fixed memory leak in SNMP trap receiver; SNMP PDU parser refactored and optimized
[public/netxms.git] / src / libnetxms / sha1.cpp
1 /*
2 SHA-1 in C
3 By Steve Reid <sreid@sea-to-sky.net>
4 100% Public Domain
5
6 -----------------
7 Modified 7/98
8 By James H. Brown <jbrown@burgoyne.com>
9 Still 100% Public Domain
10
11 Corrected a problem which generated improper hash values on 16 bit machines
12 Routine SHA1Update changed from
13 void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int
14 len)
15 to
16 void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned
17 long len)
18
19 The 'len' parameter was declared an int which works fine on 32 bit machines.
20 However, on 16 bit machines an int is too small for the shifts being done
21 against
22 it. This caused the hash function to generate incorrect values if len was
23 greater than 8191 (8K - 1) due to the 'len << 3' on line 3 of SHA1Update().
24
25 Since the file IO in main() reads 16K at a time, any file 8K or larger would
26 be guaranteed to generate the wrong hash (e.g. Test Vector #3, a million
27 "a"s).
28
29 I also changed the declaration of variables i & j in SHA1Update to
30 unsigned long from unsigned int for the same reason.
31
32 These changes should make no difference to any 32 bit implementations since
33 an
34 int and a long are the same size in those environments.
35
36 --
37 I also corrected a few compiler warnings generated by Borland C.
38 1. Added #include <process.h> for exit() prototype
39 2. Removed unused variable 'j' in SHA1Final
40 3. Changed exit(0) to return(0) at end of main.
41
42 ALL changes I made can be located by searching for comments containing 'JHB'
43 -----------------
44 Modified 8/98
45 By Steve Reid <sreid@sea-to-sky.net>
46 Still 100% public domain
47
48 1- Removed #include <process.h> and used return() instead of exit()
49 2- Fixed overwriting of finalcount in SHA1Final() (discovered by Chris Hall)
50 3- Changed email address from steve@edmweb.com to sreid@sea-to-sky.net
51
52 -----------------
53 Modified 4/01
54 By Saul Kravitz <Saul.Kravitz@celera.com>
55 Still 100% PD
56 Modified to run on Compaq Alpha hardware.
57
58
59 -----------------
60 Modified 10/03
61 By Victor Kirhenshtein (victor@securityprojects.org)
62 Still 100% public domain
63 Modified to be used as part of network mamagement system agent
64
65
66 */
67
68 /*
69 Test Vectors (from FIPS PUB 180-1)
70 "abc"
71 A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
72 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
73 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
74 A million repetitions of "a"
75 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
76 */
77
78 #define SHA1HANDSOFF
79
80 #if !defined(_WIN32) && !defined(_NETWARE) && !defined(UNDER_CE)
81 #include <config.h>
82 #endif
83
84 #ifdef _WIN32
85 #include <windows.h>
86 #endif
87
88 #include "sha1.h"
89
90 /* #include <process.h> */ /* prototype for exit() - JHB */
91 /* Using return() instead of exit() - SWR */
92
93 #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
94
95 /* blk0() and blk() perform the initial expand. */
96 /* I got the idea of expanding during the round function from SSLeay */
97 #ifdef LITTLE_ENDIAN
98 #define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
99 |(rol(block->l[i],8)&0x00FF00FF))
100 #else
101 #define blk0(i) block->l[i]
102 #endif
103 #define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
104 ^block->l[(i+2)&15]^block->l[i&15],1))
105
106 /* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
107 #define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
108 #define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
109 #define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
110 #define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
111 #define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
112
113
114 /* Hash a single 512-bit block. This is the core of the algorithm. */
115
116 static void SHA1Transform(uint32 state[5], const unsigned char buffer[64])
117 {
118 uint32 a, b, c, d, e;
119 typedef union {
120 unsigned char c[64];
121 uint32 l[16];
122 } CHAR64LONG16;
123 CHAR64LONG16* block;
124 #ifdef SHA1HANDSOFF
125 unsigned char workspace[64];
126 block = (CHAR64LONG16*)workspace;
127 memcpy(block, buffer, 64);
128 #else
129 block = (CHAR64LONG16*)buffer;
130 #endif
131 /* Copy context->state[] to working vars */
132 a = state[0];
133 b = state[1];
134 c = state[2];
135 d = state[3];
136 e = state[4];
137 /* 4 rounds of 20 operations each. Loop unrolled. */
138 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
139 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
140 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
141 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
142 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
143 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
144 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
145 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
146 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
147 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
148 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
149 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
150 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
151 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
152 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
153 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
154 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
155 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
156 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
157 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
158 /* Add the working vars back into context.state[] */
159 state[0] += a;
160 state[1] += b;
161 state[2] += c;
162 state[3] += d;
163 state[4] += e;
164 /* Wipe variables */
165 a = b = c = d = e = 0;
166 }
167
168
169 /* SHA1Init - Initialize new context */
170
171 void I_SHA1Init(SHA1_CTX* context)
172 {
173 /* SHA1 initialization constants */
174 context->state[0] = 0x67452301;
175 context->state[1] = 0xEFCDAB89;
176 context->state[2] = 0x98BADCFE;
177 context->state[3] = 0x10325476;
178 context->state[4] = 0xC3D2E1F0;
179 context->count[0] = context->count[1] = 0;
180 }
181
182
183 /* Run your data through this. */
184
185 void I_SHA1Update(SHA1_CTX* context, const unsigned char* data, uint32 len) /* JHB */
186 {
187 uint32 i, j; /* JHB */
188
189 #ifdef VERBOSE
190 SHAPrintContext(context, "before");
191 #endif
192 j = (context->count[0] >> 3) & 63;
193 if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++;
194 context->count[1] += (len >> 29);
195 if ((j + len) > 63) {
196 memcpy(&context->buffer[j], data, (i = 64-j));
197 SHA1Transform(context->state, context->buffer);
198 for ( ; i + 63 < len; i += 64) {
199 SHA1Transform(context->state, &data[i]);
200 }
201 j = 0;
202 }
203 else i = 0;
204 memcpy(&context->buffer[j], &data[i], len - i);
205 #ifdef VERBOSE
206 SHAPrintContext(context, "after ");
207 #endif
208 }
209
210
211 /* Add padding and return the message digest. */
212
213 void I_SHA1Final(unsigned char digest[20], SHA1_CTX* context)
214 {
215 uint32 i; /* JHB */
216 unsigned char finalcount[8];
217
218 for (i = 0; i < 8; i++) {
219 finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
220 >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
221 }
222 I_SHA1Update(context, (unsigned char *)"\200", 1);
223 while ((context->count[0] & 504) != 448) {
224 I_SHA1Update(context, (unsigned char *)"\0", 1);
225 }
226 I_SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform()
227 */
228 for (i = 0; i < 20; i++) {
229 digest[i] = (unsigned char)
230 ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
231 }
232 /* Wipe variables */
233 #ifdef _WIN32
234 SecureZeroMemory(context->buffer, 64);
235 SecureZeroMemory(context->state, 20);
236 SecureZeroMemory(context->count, 8);
237 SecureZeroMemory(finalcount, 8); /* SWR */
238 #else
239 memset(context->buffer, 0, 64);
240 memset(context->state, 0, 20);
241 memset(context->count, 0, 8);
242 memset(finalcount, 0, 8); /* SWR */
243 #endif
244 #ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */
245 SHA1Transform(context->state, context->buffer);
246 #endif
247 }