1 | /* gchecksum.h - data hashing functions |
2 | * |
3 | * Copyright (C) 2007 Emmanuele Bassi <ebassi@gnome.org> |
4 | * |
5 | * This library is free software; you can redistribute it and/or |
6 | * modify it under the terms of the GNU Lesser General Public |
7 | * License as published by the Free Software Foundation; either |
8 | * version 2.1 of the License, or (at your option) any later version. |
9 | * |
10 | * This library is distributed in the hope that it will be useful, |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | * Lesser General Public License for more details. |
14 | * |
15 | * You should have received a copy of the GNU Lesser General Public License |
16 | * along with this library; if not, see <http://www.gnu.org/licenses/>. |
17 | */ |
18 | |
19 | #include "config.h" |
20 | |
21 | #include <string.h> |
22 | |
23 | #include "gchecksum.h" |
24 | |
25 | #include "gslice.h" |
26 | #include "gmem.h" |
27 | #include "gstrfuncs.h" |
28 | #include "gtestutils.h" |
29 | #include "gtypes.h" |
30 | #include "glibintl.h" |
31 | |
32 | |
33 | /** |
34 | * SECTION:checksum |
35 | * @title: Data Checksums |
36 | * @short_description: computes the checksum for data |
37 | * |
38 | * GLib provides a generic API for computing checksums (or "digests") |
39 | * for a sequence of arbitrary bytes, using various hashing algorithms |
40 | * like MD5, SHA-1 and SHA-256. Checksums are commonly used in various |
41 | * environments and specifications. |
42 | * |
43 | * GLib supports incremental checksums using the GChecksum data |
44 | * structure, by calling g_checksum_update() as long as there's data |
45 | * available and then using g_checksum_get_string() or |
46 | * g_checksum_get_digest() to compute the checksum and return it either |
47 | * as a string in hexadecimal form, or as a raw sequence of bytes. To |
48 | * compute the checksum for binary blobs and NUL-terminated strings in |
49 | * one go, use the convenience functions g_compute_checksum_for_data() |
50 | * and g_compute_checksum_for_string(), respectively. |
51 | * |
52 | * Support for checksums has been added in GLib 2.16 |
53 | **/ |
54 | |
55 | #define IS_VALID_TYPE(type) ((type) >= G_CHECKSUM_MD5 && (type) <= G_CHECKSUM_SHA384) |
56 | |
57 | /* The fact that these are lower case characters is part of the ABI */ |
58 | static const gchar hex_digits[] = "0123456789abcdef" ; |
59 | |
60 | #define MD5_DATASIZE 64 |
61 | #define MD5_DIGEST_LEN 16 |
62 | |
63 | typedef struct |
64 | { |
65 | guint32 buf[4]; |
66 | guint32 bits[2]; |
67 | |
68 | union { |
69 | guchar data[MD5_DATASIZE]; |
70 | guint32 data32[MD5_DATASIZE / 4]; |
71 | } u; |
72 | |
73 | guchar digest[MD5_DIGEST_LEN]; |
74 | } Md5sum; |
75 | |
76 | #define SHA1_DATASIZE 64 |
77 | #define SHA1_DIGEST_LEN 20 |
78 | |
79 | typedef struct |
80 | { |
81 | guint32 buf[5]; |
82 | guint32 bits[2]; |
83 | |
84 | /* we pack 64 unsigned chars into 16 32-bit unsigned integers */ |
85 | guint32 data[16]; |
86 | |
87 | guchar digest[SHA1_DIGEST_LEN]; |
88 | } Sha1sum; |
89 | |
90 | #define SHA256_DATASIZE 64 |
91 | #define SHA256_DIGEST_LEN 32 |
92 | |
93 | typedef struct |
94 | { |
95 | guint32 buf[8]; |
96 | guint32 bits[2]; |
97 | |
98 | guint8 data[SHA256_DATASIZE]; |
99 | |
100 | guchar digest[SHA256_DIGEST_LEN]; |
101 | } Sha256sum; |
102 | |
103 | /* SHA2 is common thing for SHA-384, SHA-512, SHA-512/224 and SHA-512/256 */ |
104 | #define SHA2_BLOCK_LEN 128 /* 1024 bits message block */ |
105 | #define SHA384_DIGEST_LEN 48 |
106 | #define SHA512_DIGEST_LEN 64 |
107 | |
108 | typedef struct |
109 | { |
110 | guint64 H[8]; |
111 | |
112 | guint8 block[SHA2_BLOCK_LEN]; |
113 | guint8 block_len; |
114 | |
115 | guint64 data_len[2]; |
116 | |
117 | guchar digest[SHA512_DIGEST_LEN]; |
118 | } Sha512sum; |
119 | |
120 | struct _GChecksum |
121 | { |
122 | GChecksumType type; |
123 | |
124 | gchar *digest_str; |
125 | |
126 | union { |
127 | Md5sum md5; |
128 | Sha1sum sha1; |
129 | Sha256sum sha256; |
130 | Sha512sum sha512; |
131 | } sum; |
132 | }; |
133 | |
134 | /* we need different byte swapping functions because MD5 expects buffers |
135 | * to be little-endian, while SHA1 and SHA256 expect them in big-endian |
136 | * form. |
137 | */ |
138 | |
139 | #if G_BYTE_ORDER == G_LITTLE_ENDIAN |
140 | #define md5_byte_reverse(buffer,length) |
141 | #else |
142 | /* assume that the passed buffer is integer aligned */ |
143 | static inline void |
144 | md5_byte_reverse (guchar *buffer, |
145 | gulong length) |
146 | { |
147 | guint32 bit; |
148 | |
149 | do |
150 | { |
151 | bit = (guint32) ((unsigned) buffer[3] << 8 | buffer[2]) << 16 | |
152 | ((unsigned) buffer[1] << 8 | buffer[0]); |
153 | * (guint32 *) buffer = bit; |
154 | buffer += 4; |
155 | } |
156 | while (--length); |
157 | } |
158 | #endif /* G_BYTE_ORDER == G_LITTLE_ENDIAN */ |
159 | |
160 | #if G_BYTE_ORDER == G_BIG_ENDIAN |
161 | #define sha_byte_reverse(buffer,length) |
162 | #else |
163 | static inline void |
164 | sha_byte_reverse (guint32 *buffer, |
165 | gint length) |
166 | { |
167 | length /= sizeof (guint32); |
168 | while (length--) |
169 | { |
170 | *buffer = GUINT32_SWAP_LE_BE (*buffer); |
171 | ++buffer; |
172 | } |
173 | } |
174 | #endif /* G_BYTE_ORDER == G_BIG_ENDIAN */ |
175 | |
176 | static gchar * |
177 | digest_to_string (guint8 *digest, |
178 | gsize digest_len) |
179 | { |
180 | gsize i, len = digest_len * 2; |
181 | gchar *retval; |
182 | |
183 | retval = g_new (gchar, len + 1); |
184 | |
185 | for (i = 0; i < digest_len; i++) |
186 | { |
187 | guint8 byte = digest[i]; |
188 | |
189 | retval[2 * i] = hex_digits[byte >> 4]; |
190 | retval[2 * i + 1] = hex_digits[byte & 0xf]; |
191 | } |
192 | |
193 | retval[len] = 0; |
194 | |
195 | return retval; |
196 | } |
197 | |
198 | /* |
199 | * MD5 Checksum |
200 | */ |
201 | |
202 | /* This MD5 digest computation is based on the equivalent code |
203 | * written by Colin Plumb. It came with this notice: |
204 | * |
205 | * This code implements the MD5 message-digest algorithm. |
206 | * The algorithm is due to Ron Rivest. This code was |
207 | * written by Colin Plumb in 1993, no copyright is claimed. |
208 | * This code is in the public domain; do with it what you wish. |
209 | * |
210 | * Equivalent code is available from RSA Data Security, Inc. |
211 | * This code has been tested against that, and is equivalent, |
212 | * except that you don't need to include two pages of legalese |
213 | * with every copy. |
214 | */ |
215 | |
216 | static void |
217 | md5_sum_init (Md5sum *md5) |
218 | { |
219 | /* arbitrary constants */ |
220 | md5->buf[0] = 0x67452301; |
221 | md5->buf[1] = 0xefcdab89; |
222 | md5->buf[2] = 0x98badcfe; |
223 | md5->buf[3] = 0x10325476; |
224 | |
225 | md5->bits[0] = md5->bits[1] = 0; |
226 | } |
227 | |
228 | /* |
229 | * The core of the MD5 algorithm, this alters an existing MD5 hash to |
230 | * reflect the addition of 16 longwords of new data. md5_sum_update() |
231 | * blocks the data and converts bytes into longwords for this routine. |
232 | */ |
233 | static void |
234 | md5_transform (guint32 buf[4], |
235 | guint32 const in[16]) |
236 | { |
237 | guint32 a, b, c, d; |
238 | |
239 | /* The four core functions - F1 is optimized somewhat */ |
240 | #define F1(x, y, z) (z ^ (x & (y ^ z))) |
241 | #define F2(x, y, z) F1 (z, x, y) |
242 | #define F3(x, y, z) (x ^ y ^ z) |
243 | #define F4(x, y, z) (y ^ (x | ~z)) |
244 | |
245 | /* This is the central step in the MD5 algorithm. */ |
246 | #define md5_step(f, w, x, y, z, data, s) \ |
247 | ( w += f (x, y, z) + data, w = w << s | w >> (32 - s), w += x ) |
248 | |
249 | a = buf[0]; |
250 | b = buf[1]; |
251 | c = buf[2]; |
252 | d = buf[3]; |
253 | |
254 | md5_step (F1, a, b, c, d, in[0] + 0xd76aa478, 7); |
255 | md5_step (F1, d, a, b, c, in[1] + 0xe8c7b756, 12); |
256 | md5_step (F1, c, d, a, b, in[2] + 0x242070db, 17); |
257 | md5_step (F1, b, c, d, a, in[3] + 0xc1bdceee, 22); |
258 | md5_step (F1, a, b, c, d, in[4] + 0xf57c0faf, 7); |
259 | md5_step (F1, d, a, b, c, in[5] + 0x4787c62a, 12); |
260 | md5_step (F1, c, d, a, b, in[6] + 0xa8304613, 17); |
261 | md5_step (F1, b, c, d, a, in[7] + 0xfd469501, 22); |
262 | md5_step (F1, a, b, c, d, in[8] + 0x698098d8, 7); |
263 | md5_step (F1, d, a, b, c, in[9] + 0x8b44f7af, 12); |
264 | md5_step (F1, c, d, a, b, in[10] + 0xffff5bb1, 17); |
265 | md5_step (F1, b, c, d, a, in[11] + 0x895cd7be, 22); |
266 | md5_step (F1, a, b, c, d, in[12] + 0x6b901122, 7); |
267 | md5_step (F1, d, a, b, c, in[13] + 0xfd987193, 12); |
268 | md5_step (F1, c, d, a, b, in[14] + 0xa679438e, 17); |
269 | md5_step (F1, b, c, d, a, in[15] + 0x49b40821, 22); |
270 | |
271 | md5_step (F2, a, b, c, d, in[1] + 0xf61e2562, 5); |
272 | md5_step (F2, d, a, b, c, in[6] + 0xc040b340, 9); |
273 | md5_step (F2, c, d, a, b, in[11] + 0x265e5a51, 14); |
274 | md5_step (F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); |
275 | md5_step (F2, a, b, c, d, in[5] + 0xd62f105d, 5); |
276 | md5_step (F2, d, a, b, c, in[10] + 0x02441453, 9); |
277 | md5_step (F2, c, d, a, b, in[15] + 0xd8a1e681, 14); |
278 | md5_step (F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); |
279 | md5_step (F2, a, b, c, d, in[9] + 0x21e1cde6, 5); |
280 | md5_step (F2, d, a, b, c, in[14] + 0xc33707d6, 9); |
281 | md5_step (F2, c, d, a, b, in[3] + 0xf4d50d87, 14); |
282 | md5_step (F2, b, c, d, a, in[8] + 0x455a14ed, 20); |
283 | md5_step (F2, a, b, c, d, in[13] + 0xa9e3e905, 5); |
284 | md5_step (F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); |
285 | md5_step (F2, c, d, a, b, in[7] + 0x676f02d9, 14); |
286 | md5_step (F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); |
287 | |
288 | md5_step (F3, a, b, c, d, in[5] + 0xfffa3942, 4); |
289 | md5_step (F3, d, a, b, c, in[8] + 0x8771f681, 11); |
290 | md5_step (F3, c, d, a, b, in[11] + 0x6d9d6122, 16); |
291 | md5_step (F3, b, c, d, a, in[14] + 0xfde5380c, 23); |
292 | md5_step (F3, a, b, c, d, in[1] + 0xa4beea44, 4); |
293 | md5_step (F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); |
294 | md5_step (F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); |
295 | md5_step (F3, b, c, d, a, in[10] + 0xbebfbc70, 23); |
296 | md5_step (F3, a, b, c, d, in[13] + 0x289b7ec6, 4); |
297 | md5_step (F3, d, a, b, c, in[0] + 0xeaa127fa, 11); |
298 | md5_step (F3, c, d, a, b, in[3] + 0xd4ef3085, 16); |
299 | md5_step (F3, b, c, d, a, in[6] + 0x04881d05, 23); |
300 | md5_step (F3, a, b, c, d, in[9] + 0xd9d4d039, 4); |
301 | md5_step (F3, d, a, b, c, in[12] + 0xe6db99e5, 11); |
302 | md5_step (F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); |
303 | md5_step (F3, b, c, d, a, in[2] + 0xc4ac5665, 23); |
304 | |
305 | md5_step (F4, a, b, c, d, in[0] + 0xf4292244, 6); |
306 | md5_step (F4, d, a, b, c, in[7] + 0x432aff97, 10); |
307 | md5_step (F4, c, d, a, b, in[14] + 0xab9423a7, 15); |
308 | md5_step (F4, b, c, d, a, in[5] + 0xfc93a039, 21); |
309 | md5_step (F4, a, b, c, d, in[12] + 0x655b59c3, 6); |
310 | md5_step (F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); |
311 | md5_step (F4, c, d, a, b, in[10] + 0xffeff47d, 15); |
312 | md5_step (F4, b, c, d, a, in[1] + 0x85845dd1, 21); |
313 | md5_step (F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); |
314 | md5_step (F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); |
315 | md5_step (F4, c, d, a, b, in[6] + 0xa3014314, 15); |
316 | md5_step (F4, b, c, d, a, in[13] + 0x4e0811a1, 21); |
317 | md5_step (F4, a, b, c, d, in[4] + 0xf7537e82, 6); |
318 | md5_step (F4, d, a, b, c, in[11] + 0xbd3af235, 10); |
319 | md5_step (F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); |
320 | md5_step (F4, b, c, d, a, in[9] + 0xeb86d391, 21); |
321 | |
322 | buf[0] += a; |
323 | buf[1] += b; |
324 | buf[2] += c; |
325 | buf[3] += d; |
326 | |
327 | #undef F1 |
328 | #undef F2 |
329 | #undef F3 |
330 | #undef F4 |
331 | #undef md5_step |
332 | } |
333 | |
334 | static void |
335 | md5_sum_update (Md5sum *md5, |
336 | const guchar *data, |
337 | gsize length) |
338 | { |
339 | guint32 bit; |
340 | |
341 | bit = md5->bits[0]; |
342 | md5->bits[0] = bit + ((guint32) length << 3); |
343 | |
344 | /* carry from low to high */ |
345 | if (md5->bits[0] < bit) |
346 | md5->bits[1] += 1; |
347 | |
348 | md5->bits[1] += length >> 29; |
349 | |
350 | /* bytes already in Md5sum->u.data */ |
351 | bit = (bit >> 3) & 0x3f; |
352 | |
353 | /* handle any leading odd-sized chunks */ |
354 | if (bit) |
355 | { |
356 | guchar *p = md5->u.data + bit; |
357 | |
358 | bit = MD5_DATASIZE - bit; |
359 | if (length < bit) |
360 | { |
361 | memcpy (dest: p, src: data, n: length); |
362 | return; |
363 | } |
364 | |
365 | memcpy (dest: p, src: data, n: bit); |
366 | |
367 | md5_byte_reverse (md5->u.data, 16); |
368 | md5_transform (buf: md5->buf, in: md5->u.data32); |
369 | |
370 | data += bit; |
371 | length -= bit; |
372 | } |
373 | |
374 | /* process data in 64-byte chunks */ |
375 | while (length >= MD5_DATASIZE) |
376 | { |
377 | memcpy (dest: md5->u.data, src: data, MD5_DATASIZE); |
378 | |
379 | md5_byte_reverse (md5->u.data, 16); |
380 | md5_transform (buf: md5->buf, in: md5->u.data32); |
381 | |
382 | data += MD5_DATASIZE; |
383 | length -= MD5_DATASIZE; |
384 | } |
385 | |
386 | /* handle any remaining bytes of data */ |
387 | memcpy (dest: md5->u.data, src: data, n: length); |
388 | } |
389 | |
390 | /* closes a checksum */ |
391 | static void |
392 | md5_sum_close (Md5sum *md5) |
393 | { |
394 | guint count; |
395 | guchar *p; |
396 | |
397 | /* Compute number of bytes mod 64 */ |
398 | count = (md5->bits[0] >> 3) & 0x3F; |
399 | |
400 | /* Set the first char of padding to 0x80. |
401 | * This is safe since there is always at least one byte free |
402 | */ |
403 | p = md5->u.data + count; |
404 | *p++ = 0x80; |
405 | |
406 | /* Bytes of padding needed to make 64 bytes */ |
407 | count = MD5_DATASIZE - 1 - count; |
408 | |
409 | /* Pad out to 56 mod 64 */ |
410 | if (count < 8) |
411 | { |
412 | /* Two lots of padding: Pad the first block to 64 bytes */ |
413 | memset (s: p, c: 0, n: count); |
414 | |
415 | md5_byte_reverse (md5->u.data, 16); |
416 | md5_transform (buf: md5->buf, in: md5->u.data32); |
417 | |
418 | /* Now fill the next block with 56 bytes */ |
419 | memset (s: md5->u.data, c: 0, MD5_DATASIZE - 8); |
420 | } |
421 | else |
422 | { |
423 | /* Pad block to 56 bytes */ |
424 | memset (s: p, c: 0, n: count - 8); |
425 | } |
426 | |
427 | md5_byte_reverse (md5->u.data, 14); |
428 | |
429 | /* Append length in bits and transform */ |
430 | md5->u.data32[14] = md5->bits[0]; |
431 | md5->u.data32[15] = md5->bits[1]; |
432 | |
433 | md5_transform (buf: md5->buf, in: md5->u.data32); |
434 | md5_byte_reverse ((guchar *) md5->buf, 4); |
435 | |
436 | memcpy (dest: md5->digest, src: md5->buf, n: 16); |
437 | |
438 | /* Reset buffers in case they contain sensitive data */ |
439 | memset (s: md5->buf, c: 0, n: sizeof (md5->buf)); |
440 | memset (s: md5->u.data, c: 0, n: sizeof (md5->u.data)); |
441 | } |
442 | |
443 | static gchar * |
444 | md5_sum_to_string (Md5sum *md5) |
445 | { |
446 | return digest_to_string (digest: md5->digest, MD5_DIGEST_LEN); |
447 | } |
448 | |
449 | static void |
450 | md5_sum_digest (Md5sum *md5, |
451 | guint8 *digest) |
452 | { |
453 | gint i; |
454 | |
455 | for (i = 0; i < MD5_DIGEST_LEN; i++) |
456 | digest[i] = md5->digest[i]; |
457 | } |
458 | |
459 | /* |
460 | * SHA-1 Checksum |
461 | */ |
462 | |
463 | /* The following implementation comes from D-Bus dbus-sha.c. I've changed |
464 | * it to use GLib types and to work more like the MD5 implementation above. |
465 | * I left the comments to have a history of this code. |
466 | * -- Emmanuele Bassi, ebassi@gnome.org |
467 | */ |
468 | |
469 | /* The following comments have the history of where this code |
470 | * comes from. I actually copied it from GNet in GNOME CVS. |
471 | * - hp@redhat.com |
472 | */ |
473 | |
474 | /* |
475 | * sha.h : Implementation of the Secure Hash Algorithm |
476 | * |
477 | * Part of the Python Cryptography Toolkit, version 1.0.0 |
478 | * |
479 | * Copyright (C) 1995, A.M. Kuchling |
480 | * |
481 | * Distribute and use freely; there are no restrictions on further |
482 | * dissemination and usage except those imposed by the laws of your |
483 | * country of residence. |
484 | * |
485 | */ |
486 | |
487 | /* SHA: NIST's Secure Hash Algorithm */ |
488 | |
489 | /* Based on SHA code originally posted to sci.crypt by Peter Gutmann |
490 | in message <30ajo5$oe8@ccu2.auckland.ac.nz>. |
491 | Modified to test for endianness on creation of SHA objects by AMK. |
492 | Also, the original specification of SHA was found to have a weakness |
493 | by NSA/NIST. This code implements the fixed version of SHA. |
494 | */ |
495 | |
496 | /* Here's the first paragraph of Peter Gutmann's posting: |
497 | |
498 | The following is my SHA (FIPS 180) code updated to allow use of the "fixed" |
499 | SHA, thanks to Jim Gillogly and an anonymous contributor for the information on |
500 | what's changed in the new version. The fix is a simple change which involves |
501 | adding a single rotate in the initial expansion function. It is unknown |
502 | whether this is an optimal solution to the problem which was discovered in the |
503 | SHA or whether it's simply a bandaid which fixes the problem with a minimum of |
504 | effort (for example the reengineering of a great many Capstone chips). |
505 | */ |
506 | |
507 | static void |
508 | sha1_sum_init (Sha1sum *sha1) |
509 | { |
510 | /* initialize constants */ |
511 | sha1->buf[0] = 0x67452301L; |
512 | sha1->buf[1] = 0xEFCDAB89L; |
513 | sha1->buf[2] = 0x98BADCFEL; |
514 | sha1->buf[3] = 0x10325476L; |
515 | sha1->buf[4] = 0xC3D2E1F0L; |
516 | |
517 | /* initialize bits */ |
518 | sha1->bits[0] = sha1->bits[1] = 0; |
519 | } |
520 | |
521 | /* The SHA f()-functions. */ |
522 | |
523 | #define f1(x,y,z) (z ^ (x & (y ^ z))) /* Rounds 0-19 */ |
524 | #define f2(x,y,z) (x ^ y ^ z) /* Rounds 20-39 */ |
525 | #define f3(x,y,z) (( x & y) | (z & (x | y))) /* Rounds 40-59 */ |
526 | #define f4(x,y,z) (x ^ y ^ z) /* Rounds 60-79 */ |
527 | |
528 | /* The SHA Mysterious Constants */ |
529 | #define K1 0x5A827999L /* Rounds 0-19 */ |
530 | #define K2 0x6ED9EBA1L /* Rounds 20-39 */ |
531 | #define K3 0x8F1BBCDCL /* Rounds 40-59 */ |
532 | #define K4 0xCA62C1D6L /* Rounds 60-79 */ |
533 | |
534 | /* 32-bit rotate left - kludged with shifts */ |
535 | #define ROTL(n,X) (((X) << n ) | ((X) >> (32 - n))) |
536 | |
537 | /* The initial expanding function. The hash function is defined over an |
538 | 80-word expanded input array W, where the first 16 are copies of the input |
539 | data, and the remaining 64 are defined by |
540 | |
541 | W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ] |
542 | |
543 | This implementation generates these values on the fly in a circular |
544 | buffer - thanks to Colin Plumb, colin@nyx10.cs.du.edu for this |
545 | optimization. |
546 | |
547 | The updated SHA changes the expanding function by adding a rotate of 1 |
548 | bit. Thanks to Jim Gillogly, jim@rand.org, and an anonymous contributor |
549 | for this information */ |
550 | |
551 | #define expand(W,i) (W[ i & 15 ] = ROTL (1, (W[ i & 15] ^ \ |
552 | W[(i - 14) & 15] ^ \ |
553 | W[(i - 8) & 15] ^ \ |
554 | W[(i - 3) & 15]))) |
555 | |
556 | |
557 | /* The prototype SHA sub-round. The fundamental sub-round is: |
558 | |
559 | a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data; |
560 | b' = a; |
561 | c' = ROTL( 30, b ); |
562 | d' = c; |
563 | e' = d; |
564 | |
565 | but this is implemented by unrolling the loop 5 times and renaming the |
566 | variables ( e, a, b, c, d ) = ( a', b', c', d', e' ) each iteration. |
567 | This code is then replicated 20 times for each of the 4 functions, using |
568 | the next 20 values from the W[] array each time */ |
569 | |
570 | #define subRound(a, b, c, d, e, f, k, data) \ |
571 | (e += ROTL (5, a) + f(b, c, d) + k + data, b = ROTL (30, b)) |
572 | |
573 | static void |
574 | sha1_transform (guint32 buf[5], |
575 | guint32 in[16]) |
576 | { |
577 | guint32 A, B, C, D, E; |
578 | |
579 | A = buf[0]; |
580 | B = buf[1]; |
581 | C = buf[2]; |
582 | D = buf[3]; |
583 | E = buf[4]; |
584 | |
585 | /* Heavy mangling, in 4 sub-rounds of 20 iterations each. */ |
586 | subRound (A, B, C, D, E, f1, K1, in[0]); |
587 | subRound (E, A, B, C, D, f1, K1, in[1]); |
588 | subRound (D, E, A, B, C, f1, K1, in[2]); |
589 | subRound (C, D, E, A, B, f1, K1, in[3]); |
590 | subRound (B, C, D, E, A, f1, K1, in[4]); |
591 | subRound (A, B, C, D, E, f1, K1, in[5]); |
592 | subRound (E, A, B, C, D, f1, K1, in[6]); |
593 | subRound (D, E, A, B, C, f1, K1, in[7]); |
594 | subRound (C, D, E, A, B, f1, K1, in[8]); |
595 | subRound (B, C, D, E, A, f1, K1, in[9]); |
596 | subRound (A, B, C, D, E, f1, K1, in[10]); |
597 | subRound (E, A, B, C, D, f1, K1, in[11]); |
598 | subRound (D, E, A, B, C, f1, K1, in[12]); |
599 | subRound (C, D, E, A, B, f1, K1, in[13]); |
600 | subRound (B, C, D, E, A, f1, K1, in[14]); |
601 | subRound (A, B, C, D, E, f1, K1, in[15]); |
602 | subRound (E, A, B, C, D, f1, K1, expand (in, 16)); |
603 | subRound (D, E, A, B, C, f1, K1, expand (in, 17)); |
604 | subRound (C, D, E, A, B, f1, K1, expand (in, 18)); |
605 | subRound (B, C, D, E, A, f1, K1, expand (in, 19)); |
606 | |
607 | subRound (A, B, C, D, E, f2, K2, expand (in, 20)); |
608 | subRound (E, A, B, C, D, f2, K2, expand (in, 21)); |
609 | subRound (D, E, A, B, C, f2, K2, expand (in, 22)); |
610 | subRound (C, D, E, A, B, f2, K2, expand (in, 23)); |
611 | subRound (B, C, D, E, A, f2, K2, expand (in, 24)); |
612 | subRound (A, B, C, D, E, f2, K2, expand (in, 25)); |
613 | subRound (E, A, B, C, D, f2, K2, expand (in, 26)); |
614 | subRound (D, E, A, B, C, f2, K2, expand (in, 27)); |
615 | subRound (C, D, E, A, B, f2, K2, expand (in, 28)); |
616 | subRound (B, C, D, E, A, f2, K2, expand (in, 29)); |
617 | subRound (A, B, C, D, E, f2, K2, expand (in, 30)); |
618 | subRound (E, A, B, C, D, f2, K2, expand (in, 31)); |
619 | subRound (D, E, A, B, C, f2, K2, expand (in, 32)); |
620 | subRound (C, D, E, A, B, f2, K2, expand (in, 33)); |
621 | subRound (B, C, D, E, A, f2, K2, expand (in, 34)); |
622 | subRound (A, B, C, D, E, f2, K2, expand (in, 35)); |
623 | subRound (E, A, B, C, D, f2, K2, expand (in, 36)); |
624 | subRound (D, E, A, B, C, f2, K2, expand (in, 37)); |
625 | subRound (C, D, E, A, B, f2, K2, expand (in, 38)); |
626 | subRound (B, C, D, E, A, f2, K2, expand (in, 39)); |
627 | |
628 | subRound (A, B, C, D, E, f3, K3, expand (in, 40)); |
629 | subRound (E, A, B, C, D, f3, K3, expand (in, 41)); |
630 | subRound (D, E, A, B, C, f3, K3, expand (in, 42)); |
631 | subRound (C, D, E, A, B, f3, K3, expand (in, 43)); |
632 | subRound (B, C, D, E, A, f3, K3, expand (in, 44)); |
633 | subRound (A, B, C, D, E, f3, K3, expand (in, 45)); |
634 | subRound (E, A, B, C, D, f3, K3, expand (in, 46)); |
635 | subRound (D, E, A, B, C, f3, K3, expand (in, 47)); |
636 | subRound (C, D, E, A, B, f3, K3, expand (in, 48)); |
637 | subRound (B, C, D, E, A, f3, K3, expand (in, 49)); |
638 | subRound (A, B, C, D, E, f3, K3, expand (in, 50)); |
639 | subRound (E, A, B, C, D, f3, K3, expand (in, 51)); |
640 | subRound (D, E, A, B, C, f3, K3, expand (in, 52)); |
641 | subRound (C, D, E, A, B, f3, K3, expand (in, 53)); |
642 | subRound (B, C, D, E, A, f3, K3, expand (in, 54)); |
643 | subRound (A, B, C, D, E, f3, K3, expand (in, 55)); |
644 | subRound (E, A, B, C, D, f3, K3, expand (in, 56)); |
645 | subRound (D, E, A, B, C, f3, K3, expand (in, 57)); |
646 | subRound (C, D, E, A, B, f3, K3, expand (in, 58)); |
647 | subRound (B, C, D, E, A, f3, K3, expand (in, 59)); |
648 | |
649 | subRound (A, B, C, D, E, f4, K4, expand (in, 60)); |
650 | subRound (E, A, B, C, D, f4, K4, expand (in, 61)); |
651 | subRound (D, E, A, B, C, f4, K4, expand (in, 62)); |
652 | subRound (C, D, E, A, B, f4, K4, expand (in, 63)); |
653 | subRound (B, C, D, E, A, f4, K4, expand (in, 64)); |
654 | subRound (A, B, C, D, E, f4, K4, expand (in, 65)); |
655 | subRound (E, A, B, C, D, f4, K4, expand (in, 66)); |
656 | subRound (D, E, A, B, C, f4, K4, expand (in, 67)); |
657 | subRound (C, D, E, A, B, f4, K4, expand (in, 68)); |
658 | subRound (B, C, D, E, A, f4, K4, expand (in, 69)); |
659 | subRound (A, B, C, D, E, f4, K4, expand (in, 70)); |
660 | subRound (E, A, B, C, D, f4, K4, expand (in, 71)); |
661 | subRound (D, E, A, B, C, f4, K4, expand (in, 72)); |
662 | subRound (C, D, E, A, B, f4, K4, expand (in, 73)); |
663 | subRound (B, C, D, E, A, f4, K4, expand (in, 74)); |
664 | subRound (A, B, C, D, E, f4, K4, expand (in, 75)); |
665 | subRound (E, A, B, C, D, f4, K4, expand (in, 76)); |
666 | subRound (D, E, A, B, C, f4, K4, expand (in, 77)); |
667 | subRound (C, D, E, A, B, f4, K4, expand (in, 78)); |
668 | subRound (B, C, D, E, A, f4, K4, expand (in, 79)); |
669 | |
670 | /* Build message digest */ |
671 | buf[0] += A; |
672 | buf[1] += B; |
673 | buf[2] += C; |
674 | buf[3] += D; |
675 | buf[4] += E; |
676 | } |
677 | |
678 | #undef K1 |
679 | #undef K2 |
680 | #undef K3 |
681 | #undef K4 |
682 | #undef f1 |
683 | #undef f2 |
684 | #undef f3 |
685 | #undef f4 |
686 | #undef ROTL |
687 | #undef expand |
688 | #undef subRound |
689 | |
690 | static void |
691 | sha1_sum_update (Sha1sum *sha1, |
692 | const guchar *buffer, |
693 | gsize count) |
694 | { |
695 | guint32 tmp; |
696 | guint dataCount; |
697 | |
698 | /* Update bitcount */ |
699 | tmp = sha1->bits[0]; |
700 | if ((sha1->bits[0] = tmp + ((guint32) count << 3) ) < tmp) |
701 | sha1->bits[1] += 1; /* Carry from low to high */ |
702 | sha1->bits[1] += count >> 29; |
703 | |
704 | /* Get count of bytes already in data */ |
705 | dataCount = (guint) (tmp >> 3) & 0x3F; |
706 | |
707 | /* Handle any leading odd-sized chunks */ |
708 | if (dataCount) |
709 | { |
710 | guchar *p = (guchar *) sha1->data + dataCount; |
711 | |
712 | dataCount = SHA1_DATASIZE - dataCount; |
713 | if (count < dataCount) |
714 | { |
715 | memcpy (dest: p, src: buffer, n: count); |
716 | return; |
717 | } |
718 | |
719 | memcpy (dest: p, src: buffer, n: dataCount); |
720 | |
721 | sha_byte_reverse (buffer: sha1->data, SHA1_DATASIZE); |
722 | sha1_transform (buf: sha1->buf, in: sha1->data); |
723 | |
724 | buffer += dataCount; |
725 | count -= dataCount; |
726 | } |
727 | |
728 | /* Process data in SHA1_DATASIZE chunks */ |
729 | while (count >= SHA1_DATASIZE) |
730 | { |
731 | memcpy (dest: sha1->data, src: buffer, SHA1_DATASIZE); |
732 | |
733 | sha_byte_reverse (buffer: sha1->data, SHA1_DATASIZE); |
734 | sha1_transform (buf: sha1->buf, in: sha1->data); |
735 | |
736 | buffer += SHA1_DATASIZE; |
737 | count -= SHA1_DATASIZE; |
738 | } |
739 | |
740 | /* Handle any remaining bytes of data. */ |
741 | memcpy (dest: sha1->data, src: buffer, n: count); |
742 | } |
743 | |
744 | /* Final wrapup - pad to SHA_DATASIZE-byte boundary with the bit pattern |
745 | 1 0* (64-bit count of bits processed, MSB-first) */ |
746 | static void |
747 | sha1_sum_close (Sha1sum *sha1) |
748 | { |
749 | gint count; |
750 | guchar *data_p; |
751 | |
752 | /* Compute number of bytes mod 64 */ |
753 | count = (gint) ((sha1->bits[0] >> 3) & 0x3f); |
754 | |
755 | /* Set the first char of padding to 0x80. This is safe since there is |
756 | always at least one byte free */ |
757 | data_p = (guchar *) sha1->data + count; |
758 | *data_p++ = 0x80; |
759 | |
760 | /* Bytes of padding needed to make 64 bytes */ |
761 | count = SHA1_DATASIZE - 1 - count; |
762 | |
763 | /* Pad out to 56 mod 64 */ |
764 | if (count < 8) |
765 | { |
766 | /* Two lots of padding: Pad the first block to 64 bytes */ |
767 | memset (s: data_p, c: 0, n: count); |
768 | |
769 | sha_byte_reverse (buffer: sha1->data, SHA1_DATASIZE); |
770 | sha1_transform (buf: sha1->buf, in: sha1->data); |
771 | |
772 | /* Now fill the next block with 56 bytes */ |
773 | memset (s: sha1->data, c: 0, SHA1_DATASIZE - 8); |
774 | } |
775 | else |
776 | { |
777 | /* Pad block to 56 bytes */ |
778 | memset (s: data_p, c: 0, n: count - 8); |
779 | } |
780 | |
781 | /* Append length in bits and transform */ |
782 | sha1->data[14] = sha1->bits[1]; |
783 | sha1->data[15] = sha1->bits[0]; |
784 | |
785 | sha_byte_reverse (buffer: sha1->data, SHA1_DATASIZE - 8); |
786 | sha1_transform (buf: sha1->buf, in: sha1->data); |
787 | sha_byte_reverse (buffer: sha1->buf, SHA1_DIGEST_LEN); |
788 | |
789 | memcpy (dest: sha1->digest, src: sha1->buf, SHA1_DIGEST_LEN); |
790 | |
791 | /* Reset buffers in case they contain sensitive data */ |
792 | memset (s: sha1->buf, c: 0, n: sizeof (sha1->buf)); |
793 | memset (s: sha1->data, c: 0, n: sizeof (sha1->data)); |
794 | } |
795 | |
796 | static gchar * |
797 | sha1_sum_to_string (Sha1sum *sha1) |
798 | { |
799 | return digest_to_string (digest: sha1->digest, SHA1_DIGEST_LEN); |
800 | } |
801 | |
802 | static void |
803 | sha1_sum_digest (Sha1sum *sha1, |
804 | guint8 *digest) |
805 | { |
806 | gint i; |
807 | |
808 | for (i = 0; i < SHA1_DIGEST_LEN; i++) |
809 | digest[i] = sha1->digest[i]; |
810 | } |
811 | |
812 | /* |
813 | * SHA-256 Checksum |
814 | */ |
815 | |
816 | /* adapted from the SHA256 implementation in gsk/src/hash/gskhash.c. |
817 | * |
818 | * Copyright (C) 2006 Dave Benson |
819 | * Released under the terms of the GNU Lesser General Public License |
820 | */ |
821 | |
822 | static void |
823 | sha256_sum_init (Sha256sum *sha256) |
824 | { |
825 | sha256->buf[0] = 0x6a09e667; |
826 | sha256->buf[1] = 0xbb67ae85; |
827 | sha256->buf[2] = 0x3c6ef372; |
828 | sha256->buf[3] = 0xa54ff53a; |
829 | sha256->buf[4] = 0x510e527f; |
830 | sha256->buf[5] = 0x9b05688c; |
831 | sha256->buf[6] = 0x1f83d9ab; |
832 | sha256->buf[7] = 0x5be0cd19; |
833 | |
834 | sha256->bits[0] = sha256->bits[1] = 0; |
835 | } |
836 | |
837 | #define GET_UINT32(n,b,i) G_STMT_START{ \ |
838 | (n) = ((guint32) (b)[(i) ] << 24) \ |
839 | | ((guint32) (b)[(i) + 1] << 16) \ |
840 | | ((guint32) (b)[(i) + 2] << 8) \ |
841 | | ((guint32) (b)[(i) + 3] ); } G_STMT_END |
842 | |
843 | #define PUT_UINT32(n,b,i) G_STMT_START{ \ |
844 | (b)[(i) ] = (guint8) ((n) >> 24); \ |
845 | (b)[(i) + 1] = (guint8) ((n) >> 16); \ |
846 | (b)[(i) + 2] = (guint8) ((n) >> 8); \ |
847 | (b)[(i) + 3] = (guint8) ((n) ); } G_STMT_END |
848 | |
849 | static void |
850 | sha256_transform (guint32 buf[8], |
851 | guint8 const data[64]) |
852 | { |
853 | guint32 temp1, temp2, W[64]; |
854 | guint32 A, B, C, D, E, F, G, H; |
855 | |
856 | GET_UINT32 (W[0], data, 0); |
857 | GET_UINT32 (W[1], data, 4); |
858 | GET_UINT32 (W[2], data, 8); |
859 | GET_UINT32 (W[3], data, 12); |
860 | GET_UINT32 (W[4], data, 16); |
861 | GET_UINT32 (W[5], data, 20); |
862 | GET_UINT32 (W[6], data, 24); |
863 | GET_UINT32 (W[7], data, 28); |
864 | GET_UINT32 (W[8], data, 32); |
865 | GET_UINT32 (W[9], data, 36); |
866 | GET_UINT32 (W[10], data, 40); |
867 | GET_UINT32 (W[11], data, 44); |
868 | GET_UINT32 (W[12], data, 48); |
869 | GET_UINT32 (W[13], data, 52); |
870 | GET_UINT32 (W[14], data, 56); |
871 | GET_UINT32 (W[15], data, 60); |
872 | |
873 | #define SHR(x,n) ((x & 0xFFFFFFFF) >> n) |
874 | #define ROTR(x,n) (SHR (x,n) | (x << (32 - n))) |
875 | |
876 | #define S0(x) (ROTR (x, 7) ^ ROTR (x,18) ^ SHR (x, 3)) |
877 | #define S1(x) (ROTR (x,17) ^ ROTR (x,19) ^ SHR (x,10)) |
878 | #define S2(x) (ROTR (x, 2) ^ ROTR (x,13) ^ ROTR (x,22)) |
879 | #define S3(x) (ROTR (x, 6) ^ ROTR (x,11) ^ ROTR (x,25)) |
880 | |
881 | #define F0(x,y,z) ((x & y) | (z & (x | y))) |
882 | #define F1(x,y,z) (z ^ (x & (y ^ z))) |
883 | |
884 | #define R(t) (W[t] = S1(W[t - 2]) + W[t - 7] + \ |
885 | S0(W[t - 15]) + W[t - 16]) |
886 | |
887 | #define P(a,b,c,d,e,f,g,h,x,K) G_STMT_START { \ |
888 | temp1 = h + S3(e) + F1(e,f,g) + K + x; \ |
889 | temp2 = S2(a) + F0(a,b,c); \ |
890 | d += temp1; h = temp1 + temp2; } G_STMT_END |
891 | |
892 | A = buf[0]; |
893 | B = buf[1]; |
894 | C = buf[2]; |
895 | D = buf[3]; |
896 | E = buf[4]; |
897 | F = buf[5]; |
898 | G = buf[6]; |
899 | H = buf[7]; |
900 | |
901 | P (A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98); |
902 | P (H, A, B, C, D, E, F, G, W[ 1], 0x71374491); |
903 | P (G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF); |
904 | P (F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5); |
905 | P (E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B); |
906 | P (D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1); |
907 | P (C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4); |
908 | P (B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5); |
909 | P (A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98); |
910 | P (H, A, B, C, D, E, F, G, W[ 9], 0x12835B01); |
911 | P (G, H, A, B, C, D, E, F, W[10], 0x243185BE); |
912 | P (F, G, H, A, B, C, D, E, W[11], 0x550C7DC3); |
913 | P (E, F, G, H, A, B, C, D, W[12], 0x72BE5D74); |
914 | P (D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE); |
915 | P (C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7); |
916 | P (B, C, D, E, F, G, H, A, W[15], 0xC19BF174); |
917 | P (A, B, C, D, E, F, G, H, R(16), 0xE49B69C1); |
918 | P (H, A, B, C, D, E, F, G, R(17), 0xEFBE4786); |
919 | P (G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6); |
920 | P (F, G, H, A, B, C, D, E, R(19), 0x240CA1CC); |
921 | P (E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F); |
922 | P (D, E, F, G, H, A, B, C, R(21), 0x4A7484AA); |
923 | P (C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC); |
924 | P (B, C, D, E, F, G, H, A, R(23), 0x76F988DA); |
925 | P (A, B, C, D, E, F, G, H, R(24), 0x983E5152); |
926 | P (H, A, B, C, D, E, F, G, R(25), 0xA831C66D); |
927 | P (G, H, A, B, C, D, E, F, R(26), 0xB00327C8); |
928 | P (F, G, H, A, B, C, D, E, R(27), 0xBF597FC7); |
929 | P (E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3); |
930 | P (D, E, F, G, H, A, B, C, R(29), 0xD5A79147); |
931 | P (C, D, E, F, G, H, A, B, R(30), 0x06CA6351); |
932 | P (B, C, D, E, F, G, H, A, R(31), 0x14292967); |
933 | P (A, B, C, D, E, F, G, H, R(32), 0x27B70A85); |
934 | P (H, A, B, C, D, E, F, G, R(33), 0x2E1B2138); |
935 | P (G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC); |
936 | P (F, G, H, A, B, C, D, E, R(35), 0x53380D13); |
937 | P (E, F, G, H, A, B, C, D, R(36), 0x650A7354); |
938 | P (D, E, F, G, H, A, B, C, R(37), 0x766A0ABB); |
939 | P (C, D, E, F, G, H, A, B, R(38), 0x81C2C92E); |
940 | P (B, C, D, E, F, G, H, A, R(39), 0x92722C85); |
941 | P (A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1); |
942 | P (H, A, B, C, D, E, F, G, R(41), 0xA81A664B); |
943 | P (G, H, A, B, C, D, E, F, R(42), 0xC24B8B70); |
944 | P (F, G, H, A, B, C, D, E, R(43), 0xC76C51A3); |
945 | P (E, F, G, H, A, B, C, D, R(44), 0xD192E819); |
946 | P (D, E, F, G, H, A, B, C, R(45), 0xD6990624); |
947 | P (C, D, E, F, G, H, A, B, R(46), 0xF40E3585); |
948 | P (B, C, D, E, F, G, H, A, R(47), 0x106AA070); |
949 | P (A, B, C, D, E, F, G, H, R(48), 0x19A4C116); |
950 | P (H, A, B, C, D, E, F, G, R(49), 0x1E376C08); |
951 | P (G, H, A, B, C, D, E, F, R(50), 0x2748774C); |
952 | P (F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5); |
953 | P (E, F, G, H, A, B, C, D, R(52), 0x391C0CB3); |
954 | P (D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A); |
955 | P (C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F); |
956 | P (B, C, D, E, F, G, H, A, R(55), 0x682E6FF3); |
957 | P (A, B, C, D, E, F, G, H, R(56), 0x748F82EE); |
958 | P (H, A, B, C, D, E, F, G, R(57), 0x78A5636F); |
959 | P (G, H, A, B, C, D, E, F, R(58), 0x84C87814); |
960 | P (F, G, H, A, B, C, D, E, R(59), 0x8CC70208); |
961 | P (E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA); |
962 | P (D, E, F, G, H, A, B, C, R(61), 0xA4506CEB); |
963 | P (C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7); |
964 | P (B, C, D, E, F, G, H, A, R(63), 0xC67178F2); |
965 | |
966 | #undef SHR |
967 | #undef ROTR |
968 | #undef S0 |
969 | #undef S1 |
970 | #undef S2 |
971 | #undef S3 |
972 | #undef F0 |
973 | #undef F1 |
974 | #undef R |
975 | #undef P |
976 | |
977 | buf[0] += A; |
978 | buf[1] += B; |
979 | buf[2] += C; |
980 | buf[3] += D; |
981 | buf[4] += E; |
982 | buf[5] += F; |
983 | buf[6] += G; |
984 | buf[7] += H; |
985 | } |
986 | |
987 | static void |
988 | sha256_sum_update (Sha256sum *sha256, |
989 | const guchar *buffer, |
990 | gsize length) |
991 | { |
992 | guint32 left, fill; |
993 | const guint8 *input = buffer; |
994 | |
995 | if (length == 0) |
996 | return; |
997 | |
998 | left = sha256->bits[0] & 0x3F; |
999 | fill = 64 - left; |
1000 | |
1001 | sha256->bits[0] += length; |
1002 | sha256->bits[0] &= 0xFFFFFFFF; |
1003 | |
1004 | if (sha256->bits[0] < length) |
1005 | sha256->bits[1]++; |
1006 | |
1007 | if (left > 0 && length >= fill) |
1008 | { |
1009 | memcpy (dest: (sha256->data + left), src: input, n: fill); |
1010 | |
1011 | sha256_transform (buf: sha256->buf, data: sha256->data); |
1012 | length -= fill; |
1013 | input += fill; |
1014 | |
1015 | left = 0; |
1016 | } |
1017 | |
1018 | while (length >= SHA256_DATASIZE) |
1019 | { |
1020 | sha256_transform (buf: sha256->buf, data: input); |
1021 | |
1022 | length -= 64; |
1023 | input += 64; |
1024 | } |
1025 | |
1026 | if (length) |
1027 | memcpy (dest: sha256->data + left, src: input, n: length); |
1028 | } |
1029 | |
1030 | static guint8 sha256_padding[64] = |
1031 | { |
1032 | 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, |
1033 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, |
1034 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, |
1035 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 |
1036 | }; |
1037 | |
1038 | static void |
1039 | sha256_sum_close (Sha256sum *sha256) |
1040 | { |
1041 | guint32 last, padn; |
1042 | guint32 high, low; |
1043 | guint8 msglen[8]; |
1044 | |
1045 | high = (sha256->bits[0] >> 29) |
1046 | | (sha256->bits[1] << 3); |
1047 | low = (sha256->bits[0] << 3); |
1048 | |
1049 | PUT_UINT32 (high, msglen, 0); |
1050 | PUT_UINT32 (low, msglen, 4); |
1051 | |
1052 | last = sha256->bits[0] & 0x3F; |
1053 | padn = (last < 56) ? (56 - last) : (120 - last); |
1054 | |
1055 | sha256_sum_update (sha256, buffer: sha256_padding, length: padn); |
1056 | sha256_sum_update (sha256, buffer: msglen, length: 8); |
1057 | |
1058 | PUT_UINT32 (sha256->buf[0], sha256->digest, 0); |
1059 | PUT_UINT32 (sha256->buf[1], sha256->digest, 4); |
1060 | PUT_UINT32 (sha256->buf[2], sha256->digest, 8); |
1061 | PUT_UINT32 (sha256->buf[3], sha256->digest, 12); |
1062 | PUT_UINT32 (sha256->buf[4], sha256->digest, 16); |
1063 | PUT_UINT32 (sha256->buf[5], sha256->digest, 20); |
1064 | PUT_UINT32 (sha256->buf[6], sha256->digest, 24); |
1065 | PUT_UINT32 (sha256->buf[7], sha256->digest, 28); |
1066 | } |
1067 | |
1068 | #undef PUT_UINT32 |
1069 | #undef GET_UINT32 |
1070 | |
1071 | static gchar * |
1072 | sha256_sum_to_string (Sha256sum *sha256) |
1073 | { |
1074 | return digest_to_string (digest: sha256->digest, SHA256_DIGEST_LEN); |
1075 | } |
1076 | |
1077 | static void |
1078 | sha256_sum_digest (Sha256sum *sha256, |
1079 | guint8 *digest) |
1080 | { |
1081 | gint i; |
1082 | |
1083 | for (i = 0; i < SHA256_DIGEST_LEN; i++) |
1084 | digest[i] = sha256->digest[i]; |
1085 | } |
1086 | |
1087 | /* |
1088 | * SHA-384, SHA-512, SHA-512/224 and SHA-512/256 Checksums |
1089 | * |
1090 | * Implemented following FIPS-180-4 standard at |
1091 | * http://csrc.nist.gov/publications/fips/fips180-4/fips180-4.pdf. |
1092 | * References in the form [§x.y.z] map to sections in that document. |
1093 | * |
1094 | * Author(s): Eduardo Lima Mitev <elima@igalia.com> |
1095 | * Igor Gnatenko <ignatenko@src.gnome.org> |
1096 | */ |
1097 | |
1098 | /* SHA-384, SHA-512, SHA-512/224 and SHA-512/256 functions [§4.1.3] */ |
1099 | #define Ch(x,y,z) ((x & y) ^ (~x & z)) |
1100 | #define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z)) |
1101 | #define SHR(n,x) (x >> n) |
1102 | #define ROTR(n,x) (SHR (n, x) | (x << (64 - n))) |
1103 | #define SIGMA0(x) (ROTR (28, x) ^ ROTR (34, x) ^ ROTR (39, x)) |
1104 | #define SIGMA1(x) (ROTR (14, x) ^ ROTR (18, x) ^ ROTR (41, x)) |
1105 | #define sigma0(x) (ROTR ( 1, x) ^ ROTR ( 8, x) ^ SHR ( 7, x)) |
1106 | #define sigma1(x) (ROTR (19, x) ^ ROTR (61, x) ^ SHR ( 6, x)) |
1107 | |
1108 | #define PUT_UINT64(n,b,i) G_STMT_START{ \ |
1109 | (b)[(i) ] = (guint8) (n >> 56); \ |
1110 | (b)[(i) + 1] = (guint8) (n >> 48); \ |
1111 | (b)[(i) + 2] = (guint8) (n >> 40); \ |
1112 | (b)[(i) + 3] = (guint8) (n >> 32); \ |
1113 | (b)[(i) + 4] = (guint8) (n >> 24); \ |
1114 | (b)[(i) + 5] = (guint8) (n >> 16); \ |
1115 | (b)[(i) + 6] = (guint8) (n >> 8); \ |
1116 | (b)[(i) + 7] = (guint8) (n ); } G_STMT_END |
1117 | |
1118 | /* SHA-384 and SHA-512 constants [§4.2.3] */ |
1119 | static const guint64 SHA2_K[80] = { |
1120 | G_GUINT64_CONSTANT (0x428a2f98d728ae22), G_GUINT64_CONSTANT (0x7137449123ef65cd), |
1121 | G_GUINT64_CONSTANT (0xb5c0fbcfec4d3b2f), G_GUINT64_CONSTANT (0xe9b5dba58189dbbc), |
1122 | G_GUINT64_CONSTANT (0x3956c25bf348b538), G_GUINT64_CONSTANT (0x59f111f1b605d019), |
1123 | G_GUINT64_CONSTANT (0x923f82a4af194f9b), G_GUINT64_CONSTANT (0xab1c5ed5da6d8118), |
1124 | G_GUINT64_CONSTANT (0xd807aa98a3030242), G_GUINT64_CONSTANT (0x12835b0145706fbe), |
1125 | G_GUINT64_CONSTANT (0x243185be4ee4b28c), G_GUINT64_CONSTANT (0x550c7dc3d5ffb4e2), |
1126 | G_GUINT64_CONSTANT (0x72be5d74f27b896f), G_GUINT64_CONSTANT (0x80deb1fe3b1696b1), |
1127 | G_GUINT64_CONSTANT (0x9bdc06a725c71235), G_GUINT64_CONSTANT (0xc19bf174cf692694), |
1128 | G_GUINT64_CONSTANT (0xe49b69c19ef14ad2), G_GUINT64_CONSTANT (0xefbe4786384f25e3), |
1129 | G_GUINT64_CONSTANT (0x0fc19dc68b8cd5b5), G_GUINT64_CONSTANT (0x240ca1cc77ac9c65), |
1130 | G_GUINT64_CONSTANT (0x2de92c6f592b0275), G_GUINT64_CONSTANT (0x4a7484aa6ea6e483), |
1131 | G_GUINT64_CONSTANT (0x5cb0a9dcbd41fbd4), G_GUINT64_CONSTANT (0x76f988da831153b5), |
1132 | G_GUINT64_CONSTANT (0x983e5152ee66dfab), G_GUINT64_CONSTANT (0xa831c66d2db43210), |
1133 | G_GUINT64_CONSTANT (0xb00327c898fb213f), G_GUINT64_CONSTANT (0xbf597fc7beef0ee4), |
1134 | G_GUINT64_CONSTANT (0xc6e00bf33da88fc2), G_GUINT64_CONSTANT (0xd5a79147930aa725), |
1135 | G_GUINT64_CONSTANT (0x06ca6351e003826f), G_GUINT64_CONSTANT (0x142929670a0e6e70), |
1136 | G_GUINT64_CONSTANT (0x27b70a8546d22ffc), G_GUINT64_CONSTANT (0x2e1b21385c26c926), |
1137 | G_GUINT64_CONSTANT (0x4d2c6dfc5ac42aed), G_GUINT64_CONSTANT (0x53380d139d95b3df), |
1138 | G_GUINT64_CONSTANT (0x650a73548baf63de), G_GUINT64_CONSTANT (0x766a0abb3c77b2a8), |
1139 | G_GUINT64_CONSTANT (0x81c2c92e47edaee6), G_GUINT64_CONSTANT (0x92722c851482353b), |
1140 | G_GUINT64_CONSTANT (0xa2bfe8a14cf10364), G_GUINT64_CONSTANT (0xa81a664bbc423001), |
1141 | G_GUINT64_CONSTANT (0xc24b8b70d0f89791), G_GUINT64_CONSTANT (0xc76c51a30654be30), |
1142 | G_GUINT64_CONSTANT (0xd192e819d6ef5218), G_GUINT64_CONSTANT (0xd69906245565a910), |
1143 | G_GUINT64_CONSTANT (0xf40e35855771202a), G_GUINT64_CONSTANT (0x106aa07032bbd1b8), |
1144 | G_GUINT64_CONSTANT (0x19a4c116b8d2d0c8), G_GUINT64_CONSTANT (0x1e376c085141ab53), |
1145 | G_GUINT64_CONSTANT (0x2748774cdf8eeb99), G_GUINT64_CONSTANT (0x34b0bcb5e19b48a8), |
1146 | G_GUINT64_CONSTANT (0x391c0cb3c5c95a63), G_GUINT64_CONSTANT (0x4ed8aa4ae3418acb), |
1147 | G_GUINT64_CONSTANT (0x5b9cca4f7763e373), G_GUINT64_CONSTANT (0x682e6ff3d6b2b8a3), |
1148 | G_GUINT64_CONSTANT (0x748f82ee5defb2fc), G_GUINT64_CONSTANT (0x78a5636f43172f60), |
1149 | G_GUINT64_CONSTANT (0x84c87814a1f0ab72), G_GUINT64_CONSTANT (0x8cc702081a6439ec), |
1150 | G_GUINT64_CONSTANT (0x90befffa23631e28), G_GUINT64_CONSTANT (0xa4506cebde82bde9), |
1151 | G_GUINT64_CONSTANT (0xbef9a3f7b2c67915), G_GUINT64_CONSTANT (0xc67178f2e372532b), |
1152 | G_GUINT64_CONSTANT (0xca273eceea26619c), G_GUINT64_CONSTANT (0xd186b8c721c0c207), |
1153 | G_GUINT64_CONSTANT (0xeada7dd6cde0eb1e), G_GUINT64_CONSTANT (0xf57d4f7fee6ed178), |
1154 | G_GUINT64_CONSTANT (0x06f067aa72176fba), G_GUINT64_CONSTANT (0x0a637dc5a2c898a6), |
1155 | G_GUINT64_CONSTANT (0x113f9804bef90dae), G_GUINT64_CONSTANT (0x1b710b35131c471b), |
1156 | G_GUINT64_CONSTANT (0x28db77f523047d84), G_GUINT64_CONSTANT (0x32caab7b40c72493), |
1157 | G_GUINT64_CONSTANT (0x3c9ebe0a15c9bebc), G_GUINT64_CONSTANT (0x431d67c49c100d4c), |
1158 | G_GUINT64_CONSTANT (0x4cc5d4becb3e42b6), G_GUINT64_CONSTANT (0x597f299cfc657e2a), |
1159 | G_GUINT64_CONSTANT (0x5fcb6fab3ad6faec), G_GUINT64_CONSTANT (0x6c44198c4a475817) |
1160 | }; |
1161 | |
1162 | |
1163 | static void |
1164 | sha384_sum_init (Sha512sum *sha512) |
1165 | { |
1166 | /* Initial Hash Value [§5.3.4] */ |
1167 | sha512->H[0] = G_GUINT64_CONSTANT (0xcbbb9d5dc1059ed8); |
1168 | sha512->H[1] = G_GUINT64_CONSTANT (0x629a292a367cd507); |
1169 | sha512->H[2] = G_GUINT64_CONSTANT (0x9159015a3070dd17); |
1170 | sha512->H[3] = G_GUINT64_CONSTANT (0x152fecd8f70e5939); |
1171 | sha512->H[4] = G_GUINT64_CONSTANT (0x67332667ffc00b31); |
1172 | sha512->H[5] = G_GUINT64_CONSTANT (0x8eb44a8768581511); |
1173 | sha512->H[6] = G_GUINT64_CONSTANT (0xdb0c2e0d64f98fa7); |
1174 | sha512->H[7] = G_GUINT64_CONSTANT (0x47b5481dbefa4fa4); |
1175 | |
1176 | sha512->block_len = 0; |
1177 | |
1178 | sha512->data_len[0] = 0; |
1179 | sha512->data_len[1] = 0; |
1180 | } |
1181 | |
1182 | static void |
1183 | sha512_sum_init (Sha512sum *sha512) |
1184 | { |
1185 | /* Initial Hash Value [§5.3.5] */ |
1186 | sha512->H[0] = G_GUINT64_CONSTANT (0x6a09e667f3bcc908); |
1187 | sha512->H[1] = G_GUINT64_CONSTANT (0xbb67ae8584caa73b); |
1188 | sha512->H[2] = G_GUINT64_CONSTANT (0x3c6ef372fe94f82b); |
1189 | sha512->H[3] = G_GUINT64_CONSTANT (0xa54ff53a5f1d36f1); |
1190 | sha512->H[4] = G_GUINT64_CONSTANT (0x510e527fade682d1); |
1191 | sha512->H[5] = G_GUINT64_CONSTANT (0x9b05688c2b3e6c1f); |
1192 | sha512->H[6] = G_GUINT64_CONSTANT (0x1f83d9abfb41bd6b); |
1193 | sha512->H[7] = G_GUINT64_CONSTANT (0x5be0cd19137e2179); |
1194 | |
1195 | sha512->block_len = 0; |
1196 | |
1197 | sha512->data_len[0] = 0; |
1198 | sha512->data_len[1] = 0; |
1199 | } |
1200 | |
1201 | static void |
1202 | sha512_transform (guint64 H[8], |
1203 | guint8 const data[SHA2_BLOCK_LEN]) |
1204 | { |
1205 | gint i; |
1206 | gint t; |
1207 | guint64 a, b, c, d, e, f, g, h; |
1208 | guint64 M[16]; |
1209 | guint64 W[80]; |
1210 | |
1211 | /* SHA-512 hash computation [§6.4.2] */ |
1212 | |
1213 | /* prepare the message schedule */ |
1214 | for (i = 0; i < 16; i++) |
1215 | { |
1216 | gint p = i * 8; |
1217 | |
1218 | M[i] = |
1219 | ((guint64) data[p + 0] << 56) | |
1220 | ((guint64) data[p + 1] << 48) | |
1221 | ((guint64) data[p + 2] << 40) | |
1222 | ((guint64) data[p + 3] << 32) | |
1223 | ((guint64) data[p + 4] << 24) | |
1224 | ((guint64) data[p + 5] << 16) | |
1225 | ((guint64) data[p + 6] << 8) | |
1226 | ((guint64) data[p + 7] ); |
1227 | } |
1228 | |
1229 | for (t = 0; t < 80; t++) |
1230 | if (t < 16) |
1231 | W[t] = M[t]; |
1232 | else |
1233 | W[t] = sigma1 (W[t - 2]) + W[t - 7] + sigma0 (W[t - 15]) + W[t - 16]; |
1234 | |
1235 | /* initialize the eight working variables */ |
1236 | a = H[0]; |
1237 | b = H[1]; |
1238 | c = H[2]; |
1239 | d = H[3]; |
1240 | e = H[4]; |
1241 | f = H[5]; |
1242 | g = H[6]; |
1243 | h = H[7]; |
1244 | |
1245 | for (t = 0; t < 80; t++) |
1246 | { |
1247 | guint64 T1, T2; |
1248 | |
1249 | T1 = h + SIGMA1 (e) + Ch (e, f, g) + SHA2_K[t] + W[t]; |
1250 | T2 = SIGMA0 (a) + Maj (a, b, c); |
1251 | h = g; |
1252 | g = f; |
1253 | f = e; |
1254 | e = d + T1; |
1255 | d = c; |
1256 | c = b; |
1257 | b = a; |
1258 | a = T1 + T2; |
1259 | } |
1260 | |
1261 | /* Compute the intermediate hash value H */ |
1262 | H[0] += a; |
1263 | H[1] += b; |
1264 | H[2] += c; |
1265 | H[3] += d; |
1266 | H[4] += e; |
1267 | H[5] += f; |
1268 | H[6] += g; |
1269 | H[7] += h; |
1270 | } |
1271 | |
1272 | static void |
1273 | sha512_sum_update (Sha512sum *sha512, |
1274 | const guchar *buffer, |
1275 | gsize length) |
1276 | { |
1277 | gsize block_left, offset = 0; |
1278 | |
1279 | if (length == 0) |
1280 | return; |
1281 | |
1282 | sha512->data_len[0] += length * 8; |
1283 | if (sha512->data_len[0] < length) |
1284 | sha512->data_len[1]++; |
1285 | |
1286 | /* try to fill current block */ |
1287 | block_left = SHA2_BLOCK_LEN - sha512->block_len; |
1288 | if (block_left > 0) |
1289 | { |
1290 | gsize fill_len; |
1291 | |
1292 | fill_len = MIN (block_left, length); |
1293 | memcpy (dest: sha512->block + sha512->block_len, src: buffer, n: fill_len); |
1294 | sha512->block_len += fill_len; |
1295 | length -= fill_len; |
1296 | offset += fill_len; |
1297 | |
1298 | if (sha512->block_len == SHA2_BLOCK_LEN) |
1299 | { |
1300 | sha512_transform (H: sha512->H, data: sha512->block); |
1301 | sha512->block_len = 0; |
1302 | } |
1303 | } |
1304 | |
1305 | /* process complete blocks */ |
1306 | while (length >= SHA2_BLOCK_LEN) |
1307 | { |
1308 | memcpy (dest: sha512->block, src: buffer + offset, SHA2_BLOCK_LEN); |
1309 | |
1310 | sha512_transform (H: sha512->H, data: sha512->block); |
1311 | |
1312 | length -= SHA2_BLOCK_LEN; |
1313 | offset += SHA2_BLOCK_LEN; |
1314 | } |
1315 | |
1316 | /* keep remaining data for next block */ |
1317 | if (length > 0) |
1318 | { |
1319 | memcpy (dest: sha512->block, src: buffer + offset, n: length); |
1320 | sha512->block_len = length; |
1321 | } |
1322 | } |
1323 | |
1324 | static void |
1325 | sha512_sum_close (Sha512sum *sha512) |
1326 | { |
1327 | guint l; |
1328 | gint zeros; |
1329 | guint8 pad[SHA2_BLOCK_LEN * 2] = { 0, }; |
1330 | guint pad_len = 0; |
1331 | gint i; |
1332 | |
1333 | /* apply padding [§5.1.2] */ |
1334 | l = sha512->block_len * 8; |
1335 | zeros = 896 - (l + 1); |
1336 | |
1337 | if (zeros < 0) |
1338 | zeros += 128 * 8; |
1339 | |
1340 | pad[0] = 0x80; /* 1000 0000 */ |
1341 | zeros -= 7; |
1342 | pad_len++; |
1343 | |
1344 | memset (s: pad + pad_len, c: 0x00, n: zeros / 8); |
1345 | pad_len += zeros / 8; |
1346 | zeros = zeros % 8; |
1347 | (void) zeros; /* don’t care about the dead store */ |
1348 | |
1349 | /* put message bit length at the end of padding */ |
1350 | PUT_UINT64 (sha512->data_len[1], pad, pad_len); |
1351 | pad_len += 8; |
1352 | |
1353 | PUT_UINT64 (sha512->data_len[0], pad, pad_len); |
1354 | pad_len += 8; |
1355 | |
1356 | /* update checksum with the padded block */ |
1357 | sha512_sum_update (sha512, buffer: pad, length: pad_len); |
1358 | |
1359 | /* copy resulting 64-bit words into digest */ |
1360 | for (i = 0; i < 8; i++) |
1361 | PUT_UINT64 (sha512->H[i], sha512->digest, i * 8); |
1362 | } |
1363 | |
1364 | static gchar * |
1365 | sha384_sum_to_string (Sha512sum *sha512) |
1366 | { |
1367 | return digest_to_string (digest: sha512->digest, SHA384_DIGEST_LEN); |
1368 | } |
1369 | |
1370 | static gchar * |
1371 | sha512_sum_to_string (Sha512sum *sha512) |
1372 | { |
1373 | return digest_to_string (digest: sha512->digest, SHA512_DIGEST_LEN); |
1374 | } |
1375 | |
1376 | static void |
1377 | sha384_sum_digest (Sha512sum *sha512, |
1378 | guint8 *digest) |
1379 | { |
1380 | memcpy (dest: digest, src: sha512->digest, SHA384_DIGEST_LEN); |
1381 | } |
1382 | |
1383 | static void |
1384 | sha512_sum_digest (Sha512sum *sha512, |
1385 | guint8 *digest) |
1386 | { |
1387 | memcpy (dest: digest, src: sha512->digest, SHA512_DIGEST_LEN); |
1388 | } |
1389 | |
1390 | #undef Ch |
1391 | #undef Maj |
1392 | #undef SHR |
1393 | #undef ROTR |
1394 | #undef SIGMA0 |
1395 | #undef SIGMA1 |
1396 | #undef sigma0 |
1397 | #undef sigma1 |
1398 | |
1399 | #undef PUT_UINT64 |
1400 | |
1401 | /* |
1402 | * Public API |
1403 | */ |
1404 | |
1405 | /** |
1406 | * g_checksum_type_get_length: |
1407 | * @checksum_type: a #GChecksumType |
1408 | * |
1409 | * Gets the length in bytes of digests of type @checksum_type |
1410 | * |
1411 | * Returns: the checksum length, or -1 if @checksum_type is |
1412 | * not supported. |
1413 | * |
1414 | * Since: 2.16 |
1415 | */ |
1416 | gssize |
1417 | g_checksum_type_get_length (GChecksumType checksum_type) |
1418 | { |
1419 | gssize len = -1; |
1420 | |
1421 | switch (checksum_type) |
1422 | { |
1423 | case G_CHECKSUM_MD5: |
1424 | len = MD5_DIGEST_LEN; |
1425 | break; |
1426 | case G_CHECKSUM_SHA1: |
1427 | len = SHA1_DIGEST_LEN; |
1428 | break; |
1429 | case G_CHECKSUM_SHA256: |
1430 | len = SHA256_DIGEST_LEN; |
1431 | break; |
1432 | case G_CHECKSUM_SHA384: |
1433 | len = SHA384_DIGEST_LEN; |
1434 | break; |
1435 | case G_CHECKSUM_SHA512: |
1436 | len = SHA512_DIGEST_LEN; |
1437 | break; |
1438 | default: |
1439 | len = -1; |
1440 | break; |
1441 | } |
1442 | |
1443 | return len; |
1444 | } |
1445 | |
1446 | /** |
1447 | * g_checksum_new: |
1448 | * @checksum_type: the desired type of checksum |
1449 | * |
1450 | * Creates a new #GChecksum, using the checksum algorithm @checksum_type. |
1451 | * If the @checksum_type is not known, %NULL is returned. |
1452 | * A #GChecksum can be used to compute the checksum, or digest, of an |
1453 | * arbitrary binary blob, using different hashing algorithms. |
1454 | * |
1455 | * A #GChecksum works by feeding a binary blob through g_checksum_update() |
1456 | * until there is data to be checked; the digest can then be extracted |
1457 | * using g_checksum_get_string(), which will return the checksum as a |
1458 | * hexadecimal string; or g_checksum_get_digest(), which will return a |
1459 | * vector of raw bytes. Once either g_checksum_get_string() or |
1460 | * g_checksum_get_digest() have been called on a #GChecksum, the checksum |
1461 | * will be closed and it won't be possible to call g_checksum_update() |
1462 | * on it anymore. |
1463 | * |
1464 | * Returns: (transfer full) (nullable): the newly created #GChecksum, or %NULL. |
1465 | * Use g_checksum_free() to free the memory allocated by it. |
1466 | * |
1467 | * Since: 2.16 |
1468 | */ |
1469 | GChecksum * |
1470 | g_checksum_new (GChecksumType checksum_type) |
1471 | { |
1472 | GChecksum *checksum; |
1473 | |
1474 | if (! IS_VALID_TYPE (checksum_type)) |
1475 | return NULL; |
1476 | |
1477 | checksum = g_slice_new0 (GChecksum); |
1478 | checksum->type = checksum_type; |
1479 | |
1480 | g_checksum_reset (checksum); |
1481 | |
1482 | return checksum; |
1483 | } |
1484 | |
1485 | /** |
1486 | * g_checksum_reset: |
1487 | * @checksum: the #GChecksum to reset |
1488 | * |
1489 | * Resets the state of the @checksum back to its initial state. |
1490 | * |
1491 | * Since: 2.18 |
1492 | **/ |
1493 | void |
1494 | g_checksum_reset (GChecksum *checksum) |
1495 | { |
1496 | g_return_if_fail (checksum != NULL); |
1497 | |
1498 | g_free (mem: checksum->digest_str); |
1499 | checksum->digest_str = NULL; |
1500 | |
1501 | switch (checksum->type) |
1502 | { |
1503 | case G_CHECKSUM_MD5: |
1504 | md5_sum_init (md5: &(checksum->sum.md5)); |
1505 | break; |
1506 | case G_CHECKSUM_SHA1: |
1507 | sha1_sum_init (sha1: &(checksum->sum.sha1)); |
1508 | break; |
1509 | case G_CHECKSUM_SHA256: |
1510 | sha256_sum_init (sha256: &(checksum->sum.sha256)); |
1511 | break; |
1512 | case G_CHECKSUM_SHA384: |
1513 | sha384_sum_init (sha512: &(checksum->sum.sha512)); |
1514 | break; |
1515 | case G_CHECKSUM_SHA512: |
1516 | sha512_sum_init (sha512: &(checksum->sum.sha512)); |
1517 | break; |
1518 | default: |
1519 | g_assert_not_reached (); |
1520 | break; |
1521 | } |
1522 | } |
1523 | |
1524 | /** |
1525 | * g_checksum_copy: |
1526 | * @checksum: the #GChecksum to copy |
1527 | * |
1528 | * Copies a #GChecksum. If @checksum has been closed, by calling |
1529 | * g_checksum_get_string() or g_checksum_get_digest(), the copied |
1530 | * checksum will be closed as well. |
1531 | * |
1532 | * Returns: (transfer full): the copy of the passed #GChecksum. Use |
1533 | * g_checksum_free() when finished using it. |
1534 | * |
1535 | * Since: 2.16 |
1536 | */ |
1537 | GChecksum * |
1538 | g_checksum_copy (const GChecksum *checksum) |
1539 | { |
1540 | GChecksum *copy; |
1541 | |
1542 | g_return_val_if_fail (checksum != NULL, NULL); |
1543 | |
1544 | copy = g_slice_new (GChecksum); |
1545 | *copy = *checksum; |
1546 | |
1547 | copy->digest_str = g_strdup (str: checksum->digest_str); |
1548 | |
1549 | return copy; |
1550 | } |
1551 | |
1552 | /** |
1553 | * g_checksum_free: |
1554 | * @checksum: a #GChecksum |
1555 | * |
1556 | * Frees the memory allocated for @checksum. |
1557 | * |
1558 | * Since: 2.16 |
1559 | */ |
1560 | void |
1561 | g_checksum_free (GChecksum *checksum) |
1562 | { |
1563 | if (G_LIKELY (checksum)) |
1564 | { |
1565 | g_free (mem: checksum->digest_str); |
1566 | |
1567 | g_slice_free (GChecksum, checksum); |
1568 | } |
1569 | } |
1570 | |
1571 | /** |
1572 | * g_checksum_update: |
1573 | * @checksum: a #GChecksum |
1574 | * @data: (array length=length) (element-type guint8): buffer used to compute the checksum |
1575 | * @length: size of the buffer, or -1 if it is a null-terminated string. |
1576 | * |
1577 | * Feeds @data into an existing #GChecksum. The checksum must still be |
1578 | * open, that is g_checksum_get_string() or g_checksum_get_digest() must |
1579 | * not have been called on @checksum. |
1580 | * |
1581 | * Since: 2.16 |
1582 | */ |
1583 | void |
1584 | g_checksum_update (GChecksum *checksum, |
1585 | const guchar *data, |
1586 | gssize length) |
1587 | { |
1588 | g_return_if_fail (checksum != NULL); |
1589 | g_return_if_fail (length == 0 || data != NULL); |
1590 | |
1591 | if (length < 0) |
1592 | length = strlen (s: (const gchar *) data); |
1593 | |
1594 | if (checksum->digest_str) |
1595 | { |
1596 | g_warning ("The checksum '%s' has been closed and cannot be updated " |
1597 | "anymore." , |
1598 | checksum->digest_str); |
1599 | return; |
1600 | } |
1601 | |
1602 | switch (checksum->type) |
1603 | { |
1604 | case G_CHECKSUM_MD5: |
1605 | md5_sum_update (md5: &(checksum->sum.md5), data, length); |
1606 | break; |
1607 | case G_CHECKSUM_SHA1: |
1608 | sha1_sum_update (sha1: &(checksum->sum.sha1), buffer: data, count: length); |
1609 | break; |
1610 | case G_CHECKSUM_SHA256: |
1611 | sha256_sum_update (sha256: &(checksum->sum.sha256), buffer: data, length); |
1612 | break; |
1613 | case G_CHECKSUM_SHA384: |
1614 | case G_CHECKSUM_SHA512: |
1615 | sha512_sum_update (sha512: &(checksum->sum.sha512), buffer: data, length); |
1616 | break; |
1617 | default: |
1618 | g_assert_not_reached (); |
1619 | break; |
1620 | } |
1621 | } |
1622 | |
1623 | /** |
1624 | * g_checksum_get_string: |
1625 | * @checksum: a #GChecksum |
1626 | * |
1627 | * Gets the digest as a hexadecimal string. |
1628 | * |
1629 | * Once this function has been called the #GChecksum can no longer be |
1630 | * updated with g_checksum_update(). |
1631 | * |
1632 | * The hexadecimal characters will be lower case. |
1633 | * |
1634 | * Returns: the hexadecimal representation of the checksum. The |
1635 | * returned string is owned by the checksum and should not be modified |
1636 | * or freed. |
1637 | * |
1638 | * Since: 2.16 |
1639 | */ |
1640 | const gchar * |
1641 | g_checksum_get_string (GChecksum *checksum) |
1642 | { |
1643 | gchar *str = NULL; |
1644 | |
1645 | g_return_val_if_fail (checksum != NULL, NULL); |
1646 | |
1647 | if (checksum->digest_str) |
1648 | return checksum->digest_str; |
1649 | |
1650 | switch (checksum->type) |
1651 | { |
1652 | case G_CHECKSUM_MD5: |
1653 | md5_sum_close (md5: &(checksum->sum.md5)); |
1654 | str = md5_sum_to_string (md5: &(checksum->sum.md5)); |
1655 | break; |
1656 | case G_CHECKSUM_SHA1: |
1657 | sha1_sum_close (sha1: &(checksum->sum.sha1)); |
1658 | str = sha1_sum_to_string (sha1: &(checksum->sum.sha1)); |
1659 | break; |
1660 | case G_CHECKSUM_SHA256: |
1661 | sha256_sum_close (sha256: &(checksum->sum.sha256)); |
1662 | str = sha256_sum_to_string (sha256: &(checksum->sum.sha256)); |
1663 | break; |
1664 | case G_CHECKSUM_SHA384: |
1665 | sha512_sum_close (sha512: &(checksum->sum.sha512)); |
1666 | str = sha384_sum_to_string (sha512: &(checksum->sum.sha512)); |
1667 | break; |
1668 | case G_CHECKSUM_SHA512: |
1669 | sha512_sum_close (sha512: &(checksum->sum.sha512)); |
1670 | str = sha512_sum_to_string (sha512: &(checksum->sum.sha512)); |
1671 | break; |
1672 | default: |
1673 | g_assert_not_reached (); |
1674 | break; |
1675 | } |
1676 | |
1677 | checksum->digest_str = str; |
1678 | |
1679 | return checksum->digest_str; |
1680 | } |
1681 | |
1682 | /** |
1683 | * g_checksum_get_digest: (skip) |
1684 | * @checksum: a #GChecksum |
1685 | * @buffer: (array length=digest_len): output buffer |
1686 | * @digest_len: (inout): an inout parameter. The caller initializes it to the size of @buffer. |
1687 | * After the call it contains the length of the digest. |
1688 | * |
1689 | * Gets the digest from @checksum as a raw binary vector and places it |
1690 | * into @buffer. The size of the digest depends on the type of checksum. |
1691 | * |
1692 | * Once this function has been called, the #GChecksum is closed and can |
1693 | * no longer be updated with g_checksum_update(). |
1694 | * |
1695 | * Since: 2.16 |
1696 | */ |
1697 | void |
1698 | g_checksum_get_digest (GChecksum *checksum, |
1699 | guint8 *buffer, |
1700 | gsize *digest_len) |
1701 | { |
1702 | gboolean checksum_open = FALSE; |
1703 | gchar *str = NULL; |
1704 | gsize len; |
1705 | |
1706 | g_return_if_fail (checksum != NULL); |
1707 | |
1708 | len = g_checksum_type_get_length (checksum_type: checksum->type); |
1709 | g_return_if_fail (*digest_len >= len); |
1710 | |
1711 | checksum_open = !!(checksum->digest_str == NULL); |
1712 | |
1713 | switch (checksum->type) |
1714 | { |
1715 | case G_CHECKSUM_MD5: |
1716 | if (checksum_open) |
1717 | { |
1718 | md5_sum_close (md5: &(checksum->sum.md5)); |
1719 | str = md5_sum_to_string (md5: &(checksum->sum.md5)); |
1720 | } |
1721 | md5_sum_digest (md5: &(checksum->sum.md5), digest: buffer); |
1722 | break; |
1723 | case G_CHECKSUM_SHA1: |
1724 | if (checksum_open) |
1725 | { |
1726 | sha1_sum_close (sha1: &(checksum->sum.sha1)); |
1727 | str = sha1_sum_to_string (sha1: &(checksum->sum.sha1)); |
1728 | } |
1729 | sha1_sum_digest (sha1: &(checksum->sum.sha1), digest: buffer); |
1730 | break; |
1731 | case G_CHECKSUM_SHA256: |
1732 | if (checksum_open) |
1733 | { |
1734 | sha256_sum_close (sha256: &(checksum->sum.sha256)); |
1735 | str = sha256_sum_to_string (sha256: &(checksum->sum.sha256)); |
1736 | } |
1737 | sha256_sum_digest (sha256: &(checksum->sum.sha256), digest: buffer); |
1738 | break; |
1739 | case G_CHECKSUM_SHA384: |
1740 | if (checksum_open) |
1741 | { |
1742 | sha512_sum_close (sha512: &(checksum->sum.sha512)); |
1743 | str = sha384_sum_to_string (sha512: &(checksum->sum.sha512)); |
1744 | } |
1745 | sha384_sum_digest (sha512: &(checksum->sum.sha512), digest: buffer); |
1746 | break; |
1747 | case G_CHECKSUM_SHA512: |
1748 | if (checksum_open) |
1749 | { |
1750 | sha512_sum_close (sha512: &(checksum->sum.sha512)); |
1751 | str = sha512_sum_to_string (sha512: &(checksum->sum.sha512)); |
1752 | } |
1753 | sha512_sum_digest (sha512: &(checksum->sum.sha512), digest: buffer); |
1754 | break; |
1755 | default: |
1756 | g_assert_not_reached (); |
1757 | break; |
1758 | } |
1759 | |
1760 | if (str) |
1761 | checksum->digest_str = str; |
1762 | |
1763 | *digest_len = len; |
1764 | } |
1765 | |
1766 | /** |
1767 | * g_compute_checksum_for_data: |
1768 | * @checksum_type: a #GChecksumType |
1769 | * @data: (array length=length) (element-type guint8): binary blob to compute the digest of |
1770 | * @length: length of @data |
1771 | * |
1772 | * Computes the checksum for a binary @data of @length. This is a |
1773 | * convenience wrapper for g_checksum_new(), g_checksum_get_string() |
1774 | * and g_checksum_free(). |
1775 | * |
1776 | * The hexadecimal string returned will be in lower case. |
1777 | * |
1778 | * Returns: (transfer full) (nullable): the digest of the binary data as a |
1779 | * string in hexadecimal, or %NULL if g_checksum_new() fails for |
1780 | * @checksum_type. The returned string should be freed with g_free() when |
1781 | * done using it. |
1782 | * |
1783 | * Since: 2.16 |
1784 | */ |
1785 | gchar * |
1786 | g_compute_checksum_for_data (GChecksumType checksum_type, |
1787 | const guchar *data, |
1788 | gsize length) |
1789 | { |
1790 | GChecksum *checksum; |
1791 | gchar *retval; |
1792 | |
1793 | g_return_val_if_fail (length == 0 || data != NULL, NULL); |
1794 | |
1795 | checksum = g_checksum_new (checksum_type); |
1796 | if (!checksum) |
1797 | return NULL; |
1798 | |
1799 | g_checksum_update (checksum, data, length); |
1800 | retval = g_strdup (str: g_checksum_get_string (checksum)); |
1801 | g_checksum_free (checksum); |
1802 | |
1803 | return retval; |
1804 | } |
1805 | |
1806 | /** |
1807 | * g_compute_checksum_for_string: |
1808 | * @checksum_type: a #GChecksumType |
1809 | * @str: the string to compute the checksum of |
1810 | * @length: the length of the string, or -1 if the string is null-terminated. |
1811 | * |
1812 | * Computes the checksum of a string. |
1813 | * |
1814 | * The hexadecimal string returned will be in lower case. |
1815 | * |
1816 | * Returns: (transfer full) (nullable): the checksum as a hexadecimal string, |
1817 | * or %NULL if g_checksum_new() fails for @checksum_type. The returned string |
1818 | * should be freed with g_free() when done using it. |
1819 | * |
1820 | * Since: 2.16 |
1821 | */ |
1822 | gchar * |
1823 | g_compute_checksum_for_string (GChecksumType checksum_type, |
1824 | const gchar *str, |
1825 | gssize length) |
1826 | { |
1827 | g_return_val_if_fail (length == 0 || str != NULL, NULL); |
1828 | |
1829 | if (length < 0) |
1830 | length = strlen (s: str); |
1831 | |
1832 | return g_compute_checksum_for_data (checksum_type, data: (const guchar *) str, length); |
1833 | } |
1834 | |
1835 | /** |
1836 | * g_compute_checksum_for_bytes: |
1837 | * @checksum_type: a #GChecksumType |
1838 | * @data: binary blob to compute the digest of |
1839 | * |
1840 | * Computes the checksum for a binary @data. This is a |
1841 | * convenience wrapper for g_checksum_new(), g_checksum_get_string() |
1842 | * and g_checksum_free(). |
1843 | * |
1844 | * The hexadecimal string returned will be in lower case. |
1845 | * |
1846 | * Returns: (transfer full) (nullable): the digest of the binary data as a |
1847 | * string in hexadecimal, or %NULL if g_checksum_new() fails for |
1848 | * @checksum_type. The returned string should be freed with g_free() when |
1849 | * done using it. |
1850 | * |
1851 | * Since: 2.34 |
1852 | */ |
1853 | gchar * |
1854 | g_compute_checksum_for_bytes (GChecksumType checksum_type, |
1855 | GBytes *data) |
1856 | { |
1857 | gconstpointer byte_data; |
1858 | gsize length; |
1859 | |
1860 | g_return_val_if_fail (data != NULL, NULL); |
1861 | |
1862 | byte_data = g_bytes_get_data (bytes: data, size: &length); |
1863 | return g_compute_checksum_for_data (checksum_type, data: byte_data, length); |
1864 | } |
1865 | |