summaryrefslogtreecommitdiff
path: root/modules/pam_timestamp/sha1.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_timestamp/sha1.c')
-rw-r--r--modules/pam_timestamp/sha1.c254
1 files changed, 254 insertions, 0 deletions
diff --git a/modules/pam_timestamp/sha1.c b/modules/pam_timestamp/sha1.c
new file mode 100644
index 00000000..e6705eb5
--- /dev/null
+++ b/modules/pam_timestamp/sha1.c
@@ -0,0 +1,254 @@
+/* Yet another SHA-1 implementation.
+ *
+ * Copyright (c) 2003 Red Hat, Inc.
+ * Written by Nalin Dahyabhai <nalin@redhat.com>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+/* See http://www.itl.nist.gov/fipspubs/fip180-1.htm for descriptions. */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <netinet/in.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <endian.h>
+#include <unistd.h>
+#include "sha1.h"
+
+static unsigned char
+padding[SHA1_BLOCK_SIZE] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+};
+
+static u_int32_t
+F(u_int32_t b, u_int32_t c, u_int32_t d)
+{
+ return (b & c) | ((~b) & d);
+}
+
+static u_int32_t
+G(u_int32_t b, u_int32_t c, u_int32_t d)
+{
+ return b ^ c ^ d;
+}
+
+static u_int32_t
+H(u_int32_t b, u_int32_t c, u_int32_t d)
+{
+ return (b & c) | (b & d) | (c & d);
+}
+
+static u_int32_t
+RL(u_int32_t n, u_int32_t s)
+{
+ return (n << s) | (n >> (32 - s));
+}
+
+static u_int32_t
+sha1_round(u_int32_t (*FUNC)(u_int32_t, u_int32_t, u_int32_t),
+ u_int32_t a, u_int32_t b, u_int32_t c, u_int32_t d, u_int32_t e,
+ u_int32_t i, u_int32_t n)
+{
+ return RL(a, 5) + FUNC(b, c, d) + e + i + n;
+}
+
+void
+sha1_init(struct sha1_context *ctx)
+{
+ memset(ctx, 0, sizeof(*ctx));
+ ctx->a = 0x67452301;
+ ctx->b = 0xefcdab89;
+ ctx->c = 0x98badcfe;
+ ctx->d = 0x10325476;
+ ctx->e = 0xc3d2e1f0;
+}
+
+static void
+sha1_process(struct sha1_context *ctx, u_int32_t buffer[SHA1_BLOCK_SIZE / 4])
+{
+ u_int32_t a, b, c, d, e, temp;
+ u_int32_t data[80];
+ int i;
+
+ for (i = 0; i < 16; i++) {
+ data[i] = htonl(buffer[i]);
+ }
+ for (i = 16; i < 80; i++) {
+ data[i] = RL(data[i - 3] ^ data[i - 8] ^ data[i - 14] ^ data[i - 16], 1);
+ }
+
+ a = ctx->a;
+ b = ctx->b;
+ c = ctx->c;
+ d = ctx->d;
+ e = ctx->e;
+
+ for (i = 0; i < 20; i++) {
+ temp = sha1_round(F, a, b, c, d, e, data[i], 0x5a827999);
+ e = d; d = c; c = RL(b, 30); b = a; a = temp;
+ }
+ for (i = 20; i < 40; i++) {
+ temp = sha1_round(G, a, b, c, d, e, data[i], 0x6ed9eba1);
+ e = d; d = c; c = RL(b, 30); b = a; a = temp;
+ }
+ for (i = 40; i < 60; i++) {
+ temp = sha1_round(H, a, b, c, d, e, data[i], 0x8f1bbcdc);
+ e = d; d = c; c = RL(b, 30); b = a; a = temp;
+ }
+ for (i = 60; i < 80; i++) {
+ temp = sha1_round(G, a, b, c, d, e, data[i], 0xca62c1d6);
+ e = d; d = c; c = RL(b, 30); b = a; a = temp;
+ }
+
+ ctx->a += a;
+ ctx->b += b;
+ ctx->c += c;
+ ctx->d += d;
+ ctx->e += e;
+
+ memset(buffer, 0, sizeof(buffer[0]) * SHA1_BLOCK_SIZE / 4);
+ memset(data, 0, sizeof(data));
+}
+
+void
+sha1_update(struct sha1_context *ctx, const unsigned char *data, size_t length)
+{
+ size_t i = 0, l = length, c, t;
+ u_int32_t count = 0;
+
+ /* Process any pending + data blocks. */
+ while (l + ctx->pending_count >= SHA1_BLOCK_SIZE) {
+ c = ctx->pending_count;
+ t = SHA1_BLOCK_SIZE - c;
+ memcpy(ctx->pending + c, &data[i], t);
+ sha1_process(ctx, (u_int32_t*) ctx->pending);
+ i += t;
+ l -= t;
+ ctx->pending_count = 0;
+ }
+
+ /* Save what's left of the data block as a pending data block. */
+ c = ctx->pending_count;
+ memcpy(ctx->pending + c, &data[i], l);
+ ctx->pending_count += l;
+
+ /* Update the message length. */
+ ctx->count += length;
+
+ /* Update our internal counts. */
+ if (length != 0) {
+ count = ctx->counts[0];
+ ctx->counts[0] += length;
+ if (count >= ctx->counts[0]) {
+ ctx->counts[1]++;
+ }
+ }
+}
+
+size_t
+sha1_output(struct sha1_context *ctx, unsigned char *out)
+{
+ struct sha1_context ctx2;
+
+ /* Output the sum. */
+ if (out != NULL) {
+ u_int32_t c;
+ memcpy(&ctx2, ctx, sizeof(ctx2));
+
+ /* Pad this block. */
+ c = ctx2.pending_count;
+ memcpy(ctx2.pending + c,
+ padding, SHA1_BLOCK_SIZE - c);
+
+ /* Do we need to process two blocks now? */
+ if (c >= (SHA1_BLOCK_SIZE - (sizeof(u_int32_t) * 2))) {
+ /* Process this block. */
+ sha1_process(&ctx2,
+ (u_int32_t*) ctx2.pending);
+ /* Set up another block. */
+ ctx2.pending_count = 0;
+ memset(ctx2.pending, 0, SHA1_BLOCK_SIZE);
+ ctx2.pending[0] =
+ (c == SHA1_BLOCK_SIZE) ? 0x80 : 0;
+ }
+
+ /* Process the final block. */
+ ctx2.counts[1] <<= 3;
+ if (ctx2.counts[0] >> 29) {
+ ctx2.counts[1] |=
+ (ctx2.counts[0] >> 29);
+ }
+ ctx2.counts[0] <<= 3;
+ ctx2.counts[0] = htonl(ctx2.counts[0]);
+ ctx2.counts[1] = htonl(ctx2.counts[1]);
+ memcpy(ctx2.pending + 56,
+ &ctx2.counts[1], sizeof(u_int32_t));
+ memcpy(ctx2.pending + 60,
+ &ctx2.counts[0], sizeof(u_int32_t));
+ sha1_process(&ctx2, (u_int32_t*) ctx2.pending);
+
+ /* Output the data. */
+ out[ 3] = (ctx2.a >> 0) & 0xff;
+ out[ 2] = (ctx2.a >> 8) & 0xff;
+ out[ 1] = (ctx2.a >> 16) & 0xff;
+ out[ 0] = (ctx2.a >> 24) & 0xff;
+
+ out[ 7] = (ctx2.b >> 0) & 0xff;
+ out[ 6] = (ctx2.b >> 8) & 0xff;
+ out[ 5] = (ctx2.b >> 16) & 0xff;
+ out[ 4] = (ctx2.b >> 24) & 0xff;
+
+ out[11] = (ctx2.c >> 0) & 0xff;
+ out[10] = (ctx2.c >> 8) & 0xff;
+ out[ 9] = (ctx2.c >> 16) & 0xff;
+ out[ 8] = (ctx2.c >> 24) & 0xff;
+
+ out[15] = (ctx2.d >> 0) & 0xff;
+ out[14] = (ctx2.d >> 8) & 0xff;
+ out[13] = (ctx2.d >> 16) & 0xff;
+ out[12] = (ctx2.d >> 24) & 0xff;
+
+ out[19] = (ctx2.e >> 0) & 0xff;
+ out[18] = (ctx2.e >> 8) & 0xff;
+ out[17] = (ctx2.e >> 16) & 0xff;
+ out[16] = (ctx2.e >> 24) & 0xff;
+ }
+
+ return SHA1_OUTPUT_SIZE;
+}