File Coverage

sha1.c

Criterion	Covered	Total	%
statement	83	84	98.8
branch	29	30	96.6
condition			n/a
subroutine			n/a
pod			n/a
total	112	114	98.2

line	stmt	bran	code
1			/*
2			* sha1.c - SHA-1 implementation per FIPS 180-4.
3			*/
4
5			#include "sha1.h"
6			#include
7
8			#define ROL32(x, n) (((x) << (n)) \| ((x) >> (32 - (n))))
9
10			static uint32_t
11	208		load32_be(const unsigned char *p)
12			{
13	208		return ((uint32_t)p[0] << 24)
14	208		\| ((uint32_t)p[1] << 16)
15	208		\| ((uint32_t)p[2] << 8)
16	208		\| (uint32_t)p[3];
17			}
18
19			static void
20	45		store32_be(unsigned char *p, uint32_t v)
21			{
22	45		p[0] = (unsigned char)((v >> 24) & 0xFFu);
23	45		p[1] = (unsigned char)((v >> 16) & 0xFFu);
24	45		p[2] = (unsigned char)((v >> 8) & 0xFFu);
25	45		p[3] = (unsigned char)( v & 0xFFu);
26	45		}
27
28			static void
29	13		sha1_compress(sha1_ctx_t ctx, const unsigned char block)
30			{
31			uint32_t W[80];
32	13		uint32_t a = ctx->state[0], b = ctx->state[1], c = ctx->state[2],
33	13		d = ctx->state[3], e = ctx->state[4];
34			uint32_t f, k, t;
35			int i;
36
37	221	100	for (i = 0; i < 16; i++) W[i] = load32_be(block + i * 4);
38	845	100	for (i = 16; i < 80; i++) {
39	832		W[i] = ROL32(W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16], 1);
40			}
41
42	1053	100	for (i = 0; i < 80; i++) {
43	1040	100	if (i < 20) {
44	260		f = (b & c) \| (~b & d);
45	260		k = 0x5A827999u;
46	780	100	} else if (i < 40) {
47	260		f = b ^ c ^ d;
48	260		k = 0x6ED9EBA1u;
49	520	100	} else if (i < 60) {
50	260		f = (b & c) \| (b & d) \| (c & d);
51	260		k = 0x8F1BBCDCu;
52			} else {
53	260		f = b ^ c ^ d;
54	260		k = 0xCA62C1D6u;
55			}
56	1040		t = ROL32(a, 5) + f + e + k + W[i];
57	1040		e = d;
58	1040		d = c;
59	1040		c = ROL32(b, 30);
60	1040		b = a;
61	1040		a = t;
62			}
63
64	13		ctx->state[0] += a;
65	13		ctx->state[1] += b;
66	13		ctx->state[2] += c;
67	13		ctx->state[3] += d;
68	13		ctx->state[4] += e;
69	13		}
70
71			void
72	11		sha1_init(sha1_ctx_t *ctx)
73			{
74	11		ctx->state[0] = 0x67452301u;
75	11		ctx->state[1] = 0xEFCDAB89u;
76	11		ctx->state[2] = 0x98BADCFEu;
77	11		ctx->state[3] = 0x10325476u;
78	11		ctx->state[4] = 0xC3D2E1F0u;
79	11		ctx->bit_count = 0;
80	11		ctx->buffered = 0;
81	11		}
82
83			void
84	29		sha1_update(sha1_ctx_t ctx, const void data, size_t len)
85			{
86	29		const unsigned char p = (const unsigned char )data;
87			size_t take;
88
89	29		ctx->bit_count += (uint64_t)len << 3;
90
91	29	100	if (ctx->buffered) {
92	16		take = SHA1_BLOCK_SIZE - ctx->buffered;
93	16	100	if (take > len) take = len;
94	16		memcpy(ctx->buffer + ctx->buffered, p, take);
95	16		ctx->buffered += take;
96	16		p += take;
97	16		len -= take;
98	16	100	if (ctx->buffered == SHA1_BLOCK_SIZE) {
99	9		sha1_compress(ctx, ctx->buffer);
100	9		ctx->buffered = 0;
101			}
102			}
103	33	100	while (len >= SHA1_BLOCK_SIZE) {
104	4		sha1_compress(ctx, p);
105	4		p += SHA1_BLOCK_SIZE;
106	4		len -= SHA1_BLOCK_SIZE;
107			}
108	29	100	if (len) {
109	9		memcpy(ctx->buffer, p, len);
110	9		ctx->buffered = len;
111			}
112	29		}
113
114			void
115	9		sha1_final(sha1_ctx_t *ctx, unsigned char out[SHA1_DIGEST_SIZE])
116			{
117			unsigned char pad[SHA1_BLOCK_SIZE];
118			unsigned char len_be[8];
119	9		uint64_t bits = ctx->bit_count;
120			size_t pad_len;
121			int i;
122
123	9		pad[0] = 0x80;
124	576	100	for (i = 1; i < SHA1_BLOCK_SIZE; i++) pad[i] = 0;
125
126	9	50	if (ctx->buffered < 56)
127	9		pad_len = 56 - ctx->buffered;
128			else
129	0		pad_len = (SHA1_BLOCK_SIZE + 56) - ctx->buffered;
130
131	9		sha1_update(ctx, pad, pad_len);
132
133	81	100	for (i = 0; i < 8; i++) {
134	72		len_be[i] = (unsigned char)((bits >> (56 - i * 8)) & 0xFFu);
135			}
136	9		sha1_update(ctx, len_be, 8);
137
138	54	100	for (i = 0; i < 5; i++) store32_be(out + i * 4, ctx->state[i]);
139	9		}