summaryrefslogtreecommitdiffabout
path: root/pwmanager/libcrypt/cipher/rmd160.c
Unidiff
Diffstat (limited to 'pwmanager/libcrypt/cipher/rmd160.c') (more/less context) (ignore whitespace changes)
-rw-r--r--pwmanager/libcrypt/cipher/rmd160.c569
1 files changed, 569 insertions, 0 deletions
diff --git a/pwmanager/libcrypt/cipher/rmd160.c b/pwmanager/libcrypt/cipher/rmd160.c
new file mode 100644
index 0000000..f450f2b
--- a/dev/null
+++ b/pwmanager/libcrypt/cipher/rmd160.c
@@ -0,0 +1,569 @@
1 /* rmd160.c -RIPE-MD160
2 * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc.
3 *
4 * This file is part of Libgcrypt.
5 *
6 * Libgcrypt is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU Lesser General Public License as
8 * published by the Free Software Foundation; either version 2.1 of
9 * the License, or (at your option) any later version.
10 *
11 * Libgcrypt is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
19 */
20
21#include <config.h>
22#include <stdio.h>
23#include <stdlib.h>
24#include <string.h>
25#include <assert.h>
26#include "g10lib.h"
27#include "memory.h"
28#include "rmd.h"
29#include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */
30
31#include "bithelp.h"
32
33/*********************************
34 * RIPEMD-160 is not patented, see (as of 25.10.97)
35 * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
36 * Note that the code uses Little Endian byteorder, which is good for
37 * 386 etc, but we must add some conversion when used on a big endian box.
38 *
39 *
40 * Pseudo-code for RIPEMD-160
41 *
42 * RIPEMD-160 is an iterative hash function that operates on 32-bit words.
43 * The round function takes as input a 5-word chaining variable and a 16-word
44 * message block and maps this to a new chaining variable. All operations are
45 * defined on 32-bit words. Padding is identical to that of MD4.
46 *
47 *
48 * RIPEMD-160: definitions
49 *
50 *
51 * nonlinear functions at bit level: exor, mux, -, mux, -
52 *
53 * f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15)
54 * f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31)
55 * f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47)
56 * f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63)
57 * f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79)
58 *
59 *
60 * added constants (hexadecimal)
61 *
62 * K(j) = 0x00000000 (0 <= j <= 15)
63 * K(j) = 0x5A827999 (16 <= j <= 31)int(2**30 x sqrt(2))
64 * K(j) = 0x6ED9EBA1 (32 <= j <= 47)int(2**30 x sqrt(3))
65 * K(j) = 0x8F1BBCDC (48 <= j <= 63)int(2**30 x sqrt(5))
66 * K(j) = 0xA953FD4E (64 <= j <= 79)int(2**30 x sqrt(7))
67 * K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2))
68 * K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3))
69 * K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5))
70 * K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7))
71 * K'(j) = 0x00000000 (64 <= j <= 79)
72 *
73 *
74 * selection of message word
75 *
76 * r(j) = j (0 <= j <= 15)
77 * r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8
78 * r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12
79 * r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2
80 * r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
81 * r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12
82 * r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2
83 * r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13
84 * r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14
85 * r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
86 *
87 *
88 * amount for rotate left (rol)
89 *
90 * s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8
91 * s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12
92 * s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5
93 * s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12
94 * s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
95 * s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6
96 * s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11
97 * s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5
98 * s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8
99 * s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
100 *
101 *
102 * initial value (hexadecimal)
103 *
104 * h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476;
105 * h4 = 0xC3D2E1F0;
106 *
107 *
108 * RIPEMD-160: pseudo-code
109 *
110 * It is assumed that the message after padding consists of t 16-word blocks
111 * that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15.
112 * The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left
113 * shift (rotate) over s positions.
114 *
115 *
116 * for i := 0 to t-1 {
117 * A := h0; B := h1; C := h2; D = h3; E = h4;
118 * A' := h0; B' := h1; C' := h2; D' = h3; E' = h4;
119 * for j := 0 to 79 {
120 * T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E;
121 * A := E; E := D; D := rol_10(C); C := B; B := T;
122 * T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)]
123 [+] K'(j)) [+] E';
124 * A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T;
125 * }
126 * T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A';
127 * h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T;
128 * }
129 */
130
131/* Some examples:
132 * "" 9c1185a5c5e9fc54612808977ee8f548b2258d31
133 * "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
134 * "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
135 * "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36
136 * "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc
137 * "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b
138 * "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189
139 * 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb
140 * 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528
141 */
142
143
144void
145_gcry_rmd160_init (void *context)
146{
147 RMD160_CONTEXT *hd = context;
148
149 hd->h0 = 0x67452301;
150 hd->h1 = 0xEFCDAB89;
151 hd->h2 = 0x98BADCFE;
152 hd->h3 = 0x10325476;
153 hd->h4 = 0xC3D2E1F0;
154 hd->nblocks = 0;
155 hd->count = 0;
156}
157
158
159
160/****************
161 * Transform the message X which consists of 16 32-bit-words
162 */
163static void
164transform( RMD160_CONTEXT *hd, byte *data )
165{
166 register u32 a,b,c,d,e;
167 u32 aa,bb,cc,dd,ee,t;
168#ifdef WORDS_BIGENDIAN
169 u32 x[16];
170 {
171 int i;
172 byte *p2, *p1;
173 for (i=0, p1=data, p2=(byte*)x; i < 16; i++, p2 += 4 )
174 {
175 p2[3] = *p1++;
176 p2[2] = *p1++;
177 p2[1] = *p1++;
178 p2[0] = *p1++;
179 }
180 }
181#else
182 /* This version is better because it is always aligned;
183 * The performance penalty on a 586-100 is about 6% which
184 * is acceptable - because the data is more local it might
185 * also be possible that this is faster on some machines.
186 * This function (when compiled with -02 on gcc 2.7.2)
187 * executes on a 586-100 (39.73 bogomips) at about 1900kb/sec;
188 * [measured with a 4MB data and "gpgm --print-md rmd160"] */
189 u32 x[16];
190 memcpy( x, data, 64 );
191#endif
192
193
194#define K0 0x00000000
195#define K1 0x5A827999
196#define K2 0x6ED9EBA1
197#define K3 0x8F1BBCDC
198#define K4 0xA953FD4E
199#define KK0 0x50A28BE6
200#define KK1 0x5C4DD124
201#define KK2 0x6D703EF3
202#define KK3 0x7A6D76E9
203#define KK4 0x00000000
204#define F0(x,y,z) ( (x) ^ (y) ^ (z) )
205#define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) )
206#define F2(x,y,z) ( ((x) | ~(y)) ^ (z) )
207#define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) )
208#define F4(x,y,z) ( (x) ^ ((y) | ~(z)) )
209#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \
210 a = rol(t,s) + e; \
211 c = rol(c,10); \
212 } while(0)
213
214 /* left lane */
215 a = hd->h0;
216 b = hd->h1;
217 c = hd->h2;
218 d = hd->h3;
219 e = hd->h4;
220 R( a, b, c, d, e, F0, K0, 0, 11 );
221 R( e, a, b, c, d, F0, K0, 1, 14 );
222 R( d, e, a, b, c, F0, K0, 2, 15 );
223 R( c, d, e, a, b, F0, K0, 3, 12 );
224 R( b, c, d, e, a, F0, K0, 4, 5 );
225 R( a, b, c, d, e, F0, K0, 5, 8 );
226 R( e, a, b, c, d, F0, K0, 6, 7 );
227 R( d, e, a, b, c, F0, K0, 7, 9 );
228 R( c, d, e, a, b, F0, K0, 8, 11 );
229 R( b, c, d, e, a, F0, K0, 9, 13 );
230 R( a, b, c, d, e, F0, K0, 10, 14 );
231 R( e, a, b, c, d, F0, K0, 11, 15 );
232 R( d, e, a, b, c, F0, K0, 12, 6 );
233 R( c, d, e, a, b, F0, K0, 13, 7 );
234 R( b, c, d, e, a, F0, K0, 14, 9 );
235 R( a, b, c, d, e, F0, K0, 15, 8 );
236 R( e, a, b, c, d, F1, K1, 7, 7 );
237 R( d, e, a, b, c, F1, K1, 4, 6 );
238 R( c, d, e, a, b, F1, K1, 13, 8 );
239 R( b, c, d, e, a, F1, K1, 1, 13 );
240 R( a, b, c, d, e, F1, K1, 10, 11 );
241 R( e, a, b, c, d, F1, K1, 6, 9 );
242 R( d, e, a, b, c, F1, K1, 15, 7 );
243 R( c, d, e, a, b, F1, K1, 3, 15 );
244 R( b, c, d, e, a, F1, K1, 12, 7 );
245 R( a, b, c, d, e, F1, K1, 0, 12 );
246 R( e, a, b, c, d, F1, K1, 9, 15 );
247 R( d, e, a, b, c, F1, K1, 5, 9 );
248 R( c, d, e, a, b, F1, K1, 2, 11 );
249 R( b, c, d, e, a, F1, K1, 14, 7 );
250 R( a, b, c, d, e, F1, K1, 11, 13 );
251 R( e, a, b, c, d, F1, K1, 8, 12 );
252 R( d, e, a, b, c, F2, K2, 3, 11 );
253 R( c, d, e, a, b, F2, K2, 10, 13 );
254 R( b, c, d, e, a, F2, K2, 14, 6 );
255 R( a, b, c, d, e, F2, K2, 4, 7 );
256 R( e, a, b, c, d, F2, K2, 9, 14 );
257 R( d, e, a, b, c, F2, K2, 15, 9 );
258 R( c, d, e, a, b, F2, K2, 8, 13 );
259 R( b, c, d, e, a, F2, K2, 1, 15 );
260 R( a, b, c, d, e, F2, K2, 2, 14 );
261 R( e, a, b, c, d, F2, K2, 7, 8 );
262 R( d, e, a, b, c, F2, K2, 0, 13 );
263 R( c, d, e, a, b, F2, K2, 6, 6 );
264 R( b, c, d, e, a, F2, K2, 13, 5 );
265 R( a, b, c, d, e, F2, K2, 11, 12 );
266 R( e, a, b, c, d, F2, K2, 5, 7 );
267 R( d, e, a, b, c, F2, K2, 12, 5 );
268 R( c, d, e, a, b, F3, K3, 1, 11 );
269 R( b, c, d, e, a, F3, K3, 9, 12 );
270 R( a, b, c, d, e, F3, K3, 11, 14 );
271 R( e, a, b, c, d, F3, K3, 10, 15 );
272 R( d, e, a, b, c, F3, K3, 0, 14 );
273 R( c, d, e, a, b, F3, K3, 8, 15 );
274 R( b, c, d, e, a, F3, K3, 12, 9 );
275 R( a, b, c, d, e, F3, K3, 4, 8 );
276 R( e, a, b, c, d, F3, K3, 13, 9 );
277 R( d, e, a, b, c, F3, K3, 3, 14 );
278 R( c, d, e, a, b, F3, K3, 7, 5 );
279 R( b, c, d, e, a, F3, K3, 15, 6 );
280 R( a, b, c, d, e, F3, K3, 14, 8 );
281 R( e, a, b, c, d, F3, K3, 5, 6 );
282 R( d, e, a, b, c, F3, K3, 6, 5 );
283 R( c, d, e, a, b, F3, K3, 2, 12 );
284 R( b, c, d, e, a, F4, K4, 4, 9 );
285 R( a, b, c, d, e, F4, K4, 0, 15 );
286 R( e, a, b, c, d, F4, K4, 5, 5 );
287 R( d, e, a, b, c, F4, K4, 9, 11 );
288 R( c, d, e, a, b, F4, K4, 7, 6 );
289 R( b, c, d, e, a, F4, K4, 12, 8 );
290 R( a, b, c, d, e, F4, K4, 2, 13 );
291 R( e, a, b, c, d, F4, K4, 10, 12 );
292 R( d, e, a, b, c, F4, K4, 14, 5 );
293 R( c, d, e, a, b, F4, K4, 1, 12 );
294 R( b, c, d, e, a, F4, K4, 3, 13 );
295 R( a, b, c, d, e, F4, K4, 8, 14 );
296 R( e, a, b, c, d, F4, K4, 11, 11 );
297 R( d, e, a, b, c, F4, K4, 6, 8 );
298 R( c, d, e, a, b, F4, K4, 15, 5 );
299 R( b, c, d, e, a, F4, K4, 13, 6 );
300
301 aa = a; bb = b; cc = c; dd = d; ee = e;
302
303 /* right lane */
304 a = hd->h0;
305 b = hd->h1;
306 c = hd->h2;
307 d = hd->h3;
308 e = hd->h4;
309 R( a, b, c, d, e, F4, KK0,5, 8);
310 R( e, a, b, c, d, F4, KK0, 14, 9);
311 R( d, e, a, b, c, F4, KK0,7, 9);
312 R( c, d, e, a, b, F4, KK0,0, 11);
313 R( b, c, d, e, a, F4, KK0,9, 13);
314 R( a, b, c, d, e, F4, KK0,2, 15);
315 R( e, a, b, c, d, F4, KK0, 11, 15);
316 R( d, e, a, b, c, F4, KK0,4, 5);
317 R( c, d, e, a, b, F4, KK0, 13, 7);
318 R( b, c, d, e, a, F4, KK0,6, 7);
319 R( a, b, c, d, e, F4, KK0, 15, 8);
320 R( e, a, b, c, d, F4, KK0,8, 11);
321 R( d, e, a, b, c, F4, KK0,1, 14);
322 R( c, d, e, a, b, F4, KK0, 10, 14);
323 R( b, c, d, e, a, F4, KK0,3, 12);
324 R( a, b, c, d, e, F4, KK0, 12, 6);
325 R( e, a, b, c, d, F3, KK1,6, 9);
326 R( d, e, a, b, c, F3, KK1, 11, 13);
327 R( c, d, e, a, b, F3, KK1,3, 15);
328 R( b, c, d, e, a, F3, KK1,7, 7);
329 R( a, b, c, d, e, F3, KK1,0, 12);
330 R( e, a, b, c, d, F3, KK1, 13, 8);
331 R( d, e, a, b, c, F3, KK1,5, 9);
332 R( c, d, e, a, b, F3, KK1, 10, 11);
333 R( b, c, d, e, a, F3, KK1, 14, 7);
334 R( a, b, c, d, e, F3, KK1, 15, 7);
335 R( e, a, b, c, d, F3, KK1,8, 12);
336 R( d, e, a, b, c, F3, KK1, 12, 7);
337 R( c, d, e, a, b, F3, KK1,4, 6);
338 R( b, c, d, e, a, F3, KK1,9, 15);
339 R( a, b, c, d, e, F3, KK1,1, 13);
340 R( e, a, b, c, d, F3, KK1,2, 11);
341 R( d, e, a, b, c, F2, KK2, 15, 9);
342 R( c, d, e, a, b, F2, KK2,5, 7);
343 R( b, c, d, e, a, F2, KK2,1, 15);
344 R( a, b, c, d, e, F2, KK2,3, 11);
345 R( e, a, b, c, d, F2, KK2,7, 8);
346 R( d, e, a, b, c, F2, KK2, 14, 6);
347 R( c, d, e, a, b, F2, KK2,6, 6);
348 R( b, c, d, e, a, F2, KK2,9, 14);
349 R( a, b, c, d, e, F2, KK2, 11, 12);
350 R( e, a, b, c, d, F2, KK2,8, 13);
351 R( d, e, a, b, c, F2, KK2, 12, 5);
352 R( c, d, e, a, b, F2, KK2,2, 14);
353 R( b, c, d, e, a, F2, KK2, 10, 13);
354 R( a, b, c, d, e, F2, KK2,0, 13);
355 R( e, a, b, c, d, F2, KK2,4, 7);
356 R( d, e, a, b, c, F2, KK2, 13, 5);
357 R( c, d, e, a, b, F1, KK3,8, 15);
358 R( b, c, d, e, a, F1, KK3,6, 5);
359 R( a, b, c, d, e, F1, KK3,4, 8);
360 R( e, a, b, c, d, F1, KK3,1, 11);
361 R( d, e, a, b, c, F1, KK3,3, 14);
362 R( c, d, e, a, b, F1, KK3, 11, 14);
363 R( b, c, d, e, a, F1, KK3, 15, 6);
364 R( a, b, c, d, e, F1, KK3,0, 14);
365 R( e, a, b, c, d, F1, KK3,5, 6);
366 R( d, e, a, b, c, F1, KK3, 12, 9);
367 R( c, d, e, a, b, F1, KK3,2, 12);
368 R( b, c, d, e, a, F1, KK3, 13, 9);
369 R( a, b, c, d, e, F1, KK3,9, 12);
370 R( e, a, b, c, d, F1, KK3,7, 5);
371 R( d, e, a, b, c, F1, KK3, 10, 15);
372 R( c, d, e, a, b, F1, KK3, 14, 8);
373 R( b, c, d, e, a, F0, KK4, 12, 8);
374 R( a, b, c, d, e, F0, KK4, 15, 5);
375 R( e, a, b, c, d, F0, KK4, 10, 12);
376 R( d, e, a, b, c, F0, KK4,4, 9);
377 R( c, d, e, a, b, F0, KK4,1, 12);
378 R( b, c, d, e, a, F0, KK4,5, 5);
379 R( a, b, c, d, e, F0, KK4,8, 14);
380 R( e, a, b, c, d, F0, KK4,7, 6);
381 R( d, e, a, b, c, F0, KK4,6, 8);
382 R( c, d, e, a, b, F0, KK4,2, 13);
383 R( b, c, d, e, a, F0, KK4, 13, 6);
384 R( a, b, c, d, e, F0, KK4, 14, 5);
385 R( e, a, b, c, d, F0, KK4,0, 15);
386 R( d, e, a, b, c, F0, KK4,3, 13);
387 R( c, d, e, a, b, F0, KK4,9, 11);
388 R( b, c, d, e, a, F0, KK4, 11, 11);
389
390
391 t = hd->h1 + d + cc;
392 hd->h1 = hd->h2 + e + dd;
393 hd->h2 = hd->h3 + a + ee;
394 hd->h3 = hd->h4 + b + aa;
395 hd->h4 = hd->h0 + c + bb;
396 hd->h0 = t;
397}
398
399
400/* Update the message digest with the contents
401 * of INBUF with length INLEN.
402 */
403static void
404rmd160_write( void *context, byte *inbuf, size_t inlen)
405{
406 RMD160_CONTEXT *hd = context;
407
408 if( hd->count == 64 ) /* flush the buffer */
409 {
410 transform( hd, hd->buf );
411 _gcry_burn_stack (108+5*sizeof(void*));
412 hd->count = 0;
413 hd->nblocks++;
414 }
415 if( !inbuf )
416 return;
417 if( hd->count )
418 {
419 for( ; inlen && hd->count < 64; inlen-- )
420 hd->buf[hd->count++] = *inbuf++;
421 rmd160_write( hd, NULL, 0 );
422 if( !inlen )
423 return;
424 }
425
426 while( inlen >= 64 )
427 {
428 transform( hd, inbuf );
429 hd->count = 0;
430 hd->nblocks++;
431 inlen -= 64;
432 inbuf += 64;
433 }
434 _gcry_burn_stack (108+5*sizeof(void*));
435 for( ; inlen && hd->count < 64; inlen-- )
436 hd->buf[hd->count++] = *inbuf++;
437}
438
439/****************
440 * Apply the rmd160 transform function on the buffer which must have
441 * a length 64 bytes. Do not use this function together with the
442 * other functions, use rmd160_init to initialize internal variables.
443 * Returns: 16 bytes in buffer with the mixed contentes of buffer.
444 */
445void
446_gcry_rmd160_mixblock( RMD160_CONTEXT *hd, char *buffer )
447{
448 char *p = buffer;
449
450 transform( hd, buffer );
451#define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
452 X(0);
453 X(1);
454 X(2);
455 X(3);
456 X(4);
457#undef X
458}
459
460
461/* The routine terminates the computation
462 */
463
464static void
465rmd160_final( void *context )
466{
467 RMD160_CONTEXT *hd = context;
468 u32 t, msb, lsb;
469 byte *p;
470
471 rmd160_write(hd, NULL, 0); /* flush */;
472
473 t = hd->nblocks;
474 /* multiply by 64 to make a byte count */
475 lsb = t << 6;
476 msb = t >> 26;
477 /* add the count */
478 t = lsb;
479 if( (lsb += hd->count) < t )
480 msb++;
481 /* multiply by 8 to make a bit count */
482 t = lsb;
483 lsb <<= 3;
484 msb <<= 3;
485 msb |= t >> 29;
486
487 if( hd->count < 56 ) /* enough room */
488 {
489 hd->buf[hd->count++] = 0x80; /* pad */
490 while( hd->count < 56 )
491 hd->buf[hd->count++] = 0; /* pad */
492 }
493 else /* need one extra block */
494 {
495 hd->buf[hd->count++] = 0x80; /* pad character */
496 while( hd->count < 64 )
497 hd->buf[hd->count++] = 0;
498 rmd160_write(hd, NULL, 0); /* flush */;
499 memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
500 }
501 /* append the 64 bit count */
502 hd->buf[56] = lsb ;
503 hd->buf[57] = lsb >> 8;
504 hd->buf[58] = lsb >> 16;
505 hd->buf[59] = lsb >> 24;
506 hd->buf[60] = msb ;
507 hd->buf[61] = msb >> 8;
508 hd->buf[62] = msb >> 16;
509 hd->buf[63] = msb >> 24;
510 transform( hd, hd->buf );
511 _gcry_burn_stack (108+5*sizeof(void*));
512
513 p = hd->buf;
514#ifdef WORDS_BIGENDIAN
515 #define X(a) do { *p++ = hd->h##a ; *p++ = hd->h##a >> 8;\
516 *p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0)
517#else /* little endian */
518#define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
519#endif
520 X(0);
521 X(1);
522 X(2);
523 X(3);
524 X(4);
525#undef X
526}
527
528static byte *
529rmd160_read( void *context )
530{
531 RMD160_CONTEXT *hd = context;
532
533 return hd->buf;
534}
535
536
537
538/****************
539 * Shortcut functions which puts the hash value of the supplied buffer
540 * into outbuf which must have a size of 20 bytes.
541 */
542void
543_gcry_rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length )
544{
545 RMD160_CONTEXT hd;
546
547 _gcry_rmd160_init( &hd );
548 rmd160_write( &hd, (byte*)buffer, length );
549 rmd160_final( &hd );
550 memcpy( outbuf, hd.buf, 20 );
551}
552
553static byte asn[15] = /* Object ID is 1.3.36.3.2.1 */
554 { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03,
555 0x02, 0x01, 0x05, 0x00, 0x04, 0x14 };
556
557static gcry_md_oid_spec_t oid_spec_rmd160[] =
558 {
559 /* rsaSignatureWithripemd160 */
560 { "1.3.36.3.3.1.2" },
561 { NULL },
562 };
563
564gcry_md_spec_t _gcry_digest_spec_rmd160 =
565 {
566 "RIPEMD160", asn, DIM (asn), oid_spec_rmd160, 20,
567 _gcry_rmd160_init, rmd160_write, rmd160_final, rmd160_read,
568 sizeof (RMD160_CONTEXT)
569 };