support --without-openssl at configure time

Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
author: Damien Miller <djm@mindrot.org> 2015-01-14 21:48:18 +1100
committer: Damien Miller <djm@mindrot.org> 2015-01-14 21:48:18 +1100
commit: 81bfbd0bd35683de5d7f2238b985e5f8150a9180 (patch)
tree: 7e025046e72e28902068704eb49e3ffa998c4375 /openbsd-compat/sha1.c
parent: 54924b53af15ccdcbb9f89984512b5efef641a31 (diff)
1 files changed, 177 insertions, 0 deletions
diff --git a/openbsd-compat/sha1.c b/openbsd-compat/sha1.c
new file mode 100644
index 000000000..4b5381f87
--- /dev/null
+++ b/openbsd-compat/sha1.c
@@ -0,0 +1,177 @@
+/*      $OpenBSD: sha1.c,v 1.23 2014/01/08 06:14:57 tedu Exp $  */
+/*
+ * SHA-1 in C
+ * By Steve Reid <steve@edmweb.com>
+ * 100% Public Domain
+ *
+ * Test Vectors (from FIPS PUB 180-1)
+ * "abc"
+ *   A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
+ * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+ *   84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
+ * A million repetitions of "a"
+ *   34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
+ */
+#include "includes.h"
+#ifndef WITH_OPENSSL
+#include <sys/param.h>
+#include <string.h>
+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
+/*
+ * blk0() and blk() perform the initial expand.
+ * I got the idea of expanding during the round function from SSLeay
+ */
+#if BYTE_ORDER == LITTLE_ENDIAN
+# define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
+    |(rol(block->l[i],8)&0x00FF00FF))
+#else
+# define blk0(i) block->l[i]
+#endif
+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
+    ^block->l[(i+2)&15]^block->l[i&15],1))
+/*
+ * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1
+ */
+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
+typedef union {
+        u_int8_t c[64];
+        u_int32_t l[16];
+} CHAR64LONG16;
+/*
+ * Hash a single 512-bit block. This is the core of the algorithm.
+ */
+void
+SHA1Transform(u_int32_t state[5], const u_int8_t buffer[SHA1_BLOCK_LENGTH])
+{
+        u_int32_t a, b, c, d, e;
+        u_int8_t workspace[SHA1_BLOCK_LENGTH];
+        CHAR64LONG16 *block = (CHAR64LONG16 *)workspace;
+        (void)memcpy(block, buffer, SHA1_BLOCK_LENGTH);
+        /* Copy context->state[] to working vars */
+        a = state[0];
+        b = state[1];
+        c = state[2];
+        d = state[3];
+        e = state[4];
+        /* 4 rounds of 20 operations each. Loop unrolled. */
+        R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
+        R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
+        R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
+        R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
+        R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
+        R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
+        R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
+        R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
+        R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
+        R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
+        R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
+        R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
+        R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
+        R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
+        R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
+        R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
+        R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
+        R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
+        R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
+        R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
+        /* Add the working vars back into context.state[] */
+        state[0] += a;
+        state[1] += b;
+        state[2] += c;
+        state[3] += d;
+        state[4] += e;
+        /* Wipe variables */
+        a = b = c = d = e = 0;
+}
+/*
+ * SHA1Init - Initialize new context
+ */
+void
+SHA1Init(SHA1_CTX *context)
+{
+        /* SHA1 initialization constants */
+        context->count = 0;
+        context->state[0] = 0x67452301;
+        context->state[1] = 0xEFCDAB89;
+        context->state[2] = 0x98BADCFE;
+        context->state[3] = 0x10325476;
+        context->state[4] = 0xC3D2E1F0;
+}
+/*
+ * Run your data through this.
+ */
+void
+SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
+{
+        size_t i, j;
+        j = (size_t)((context->count >> 3) & 63);
+        context->count += (len << 3);
+        if ((j + len) > 63) {
+                (void)memcpy(&context->buffer[j], data, (i = 64-j));
+                SHA1Transform(context->state, context->buffer);
+                for ( ; i + 63 < len; i += 64)
+                        SHA1Transform(context->state, (u_int8_t *)&data[i]);
+                j = 0;
+        } else {
+                i = 0;
+        }
+        (void)memcpy(&context->buffer[j], &data[i], len - i);
+}
+/*
+ * Add padding and return the message digest.
+ */
+void
+SHA1Pad(SHA1_CTX *context)
+{
+        u_int8_t finalcount[8];
+        u_int i;
+        for (i = 0; i < 8; i++) {
+                finalcount[i] = (u_int8_t)((context->count >>
+                    ((7 - (i & 7)) * 8)) & 255);        /* Endian independent */
+        }
+        SHA1Update(context, (u_int8_t *)"\200", 1);
+        while ((context->count & 504) != 448)
+                SHA1Update(context, (u_int8_t *)"\0", 1);
+        SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
+}
+void
+SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
+{
+        u_int i;
+        SHA1Pad(context);
+        for (i = 0; i < SHA1_DIGEST_LENGTH; i++) {
+                digest[i] = (u_int8_t)
+                   ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
+        }
+        memset(context, 0, sizeof(*context));
+}
+#endif /* !WITH_OPENSSL */
author	Damien Miller <djm@mindrot.org>	2015-01-14 21:48:18 +1100
committer	Damien Miller <djm@mindrot.org>	2015-01-14 21:48:18 +1100
commit	81bfbd0bd35683de5d7f2238b985e5f8150a9180 (patch)
tree	7e025046e72e28902068704eb49e3ffa998c4375 /openbsd-compat/sha1.c
parent	54924b53af15ccdcbb9f89984512b5efef641a31 (diff)

diff --git a/openbsd-compat/sha1.c b/openbsd-compat/sha1.c new file mode 100644 index 000000000..4b5381f87 --- /dev/null +++ b/openbsd-compat/sha1.c
@@ -0,0 +1,177 @@
	1	/* $OpenBSD: sha1.c,v 1.23 2014/01/08 06:14:57 tedu Exp $ */
	2
	3	/*
	4	* SHA-1 in C
	5	* By Steve Reid <steve@edmweb.com>
	6	* 100% Public Domain
	7	*
	8	* Test Vectors (from FIPS PUB 180-1)
	9	* "abc"
	10	* A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
	11	* "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
	12	* 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
	13	* A million repetitions of "a"
	14	* 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
	15	*/
	16
	17	#include "includes.h"
	18
	19	#ifndef WITH_OPENSSL
	20
	21	#include <sys/param.h>
	22	#include <string.h>
	23
	24	#define rol(value, bits) (((value) << (bits)) \| ((value) >> (32 - (bits))))
	25
	26	/*
	27	* blk0() and blk() perform the initial expand.
	28	* I got the idea of expanding during the round function from SSLeay
	29	*/
	30	#if BYTE_ORDER == LITTLE_ENDIAN
	31	# define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
	32	\|(rol(block->l[i],8)&0x00FF00FF))
	33	#else
	34	# define blk0(i) block->l[i]
	35	#endif
	36	#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
	37	^block->l[(i+2)&15]^block->l[i&15],1))
	38
	39	/*
	40	* (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1
	41	*/
	42	#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
	43	#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
	44	#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
	45	#define R3(v,w,x,y,z,i) z+=(((w\|x)&y)\|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
	46	#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
	47
	48	typedef union {
	49	u_int8_t c[64];
	50	u_int32_t l[16];
	51	} CHAR64LONG16;
	52
	53	/*
	54	* Hash a single 512-bit block. This is the core of the algorithm.
	55	*/
	56	void
	57	SHA1Transform(u_int32_t state[5], const u_int8_t buffer[SHA1_BLOCK_LENGTH])
	58	{
	59	u_int32_t a, b, c, d, e;
	60	u_int8_t workspace[SHA1_BLOCK_LENGTH];
	61	CHAR64LONG16 block = (CHAR64LONG16 )workspace;
	62
	63	(void)memcpy(block, buffer, SHA1_BLOCK_LENGTH);
	64
	65	/* Copy context->state[] to working vars */
	66	a = state[0];
	67	b = state[1];
	68	c = state[2];
	69	d = state[3];
	70	e = state[4];
	71
	72	/* 4 rounds of 20 operations each. Loop unrolled. */
	73	R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
	74	R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
	75	R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
	76	R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
	77	R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
	78	R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
	79	R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
	80	R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
	81	R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
	82	R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
	83	R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
	84	R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
	85	R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
	86	R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
	87	R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
	88	R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
	89	R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
	90	R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
	91	R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
	92	R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
	93
	94	/* Add the working vars back into context.state[] */
	95	state[0] += a;
	96	state[1] += b;
	97	state[2] += c;
	98	state[3] += d;
	99	state[4] += e;
	100
	101	/* Wipe variables */
	102	a = b = c = d = e = 0;
	103	}
	104
	105
	106	/*
	107	* SHA1Init - Initialize new context
	108	*/
	109	void
	110	SHA1Init(SHA1_CTX *context)
	111	{
	112
	113	/* SHA1 initialization constants */
	114	context->count = 0;
	115	context->state[0] = 0x67452301;
	116	context->state[1] = 0xEFCDAB89;
	117	context->state[2] = 0x98BADCFE;
	118	context->state[3] = 0x10325476;
	119	context->state[4] = 0xC3D2E1F0;
	120	}
	121
	122
	123	/*
	124	* Run your data through this.
	125	*/
	126	void
	127	SHA1Update(SHA1_CTX context, const u_int8_t data, size_t len)
	128	{
	129	size_t i, j;
	130
	131	j = (size_t)((context->count >> 3) & 63);
	132	context->count += (len << 3);
	133	if ((j + len) > 63) {
	134	(void)memcpy(&context->buffer[j], data, (i = 64-j));
	135	SHA1Transform(context->state, context->buffer);
	136	for ( ; i + 63 < len; i += 64)
	137	SHA1Transform(context->state, (u_int8_t *)&data[i]);
	138	j = 0;
	139	} else {
	140	i = 0;
	141	}
	142	(void)memcpy(&context->buffer[j], &data[i], len - i);
	143	}
	144
	145
	146	/*
	147	* Add padding and return the message digest.
	148	*/
	149	void
	150	SHA1Pad(SHA1_CTX *context)
	151	{
	152	u_int8_t finalcount[8];
	153	u_int i;
	154
	155	for (i = 0; i < 8; i++) {
	156	finalcount[i] = (u_int8_t)((context->count >>
	157	((7 - (i & 7)) * 8)) & 255); /* Endian independent */
	158	}
	159	SHA1Update(context, (u_int8_t *)"\200", 1);
	160	while ((context->count & 504) != 448)
	161	SHA1Update(context, (u_int8_t *)"\0", 1);
	162	SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
	163	}
	164
	165	void
	166	SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
	167	{
	168	u_int i;
	169
	170	SHA1Pad(context);
	171	for (i = 0; i < SHA1_DIGEST_LENGTH; i++) {
	172	digest[i] = (u_int8_t)
	173	((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
	174	}
	175	memset(context, 0, sizeof(*context));
	176	}
	177	#endif /* !WITH_OPENSSL */