TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b5904d25ef38ec06f34a69a5a62b1743eddd4680 / . / library / sha1.c
blob: bf25f6d0c6601c95cdaec738e0dc902b0995a9cf [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]4 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]5 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]6 * This file is part of mbed TLS (https://tls.mbed.org)
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]7 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 */
22/*
23 * The SHA-1 standard was published by NIST in 1993.
24 *
25 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
26 */
27
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]28#if !defined(POLARSSL_CONFIG_FILE)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]29#include "mbedtls/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]30#else
31#include POLARSSL_CONFIG_FILE
32#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]33
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]34#if defined(POLARSSL_SHA1_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]35
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]36#include "mbedtls/sha1.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]37
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]38#include <string.h>
39
40#if defined(POLARSSL_FS_IO)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]41#include <stdio.h>
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]42#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]43
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]44#if defined(POLARSSL_SELF_TEST)
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]45#if defined(POLARSSL_PLATFORM_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]46#include "mbedtls/platform.h"
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]47#else
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]48#include <stdio.h>
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]49#define polarssl_printf printf
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]50#endif /* POLARSSL_PLATFORM_C */
51#endif /* POLARSSL_SELF_TEST */
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]52
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]53/* Implementation that should never be optimized out by the compiler */
54static void polarssl_zeroize( void *v, size_t n ) {
55 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
56}
57
Paul Bakker90995b52013-06-24 19:20:35 +0200[diff] [blame]58#if !defined(POLARSSL_SHA1_ALT)
59
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]60/*
61 * 32-bit integer manipulation macros (big endian)
62 */
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]63#ifndef GET_UINT32_BE
64#define GET_UINT32_BE(n,b,i) \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]65{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]66 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
67 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
68 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
69 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]70}
71#endif
72
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]73#ifndef PUT_UINT32_BE
74#define PUT_UINT32_BE(n,b,i) \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]75{ \
76 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
77 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
78 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
79 (b)[(i) + 3] = (unsigned char) ( (n) ); \
80}
81#endif
82
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]83void sha1_init( sha1_context *ctx )
84{
85 memset( ctx, 0, sizeof( sha1_context ) );
86}
87
88void sha1_free( sha1_context *ctx )
89{
90 if( ctx == NULL )
91 return;
92
93 polarssl_zeroize( ctx, sizeof( sha1_context ) );
94}
95
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]96/*
97 * SHA-1 context setup
98 */
99void sha1_starts( sha1_context *ctx )
100{
101 ctx->total[0] = 0;
102 ctx->total[1] = 0;
103
104 ctx->state[0] = 0x67452301;
105 ctx->state[1] = 0xEFCDAB89;
106 ctx->state[2] = 0x98BADCFE;
107 ctx->state[3] = 0x10325476;
108 ctx->state[4] = 0xC3D2E1F0;
109}
110
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200[diff] [blame]111#if !defined(POLARSSL_SHA1_PROCESS_ALT)
Paul Bakkere47b34b2013-02-27 14:48:00 +0100[diff] [blame]112void sha1_process( sha1_context *ctx, const unsigned char data[64] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]113{
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]114 uint32_t temp, W[16], A, B, C, D, E;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]115
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]116 GET_UINT32_BE( W[ 0], data, 0 );
117 GET_UINT32_BE( W[ 1], data, 4 );
118 GET_UINT32_BE( W[ 2], data, 8 );
119 GET_UINT32_BE( W[ 3], data, 12 );
120 GET_UINT32_BE( W[ 4], data, 16 );
121 GET_UINT32_BE( W[ 5], data, 20 );
122 GET_UINT32_BE( W[ 6], data, 24 );
123 GET_UINT32_BE( W[ 7], data, 28 );
124 GET_UINT32_BE( W[ 8], data, 32 );
125 GET_UINT32_BE( W[ 9], data, 36 );
126 GET_UINT32_BE( W[10], data, 40 );
127 GET_UINT32_BE( W[11], data, 44 );
128 GET_UINT32_BE( W[12], data, 48 );
129 GET_UINT32_BE( W[13], data, 52 );
130 GET_UINT32_BE( W[14], data, 56 );
131 GET_UINT32_BE( W[15], data, 60 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]132
133#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
134
135#define R(t) \
136( \
Paul Bakker66d5d072014-06-17 16:39:18 +0200[diff] [blame]137 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
138 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]139 ( W[t & 0x0F] = S(temp,1) ) \
140)
141
142#define P(a,b,c,d,e,x) \
143{ \
144 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
145}
146
147 A = ctx->state[0];
148 B = ctx->state[1];
149 C = ctx->state[2];
150 D = ctx->state[3];
151 E = ctx->state[4];
152
153#define F(x,y,z) (z ^ (x & (y ^ z)))
154#define K 0x5A827999
155
156 P( A, B, C, D, E, W[0] );
157 P( E, A, B, C, D, W[1] );
158 P( D, E, A, B, C, W[2] );
159 P( C, D, E, A, B, W[3] );
160 P( B, C, D, E, A, W[4] );
161 P( A, B, C, D, E, W[5] );
162 P( E, A, B, C, D, W[6] );
163 P( D, E, A, B, C, W[7] );
164 P( C, D, E, A, B, W[8] );
165 P( B, C, D, E, A, W[9] );
166 P( A, B, C, D, E, W[10] );
167 P( E, A, B, C, D, W[11] );
168 P( D, E, A, B, C, W[12] );
169 P( C, D, E, A, B, W[13] );
170 P( B, C, D, E, A, W[14] );
171 P( A, B, C, D, E, W[15] );
172 P( E, A, B, C, D, R(16) );
173 P( D, E, A, B, C, R(17) );
174 P( C, D, E, A, B, R(18) );
175 P( B, C, D, E, A, R(19) );
176
177#undef K
178#undef F
179
180#define F(x,y,z) (x ^ y ^ z)
181#define K 0x6ED9EBA1
182
183 P( A, B, C, D, E, R(20) );
184 P( E, A, B, C, D, R(21) );
185 P( D, E, A, B, C, R(22) );
186 P( C, D, E, A, B, R(23) );
187 P( B, C, D, E, A, R(24) );
188 P( A, B, C, D, E, R(25) );
189 P( E, A, B, C, D, R(26) );
190 P( D, E, A, B, C, R(27) );
191 P( C, D, E, A, B, R(28) );
192 P( B, C, D, E, A, R(29) );
193 P( A, B, C, D, E, R(30) );
194 P( E, A, B, C, D, R(31) );
195 P( D, E, A, B, C, R(32) );
196 P( C, D, E, A, B, R(33) );
197 P( B, C, D, E, A, R(34) );
198 P( A, B, C, D, E, R(35) );
199 P( E, A, B, C, D, R(36) );
200 P( D, E, A, B, C, R(37) );
201 P( C, D, E, A, B, R(38) );
202 P( B, C, D, E, A, R(39) );
203
204#undef K
205#undef F
206
207#define F(x,y,z) ((x & y) | (z & (x | y)))
208#define K 0x8F1BBCDC
209
210 P( A, B, C, D, E, R(40) );
211 P( E, A, B, C, D, R(41) );
212 P( D, E, A, B, C, R(42) );
213 P( C, D, E, A, B, R(43) );
214 P( B, C, D, E, A, R(44) );
215 P( A, B, C, D, E, R(45) );
216 P( E, A, B, C, D, R(46) );
217 P( D, E, A, B, C, R(47) );
218 P( C, D, E, A, B, R(48) );
219 P( B, C, D, E, A, R(49) );
220 P( A, B, C, D, E, R(50) );
221 P( E, A, B, C, D, R(51) );
222 P( D, E, A, B, C, R(52) );
223 P( C, D, E, A, B, R(53) );
224 P( B, C, D, E, A, R(54) );
225 P( A, B, C, D, E, R(55) );
226 P( E, A, B, C, D, R(56) );
227 P( D, E, A, B, C, R(57) );
228 P( C, D, E, A, B, R(58) );
229 P( B, C, D, E, A, R(59) );
230
231#undef K
232#undef F
233
234#define F(x,y,z) (x ^ y ^ z)
235#define K 0xCA62C1D6
236
237 P( A, B, C, D, E, R(60) );
238 P( E, A, B, C, D, R(61) );
239 P( D, E, A, B, C, R(62) );
240 P( C, D, E, A, B, R(63) );
241 P( B, C, D, E, A, R(64) );
242 P( A, B, C, D, E, R(65) );
243 P( E, A, B, C, D, R(66) );
244 P( D, E, A, B, C, R(67) );
245 P( C, D, E, A, B, R(68) );
246 P( B, C, D, E, A, R(69) );
247 P( A, B, C, D, E, R(70) );
248 P( E, A, B, C, D, R(71) );
249 P( D, E, A, B, C, R(72) );
250 P( C, D, E, A, B, R(73) );
251 P( B, C, D, E, A, R(74) );
252 P( A, B, C, D, E, R(75) );
253 P( E, A, B, C, D, R(76) );
254 P( D, E, A, B, C, R(77) );
255 P( C, D, E, A, B, R(78) );
256 P( B, C, D, E, A, R(79) );
257
258#undef K
259#undef F
260
261 ctx->state[0] += A;
262 ctx->state[1] += B;
263 ctx->state[2] += C;
264 ctx->state[3] += D;
265 ctx->state[4] += E;
266}
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200[diff] [blame]267#endif /* !POLARSSL_SHA1_PROCESS_ALT */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]268
269/*
270 * SHA-1 process buffer
271 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]272void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]273{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]274 size_t fill;
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]275 uint32_t left;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]276
Brian White12895d12014-04-11 11:29:42 -0400[diff] [blame]277 if( ilen == 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]278 return;
279
280 left = ctx->total[0] & 0x3F;
281 fill = 64 - left;
282
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]283 ctx->total[0] += (uint32_t) ilen;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]284 ctx->total[0] &= 0xFFFFFFFF;
285
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]286 if( ctx->total[0] < (uint32_t) ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]287 ctx->total[1]++;
288
289 if( left && ilen >= fill )
290 {
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]291 memcpy( (void *) (ctx->buffer + left), input, fill );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]292 sha1_process( ctx, ctx->buffer );
293 input += fill;
294 ilen -= fill;
295 left = 0;
296 }
297
298 while( ilen >= 64 )
299 {
300 sha1_process( ctx, input );
301 input += 64;
302 ilen -= 64;
303 }
304
305 if( ilen > 0 )
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]306 memcpy( (void *) (ctx->buffer + left), input, ilen );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]307}
308
309static const unsigned char sha1_padding[64] =
310{
311 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
312 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
313 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
314 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
315};
316
317/*
318 * SHA-1 final digest
319 */
320void sha1_finish( sha1_context *ctx, unsigned char output[20] )
321{
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]322 uint32_t last, padn;
323 uint32_t high, low;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]324 unsigned char msglen[8];
325
326 high = ( ctx->total[0] >> 29 )
327 | ( ctx->total[1] << 3 );
328 low = ( ctx->total[0] << 3 );
329
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]330 PUT_UINT32_BE( high, msglen, 0 );
331 PUT_UINT32_BE( low, msglen, 4 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]332
333 last = ctx->total[0] & 0x3F;
334 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
335
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]336 sha1_update( ctx, sha1_padding, padn );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]337 sha1_update( ctx, msglen, 8 );
338
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]339 PUT_UINT32_BE( ctx->state[0], output, 0 );
340 PUT_UINT32_BE( ctx->state[1], output, 4 );
341 PUT_UINT32_BE( ctx->state[2], output, 8 );
342 PUT_UINT32_BE( ctx->state[3], output, 12 );
343 PUT_UINT32_BE( ctx->state[4], output, 16 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]344}
345
Paul Bakker90995b52013-06-24 19:20:35 +0200[diff] [blame]346#endif /* !POLARSSL_SHA1_ALT */
347
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]348/*
349 * output = SHA-1( input buffer )
350 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]351void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]352{
353 sha1_context ctx;
354
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]355 sha1_init( &ctx );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]356 sha1_starts( &ctx );
357 sha1_update( &ctx, input, ilen );
358 sha1_finish( &ctx, output );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]359 sha1_free( &ctx );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]360}
361
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]362#if defined(POLARSSL_FS_IO)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]363/*
364 * output = SHA-1( file contents )
365 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]366int sha1_file( const char *path, unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]367{
368 FILE *f;
369 size_t n;
370 sha1_context ctx;
371 unsigned char buf[1024];
372
373 if( ( f = fopen( path, "rb" ) ) == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]374 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]375
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]376 sha1_init( &ctx );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]377 sha1_starts( &ctx );
378
379 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]380 sha1_update( &ctx, buf, n );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]381
382 sha1_finish( &ctx, output );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]383 sha1_free( &ctx );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]384
385 if( ferror( f ) != 0 )
386 {
387 fclose( f );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]388 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]389 }
390
391 fclose( f );
392 return( 0 );
393}
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]394#endif /* POLARSSL_FS_IO */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]395
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]396#if defined(POLARSSL_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]397/*
398 * FIPS-180-1 test vectors
399 */
Manuel Pégourié-Gonnard28122e42015-03-11 09:13:42 +0000[diff] [blame]400static const unsigned char sha1_test_buf[3][57] =
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]401{
402 { "abc" },
403 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
404 { "" }
405};
406
407static const int sha1_test_buflen[3] =
408{
409 3, 56, 1000
410};
411
412static const unsigned char sha1_test_sum[3][20] =
413{
414 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
415 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
416 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
417 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
418 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
419 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
420};
421
422/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]423 * Checkup routine
424 */
425int sha1_self_test( int verbose )
426{
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]427 int i, j, buflen, ret = 0;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]428 unsigned char buf[1024];
429 unsigned char sha1sum[20];
430 sha1_context ctx;
431
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]432 sha1_init( &ctx );
433
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]434 /*
435 * SHA-1
436 */
437 for( i = 0; i < 3; i++ )
438 {
439 if( verbose != 0 )
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]440 polarssl_printf( " SHA-1 test #%d: ", i + 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]441
442 sha1_starts( &ctx );
443
444 if( i == 2 )
445 {
446 memset( buf, 'a', buflen = 1000 );
447
448 for( j = 0; j < 1000; j++ )
449 sha1_update( &ctx, buf, buflen );
450 }
451 else
452 sha1_update( &ctx, sha1_test_buf[i],
453 sha1_test_buflen[i] );
454
455 sha1_finish( &ctx, sha1sum );
456
457 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
458 {
459 if( verbose != 0 )
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]460 polarssl_printf( "failed\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]461
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]462 ret = 1;
463 goto exit;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]464 }
465
466 if( verbose != 0 )
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]467 polarssl_printf( "passed\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]468 }
469
470 if( verbose != 0 )
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]471 polarssl_printf( "\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]472
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]473exit:
474 sha1_free( &ctx );
475
476 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]477}
478
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]479#endif /* POLARSSL_SELF_TEST */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]480
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]481#endif /* POLARSSL_SHA1_C */