Nyaaori/rockbox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

sbinfo: add full support for various kind of cryptographic checks

Browse source 
- now have a AES128, SHA1 and CRC implementation
- now crc check the boot section chunks as well as the instruction headers
- now sha1 check the sb header and the whole file
- nearly all fields of the sb format are now documented

git-svn-id: svn://svn.rockbox.org/rockbox/trunk@28708 a1c6a512-1295-4272-9138-f99709370657
This commit is contained in:
Amaury Pouly 2010-11-29 14:15:06 +00:00
parent db1e051bf0
commit 761255928e
7 changed files with 433 additions and 88 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
utils/sbinfo/Makefile
View file

@ -2,8 +2,8 @@ TGT = sbinfo
all: $(TGT)
$(TGT): sbinfo.c
$(CC) -std=c99 -o $(TGT) -W -Wall sbinfo.c aes128_impl.c
$(TGT): sbinfo.c crc.c crypto.h aes128.c sha1.c
$(CC) -g -std=c99 -o $(TGT) -W -Wall sbinfo.c aes128.c crc.c sha1.c
clean:
rm -fr $(TGT)

50
utils/sbinfo/aes128_impl.c → utils/sbinfo/aes128.c
View file

@ -6,7 +6,7 @@
// http://en.wikipeia.org/wiki/Rijndael_mix_columns
// http://en.wikipedia.org/wiki/Rijndael_S-box
// This code is public domain, or any OSI-approved license, your choice. No warranty.
#include "aes128_impl.h"
#include "crypto.h"
// Here are all the lookup tables for the row shifts, rcon, s-boxes, and galois field multiplications
byte shift_rows_table[] = {0,5,10,15,4,9,14,3,8,13,2,7,12,1,6,11};
@ -234,3 +234,51 @@ int main(void)
return 0;
}
*/
void cbc_mac(
byte *in_data, /* Input data */
byte *out_data, /* Output data (or NULL) */
int nr_blocks, /* Number of blocks to encrypt/decrypt (one block=16 bytes) */
byte key[16], /* Key */
byte iv[16], /* Initialisation Vector */
byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */
int encrypt /* 1 to encrypt, 0 to decrypt */
)
{
byte feedback[16];
memcpy(feedback, iv, 16);
if(encrypt)
{
/* for each block */
for(int i = 0; i < nr_blocks; i++)
{
/* xor it with feedback */
xor_(feedback, &in_data[i * 16], 16);
/* encrypt it using aes */
EncryptAES(feedback, key, feedback);
/* write cipher to output */
if(out_data)
memcpy(&out_data[i * 16], feedback, 16);
}
if(out_cbc_mac)
memcpy(out_cbc_mac, feedback, 16);
}
else
{
/* nothing to do ? */
if(out_data == NULL)
return;
/* for each block */
for(int i = 0; i < nr_blocks; i++)
{
/* decrypt it using aes */
DecryptAES(&in_data[i * 16], key, &out_data[i * 16]);
/* xor it with iv */
xor_(&out_data[i * 16], feedback, 16);
/* copy cipher to iv */
memcpy(feedback, &in_data[i * 16], 16);
}
}
}

10
utils/sbinfo/aes128_impl.h
View file

@ -1,10 +0,0 @@
#include <stdio.h>
#include <stdint.h>
#include <string.h>
typedef uint8_t byte;
void xor_(byte *a, byte *b, int n);
void EncryptAES(byte *msg, byte *key, byte *c);
void DecryptAES(byte *c, byte *key, byte *m);
void Pretty(byte* b,int len,const char* label);

78
utils/sbinfo/crc.c Normal file
View file

@ -0,0 +1,78 @@
/***************************************************************************
* __________ __ ___.
* Open \______ \ ____ ____ | | _\_ |__ _______ ___
* Source | _// _ \_/ ___\| |/ /| __ \ / _ \ \/ /
* Jukebox | | ( <_> ) \___| < | \_\ ( <_> > < <
* Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \
* \/ \/ \/ \/ \/
* $Id$
*
* Copyright (C) 2010 Amaury Pouly
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
****************************************************************************/
#include "crypto.h"
/* Table extracted from firmware, don't know if this is regular CRC32 */
static uint32_t crc_table[256] = {
0x0, 0x4C11DB7, 0x9823B6E, 0x0D4326D9, 0x130476DC, 0x17C56B6B, 0x1A864DB2,
0x1E475005, 0x2608EDB8, 0x22C9F00F, 0x2F8AD6D6, 0x2B4BCB61, 0x350C9B64,
0x31CD86D3, 0x3C8EA00A, 0x384FBDBD, 0x4C11DB70, 0x48D0C6C7, 0x4593E01E,
0x4152FDA9, 0x5F15ADAC, 0x5BD4B01B, 0x569796C2, 0x52568B75, 0x6A1936C8,
0x6ED82B7F, 0x639B0DA6, 0x675A1011, 0x791D4014, 0x7DDC5DA3, 0x709F7B7A,
0x745E66CD, 0x9823B6E0, 0x9CE2AB57, 0x91A18D8E, 0x95609039, 0x8B27C03C,
0x8FE6DD8B, 0x82A5FB52, 0x8664E6E5, 0x0BE2B5B58, 0x0BAEA46EF, 0x0B7A96036,
0x0B3687D81, 0x0AD2F2D84, 0x0A9EE3033, 0x0A4AD16EA, 0x0A06C0B5D, 0x0D4326D90,
0x0D0F37027, 0x0DDB056FE, 0x0D9714B49, 0x0C7361B4C, 0x0C3F706FB, 0x0CEB42022,
0x0CA753D95, 0x0F23A8028, 0x0F6FB9D9F, 0x0FBB8BB46, 0x0FF79A6F1, 0x0E13EF6F4,
0x0E5FFEB43, 0x0E8BCCD9A, 0x0EC7DD02D, 0x34867077, 0x30476DC0, 0x3D044B19,
0x39C556AE, 0x278206AB, 0x23431B1C, 0x2E003DC5, 0x2AC12072, 0x128E9DCF,
0x164F8078, 0x1B0CA6A1, 0x1FCDBB16, 0x18AEB13, 0x54BF6A4, 0x808D07D,
0x0CC9CDCA, 0x7897AB07, 0x7C56B6B0, 0x71159069, 0x75D48DDE, 0x6B93DDDB,
0x6F52C06C, 0x6211E6B5, 0x66D0FB02, 0x5E9F46BF, 0x5A5E5B08, 0x571D7DD1,
0x53DC6066, 0x4D9B3063, 0x495A2DD4, 0x44190B0D, 0x40D816BA, 0x0ACA5C697,
0x0A864DB20, 0x0A527FDF9, 0x0A1E6E04E, 0x0BFA1B04B, 0x0BB60ADFC, 0x0B6238B25,
0x0B2E29692, 0x8AAD2B2F, 0x8E6C3698, 0x832F1041, 0x87EE0DF6, 0x99A95DF3,
0x9D684044, 0x902B669D, 0x94EA7B2A, 0x0E0B41DE7, 0x0E4750050, 0x0E9362689,
0x0EDF73B3E, 0x0F3B06B3B, 0x0F771768C, 0x0FA325055, 0x0FEF34DE2, 0x0C6BCF05F,
0x0C27DEDE8, 0x0CF3ECB31, 0x0CBFFD686, 0x0D5B88683, 0x0D1799B34, 0x0DC3ABDED,
0x0D8FBA05A, 0x690CE0EE, 0x6DCDFD59, 0x608EDB80, 0x644FC637, 0x7A089632,
0x7EC98B85, 0x738AAD5C, 0x774BB0EB, 0x4F040D56, 0x4BC510E1, 0x46863638,
0x42472B8F, 0x5C007B8A, 0x58C1663D, 0x558240E4, 0x51435D53, 0x251D3B9E,
0x21DC2629, 0x2C9F00F0, 0x285E1D47, 0x36194D42, 0x32D850F5, 0x3F9B762C,
0x3B5A6B9B, 0x315D626, 0x7D4CB91, 0x0A97ED48, 0x0E56F0FF, 0x1011A0FA,
0x14D0BD4D, 0x19939B94, 0x1D528623, 0x0F12F560E, 0x0F5EE4BB9, 0x0F8AD6D60,
0x0FC6C70D7, 0x0E22B20D2, 0x0E6EA3D65, 0x0EBA91BBC, 0x0EF68060B, 0x0D727BBB6,
0x0D3E6A601, 0x0DEA580D8, 0x0DA649D6F, 0x0C423CD6A, 0x0C0E2D0DD, 0x0CDA1F604,
0x0C960EBB3, 0x0BD3E8D7E, 0x0B9FF90C9, 0x0B4BCB610, 0x0B07DABA7, 0x0AE3AFBA2,
0x0AAFBE615, 0x0A7B8C0CC, 0x0A379DD7B, 0x9B3660C6, 0x9FF77D71, 0x92B45BA8,
0x9675461F, 0x8832161A, 0x8CF30BAD, 0x81B02D74, 0x857130C3, 0x5D8A9099,
0x594B8D2E, 0x5408ABF7, 0x50C9B640, 0x4E8EE645, 0x4A4FFBF2, 0x470CDD2B,
0x43CDC09C, 0x7B827D21, 0x7F436096, 0x7200464F, 0x76C15BF8, 0x68860BFD,
0x6C47164A, 0x61043093, 0x65C52D24, 0x119B4BE9, 0x155A565E, 0x18197087,
0x1CD86D30, 0x29F3D35, 0x65E2082, 0x0B1D065B, 0x0FDC1BEC, 0x3793A651,
0x3352BBE6, 0x3E119D3F, 0x3AD08088, 0x2497D08D, 0x2056CD3A, 0x2D15EBE3,
0x29D4F654, 0x0C5A92679, 0x0C1683BCE, 0x0CC2B1D17, 0x0C8EA00A0, 0x0D6AD50A5,
0x0D26C4D12, 0x0DF2F6BCB, 0x0DBEE767C, 0x0E3A1CBC1, 0x0E760D676, 0x0EA23F0AF,
0x0EEE2ED18, 0x0F0A5BD1D, 0x0F464A0AA, 0x0F9278673, 0x0FDE69BC4, 0x89B8FD09,
0x8D79E0BE, 0x803AC667, 0x84FBDBD0, 0x9ABC8BD5, 0x9E7D9662, 0x933EB0BB,
0x97FFAD0C, 0x0AFB010B1, 0x0AB710D06, 0x0A6322BDF, 0x0A2F33668, 0x0BCB4666D,
0x0B8757BDA, 0x0B5365D03, 0x0B1F740B4
};
uint32_t crc(byte *data, int size)
{
uint32_t c = 0xffffffff;
/* normal CRC */
for(int i = 0; i < size; i++)
c = crc_table[data[i] ^ (c >> 24)] ^ (c << 8);
return c;
}

57
utils/sbinfo/crypto.h Normal file
View file

@ -0,0 +1,57 @@
/***************************************************************************
* __________ __ ___.
* Open \______ \ ____ ____ | | _\_ |__ _______ ___
* Source | _// _ \_/ ___\| |/ /| __ \ / _ \ \/ /
* Jukebox | | ( <_> ) \___| < | \_\ ( <_> > < <
* Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \
* \/ \/ \/ \/ \/
* $Id$
*
* Copyright (C) 2010 Amaury Pouly
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
****************************************************************************/
#include <stdio.h>
#include <stdint.h>
#include <string.h>
typedef uint8_t byte;
/* aes128.c */
void xor_(byte *a, byte *b, int n);
void EncryptAES(byte *msg, byte *key, byte *c);
void DecryptAES(byte *c, byte *key, byte *m);
void Pretty(byte* b,int len,const char* label);
void cbc_mac(
byte *in_data, /* Input data */
byte *out_data, /* Output data (or NULL) */
int nr_blocks, /* Number of blocks to encrypt/decrypt (one block=16 bytes) */
byte key[16], /* Key */
byte iv[16], /* Initialisation Vector */
byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */
int encrypt /* 1 to encrypt, 0 to decrypt */
);
/* crc.c */
uint32_t crc(byte *data, int size);
/* sha1.c */
struct sha_1_params_t
{
uint32_t hash[5];
uint64_t buffer_nr_bits;
uint32_t w[80];
};
void sha_1_init(struct sha_1_params_t *params);
void sha_1_block(struct sha_1_params_t *params, uint32_t cur_hash[5], byte *data);
void sha_1_update(struct sha_1_params_t *params, byte *buffer, int size);
void sha_1_finish(struct sha_1_params_t *params);
void sha_1_output(struct sha_1_params_t *params, byte *out);

172
utils/sbinfo/sbinfo.c
View file

@ -38,7 +38,7 @@
#include <string.h>
#include <ctype.h>
#include <time.h>
#include "aes128_impl.h"
#include "crypto.h"
#if 1 /* ANSI colors */
@ -78,9 +78,6 @@ uint8_t *buf; /* file content */
char out_prefix[PREFIX_SIZE];
const char *key_file;
#define SB_INST_OP(inst) (((inst) >> 8) & 0xff)
#define SB_INST_UNK(inst) ((inst) & 0xff)
#define SB_INST_NOP 0x0
#define SB_INST_TAG 0x1
#define SB_INST_LOAD 0x2
@ -91,7 +88,9 @@ const char *key_file;
struct sb_instruction_header_t
{
uint32_t inst;
uint8_t checksum;
uint8_t opcode;
uint16_t zero_except_for_tag;
} __attribute__((packed));
struct sb_instruction_load_t
@ -114,6 +113,7 @@ struct sb_instruction_call_t
{
struct sb_instruction_header_t hdr;
uint32_t addr;
uint32_t zero;
uint32_t arg;
} __attribute__((packed));
@ -165,6 +165,12 @@ static void print_key(byte key[16])
printf("%02X ", key[i]);
}
static void print_sha1(byte sha[20])
{
for(int i = 0; i < 20; i++)
printf("%02X ", sha[i]);
}
/* verify the firmware header */
static void check(unsigned long filesize)
{
@ -242,56 +248,17 @@ static key_array_t read_keys(int num_keys)
return keys;
}
static void cbc_mac(
byte *in_data, /* Input data */
byte *out_data, /* Output data (or NULL) */
int nr_blocks, /* Number of blocks to encrypt/decrypt (one block=16 bytes) */
byte key[16], /* Key */
byte iv[16], /* Initialisation Vector */
byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */
int encrypt /* 1 to encrypt, 0 to decrypt */
)
{
byte feedback[16];
memcpy(feedback, iv, 16);
if(encrypt)
{
/* for each block */
for(int i = 0; i < nr_blocks; i++)
{
/* xor it with feedback */
xor_(feedback, &in_data[i * 16], 16);
/* encrypt it using aes */
EncryptAES(feedback, key, feedback);
/* write cipher to output */
if(out_data)
memcpy(&out_data[i * 16], feedback, 16);
}
if(out_cbc_mac)
memcpy(out_cbc_mac, feedback, 16);
}
else
{
/* nothing to do ? */
if(out_data == NULL)
bugp("can't ask to decrypt with no output buffer");
/* for each block */
for(int i = 0; i < nr_blocks; i++)
{
/* decrypt it using aes */
DecryptAES(&in_data[i * 16], key, &out_data[i * 16]);
/* xor it with iv */
xor_(&out_data[i * 16], feedback, 16);
/* copy cipher to iv */
memcpy(feedback, &in_data[i * 16], 16);
}
}
}
#define ROUND_UP(val, round) ((((val) + (round) - 1) / (round)) * (round))
static uint8_t instruction_checksum(struct sb_instruction_header_t *hdr)
{
uint8_t sum = 90;
byte *ptr = (byte *)hdr;
for(int i = 1; i < 16; i++)
sum += ptr[i];
return sum;
}
static void extract_section(int data_sec, char name[5], byte *buf, int size, const char *indent)
{
char filename[PREFIX_SIZE + 16];
@ -308,62 +275,77 @@ static void extract_section(int data_sec, char name[5], byte *buf, int size, con
while(pos < size)
{
struct sb_instruction_header_t *hdr = (struct sb_instruction_header_t *)&buf[pos];
if(SB_INST_OP(hdr->inst) == SB_INST_LOAD)
printf("%s", indent);
uint8_t checksum = instruction_checksum(hdr);
if(checksum != hdr->checksum)
{
color(GREY);
printf("[Bad checksum]");
}
if(hdr->opcode == SB_INST_LOAD)
{
struct sb_instruction_load_t *load = (struct sb_instruction_load_t *)&buf[pos];
color(RED);
printf("%sLOAD", indent);
printf("LOAD");
color(OFF);printf(" | ");
color(BLUE);
printf("addr=%#08x", load->addr);
printf("addr=0x%08x", load->addr);
color(OFF);printf(" | ");
color(GREEN);
printf("len=%#08x", load->len);
printf("len=0x%08x", load->len);
color(OFF);printf(" | ");
color(YELLOW);
printf("crc=%#08x\n", load->crc);
color(OFF);
printf("crc=0x%08x", load->crc);
/* data is padded to 16-byte boundary with random data and crc'ed with it */
uint32_t computed_crc = crc(&buf[pos + sizeof(struct sb_instruction_load_t)],
ROUND_UP(load->len, 16));
color(RED);
if(load->crc == computed_crc)
printf(" Ok\n");
else
printf(" Failed (crc=0x%08x)\n", computed_crc);
pos += load->len + sizeof(struct sb_instruction_load_t);
// unsure about rounding
pos = ROUND_UP(pos, 16);
}
else if(SB_INST_OP(hdr->inst) == SB_INST_FILL)
else if(hdr->opcode == SB_INST_FILL)
{
struct sb_instruction_fill_t *fill = (struct sb_instruction_fill_t *)&buf[pos];
color(RED);
printf("%sFILL", indent);
printf("FILL");
color(OFF);printf(" | ");
color(BLUE);
printf("addr=%#08x", fill->addr);
printf("addr=0x%08x", fill->addr);
color(OFF);printf(" | ");
color(GREEN);
printf("len=%#08x", fill->len);
printf("len=0x%08x", fill->len);
color(OFF);printf(" | ");
color(YELLOW);
printf("pattern=%#08x\n", fill->pattern);
printf("pattern=0x%08x\n", fill->pattern);
color(OFF);
pos += sizeof(struct sb_instruction_fill_t);
// fixme: useless as pos is a multiple of 16 and fill struct is 4-bytes wide ?
pos = ROUND_UP(pos, 16);
}
else if(SB_INST_OP(hdr->inst) == SB_INST_CALL ||
SB_INST_OP(hdr->inst) == SB_INST_JUMP)
else if(hdr->opcode == SB_INST_CALL ||
hdr->opcode == SB_INST_JUMP)
{
int is_call = (SB_INST_OP(hdr->inst) == SB_INST_CALL);
int is_call = (hdr->opcode == SB_INST_CALL);
struct sb_instruction_call_t *call = (struct sb_instruction_call_t *)&buf[pos];
color(RED);
if(is_call)
printf("%sCALL", indent);
printf("CALL");
else
printf("%sJUMP", indent);
printf("JUMP");
color(OFF);printf(" | ");
color(BLUE);
printf("addr=%#08x", call->addr);
printf("addr=0x%08x", call->addr);
color(OFF);printf(" | ");
color(GREEN);
printf("arg=%#08x\n", call->arg);
printf("arg=0x%08x\n", call->arg);
color(OFF);
pos += sizeof(struct sb_instruction_call_t);
@ -373,7 +355,7 @@ static void extract_section(int data_sec, char name[5], byte *buf, int size, con
else
{
color(RED);
printf("Unknown instruction %d at address %#08lx\n", SB_INST_OP(hdr->inst), (unsigned long)pos);
printf("Unknown instruction %d at address 0x%08lx\n", hdr->opcode, (unsigned long)pos);
break;
}
}
@ -381,12 +363,27 @@ static void extract_section(int data_sec, char name[5], byte *buf, int size, con
static void extract(unsigned long filesize)
{
struct sha_1_params_t sha_1_params;
/* Basic header info */
color(BLUE);
printf("Basic info:\n");
color(GREEN);
printf("\tHeader SHA-1: ");
printhex(0, 20);
byte *hdr_sha1 = &buf[0];
color(YELLOW);
print_sha1(hdr_sha1);
/* Check SHA1 sum */
byte computed_sha1[20];
sha_1_init(&sha_1_params);
sha_1_update(&sha_1_params, &buf[0x14], 0x4C);
sha_1_finish(&sha_1_params);
sha_1_output(&sha_1_params, computed_sha1);
color(RED);
if(memcmp(hdr_sha1, computed_sha1, 20) == 0)
printf(" Ok\n");
else
printf(" Failed\n");
color(GREEN);
printf("\tFlags: ");
printhex(0x18, 4);
printf("\tTotal file size : %ld\n", filesize);
@ -448,6 +445,7 @@ static void extract(unsigned long filesize)
/* copy the cbc mac */
byte hdr_cbc_mac[16];
memcpy(hdr_cbc_mac, &buf[0x60 + 16 * num_chunks + 32 * i], 16);
color(YELLOW);
print_key(hdr_cbc_mac);
/* check it */
byte computed_cbc_mac[16];
@ -464,14 +462,17 @@ static void extract(unsigned long filesize)
printf("\t\tEncrypted key : ");
byte (*encrypted_key)[16];
encrypted_key = (key_array_t)&buf[0x60 + 16 * num_chunks + 32 * i + 16];
color(YELLOW);
print_key(*encrypted_key);
printf("\n");
color(GREEN);
/* decrypt */
byte decrypted_key[16];
byte iv[16];
memcpy(iv, buf, 16); /* uses the first 16-bytes of SHA-1 sig as IV */
cbc_mac(*encrypted_key, decrypted_key, 1, keys[i], iv, NULL, 0);
printf("\t\tDecrypted key : ");
color(YELLOW);
print_key(decrypted_key);
/* cross-check or copy */
if(i == 0)
@ -532,11 +533,32 @@ static void extract(unsigned long filesize)
/* final signature */
color(BLUE);
printf("Final signature:\n\t");
printf("Final signature:\n");
color(GREEN);
printf("\tEncrypted signature:\n");
color(YELLOW);
printf("\t\t");
printhex(filesize - 32, 16);
printf("\t");
printf("\t\t");
printhex(filesize - 16, 16);
/* decrypt it */
byte *encrypted_block = &buf[filesize - 32];
byte decrypted_block[32];
cbc_mac(encrypted_block, decrypted_block, 2, real_key, buf, NULL, 0);
color(GREEN);
printf("\tDecrypted SHA-1:\n\t\t");
color(YELLOW);
print_sha1(decrypted_block);
/* check it */
sha_1_init(&sha_1_params);
sha_1_update(&sha_1_params, buf, filesize - 32);
sha_1_finish(&sha_1_params);
sha_1_output(&sha_1_params, computed_sha1);
color(RED);
if(memcmp(decrypted_block, computed_sha1, 20) == 0)
printf(" Ok\n");
else
printf(" Failed\n");
}
int main(int argc, const char **argv)

150
utils/sbinfo/sha1.c Normal file
View file

@ -0,0 +1,150 @@
/***************************************************************************
* __________ __ ___.
* Open \______ \ ____ ____ | | _\_ |__ _______ ___
* Source | _// _ \_/ ___\| |/ /| __ \ / _ \ \/ /
* Jukebox | | ( <_> ) \___| < | \_\ ( <_> > < <
* Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \
* \/ \/ \/ \/ \/
* $Id$
*
* Copyright (C) 2010 Amaury Pouly
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
****************************************************************************/
/* Based on http://en.wikipedia.org/wiki/SHA-1 */
#include "crypto.h"
static uint32_t rot_left(uint32_t val, int rot)
{
return (val << rot) | (val >> (32 - rot));
}
static inline void byte_swapxx(byte *ptr, int size)
{
for(int i = 0; i < size / 2; i++)
{
byte c = ptr[i];
ptr[i] = ptr[size - i - 1];
ptr[size - i - 1] = c;
}
}
static void byte_swap32(uint32_t *v)
{
byte_swapxx((byte *)v, 4);
}
void sha_1_init(struct sha_1_params_t *params)
{
params->hash[0] = 0x67452301;
params->hash[1] = 0xEFCDAB89;
params->hash[2] = 0x98BADCFE;
params->hash[3] = 0x10325476;
params->hash[4] = 0xC3D2E1F0;
params->buffer_nr_bits = 0;
}
void sha_1_update(struct sha_1_params_t *params, byte *buffer, int size)
{
int buffer_nr_bytes = (params->buffer_nr_bits / 8) % 64;
params->buffer_nr_bits += 8 * size;
int pos = 0;
if(buffer_nr_bytes + size >= 64)
{
pos = 64 - buffer_nr_bytes;
memcpy((byte *)(params->w) + buffer_nr_bytes, buffer, 64 - buffer_nr_bytes);
sha_1_block(params, params->hash, (byte *)params->w);
for(; pos + 64 <= size; pos += 64)
sha_1_block(params, params->hash, buffer + pos);
buffer_nr_bytes = 0;
}
memcpy((byte *)(params->w) + buffer_nr_bytes, buffer + pos, size - pos);
}
void sha_1_finish(struct sha_1_params_t *params)
{
/* length (in bits) in big endian BEFORE preprocessing */
byte length_big_endian[8];
memcpy(length_big_endian, &params->buffer_nr_bits, 8);
byte_swapxx(length_big_endian, 8);
/* append '1' and then '0's to the message to get 448 bit length for the last block */
byte b = 0x80;
sha_1_update(params, &b, 1);
b = 0;
while((params->buffer_nr_bits % 512) != 448)
sha_1_update(params, &b, 1);
/* append length */
sha_1_update(params, length_big_endian, 8);
/* go back to big endian */
for(int i = 0; i < 5; i++)
byte_swap32(&params->hash[i]);
}
void sha_1_output(struct sha_1_params_t *params, byte *out)
{
memcpy(out, params->hash, 20);
}
void sha_1_block(struct sha_1_params_t *params, uint32_t cur_hash[5], byte *data)
{
uint32_t a, b, c, d, e;
a = cur_hash[0];
b = cur_hash[1];
c = cur_hash[2];
d = cur_hash[3];
e = cur_hash[4];
#define w params->w
memcpy(w, data, 64);
for(int i = 0; i < 16; i++)
byte_swap32(&w[i]);
for(int i = 16; i <= 79; i++)
w[i] = rot_left(w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16], 1);
for(int i = 0; i<= 79; i++)
{
uint32_t f, k;
if(i <= 19)
{
f = (b & c) | ((~b) & d);
k = 0x5A827999;
}
else if(i <= 39)
{
f = b ^ c ^ d;
k = 0x6ED9EBA1;
}
else if(i <= 59)
{
f = (b & c) | (b & d) | (c & d);
k = 0x8F1BBCDC;
}
else
{
f = b ^ c ^ d;
k = 0xCA62C1D6;
}
uint32_t temp = rot_left(a, 5) + f + e + k + w[i];
e = d;
d = c;
c = rot_left(b, 30);
b = a;
a = temp;
}
#undef w
cur_hash[0] += a;
cur_hash[1] += b;
cur_hash[2] += c;
cur_hash[3] += d;
cur_hash[4] += e;
}