Google Git
Sign in
go / go / 9bef5cfb9b6f8db3465f1b7e799db66599915096 / . / src / crypto / sha1 / sha1block.go
blob: fde3c981c083f46c24b620c63758200df8c238b0 [file] [log] [blame]
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]1// Copyright 2009 The Go Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style
3// license that can be found in the LICENSE file.
4
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]5package sha1
6
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]7const (
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]8 _K0 = 0x5A827999
9 _K1 = 0x6ED9EBA1
10 _K2 = 0x8F1BBCDC
11 _K3 = 0xCA62C1D6
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]12)
13
Brad Fitzpatrick14c5c8a2014-02-12 11:27:36 -0800[diff] [blame]14// blockGeneric is a portable, pure Go version of the SHA1 block step.
15// It's used by sha1block_generic.go and tests.
16func blockGeneric(dig *digest, p []byte) {
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]17 var w [16]uint32
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]18
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]19 h0, h1, h2, h3, h4 := dig.h[0], dig.h[1], dig.h[2], dig.h[3], dig.h[4]
Russ Cox992a11b2012-05-29 12:45:40 -0400[diff] [blame]20 for len(p) >= chunk {
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]21 // Can interlace the computation of w with the
22 // rounds below if needed for speed.
23 for i := 0; i < 16; i++ {
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]24 j := i * 4
25 w[i] = uint32(p[j])<<24 | uint32(p[j+1])<<16 | uint32(p[j+2])<<8 | uint32(p[j+3])
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]26 }
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]27
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]28 a, b, c, d, e := h0, h1, h2, h3, h4
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]29
30 // Each of the four 20-iteration rounds
31 // differs only in the computation of f and
Russ Coxd2cdcfc2009-01-16 10:14:28 -0800[diff] [blame]32 // the choice of K (_K0, _K1, etc).
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]33 i := 0
34 for ; i < 16; i++ {
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]35 f := b&c | (^b)&d
36 a5 := a<<5 | a>>(32-5)
37 b30 := b<<30 | b>>(32-30)
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]38 t := a5 + f + e + w[i&0xf] + _K0
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]39 a, b, c, d, e = t, a, b30, c, d
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]40 }
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]41 for ; i < 20; i++ {
42 tmp := w[(i-3)&0xf] ^ w[(i-8)&0xf] ^ w[(i-14)&0xf] ^ w[(i)&0xf]
43 w[i&0xf] = tmp<<1 | tmp>>(32-1)
44
45 f := b&c | (^b)&d
46 a5 := a<<5 | a>>(32-5)
47 b30 := b<<30 | b>>(32-30)
48 t := a5 + f + e + w[i&0xf] + _K0
49 a, b, c, d, e = t, a, b30, c, d
50 }
51 for ; i < 40; i++ {
52 tmp := w[(i-3)&0xf] ^ w[(i-8)&0xf] ^ w[(i-14)&0xf] ^ w[(i)&0xf]
53 w[i&0xf] = tmp<<1 | tmp>>(32-1)
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]54 f := b ^ c ^ d
55 a5 := a<<5 | a>>(32-5)
56 b30 := b<<30 | b>>(32-30)
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]57 t := a5 + f + e + w[i&0xf] + _K1
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]58 a, b, c, d, e = t, a, b30, c, d
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]59 }
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]60 for ; i < 60; i++ {
61 tmp := w[(i-3)&0xf] ^ w[(i-8)&0xf] ^ w[(i-14)&0xf] ^ w[(i)&0xf]
62 w[i&0xf] = tmp<<1 | tmp>>(32-1)
63 f := ((b | c) & d) | (b & c)
64
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]65 a5 := a<<5 | a>>(32-5)
66 b30 := b<<30 | b>>(32-30)
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]67 t := a5 + f + e + w[i&0xf] + _K2
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]68 a, b, c, d, e = t, a, b30, c, d
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]69 }
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]70 for ; i < 80; i++ {
71 tmp := w[(i-3)&0xf] ^ w[(i-8)&0xf] ^ w[(i-14)&0xf] ^ w[(i)&0xf]
72 w[i&0xf] = tmp<<1 | tmp>>(32-1)
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]73 f := b ^ c ^ d
74 a5 := a<<5 | a>>(32-5)
75 b30 := b<<30 | b>>(32-30)
Carl Mastrangelof8892fb2012-11-07 13:41:02 +1100[diff] [blame]76 t := a5 + f + e + w[i&0xf] + _K3
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]77 a, b, c, d, e = t, a, b30, c, d
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]78 }
79
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]80 h0 += a
81 h1 += b
82 h2 += c
83 h3 += d
84 h4 += e
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]85
Russ Cox992a11b2012-05-29 12:45:40 -0400[diff] [blame]86 p = p[chunk:]
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]87 }
88
Robert Griesemer5a1d3322009-12-15 15:33:31 -0800[diff] [blame]89 dig.h[0], dig.h[1], dig.h[2], dig.h[3], dig.h[4] = h0, h1, h2, h3, h4
Russ Coxe3b79302008-11-24 12:30:40 -0800[diff] [blame]90}