Cradicle Explorer
bitcoin
/ src / crypto / sha1.cpp
sha1.cpp
  1  // Copyright (c) 2014-present The Bitcoin Core developers
  2  // Distributed under the MIT software license, see the accompanying
  3  // file COPYING or http://www.opensource.org/licenses/mit-license.php.
  4  
  5  #include <crypto/sha1.h>
  6  
  7  #include <crypto/common.h>
  8  
  9  #include <cstring>
 10  
 11  // Internal implementation code.
 12  namespace
 13  {
 14  /// Internal SHA-1 implementation.
 15  namespace sha1
 16  {
 17  /** One round of SHA-1. */
 18  void inline Round(uint32_t a, uint32_t& b, uint32_t c, uint32_t d, uint32_t& e, uint32_t f, uint32_t k, uint32_t w)
 19  {
 20      e += ((a << 5) | (a >> 27)) + f + k + w;
 21      b = (b << 30) | (b >> 2);
 22  }
 23  
 24  uint32_t inline f1(uint32_t b, uint32_t c, uint32_t d) { return d ^ (b & (c ^ d)); }
 25  uint32_t inline f2(uint32_t b, uint32_t c, uint32_t d) { return b ^ c ^ d; }
 26  uint32_t inline f3(uint32_t b, uint32_t c, uint32_t d) { return (b & c) | (d & (b | c)); }
 27  
 28  uint32_t inline left(uint32_t x) { return (x << 1) | (x >> 31); }
 29  
 30  /** Initialize SHA-1 state. */
 31  void inline Initialize(uint32_t* s)
 32  {
 33      s[0] = 0x67452301ul;
 34      s[1] = 0xEFCDAB89ul;
 35      s[2] = 0x98BADCFEul;
 36      s[3] = 0x10325476ul;
 37      s[4] = 0xC3D2E1F0ul;
 38  }
 39  
 40  const uint32_t k1 = 0x5A827999ul;
 41  const uint32_t k2 = 0x6ED9EBA1ul;
 42  const uint32_t k3 = 0x8F1BBCDCul;
 43  const uint32_t k4 = 0xCA62C1D6ul;
 44  
 45  /** Perform a SHA-1 transformation, processing a 64-byte chunk. */
 46  void Transform(uint32_t* s, const unsigned char* chunk)
 47  {
 48      uint32_t a = s[0], b = s[1], c = s[2], d = s[3], e = s[4];
 49      uint32_t w0, w1, w2, w3, w4, w5, w6, w7, w8, w9, w10, w11, w12, w13, w14, w15;
 50  
 51      Round(a, b, c, d, e, f1(b, c, d), k1, w0 = ReadBE32(chunk + 0));
 52      Round(e, a, b, c, d, f1(a, b, c), k1, w1 = ReadBE32(chunk + 4));
 53      Round(d, e, a, b, c, f1(e, a, b), k1, w2 = ReadBE32(chunk + 8));
 54      Round(c, d, e, a, b, f1(d, e, a), k1, w3 = ReadBE32(chunk + 12));
 55      Round(b, c, d, e, a, f1(c, d, e), k1, w4 = ReadBE32(chunk + 16));
 56      Round(a, b, c, d, e, f1(b, c, d), k1, w5 = ReadBE32(chunk + 20));
 57      Round(e, a, b, c, d, f1(a, b, c), k1, w6 = ReadBE32(chunk + 24));
 58      Round(d, e, a, b, c, f1(e, a, b), k1, w7 = ReadBE32(chunk + 28));
 59      Round(c, d, e, a, b, f1(d, e, a), k1, w8 = ReadBE32(chunk + 32));
 60      Round(b, c, d, e, a, f1(c, d, e), k1, w9 = ReadBE32(chunk + 36));
 61      Round(a, b, c, d, e, f1(b, c, d), k1, w10 = ReadBE32(chunk + 40));
 62      Round(e, a, b, c, d, f1(a, b, c), k1, w11 = ReadBE32(chunk + 44));
 63      Round(d, e, a, b, c, f1(e, a, b), k1, w12 = ReadBE32(chunk + 48));
 64      Round(c, d, e, a, b, f1(d, e, a), k1, w13 = ReadBE32(chunk + 52));
 65      Round(b, c, d, e, a, f1(c, d, e), k1, w14 = ReadBE32(chunk + 56));
 66      Round(a, b, c, d, e, f1(b, c, d), k1, w15 = ReadBE32(chunk + 60));
 67  
 68      Round(e, a, b, c, d, f1(a, b, c), k1, w0 = left(w0 ^ w13 ^ w8 ^ w2));
 69      Round(d, e, a, b, c, f1(e, a, b), k1, w1 = left(w1 ^ w14 ^ w9 ^ w3));
 70      Round(c, d, e, a, b, f1(d, e, a), k1, w2 = left(w2 ^ w15 ^ w10 ^ w4));
 71      Round(b, c, d, e, a, f1(c, d, e), k1, w3 = left(w3 ^ w0 ^ w11 ^ w5));
 72      Round(a, b, c, d, e, f2(b, c, d), k2, w4 = left(w4 ^ w1 ^ w12 ^ w6));
 73      Round(e, a, b, c, d, f2(a, b, c), k2, w5 = left(w5 ^ w2 ^ w13 ^ w7));
 74      Round(d, e, a, b, c, f2(e, a, b), k2, w6 = left(w6 ^ w3 ^ w14 ^ w8));
 75      Round(c, d, e, a, b, f2(d, e, a), k2, w7 = left(w7 ^ w4 ^ w15 ^ w9));
 76      Round(b, c, d, e, a, f2(c, d, e), k2, w8 = left(w8 ^ w5 ^ w0 ^ w10));
 77      Round(a, b, c, d, e, f2(b, c, d), k2, w9 = left(w9 ^ w6 ^ w1 ^ w11));
 78      Round(e, a, b, c, d, f2(a, b, c), k2, w10 = left(w10 ^ w7 ^ w2 ^ w12));
 79      Round(d, e, a, b, c, f2(e, a, b), k2, w11 = left(w11 ^ w8 ^ w3 ^ w13));
 80      Round(c, d, e, a, b, f2(d, e, a), k2, w12 = left(w12 ^ w9 ^ w4 ^ w14));
 81      Round(b, c, d, e, a, f2(c, d, e), k2, w13 = left(w13 ^ w10 ^ w5 ^ w15));
 82      Round(a, b, c, d, e, f2(b, c, d), k2, w14 = left(w14 ^ w11 ^ w6 ^ w0));
 83      Round(e, a, b, c, d, f2(a, b, c), k2, w15 = left(w15 ^ w12 ^ w7 ^ w1));
 84  
 85      Round(d, e, a, b, c, f2(e, a, b), k2, w0 = left(w0 ^ w13 ^ w8 ^ w2));
 86      Round(c, d, e, a, b, f2(d, e, a), k2, w1 = left(w1 ^ w14 ^ w9 ^ w3));
 87      Round(b, c, d, e, a, f2(c, d, e), k2, w2 = left(w2 ^ w15 ^ w10 ^ w4));
 88      Round(a, b, c, d, e, f2(b, c, d), k2, w3 = left(w3 ^ w0 ^ w11 ^ w5));
 89      Round(e, a, b, c, d, f2(a, b, c), k2, w4 = left(w4 ^ w1 ^ w12 ^ w6));
 90      Round(d, e, a, b, c, f2(e, a, b), k2, w5 = left(w5 ^ w2 ^ w13 ^ w7));
 91      Round(c, d, e, a, b, f2(d, e, a), k2, w6 = left(w6 ^ w3 ^ w14 ^ w8));
 92      Round(b, c, d, e, a, f2(c, d, e), k2, w7 = left(w7 ^ w4 ^ w15 ^ w9));
 93      Round(a, b, c, d, e, f3(b, c, d), k3, w8 = left(w8 ^ w5 ^ w0 ^ w10));
 94      Round(e, a, b, c, d, f3(a, b, c), k3, w9 = left(w9 ^ w6 ^ w1 ^ w11));
 95      Round(d, e, a, b, c, f3(e, a, b), k3, w10 = left(w10 ^ w7 ^ w2 ^ w12));
 96      Round(c, d, e, a, b, f3(d, e, a), k3, w11 = left(w11 ^ w8 ^ w3 ^ w13));
 97      Round(b, c, d, e, a, f3(c, d, e), k3, w12 = left(w12 ^ w9 ^ w4 ^ w14));
 98      Round(a, b, c, d, e, f3(b, c, d), k3, w13 = left(w13 ^ w10 ^ w5 ^ w15));
 99      Round(e, a, b, c, d, f3(a, b, c), k3, w14 = left(w14 ^ w11 ^ w6 ^ w0));
100      Round(d, e, a, b, c, f3(e, a, b), k3, w15 = left(w15 ^ w12 ^ w7 ^ w1));
101  
102      Round(c, d, e, a, b, f3(d, e, a), k3, w0 = left(w0 ^ w13 ^ w8 ^ w2));
103      Round(b, c, d, e, a, f3(c, d, e), k3, w1 = left(w1 ^ w14 ^ w9 ^ w3));
104      Round(a, b, c, d, e, f3(b, c, d), k3, w2 = left(w2 ^ w15 ^ w10 ^ w4));
105      Round(e, a, b, c, d, f3(a, b, c), k3, w3 = left(w3 ^ w0 ^ w11 ^ w5));
106      Round(d, e, a, b, c, f3(e, a, b), k3, w4 = left(w4 ^ w1 ^ w12 ^ w6));
107      Round(c, d, e, a, b, f3(d, e, a), k3, w5 = left(w5 ^ w2 ^ w13 ^ w7));
108      Round(b, c, d, e, a, f3(c, d, e), k3, w6 = left(w6 ^ w3 ^ w14 ^ w8));
109      Round(a, b, c, d, e, f3(b, c, d), k3, w7 = left(w7 ^ w4 ^ w15 ^ w9));
110      Round(e, a, b, c, d, f3(a, b, c), k3, w8 = left(w8 ^ w5 ^ w0 ^ w10));
111      Round(d, e, a, b, c, f3(e, a, b), k3, w9 = left(w9 ^ w6 ^ w1 ^ w11));
112      Round(c, d, e, a, b, f3(d, e, a), k3, w10 = left(w10 ^ w7 ^ w2 ^ w12));
113      Round(b, c, d, e, a, f3(c, d, e), k3, w11 = left(w11 ^ w8 ^ w3 ^ w13));
114      Round(a, b, c, d, e, f2(b, c, d), k4, w12 = left(w12 ^ w9 ^ w4 ^ w14));
115      Round(e, a, b, c, d, f2(a, b, c), k4, w13 = left(w13 ^ w10 ^ w5 ^ w15));
116      Round(d, e, a, b, c, f2(e, a, b), k4, w14 = left(w14 ^ w11 ^ w6 ^ w0));
117      Round(c, d, e, a, b, f2(d, e, a), k4, w15 = left(w15 ^ w12 ^ w7 ^ w1));
118  
119      Round(b, c, d, e, a, f2(c, d, e), k4, w0 = left(w0 ^ w13 ^ w8 ^ w2));
120      Round(a, b, c, d, e, f2(b, c, d), k4, w1 = left(w1 ^ w14 ^ w9 ^ w3));
121      Round(e, a, b, c, d, f2(a, b, c), k4, w2 = left(w2 ^ w15 ^ w10 ^ w4));
122      Round(d, e, a, b, c, f2(e, a, b), k4, w3 = left(w3 ^ w0 ^ w11 ^ w5));
123      Round(c, d, e, a, b, f2(d, e, a), k4, w4 = left(w4 ^ w1 ^ w12 ^ w6));
124      Round(b, c, d, e, a, f2(c, d, e), k4, w5 = left(w5 ^ w2 ^ w13 ^ w7));
125      Round(a, b, c, d, e, f2(b, c, d), k4, w6 = left(w6 ^ w3 ^ w14 ^ w8));
126      Round(e, a, b, c, d, f2(a, b, c), k4, w7 = left(w7 ^ w4 ^ w15 ^ w9));
127      Round(d, e, a, b, c, f2(e, a, b), k4, w8 = left(w8 ^ w5 ^ w0 ^ w10));
128      Round(c, d, e, a, b, f2(d, e, a), k4, w9 = left(w9 ^ w6 ^ w1 ^ w11));
129      Round(b, c, d, e, a, f2(c, d, e), k4, w10 = left(w10 ^ w7 ^ w2 ^ w12));
130      Round(a, b, c, d, e, f2(b, c, d), k4, w11 = left(w11 ^ w8 ^ w3 ^ w13));
131      Round(e, a, b, c, d, f2(a, b, c), k4, w12 = left(w12 ^ w9 ^ w4 ^ w14));
132      Round(d, e, a, b, c, f2(e, a, b), k4, left(w13 ^ w10 ^ w5 ^ w15));
133      Round(c, d, e, a, b, f2(d, e, a), k4, left(w14 ^ w11 ^ w6 ^ w0));
134      Round(b, c, d, e, a, f2(c, d, e), k4, left(w15 ^ w12 ^ w7 ^ w1));
135  
136      s[0] += a;
137      s[1] += b;
138      s[2] += c;
139      s[3] += d;
140      s[4] += e;
141  }
142  
143  } // namespace sha1
144  
145  } // namespace
146  
147  ////// SHA1
148  
149  CSHA1::CSHA1()
150  {
151      sha1::Initialize(s);
152  }
153  
154  CSHA1& CSHA1::Write(const unsigned char* data, size_t len)
155  {
156      const unsigned char* end = data + len;
157      size_t bufsize = bytes % 64;
158      if (bufsize && bufsize + len >= 64) {
159          // Fill the buffer, and process it.
160          memcpy(buf + bufsize, data, 64 - bufsize);
161          bytes += 64 - bufsize;
162          data += 64 - bufsize;
163          sha1::Transform(s, buf);
164          bufsize = 0;
165      }
166      while (end - data >= 64) {
167          // Process full chunks directly from the source.
168          sha1::Transform(s, data);
169          bytes += 64;
170          data += 64;
171      }
172      if (end > data) {
173          // Fill the buffer with what remains.
174          memcpy(buf + bufsize, data, end - data);
175          bytes += end - data;
176      }
177      return *this;
178  }
179  
180  void CSHA1::Finalize(unsigned char hash[OUTPUT_SIZE])
181  {
182      static const unsigned char pad[64] = {0x80};
183      unsigned char sizedesc[8];
184      WriteBE64(sizedesc, bytes << 3);
185      Write(pad, 1 + ((119 - (bytes % 64)) % 64));
186      Write(sizedesc, 8);
187      WriteBE32(hash, s[0]);
188      WriteBE32(hash + 4, s[1]);
189      WriteBE32(hash + 8, s[2]);
190      WriteBE32(hash + 12, s[3]);
191      WriteBE32(hash + 16, s[4]);
192  }
193  
194  CSHA1& CSHA1::Reset()
195  {
196      bytes = 0;
197      sha1::Initialize(s);
198      return *this;
199  }