summaryrefslogtreecommitdiff
path: root/openbsd-compat
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2015-01-14 21:48:18 +1100
committerDamien Miller <djm@mindrot.org>2015-01-14 21:48:18 +1100
commit81bfbd0bd35683de5d7f2238b985e5f8150a9180 (patch)
tree7e025046e72e28902068704eb49e3ffa998c4375 /openbsd-compat
parent54924b53af15ccdcbb9f89984512b5efef641a31 (diff)
support --without-openssl at configure time
Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
Diffstat (limited to 'openbsd-compat')
-rw-r--r--openbsd-compat/md5.c251
-rw-r--r--openbsd-compat/md5.h51
-rw-r--r--openbsd-compat/rmd160.c376
-rw-r--r--openbsd-compat/rmd160.h61
-rw-r--r--openbsd-compat/sha1.c177
-rw-r--r--openbsd-compat/sha1.h58
6 files changed, 974 insertions, 0 deletions
diff --git a/openbsd-compat/md5.c b/openbsd-compat/md5.c
new file mode 100644
index 000000000..195ab515d
--- /dev/null
+++ b/openbsd-compat/md5.c
@@ -0,0 +1,251 @@
1/* $OpenBSD: md5.c,v 1.9 2014/01/08 06:14:57 tedu Exp $ */
2
3/*
4 * This code implements the MD5 message-digest algorithm.
5 * The algorithm is due to Ron Rivest. This code was
6 * written by Colin Plumb in 1993, no copyright is claimed.
7 * This code is in the public domain; do with it what you wish.
8 *
9 * Equivalent code is available from RSA Data Security, Inc.
10 * This code has been tested against that, and is equivalent,
11 * except that you don't need to include two pages of legalese
12 * with every copy.
13 *
14 * To compute the message digest of a chunk of bytes, declare an
15 * MD5Context structure, pass it to MD5Init, call MD5Update as
16 * needed on buffers full of bytes, and then call MD5Final, which
17 * will fill a supplied 16-byte array with the digest.
18 */
19
20#include "includes.h"
21
22#ifndef WITH_OPENSSL
23
24#include <sys/types.h>
25#include <string.h>
26#include "md5.h"
27
28#define PUT_64BIT_LE(cp, value) do { \
29 (cp)[7] = (value) >> 56; \
30 (cp)[6] = (value) >> 48; \
31 (cp)[5] = (value) >> 40; \
32 (cp)[4] = (value) >> 32; \
33 (cp)[3] = (value) >> 24; \
34 (cp)[2] = (value) >> 16; \
35 (cp)[1] = (value) >> 8; \
36 (cp)[0] = (value); } while (0)
37
38#define PUT_32BIT_LE(cp, value) do { \
39 (cp)[3] = (value) >> 24; \
40 (cp)[2] = (value) >> 16; \
41 (cp)[1] = (value) >> 8; \
42 (cp)[0] = (value); } while (0)
43
44static u_int8_t PADDING[MD5_BLOCK_LENGTH] = {
45 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
46 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
47 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
48};
49
50/*
51 * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
52 * initialization constants.
53 */
54void
55MD5Init(MD5_CTX *ctx)
56{
57 ctx->count = 0;
58 ctx->state[0] = 0x67452301;
59 ctx->state[1] = 0xefcdab89;
60 ctx->state[2] = 0x98badcfe;
61 ctx->state[3] = 0x10325476;
62}
63
64/*
65 * Update context to reflect the concatenation of another buffer full
66 * of bytes.
67 */
68void
69MD5Update(MD5_CTX *ctx, const unsigned char *input, size_t len)
70{
71 size_t have, need;
72
73 /* Check how many bytes we already have and how many more we need. */
74 have = (size_t)((ctx->count >> 3) & (MD5_BLOCK_LENGTH - 1));
75 need = MD5_BLOCK_LENGTH - have;
76
77 /* Update bitcount */
78 ctx->count += (u_int64_t)len << 3;
79
80 if (len >= need) {
81 if (have != 0) {
82 memcpy(ctx->buffer + have, input, need);
83 MD5Transform(ctx->state, ctx->buffer);
84 input += need;
85 len -= need;
86 have = 0;
87 }
88
89 /* Process data in MD5_BLOCK_LENGTH-byte chunks. */
90 while (len >= MD5_BLOCK_LENGTH) {
91 MD5Transform(ctx->state, input);
92 input += MD5_BLOCK_LENGTH;
93 len -= MD5_BLOCK_LENGTH;
94 }
95 }
96
97 /* Handle any remaining bytes of data. */
98 if (len != 0)
99 memcpy(ctx->buffer + have, input, len);
100}
101
102/*
103 * Pad pad to 64-byte boundary with the bit pattern
104 * 1 0* (64-bit count of bits processed, MSB-first)
105 */
106void
107MD5Pad(MD5_CTX *ctx)
108{
109 u_int8_t count[8];
110 size_t padlen;
111
112 /* Convert count to 8 bytes in little endian order. */
113 PUT_64BIT_LE(count, ctx->count);
114
115 /* Pad out to 56 mod 64. */
116 padlen = MD5_BLOCK_LENGTH -
117 ((ctx->count >> 3) & (MD5_BLOCK_LENGTH - 1));
118 if (padlen < 1 + 8)
119 padlen += MD5_BLOCK_LENGTH;
120 MD5Update(ctx, PADDING, padlen - 8); /* padlen - 8 <= 64 */
121 MD5Update(ctx, count, 8);
122}
123
124/*
125 * Final wrapup--call MD5Pad, fill in digest and zero out ctx.
126 */
127void
128MD5Final(unsigned char digest[MD5_DIGEST_LENGTH], MD5_CTX *ctx)
129{
130 int i;
131
132 MD5Pad(ctx);
133 for (i = 0; i < 4; i++)
134 PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
135 memset(ctx, 0, sizeof(*ctx));
136}
137
138
139/* The four core functions - F1 is optimized somewhat */
140
141/* #define F1(x, y, z) (x & y | ~x & z) */
142#define F1(x, y, z) (z ^ (x & (y ^ z)))
143#define F2(x, y, z) F1(z, x, y)
144#define F3(x, y, z) (x ^ y ^ z)
145#define F4(x, y, z) (y ^ (x | ~z))
146
147/* This is the central step in the MD5 algorithm. */
148#define MD5STEP(f, w, x, y, z, data, s) \
149 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
150
151/*
152 * The core of the MD5 algorithm, this alters an existing MD5 hash to
153 * reflect the addition of 16 longwords of new data. MD5Update blocks
154 * the data and converts bytes into longwords for this routine.
155 */
156void
157MD5Transform(u_int32_t state[4], const u_int8_t block[MD5_BLOCK_LENGTH])
158{
159 u_int32_t a, b, c, d, in[MD5_BLOCK_LENGTH / 4];
160
161#if BYTE_ORDER == LITTLE_ENDIAN
162 memcpy(in, block, sizeof(in));
163#else
164 for (a = 0; a < MD5_BLOCK_LENGTH / 4; a++) {
165 in[a] = (u_int32_t)(
166 (u_int32_t)(block[a * 4 + 0]) |
167 (u_int32_t)(block[a * 4 + 1]) << 8 |
168 (u_int32_t)(block[a * 4 + 2]) << 16 |
169 (u_int32_t)(block[a * 4 + 3]) << 24);
170 }
171#endif
172
173 a = state[0];
174 b = state[1];
175 c = state[2];
176 d = state[3];
177
178 MD5STEP(F1, a, b, c, d, in[ 0] + 0xd76aa478, 7);
179 MD5STEP(F1, d, a, b, c, in[ 1] + 0xe8c7b756, 12);
180 MD5STEP(F1, c, d, a, b, in[ 2] + 0x242070db, 17);
181 MD5STEP(F1, b, c, d, a, in[ 3] + 0xc1bdceee, 22);
182 MD5STEP(F1, a, b, c, d, in[ 4] + 0xf57c0faf, 7);
183 MD5STEP(F1, d, a, b, c, in[ 5] + 0x4787c62a, 12);
184 MD5STEP(F1, c, d, a, b, in[ 6] + 0xa8304613, 17);
185 MD5STEP(F1, b, c, d, a, in[ 7] + 0xfd469501, 22);
186 MD5STEP(F1, a, b, c, d, in[ 8] + 0x698098d8, 7);
187 MD5STEP(F1, d, a, b, c, in[ 9] + 0x8b44f7af, 12);
188 MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
189 MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
190 MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
191 MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
192 MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
193 MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
194
195 MD5STEP(F2, a, b, c, d, in[ 1] + 0xf61e2562, 5);
196 MD5STEP(F2, d, a, b, c, in[ 6] + 0xc040b340, 9);
197 MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
198 MD5STEP(F2, b, c, d, a, in[ 0] + 0xe9b6c7aa, 20);
199 MD5STEP(F2, a, b, c, d, in[ 5] + 0xd62f105d, 5);
200 MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
201 MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
202 MD5STEP(F2, b, c, d, a, in[ 4] + 0xe7d3fbc8, 20);
203 MD5STEP(F2, a, b, c, d, in[ 9] + 0x21e1cde6, 5);
204 MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
205 MD5STEP(F2, c, d, a, b, in[ 3] + 0xf4d50d87, 14);
206 MD5STEP(F2, b, c, d, a, in[ 8] + 0x455a14ed, 20);
207 MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
208 MD5STEP(F2, d, a, b, c, in[ 2] + 0xfcefa3f8, 9);
209 MD5STEP(F2, c, d, a, b, in[ 7] + 0x676f02d9, 14);
210 MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
211
212 MD5STEP(F3, a, b, c, d, in[ 5] + 0xfffa3942, 4);
213 MD5STEP(F3, d, a, b, c, in[ 8] + 0x8771f681, 11);
214 MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
215 MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
216 MD5STEP(F3, a, b, c, d, in[ 1] + 0xa4beea44, 4);
217 MD5STEP(F3, d, a, b, c, in[ 4] + 0x4bdecfa9, 11);
218 MD5STEP(F3, c, d, a, b, in[ 7] + 0xf6bb4b60, 16);
219 MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
220 MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
221 MD5STEP(F3, d, a, b, c, in[ 0] + 0xeaa127fa, 11);
222 MD5STEP(F3, c, d, a, b, in[ 3] + 0xd4ef3085, 16);
223 MD5STEP(F3, b, c, d, a, in[ 6] + 0x04881d05, 23);
224 MD5STEP(F3, a, b, c, d, in[ 9] + 0xd9d4d039, 4);
225 MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
226 MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
227 MD5STEP(F3, b, c, d, a, in[2 ] + 0xc4ac5665, 23);
228
229 MD5STEP(F4, a, b, c, d, in[ 0] + 0xf4292244, 6);
230 MD5STEP(F4, d, a, b, c, in[7 ] + 0x432aff97, 10);
231 MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
232 MD5STEP(F4, b, c, d, a, in[5 ] + 0xfc93a039, 21);
233 MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
234 MD5STEP(F4, d, a, b, c, in[3 ] + 0x8f0ccc92, 10);
235 MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
236 MD5STEP(F4, b, c, d, a, in[1 ] + 0x85845dd1, 21);
237 MD5STEP(F4, a, b, c, d, in[8 ] + 0x6fa87e4f, 6);
238 MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
239 MD5STEP(F4, c, d, a, b, in[6 ] + 0xa3014314, 15);
240 MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
241 MD5STEP(F4, a, b, c, d, in[4 ] + 0xf7537e82, 6);
242 MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
243 MD5STEP(F4, c, d, a, b, in[2 ] + 0x2ad7d2bb, 15);
244 MD5STEP(F4, b, c, d, a, in[9 ] + 0xeb86d391, 21);
245
246 state[0] += a;
247 state[1] += b;
248 state[2] += c;
249 state[3] += d;
250}
251#endif /* !WITH_OPENSSL */
diff --git a/openbsd-compat/md5.h b/openbsd-compat/md5.h
new file mode 100644
index 000000000..c83c19dca
--- /dev/null
+++ b/openbsd-compat/md5.h
@@ -0,0 +1,51 @@
1/* $OpenBSD: md5.h,v 1.17 2012/12/05 23:19:57 deraadt Exp $ */
2
3/*
4 * This code implements the MD5 message-digest algorithm.
5 * The algorithm is due to Ron Rivest. This code was
6 * written by Colin Plumb in 1993, no copyright is claimed.
7 * This code is in the public domain; do with it what you wish.
8 *
9 * Equivalent code is available from RSA Data Security, Inc.
10 * This code has been tested against that, and is equivalent,
11 * except that you don't need to include two pages of legalese
12 * with every copy.
13 */
14
15#ifndef _MD5_H_
16#define _MD5_H_
17
18#ifndef WITH_OPENSSL
19
20#define MD5_BLOCK_LENGTH 64
21#define MD5_DIGEST_LENGTH 16
22#define MD5_DIGEST_STRING_LENGTH (MD5_DIGEST_LENGTH * 2 + 1)
23
24typedef struct MD5Context {
25 u_int32_t state[4]; /* state */
26 u_int64_t count; /* number of bits, mod 2^64 */
27 u_int8_t buffer[MD5_BLOCK_LENGTH]; /* input buffer */
28} MD5_CTX;
29
30void MD5Init(MD5_CTX *);
31void MD5Update(MD5_CTX *, const u_int8_t *, size_t)
32 __attribute__((__bounded__(__string__,2,3)));
33void MD5Pad(MD5_CTX *);
34void MD5Final(u_int8_t [MD5_DIGEST_LENGTH], MD5_CTX *)
35 __attribute__((__bounded__(__minbytes__,1,MD5_DIGEST_LENGTH)));
36void MD5Transform(u_int32_t [4], const u_int8_t [MD5_BLOCK_LENGTH])
37 __attribute__((__bounded__(__minbytes__,1,4)))
38 __attribute__((__bounded__(__minbytes__,2,MD5_BLOCK_LENGTH)));
39char *MD5End(MD5_CTX *, char *)
40 __attribute__((__bounded__(__minbytes__,2,MD5_DIGEST_STRING_LENGTH)));
41char *MD5File(const char *, char *)
42 __attribute__((__bounded__(__minbytes__,2,MD5_DIGEST_STRING_LENGTH)));
43char *MD5FileChunk(const char *, char *, off_t, off_t)
44 __attribute__((__bounded__(__minbytes__,2,MD5_DIGEST_STRING_LENGTH)));
45char *MD5Data(const u_int8_t *, size_t, char *)
46 __attribute__((__bounded__(__string__,1,2)))
47 __attribute__((__bounded__(__minbytes__,3,MD5_DIGEST_STRING_LENGTH)));
48
49#endif /* !WITH_OPENSSL */
50
51#endif /* _MD5_H_ */
diff --git a/openbsd-compat/rmd160.c b/openbsd-compat/rmd160.c
new file mode 100644
index 000000000..2a14dd7b0
--- /dev/null
+++ b/openbsd-compat/rmd160.c
@@ -0,0 +1,376 @@
1/*
2 * Copyright (c) 2001 Markus Friedl. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24/*
25 * Preneel, Bosselaers, Dobbertin, "The Cryptographic Hash Function RIPEMD-160",
26 * RSA Laboratories, CryptoBytes, Volume 3, Number 2, Autumn 1997,
27 * ftp://ftp.rsasecurity.com/pub/cryptobytes/crypto3n2.pdf
28 */
29
30#include "includes.h"
31
32#ifndef WITH_OPENSSL
33
34#include <sys/types.h>
35#include <endian.h>
36#include <string.h>
37#include <rmd160.h>
38
39#define PUT_64BIT_LE(cp, value) do { \
40 (cp)[7] = (value) >> 56; \
41 (cp)[6] = (value) >> 48; \
42 (cp)[5] = (value) >> 40; \
43 (cp)[4] = (value) >> 32; \
44 (cp)[3] = (value) >> 24; \
45 (cp)[2] = (value) >> 16; \
46 (cp)[1] = (value) >> 8; \
47 (cp)[0] = (value); } while (0)
48
49#define PUT_32BIT_LE(cp, value) do { \
50 (cp)[3] = (value) >> 24; \
51 (cp)[2] = (value) >> 16; \
52 (cp)[1] = (value) >> 8; \
53 (cp)[0] = (value); } while (0)
54
55#define H0 0x67452301U
56#define H1 0xEFCDAB89U
57#define H2 0x98BADCFEU
58#define H3 0x10325476U
59#define H4 0xC3D2E1F0U
60
61#define K0 0x00000000U
62#define K1 0x5A827999U
63#define K2 0x6ED9EBA1U
64#define K3 0x8F1BBCDCU
65#define K4 0xA953FD4EU
66
67#define KK0 0x50A28BE6U
68#define KK1 0x5C4DD124U
69#define KK2 0x6D703EF3U
70#define KK3 0x7A6D76E9U
71#define KK4 0x00000000U
72
73/* rotate x left n bits. */
74#define ROL(n, x) (((x) << (n)) | ((x) >> (32-(n))))
75
76#define F0(x, y, z) ((x) ^ (y) ^ (z))
77#define F1(x, y, z) (((x) & (y)) | ((~x) & (z)))
78#define F2(x, y, z) (((x) | (~y)) ^ (z))
79#define F3(x, y, z) (((x) & (z)) | ((y) & (~z)))
80#define F4(x, y, z) ((x) ^ ((y) | (~z)))
81
82#define R(a, b, c, d, e, Fj, Kj, sj, rj) \
83 do { \
84 a = ROL(sj, a + Fj(b,c,d) + X(rj) + Kj) + e; \
85 c = ROL(10, c); \
86 } while(0)
87
88#define X(i) x[i]
89
90static u_int8_t PADDING[RMD160_BLOCK_LENGTH] = {
91 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
92 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
93 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
94};
95
96void
97RMD160Init(RMD160_CTX *ctx)
98{
99 ctx->count = 0;
100 ctx->state[0] = H0;
101 ctx->state[1] = H1;
102 ctx->state[2] = H2;
103 ctx->state[3] = H3;
104 ctx->state[4] = H4;
105}
106
107void
108RMD160Update(RMD160_CTX *ctx, const u_int8_t *input, size_t len)
109{
110 size_t have, off, need;
111
112 have = (ctx->count / 8) % RMD160_BLOCK_LENGTH;
113 need = RMD160_BLOCK_LENGTH - have;
114 ctx->count += 8 * len;
115 off = 0;
116
117 if (len >= need) {
118 if (have) {
119 memcpy(ctx->buffer + have, input, need);
120 RMD160Transform(ctx->state, ctx->buffer);
121 off = need;
122 have = 0;
123 }
124 /* now the buffer is empty */
125 while (off + RMD160_BLOCK_LENGTH <= len) {
126 RMD160Transform(ctx->state, input+off);
127 off += RMD160_BLOCK_LENGTH;
128 }
129 }
130 if (off < len)
131 memcpy(ctx->buffer + have, input+off, len-off);
132}
133
134void
135RMD160Pad(RMD160_CTX *ctx)
136{
137 u_int8_t size[8];
138 size_t padlen;
139
140 PUT_64BIT_LE(size, ctx->count);
141
142 /*
143 * pad to RMD160_BLOCK_LENGTH byte blocks, at least one byte from
144 * PADDING plus 8 bytes for the size
145 */
146 padlen = RMD160_BLOCK_LENGTH - ((ctx->count / 8) % RMD160_BLOCK_LENGTH);
147 if (padlen < 1 + 8)
148 padlen += RMD160_BLOCK_LENGTH;
149 RMD160Update(ctx, PADDING, padlen - 8); /* padlen - 8 <= 64 */
150 RMD160Update(ctx, size, 8);
151}
152
153void
154RMD160Final(u_int8_t digest[RMD160_DIGEST_LENGTH], RMD160_CTX *ctx)
155{
156 int i;
157
158 RMD160Pad(ctx);
159 for (i = 0; i < 5; i++)
160 PUT_32BIT_LE(digest + i*4, ctx->state[i]);
161 memset(ctx, 0, sizeof (*ctx));
162}
163
164void
165RMD160Transform(u_int32_t state[5], const u_int8_t block[RMD160_BLOCK_LENGTH])
166{
167 u_int32_t a, b, c, d, e, aa, bb, cc, dd, ee, t, x[16];
168
169#if BYTE_ORDER == LITTLE_ENDIAN
170 memcpy(x, block, RMD160_BLOCK_LENGTH);
171#else
172 int i;
173
174 for (i = 0; i < 16; i++)
175 x[i] = (u_int32_t)(
176 (u_int32_t)(block[i*4 + 0]) |
177 (u_int32_t)(block[i*4 + 1]) << 8 |
178 (u_int32_t)(block[i*4 + 2]) << 16 |
179 (u_int32_t)(block[i*4 + 3]) << 24);
180#endif
181
182 a = state[0];
183 b = state[1];
184 c = state[2];
185 d = state[3];
186 e = state[4];
187
188 /* Round 1 */
189 R(a, b, c, d, e, F0, K0, 11, 0);
190 R(e, a, b, c, d, F0, K0, 14, 1);
191 R(d, e, a, b, c, F0, K0, 15, 2);
192 R(c, d, e, a, b, F0, K0, 12, 3);
193 R(b, c, d, e, a, F0, K0, 5, 4);
194 R(a, b, c, d, e, F0, K0, 8, 5);
195 R(e, a, b, c, d, F0, K0, 7, 6);
196 R(d, e, a, b, c, F0, K0, 9, 7);
197 R(c, d, e, a, b, F0, K0, 11, 8);
198 R(b, c, d, e, a, F0, K0, 13, 9);
199 R(a, b, c, d, e, F0, K0, 14, 10);
200 R(e, a, b, c, d, F0, K0, 15, 11);
201 R(d, e, a, b, c, F0, K0, 6, 12);
202 R(c, d, e, a, b, F0, K0, 7, 13);
203 R(b, c, d, e, a, F0, K0, 9, 14);
204 R(a, b, c, d, e, F0, K0, 8, 15); /* #15 */
205 /* Round 2 */
206 R(e, a, b, c, d, F1, K1, 7, 7);
207 R(d, e, a, b, c, F1, K1, 6, 4);
208 R(c, d, e, a, b, F1, K1, 8, 13);
209 R(b, c, d, e, a, F1, K1, 13, 1);
210 R(a, b, c, d, e, F1, K1, 11, 10);
211 R(e, a, b, c, d, F1, K1, 9, 6);
212 R(d, e, a, b, c, F1, K1, 7, 15);
213 R(c, d, e, a, b, F1, K1, 15, 3);
214 R(b, c, d, e, a, F1, K1, 7, 12);
215 R(a, b, c, d, e, F1, K1, 12, 0);
216 R(e, a, b, c, d, F1, K1, 15, 9);
217 R(d, e, a, b, c, F1, K1, 9, 5);
218 R(c, d, e, a, b, F1, K1, 11, 2);
219 R(b, c, d, e, a, F1, K1, 7, 14);
220 R(a, b, c, d, e, F1, K1, 13, 11);
221 R(e, a, b, c, d, F1, K1, 12, 8); /* #31 */
222 /* Round 3 */
223 R(d, e, a, b, c, F2, K2, 11, 3);
224 R(c, d, e, a, b, F2, K2, 13, 10);
225 R(b, c, d, e, a, F2, K2, 6, 14);
226 R(a, b, c, d, e, F2, K2, 7, 4);
227 R(e, a, b, c, d, F2, K2, 14, 9);
228 R(d, e, a, b, c, F2, K2, 9, 15);
229 R(c, d, e, a, b, F2, K2, 13, 8);
230 R(b, c, d, e, a, F2, K2, 15, 1);
231 R(a, b, c, d, e, F2, K2, 14, 2);
232 R(e, a, b, c, d, F2, K2, 8, 7);
233 R(d, e, a, b, c, F2, K2, 13, 0);
234 R(c, d, e, a, b, F2, K2, 6, 6);
235 R(b, c, d, e, a, F2, K2, 5, 13);
236 R(a, b, c, d, e, F2, K2, 12, 11);
237 R(e, a, b, c, d, F2, K2, 7, 5);
238 R(d, e, a, b, c, F2, K2, 5, 12); /* #47 */
239 /* Round 4 */
240 R(c, d, e, a, b, F3, K3, 11, 1);
241 R(b, c, d, e, a, F3, K3, 12, 9);
242 R(a, b, c, d, e, F3, K3, 14, 11);
243 R(e, a, b, c, d, F3, K3, 15, 10);
244 R(d, e, a, b, c, F3, K3, 14, 0);
245 R(c, d, e, a, b, F3, K3, 15, 8);
246 R(b, c, d, e, a, F3, K3, 9, 12);
247 R(a, b, c, d, e, F3, K3, 8, 4);
248 R(e, a, b, c, d, F3, K3, 9, 13);
249 R(d, e, a, b, c, F3, K3, 14, 3);
250 R(c, d, e, a, b, F3, K3, 5, 7);
251 R(b, c, d, e, a, F3, K3, 6, 15);
252 R(a, b, c, d, e, F3, K3, 8, 14);
253 R(e, a, b, c, d, F3, K3, 6, 5);
254 R(d, e, a, b, c, F3, K3, 5, 6);
255 R(c, d, e, a, b, F3, K3, 12, 2); /* #63 */
256 /* Round 5 */
257 R(b, c, d, e, a, F4, K4, 9, 4);
258 R(a, b, c, d, e, F4, K4, 15, 0);
259 R(e, a, b, c, d, F4, K4, 5, 5);
260 R(d, e, a, b, c, F4, K4, 11, 9);
261 R(c, d, e, a, b, F4, K4, 6, 7);
262 R(b, c, d, e, a, F4, K4, 8, 12);
263 R(a, b, c, d, e, F4, K4, 13, 2);
264 R(e, a, b, c, d, F4, K4, 12, 10);
265 R(d, e, a, b, c, F4, K4, 5, 14);
266 R(c, d, e, a, b, F4, K4, 12, 1);
267 R(b, c, d, e, a, F4, K4, 13, 3);
268 R(a, b, c, d, e, F4, K4, 14, 8);
269 R(e, a, b, c, d, F4, K4, 11, 11);
270 R(d, e, a, b, c, F4, K4, 8, 6);
271 R(c, d, e, a, b, F4, K4, 5, 15);
272 R(b, c, d, e, a, F4, K4, 6, 13); /* #79 */
273
274 aa = a ; bb = b; cc = c; dd = d; ee = e;
275
276 a = state[0];
277 b = state[1];
278 c = state[2];
279 d = state[3];
280 e = state[4];
281
282 /* Parallel round 1 */
283 R(a, b, c, d, e, F4, KK0, 8, 5);
284 R(e, a, b, c, d, F4, KK0, 9, 14);
285 R(d, e, a, b, c, F4, KK0, 9, 7);
286 R(c, d, e, a, b, F4, KK0, 11, 0);
287 R(b, c, d, e, a, F4, KK0, 13, 9);
288 R(a, b, c, d, e, F4, KK0, 15, 2);
289 R(e, a, b, c, d, F4, KK0, 15, 11);
290 R(d, e, a, b, c, F4, KK0, 5, 4);
291 R(c, d, e, a, b, F4, KK0, 7, 13);
292 R(b, c, d, e, a, F4, KK0, 7, 6);
293 R(a, b, c, d, e, F4, KK0, 8, 15);
294 R(e, a, b, c, d, F4, KK0, 11, 8);
295 R(d, e, a, b, c, F4, KK0, 14, 1);
296 R(c, d, e, a, b, F4, KK0, 14, 10);
297 R(b, c, d, e, a, F4, KK0, 12, 3);
298 R(a, b, c, d, e, F4, KK0, 6, 12); /* #15 */
299 /* Parallel round 2 */
300 R(e, a, b, c, d, F3, KK1, 9, 6);
301 R(d, e, a, b, c, F3, KK1, 13, 11);
302 R(c, d, e, a, b, F3, KK1, 15, 3);
303 R(b, c, d, e, a, F3, KK1, 7, 7);
304 R(a, b, c, d, e, F3, KK1, 12, 0);
305 R(e, a, b, c, d, F3, KK1, 8, 13);
306 R(d, e, a, b, c, F3, KK1, 9, 5);
307 R(c, d, e, a, b, F3, KK1, 11, 10);
308 R(b, c, d, e, a, F3, KK1, 7, 14);
309 R(a, b, c, d, e, F3, KK1, 7, 15);
310 R(e, a, b, c, d, F3, KK1, 12, 8);
311 R(d, e, a, b, c, F3, KK1, 7, 12);
312 R(c, d, e, a, b, F3, KK1, 6, 4);
313 R(b, c, d, e, a, F3, KK1, 15, 9);
314 R(a, b, c, d, e, F3, KK1, 13, 1);
315 R(e, a, b, c, d, F3, KK1, 11, 2); /* #31 */
316 /* Parallel round 3 */
317 R(d, e, a, b, c, F2, KK2, 9, 15);
318 R(c, d, e, a, b, F2, KK2, 7, 5);
319 R(b, c, d, e, a, F2, KK2, 15, 1);
320 R(a, b, c, d, e, F2, KK2, 11, 3);
321 R(e, a, b, c, d, F2, KK2, 8, 7);
322 R(d, e, a, b, c, F2, KK2, 6, 14);
323 R(c, d, e, a, b, F2, KK2, 6, 6);
324 R(b, c, d, e, a, F2, KK2, 14, 9);
325 R(a, b, c, d, e, F2, KK2, 12, 11);
326 R(e, a, b, c, d, F2, KK2, 13, 8);
327 R(d, e, a, b, c, F2, KK2, 5, 12);
328 R(c, d, e, a, b, F2, KK2, 14, 2);
329 R(b, c, d, e, a, F2, KK2, 13, 10);
330 R(a, b, c, d, e, F2, KK2, 13, 0);
331 R(e, a, b, c, d, F2, KK2, 7, 4);
332 R(d, e, a, b, c, F2, KK2, 5, 13); /* #47 */
333 /* Parallel round 4 */
334 R(c, d, e, a, b, F1, KK3, 15, 8);
335 R(b, c, d, e, a, F1, KK3, 5, 6);
336 R(a, b, c, d, e, F1, KK3, 8, 4);
337 R(e, a, b, c, d, F1, KK3, 11, 1);
338 R(d, e, a, b, c, F1, KK3, 14, 3);
339 R(c, d, e, a, b, F1, KK3, 14, 11);
340 R(b, c, d, e, a, F1, KK3, 6, 15);
341 R(a, b, c, d, e, F1, KK3, 14, 0);
342 R(e, a, b, c, d, F1, KK3, 6, 5);
343 R(d, e, a, b, c, F1, KK3, 9, 12);
344 R(c, d, e, a, b, F1, KK3, 12, 2);
345 R(b, c, d, e, a, F1, KK3, 9, 13);
346 R(a, b, c, d, e, F1, KK3, 12, 9);
347 R(e, a, b, c, d, F1, KK3, 5, 7);
348 R(d, e, a, b, c, F1, KK3, 15, 10);
349 R(c, d, e, a, b, F1, KK3, 8, 14); /* #63 */
350 /* Parallel round 5 */
351 R(b, c, d, e, a, F0, KK4, 8, 12);
352 R(a, b, c, d, e, F0, KK4, 5, 15);
353 R(e, a, b, c, d, F0, KK4, 12, 10);
354 R(d, e, a, b, c, F0, KK4, 9, 4);
355 R(c, d, e, a, b, F0, KK4, 12, 1);
356 R(b, c, d, e, a, F0, KK4, 5, 5);
357 R(a, b, c, d, e, F0, KK4, 14, 8);
358 R(e, a, b, c, d, F0, KK4, 6, 7);
359 R(d, e, a, b, c, F0, KK4, 8, 6);
360 R(c, d, e, a, b, F0, KK4, 13, 2);
361 R(b, c, d, e, a, F0, KK4, 6, 13);
362 R(a, b, c, d, e, F0, KK4, 5, 14);
363 R(e, a, b, c, d, F0, KK4, 15, 0);
364 R(d, e, a, b, c, F0, KK4, 13, 3);
365 R(c, d, e, a, b, F0, KK4, 11, 9);
366 R(b, c, d, e, a, F0, KK4, 11, 11); /* #79 */
367
368 t = state[1] + cc + d;
369 state[1] = state[2] + dd + e;
370 state[2] = state[3] + ee + a;
371 state[3] = state[4] + aa + b;
372 state[4] = state[0] + bb + c;
373 state[0] = t;
374}
375
376#endif /* !WITH_OPENSSL */
diff --git a/openbsd-compat/rmd160.h b/openbsd-compat/rmd160.h
new file mode 100644
index 000000000..99c1dcdc0
--- /dev/null
+++ b/openbsd-compat/rmd160.h
@@ -0,0 +1,61 @@
1/* $OpenBSD: rmd160.h,v 1.17 2012/12/05 23:19:57 deraadt Exp $ */
2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25#ifndef _RMD160_H
26#define _RMD160_H
27
28#ifndef WITH_OPENSSL
29
30#define RMD160_BLOCK_LENGTH 64
31#define RMD160_DIGEST_LENGTH 20
32#define RMD160_DIGEST_STRING_LENGTH (RMD160_DIGEST_LENGTH * 2 + 1)
33
34/* RMD160 context. */
35typedef struct RMD160Context {
36 u_int32_t state[5]; /* state */
37 u_int64_t count; /* number of bits, mod 2^64 */
38 u_int8_t buffer[RMD160_BLOCK_LENGTH]; /* input buffer */
39} RMD160_CTX;
40
41void RMD160Init(RMD160_CTX *);
42void RMD160Transform(u_int32_t [5], const u_int8_t [RMD160_BLOCK_LENGTH])
43 __attribute__((__bounded__(__minbytes__,1,5)))
44 __attribute__((__bounded__(__minbytes__,2,RMD160_BLOCK_LENGTH)));
45void RMD160Update(RMD160_CTX *, const u_int8_t *, size_t)
46 __attribute__((__bounded__(__string__,2,3)));
47void RMD160Pad(RMD160_CTX *);
48void RMD160Final(u_int8_t [RMD160_DIGEST_LENGTH], RMD160_CTX *)
49 __attribute__((__bounded__(__minbytes__,1,RMD160_DIGEST_LENGTH)));
50char *RMD160End(RMD160_CTX *, char *)
51 __attribute__((__bounded__(__minbytes__,2,RMD160_DIGEST_STRING_LENGTH)));
52char *RMD160File(const char *, char *)
53 __attribute__((__bounded__(__minbytes__,2,RMD160_DIGEST_STRING_LENGTH)));
54char *RMD160FileChunk(const char *, char *, off_t, off_t)
55 __attribute__((__bounded__(__minbytes__,2,RMD160_DIGEST_STRING_LENGTH)));
56char *RMD160Data(const u_int8_t *, size_t, char *)
57 __attribute__((__bounded__(__string__,1,2)))
58 __attribute__((__bounded__(__minbytes__,3,RMD160_DIGEST_STRING_LENGTH)));
59
60#endif /* !WITH_OPENSSL */
61#endif /* _RMD160_H */
diff --git a/openbsd-compat/sha1.c b/openbsd-compat/sha1.c
new file mode 100644
index 000000000..4b5381f87
--- /dev/null
+++ b/openbsd-compat/sha1.c
@@ -0,0 +1,177 @@
1/* $OpenBSD: sha1.c,v 1.23 2014/01/08 06:14:57 tedu Exp $ */
2
3/*
4 * SHA-1 in C
5 * By Steve Reid <steve@edmweb.com>
6 * 100% Public Domain
7 *
8 * Test Vectors (from FIPS PUB 180-1)
9 * "abc"
10 * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
11 * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
12 * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
13 * A million repetitions of "a"
14 * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
15 */
16
17#include "includes.h"
18
19#ifndef WITH_OPENSSL
20
21#include <sys/param.h>
22#include <string.h>
23
24#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
25
26/*
27 * blk0() and blk() perform the initial expand.
28 * I got the idea of expanding during the round function from SSLeay
29 */
30#if BYTE_ORDER == LITTLE_ENDIAN
31# define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
32 |(rol(block->l[i],8)&0x00FF00FF))
33#else
34# define blk0(i) block->l[i]
35#endif
36#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
37 ^block->l[(i+2)&15]^block->l[i&15],1))
38
39/*
40 * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1
41 */
42#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
43#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
44#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
45#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
46#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
47
48typedef union {
49 u_int8_t c[64];
50 u_int32_t l[16];
51} CHAR64LONG16;
52
53/*
54 * Hash a single 512-bit block. This is the core of the algorithm.
55 */
56void
57SHA1Transform(u_int32_t state[5], const u_int8_t buffer[SHA1_BLOCK_LENGTH])
58{
59 u_int32_t a, b, c, d, e;
60 u_int8_t workspace[SHA1_BLOCK_LENGTH];
61 CHAR64LONG16 *block = (CHAR64LONG16 *)workspace;
62
63 (void)memcpy(block, buffer, SHA1_BLOCK_LENGTH);
64
65 /* Copy context->state[] to working vars */
66 a = state[0];
67 b = state[1];
68 c = state[2];
69 d = state[3];
70 e = state[4];
71
72 /* 4 rounds of 20 operations each. Loop unrolled. */
73 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
74 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
75 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
76 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
77 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
78 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
79 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
80 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
81 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
82 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
83 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
84 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
85 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
86 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
87 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
88 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
89 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
90 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
91 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
92 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
93
94 /* Add the working vars back into context.state[] */
95 state[0] += a;
96 state[1] += b;
97 state[2] += c;
98 state[3] += d;
99 state[4] += e;
100
101 /* Wipe variables */
102 a = b = c = d = e = 0;
103}
104
105
106/*
107 * SHA1Init - Initialize new context
108 */
109void
110SHA1Init(SHA1_CTX *context)
111{
112
113 /* SHA1 initialization constants */
114 context->count = 0;
115 context->state[0] = 0x67452301;
116 context->state[1] = 0xEFCDAB89;
117 context->state[2] = 0x98BADCFE;
118 context->state[3] = 0x10325476;
119 context->state[4] = 0xC3D2E1F0;
120}
121
122
123/*
124 * Run your data through this.
125 */
126void
127SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
128{
129 size_t i, j;
130
131 j = (size_t)((context->count >> 3) & 63);
132 context->count += (len << 3);
133 if ((j + len) > 63) {
134 (void)memcpy(&context->buffer[j], data, (i = 64-j));
135 SHA1Transform(context->state, context->buffer);
136 for ( ; i + 63 < len; i += 64)
137 SHA1Transform(context->state, (u_int8_t *)&data[i]);
138 j = 0;
139 } else {
140 i = 0;
141 }
142 (void)memcpy(&context->buffer[j], &data[i], len - i);
143}
144
145
146/*
147 * Add padding and return the message digest.
148 */
149void
150SHA1Pad(SHA1_CTX *context)
151{
152 u_int8_t finalcount[8];
153 u_int i;
154
155 for (i = 0; i < 8; i++) {
156 finalcount[i] = (u_int8_t)((context->count >>
157 ((7 - (i & 7)) * 8)) & 255); /* Endian independent */
158 }
159 SHA1Update(context, (u_int8_t *)"\200", 1);
160 while ((context->count & 504) != 448)
161 SHA1Update(context, (u_int8_t *)"\0", 1);
162 SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
163}
164
165void
166SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
167{
168 u_int i;
169
170 SHA1Pad(context);
171 for (i = 0; i < SHA1_DIGEST_LENGTH; i++) {
172 digest[i] = (u_int8_t)
173 ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
174 }
175 memset(context, 0, sizeof(*context));
176}
177#endif /* !WITH_OPENSSL */
diff --git a/openbsd-compat/sha1.h b/openbsd-compat/sha1.h
new file mode 100644
index 000000000..327d94cd5
--- /dev/null
+++ b/openbsd-compat/sha1.h
@@ -0,0 +1,58 @@
1/* $OpenBSD: sha1.h,v 1.24 2012/12/05 23:19:57 deraadt Exp $ */
2
3/*
4 * SHA-1 in C
5 * By Steve Reid <steve@edmweb.com>
6 * 100% Public Domain
7 */
8
9#ifndef _SHA1_H
10#define _SHA1_H
11
12#ifndef WITH_OPENSSL
13
14#define SHA1_BLOCK_LENGTH 64
15#define SHA1_DIGEST_LENGTH 20
16#define SHA1_DIGEST_STRING_LENGTH (SHA1_DIGEST_LENGTH * 2 + 1)
17
18typedef struct {
19 u_int32_t state[5];
20 u_int64_t count;
21 u_int8_t buffer[SHA1_BLOCK_LENGTH];
22} SHA1_CTX;
23
24void SHA1Init(SHA1_CTX *);
25void SHA1Pad(SHA1_CTX *);
26void SHA1Transform(u_int32_t [5], const u_int8_t [SHA1_BLOCK_LENGTH])
27 __attribute__((__bounded__(__minbytes__,1,5)))
28 __attribute__((__bounded__(__minbytes__,2,SHA1_BLOCK_LENGTH)));
29void SHA1Update(SHA1_CTX *, const u_int8_t *, size_t)
30 __attribute__((__bounded__(__string__,2,3)));
31void SHA1Final(u_int8_t [SHA1_DIGEST_LENGTH], SHA1_CTX *)
32 __attribute__((__bounded__(__minbytes__,1,SHA1_DIGEST_LENGTH)));
33char *SHA1End(SHA1_CTX *, char *)
34 __attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
35char *SHA1File(const char *, char *)
36 __attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
37char *SHA1FileChunk(const char *, char *, off_t, off_t)
38 __attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
39char *SHA1Data(const u_int8_t *, size_t, char *)
40 __attribute__((__bounded__(__string__,1,2)))
41 __attribute__((__bounded__(__minbytes__,3,SHA1_DIGEST_STRING_LENGTH)));
42
43#define HTONDIGEST(x) do { \
44 x[0] = htonl(x[0]); \
45 x[1] = htonl(x[1]); \
46 x[2] = htonl(x[2]); \
47 x[3] = htonl(x[3]); \
48 x[4] = htonl(x[4]); } while (0)
49
50#define NTOHDIGEST(x) do { \
51 x[0] = ntohl(x[0]); \
52 x[1] = ntohl(x[1]); \
53 x[2] = ntohl(x[2]); \
54 x[3] = ntohl(x[3]); \
55 x[4] = ntohl(x[4]); } while (0)
56
57#endif /* !WITH_OPENSSL */
58#endif /* _SHA1_H */
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-28 23:58:53 +0000