initial revision

1 files changed, 355 insertions, 0 deletions

diff --git a/pwmanager/pwmanager/sha1.cpp b/pwmanager/pwmanager/sha1.cpp
new file mode 100644
index 0000000..b2eeb4d
--- a/dev/null
+++ b/pwmanager/pwmanager/sha1.cpp
@@ -0,0 +1,355 @@
+/* 2003.05.02: Derived from libgcrypt-1.1.12 by Michael Buesch */
+
+/* sha1.c - SHA1 hash function
+ *	Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/*  Test vectors:
+ *
+ *  "abc"
+ *  A999 3E36 4706 816A BA3E  2571 7850 C26C 9CD0 D89D
+ *
+ *  "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+ *  8498 3E44 1C3B D26E BAAE  4AA1 F951 29E5 E546 70F1
+ */
+
+/***************************************************************************
+ * copyright (C) 2004 by Ulf Schenk
+ * This file is originaly based on version 1.0.1 of pwmanager
+ * and was modified to run on embedded devices that run microkde
+ *
+ * $Id$
+ **************************************************************************/  
+
+#include "sha1.h"
+#include "pwmexception.h"
+
+#include <string.h>
+#include <stdlib.h>
+
+
+void Sha1::burn_stack(int bytes)
+{
+	char buf[128];
+
+	memset(buf, 0, sizeof buf);
+	bytes -= sizeof buf;
+	if (bytes > 0)
+		burn_stack(bytes);
+}
+
+void Sha1::sha1_init()
+{
+	ctx.h0 = 0x67452301;
+	ctx.h1 = 0xefcdab89;
+	ctx.h2 = 0x98badcfe;
+	ctx.h3 = 0x10325476;
+	ctx.h4 = 0xc3d2e1f0;
+	ctx.nblocks = 0;
+	ctx.count = 0;
+}
+
+/****************
+ * Transform the message X which consists of 16 32-bit-words
+ */
+void Sha1::transform(const byte *data)
+{
+	register uint32_t a, b, c, d, e, tm;
+	uint32_t x[16];
+
+	/* get values from the chaining vars */
+	a = ctx.h0;
+	b = ctx.h1;
+	c = ctx.h2;
+	d = ctx.h3;
+	e = ctx.h4;
+
+#ifdef BIG_ENDIAN_HOST
+	memcpy(x, data, 64);
+#else
+	{
+		int i;
+		byte *p2;
+		for (i = 0, p2 = (byte *) x; i < 16; i++, p2 += 4) {
+			p2[3] = *data++;
+			p2[2] = *data++;
+			p2[1] = *data++;
+			p2[0] = *data++;
+		}
+	}
+#endif
+
+#define K1  0x5A827999L
+#define K2  0x6ED9EBA1L
+#define K3  0x8F1BBCDCL
+#define K4  0xCA62C1D6L
+#define F1(x,y,z)   ( z ^ ( x & ( y ^ z ) ) )
+#define F2(x,y,z)   ( x ^ y ^ z )
+#define F3(x,y,z)   ( ( x & y ) | ( z & ( x | y ) ) )
+#define F4(x,y,z)   ( x ^ y ^ z )
+
+#define M(i) ( tm =   x[i&0x0f] ^ x[(i-14)&0x0f] \
+		    ^ x[(i-8)&0x0f] ^ x[(i-3)&0x0f] \
+	       , (x[i&0x0f] = rol(tm, 1)) )
+
+#define R(a,b,c,d,e,f,k,m)  do { e += rol( a, 5 )     \
+				      + f( b, c, d )  \
+				      + k	      \
+				      + m;	      \
+				 b = rol( b, 30 );    \
+			       } while(0)
+	R(a, b, c, d, e, F1, K1, x[0]);
+	R(e, a, b, c, d, F1, K1, x[1]);
+	R(d, e, a, b, c, F1, K1, x[2]);
+	R(c, d, e, a, b, F1, K1, x[3]);
+	R(b, c, d, e, a, F1, K1, x[4]);
+	R(a, b, c, d, e, F1, K1, x[5]);
+	R(e, a, b, c, d, F1, K1, x[6]);
+	R(d, e, a, b, c, F1, K1, x[7]);
+	R(c, d, e, a, b, F1, K1, x[8]);
+	R(b, c, d, e, a, F1, K1, x[9]);
+	R(a, b, c, d, e, F1, K1, x[10]);
+	R(e, a, b, c, d, F1, K1, x[11]);
+	R(d, e, a, b, c, F1, K1, x[12]);
+	R(c, d, e, a, b, F1, K1, x[13]);
+	R(b, c, d, e, a, F1, K1, x[14]);
+	R(a, b, c, d, e, F1, K1, x[15]);
+	R(e, a, b, c, d, F1, K1, M(16));
+	R(d, e, a, b, c, F1, K1, M(17));
+	R(c, d, e, a, b, F1, K1, M(18));
+	R(b, c, d, e, a, F1, K1, M(19));
+	R(a, b, c, d, e, F2, K2, M(20));
+	R(e, a, b, c, d, F2, K2, M(21));
+	R(d, e, a, b, c, F2, K2, M(22));
+	R(c, d, e, a, b, F2, K2, M(23));
+	R(b, c, d, e, a, F2, K2, M(24));
+	R(a, b, c, d, e, F2, K2, M(25));
+	R(e, a, b, c, d, F2, K2, M(26));
+	R(d, e, a, b, c, F2, K2, M(27));
+	R(c, d, e, a, b, F2, K2, M(28));
+	R(b, c, d, e, a, F2, K2, M(29));
+	R(a, b, c, d, e, F2, K2, M(30));
+	R(e, a, b, c, d, F2, K2, M(31));
+	R(d, e, a, b, c, F2, K2, M(32));
+	R(c, d, e, a, b, F2, K2, M(33));
+	R(b, c, d, e, a, F2, K2, M(34));
+	R(a, b, c, d, e, F2, K2, M(35));
+	R(e, a, b, c, d, F2, K2, M(36));
+	R(d, e, a, b, c, F2, K2, M(37));
+	R(c, d, e, a, b, F2, K2, M(38));
+	R(b, c, d, e, a, F2, K2, M(39));
+	R(a, b, c, d, e, F3, K3, M(40));
+	R(e, a, b, c, d, F3, K3, M(41));
+	R(d, e, a, b, c, F3, K3, M(42));
+	R(c, d, e, a, b, F3, K3, M(43));
+	R(b, c, d, e, a, F3, K3, M(44));
+	R(a, b, c, d, e, F3, K3, M(45));
+	R(e, a, b, c, d, F3, K3, M(46));
+	R(d, e, a, b, c, F3, K3, M(47));
+	R(c, d, e, a, b, F3, K3, M(48));
+	R(b, c, d, e, a, F3, K3, M(49));
+	R(a, b, c, d, e, F3, K3, M(50));
+	R(e, a, b, c, d, F3, K3, M(51));
+	R(d, e, a, b, c, F3, K3, M(52));
+	R(c, d, e, a, b, F3, K3, M(53));
+	R(b, c, d, e, a, F3, K3, M(54));
+	R(a, b, c, d, e, F3, K3, M(55));
+	R(e, a, b, c, d, F3, K3, M(56));
+	R(d, e, a, b, c, F3, K3, M(57));
+	R(c, d, e, a, b, F3, K3, M(58));
+	R(b, c, d, e, a, F3, K3, M(59));
+	R(a, b, c, d, e, F4, K4, M(60));
+	R(e, a, b, c, d, F4, K4, M(61));
+	R(d, e, a, b, c, F4, K4, M(62));
+	R(c, d, e, a, b, F4, K4, M(63));
+	R(b, c, d, e, a, F4, K4, M(64));
+	R(a, b, c, d, e, F4, K4, M(65));
+	R(e, a, b, c, d, F4, K4, M(66));
+	R(d, e, a, b, c, F4, K4, M(67));
+	R(c, d, e, a, b, F4, K4, M(68));
+	R(b, c, d, e, a, F4, K4, M(69));
+	R(a, b, c, d, e, F4, K4, M(70));
+	R(e, a, b, c, d, F4, K4, M(71));
+	R(d, e, a, b, c, F4, K4, M(72));
+	R(c, d, e, a, b, F4, K4, M(73));
+	R(b, c, d, e, a, F4, K4, M(74));
+	R(a, b, c, d, e, F4, K4, M(75));
+	R(e, a, b, c, d, F4, K4, M(76));
+	R(d, e, a, b, c, F4, K4, M(77));
+	R(c, d, e, a, b, F4, K4, M(78));
+	R(b, c, d, e, a, F4, K4, M(79));
+
+	/* update chainig vars */
+	ctx.h0 += a;
+	ctx.h1 += b;
+	ctx.h2 += c;
+	ctx.h3 += d;
+	ctx.h4 += e;
+#undef K1
+#undef K2
+#undef K3
+#undef K4
+#undef F1
+#undef F2
+#undef F3
+#undef F4
+#undef M
+#undef R
+}
+
+/* Update the message digest with the contents
+ * of INBUF with length INLEN.
+ */
+void Sha1::sha1_write(const byte * inbuf, uint32_t inlen)
+{
+	if (ctx.count == 64) {	/* flush the buffer */
+		transform(ctx.buf);
+		burn_stack(88 + 4 * sizeof(void *));
+		ctx.count = 0;
+		ctx.nblocks++;
+	}
+	if (!inbuf)
+		return;
+	if (ctx.count) {
+		for (; inlen && ctx.count < 64; inlen--)
+			ctx.buf[ctx.count++] = *inbuf++;
+		sha1_write(NULL, 0);
+		if (!inlen)
+			return;
+	}
+
+	while (inlen >= 64) {
+		transform(inbuf);
+		ctx.count = 0;
+		ctx.nblocks++;
+		inlen -= 64;
+		inbuf += 64;
+	}
+	burn_stack(88 + 4 * sizeof(void *));
+	for (; inlen && ctx.count < 64; inlen--)
+		ctx.buf[ctx.count++] = *inbuf++;
+}
+
+/* The routine final terminates the computation and
+ * returns the digest.
+ * The handle is prepared for a new cycle, but adding bytes to the
+ * handle will the destroy the returned buffer.
+ * Returns: 20 bytes representing the digest.
+ */
+
+void Sha1::sha1_final()
+{
+	uint32_t t, msb, lsb;
+	byte *p;
+
+	sha1_write(NULL, 0); /* flush */ ;
+
+	t = ctx.nblocks;
+	/* multiply by 64 to make a byte count */
+	lsb = t << 6;
+	msb = t >> 26;
+	/* add the count */
+	t = lsb;
+	if ((lsb += ctx.count) < t)
+		msb++;
+	/* multiply by 8 to make a bit count */
+	t = lsb;
+	lsb <<= 3;
+	msb <<= 3;
+	msb |= t >> 29;
+
+	if (ctx.count < 56) {	/* enough room */
+		ctx.buf[ctx.count++] = 0x80;	/* pad */
+		while (ctx.count < 56)
+			ctx.buf[ctx.count++] = 0;	/* pad */
+	} else {		/* need one extra block */
+		ctx.buf[ctx.count++] = 0x80;	/* pad character */
+		while (ctx.count < 64)
+			ctx.buf[ctx.count++] = 0;
+		sha1_write(NULL, 0); /* flush */ ;
+		memset(ctx.buf, 0, 56);	/* fill next block with zeroes */
+	}
+	/* append the 64 bit count */
+	ctx.buf[56] = msb >> 24;
+	ctx.buf[57] = msb >> 16;
+	ctx.buf[58] = msb >> 8;
+	ctx.buf[59] = msb;
+	ctx.buf[60] = lsb >> 24;
+	ctx.buf[61] = lsb >> 16;
+	ctx.buf[62] = lsb >> 8;
+	ctx.buf[63] = lsb;
+	transform(ctx.buf);
+	burn_stack(88 + 4 * sizeof(void *));
+
+	p = ctx.buf;
+#ifdef BIG_ENDIAN_HOST
+#define X(a) do { *(uint32_t*)p = ctx.h##a ; p += 4; } while(0)
+#else				/* little endian */
+#define X(a) do { *p++ = ctx.h##a >> 24; *p++ = ctx.h##a >> 16;	 \
+		      *p++ = ctx.h##a >> 8; *p++ = ctx.h##a; } while(0)
+#endif
+	X(0);
+	X(1);
+	X(2);
+	X(3);
+	X(4);
+#undef X
+
+}
+
+string Sha1::sha1_read()
+{
+	sha1_final();
+	string ret;
+	ret.assign((const char*)ctx.buf, SHA1_HASH_LEN_BYTE);
+	sha1_init();
+	return ret;
+}
+
+bool Sha1::selfTest()
+{
+	const char test1[] = { 'a', 'b', 'c' };
+	const uint32_t test1_len = array_size(test1);
+	const char test1_md[] = { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
+				  0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D };
+	const char test2[] = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+	const uint32_t test2_len = array_size(test2) - 1;
+	const char test2_md[] = { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
+				  0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 };
+	const uint32_t test3_len = 640;
+	const char test3_single[] = { '0', '1', '2', '3', '4', '5', '6', '7' };
+	const uint32_t test3_single_len = array_size(test3_single);
+	char test3[test3_len];
+	uint32_t i;
+	for (i = 0; i < test3_len / test3_single_len; ++i)
+		memcpy(test3 + (i * test3_single_len), test3_single, test3_single_len);
+	const char test3_md[] = { 0xDE, 0xA3, 0x56, 0xA2, 0xCD, 0xDD, 0x90, 0xC7, 0xA7, 0xEC,
+				  0xED, 0xC5, 0xEB, 0xB5, 0x63, 0x93, 0x4F, 0x46, 0x04, 0x52 };
+	Sha1 sha1;
+	sha1.sha1_write(reinterpret_cast<const byte *>(test1), test1_len);
+	if (unlikely(memcmp(sha1.sha1_read().c_str(), test1_md, SHA1_HASH_LEN_BYTE)))
+		return false;
+	sha1.sha1_write(reinterpret_cast<const byte *>(test2), test2_len);
+	if (unlikely(memcmp(sha1.sha1_read().c_str(), test2_md, SHA1_HASH_LEN_BYTE)))
+		return false;
+	sha1.sha1_write(reinterpret_cast<const byte *>(test3), test3_len);
+	if (unlikely(memcmp(sha1.sha1_read().c_str(), test3_md, SHA1_HASH_LEN_BYTE)))
+		return false;
+	return true;
+}