首頁 探索 說明
登入
kindring
/
libpeer
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
分支: master
分支列表 標籤列表
libpeer
/
third_party
/
usrsctp
/
usrsctplib
/
netinet
/
sctp_sha1.c

sctp_sha1.c 10 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347 
  1. /*-
    2. 

  2.  * SPDX-License-Identifier: BSD-3-Clause
    3. 

  3.  *
    4. 

  4.  * Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved.
    5. 

  5.  * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved.
    6. 

  6.  * Copyright (c) 2008-2013, by Michael Tuexen. All rights reserved.
    7. 

  7.  * Copyright (c) 2013,      by Lally Singh. All rights reserved.
    8. 

  8.  *
    9. 

  9.  * Redistribution and use in source and binary forms, with or without
    10. 

  10.  * modification, are permitted provided that the following conditions are met:
    11. 

  11.  *
    12. 

  12.  * a) Redistributions of source code must retain the above copyright notice,
    13. 

  13.  *   this list of conditions and the following disclaimer.
    14. 

  14.  *
    15. 

  15.  * b) Redistributions in binary form must reproduce the above copyright
    16. 

  16.  *    notice, this list of conditions and the following disclaimer in
    17. 

  17.  *   the documentation and/or other materials provided with the distribution.
    18. 

  18.  *
    19. 

  19.  * c) Neither the name of Cisco Systems, Inc. nor the names of its
    20. 

  20.  *    contributors may be used to endorse or promote products derived
    21. 

  21.  *    from this software without specific prior written permission.
    22. 

  22.  *
    23. 

  23.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    24. 

  24.  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    25. 

  25.  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    26. 

  26.  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
    27. 

  27.  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
    28. 

  28.  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
    29. 

  29.  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    30. 

  30.  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
    31. 

  31.  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    32. 

  32.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
    33. 

  33.  * THE POSSIBILITY OF SUCH DAMAGE.
    34. 

  34.  */
    35. 

  35. 

  36. #include <netinet/sctp_sha1.h>
    37. 

  37. 

  38. #if defined(SCTP_USE_NSS_SHA1)
    39. 

  39. /* A SHA-1 Digest is 160 bits, or 20 bytes */
    40. 

  40. #define SHA_DIGEST_LENGTH (20)
    41. 

  41. 

  42. void
    43. 

  43. sctp_sha1_init(struct sctp_sha1_context *ctx)
    44. 

  44. {
    45. 

  45. 	ctx->pk11_ctx = PK11_CreateDigestContext(SEC_OID_SHA1);
    46. 

  46. 	PK11_DigestBegin(ctx->pk11_ctx);
    47. 

  47. }
    48. 

  48. 

  49. void
    50. 

  50. sctp_sha1_update(struct sctp_sha1_context *ctx, const unsigned char *ptr, unsigned int siz)
    51. 

  51. {
    52. 

  52. 	PK11_DigestOp(ctx->pk11_ctx, ptr, siz);
    53. 

  53. }
    54. 

  54. 

  55. void
    56. 

  56. sctp_sha1_final(unsigned char *digest, struct sctp_sha1_context *ctx)
    57. 

  57. {
    58. 

  58. 	unsigned int output_len = 0;
    59. 

  59. 

  60. 	PK11_DigestFinal(ctx->pk11_ctx, digest, &output_len, SHA_DIGEST_LENGTH);
    61. 

  61. 	PK11_DestroyContext(ctx->pk11_ctx, PR_TRUE);
    62. 

  62. }
    63. 

  63. 

  64. #elif defined(SCTP_USE_OPENSSL_SHA1)
    65. 

  65. 

  66. void
    67. 

  67. sctp_sha1_init(struct sctp_sha1_context *ctx)
    68. 

  68. {
    69. 

  69. 	SHA1_Init(&ctx->sha_ctx);
    70. 

  70. }
    71. 

  71. 

  72. void
    73. 

  73. sctp_sha1_update(struct sctp_sha1_context *ctx, const unsigned char *ptr, unsigned int siz)
    74. 

  74. {
    75. 

  75. 	SHA1_Update(&ctx->sha_ctx, ptr, (unsigned long)siz);
    76. 

  76. }
    77. 

  77. 

  78. void
    79. 

  79. sctp_sha1_final(unsigned char *digest, struct sctp_sha1_context *ctx)
    80. 

  80. {
    81. 

  81. 	SHA1_Final(digest, &ctx->sha_ctx);
    82. 

  82. }
    83. 

  83. #elif defined(SCTP_USE_MBEDTLS_SHA1)
    84. 

  84. void
    85. 

  85. sctp_sha1_init(struct sctp_sha1_context *ctx)
    86. 

  86. {
    87. 

  87. 	mbedtls_sha1_init(&ctx->sha1_ctx);
    88. 

  88. 	mbedtls_sha1_starts_ret(&ctx->sha1_ctx);
    89. 

  89. }
    90. 

  90. 

  91. void
    92. 

  92. sctp_sha1_update(struct sctp_sha1_context *ctx, const unsigned char *ptr, unsigned int siz)
    93. 

  93. {
    94. 

  94. 	mbedtls_sha1_update_ret(&ctx->sha1_ctx, ptr, siz);
    95. 

  95. }
    96. 

  96. 

  97. void
    98. 

  98. sctp_sha1_final(unsigned char *digest, struct sctp_sha1_context *ctx)
    99. 

  99. {
    100. 

  100. 	mbedtls_sha1_finish_ret(&ctx->sha1_ctx, digest);
    101. 

  101. }
    102. 

  102. #else
    103. 

  103. 

  104. #include <string.h>
    105. 

  105. #if defined(_WIN32) && defined(__Userspace__)
    106. 

  106. #include <winsock2.h>
    107. 

  107. #elif !(defined(_WIN32) && !defined(__Userspace__))
    108. 

  108. #include <arpa/inet.h>
    109. 

  109. #endif
    110. 

  110. 

  111. #define F1(B,C,D) (((B & C) | ((~B) & D)))	/* 0  <= t <= 19 */
    112. 

  112. #define F2(B,C,D) (B ^ C ^ D)	/* 20 <= t <= 39 */
    113. 

  113. #define F3(B,C,D) ((B & C) | (B & D) | (C & D))	/* 40 <= t <= 59 */
    114. 

  114. #define F4(B,C,D) (B ^ C ^ D)	/* 600 <= t <= 79 */
    115. 

  115. 

  116. /* circular shift */
    117. 

  117. #define CSHIFT(A,B) ((B << A) | (B >> (32-A)))
    118. 

  118. 

  119. #define K1 0x5a827999		/* 0  <= t <= 19 */
    120. 

  120. #define K2 0x6ed9eba1		/* 20 <= t <= 39 */
    121. 

  121. #define K3 0x8f1bbcdc		/* 40 <= t <= 59 */
    122. 

  122. #define K4 0xca62c1d6		/* 60 <= t <= 79 */
    123. 

  123. 

  124. #define H0INIT 0x67452301
    125. 

  125. #define H1INIT 0xefcdab89
    126. 

  126. #define H2INIT 0x98badcfe
    127. 

  127. #define H3INIT 0x10325476
    128. 

  128. #define H4INIT 0xc3d2e1f0
    129. 

  129. 

  130. void
    131. 

  131. sctp_sha1_init(struct sctp_sha1_context *ctx)
    132. 

  132. {
    133. 

  133. 	/* Init the SHA-1 context structure */
    134. 

  134. 	ctx->A = 0;
    135. 

  135. 	ctx->B = 0;
    136. 

  136. 	ctx->C = 0;
    137. 

  137. 	ctx->D = 0;
    138. 

  138. 	ctx->E = 0;
    139. 

  139. 	ctx->H0 = H0INIT;
    140. 

  140. 	ctx->H1 = H1INIT;
    141. 

  141. 	ctx->H2 = H2INIT;
    142. 

  142. 	ctx->H3 = H3INIT;
    143. 

  143. 	ctx->H4 = H4INIT;
    144. 

  144. 	ctx->TEMP = 0;
    145. 

  145. 	memset(ctx->words, 0, sizeof(ctx->words));
    146. 

  146. 	ctx->how_many_in_block = 0;
    147. 

  147. 	ctx->running_total = 0;
    148. 

  148. }
    149. 

  149. 

  150. static void
    151. 

  151. sctp_sha1_process_a_block(struct sctp_sha1_context *ctx, unsigned int *block)
    152. 

  152. {
    153. 

  153. 	int i;
    154. 

  154. 

  155. 	/* init the W0-W15 to the block of words being hashed. */
    156. 

  156. 	/* step a) */
    157. 

  157. 	for (i = 0; i < 16; i++) {
    158. 

  158. 		ctx->words[i] = ntohl(block[i]);
    159. 

  159. 	}
    160. 

  160. 	/* now init the rest based on the SHA-1 formula, step b) */
    161. 

  161. 	for (i = 16; i < 80; i++) {
    162. 

  162. 		ctx->words[i] = CSHIFT(1, ((ctx->words[(i - 3)]) ^
    163. 

  163. 		    (ctx->words[(i - 8)]) ^
    164. 

  164. 		    (ctx->words[(i - 14)]) ^
    165. 

  165. 		    (ctx->words[(i - 16)])));
    166. 

  166. 	}
    167. 

  167. 	/* step c) */
    168. 

  168. 	ctx->A = ctx->H0;
    169. 

  169. 	ctx->B = ctx->H1;
    170. 

  170. 	ctx->C = ctx->H2;
    171. 

  171. 	ctx->D = ctx->H3;
    172. 

  172. 	ctx->E = ctx->H4;
    173. 

  173. 

  174. 	/* step d) */
    175. 

  175. 	for (i = 0; i < 80; i++) {
    176. 

  176. 		if (i < 20) {
    177. 

  177. 			ctx->TEMP = ((CSHIFT(5, ctx->A)) +
    178. 

  178. 			    (F1(ctx->B, ctx->C, ctx->D)) +
    179. 

  179. 			    (ctx->E) +
    180. 

  180. 			    ctx->words[i] +
    181. 

  181. 			    K1);
    182. 

  182. 		} else if (i < 40) {
    183. 

  183. 			ctx->TEMP = ((CSHIFT(5, ctx->A)) +
    184. 

  184. 			    (F2(ctx->B, ctx->C, ctx->D)) +
    185. 

  185. 			    (ctx->E) +
    186. 

  186. 			    (ctx->words[i]) +
    187. 

  187. 			    K2);
    188. 

  188. 		} else if (i < 60) {
    189. 

  189. 			ctx->TEMP = ((CSHIFT(5, ctx->A)) +
    190. 

  190. 			    (F3(ctx->B, ctx->C, ctx->D)) +
    191. 

  191. 			    (ctx->E) +
    192. 

  192. 			    (ctx->words[i]) +
    193. 

  193. 			    K3);
    194. 

  194. 		} else {
    195. 

  195. 			ctx->TEMP = ((CSHIFT(5, ctx->A)) +
    196. 

  196. 			    (F4(ctx->B, ctx->C, ctx->D)) +
    197. 

  197. 			    (ctx->E) +
    198. 

  198. 			    (ctx->words[i]) +
    199. 

  199. 			    K4);
    200. 

  200. 		}
    201. 

  201. 		ctx->E = ctx->D;
    202. 

  202. 		ctx->D = ctx->C;
    203. 

  203. 		ctx->C = CSHIFT(30, ctx->B);
    204. 

  204. 		ctx->B = ctx->A;
    205. 

  205. 		ctx->A = ctx->TEMP;
    206. 

  206. 	}
    207. 

  207. 	/* step e) */
    208. 

  208. 	ctx->H0 = (ctx->H0) + (ctx->A);
    209. 

  209. 	ctx->H1 = (ctx->H1) + (ctx->B);
    210. 

  210. 	ctx->H2 = (ctx->H2) + (ctx->C);
    211. 

  211. 	ctx->H3 = (ctx->H3) + (ctx->D);
    212. 

  212. 	ctx->H4 = (ctx->H4) + (ctx->E);
    213. 

  213. }
    214. 

  214. 

  215. void
    216. 

  216. sctp_sha1_update(struct sctp_sha1_context *ctx, const unsigned char *ptr, unsigned int siz)
    217. 

  217. {
    218. 

  218. 	unsigned int number_left, left_to_fill;
    219. 

  219. 

  220. 	number_left = siz;
    221. 

  221. 	while (number_left > 0) {
    222. 

  222. 		left_to_fill = sizeof(ctx->sha_block) - ctx->how_many_in_block;
    223. 

  223. 		if (left_to_fill > number_left) {
    224. 

  224. 			/* can only partially fill up this one */
    225. 

  225. 			memcpy(&ctx->sha_block[ctx->how_many_in_block],
    226. 

  226. 			    ptr, number_left);
    227. 

  227. 			ctx->how_many_in_block += number_left;
    228. 

  228. 			ctx->running_total += number_left;
    229. 

  229. 			break;
    230. 

  230. 		} else {
    231. 

  231. 			/* block is now full, process it */
    232. 

  232. 			memcpy(&ctx->sha_block[ctx->how_many_in_block],
    233. 

  233. 			    ptr, left_to_fill);
    234. 

  234. 			sctp_sha1_process_a_block(ctx,
    235. 

  235. 			    (unsigned int *)ctx->sha_block);
    236. 

  236. 			number_left -= left_to_fill;
    237. 

  237. 			ctx->running_total += left_to_fill;
    238. 

  238. 			ctx->how_many_in_block = 0;
    239. 

  239. 			ptr = (const unsigned char *)(ptr + left_to_fill);
    240. 

  240. 		}
    241. 

  241. 	}
    242. 

  242. }
    243. 

  243. 

  244. void
    245. 

  245. sctp_sha1_final(unsigned char *digest, struct sctp_sha1_context *ctx)
    246. 

  246. {
    247. 

  247. 	/*
    248. 

  248. 	 * if any left in block fill with padding and process. Then transfer
    249. 

  249. 	 * the digest to the pointer. At the last block some special rules
    250. 

  250. 	 * need to apply. We must add a 1 bit following the message, then we
    251. 

  251. 	 * pad with 0's. The total size is encoded as a 64 bit number at the
    252. 

  252. 	 * end. Now if the last buffer has more than 55 octets in it we
    253. 

  253. 	 * cannot fit the 64 bit number + 10000000 pad on the end and must
    254. 

  254. 	 * add the 10000000 pad, pad the rest of the message with 0's and
    255. 

  255. 	 * then create an all 0 message with just the 64 bit size at the end
    256. 

  256. 	 * and run this block through by itself.  Also the 64 bit int must
    257. 

  257. 	 * be in network byte order.
    258. 

  258. 	 */
    259. 

  259. 	int left_to_fill;
    260. 

  260. 	unsigned int i, *ptr;
    261. 

  261. 

  262. 	if (ctx->how_many_in_block > 55) {
    263. 

  263. 		/*
    264. 

  264. 		 * special case, we need to process two blocks here. One for
    265. 

  265. 		 * the current stuff plus possibly the pad. The other for
    266. 

  266. 		 * the size.
    267. 

  267. 		 */
    268. 

  268. 		left_to_fill = sizeof(ctx->sha_block) - ctx->how_many_in_block;
    269. 

  269. 		if (left_to_fill == 0) {
    270. 

  270. 			/* Should not really happen but I am paranoid */
    271. 

  271. 			sctp_sha1_process_a_block(ctx,
    272. 

  272. 			    (unsigned int *)ctx->sha_block);
    273. 

  273. 			/* init last block, a bit different than the rest */
    274. 

  274. 			ctx->sha_block[0] = '\x80';
    275. 

  275. 			for (i = 1; i < sizeof(ctx->sha_block); i++) {
    276. 

  276. 				ctx->sha_block[i] = 0x0;
    277. 

  277. 			}
    278. 

  278. 		} else if (left_to_fill == 1) {
    279. 

  279. 			ctx->sha_block[ctx->how_many_in_block] = '\x80';
    280. 

  280. 			sctp_sha1_process_a_block(ctx,
    281. 

  281. 			    (unsigned int *)ctx->sha_block);
    282. 

  282. 			/* init last block */
    283. 

  283. 			memset(ctx->sha_block, 0, sizeof(ctx->sha_block));
    284. 

  284. 		} else {
    285. 

  285. 			ctx->sha_block[ctx->how_many_in_block] = '\x80';
    286. 

  286. 			for (i = (ctx->how_many_in_block + 1);
    287. 

  287. 			    i < sizeof(ctx->sha_block);
    288. 

  288. 			    i++) {
    289. 

  289. 				ctx->sha_block[i] = 0x0;
    290. 

  290. 			}
    291. 

  291. 			sctp_sha1_process_a_block(ctx,
    292. 

  292. 			    (unsigned int *)ctx->sha_block);
    293. 

  293. 			/* init last block */
    294. 

  294. 			memset(ctx->sha_block, 0, sizeof(ctx->sha_block));
    295. 

  295. 		}
    296. 

  296. 		/* This is in bits so multiply by 8 */
    297. 

  297. 		ctx->running_total *= 8;
    298. 

  298. 		ptr = (unsigned int *)&ctx->sha_block[60];
    299. 

  299. 		*ptr = htonl(ctx->running_total);
    300. 

  300. 		sctp_sha1_process_a_block(ctx, (unsigned int *)ctx->sha_block);
    301. 

  301. 	} else {
    302. 

  302. 		/*
    303. 

  303. 		 * easy case, we just pad this message to size - end with 0
    304. 

  304. 		 * add the magic 0x80 to the next word and then put the
    305. 

  305. 		 * network byte order size in the last spot and process the
    306. 

  306. 		 * block.
    307. 

  307. 		 */
    308. 

  308. 		ctx->sha_block[ctx->how_many_in_block] = '\x80';
    309. 

  309. 		for (i = (ctx->how_many_in_block + 1);
    310. 

  310. 		    i < sizeof(ctx->sha_block);
    311. 

  311. 		    i++) {
    312. 

  312. 			ctx->sha_block[i] = 0x0;
    313. 

  313. 		}
    314. 

  314. 		/* get last int spot */
    315. 

  315. 		ctx->running_total *= 8;
    316. 

  316. 		ptr = (unsigned int *)&ctx->sha_block[60];
    317. 

  317. 		*ptr = htonl(ctx->running_total);
    318. 

  318. 		sctp_sha1_process_a_block(ctx, (unsigned int *)ctx->sha_block);
    319. 

  319. 	}
    320. 

  320. 	/* transfer the digest back to the user */
    321. 

  321. 	digest[3] = (ctx->H0 & 0xff);
    322. 

  322. 	digest[2] = ((ctx->H0 >> 8) & 0xff);
    323. 

  323. 	digest[1] = ((ctx->H0 >> 16) & 0xff);
    324. 

  324. 	digest[0] = ((ctx->H0 >> 24) & 0xff);
    325. 

  325. 

  326. 	digest[7] = (ctx->H1 & 0xff);
    327. 

  327. 	digest[6] = ((ctx->H1 >> 8) & 0xff);
    328. 

  328. 	digest[5] = ((ctx->H1 >> 16) & 0xff);
    329. 

  329. 	digest[4] = ((ctx->H1 >> 24) & 0xff);
    330. 

  330. 

  331. 	digest[11] = (ctx->H2 & 0xff);
    332. 

  332. 	digest[10] = ((ctx->H2 >> 8) & 0xff);
    333. 

  333. 	digest[9] = ((ctx->H2 >> 16) & 0xff);
    334. 

  334. 	digest[8] = ((ctx->H2 >> 24) & 0xff);
    335. 

  335. 

  336. 	digest[15] = (ctx->H3 & 0xff);
    337. 

  337. 	digest[14] = ((ctx->H3 >> 8) & 0xff);
    338. 

  338. 	digest[13] = ((ctx->H3 >> 16) & 0xff);
    339. 

  339. 	digest[12] = ((ctx->H3 >> 24) & 0xff);
    340. 

  340. 

  341. 	digest[19] = (ctx->H4 & 0xff);
    342. 

  342. 	digest[18] = ((ctx->H4 >> 8) & 0xff);
    343. 

  343. 	digest[17] = ((ctx->H4 >> 16) & 0xff);
    344. 

  344. 	digest[16] = ((ctx->H4 >> 24) & 0xff);
    345. 

  345. }
    346. 

  346. 

  347. #endif
    348.