gchecksum.c source code [gtk/subprojects/glib/glib/gchecksum.c]

1	/ gchecksum.h - data hashing functions*
2	*
3	* Copyright (C) 2007 Emmanuele Bassi <ebassi@gnome.org>
4	*
5	* This library is free software; you can redistribute it and/or
6	* modify it under the terms of the GNU Lesser General Public
7	* License as published by the Free Software Foundation; either
8	* version 2.1 of the License, or (at your option) any later version.
9	*
10	* This library is distributed in the hope that it will be useful,
11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13	* Lesser General Public License for more details.
14	*
15	* You should have received a copy of the GNU Lesser General Public License
16	* along with this library; if not, see <http://www.gnu.org/licenses/>.
17	*/
18
19	#include "config.h"
20
21	#include <string.h>
22
23	#include "gchecksum.h"
24
25	#include "gslice.h"
26	#include "gmem.h"
27	#include "gstrfuncs.h"
28	#include "gtestutils.h"
29	#include "gtypes.h"
30	#include "glibintl.h"
31
32
33	/**
34	* SECTION:checksum
35	* @title: Data Checksums
36	* @short_description: computes the checksum for data
37	*
38	* GLib provides a generic API for computing checksums (or "digests")
39	* for a sequence of arbitrary bytes, using various hashing algorithms
40	* like MD5, SHA-1 and SHA-256. Checksums are commonly used in various
41	* environments and specifications.
42	*
43	* GLib supports incremental checksums using the GChecksum data
44	* structure, by calling g_checksum_update() as long as there's data
45	* available and then using g_checksum_get_string() or
46	* g_checksum_get_digest() to compute the checksum and return it either
47	* as a string in hexadecimal form, or as a raw sequence of bytes. To
48	* compute the checksum for binary blobs and NUL-terminated strings in
49	* one go, use the convenience functions g_compute_checksum_for_data()
50	* and g_compute_checksum_for_string(), respectively.
51	*
52	* Support for checksums has been added in GLib 2.16
53	**/
54
55	#define IS_VALID_TYPE(type) ((type) >= G_CHECKSUM_MD5 && (type) <= G_CHECKSUM_SHA384)
56
57	/ The fact that these are lower case characters is part of the ABI /
58	static const gchar hex_digits[] = "0123456789abcdef";
59
60	#define MD5_DATASIZE 64
61	#define MD5_DIGEST_LEN 16
62
63	typedef struct
64	{
65	guint32 buf[`4`];
66	guint32 bits[`2`];
67
68	union {
69	guchar data[MD5_DATASIZE];
70	guint32 data32[MD5_DATASIZE / `4`];
71	} u;
72
73	guchar digest[MD5_DIGEST_LEN];
74	} Md5sum;
75
76	#define SHA1_DATASIZE 64
77	#define SHA1_DIGEST_LEN 20
78
79	typedef struct
80	{
81	guint32 buf[`5`];
82	guint32 bits[`2`];
83
84	/ we pack 64 unsigned chars into 16 32-bit unsigned integers /
85	guint32 data[`16`];
86
87	guchar digest[SHA1_DIGEST_LEN];
88	} Sha1sum;
89
90	#define SHA256_DATASIZE 64
91	#define SHA256_DIGEST_LEN 32
92
93	typedef struct
94	{
95	guint32 buf[`8`];
96	guint32 bits[`2`];
97
98	guint8 data[SHA256_DATASIZE];
99
100	guchar digest[SHA256_DIGEST_LEN];
101	} Sha256sum;
102
103	/ SHA2 is common thing for SHA-384, SHA-512, SHA-512/224 and SHA-512/256 /
104	#define SHA2_BLOCK_LEN 128 /* 1024 bits message block */
105	#define SHA384_DIGEST_LEN 48
106	#define SHA512_DIGEST_LEN 64
107
108	typedef struct
109	{
110	guint64 H[`8`];
111
112	guint8 block[SHA2_BLOCK_LEN];
113	guint8 block_len;
114
115	guint64 data_len[`2`];
116
117	guchar digest[SHA512_DIGEST_LEN];
118	} Sha512sum;
119
120	struct _GChecksum
121	{
122	GChecksumType type;
123
124	gchar *digest_str;
125
126	union {
127	Md5sum md5;
128	Sha1sum sha1;
129	Sha256sum sha256;
130	Sha512sum sha512;
131	} sum;
132	};
133
134	/ we need different byte swapping functions because MD5 expects buffers*
135	* to be little-endian, while SHA1 and SHA256 expect them in big-endian
136	* form.
137	*/
138
139	#if G_BYTE_ORDER == G_LITTLE_ENDIAN
140	#define md5_byte_reverse(buffer,length)
141	#else
142	/ assume that the passed buffer is integer aligned /
143	static inline void
144	md5_byte_reverse (guchar *buffer,
145	gulong length)
146	{
147	guint32 bit;
148
149	do
150	{
151	bit = (guint32) ((unsigned) buffer[`3`] << `8` \| buffer[`2`]) << `16` \|
152	((unsigned) buffer[`1`] << `8` \| buffer[`0`]);
153	* (guint32 *) buffer = bit;
154	buffer += `4`;
155	}
156	while (--length);
157	}
158	#endif /* G_BYTE_ORDER == G_LITTLE_ENDIAN */
159
160	#if G_BYTE_ORDER == G_BIG_ENDIAN
161	#define sha_byte_reverse(buffer,length)
162	#else
163	static inline void
164	sha_byte_reverse (guint32 *buffer,
165	gint length)
166	{
167	length /= sizeof (guint32);
168	while (length--)
169	{
170	buffer = GUINT32_SWAP_LE_BE (buffer);
171	++buffer;
172	}
173	}
174	#endif /* G_BYTE_ORDER == G_BIG_ENDIAN */
175
176	static gchar *
177	digest_to_string (guint8 *digest,
178	gsize digest_len)
179	{
180	gsize i, len = digest_len * `2`;
181	gchar *retval;
182
183	retval = g_new (gchar, len + `1`);
184
185	for (i = `0`; i < digest_len; i++)
186	{
187	guint8 byte = digest[i];
188
189	retval[`2` * i] = hex_digits[byte >> `4`];
190	retval[`2` * i + `1`] = hex_digits[byte & `0xf`];
191	}
192
193	retval[len] = `0`;
194
195	return retval;
196	}
197
198	/*
199	* MD5 Checksum
200	*/
201
202	/ This MD5 digest computation is based on the equivalent code*
203	* written by Colin Plumb. It came with this notice:
204	*
205	* This code implements the MD5 message-digest algorithm.
206	* The algorithm is due to Ron Rivest. This code was
207	* written by Colin Plumb in 1993, no copyright is claimed.
208	* This code is in the public domain; do with it what you wish.
209	*
210	* Equivalent code is available from RSA Data Security, Inc.
211	* This code has been tested against that, and is equivalent,
212	* except that you don't need to include two pages of legalese
213	* with every copy.
214	*/
215
216	static void
217	md5_sum_init (Md5sum *md5)
218	{
219	/ arbitrary constants /
220	md5->buf[`0`] = `0x67452301`;
221	md5->buf[`1`] = `0xefcdab89`;
222	md5->buf[`2`] = `0x98badcfe`;
223	md5->buf[`3`] = `0x10325476`;
224
225	md5->bits[`0`] = md5->bits[`1`] = `0`;
226	}
227
228	/*
229	* The core of the MD5 algorithm, this alters an existing MD5 hash to
230	* reflect the addition of 16 longwords of new data. md5_sum_update()
231	* blocks the data and converts bytes into longwords for this routine.
232	*/
233	static void
234	md5_transform (guint32 buf[`4`],
235	guint32 const in[`16`])
236	{
237	guint32 a, b, c, d;
238
239	/ The four core functions - F1 is optimized somewhat /
240	#define F1(x, y, z) (z ^ (x & (y ^ z)))
241	#define F2(x, y, z) F1 (z, x, y)
242	#define F3(x, y, z) (x ^ y ^ z)
243	#define F4(x, y, z) (y ^ (x \| ~z))
244
245	/ This is the central step in the MD5 algorithm. /
246	#define md5_step(f, w, x, y, z, data, s) \
247	( w += f (x, y, z) + data, w = w << s \| w >> (32 - s), w += x )
248
249	a = buf[`0`];
250	b = buf[`1`];
251	c = buf[`2`];
252	d = buf[`3`];
253
254	md5_step (F1, a, b, c, d, in[`0`] + `0xd76aa478`, `7`);
255	md5_step (F1, d, a, b, c, in[`1`] + `0xe8c7b756`, `12`);
256	md5_step (F1, c, d, a, b, in[`2`] + `0x242070db`, `17`);
257	md5_step (F1, b, c, d, a, in[`3`] + `0xc1bdceee`, `22`);
258	md5_step (F1, a, b, c, d, in[`4`] + `0xf57c0faf`, `7`);
259	md5_step (F1, d, a, b, c, in[`5`] + `0x4787c62a`, `12`);
260	md5_step (F1, c, d, a, b, in[`6`] + `0xa8304613`, `17`);
261	md5_step (F1, b, c, d, a, in[`7`] + `0xfd469501`, `22`);
262	md5_step (F1, a, b, c, d, in[`8`] + `0x698098d8`, `7`);
263	md5_step (F1, d, a, b, c, in[`9`] + `0x8b44f7af`, `12`);
264	md5_step (F1, c, d, a, b, in[`10`] + `0xffff5bb1`, `17`);
265	md5_step (F1, b, c, d, a, in[`11`] + `0x895cd7be`, `22`);
266	md5_step (F1, a, b, c, d, in[`12`] + `0x6b901122`, `7`);
267	md5_step (F1, d, a, b, c, in[`13`] + `0xfd987193`, `12`);
268	md5_step (F1, c, d, a, b, in[`14`] + `0xa679438e`, `17`);
269	md5_step (F1, b, c, d, a, in[`15`] + `0x49b40821`, `22`);
270
271	md5_step (F2, a, b, c, d, in[`1`] + `0xf61e2562`, `5`);
272	md5_step (F2, d, a, b, c, in[`6`] + `0xc040b340`, `9`);
273	md5_step (F2, c, d, a, b, in[`11`] + `0x265e5a51`, `14`);
274	md5_step (F2, b, c, d, a, in[`0`] + `0xe9b6c7aa`, `20`);
275	md5_step (F2, a, b, c, d, in[`5`] + `0xd62f105d`, `5`);
276	md5_step (F2, d, a, b, c, in[`10`] + `0x02441453`, `9`);
277	md5_step (F2, c, d, a, b, in[`15`] + `0xd8a1e681`, `14`);
278	md5_step (F2, b, c, d, a, in[`4`] + `0xe7d3fbc8`, `20`);
279	md5_step (F2, a, b, c, d, in[`9`] + `0x21e1cde6`, `5`);
280	md5_step (F2, d, a, b, c, in[`14`] + `0xc33707d6`, `9`);
281	md5_step (F2, c, d, a, b, in[`3`] + `0xf4d50d87`, `14`);
282	md5_step (F2, b, c, d, a, in[`8`] + `0x455a14ed`, `20`);
283	md5_step (F2, a, b, c, d, in[`13`] + `0xa9e3e905`, `5`);
284	md5_step (F2, d, a, b, c, in[`2`] + `0xfcefa3f8`, `9`);
285	md5_step (F2, c, d, a, b, in[`7`] + `0x676f02d9`, `14`);
286	md5_step (F2, b, c, d, a, in[`12`] + `0x8d2a4c8a`, `20`);
287
288	md5_step (F3, a, b, c, d, in[`5`] + `0xfffa3942`, `4`);
289	md5_step (F3, d, a, b, c, in[`8`] + `0x8771f681`, `11`);
290	md5_step (F3, c, d, a, b, in[`11`] + `0x6d9d6122`, `16`);
291	md5_step (F3, b, c, d, a, in[`14`] + `0xfde5380c`, `23`);
292	md5_step (F3, a, b, c, d, in[`1`] + `0xa4beea44`, `4`);
293	md5_step (F3, d, a, b, c, in[`4`] + `0x4bdecfa9`, `11`);
294	md5_step (F3, c, d, a, b, in[`7`] + `0xf6bb4b60`, `16`);
295	md5_step (F3, b, c, d, a, in[`10`] + `0xbebfbc70`, `23`);
296	md5_step (F3, a, b, c, d, in[`13`] + `0x289b7ec6`, `4`);
297	md5_step (F3, d, a, b, c, in[`0`] + `0xeaa127fa`, `11`);
298	md5_step (F3, c, d, a, b, in[`3`] + `0xd4ef3085`, `16`);
299	md5_step (F3, b, c, d, a, in[`6`] + `0x04881d05`, `23`);
300	md5_step (F3, a, b, c, d, in[`9`] + `0xd9d4d039`, `4`);
301	md5_step (F3, d, a, b, c, in[`12`] + `0xe6db99e5`, `11`);
302	md5_step (F3, c, d, a, b, in[`15`] + `0x1fa27cf8`, `16`);
303	md5_step (F3, b, c, d, a, in[`2`] + `0xc4ac5665`, `23`);
304
305	md5_step (F4, a, b, c, d, in[`0`] + `0xf4292244`, `6`);
306	md5_step (F4, d, a, b, c, in[`7`] + `0x432aff97`, `10`);
307	md5_step (F4, c, d, a, b, in[`14`] + `0xab9423a7`, `15`);
308	md5_step (F4, b, c, d, a, in[`5`] + `0xfc93a039`, `21`);
309	md5_step (F4, a, b, c, d, in[`12`] + `0x655b59c3`, `6`);
310	md5_step (F4, d, a, b, c, in[`3`] + `0x8f0ccc92`, `10`);
311	md5_step (F4, c, d, a, b, in[`10`] + `0xffeff47d`, `15`);
312	md5_step (F4, b, c, d, a, in[`1`] + `0x85845dd1`, `21`);
313	md5_step (F4, a, b, c, d, in[`8`] + `0x6fa87e4f`, `6`);
314	md5_step (F4, d, a, b, c, in[`15`] + `0xfe2ce6e0`, `10`);
315	md5_step (F4, c, d, a, b, in[`6`] + `0xa3014314`, `15`);
316	md5_step (F4, b, c, d, a, in[`13`] + `0x4e0811a1`, `21`);
317	md5_step (F4, a, b, c, d, in[`4`] + `0xf7537e82`, `6`);
318	md5_step (F4, d, a, b, c, in[`11`] + `0xbd3af235`, `10`);
319	md5_step (F4, c, d, a, b, in[`2`] + `0x2ad7d2bb`, `15`);
320	md5_step (F4, b, c, d, a, in[`9`] + `0xeb86d391`, `21`);
321
322	buf[`0`] += a;
323	buf[`1`] += b;
324	buf[`2`] += c;
325	buf[`3`] += d;
326
327	#undef F1
328	#undef F2
329	#undef F3
330	#undef F4
331	#undef md5_step
332	}
333
334	static void
335	md5_sum_update (Md5sum *md5,
336	const guchar *data,
337	gsize length)
338	{
339	guint32 bit;
340
341	bit = md5->bits[`0`];
342	md5->bits[`0`] = bit + ((guint32) length << `3`);
343
344	/ carry from low to high /
345	if (md5->bits[`0`] < bit)
346	md5->bits[`1`] += `1`;
347
348	md5->bits[`1`] += length >> `29`;
349
350	/ bytes already in Md5sum->u.data /
351	bit = (bit >> `3`) & `0x3f`;
352
353	/ handle any leading odd-sized chunks /
354	if (bit)
355	{
356	guchar *p = md5->u.data + bit;
357
358	bit = MD5_DATASIZE - bit;
359	if (length < bit)
360	{
361	memcpy (dest: p, src: data, n: length);
362	return;
363	}
364
365	memcpy (dest: p, src: data, n: bit);
366
367	md5_byte_reverse (md5->u.data, `16`);
368	md5_transform (buf: md5->buf, in: md5->u.data32);
369
370	data += bit;
371	length -= bit;
372	}
373
374	/ process data in 64-byte chunks /
375	while (length >= MD5_DATASIZE)
376	{
377	memcpy (dest: md5->u.data, src: data, MD5_DATASIZE);
378
379	md5_byte_reverse (md5->u.data, `16`);
380	md5_transform (buf: md5->buf, in: md5->u.data32);
381
382	data += MD5_DATASIZE;
383	length -= MD5_DATASIZE;
384	}
385
386	/ handle any remaining bytes of data /
387	memcpy (dest: md5->u.data, src: data, n: length);
388	}
389
390	/ closes a checksum /
391	static void
392	md5_sum_close (Md5sum *md5)
393	{
394	guint count;
395	guchar *p;
396
397	/ Compute number of bytes mod 64 /
398	count = (md5->bits[`0`] >> `3`) & `0x3F`;
399
400	/ Set the first char of padding to 0x80.*
401	* This is safe since there is always at least one byte free
402	*/
403	p = md5->u.data + count;
404	*p++ = `0x80`;
405
406	/ Bytes of padding needed to make 64 bytes /
407	count = MD5_DATASIZE - `1` - count;
408
409	/ Pad out to 56 mod 64 /
410	if (count < `8`)
411	{
412	/ Two lots of padding: Pad the first block to 64 bytes /
413	memset (s: p, c: `0`, n: count);
414
415	md5_byte_reverse (md5->u.data, `16`);
416	md5_transform (buf: md5->buf, in: md5->u.data32);
417
418	/ Now fill the next block with 56 bytes /
419	memset (s: md5->u.data, c: `0`, MD5_DATASIZE - `8`);
420	}
421	else
422	{
423	/ Pad block to 56 bytes /
424	memset (s: p, c: `0`, n: count - `8`);
425	}
426
427	md5_byte_reverse (md5->u.data, `14`);
428
429	/ Append length in bits and transform /
430	md5->u.data32[`14`] = md5->bits[`0`];
431	md5->u.data32[`15`] = md5->bits[`1`];
432
433	md5_transform (buf: md5->buf, in: md5->u.data32);
434	md5_byte_reverse ((guchar *) md5->buf, `4`);
435
436	memcpy (dest: md5->digest, src: md5->buf, n: `16`);
437
438	/ Reset buffers in case they contain sensitive data /
439	memset (s: md5->buf, c: `0`, n: sizeof (md5->buf));
440	memset (s: md5->u.data, c: `0`, n: sizeof (md5->u.data));
441	}
442
443	static gchar *
444	md5_sum_to_string (Md5sum *md5)
445	{
446	return digest_to_string (digest: md5->digest, MD5_DIGEST_LEN);
447	}
448
449	static void
450	md5_sum_digest (Md5sum *md5,
451	guint8 *digest)
452	{
453	gint i;
454
455	for (i = `0`; i < MD5_DIGEST_LEN; i++)
456	digest[i] = md5->digest[i];
457	}
458
459	/*
460	* SHA-1 Checksum
461	*/
462
463	/ The following implementation comes from D-Bus dbus-sha.c. I've changed*
464	* it to use GLib types and to work more like the MD5 implementation above.
465	* I left the comments to have a history of this code.
466	* -- Emmanuele Bassi, ebassi@gnome.org
467	*/
468
469	/ The following comments have the history of where this code*
470	* comes from. I actually copied it from GNet in GNOME CVS.
471	* - hp@redhat.com
472	*/
473
474	/*
475	* sha.h : Implementation of the Secure Hash Algorithm
476	*
477	* Part of the Python Cryptography Toolkit, version 1.0.0
478	*
479	* Copyright (C) 1995, A.M. Kuchling
480	*
481	* Distribute and use freely; there are no restrictions on further
482	* dissemination and usage except those imposed by the laws of your
483	* country of residence.
484	*
485	*/
486
487	/ SHA: NIST's Secure Hash Algorithm /
488
489	/ Based on SHA code originally posted to sci.crypt by Peter Gutmann*
490	in message <30ajo5$oe8@ccu2.auckland.ac.nz>.
491	Modified to test for endianness on creation of SHA objects by AMK.
492	Also, the original specification of SHA was found to have a weakness
493	by NSA/NIST. This code implements the fixed version of SHA.
494	*/
495
496	/ Here's the first paragraph of Peter Gutmann's posting:*
497
498	The following is my SHA (FIPS 180) code updated to allow use of the "fixed"
499	SHA, thanks to Jim Gillogly and an anonymous contributor for the information on
500	what's changed in the new version. The fix is a simple change which involves
501	adding a single rotate in the initial expansion function. It is unknown
502	whether this is an optimal solution to the problem which was discovered in the
503	SHA or whether it's simply a bandaid which fixes the problem with a minimum of
504	effort (for example the reengineering of a great many Capstone chips).
505	*/
506
507	static void
508	sha1_sum_init (Sha1sum *sha1)
509	{
510	/ initialize constants /
511	sha1->buf[`0`] = `0x67452301L`;
512	sha1->buf[`1`] = `0xEFCDAB89L`;
513	sha1->buf[`2`] = `0x98BADCFEL`;
514	sha1->buf[`3`] = `0x10325476L`;
515	sha1->buf[`4`] = `0xC3D2E1F0L`;
516
517	/ initialize bits /
518	sha1->bits[`0`] = sha1->bits[`1`] = `0`;
519	}
520
521	/ The SHA f()-functions. /
522
523	#define f1(x,y,z) (z ^ (x & (y ^ z))) /* Rounds 0-19 */
524	#define f2(x,y,z) (x ^ y ^ z) /* Rounds 20-39 */
525	#define f3(x,y,z) (( x & y) \| (z & (x \| y))) /* Rounds 40-59 */
526	#define f4(x,y,z) (x ^ y ^ z) /* Rounds 60-79 */
527
528	/ The SHA Mysterious Constants /
529	#define K1 0x5A827999L /* Rounds 0-19 */
530	#define K2 0x6ED9EBA1L /* Rounds 20-39 */
531	#define K3 0x8F1BBCDCL /* Rounds 40-59 */
532	#define K4 0xCA62C1D6L /* Rounds 60-79 */
533
534	/ 32-bit rotate left - kludged with shifts /
535	#define ROTL(n,X) (((X) << n ) \| ((X) >> (32 - n)))
536
537	/ The initial expanding function. The hash function is defined over an*
538	80-word expanded input array W, where the first 16 are copies of the input
539	data, and the remaining 64 are defined by
540
541	W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ]
542
543	This implementation generates these values on the fly in a circular
544	buffer - thanks to Colin Plumb, colin@nyx10.cs.du.edu for this
545	optimization.
546
547	The updated SHA changes the expanding function by adding a rotate of 1
548	bit. Thanks to Jim Gillogly, jim@rand.org, and an anonymous contributor
549	for this information /*
550
551	#define expand(W,i) (W[ i & 15 ] = ROTL (1, (W[ i & 15] ^ \
552	W[(i - 14) & 15] ^ \
553	W[(i - 8) & 15] ^ \
554	W[(i - 3) & 15])))
555
556
557	/ The prototype SHA sub-round. The fundamental sub-round is:*
558
559	a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data;
560	b' = a;
561	c' = ROTL( 30, b );
562	d' = c;
563	e' = d;
564
565	but this is implemented by unrolling the loop 5 times and renaming the
566	variables ( e, a, b, c, d ) = ( a', b', c', d', e' ) each iteration.
567	This code is then replicated 20 times for each of the 4 functions, using
568	the next 20 values from the W[] array each time /*
569
570	#define subRound(a, b, c, d, e, f, k, data) \
571	(e += ROTL (5, a) + f(b, c, d) + k + data, b = ROTL (30, b))
572
573	static void
574	sha1_transform (guint32 buf[`5`],
575	guint32 in[`16`])
576	{
577	guint32 A, B, C, D, E;
578
579	A = buf[`0`];
580	B = buf[`1`];
581	C = buf[`2`];
582	D = buf[`3`];
583	E = buf[`4`];
584
585	/ Heavy mangling, in 4 sub-rounds of 20 iterations each. /
586	subRound (A, B, C, D, E, f1, K1, in[`0`]);
587	subRound (E, A, B, C, D, f1, K1, in[`1`]);
588	subRound (D, E, A, B, C, f1, K1, in[`2`]);
589	subRound (C, D, E, A, B, f1, K1, in[`3`]);
590	subRound (B, C, D, E, A, f1, K1, in[`4`]);
591	subRound (A, B, C, D, E, f1, K1, in[`5`]);
592	subRound (E, A, B, C, D, f1, K1, in[`6`]);
593	subRound (D, E, A, B, C, f1, K1, in[`7`]);
594	subRound (C, D, E, A, B, f1, K1, in[`8`]);
595	subRound (B, C, D, E, A, f1, K1, in[`9`]);
596	subRound (A, B, C, D, E, f1, K1, in[`10`]);
597	subRound (E, A, B, C, D, f1, K1, in[`11`]);
598	subRound (D, E, A, B, C, f1, K1, in[`12`]);
599	subRound (C, D, E, A, B, f1, K1, in[`13`]);
600	subRound (B, C, D, E, A, f1, K1, in[`14`]);
601	subRound (A, B, C, D, E, f1, K1, in[`15`]);
602	subRound (E, A, B, C, D, f1, K1, expand (in, `16`));
603	subRound (D, E, A, B, C, f1, K1, expand (in, `17`));
604	subRound (C, D, E, A, B, f1, K1, expand (in, `18`));
605	subRound (B, C, D, E, A, f1, K1, expand (in, `19`));
606
607	subRound (A, B, C, D, E, f2, K2, expand (in, `20`));
608	subRound (E, A, B, C, D, f2, K2, expand (in, `21`));
609	subRound (D, E, A, B, C, f2, K2, expand (in, `22`));
610	subRound (C, D, E, A, B, f2, K2, expand (in, `23`));
611	subRound (B, C, D, E, A, f2, K2, expand (in, `24`));
612	subRound (A, B, C, D, E, f2, K2, expand (in, `25`));
613	subRound (E, A, B, C, D, f2, K2, expand (in, `26`));
614	subRound (D, E, A, B, C, f2, K2, expand (in, `27`));
615	subRound (C, D, E, A, B, f2, K2, expand (in, `28`));
616	subRound (B, C, D, E, A, f2, K2, expand (in, `29`));
617	subRound (A, B, C, D, E, f2, K2, expand (in, `30`));
618	subRound (E, A, B, C, D, f2, K2, expand (in, `31`));
619	subRound (D, E, A, B, C, f2, K2, expand (in, `32`));
620	subRound (C, D, E, A, B, f2, K2, expand (in, `33`));
621	subRound (B, C, D, E, A, f2, K2, expand (in, `34`));
622	subRound (A, B, C, D, E, f2, K2, expand (in, `35`));
623	subRound (E, A, B, C, D, f2, K2, expand (in, `36`));
624	subRound (D, E, A, B, C, f2, K2, expand (in, `37`));
625	subRound (C, D, E, A, B, f2, K2, expand (in, `38`));
626	subRound (B, C, D, E, A, f2, K2, expand (in, `39`));
627
628	subRound (A, B, C, D, E, f3, K3, expand (in, `40`));
629	subRound (E, A, B, C, D, f3, K3, expand (in, `41`));
630	subRound (D, E, A, B, C, f3, K3, expand (in, `42`));
631	subRound (C, D, E, A, B, f3, K3, expand (in, `43`));
632	subRound (B, C, D, E, A, f3, K3, expand (in, `44`));
633	subRound (A, B, C, D, E, f3, K3, expand (in, `45`));
634	subRound (E, A, B, C, D, f3, K3, expand (in, `46`));
635	subRound (D, E, A, B, C, f3, K3, expand (in, `47`));
636	subRound (C, D, E, A, B, f3, K3, expand (in, `48`));
637	subRound (B, C, D, E, A, f3, K3, expand (in, `49`));
638	subRound (A, B, C, D, E, f3, K3, expand (in, `50`));
639	subRound (E, A, B, C, D, f3, K3, expand (in, `51`));
640	subRound (D, E, A, B, C, f3, K3, expand (in, `52`));
641	subRound (C, D, E, A, B, f3, K3, expand (in, `53`));
642	subRound (B, C, D, E, A, f3, K3, expand (in, `54`));
643	subRound (A, B, C, D, E, f3, K3, expand (in, `55`));
644	subRound (E, A, B, C, D, f3, K3, expand (in, `56`));
645	subRound (D, E, A, B, C, f3, K3, expand (in, `57`));
646	subRound (C, D, E, A, B, f3, K3, expand (in, `58`));
647	subRound (B, C, D, E, A, f3, K3, expand (in, `59`));
648
649	subRound (A, B, C, D, E, f4, K4, expand (in, `60`));
650	subRound (E, A, B, C, D, f4, K4, expand (in, `61`));
651	subRound (D, E, A, B, C, f4, K4, expand (in, `62`));
652	subRound (C, D, E, A, B, f4, K4, expand (in, `63`));
653	subRound (B, C, D, E, A, f4, K4, expand (in, `64`));
654	subRound (A, B, C, D, E, f4, K4, expand (in, `65`));
655	subRound (E, A, B, C, D, f4, K4, expand (in, `66`));
656	subRound (D, E, A, B, C, f4, K4, expand (in, `67`));
657	subRound (C, D, E, A, B, f4, K4, expand (in, `68`));
658	subRound (B, C, D, E, A, f4, K4, expand (in, `69`));
659	subRound (A, B, C, D, E, f4, K4, expand (in, `70`));
660	subRound (E, A, B, C, D, f4, K4, expand (in, `71`));
661	subRound (D, E, A, B, C, f4, K4, expand (in, `72`));
662	subRound (C, D, E, A, B, f4, K4, expand (in, `73`));
663	subRound (B, C, D, E, A, f4, K4, expand (in, `74`));
664	subRound (A, B, C, D, E, f4, K4, expand (in, `75`));
665	subRound (E, A, B, C, D, f4, K4, expand (in, `76`));
666	subRound (D, E, A, B, C, f4, K4, expand (in, `77`));
667	subRound (C, D, E, A, B, f4, K4, expand (in, `78`));
668	subRound (B, C, D, E, A, f4, K4, expand (in, `79`));
669
670	/ Build message digest /
671	buf[`0`] += A;
672	buf[`1`] += B;
673	buf[`2`] += C;
674	buf[`3`] += D;
675	buf[`4`] += E;
676	}
677
678	#undef K1
679	#undef K2
680	#undef K3
681	#undef K4
682	#undef f1
683	#undef f2
684	#undef f3
685	#undef f4
686	#undef ROTL
687	#undef expand
688	#undef subRound
689
690	static void
691	sha1_sum_update (Sha1sum *sha1,
692	const guchar *buffer,
693	gsize count)
694	{
695	guint32 tmp;
696	guint dataCount;
697
698	/ Update bitcount /
699	tmp = sha1->bits[`0`];
700	if ((sha1->bits[`0`] = tmp + ((guint32) count << `3`) ) < tmp)
701	sha1->bits[`1`] += `1`; / Carry from low to high /
702	sha1->bits[`1`] += count >> `29`;
703
704	/ Get count of bytes already in data /
705	dataCount = (guint) (tmp >> `3`) & `0x3F`;
706
707	/ Handle any leading odd-sized chunks /
708	if (dataCount)
709	{
710	guchar p = (guchar ) sha1->data + dataCount;
711
712	dataCount = SHA1_DATASIZE - dataCount;
713	if (count < dataCount)
714	{
715	memcpy (dest: p, src: buffer, n: count);
716	return;
717	}
718
719	memcpy (dest: p, src: buffer, n: dataCount);
720
721	sha_byte_reverse (buffer: sha1->data, SHA1_DATASIZE);
722	sha1_transform (buf: sha1->buf, in: sha1->data);
723
724	buffer += dataCount;
725	count -= dataCount;
726	}
727
728	/ Process data in SHA1_DATASIZE chunks /
729	while (count >= SHA1_DATASIZE)
730	{
731	memcpy (dest: sha1->data, src: buffer, SHA1_DATASIZE);
732
733	sha_byte_reverse (buffer: sha1->data, SHA1_DATASIZE);
734	sha1_transform (buf: sha1->buf, in: sha1->data);
735
736	buffer += SHA1_DATASIZE;
737	count -= SHA1_DATASIZE;
738	}
739
740	/ Handle any remaining bytes of data. /
741	memcpy (dest: sha1->data, src: buffer, n: count);
742	}
743
744	/ Final wrapup - pad to SHA_DATASIZE-byte boundary with the bit pattern*
745	1 0 (64-bit count of bits processed, MSB-first) /
746	static void
747	sha1_sum_close (Sha1sum *sha1)
748	{
749	gint count;
750	guchar *data_p;
751
752	/ Compute number of bytes mod 64 /
753	count = (gint) ((sha1->bits[`0`] >> `3`) & `0x3f`);
754
755	/ Set the first char of padding to 0x80. This is safe since there is*
756	always at least one byte free /*
757	data_p = (guchar *) sha1->data + count;
758	*data_p++ = `0x80`;
759
760	/ Bytes of padding needed to make 64 bytes /
761	count = SHA1_DATASIZE - `1` - count;
762
763	/ Pad out to 56 mod 64 /
764	if (count < `8`)
765	{
766	/ Two lots of padding: Pad the first block to 64 bytes /
767	memset (s: data_p, c: `0`, n: count);
768
769	sha_byte_reverse (buffer: sha1->data, SHA1_DATASIZE);
770	sha1_transform (buf: sha1->buf, in: sha1->data);
771
772	/ Now fill the next block with 56 bytes /
773	memset (s: sha1->data, c: `0`, SHA1_DATASIZE - `8`);
774	}
775	else
776	{
777	/ Pad block to 56 bytes /
778	memset (s: data_p, c: `0`, n: count - `8`);
779	}
780
781	/ Append length in bits and transform /
782	sha1->data[`14`] = sha1->bits[`1`];
783	sha1->data[`15`] = sha1->bits[`0`];
784
785	sha_byte_reverse (buffer: sha1->data, SHA1_DATASIZE - `8`);
786	sha1_transform (buf: sha1->buf, in: sha1->data);
787	sha_byte_reverse (buffer: sha1->buf, SHA1_DIGEST_LEN);
788
789	memcpy (dest: sha1->digest, src: sha1->buf, SHA1_DIGEST_LEN);
790
791	/ Reset buffers in case they contain sensitive data /
792	memset (s: sha1->buf, c: `0`, n: sizeof (sha1->buf));
793	memset (s: sha1->data, c: `0`, n: sizeof (sha1->data));
794	}
795
796	static gchar *
797	sha1_sum_to_string (Sha1sum *sha1)
798	{
799	return digest_to_string (digest: sha1->digest, SHA1_DIGEST_LEN);
800	}
801
802	static void
803	sha1_sum_digest (Sha1sum *sha1,
804	guint8 *digest)
805	{
806	gint i;
807
808	for (i = `0`; i < SHA1_DIGEST_LEN; i++)
809	digest[i] = sha1->digest[i];
810	}
811
812	/*
813	* SHA-256 Checksum
814	*/
815
816	/ adapted from the SHA256 implementation in gsk/src/hash/gskhash.c.*
817	*
818	* Copyright (C) 2006 Dave Benson
819	* Released under the terms of the GNU Lesser General Public License
820	*/
821
822	static void
823	sha256_sum_init (Sha256sum *sha256)
824	{
825	sha256->buf[`0`] = `0x6a09e667`;
826	sha256->buf[`1`] = `0xbb67ae85`;
827	sha256->buf[`2`] = `0x3c6ef372`;
828	sha256->buf[`3`] = `0xa54ff53a`;
829	sha256->buf[`4`] = `0x510e527f`;
830	sha256->buf[`5`] = `0x9b05688c`;
831	sha256->buf[`6`] = `0x1f83d9ab`;
832	sha256->buf[`7`] = `0x5be0cd19`;
833
834	sha256->bits[`0`] = sha256->bits[`1`] = `0`;
835	}
836
837	#define GET_UINT32(n,b,i) G_STMT_START{ \
838	(n) = ((guint32) (b)[(i) ] << 24) \
839	\| ((guint32) (b)[(i) + 1] << 16) \
840	\| ((guint32) (b)[(i) + 2] << 8) \
841	\| ((guint32) (b)[(i) + 3] ); } G_STMT_END
842
843	#define PUT_UINT32(n,b,i) G_STMT_START{ \
844	(b)[(i) ] = (guint8) ((n) >> 24); \
845	(b)[(i) + 1] = (guint8) ((n) >> 16); \
846	(b)[(i) + 2] = (guint8) ((n) >> 8); \
847	(b)[(i) + 3] = (guint8) ((n) ); } G_STMT_END
848
849	static void
850	sha256_transform (guint32 buf[`8`],
851	guint8 const data[`64`])
852	{
853	guint32 temp1, temp2, W[`64`];
854	guint32 A, B, C, D, E, F, G, H;
855
856	GET_UINT32 (W[`0`], data, `0`);
857	GET_UINT32 (W[`1`], data, `4`);
858	GET_UINT32 (W[`2`], data, `8`);
859	GET_UINT32 (W[`3`], data, `12`);
860	GET_UINT32 (W[`4`], data, `16`);
861	GET_UINT32 (W[`5`], data, `20`);
862	GET_UINT32 (W[`6`], data, `24`);
863	GET_UINT32 (W[`7`], data, `28`);
864	GET_UINT32 (W[`8`], data, `32`);
865	GET_UINT32 (W[`9`], data, `36`);
866	GET_UINT32 (W[`10`], data, `40`);
867	GET_UINT32 (W[`11`], data, `44`);
868	GET_UINT32 (W[`12`], data, `48`);
869	GET_UINT32 (W[`13`], data, `52`);
870	GET_UINT32 (W[`14`], data, `56`);
871	GET_UINT32 (W[`15`], data, `60`);
872
873	#define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
874	#define ROTR(x,n) (SHR (x,n) \| (x << (32 - n)))
875
876	#define S0(x) (ROTR (x, 7) ^ ROTR (x,18) ^ SHR (x, 3))
877	#define S1(x) (ROTR (x,17) ^ ROTR (x,19) ^ SHR (x,10))
878	#define S2(x) (ROTR (x, 2) ^ ROTR (x,13) ^ ROTR (x,22))
879	#define S3(x) (ROTR (x, 6) ^ ROTR (x,11) ^ ROTR (x,25))
880
881	#define F0(x,y,z) ((x & y) \| (z & (x \| y)))
882	#define F1(x,y,z) (z ^ (x & (y ^ z)))
883
884	#define R(t) (W[t] = S1(W[t - 2]) + W[t - 7] + \
885	S0(W[t - 15]) + W[t - 16])
886
887	#define P(a,b,c,d,e,f,g,h,x,K) G_STMT_START { \
888	temp1 = h + S3(e) + F1(e,f,g) + K + x; \
889	temp2 = S2(a) + F0(a,b,c); \
890	d += temp1; h = temp1 + temp2; } G_STMT_END
891
892	A = buf[`0`];
893	B = buf[`1`];
894	C = buf[`2`];
895	D = buf[`3`];
896	E = buf[`4`];
897	F = buf[`5`];
898	G = buf[`6`];
899	H = buf[`7`];
900
901	P (A, B, C, D, E, F, G, H, W[ `0`], `0x428A2F98`);
902	P (H, A, B, C, D, E, F, G, W[ `1`], `0x71374491`);
903	P (G, H, A, B, C, D, E, F, W[ `2`], `0xB5C0FBCF`);
904	P (F, G, H, A, B, C, D, E, W[ `3`], `0xE9B5DBA5`);
905	P (E, F, G, H, A, B, C, D, W[ `4`], `0x3956C25B`);
906	P (D, E, F, G, H, A, B, C, W[ `5`], `0x59F111F1`);
907	P (C, D, E, F, G, H, A, B, W[ `6`], `0x923F82A4`);
908	P (B, C, D, E, F, G, H, A, W[ `7`], `0xAB1C5ED5`);
909	P (A, B, C, D, E, F, G, H, W[ `8`], `0xD807AA98`);
910	P (H, A, B, C, D, E, F, G, W[ `9`], `0x12835B01`);
911	P (G, H, A, B, C, D, E, F, W[`10`], `0x243185BE`);
912	P (F, G, H, A, B, C, D, E, W[`11`], `0x550C7DC3`);
913	P (E, F, G, H, A, B, C, D, W[`12`], `0x72BE5D74`);
914	P (D, E, F, G, H, A, B, C, W[`13`], `0x80DEB1FE`);
915	P (C, D, E, F, G, H, A, B, W[`14`], `0x9BDC06A7`);
916	P (B, C, D, E, F, G, H, A, W[`15`], `0xC19BF174`);
917	P (A, B, C, D, E, F, G, H, R(`16`), `0xE49B69C1`);
918	P (H, A, B, C, D, E, F, G, R(`17`), `0xEFBE4786`);
919	P (G, H, A, B, C, D, E, F, R(`18`), `0x0FC19DC6`);
920	P (F, G, H, A, B, C, D, E, R(`19`), `0x240CA1CC`);
921	P (E, F, G, H, A, B, C, D, R(`20`), `0x2DE92C6F`);
922	P (D, E, F, G, H, A, B, C, R(`21`), `0x4A7484AA`);
923	P (C, D, E, F, G, H, A, B, R(`22`), `0x5CB0A9DC`);
924	P (B, C, D, E, F, G, H, A, R(`23`), `0x76F988DA`);
925	P (A, B, C, D, E, F, G, H, R(`24`), `0x983E5152`);
926	P (H, A, B, C, D, E, F, G, R(`25`), `0xA831C66D`);
927	P (G, H, A, B, C, D, E, F, R(`26`), `0xB00327C8`);
928	P (F, G, H, A, B, C, D, E, R(`27`), `0xBF597FC7`);
929	P (E, F, G, H, A, B, C, D, R(`28`), `0xC6E00BF3`);
930	P (D, E, F, G, H, A, B, C, R(`29`), `0xD5A79147`);
931	P (C, D, E, F, G, H, A, B, R(`30`), `0x06CA6351`);
932	P (B, C, D, E, F, G, H, A, R(`31`), `0x14292967`);
933	P (A, B, C, D, E, F, G, H, R(`32`), `0x27B70A85`);
934	P (H, A, B, C, D, E, F, G, R(`33`), `0x2E1B2138`);
935	P (G, H, A, B, C, D, E, F, R(`34`), `0x4D2C6DFC`);
936	P (F, G, H, A, B, C, D, E, R(`35`), `0x53380D13`);
937	P (E, F, G, H, A, B, C, D, R(`36`), `0x650A7354`);
938	P (D, E, F, G, H, A, B, C, R(`37`), `0x766A0ABB`);
939	P (C, D, E, F, G, H, A, B, R(`38`), `0x81C2C92E`);
940	P (B, C, D, E, F, G, H, A, R(`39`), `0x92722C85`);
941	P (A, B, C, D, E, F, G, H, R(`40`), `0xA2BFE8A1`);
942	P (H, A, B, C, D, E, F, G, R(`41`), `0xA81A664B`);
943	P (G, H, A, B, C, D, E, F, R(`42`), `0xC24B8B70`);
944	P (F, G, H, A, B, C, D, E, R(`43`), `0xC76C51A3`);
945	P (E, F, G, H, A, B, C, D, R(`44`), `0xD192E819`);
946	P (D, E, F, G, H, A, B, C, R(`45`), `0xD6990624`);
947	P (C, D, E, F, G, H, A, B, R(`46`), `0xF40E3585`);
948	P (B, C, D, E, F, G, H, A, R(`47`), `0x106AA070`);
949	P (A, B, C, D, E, F, G, H, R(`48`), `0x19A4C116`);
950	P (H, A, B, C, D, E, F, G, R(`49`), `0x1E376C08`);
951	P (G, H, A, B, C, D, E, F, R(`50`), `0x2748774C`);
952	P (F, G, H, A, B, C, D, E, R(`51`), `0x34B0BCB5`);
953	P (E, F, G, H, A, B, C, D, R(`52`), `0x391C0CB3`);
954	P (D, E, F, G, H, A, B, C, R(`53`), `0x4ED8AA4A`);
955	P (C, D, E, F, G, H, A, B, R(`54`), `0x5B9CCA4F`);
956	P (B, C, D, E, F, G, H, A, R(`55`), `0x682E6FF3`);
957	P (A, B, C, D, E, F, G, H, R(`56`), `0x748F82EE`);
958	P (H, A, B, C, D, E, F, G, R(`57`), `0x78A5636F`);
959	P (G, H, A, B, C, D, E, F, R(`58`), `0x84C87814`);
960	P (F, G, H, A, B, C, D, E, R(`59`), `0x8CC70208`);
961	P (E, F, G, H, A, B, C, D, R(`60`), `0x90BEFFFA`);
962	P (D, E, F, G, H, A, B, C, R(`61`), `0xA4506CEB`);
963	P (C, D, E, F, G, H, A, B, R(`62`), `0xBEF9A3F7`);
964	P (B, C, D, E, F, G, H, A, R(`63`), `0xC67178F2`);
965
966	#undef SHR
967	#undef ROTR
968	#undef S0
969	#undef S1
970	#undef S2
971	#undef S3
972	#undef F0
973	#undef F1
974	#undef R
975	#undef P
976
977	buf[`0`] += A;
978	buf[`1`] += B;
979	buf[`2`] += C;
980	buf[`3`] += D;
981	buf[`4`] += E;
982	buf[`5`] += F;
983	buf[`6`] += G;
984	buf[`7`] += H;
985	}
986
987	static void
988	sha256_sum_update (Sha256sum *sha256,
989	const guchar *buffer,
990	gsize length)
991	{
992	guint32 left, fill;
993	const guint8 *input = buffer;
994
995	if (length == `0`)
996	return;
997
998	left = sha256->bits[`0`] & `0x3F`;
999	fill = `64` - left;
1000
1001	sha256->bits[`0`] += length;
1002	sha256->bits[`0`] &= `0xFFFFFFFF`;
1003
1004	if (sha256->bits[`0`] < length)
1005	sha256->bits[`1`]++;
1006
1007	if (left > `0` && length >= fill)
1008	{
1009	memcpy (dest: (sha256->data + left), src: input, n: fill);
1010
1011	sha256_transform (buf: sha256->buf, data: sha256->data);
1012	length -= fill;
1013	input += fill;
1014
1015	left = `0`;
1016	}
1017
1018	while (length >= SHA256_DATASIZE)
1019	{
1020	sha256_transform (buf: sha256->buf, data: input);
1021
1022	length -= `64`;
1023	input += `64`;
1024	}
1025
1026	if (length)
1027	memcpy (dest: sha256->data + left, src: input, n: length);
1028	}
1029
1030	static guint8 sha256_padding[`64`] =
1031	{
1032	`0x80`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`,
1033	`0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`,
1034	`0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`,
1035	`0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`, `0`
1036	};
1037
1038	static void
1039	sha256_sum_close (Sha256sum *sha256)
1040	{
1041	guint32 last, padn;
1042	guint32 high, low;
1043	guint8 msglen[`8`];
1044
1045	high = (sha256->bits[`0`] >> `29`)
1046	\| (sha256->bits[`1`] << `3`);
1047	low = (sha256->bits[`0`] << `3`);
1048
1049	PUT_UINT32 (high, msglen, `0`);
1050	PUT_UINT32 (low, msglen, `4`);
1051
1052	last = sha256->bits[`0`] & `0x3F`;
1053	padn = (last < `56`) ? (`56` - last) : (`120` - last);
1054
1055	sha256_sum_update (sha256, buffer: sha256_padding, length: padn);
1056	sha256_sum_update (sha256, buffer: msglen, length: `8`);
1057
1058	PUT_UINT32 (sha256->buf[`0`], sha256->digest, `0`);
1059	PUT_UINT32 (sha256->buf[`1`], sha256->digest, `4`);
1060	PUT_UINT32 (sha256->buf[`2`], sha256->digest, `8`);
1061	PUT_UINT32 (sha256->buf[`3`], sha256->digest, `12`);
1062	PUT_UINT32 (sha256->buf[`4`], sha256->digest, `16`);
1063	PUT_UINT32 (sha256->buf[`5`], sha256->digest, `20`);
1064	PUT_UINT32 (sha256->buf[`6`], sha256->digest, `24`);
1065	PUT_UINT32 (sha256->buf[`7`], sha256->digest, `28`);
1066	}
1067
1068	#undef PUT_UINT32
1069	#undef GET_UINT32
1070
1071	static gchar *
1072	sha256_sum_to_string (Sha256sum *sha256)
1073	{
1074	return digest_to_string (digest: sha256->digest, SHA256_DIGEST_LEN);
1075	}
1076
1077	static void
1078	sha256_sum_digest (Sha256sum *sha256,
1079	guint8 *digest)
1080	{
1081	gint i;
1082
1083	for (i = `0`; i < SHA256_DIGEST_LEN; i++)
1084	digest[i] = sha256->digest[i];
1085	}
1086
1087	/*
1088	* SHA-384, SHA-512, SHA-512/224 and SHA-512/256 Checksums
1089	*
1090	* Implemented following FIPS-180-4 standard at
1091	* http://csrc.nist.gov/publications/fips/fips180-4/fips180-4.pdf.
1092	* References in the form [§x.y.z] map to sections in that document.
1093	*
1094	* Author(s): Eduardo Lima Mitev <elima@igalia.com>
1095	* Igor Gnatenko <ignatenko@src.gnome.org>
1096	*/
1097
1098	/ SHA-384, SHA-512, SHA-512/224 and SHA-512/256 functions [§4.1.3] /
1099	#define Ch(x,y,z) ((x & y) ^ (~x & z))
1100	#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
1101	#define SHR(n,x) (x >> n)
1102	#define ROTR(n,x) (SHR (n, x) \| (x << (64 - n)))
1103	#define SIGMA0(x) (ROTR (28, x) ^ ROTR (34, x) ^ ROTR (39, x))
1104	#define SIGMA1(x) (ROTR (14, x) ^ ROTR (18, x) ^ ROTR (41, x))
1105	#define sigma0(x) (ROTR ( 1, x) ^ ROTR ( 8, x) ^ SHR ( 7, x))
1106	#define sigma1(x) (ROTR (19, x) ^ ROTR (61, x) ^ SHR ( 6, x))
1107
1108	#define PUT_UINT64(n,b,i) G_STMT_START{ \
1109	(b)[(i) ] = (guint8) (n >> 56); \
1110	(b)[(i) + 1] = (guint8) (n >> 48); \
1111	(b)[(i) + 2] = (guint8) (n >> 40); \
1112	(b)[(i) + 3] = (guint8) (n >> 32); \
1113	(b)[(i) + 4] = (guint8) (n >> 24); \
1114	(b)[(i) + 5] = (guint8) (n >> 16); \
1115	(b)[(i) + 6] = (guint8) (n >> 8); \
1116	(b)[(i) + 7] = (guint8) (n ); } G_STMT_END
1117
1118	/ SHA-384 and SHA-512 constants [§4.2.3] /
1119	static const guint64 SHA2_K[`80`] = {
1120	G_GUINT64_CONSTANT (`0x428a2f98d728ae22`), G_GUINT64_CONSTANT (`0x7137449123ef65cd`),
1121	G_GUINT64_CONSTANT (`0xb5c0fbcfec4d3b2f`), G_GUINT64_CONSTANT (`0xe9b5dba58189dbbc`),
1122	G_GUINT64_CONSTANT (`0x3956c25bf348b538`), G_GUINT64_CONSTANT (`0x59f111f1b605d019`),
1123	G_GUINT64_CONSTANT (`0x923f82a4af194f9b`), G_GUINT64_CONSTANT (`0xab1c5ed5da6d8118`),
1124	G_GUINT64_CONSTANT (`0xd807aa98a3030242`), G_GUINT64_CONSTANT (`0x12835b0145706fbe`),
1125	G_GUINT64_CONSTANT (`0x243185be4ee4b28c`), G_GUINT64_CONSTANT (`0x550c7dc3d5ffb4e2`),
1126	G_GUINT64_CONSTANT (`0x72be5d74f27b896f`), G_GUINT64_CONSTANT (`0x80deb1fe3b1696b1`),
1127	G_GUINT64_CONSTANT (`0x9bdc06a725c71235`), G_GUINT64_CONSTANT (`0xc19bf174cf692694`),
1128	G_GUINT64_CONSTANT (`0xe49b69c19ef14ad2`), G_GUINT64_CONSTANT (`0xefbe4786384f25e3`),
1129	G_GUINT64_CONSTANT (`0x0fc19dc68b8cd5b5`), G_GUINT64_CONSTANT (`0x240ca1cc77ac9c65`),
1130	G_GUINT64_CONSTANT (`0x2de92c6f592b0275`), G_GUINT64_CONSTANT (`0x4a7484aa6ea6e483`),
1131	G_GUINT64_CONSTANT (`0x5cb0a9dcbd41fbd4`), G_GUINT64_CONSTANT (`0x76f988da831153b5`),
1132	G_GUINT64_CONSTANT (`0x983e5152ee66dfab`), G_GUINT64_CONSTANT (`0xa831c66d2db43210`),
1133	G_GUINT64_CONSTANT (`0xb00327c898fb213f`), G_GUINT64_CONSTANT (`0xbf597fc7beef0ee4`),
1134	G_GUINT64_CONSTANT (`0xc6e00bf33da88fc2`), G_GUINT64_CONSTANT (`0xd5a79147930aa725`),
1135	G_GUINT64_CONSTANT (`0x06ca6351e003826f`), G_GUINT64_CONSTANT (`0x142929670a0e6e70`),
1136	G_GUINT64_CONSTANT (`0x27b70a8546d22ffc`), G_GUINT64_CONSTANT (`0x2e1b21385c26c926`),
1137	G_GUINT64_CONSTANT (`0x4d2c6dfc5ac42aed`), G_GUINT64_CONSTANT (`0x53380d139d95b3df`),
1138	G_GUINT64_CONSTANT (`0x650a73548baf63de`), G_GUINT64_CONSTANT (`0x766a0abb3c77b2a8`),
1139	G_GUINT64_CONSTANT (`0x81c2c92e47edaee6`), G_GUINT64_CONSTANT (`0x92722c851482353b`),
1140	G_GUINT64_CONSTANT (`0xa2bfe8a14cf10364`), G_GUINT64_CONSTANT (`0xa81a664bbc423001`),
1141	G_GUINT64_CONSTANT (`0xc24b8b70d0f89791`), G_GUINT64_CONSTANT (`0xc76c51a30654be30`),
1142	G_GUINT64_CONSTANT (`0xd192e819d6ef5218`), G_GUINT64_CONSTANT (`0xd69906245565a910`),
1143	G_GUINT64_CONSTANT (`0xf40e35855771202a`), G_GUINT64_CONSTANT (`0x106aa07032bbd1b8`),
1144	G_GUINT64_CONSTANT (`0x19a4c116b8d2d0c8`), G_GUINT64_CONSTANT (`0x1e376c085141ab53`),
1145	G_GUINT64_CONSTANT (`0x2748774cdf8eeb99`), G_GUINT64_CONSTANT (`0x34b0bcb5e19b48a8`),
1146	G_GUINT64_CONSTANT (`0x391c0cb3c5c95a63`), G_GUINT64_CONSTANT (`0x4ed8aa4ae3418acb`),
1147	G_GUINT64_CONSTANT (`0x5b9cca4f7763e373`), G_GUINT64_CONSTANT (`0x682e6ff3d6b2b8a3`),
1148	G_GUINT64_CONSTANT (`0x748f82ee5defb2fc`), G_GUINT64_CONSTANT (`0x78a5636f43172f60`),
1149	G_GUINT64_CONSTANT (`0x84c87814a1f0ab72`), G_GUINT64_CONSTANT (`0x8cc702081a6439ec`),
1150	G_GUINT64_CONSTANT (`0x90befffa23631e28`), G_GUINT64_CONSTANT (`0xa4506cebde82bde9`),
1151	G_GUINT64_CONSTANT (`0xbef9a3f7b2c67915`), G_GUINT64_CONSTANT (`0xc67178f2e372532b`),
1152	G_GUINT64_CONSTANT (`0xca273eceea26619c`), G_GUINT64_CONSTANT (`0xd186b8c721c0c207`),
1153	G_GUINT64_CONSTANT (`0xeada7dd6cde0eb1e`), G_GUINT64_CONSTANT (`0xf57d4f7fee6ed178`),
1154	G_GUINT64_CONSTANT (`0x06f067aa72176fba`), G_GUINT64_CONSTANT (`0x0a637dc5a2c898a6`),
1155	G_GUINT64_CONSTANT (`0x113f9804bef90dae`), G_GUINT64_CONSTANT (`0x1b710b35131c471b`),
1156	G_GUINT64_CONSTANT (`0x28db77f523047d84`), G_GUINT64_CONSTANT (`0x32caab7b40c72493`),
1157	G_GUINT64_CONSTANT (`0x3c9ebe0a15c9bebc`), G_GUINT64_CONSTANT (`0x431d67c49c100d4c`),
1158	G_GUINT64_CONSTANT (`0x4cc5d4becb3e42b6`), G_GUINT64_CONSTANT (`0x597f299cfc657e2a`),
1159	G_GUINT64_CONSTANT (`0x5fcb6fab3ad6faec`), G_GUINT64_CONSTANT (`0x6c44198c4a475817`)
1160	};
1161
1162
1163	static void
1164	sha384_sum_init (Sha512sum *sha512)
1165	{
1166	/ Initial Hash Value [§5.3.4] /
1167	sha512->H[`0`] = G_GUINT64_CONSTANT (`0xcbbb9d5dc1059ed8`);
1168	sha512->H[`1`] = G_GUINT64_CONSTANT (`0x629a292a367cd507`);
1169	sha512->H[`2`] = G_GUINT64_CONSTANT (`0x9159015a3070dd17`);
1170	sha512->H[`3`] = G_GUINT64_CONSTANT (`0x152fecd8f70e5939`);
1171	sha512->H[`4`] = G_GUINT64_CONSTANT (`0x67332667ffc00b31`);
1172	sha512->H[`5`] = G_GUINT64_CONSTANT (`0x8eb44a8768581511`);
1173	sha512->H[`6`] = G_GUINT64_CONSTANT (`0xdb0c2e0d64f98fa7`);
1174	sha512->H[`7`] = G_GUINT64_CONSTANT (`0x47b5481dbefa4fa4`);
1175
1176	sha512->block_len = `0`;
1177
1178	sha512->data_len[`0`] = `0`;
1179	sha512->data_len[`1`] = `0`;
1180	}
1181
1182	static void
1183	sha512_sum_init (Sha512sum *sha512)
1184	{
1185	/ Initial Hash Value [§5.3.5] /
1186	sha512->H[`0`] = G_GUINT64_CONSTANT (`0x6a09e667f3bcc908`);
1187	sha512->H[`1`] = G_GUINT64_CONSTANT (`0xbb67ae8584caa73b`);
1188	sha512->H[`2`] = G_GUINT64_CONSTANT (`0x3c6ef372fe94f82b`);
1189	sha512->H[`3`] = G_GUINT64_CONSTANT (`0xa54ff53a5f1d36f1`);
1190	sha512->H[`4`] = G_GUINT64_CONSTANT (`0x510e527fade682d1`);
1191	sha512->H[`5`] = G_GUINT64_CONSTANT (`0x9b05688c2b3e6c1f`);
1192	sha512->H[`6`] = G_GUINT64_CONSTANT (`0x1f83d9abfb41bd6b`);
1193	sha512->H[`7`] = G_GUINT64_CONSTANT (`0x5be0cd19137e2179`);
1194
1195	sha512->block_len = `0`;
1196
1197	sha512->data_len[`0`] = `0`;
1198	sha512->data_len[`1`] = `0`;
1199	}
1200
1201	static void
1202	sha512_transform (guint64 H[`8`],
1203	guint8 const data[SHA2_BLOCK_LEN])
1204	{
1205	gint i;
1206	gint t;
1207	guint64 a, b, c, d, e, f, g, h;
1208	guint64 M[`16`];
1209	guint64 W[`80`];
1210
1211	/ SHA-512 hash computation [§6.4.2] /
1212
1213	/ prepare the message schedule /
1214	for (i = `0`; i < `16`; i++)
1215	{
1216	gint p = i * `8`;
1217
1218	M[i] =
1219	((guint64) data[p + `0`] << `56`) \|
1220	((guint64) data[p + `1`] << `48`) \|
1221	((guint64) data[p + `2`] << `40`) \|
1222	((guint64) data[p + `3`] << `32`) \|
1223	((guint64) data[p + `4`] << `24`) \|
1224	((guint64) data[p + `5`] << `16`) \|
1225	((guint64) data[p + `6`] << `8`) \|
1226	((guint64) data[p + `7`] );
1227	}
1228
1229	for (t = `0`; t < `80`; t++)
1230	if (t < `16`)
1231	W[t] = M[t];
1232	else
1233	W[t] = sigma1 (W[t - `2`]) + W[t - `7`] + sigma0 (W[t - `15`]) + W[t - `16`];
1234
1235	/ initialize the eight working variables /
1236	a = H[`0`];
1237	b = H[`1`];
1238	c = H[`2`];
1239	d = H[`3`];
1240	e = H[`4`];
1241	f = H[`5`];
1242	g = H[`6`];
1243	h = H[`7`];
1244
1245	for (t = `0`; t < `80`; t++)
1246	{
1247	guint64 T1, T2;
1248
1249	T1 = h + SIGMA1 (e) + Ch (e, f, g) + SHA2_K[t] + W[t];
1250	T2 = SIGMA0 (a) + Maj (a, b, c);
1251	h = g;
1252	g = f;
1253	f = e;
1254	e = d + T1;
1255	d = c;
1256	c = b;
1257	b = a;
1258	a = T1 + T2;
1259	}
1260
1261	/ Compute the intermediate hash value H /
1262	H[`0`] += a;
1263	H[`1`] += b;
1264	H[`2`] += c;
1265	H[`3`] += d;
1266	H[`4`] += e;
1267	H[`5`] += f;
1268	H[`6`] += g;
1269	H[`7`] += h;
1270	}
1271
1272	static void
1273	sha512_sum_update (Sha512sum *sha512,
1274	const guchar *buffer,
1275	gsize length)
1276	{
1277	gsize block_left, offset = `0`;
1278
1279	if (length == `0`)
1280	return;
1281
1282	sha512->data_len[`0`] += length * `8`;
1283	if (sha512->data_len[`0`] < length)
1284	sha512->data_len[`1`]++;
1285
1286	/ try to fill current block /
1287	block_left = SHA2_BLOCK_LEN - sha512->block_len;
1288	if (block_left > `0`)
1289	{
1290	gsize fill_len;
1291
1292	fill_len = MIN (block_left, length);
1293	memcpy (dest: sha512->block + sha512->block_len, src: buffer, n: fill_len);
1294	sha512->block_len += fill_len;
1295	length -= fill_len;
1296	offset += fill_len;
1297
1298	if (sha512->block_len == SHA2_BLOCK_LEN)
1299	{
1300	sha512_transform (H: sha512->H, data: sha512->block);
1301	sha512->block_len = `0`;
1302	}
1303	}
1304
1305	/ process complete blocks /
1306	while (length >= SHA2_BLOCK_LEN)
1307	{
1308	memcpy (dest: sha512->block, src: buffer + offset, SHA2_BLOCK_LEN);
1309
1310	sha512_transform (H: sha512->H, data: sha512->block);
1311
1312	length -= SHA2_BLOCK_LEN;
1313	offset += SHA2_BLOCK_LEN;
1314	}
1315
1316	/ keep remaining data for next block /
1317	if (length > `0`)
1318	{
1319	memcpy (dest: sha512->block, src: buffer + offset, n: length);
1320	sha512->block_len = length;
1321	}
1322	}
1323
1324	static void
1325	sha512_sum_close (Sha512sum *sha512)
1326	{
1327	guint l;
1328	gint zeros;
1329	guint8 pad[SHA2_BLOCK_LEN * `2`] = { `0`, };
1330	guint pad_len = `0`;
1331	gint i;
1332
1333	/ apply padding [§5.1.2] /
1334	l = sha512->block_len * `8`;
1335	zeros = `896` - (l + `1`);
1336
1337	if (zeros < `0`)
1338	zeros += `128` * `8`;
1339
1340	pad[`0`] = `0x80`; / 1000 0000 /
1341	zeros -= `7`;
1342	pad_len++;
1343
1344	memset (s: pad + pad_len, c: `0x00`, n: zeros / `8`);
1345	pad_len += zeros / `8`;
1346	zeros = zeros % `8`;
1347	(void) zeros; / don’t care about the dead store /
1348
1349	/ put message bit length at the end of padding /
1350	PUT_UINT64 (sha512->data_len[`1`], pad, pad_len);
1351	pad_len += `8`;
1352
1353	PUT_UINT64 (sha512->data_len[`0`], pad, pad_len);
1354	pad_len += `8`;
1355
1356	/ update checksum with the padded block /
1357	sha512_sum_update (sha512, buffer: pad, length: pad_len);
1358
1359	/ copy resulting 64-bit words into digest /
1360	for (i = `0`; i < `8`; i++)
1361	PUT_UINT64 (sha512->H[i], sha512->digest, i * `8`);
1362	}
1363
1364	static gchar *
1365	sha384_sum_to_string (Sha512sum *sha512)
1366	{
1367	return digest_to_string (digest: sha512->digest, SHA384_DIGEST_LEN);
1368	}
1369
1370	static gchar *
1371	sha512_sum_to_string (Sha512sum *sha512)
1372	{
1373	return digest_to_string (digest: sha512->digest, SHA512_DIGEST_LEN);
1374	}
1375
1376	static void
1377	sha384_sum_digest (Sha512sum *sha512,
1378	guint8 *digest)
1379	{
1380	memcpy (dest: digest, src: sha512->digest, SHA384_DIGEST_LEN);
1381	}
1382
1383	static void
1384	sha512_sum_digest (Sha512sum *sha512,
1385	guint8 *digest)
1386	{
1387	memcpy (dest: digest, src: sha512->digest, SHA512_DIGEST_LEN);
1388	}
1389
1390	#undef Ch
1391	#undef Maj
1392	#undef SHR
1393	#undef ROTR
1394	#undef SIGMA0
1395	#undef SIGMA1
1396	#undef sigma0
1397	#undef sigma1
1398
1399	#undef PUT_UINT64
1400
1401	/*
1402	* Public API
1403	*/
1404
1405	/**
1406	* g_checksum_type_get_length:
1407	* @checksum_type: a #GChecksumType
1408	*
1409	* Gets the length in bytes of digests of type @checksum_type
1410	*
1411	* Returns: the checksum length, or -1 if @checksum_type is
1412	* not supported.
1413	*
1414	* Since: 2.16
1415	*/
1416	gssize
1417	g_checksum_type_get_length (GChecksumType checksum_type)
1418	{
1419	gssize len = -`1`;
1420
1421	switch (checksum_type)
1422	{
1423	case G_CHECKSUM_MD5:
1424	len = MD5_DIGEST_LEN;
1425	break;
1426	case G_CHECKSUM_SHA1:
1427	len = SHA1_DIGEST_LEN;
1428	break;
1429	case G_CHECKSUM_SHA256:
1430	len = SHA256_DIGEST_LEN;
1431	break;
1432	case G_CHECKSUM_SHA384:
1433	len = SHA384_DIGEST_LEN;
1434	break;
1435	case G_CHECKSUM_SHA512:
1436	len = SHA512_DIGEST_LEN;
1437	break;
1438	default:
1439	len = -`1`;
1440	break;
1441	}
1442
1443	return len;
1444	}
1445
1446	/**
1447	* g_checksum_new:
1448	* @checksum_type: the desired type of checksum
1449	*
1450	* Creates a new #GChecksum, using the checksum algorithm @checksum_type.
1451	* If the @checksum_type is not known, %NULL is returned.
1452	* A #GChecksum can be used to compute the checksum, or digest, of an
1453	* arbitrary binary blob, using different hashing algorithms.
1454	*
1455	* A #GChecksum works by feeding a binary blob through g_checksum_update()
1456	* until there is data to be checked; the digest can then be extracted
1457	* using g_checksum_get_string(), which will return the checksum as a
1458	* hexadecimal string; or g_checksum_get_digest(), which will return a
1459	* vector of raw bytes. Once either g_checksum_get_string() or
1460	* g_checksum_get_digest() have been called on a #GChecksum, the checksum
1461	* will be closed and it won't be possible to call g_checksum_update()
1462	* on it anymore.
1463	*
1464	* Returns: (transfer full) (nullable): the newly created #GChecksum, or %NULL.
1465	* Use g_checksum_free() to free the memory allocated by it.
1466	*
1467	* Since: 2.16
1468	*/
1469	GChecksum *
1470	g_checksum_new (GChecksumType checksum_type)
1471	{
1472	GChecksum *checksum;
1473
1474	if (! IS_VALID_TYPE (checksum_type))
1475	return NULL;
1476
1477	checksum = g_slice_new0 (GChecksum);
1478	checksum->type = checksum_type;
1479
1480	g_checksum_reset (checksum);
1481
1482	return checksum;
1483	}
1484
1485	/**
1486	* g_checksum_reset:
1487	* @checksum: the #GChecksum to reset
1488	*
1489	* Resets the state of the @checksum back to its initial state.
1490	*
1491	* Since: 2.18
1492	**/
1493	void
1494	g_checksum_reset (GChecksum *checksum)
1495	{
1496	g_return_if_fail (checksum != NULL);
1497
1498	g_free (mem: checksum->digest_str);
1499	checksum->digest_str = NULL;
1500
1501	switch (checksum->type)
1502	{
1503	case G_CHECKSUM_MD5:
1504	md5_sum_init (md5: &(checksum->sum.md5));
1505	break;
1506	case G_CHECKSUM_SHA1:
1507	sha1_sum_init (sha1: &(checksum->sum.sha1));
1508	break;
1509	case G_CHECKSUM_SHA256:
1510	sha256_sum_init (sha256: &(checksum->sum.sha256));
1511	break;
1512	case G_CHECKSUM_SHA384:
1513	sha384_sum_init (sha512: &(checksum->sum.sha512));
1514	break;
1515	case G_CHECKSUM_SHA512:
1516	sha512_sum_init (sha512: &(checksum->sum.sha512));
1517	break;
1518	default:
1519	g_assert_not_reached ();
1520	break;
1521	}
1522	}
1523
1524	/**
1525	* g_checksum_copy:
1526	* @checksum: the #GChecksum to copy
1527	*
1528	* Copies a #GChecksum. If @checksum has been closed, by calling
1529	* g_checksum_get_string() or g_checksum_get_digest(), the copied
1530	* checksum will be closed as well.
1531	*
1532	* Returns: (transfer full): the copy of the passed #GChecksum. Use
1533	* g_checksum_free() when finished using it.
1534	*
1535	* Since: 2.16
1536	*/
1537	GChecksum *
1538	g_checksum_copy (const GChecksum *checksum)
1539	{
1540	GChecksum *copy;
1541
1542	g_return_val_if_fail (checksum != NULL, NULL);
1543
1544	copy = g_slice_new (GChecksum);
1545	copy = checksum;
1546
1547	copy->digest_str = g_strdup (str: checksum->digest_str);
1548
1549	return copy;
1550	}
1551
1552	/**
1553	* g_checksum_free:
1554	* @checksum: a #GChecksum
1555	*
1556	* Frees the memory allocated for @checksum.
1557	*
1558	* Since: 2.16
1559	*/
1560	void
1561	g_checksum_free (GChecksum *checksum)
1562	{
1563	if (G_LIKELY (checksum))
1564	{
1565	g_free (mem: checksum->digest_str);
1566
1567	g_slice_free (GChecksum, checksum);
1568	}
1569	}
1570
1571	/**
1572	* g_checksum_update:
1573	* @checksum: a #GChecksum
1574	* @data: (array length=length) (element-type guint8): buffer used to compute the checksum
1575	* @length: size of the buffer, or -1 if it is a null-terminated string.
1576	*
1577	* Feeds @data into an existing #GChecksum. The checksum must still be
1578	* open, that is g_checksum_get_string() or g_checksum_get_digest() must
1579	* not have been called on @checksum.
1580	*
1581	* Since: 2.16
1582	*/
1583	void
1584	g_checksum_update (GChecksum *checksum,
1585	const guchar *data,
1586	gssize length)
1587	{
1588	g_return_if_fail (checksum != NULL);
1589	g_return_if_fail (length == `0` \|\| data != NULL);
1590
1591	if (length < `0`)
1592	length = strlen (s: (const gchar *) data);
1593
1594	if (checksum->digest_str)
1595	{
1596	g_warning ("The checksum '%s' has been closed and cannot be updated "
1597	"anymore.",
1598	checksum->digest_str);
1599	return;
1600	}
1601
1602	switch (checksum->type)
1603	{
1604	case G_CHECKSUM_MD5:
1605	md5_sum_update (md5: &(checksum->sum.md5), data, length);
1606	break;
1607	case G_CHECKSUM_SHA1:
1608	sha1_sum_update (sha1: &(checksum->sum.sha1), buffer: data, count: length);
1609	break;
1610	case G_CHECKSUM_SHA256:
1611	sha256_sum_update (sha256: &(checksum->sum.sha256), buffer: data, length);
1612	break;
1613	case G_CHECKSUM_SHA384:
1614	case G_CHECKSUM_SHA512:
1615	sha512_sum_update (sha512: &(checksum->sum.sha512), buffer: data, length);
1616	break;
1617	default:
1618	g_assert_not_reached ();
1619	break;
1620	}
1621	}
1622
1623	/**
1624	* g_checksum_get_string:
1625	* @checksum: a #GChecksum
1626	*
1627	* Gets the digest as a hexadecimal string.
1628	*
1629	* Once this function has been called the #GChecksum can no longer be
1630	* updated with g_checksum_update().
1631	*
1632	* The hexadecimal characters will be lower case.
1633	*
1634	* Returns: the hexadecimal representation of the checksum. The
1635	* returned string is owned by the checksum and should not be modified
1636	* or freed.
1637	*
1638	* Since: 2.16
1639	*/
1640	const gchar *
1641	g_checksum_get_string (GChecksum *checksum)
1642	{
1643	gchar *str = NULL;
1644
1645	g_return_val_if_fail (checksum != NULL, NULL);
1646
1647	if (checksum->digest_str)
1648	return checksum->digest_str;
1649
1650	switch (checksum->type)
1651	{
1652	case G_CHECKSUM_MD5:
1653	md5_sum_close (md5: &(checksum->sum.md5));
1654	str = md5_sum_to_string (md5: &(checksum->sum.md5));
1655	break;
1656	case G_CHECKSUM_SHA1:
1657	sha1_sum_close (sha1: &(checksum->sum.sha1));
1658	str = sha1_sum_to_string (sha1: &(checksum->sum.sha1));
1659	break;
1660	case G_CHECKSUM_SHA256:
1661	sha256_sum_close (sha256: &(checksum->sum.sha256));
1662	str = sha256_sum_to_string (sha256: &(checksum->sum.sha256));
1663	break;
1664	case G_CHECKSUM_SHA384:
1665	sha512_sum_close (sha512: &(checksum->sum.sha512));
1666	str = sha384_sum_to_string (sha512: &(checksum->sum.sha512));
1667	break;
1668	case G_CHECKSUM_SHA512:
1669	sha512_sum_close (sha512: &(checksum->sum.sha512));
1670	str = sha512_sum_to_string (sha512: &(checksum->sum.sha512));
1671	break;
1672	default:
1673	g_assert_not_reached ();
1674	break;
1675	}
1676
1677	checksum->digest_str = str;
1678
1679	return checksum->digest_str;
1680	}
1681
1682	/**
1683	* g_checksum_get_digest: (skip)
1684	* @checksum: a #GChecksum
1685	* @buffer: (array length=digest_len): output buffer
1686	* @digest_len: (inout): an inout parameter. The caller initializes it to the size of @buffer.
1687	* After the call it contains the length of the digest.
1688	*
1689	* Gets the digest from @checksum as a raw binary vector and places it
1690	* into @buffer. The size of the digest depends on the type of checksum.
1691	*
1692	* Once this function has been called, the #GChecksum is closed and can
1693	* no longer be updated with g_checksum_update().
1694	*
1695	* Since: 2.16
1696	*/
1697	void
1698	g_checksum_get_digest (GChecksum *checksum,
1699	guint8 *buffer,
1700	gsize *digest_len)
1701	{
1702	gboolean checksum_open = FALSE;
1703	gchar *str = NULL;
1704	gsize len;
1705
1706	g_return_if_fail (checksum != NULL);
1707
1708	len = g_checksum_type_get_length (checksum_type: checksum->type);
1709	g_return_if_fail (*digest_len >= len);
1710
1711	checksum_open = !!(checksum->digest_str == NULL);
1712
1713	switch (checksum->type)
1714	{
1715	case G_CHECKSUM_MD5:
1716	if (checksum_open)
1717	{
1718	md5_sum_close (md5: &(checksum->sum.md5));
1719	str = md5_sum_to_string (md5: &(checksum->sum.md5));
1720	}
1721	md5_sum_digest (md5: &(checksum->sum.md5), digest: buffer);
1722	break;
1723	case G_CHECKSUM_SHA1:
1724	if (checksum_open)
1725	{
1726	sha1_sum_close (sha1: &(checksum->sum.sha1));
1727	str = sha1_sum_to_string (sha1: &(checksum->sum.sha1));
1728	}
1729	sha1_sum_digest (sha1: &(checksum->sum.sha1), digest: buffer);
1730	break;
1731	case G_CHECKSUM_SHA256:
1732	if (checksum_open)
1733	{
1734	sha256_sum_close (sha256: &(checksum->sum.sha256));
1735	str = sha256_sum_to_string (sha256: &(checksum->sum.sha256));
1736	}
1737	sha256_sum_digest (sha256: &(checksum->sum.sha256), digest: buffer);
1738	break;
1739	case G_CHECKSUM_SHA384:
1740	if (checksum_open)
1741	{
1742	sha512_sum_close (sha512: &(checksum->sum.sha512));
1743	str = sha384_sum_to_string (sha512: &(checksum->sum.sha512));
1744	}
1745	sha384_sum_digest (sha512: &(checksum->sum.sha512), digest: buffer);
1746	break;
1747	case G_CHECKSUM_SHA512:
1748	if (checksum_open)
1749	{
1750	sha512_sum_close (sha512: &(checksum->sum.sha512));
1751	str = sha512_sum_to_string (sha512: &(checksum->sum.sha512));
1752	}
1753	sha512_sum_digest (sha512: &(checksum->sum.sha512), digest: buffer);
1754	break;
1755	default:
1756	g_assert_not_reached ();
1757	break;
1758	}
1759
1760	if (str)
1761	checksum->digest_str = str;
1762
1763	*digest_len = len;
1764	}
1765
1766	/**
1767	* g_compute_checksum_for_data:
1768	* @checksum_type: a #GChecksumType
1769	* @data: (array length=length) (element-type guint8): binary blob to compute the digest of
1770	* @length: length of @data
1771	*
1772	* Computes the checksum for a binary @data of @length. This is a
1773	* convenience wrapper for g_checksum_new(), g_checksum_get_string()
1774	* and g_checksum_free().
1775	*
1776	* The hexadecimal string returned will be in lower case.
1777	*
1778	* Returns: (transfer full) (nullable): the digest of the binary data as a
1779	* string in hexadecimal, or %NULL if g_checksum_new() fails for
1780	* @checksum_type. The returned string should be freed with g_free() when
1781	* done using it.
1782	*
1783	* Since: 2.16
1784	*/
1785	gchar *
1786	g_compute_checksum_for_data (GChecksumType checksum_type,
1787	const guchar *data,
1788	gsize length)
1789	{
1790	GChecksum *checksum;
1791	gchar *retval;
1792
1793	g_return_val_if_fail (length == `0` \|\| data != NULL, NULL);
1794
1795	checksum = g_checksum_new (checksum_type);
1796	if (!checksum)
1797	return NULL;
1798
1799	g_checksum_update (checksum, data, length);
1800	retval = g_strdup (str: g_checksum_get_string (checksum));
1801	g_checksum_free (checksum);
1802
1803	return retval;
1804	}
1805
1806	/**
1807	* g_compute_checksum_for_string:
1808	* @checksum_type: a #GChecksumType
1809	* @str: the string to compute the checksum of
1810	* @length: the length of the string, or -1 if the string is null-terminated.
1811	*
1812	* Computes the checksum of a string.
1813	*
1814	* The hexadecimal string returned will be in lower case.
1815	*
1816	* Returns: (transfer full) (nullable): the checksum as a hexadecimal string,
1817	* or %NULL if g_checksum_new() fails for @checksum_type. The returned string
1818	* should be freed with g_free() when done using it.
1819	*
1820	* Since: 2.16
1821	*/
1822	gchar *
1823	g_compute_checksum_for_string (GChecksumType checksum_type,
1824	const gchar *str,
1825	gssize length)
1826	{
1827	g_return_val_if_fail (length == `0` \|\| str != NULL, NULL);
1828
1829	if (length < `0`)
1830	length = strlen (s: str);
1831
1832	return g_compute_checksum_for_data (checksum_type, data: (const guchar *) str, length);
1833	}
1834
1835	/**
1836	* g_compute_checksum_for_bytes:
1837	* @checksum_type: a #GChecksumType
1838	* @data: binary blob to compute the digest of
1839	*
1840	* Computes the checksum for a binary @data. This is a
1841	* convenience wrapper for g_checksum_new(), g_checksum_get_string()
1842	* and g_checksum_free().
1843	*
1844	* The hexadecimal string returned will be in lower case.
1845	*
1846	* Returns: (transfer full) (nullable): the digest of the binary data as a
1847	* string in hexadecimal, or %NULL if g_checksum_new() fails for
1848	* @checksum_type. The returned string should be freed with g_free() when
1849	* done using it.
1850	*
1851	* Since: 2.34
1852	*/
1853	gchar *
1854	g_compute_checksum_for_bytes (GChecksumType checksum_type,
1855	GBytes *data)
1856	{
1857	gconstpointer byte_data;
1858	gsize length;
1859
1860	g_return_val_if_fail (data != NULL, NULL);
1861
1862	byte_data = g_bytes_get_data (bytes: data, size: &length);
1863	return g_compute_checksum_for_data (checksum_type, data: byte_data, length);
1864	}
1865

source code of gtk/subprojects/glib/glib/gchecksum.c