hf(11));
one_cycle(4,5,6,7,0,1,2,3,k256[28],hf(12));
one_cycle(3,4,5,6,7,0,1,2,k256[29],hf(13));
one_cycle(2,3,4,5,6,7,0,1,k256[30],hf(14));
one_cycle(1,2,3,4,5,6,7,0,k256[31],hf(15));
one_cycle(0,1,2,3,4,5,6,7,k256[32],hf( 0));
one_cycle(7,0,1,2,3,4,5,6,k256[33],hf( 1));
one_cycle(6,7,0,1,2,3,4,5,k256[34],hf( 2));
one_cycle(5,6,7,0,1,2,3,4,k256[35],hf( 3));
one_cycle(4,5,6,7,0,1,2,3,k256[36],hf( 4));
one_cycle(3,4,5,6,7,0,1,2,k256[37],hf( 5));
one_cycle(2,3,4,5,6,7,0,1,k256[38],hf( 6));
one_cycle(1,2,3,4,5,6,7,0,k256[39],hf( 7));
one_cycle(0,1,2,3,4,5,6,7,k256[40],hf( 8));
one_cycle(7,0,1,2,3,4,5,6,k256[41],hf( 9));
one_cycle(6,7,0,1,2,3,4,5,k256[42],hf(10));
one_cycle(5,6,7,0,1,2,3,4,k256[43],hf(11));
one_cycle(4,5,6,7,0,1,2,3,k256[44],hf(12));
one_cycle(3,4,5,6,7,0,1,2,k256[45],hf(13));
one_cycle(2,3,4,5,6,7,0,1,k256[46],hf(14));
one_cycle(1,2,3,4,5,6,7,0,k256[47],hf(15));
one_cycle(0,1,2,3,4,5,6,7,k256[48],hf( 0));
one_cycle(7,0,1,2,3,4,5,6,k256[49],hf( 1));
one_cycle(6,7,0,1,2,3,4,5,k256[50],hf( 2));
one_cycle(5,6,7,0,1,2,3,4,k256[51],hf( 3));
one_cycle(4,5,6,7,0,1,2,3,k256[52],hf( 4));
one_cycle(3,4,5,6,7,0,1,2,k256[53],hf( 5));
one_cycle(2,3,4,5,6,7,0,1,k256[54],hf( 6));
one_cycle(1,2,3,4,5,6,7,0,k256[55],hf( 7));
one_cycle(0,1,2,3,4,5,6,7,k256[56],hf( 8));
one_cycle(7,0,1,2,3,4,5,6,k256[57],hf( 9));
one_cycle(6,7,0,1,2,3,4,5,k256[58],hf(10));
one_cycle(5,6,7,0,1,2,3,4,k256[59],hf(11));
one_cycle(4,5,6,7,0,1,2,3,k256[60],hf(12));
one_cycle(3,4,5,6,7,0,1,2,k256[61],hf(13));
one_cycle(2,3,4,5,6,7,0,1,k256[62],hf(14));
one_cycle(1,2,3,4,5,6,7,0,k256[63],hf(15));
ctx->hash[0] += v0; ctx->hash[1] += v1;
ctx->hash[2] += v2; ctx->hash[3] += v3;
ctx->hash[4] += v4; ctx->hash[5] += v5;
ctx->hash[6] += v6; ctx->hash[7] += v7;
#endif
}
/* SHA256 hash data in an array of bytes into hash buffer */
/* and call the hash_compile function as required. */
VOID_RETURN sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1])
{ uint_32t pos = (uint_32t)(ctx->count[0] & SHA256_MASK),
space = SHA256_BLOCK_SIZE - pos;
const unsigned char *sp = data;
if((ctx->count[0] += len) < len)
++(ctx->count[1]);
while(len >= space) /* tranfer whole blocks while possible */
{
memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space);
sp += space; len -= space; space = SHA256_BLOCK_SIZE; pos = 0;
bsw_32(ctx->wbuf, SHA256_BLOCK_SIZE >> 2)
sha256_compile(ctx);
}
memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len);
}
/* SHA256 Final padding and digest calculation */
static void sha_end1(unsigned char hval[], sha256_ctx ctx[1], const unsigned int hlen)
{ uint_32t i = (uint_32t)(ctx->count[0] & SHA256_MASK);
/* put bytes in the buffer in an order in which references to */
/* 32-bit words will put bytes with lower addresses into the */
/* top of 32 bit words on BOTH big and little endian machines */
bsw_32(ctx->wbuf, (i + 3) >> 2)
/* we now need to mask valid bytes and add the padding which is */
/* a single 1 bit and as many zero bits as necessary. Note that */
/* we can always add the first padding byte here because the */
/* buffer always has at least one empty slot */
ctx->wbuf[i >> 2] &= 0xffffff80 << 8 * (~i & 3);
ctx->wbuf[i >> 2] |= 0x00000080 << 8 * (~i & 3);
/* we need 9 or more empty positions, one for the padding byte */
/* (above) and eight for the length count. If there is not */
/* enough space pad and empty the buffer */
if(i > SHA256_BLOCK_SIZE - 9)
{
if(i < 60) ctx->wbuf[15] = 0;
sha256_compile(ctx);
i = 0;
}
else /* compute a word index for the empty buffer positions */
i = (i >> 2) + 1;
while(i < 14) /* and zero pad all but last two positions */
ctx->wbuf[i++] = 0;
/* the following 32-bit length fields are assembled in the */
/* wrong byte order on little endian machines but this is */
/* corrected later since they are only ever used as 32-bit */
/* word values. */
ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29);
ctx->wbuf[15] = ctx->count[0] << 3;
sha256_compile(ctx);
/* extract the hash value as bytes in case the hash buffer is */
/* mislaigned for 32-bit words */
for(i = 0; i < hlen; ++i)
hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3)));
}
#endif
#if defined(SHA_224)
const uint_32t i224[8] =
{
0xc1059ed8ul, 0x367cd507ul, 0x3070dd17ul, 0xf70e5939ul,
0xffc00b31ul, 0x68581511ul, 0x64f98fa7ul, 0xbefa4fa4ul
};
VOID_RETURN sha224_begin(sha224_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
memcpy(ctx->hash, i224, 8 * sizeof(uint_32t));
}
VOID_RETURN sha224_end(unsigned char hval[], sha224_ctx ctx[1])
{
sha_end1(hval, ctx, SHA224_DIGEST_SIZE);
}
VOID_RETURN sha224(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha224_ctx cx[1];
sha224_begin(cx);
sha224_hash(data, len, cx);
sha_end1(hval, cx, SHA224_DIGEST_SIZE);
}
#endif
#if defined(SHA_256)
const uint_32t i256[8] =
{
0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,
0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul
};
VOID_RETURN sha256_begin(sha256_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
memcpy(ctx->hash, i256, 8 * sizeof(uint_32t));
}
VOID_RETURN sha256_end(unsigned char hval[], sha256_ctx ctx[1])
{
sha_end1(hval, ctx, SHA256_DIGEST_SIZE);
}
VOID_RETURN sha256(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha256_ctx cx[1];
sha256_begin(cx);
sha256_hash(data, len, cx);
sha_end1(hval, cx, SHA256_DIGEST_SIZE);
}
#endif
#if defined(SHA_384) || defined(SHA_512)
#define SHA512_MASK (SHA512_BLOCK_SIZE - 1)
#define rotr64(x,n) (((x) >> n) | ((x) << (64 - n)))
#if !defined(bswap_64)
#define bswap_64(x) (((uint_64t)(bswap_32((uint_32t)(x)))) << 32 | bswap_32((uint_32t)((x) >> 32)))
#endif
#if defined(SWAP_BYTES)
#define bsw_64(p,n) \
{ int _i = (n); while(_i--) ((uint_64t*)p)[_i] = bswap_64(((uint_64t*)p)[_i]); }
#else
#define bsw_64(p,n)
#endif
/* SHA512 mixing function definitions */
#ifdef s_0
# undef s_0
# undef s_1
# undef g_0
# undef g_1
# undef k_0
#endif
#define s_0(x) (rotr64((x), 28) ^ rotr64((x), 34) ^ rotr64((x), 39))
#define s_1(x) (rotr64((x), 14) ^ rotr64((x), 18) ^ rotr64((x), 41))
#define g_0(x) (rotr64((x), 1) ^ rotr64((x), 8) ^ ((x) >> 7))
#define g_1(x) (rotr64((x), 19) ^ rotr64((x), 61) ^ ((x) >> 6))
#define k_0 k512
/* SHA384/SHA512 mixing data */
const uint_64t k512[80] =
{
li_64(428a2f98d728ae22), li_64(7137449123ef65cd),
li_64(b5c0fbcfec4d3b2f), li_64(e9b5dba58189dbbc),
li_64(3956c25bf348b538), li_64(59f111f1b605d019),
li_64(923f82a4af194f9b), li_64(ab1c5ed5da6d8118),
li_64(d807aa98a3030242), li_64(12835b0145706fbe),
li_64(243185be4ee4b28c), li_64(550c7dc3d5ffb4e2),
li_64(72be5d74f27b896f), li_64(80deb1fe3b1696b1),
li_64(9bdc06a725c71235), li_64(c19bf174cf692694),
li_64(e49b69c19ef14ad2), li_64(efbe4786384f25e3),
li_64(0fc19dc68b8cd5b5), li_64(240ca1cc77ac9c65),
li_64(2de92c6f592b0275), li_64(4a7484aa6ea6e483),
li_64(5cb0a9dcbd41fbd4), li_64(76f988da831153b5),
li_64(983e5152ee66dfab), li_64(a831c66d2db43210),
li_64(b00327c898fb213f), li_64(bf597fc7beef0ee4),
li_64(c6e00bf33da88fc2), li_64(d5a79147930aa725),
li_64(06ca6351e003826f), li_64(142929670a0e6e70),
li_64(27b70a8546d22ffc), li_64(2e1b21385c26c926),
li_64(4d2c6dfc5ac42aed), li_64(53380d139d95b3df),
li_64(650a73548baf63de), li_64(766a0abb3c77b2a8),
li_64(81c2c92e47edaee6), li_64(92722c851482353b),
li_64(a2bfe8a14cf10364), li_64(a81a664bbc423001),
li_64(c24b8b70d0f89791), li_64(c76c51a30654be30),
li_64(d192e819d6ef5218), li_64(d69906245565a910),
li_64(f40e35855771202a), li_64(106aa07032bbd1b8),
li_64(19a4c116b8d2d0c8), li_64(1e376c085141ab53),
li_64(2748774cdf8eeb99), li_64(34b0bcb5e19b48a8),
li_64(391c0cb3c5c95a63), li_64(4ed8aa4ae3418acb),
li_64(5b9cca4f7763e373), li_64(682e6ff3d6b2b8a3),
li_64(748f82ee5defb2fc), li_64(78a5636f43172f60),
li_64(84c87814a1f0ab72), li_64(8cc702081a6439ec),
li_64(90befffa23631e28), li_64(a4506cebde82bde9),
li_64(bef9a3f7b2c67915), li_64(c67178f2e372532b),
li_64(ca273eceea26619c), li_64(d186b8c721c0c207),
li_64(eada7dd6cde0eb1e), li_64(f57d4f7fee6ed178),
li_64(06f067aa72176fba), li_64(0a637dc5a2c898a6),
li_64(113f9804bef90dae), li_64(1b710b35131c471b),
li_64(28db77f523047d84), li_64(32caab7b40c72493),
li_64(3c9ebe0a15c9bebc), li_64(431d67c49c100d4c),
li_64(4cc5d4becb3e42b6), li_64(597f299cfc657e2a),
li_64(5fcb6fab3ad6faec), li_64(6c44198c4a475817)
};
/* Compile 128 bytes of hash data into SHA384/512 digest */
/* NOTE: this routine assumes that the byte order in the */
/* ctx->wbuf[] at this point is such that low address bytes */
/* in the ORIGINAL byte stream will go into the high end of */
/* words on BOTH big and little endian systems */
VOID_RETURN sha512_compile(sha512_ctx ctx[1])
{ uint_64t v[8], *p = ctx->wbuf;
uint_32t j;
memcpy(v, ctx->hash, 8 * sizeof(uint_64t));
for(j = 0; j < 80; j += 16)
{
v_cycle( 0, j); v_cycle( 1, j);
v_cycle( 2, j); v_cycle( 3, j);
v_cycle( 4, j); v_cycle( 5, j);
v_cycle( 6, j); v_cycle( 7, j);
v_cycle( 8, j); v_cycle( 9, j);
v_cycle(10, j); v_cycle(11, j);
v_cycle(12, j); v_cycle(13, j);
v_cycle(14, j); v_cycle(15, j);
}
ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
ctx->hash[4] += v[4]; ctx->hash[5] += v[5];
ctx->hash[6] += v[6]; ctx->hash[7] += v[7];
}
/* Compile 128 bytes of hash data into SHA256 digest value */
/* NOTE: this routine assumes that the byte order in the */
/* ctx->wbuf[] at this point is in such an order that low */
/* address bytes in the ORIGINAL byte stream placed in this */
/* buffer will now go to the high end of words on BOTH big */
/* and little endian systems */
VOID_RETURN sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1])
{ uint_32t pos = (uint_32t)(ctx->count[0] & SHA512_MASK),
space = SHA512_BLOCK_SIZE - pos;
const unsigned char *sp = data;
if((ctx->count[0] += len) < len)
++(ctx->count[1]);
while(len >= space) /* tranfer whole blocks while possible */
{
memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space);
sp += space; len -= space; space = SHA512_BLOCK_SIZE; pos = 0;
bsw_64(ctx->wbuf, SHA512_BLOCK_SIZE >> 3);
sha512_compile(ctx);
}
memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len);
}
/* SHA384/512 Final padding and digest calculation */
static void sha_end2(unsigned char hval[], sha512_ctx ctx[1], const unsigned int hlen)
{ uint_32t i = (uint_32t)(ctx->count[0] & SHA512_MASK);
/* put bytes in the buffer in an order in which references to */
/* 32-bit words will put bytes with lower addresses into the */
/* top of 32 bit words on BOTH big and little endian machines */
bsw_64(ctx->wbuf, (i + 7) >> 3);
/* we now need to mask valid bytes and add the padding which is */
/* a single 1 bit and as many zero bits as necessary. Note that */
/* we can always add the first padding byte here because the */
/* buffer always has at least one empty slot */
ctx->wbuf[i >> 3] &= li_64(ffffffffffffff00) << 8 * (~i & 7);
ctx->wbuf[i >> 3] |= li_64(0000000000000080) << 8 * (~i & 7);
/* we need 17 or more empty byte positions, one for the padding */
/* byte (above) and sixteen for the length count. If there is */
/* not enough space pad and empty the buffer */
if(i > SHA512_BLOCK_SIZE - 17)
{
if(i < 120) ctx->wbuf[15] = 0;
sha512_compile(ctx);
i = 0;
}
else
i = (i >> 3) + 1;
while(i < 14)
ctx->wbuf[i++] = 0;
/* the following 64-bit length fields are assembled in the */
/* wrong byte order on little endian machines but this is */
/* corrected later since they are only ever used as 64-bit */
/* word values. */
ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 61);
ctx->wbuf[15] = ctx->count[0] << 3;
sha512_compile(ctx);
/* extract the hash value as bytes in case the hash buffer is */
/* misaligned for 32-bit words */
for(i = 0; i < hlen; ++i)
hval[i] = (unsigned char)(ctx->hash[i >> 3] >> (8 * (~i & 7)));
}
#endif
#if defined(SHA_384)
/* SHA384 initialisation data */
const uint_64t i384[80] =
{
li_64(cbbb9d5dc1059ed8), li_64(629a292a367cd507),
li_64(9159015a3070dd17), li_64(152fecd8f70e5939),
li_64(67332667ffc00b31), li_64(8eb44a8768581511),
li_64(db0c2e0d64f98fa7), li_64(47b5481dbefa4fa4)
};
VOID_RETURN sha384_begin(sha384_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
memcpy(ctx->hash, i384, 8 * sizeof(uint_64t));
}
VOID_RETURN sha384_end(unsigned char hval[], sha384_ctx ctx[1])
{
sha_end2(hval, ctx, SHA384_DIGEST_SIZE);
}
VOID_RETURN sha384(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha384_ctx cx[1];
sha384_begin(cx);
sha384_hash(data, len, cx);
sha_end2(hval, cx, SHA384_DIGEST_SIZE);
}
#endif
#if defined(SHA_512)
/* SHA512 initialisation data */
const uint_64t i512[80] =
{
li_64(6a09e667f3bcc908), li_64(bb67ae8584caa73b),
li_64(3c6ef372fe94f82b), li_64(a54ff53a5f1d36f1),
li_64(510e527fade682d1), li_64(9b05688c2b3e6c1f),
li_64(1f83d9abfb41bd6b), li_64(5be0cd19137e2179)
};
VOID_RETURN sha512_begin(sha512_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
memcpy(ctx->hash, i512, 8 * sizeof(uint_64t));
}
VOID_RETURN sha512_end(unsigned char hval[], sha512_ctx ctx[1])
{
sha_end2(hval, ctx, SHA512_DIGEST_SIZE);
}
VOID_RETURN sha512(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha512_ctx cx[1];
sha512_begin(cx);
sha512_hash(data, len, cx);
sha_end2(hval, cx, SHA512_DIGEST_SIZE);
}
#endif
#if defined(SHA_2)
#define CTX_224(x) ((x)->uu->ctx256)
#define CTX_256(x) ((x)->uu->ctx256)
#define CTX_384(x) ((x)->uu->ctx512)
#define CTX_512(x) ((x)->uu->ctx512)
/* SHA2 initialisation */
INT_RETURN sha2_begin(unsigned long len, sha2_ctx ctx[1])
{
switch(len)
{
#if defined(SHA_224)
case 224:
case 28: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0;
memcpy(CTX_256(ctx)->hash, i224, 32);
ctx->sha2_len = 28; return EXIT_SUCCESS;
#endif
#if defined(SHA_256)
case 256:
case 32: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0;
memcpy(CTX_256(ctx)->hash, i256, 32);
ctx->sha2_len = 32; return EXIT_SUCCESS;
#endif
#if defined(SHA_384)
case 384:
case 48: CTX_384(ctx)->count[0] = CTX_384(ctx)->count[1] = 0;
memcpy(CTX_384(ctx)->hash, i384, 64);
ctx->sha2_len = 48; return EXIT_SUCCESS;
#endif
#if defined(SHA_512)
case 512:
case 64: CTX_512(ctx)->count[0] = CTX_512(ctx)->count[1] = 0;
memcpy(CTX_512(ctx)->hash, i512, 64);
ctx->sha2_len = 64; return EXIT_SUCCESS;
#endif
default: return EXIT_FAILURE;
}
}
VOID_RETURN sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1])
{
switch(ctx->sha2_len)
{
#if defined(SHA_224)
case 28: sha224_hash(data, len, CTX_224(ctx)); return;
#endif
#if defined(SHA_256)
case 32: sha256_hash(data, len, CTX_256(ctx)); return;
#endif
#if defined(SHA_384)
case 48: sha384_hash(data, len, CTX_384(ctx)); return;
#endif
#if defined(SHA_512)
case 64: sha512_hash(data, len, CTX_512(ctx)); return;
#endif
}
}
VOID_RETURN sha2_end(unsigned char hval[], sha2_ctx ctx[1])
{
switch(ctx->sha2_len)
{
#if defined(SHA_224)
case 28: sha_end1(hval, CTX_224(ctx), SHA224_DIGEST_SIZE); return;
#endif
#if defined(SHA_256)
case 32: sha_end1(hval, CTX_256(ctx), SHA256_DIGEST_SIZE); return;
#endif
#if defined(SHA_384)
case 48: sha_end2(hval, CTX_384(ctx), SHA384_DIGEST_SIZE); return;
#endif
#if defined(SHA_512)
case 64: sha_end2(hval, CTX_512(ctx), SHA512_DIGEST_SIZE); return;
#endif
}
}
INT_RETURN sha2(unsigned char hval[], unsigned long size,
const unsigned char data[], unsigned long len)
{ sha2_ctx cx[1];
if(sha2_begin(size, cx) == EXIT_SUCCESS)
{
sha2_hash(data, len, cx); sha2_end(hval, cx); return EXIT_SUCCESS;
}
else
return EXIT_FAILURE;
}
#endif
#if defined(__cplusplus)
}
#endif

151
src/java/KP2AKdbLibrary/app/src/main/jni/sha/sha2.h Normal file
View File

@@ -0,0 +1,151 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 01/08/2005
*/
#ifndef _SHA2_H
#define _SHA2_H
#include <stdlib.h>
#define SHA_64BIT
/* define the hash functions that you need */
#define SHA_2 /* for dynamic hash length */
#define SHA_224
#define SHA_256
#ifdef SHA_64BIT
# define SHA_384
# define SHA_512
# define NEED_UINT_64T
#endif
#include "brg_types.h"
#if defined(__cplusplus)
extern "C"
{
#endif
/* Note that the following function prototypes are the same */
/* for both the bit and byte oriented implementations. But */
/* the length fields are in bytes or bits as is appropriate */
/* for the version used. Bit sequences are arrays of bytes */
/* in which bit sequence indexes increase from the most to */
/* the least significant end of each byte */
#define SHA224_DIGEST_SIZE 28
#define SHA224_BLOCK_SIZE 64
#define SHA256_DIGEST_SIZE 32
#define SHA256_BLOCK_SIZE 64
/* type to hold the SHA256 (and SHA224) context */
typedef struct
{ uint_32t count[2];
uint_32t hash[8];
uint_32t wbuf[16];
} sha256_ctx;
typedef sha256_ctx sha224_ctx;
VOID_RETURN sha256_compile(sha256_ctx ctx[1]);
VOID_RETURN sha224_begin(sha224_ctx ctx[1]);
#define sha224_hash sha256_hash
VOID_RETURN sha224_end(unsigned char hval[], sha224_ctx ctx[1]);
VOID_RETURN sha224(unsigned char hval[], const unsigned char data[], unsigned long len);
VOID_RETURN sha256_begin(sha256_ctx ctx[1]);
VOID_RETURN sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]);
VOID_RETURN sha256_end(unsigned char hval[], sha256_ctx ctx[1]);
VOID_RETURN sha256(unsigned char hval[], const unsigned char data[], unsigned long len);
#ifndef SHA_64BIT
typedef struct
{ union
{ sha256_ctx ctx256[1];
} uu[1];
uint_32t sha2_len;
} sha2_ctx;
#define SHA2_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE
#else
#define SHA384_DIGEST_SIZE 48
#define SHA384_BLOCK_SIZE 128
#define SHA512_DIGEST_SIZE 64
#define SHA512_BLOCK_SIZE 128
#define SHA2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
/* type to hold the SHA384 (and SHA512) context */
typedef struct
{ uint_64t count[2];
uint_64t hash[8];
uint_64t wbuf[16];
} sha512_ctx;
typedef sha512_ctx sha384_ctx;
typedef struct
{ union
{ sha256_ctx ctx256[1];
sha512_ctx ctx512[1];
} uu[1];
uint_32t sha2_len;
} sha2_ctx;
VOID_RETURN sha512_compile(sha512_ctx ctx[1]);
VOID_RETURN sha384_begin(sha384_ctx ctx[1]);
#define sha384_hash sha512_hash
VOID_RETURN sha384_end(unsigned char hval[], sha384_ctx ctx[1]);
VOID_RETURN sha384(unsigned char hval[], const unsigned char data[], unsigned long len);
VOID_RETURN sha512_begin(sha512_ctx ctx[1]);
VOID_RETURN sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]);
VOID_RETURN sha512_end(unsigned char hval[], sha512_ctx ctx[1]);
VOID_RETURN sha512(unsigned char hval[], const unsigned char data[], unsigned long len);
INT_RETURN sha2_begin(unsigned long size, sha2_ctx ctx[1]);
VOID_RETURN sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]);
VOID_RETURN sha2_end(unsigned char hval[], sha2_ctx ctx[1]);
INT_RETURN sha2(unsigned char hval[], unsigned long size, const unsigned char data[], unsigned long len);
#endif
#if defined(__cplusplus)
}
#endif
#endif

833
src/java/KP2AKdbLibrary/app/src/main/jni/sha/sha2b.c Normal file
View File

@@ -0,0 +1,833 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue Date: 01/08/2005
This is a bit oriented version of SHA2 that operates on arrays of bytes
stored in memory. This code implements sha256, sha384 and sha512 but the
latter two functions rely on efficient 64-bit integer operations that
may not be very efficient on 32-bit machines
The sha256 functions use a type 'sha256_ctx' to hold details of the
current hash state and uses the following three calls:
void sha256_begin(sha256_ctx ctx[1])
void sha256_hash(const unsigned char data[],
unsigned long len, sha256_ctx ctx[1])
void sha_end1(unsigned char hval[], sha256_ctx ctx[1])
The first subroutine initialises a hash computation by setting up the
context in the sha256_ctx context. The second subroutine hashes 8-bit
bytes from array data[] into the hash state withinh sha256_ctx context,
the number of bytes to be hashed being given by the the unsigned long
integer len. The third subroutine completes the hash calculation and
places the resulting digest value in the array of 8-bit bytes hval[].
The sha384 and sha512 functions are similar and use the interfaces:
void sha384_begin(sha384_ctx ctx[1]);
void sha384_hash(const unsigned char data[],
unsigned long len, sha384_ctx ctx[1]);
void sha384_end(unsigned char hval[], sha384_ctx ctx[1]);
void sha512_begin(sha512_ctx ctx[1]);
void sha512_hash(const unsigned char data[],
unsigned long len, sha512_ctx ctx[1]);
void sha512_end(unsigned char hval[], sha512_ctx ctx[1]);
In addition there is a function sha2 that can be used to call all these
functions using a call with a hash length parameter as follows:
int sha2_begin(unsigned long len, sha2_ctx ctx[1]);
void sha2_hash(const unsigned char data[],
unsigned long len, sha2_ctx ctx[1]);
void sha2_end(unsigned char hval[], sha2_ctx ctx[1]);
My thanks to Erik Andersen <andersen@codepoet.org> for testing this code
on big-endian systems and for his assistance with corrections
*/
#if 1
#define UNROLL_SHA2 /* for SHA2 loop unroll */
#endif
#include <string.h> /* for memcpy() etc. */
#include "sha2.h"
#include "brg_endian.h"
#if defined(__cplusplus)
extern "C"
{
#endif
#if defined( _MSC_VER ) && ( _MSC_VER > 800 )
#pragma intrinsic(memcpy)
#endif
#if 0 && defined(_MSC_VER)
#define rotl32 _lrotl
#define rotr32 _lrotr
#else
#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n)))
#endif
#if !defined(bswap_32)
#define bswap_32(x) ((rotr32((x), 24) & 0x00ff00ff) | (rotr32((x), 8) & 0xff00ff00))
#endif
#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
#define SWAP_BYTES
#else
#undef SWAP_BYTES
#endif
#if 0
#define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z)))
#define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#else /* Thanks to Rich Schroeppel and Colin Plumb for the following */
#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y))))
#endif
/* round transforms for SHA256 and SHA512 compression functions */
#define vf(n,i) v[(n - i) & 7]
#define hf(i) (p[i & 15] += \
g_1(p[(i + 14) & 15]) + p[(i + 9) & 15] + g_0(p[(i + 1) & 15]))
#define v_cycle(i,j) \
vf(7,i) += (j ? hf(i) : p[i]) + k_0[i+j] \
+ s_1(vf(4,i)) + ch(vf(4,i),vf(5,i),vf(6,i)); \
vf(3,i) += vf(7,i); \
vf(7,i) += s_0(vf(0,i))+ maj(vf(0,i),vf(1,i),vf(2,i))
#if defined(SHA_224) || defined(SHA_256)
#define SHA256_MASK (SHA256_BLOCK_SIZE - 1)
#if defined(SWAP_BYTES)
#define bsw_32(p,n) \
{ int _i = (n); while(_i--) ((uint_32t*)p)[_i] = bswap_32(((uint_32t*)p)[_i]); }
#else
#define bsw_32(p,n)
#endif
#define s_0(x) (rotr32((x), 2) ^ rotr32((x), 13) ^ rotr32((x), 22))
#define s_1(x) (rotr32((x), 6) ^ rotr32((x), 11) ^ rotr32((x), 25))
#define g_0(x) (rotr32((x), 7) ^ rotr32((x), 18) ^ ((x) >> 3))
#define g_1(x) (rotr32((x), 17) ^ rotr32((x), 19) ^ ((x) >> 10))
#define k_0 k256
/* rotated SHA256 round definition. Rather than swapping variables as in */
/* FIPS-180, different variables are 'rotated' on each round, returning */
/* to their starting positions every eight rounds */
#define q(n) v##n
#define one_cycle(a,b,c,d,e,f,g,h,k,w) \
q(h) += s_1(q(e)) + ch(q(e), q(f), q(g)) + k + w; \
q(d) += q(h); q(h) += s_0(q(a)) + maj(q(a), q(b), q(c))
/* SHA256 mixing data */
const uint_32t k256[64] =
{ 0x428a2f98ul, 0x71374491ul, 0xb5c0fbcful, 0xe9b5dba5ul,
0x3956c25bul, 0x59f111f1ul, 0x923f82a4ul, 0xab1c5ed5ul,
0xd807aa98ul, 0x12835b01ul, 0x243185beul, 0x550c7dc3ul,
0x72be5d74ul, 0x80deb1feul, 0x9bdc06a7ul, 0xc19bf174ul,
0xe49b69c1ul, 0xefbe4786ul, 0x0fc19dc6ul, 0x240ca1ccul,
0x2de92c6ful, 0x4a7484aaul, 0x5cb0a9dcul, 0x76f988daul,
0x983e5152ul, 0xa831c66dul, 0xb00327c8ul, 0xbf597fc7ul,
0xc6e00bf3ul, 0xd5a79147ul, 0x06ca6351ul, 0x14292967ul,
0x27b70a85ul, 0x2e1b2138ul, 0x4d2c6dfcul, 0x53380d13ul,
0x650a7354ul, 0x766a0abbul, 0x81c2c92eul, 0x92722c85ul,
0xa2bfe8a1ul, 0xa81a664bul, 0xc24b8b70ul, 0xc76c51a3ul,
0xd192e819ul, 0xd6990624ul, 0xf40e3585ul, 0x106aa070ul,
0x19a4c116ul, 0x1e376c08ul, 0x2748774cul, 0x34b0bcb5ul,
0x391c0cb3ul, 0x4ed8aa4aul, 0x5b9cca4ful, 0x682e6ff3ul,
0x748f82eeul, 0x78a5636ful, 0x84c87814ul, 0x8cc70208ul,
0x90befffaul, 0xa4506cebul, 0xbef9a3f7ul, 0xc67178f2ul,
};
/* Compile 64 bytes of hash data into SHA256 digest value */
/* NOTE: this routine assumes that the byte order in the */
/* ctx->wbuf[] at this point is such that low address bytes */
/* in the ORIGINAL byte stream will go into the high end of */
/* words on BOTH big and little endian systems */
VOID_RETURN sha256_compile(sha256_ctx ctx[1])
{
#if !defined(UNROLL_SHA2)
uint_32t j, *p = ctx->wbuf, v[8];
memcpy(v, ctx->hash, 8 * sizeof(uint_32t));
for(j = 0; j < 64; j += 16)
{
v_cycle( 0, j); v_cycle( 1, j);
v_cycle( 2, j); v_cycle( 3, j);
v_cycle( 4, j); v_cycle( 5, j);
v_cycle( 6, j); v_cycle( 7, j);
v_cycle( 8, j); v_cycle( 9, j);
v_cycle(10, j); v_cycle(11, j);
v_cycle(12, j); v_cycle(13, j);
v_cycle(14, j); v_cycle(15, j);
}
ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
ctx->hash[4] += v[4]; ctx->hash[5] += v[5];
ctx->hash[6] += v[6]; ctx->hash[7] += v[7];
#else
uint_32t *p = ctx->wbuf,v0,v1,v2,v3,v4,v5,v6,v7;
v0 = ctx->hash[0]; v1 = ctx->hash[1];
v2 = ctx->hash[2]; v3 = ctx->hash[3];
v4 = ctx->hash[4]; v5 = ctx->hash[5];
v6 = ctx->hash[6]; v7 = ctx->hash[7];
one_cycle(0,1,2,3,4,5,6,7,k256[ 0],p[ 0]);
one_cycle(7,0,1,2,3,4,5,6,k256[ 1],p[ 1]);
one_cycle(6,7,0,1,2,3,4,5,k256[ 2],p[ 2]);
one_cycle(5,6,7,0,1,2,3,4,k256[ 3],p[ 3]);
one_cycle(4,5,6,7,0,1,2,3,k256[ 4],p[ 4]);
one_cycle(3,4,5,6,7,0,1,2,k256[ 5],p[ 5]);
one_cycle(2,3,4,5,6,7,0,1,k256[ 6],p[ 6]);
one_cycle(1,2,3,4,5,6,7,0,k256[ 7],p[ 7]);
one_cycle(0,1,2,3,4,5,6,7,k256[ 8],p[ 8]);
one_cycle(7,0,1,2,3,4,5,6,k256[ 9],p[ 9]);
one_cycle(6,7,0,1,2,3,4,5,k256[10],p[10]);
one_cycle(5,6,7,0,1,2,3,4,k256[11],p[11]);
one_cycle(4,5,6,7,0,1,2,3,k256[12],p[12]);
one_cycle(3,4,5,6,7,0,1,2,k256[13],p[13]);
one_cycle(2,3,4,5,6,7,0,1,k256[14],p[14]);
one_cycle(1,2,3,4,5,6,7,0,k256[15],p[15]);
one_cycle(0,1,2,3,4,5,6,7,k256[16],hf( 0));
one_cycle(7,0,1,2,3,4,5,6,k256[17],hf( 1));
one_cycle(6,7,0,1,2,3,4,5,k256[18],hf( 2));
one_cycle(5,6,7,0,1,2,3,4,k256[19],hf( 3));
one_cycle(4,5,6,7,0,1,2,3,k256[20],hf( 4));
one_cycle(3,4,5,6,7,0,1,2,k256[21],hf( 5));
one_cycle(2,3,4,5,6,7,0,1,k256[22],hf( 6));
one_cycle(1,2,3,4,5,6,7,0,k256[23],hf( 7));
one_cycle(0,1,2,3,4,5,6,7,k256[24],hf( 8));
one_cycle(7,0,1,2,3,4,5,6,k256[25],hf( 9));
one_cycle(6,7,0,1,2,3,4,5,k256[26],hf(10));
one_cycle(5,6,7,0,1,2,3,4,k256[27],hf(11));
one_cycle(4,5,6,7,0,1,2,3,k256[28],hf(12));
one_cycle(3,4,5,6,7,0,1,2,k256[29],hf(13));
one_cycle(2,3,4,5,6,7,0,1,k256[30],hf(14));
one_cycle(1,2,3,4,5,6,7,0,k256[31],hf(15));
one_cycle(0,1,2,3,4,5,6,7,k256[32],hf( 0));
one_cycle(7,0,1,2,3,4,5,6,k256[33],hf( 1));
one_cycle(6,7,0,1,2,3,4,5,k256[34],hf( 2));
one_cycle(5,6,7,0,1,2,3,4,k256[35],hf( 3));
one_cycle(4,5,6,7,0,1,2,3,k256[36],hf( 4));
one_cycle(3,4,5,6,7,0,1,2,k256[37],hf( 5));
one_cycle(2,3,4,5,6,7,0,1,k256[38],hf( 6));
one_cycle(1,2,3,4,5,6,7,0,k256[39],hf( 7));
one_cycle(0,1,2,3,4,5,6,7,k256[40],hf( 8));
one_cycle(7,0,1,2,3,4,5,6,k256[41],hf( 9));
one_cycle(6,7,0,1,2,3,4,5,k256[42],hf(10));
one_cycle(5,6,7,0,1,2,3,4,k256[43],hf(11));
one_cycle(4,5,6,7,0,1,2,3,k256[44],hf(12));
one_cycle(3,4,5,6,7,0,1,2,k256[45],hf(13));
one_cycle(2,3,4,5,6,7,0,1,k256[46],hf(14));
one_cycle(1,2,3,4,5,6,7,0,k256[47],hf(15));
one_cycle(0,1,2,3,4,5,6,7,k256[48],hf( 0));
one_cycle(7,0,1,2,3,4,5,6,k256[49],hf( 1));
one_cycle(6,7,0,1,2,3,4,5,k256[50],hf( 2));
one_cycle(5,6,7,0,1,2,3,4,k256[51],hf( 3));
one_cycle(4,5,6,7,0,1,2,3,k256[52],hf( 4));
one_cycle(3,4,5,6,7,0,1,2,k256[53],hf( 5));
one_cycle(2,3,4,5,6,7,0,1,k256[54],hf( 6));
one_cycle(1,2,3,4,5,6,7,0,k256[55],hf( 7));
one_cycle(0,1,2,3,4,5,6,7,k256[56],hf( 8));
one_cycle(7,0,1,2,3,4,5,6,k256[57],hf( 9));
one_cycle(6,7,0,1,2,3,4,5,k256[58],hf(10));
one_cycle(5,6,7,0,1,2,3,4,k256[59],hf(11));
one_cycle(4,5,6,7,0,1,2,3,k256[60],hf(12));
one_cycle(3,4,5,6,7,0,1,2,k256[61],hf(13));
one_cycle(2,3,4,5,6,7,0,1,k256[62],hf(14));
one_cycle(1,2,3,4,5,6,7,0,k256[63],hf(15));
ctx->hash[0] += v0; ctx->hash[1] += v1;
ctx->hash[2] += v2; ctx->hash[3] += v3;
ctx->hash[4] += v4; ctx->hash[5] += v5;
ctx->hash[6] += v6; ctx->hash[7] += v7;
#endif
}
/* SHA256 hash data in an array of bytes into hash buffer */
/* and call the hash_compile function as required. */
VOID_RETURN sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1])
{ uint_32t pos = (uint_32t)((ctx->count[0] >> 3) & SHA256_MASK),
ofs = (ctx->count[0] & 7);
const unsigned char *sp = data;
unsigned char *w = (unsigned char*)ctx->wbuf;
if((ctx->count[0] += len) < len)
++(ctx->count[1]);
if(ofs) /* if not on a byte boundary */
{
if(ofs + len < 8) /* if no added bytes are needed */
{
w[pos] |= (*sp >> ofs);
}
else /* otherwise and add bytes */
{ unsigned char part = w[pos];
while((int)(ofs + (len -= 8)) >= 0)
{
w[pos++] = part | (*sp >> ofs);
part = *sp++ << (8 - ofs);
if(pos == SHA256_BLOCK_SIZE)
{
bsw_32(w, SHA256_BLOCK_SIZE >> 2);
sha256_compile(ctx); pos = 0;
}
}
w[pos] = part;
}
}
else /* data is byte aligned */
{ uint_32t space = SHA256_BLOCK_SIZE - pos;
while((int)(len - 8 * space) >= 0)
{
len -= 8 * space;
memcpy(w + pos, sp, space);
sp += space;
space = SHA256_BLOCK_SIZE;
bsw_32(w, SHA256_BLOCK_SIZE >> 2);
sha256_compile(ctx); pos = 0;
}
memcpy(w + pos, sp, (len + 7) >> 3);
}
}
/* SHA256 Final padding and digest calculation */
static void sha_end1(unsigned char hval[], sha256_ctx ctx[1], const unsigned int hlen)
{ uint_32t i = (uint_32t)((ctx->count[0] >> 3) & SHA256_MASK), m1;
/* put bytes in the buffer in an order in which references to */
/* 32-bit words will put bytes with lower addresses into the */
/* top of 32 bit words on BOTH big and little endian machines */
bsw_32(ctx->wbuf, (i + 4) >> 2)
/* we now need to mask valid bytes and add the padding which is */
/* a single 1 bit and as many zero bits as necessary. Note that */
/* we can always add the first padding byte here because the */
/* buffer always has at least one empty slot */
m1 = (unsigned char)0x80 >> (ctx->count[0] & 7);
ctx->wbuf[i >> 2] &= ((0xffffff00 | (~m1 + 1)) << 8 * (~i & 3));
ctx->wbuf[i >> 2] |= (m1 << 8 * (~i & 3));
/* we need 9 or more empty positions, one for the padding byte */
/* (above) and eight for the length count. If there is not */
/* enough space pad and empty the buffer */
if(i > SHA256_BLOCK_SIZE - 9)
{
if(i < 60) ctx->wbuf[15] = 0;
sha256_compile(ctx);
i = 0;
}
else /* compute a word index for the empty buffer positions */
i = (i >> 2) + 1;
while(i < 14) /* and zero pad all but last two positions */
ctx->wbuf[i++] = 0;
/* the following 32-bit length fields are assembled in the */
/* wrong byte order on little endian machines but this is */
/* corrected later since they are only ever used as 32-bit */
/* word values. */
ctx->wbuf[14] = ctx->count[1];
ctx->wbuf[15] = ctx->count[0];
sha256_compile(ctx);
/* extract the hash value as bytes in case the hash buffer is */
/* mislaigned for 32-bit words */
for(i = 0; i < hlen; ++i)
hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3)));
}
#endif
#if defined(SHA_224)
const uint_32t i224[8] =
{
0xc1059ed8ul, 0x367cd507ul, 0x3070dd17ul, 0xf70e5939ul,
0xffc00b31ul, 0x68581511ul, 0x64f98fa7ul, 0xbefa4fa4ul
};
VOID_RETURN sha224_begin(sha224_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
memcpy(ctx->hash, i224, 8 * sizeof(uint_32t));
}
VOID_RETURN sha224_end(unsigned char hval[], sha224_ctx ctx[1])
{
sha_end1(hval, ctx, SHA224_DIGEST_SIZE);
}
VOID_RETURN sha224(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha224_ctx cx[1];
sha224_begin(cx);
sha224_hash(data, len, cx);
sha_end1(hval, cx, SHA224_DIGEST_SIZE);
}
#endif
#if defined(SHA_256)
const uint_32t i256[8] =
{
0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,
0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul
};
VOID_RETURN sha256_begin(sha256_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
memcpy(ctx->hash, i256, 8 * sizeof(uint_32t));
}
VOID_RETURN sha256_end(unsigned char hval[], sha256_ctx ctx[1])
{
sha_end1(hval, ctx, SHA256_DIGEST_SIZE);
}
VOID_RETURN sha256(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha256_ctx cx[1];
sha256_begin(cx);
sha256_hash(data, len, cx);
sha_end1(hval, cx, SHA256_DIGEST_SIZE);
}
#endif
#if defined(SHA_384) || defined(SHA_512)
#define SHA512_MASK (SHA512_BLOCK_SIZE - 1)
#define rotr64(x,n) (((x) >> n) | ((x) << (64 - n)))
#if !defined(bswap_64)
#define bswap_64(x) (((uint_64t)(bswap_32((uint_32t)(x)))) << 32 | bswap_32((uint_32t)((x) >> 32)))
#endif
#if defined(SWAP_BYTES)
#define bsw_64(p,n) \
{ int _i = (n); while(_i--) ((uint_64t*)p)[_i] = bswap_64(((uint_64t*)p)[_i]); }
#else
#define bsw_64(p,n)
#endif
/* SHA512 mixing function definitions */
#ifdef s_0
# undef s_0
# undef s_1
# undef g_0
# undef g_1
# undef k_0
#endif
#define s_0(x) (rotr64((x), 28) ^ rotr64((x), 34) ^ rotr64((x), 39))
#define s_1(x) (rotr64((x), 14) ^ rotr64((x), 18) ^ rotr64((x), 41))
#define g_0(x) (rotr64((x), 1) ^ rotr64((x), 8) ^ ((x) >> 7))
#define g_1(x) (rotr64((x), 19) ^ rotr64((x), 61) ^ ((x) >> 6))
#define k_0 k512
/* SHA384/SHA512 mixing data */
const uint_64t k512[80] =
{
li_64(428a2f98d728ae22), li_64(7137449123ef65cd),
li_64(b5c0fbcfec4d3b2f), li_64(e9b5dba58189dbbc),
li_64(3956c25bf348b538), li_64(59f111f1b605d019),
li_64(923f82a4af194f9b), li_64(ab1c5ed5da6d8118),
li_64(d807aa98a3030242), li_64(12835b0145706fbe),
li_64(243185be4ee4b28c), li_64(550c7dc3d5ffb4e2),
li_64(72be5d74f27b896f), li_64(80deb1fe3b1696b1),
li_64(9bdc06a725c71235), li_64(c19bf174cf692694),
li_64(e49b69c19ef14ad2), li_64(efbe4786384f25e3),
li_64(0fc19dc68b8cd5b5), li_64(240ca1cc77ac9c65),
li_64(2de92c6f592b0275), li_64(4a7484aa6ea6e483),
li_64(5cb0a9dcbd41fbd4), li_64(76f988da831153b5),
li_64(983e5152ee66dfab), li_64(a831c66d2db43210),
li_64(b00327c898fb213f), li_64(bf597fc7beef0ee4),
li_64(c6e00bf33da88fc2), li_64(d5a79147930aa725),
li_64(06ca6351e003826f), li_64(142929670a0e6e70),
li_64(27b70a8546d22ffc), li_64(2e1b21385c26c926),
li_64(4d2c6dfc5ac42aed), li_64(53380d139d95b3df),
li_64(650a73548baf63de), li_64(766a0abb3c77b2a8),
li_64(81c2c92e47edaee6), li_64(92722c851482353b),
li_64(a2bfe8a14cf10364), li_64(a81a664bbc423001),
li_64(c24b8b70d0f89791), li_64(c76c51a30654be30),
li_64(d192e819d6ef5218), li_64(d69906245565a910),
li_64(f40e35855771202a), li_64(106aa07032bbd1b8),
li_64(19a4c116b8d2d0c8), li_64(1e376c085141ab53),
li_64(2748774cdf8eeb99), li_64(34b0bcb5e19b48a8),
li_64(391c0cb3c5c95a63), li_64(4ed8aa4ae3418acb),
li_64(5b9cca4f7763e373), li_64(682e6ff3d6b2b8a3),
li_64(748f82ee5defb2fc), li_64(78a5636f43172f60),
li_64(84c87814a1f0ab72), li_64(8cc702081a6439ec),
li_64(90befffa23631e28), li_64(a4506cebde82bde9),
li_64(bef9a3f7b2c67915), li_64(c67178f2e372532b),
li_64(ca273eceea26619c), li_64(d186b8c721c0c207),
li_64(eada7dd6cde0eb1e), li_64(f57d4f7fee6ed178),
li_64(06f067aa72176fba), li_64(0a637dc5a2c898a6),
li_64(113f9804bef90dae), li_64(1b710b35131c471b),
li_64(28db77f523047d84), li_64(32caab7b40c72493),
li_64(3c9ebe0a15c9bebc), li_64(431d67c49c100d4c),
li_64(4cc5d4becb3e42b6), li_64(597f299cfc657e2a),
li_64(5fcb6fab3ad6faec), li_64(6c44198c4a475817)
};
/* Compile 128 bytes of hash data into SHA384/512 digest */
/* NOTE: this routine assumes that the byte order in the */
/* ctx->wbuf[] at this point is such that low address bytes */
/* in the ORIGINAL byte stream will go into the high end of */
/* words on BOTH big and little endian systems */
VOID_RETURN sha512_compile(sha512_ctx ctx[1])
{ uint_64t v[8], *p = ctx->wbuf;
uint_32t j;
memcpy(v, ctx->hash, 8 * sizeof(uint_64t));
for(j = 0; j < 80; j += 16)
{
v_cycle( 0, j); v_cycle( 1, j);
v_cycle( 2, j); v_cycle( 3, j);
v_cycle( 4, j); v_cycle( 5, j);
v_cycle( 6, j); v_cycle( 7, j);
v_cycle( 8, j); v_cycle( 9, j);
v_cycle(10, j); v_cycle(11, j);
v_cycle(12, j); v_cycle(13, j);
v_cycle(14, j); v_cycle(15, j);
}
ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
ctx->hash[4] += v[4]; ctx->hash[5] += v[5];
ctx->hash[6] += v[6]; ctx->hash[7] += v[7];
}
/* Compile 128 bytes of hash data into SHA256 digest value */
/* NOTE: this routine assumes that the byte order in the */
/* ctx->wbuf[] at this point is in such an order that low */
/* address bytes in the ORIGINAL byte stream placed in this */
/* buffer will now go to the high end of words on BOTH big */
/* and little endian systems */
VOID_RETURN sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1])
{ uint_32t pos = (uint_32t)(ctx->count[0] >> 3) & SHA512_MASK,
ofs = (uint_32t)(ctx->count[0] & 7);
const unsigned char *sp = data;
unsigned char *w = (unsigned char*)ctx->wbuf;
if((ctx->count[0] += len) < len)
++(ctx->count[1]);
if(ofs) /* if not on a byte boundary */
{
if(ofs + len < 8) /* if no added bytes are needed */
{
w[pos] |= (*sp >> ofs);
}
else /* otherwise and add bytes */
{ unsigned char part = w[pos];
while((int)(ofs + (len -= 8)) >= 0)
{
w[pos++] = part | (*sp >> ofs);
part = *sp++ << (8 - ofs);
if(pos == SHA512_BLOCK_SIZE)
{
bsw_64(w, SHA512_BLOCK_SIZE >> 3);
sha512_compile(ctx); pos = 0;
}
}
w[pos] = part;
}
}
else /* data is byte aligned */
{ uint_32t space = SHA512_BLOCK_SIZE - pos;
while((int)(len - 8 * space) >= 0)
{
len -= 8 * space;
memcpy(w + pos, sp, space);
sp += space;
space = SHA512_BLOCK_SIZE;
bsw_64(w, SHA512_BLOCK_SIZE >> 3);
sha512_compile(ctx); pos = 0;
}
memcpy(w + pos, sp, (len + 7) >> 3);
}
}
/* SHA384/512 Final padding and digest calculation */
static void sha_end2(unsigned char hval[], sha512_ctx ctx[1], const unsigned int hlen)
{ uint_32t i = (uint_32t)((ctx->count[0] >> 3) & SHA512_MASK);
uint_64t m1;
/* put bytes in the buffer in an order in which references to */
/* 32-bit words will put bytes with lower addresses into the */
/* top of 32 bit words on BOTH big and little endian machines */
bsw_64(ctx->wbuf, (i + 8) >> 3);
/* we now need to mask valid bytes and add the padding which is */
/* a single 1 bit and as many zero bits as necessary. Note that */
/* we can always add the first padding byte here because the */
/* buffer always has at least one empty slot */
m1 = (unsigned char)0x80 >> (ctx->count[0] & 7);
ctx->wbuf[i >> 3] &= ((li_64(ffffffffffffff00) | (~m1 + 1)) << 8 * (~i & 7));
ctx->wbuf[i >> 3] |= (m1 << 8 * (~i & 7));
/* we need 17 or more empty byte positions, one for the padding */
/* byte (above) and sixteen for the length count. If there is */
/* not enough space pad and empty the buffer */
if(i > SHA512_BLOCK_SIZE - 17)
{
if(i < 120) ctx->wbuf[15] = 0;
sha512_compile(ctx);
i = 0;
}
else
i = (i >> 3) + 1;
while(i < 14)
ctx->wbuf[i++] = 0;
/* the following 64-bit length fields are assembled in the */
/* wrong byte order on little endian machines but this is */
/* corrected later since they are only ever used as 64-bit */
/* word values. */
ctx->wbuf[14] = ctx->count[1];
ctx->wbuf[15] = ctx->count[0];
sha512_compile(ctx);
/* extract the hash value as bytes in case the hash buffer is */
/* misaligned for 32-bit words */
for(i = 0; i < hlen; ++i)
hval[i] = (unsigned char)(ctx->hash[i >> 3] >> (8 * (~i & 7)));
}
#endif
#if defined(SHA_384)
/* SHA384 initialisation data */
const uint_64t i384[80] =
{
li_64(cbbb9d5dc1059ed8), li_64(629a292a367cd507),
li_64(9159015a3070dd17), li_64(152fecd8f70e5939),
li_64(67332667ffc00b31), li_64(8eb44a8768581511),
li_64(db0c2e0d64f98fa7), li_64(47b5481dbefa4fa4)
};
VOID_RETURN sha384_begin(sha384_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
memcpy(ctx->hash, i384, 8 * sizeof(uint_64t));
}
VOID_RETURN sha384_end(unsigned char hval[], sha384_ctx ctx[1])
{
sha_end2(hval, ctx, SHA384_DIGEST_SIZE);
}
VOID_RETURN sha384(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha384_ctx cx[1];
sha384_begin(cx);
sha384_hash(data, len, cx);
sha_end2(hval, cx, SHA384_DIGEST_SIZE);
}
#endif
#if defined(SHA_512)
/* SHA512 initialisation data */
const uint_64t i512[80] =
{
li_64(6a09e667f3bcc908), li_64(bb67ae8584caa73b),
li_64(3c6ef372fe94f82b), li_64(a54ff53a5f1d36f1),
li_64(510e527fade682d1), li_64(9b05688c2b3e6c1f),
li_64(1f83d9abfb41bd6b), li_64(5be0cd19137e2179)
};
VOID_RETURN sha512_begin(sha512_ctx ctx[1])
{
ctx->count[0] = ctx->count[1] = 0;
memcpy(ctx->hash, i512, 8 * sizeof(uint_64t));
}
VOID_RETURN sha512_end(unsigned char hval[], sha512_ctx ctx[1])
{
sha_end2(hval, ctx, SHA512_DIGEST_SIZE);
}
VOID_RETURN sha512(unsigned char hval[], const unsigned char data[], unsigned long len)
{ sha512_ctx cx[1];
sha512_begin(cx);
sha512_hash(data, len, cx);
sha_end2(hval, cx, SHA512_DIGEST_SIZE);
}
#endif
#if defined(SHA_2)
#define CTX_224(x) ((x)->uu->ctx256)
#define CTX_256(x) ((x)->uu->ctx256)
#define CTX_384(x) ((x)->uu->ctx512)
#define CTX_512(x) ((x)->uu->ctx512)
/* SHA2 initialisation */
INT_RETURN sha2_begin(unsigned long len, sha2_ctx ctx[1])
{
switch(len)
{
#if defined(SHA_224)
case 224:
case 28: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0;
memcpy(CTX_256(ctx)->hash, i224, 32);
ctx->sha2_len = 28; return EXIT_SUCCESS;
#endif
#if defined(SHA_256)
case 256:
case 32: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0;
memcpy(CTX_256(ctx)->hash, i256, 32);
ctx->sha2_len = 32; return EXIT_SUCCESS;
#endif
#if defined(SHA_384)
case 384:
case 48: CTX_384(ctx)->count[0] = CTX_384(ctx)->count[1] = 0;
memcpy(CTX_384(ctx)->hash, i384, 64);
ctx->sha2_len = 48; return EXIT_SUCCESS;
#endif
#if defined(SHA_512)
case 512:
case 64: CTX_512(ctx)->count[0] = CTX_512(ctx)->count[1] = 0;
memcpy(CTX_512(ctx)->hash, i512, 64);
ctx->sha2_len = 64; return EXIT_SUCCESS;
#endif
default: return EXIT_FAILURE;
}
}
VOID_RETURN sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1])
{
switch(ctx->sha2_len)
{
#if defined(SHA_224)
case 28: sha224_hash(data, len, CTX_224(ctx)); return;
#endif
#if defined(SHA_256)
case 32: sha256_hash(data, len, CTX_256(ctx)); return;
#endif
#if defined(SHA_384)
case 48: sha384_hash(data, len, CTX_384(ctx)); return;
#endif
#if defined(SHA_512)
case 64: sha512_hash(data, len, CTX_512(ctx)); return;
#endif
}
}
VOID_RETURN sha2_end(unsigned char hval[], sha2_ctx ctx[1])
{
switch(ctx->sha2_len)
{
#if defined(SHA_224)
case 28: sha_end1(hval, CTX_224(ctx), SHA224_DIGEST_SIZE); return;
#endif
#if defined(SHA_256)
case 32: sha_end1(hval, CTX_256(ctx), SHA256_DIGEST_SIZE); return;
#endif
#if defined(SHA_384)
case 48: sha_end2(hval, CTX_384(ctx), SHA384_DIGEST_SIZE); return;
#endif
#if defined(SHA_512)
case 64: sha_end2(hval, CTX_512(ctx), SHA512_DIGEST_SIZE); return;
#endif
}
}
INT_RETURN sha2(unsigned char hval[], unsigned long size,
const unsigned char data[], unsigned long len)
{ sha2_ctx cx[1];
if(sha2_begin(size, cx) == EXIT_SUCCESS)
{
sha2_hash(data, len, cx); sha2_end(hval, cx); return EXIT_SUCCESS;
}
else
return EXIT_FAILURE;
}
#endif
#if defined(__cplusplus)
}
#endif

62
src/java/KP2AKdbLibrary/app/src/main/jni/sha/shasum.c Normal file
View File

@@ -0,0 +1,62 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "sha2.h"
#define BUF_SIZE 16384
int main(int argc, char *argv[])
{ FILE *inf;
sha256_ctx ctx[1];
unsigned char buf[BUF_SIZE], hval[SHA256_DIGEST_SIZE];
int i, len, is_console;
if(argc != 2)
{
printf("\nusage: shasum filename\n");
exit(0);
}
if(is_console = (!strcmp(argv[1], "con") || !strcmp(argv[1], "CON")))
{
if(!(inf = fopen(argv[1], "r")))
{
printf("\n%s not found\n", argv[1]);
exit(0);
}
}
else if(!(inf = fopen(argv[1], "rb")))
{
printf("\n%s not found\n", argv[1]);
exit(0);
}
sha256_begin(ctx);
do
{
len = (int)fread(buf, 1, BUF_SIZE, inf);
i = len;
if(is_console)
{
i = 0;
while(i < len && buf[i] != '\x1a')
++i;
}
if(i)
sha256_hash(buf, i, ctx);
}
while
(len && i == len);
fclose(inf);
sha256_end(hval, ctx);
printf("\n");
for(i = 0; i < SHA256_DIGEST_SIZE; ++i)
printf("%02x", hval[i]);
printf("\n");
return 0;
}