Merge branch 'md/exclude-promisor-objects-fix'
[git/git.git] / sha1dc / sha1.c
1 /***
2 * Copyright 2017 Marc Stevens <marc@marc-stevens.nl>, Dan Shumow (danshu@microsoft.com)
3 * Distributed under the MIT Software License.
4 * See accompanying file LICENSE.txt or copy at
5 * https://opensource.org/licenses/MIT
6 ***/
7
8 #ifndef SHA1DC_NO_STANDARD_INCLUDES
9 #include <string.h>
10 #include <memory.h>
11 #include <stdio.h>
12 #include <stdlib.h>
13 #ifdef __unix__
14 #include <sys/types.h> /* make sure macros like _BIG_ENDIAN visible */
15 #endif
16 #endif
17
18 #ifdef SHA1DC_CUSTOM_INCLUDE_SHA1_C
19 #include SHA1DC_CUSTOM_INCLUDE_SHA1_C
20 #endif
21
22 #ifndef SHA1DC_INIT_SAFE_HASH_DEFAULT
23 #define SHA1DC_INIT_SAFE_HASH_DEFAULT 1
24 #endif
25
26 #include "sha1.h"
27 #include "ubc_check.h"
28
29 #if (defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) || \
30 defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) || \
31 defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(__X86__) || \
32 defined(_X86_) || defined(__THW_INTEL__) || defined(__I86__) || defined(__INTEL__) || \
33 defined(__386) || defined(_M_X64) || defined(_M_AMD64))
34 #define SHA1DC_ON_INTEL_LIKE_PROCESSOR
35 #endif
36
37 /*
38 Because Little-Endian architectures are most common,
39 we only set SHA1DC_BIGENDIAN if one of these conditions is met.
40 Note that all MSFT platforms are little endian,
41 so none of these will be defined under the MSC compiler.
42 If you are compiling on a big endian platform and your compiler does not define one of these,
43 you will have to add whatever macros your tool chain defines to indicate Big-Endianness.
44 */
45
46 #if defined(__BYTE_ORDER__) && defined(__ORDER_BIG_ENDIAN__)
47 /*
48 * Should detect Big Endian under GCC since at least 4.6.0 (gcc svn
49 * rev #165881). See
50 * https://gcc.gnu.org/onlinedocs/cpp/Common-Predefined-Macros.html
51 *
52 * This also works under clang since 3.2, it copied the GCC-ism. See
53 * clang.git's 3b198a97d2 ("Preprocessor: add __BYTE_ORDER__
54 * predefined macro", 2012-07-27)
55 */
56 #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
57 #define SHA1DC_BIGENDIAN
58 #endif
59
60 /* Not under GCC-alike */
61 #elif defined(__BYTE_ORDER) && defined(__BIG_ENDIAN)
62 /*
63 * Should detect Big Endian under glibc.git since 14245eb70e ("entered
64 * into RCS", 1992-11-25). Defined in <endian.h> which will have been
65 * brought in by standard headers. See glibc.git and
66 * https://sourceforge.net/p/predef/wiki/Endianness/
67 */
68 #if __BYTE_ORDER == __BIG_ENDIAN
69 #define SHA1DC_BIGENDIAN
70 #endif
71
72 /* Not under GCC-alike or glibc */
73 #elif defined(_BYTE_ORDER) && defined(_BIG_ENDIAN) && defined(_LITTLE_ENDIAN)
74 /*
75 * *BSD and newlib (embeded linux, cygwin, etc).
76 * the defined(_BIG_ENDIAN) && defined(_LITTLE_ENDIAN) part prevents
77 * this condition from matching with Solaris/sparc.
78 * (Solaris defines only one endian macro)
79 */
80 #if _BYTE_ORDER == _BIG_ENDIAN
81 #define SHA1DC_BIGENDIAN
82 #endif
83
84 /* Not under GCC-alike or glibc or *BSD or newlib */
85 #elif (defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \
86 defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || \
87 defined(__sparc))
88 /*
89 * Should define Big Endian for a whitelist of known processors. See
90 * https://sourceforge.net/p/predef/wiki/Endianness/ and
91 * http://www.oracle.com/technetwork/server-storage/solaris/portingtosolaris-138514.html
92 */
93 #define SHA1DC_BIGENDIAN
94
95 /* Not under GCC-alike or glibc or *BSD or newlib or <processor whitelist> */
96 #elif (defined(_AIX))
97
98 /*
99 * Defines Big Endian on a whitelist of OSs that are known to be Big
100 * Endian-only. See
101 * https://public-inbox.org/git/93056823-2740-d072-1ebd-46b440b33d7e@felt.demon.nl/
102 */
103 #define SHA1DC_BIGENDIAN
104
105 /* Not under GCC-alike or glibc or *BSD or newlib or <processor whitelist> or <os whitelist> */
106 #elif defined(SHA1DC_ON_INTEL_LIKE_PROCESSOR)
107 /*
108 * As a last resort before we do anything else we're not 100% sure
109 * about below, we blacklist specific processors here. We could add
110 * more, see e.g. https://wiki.debian.org/ArchitectureSpecificsMemo
111 */
112 #else /* Not under GCC-alike or glibc or *BSD or newlib or <processor whitelist> or <os whitelist> or <processor blacklist> */
113
114 /* We do nothing more here for now */
115 /*#error "Uncomment this to see if you fall through all the detection"*/
116
117 #endif /* Big Endian detection */
118
119 #if (defined(SHA1DC_FORCE_LITTLEENDIAN) && defined(SHA1DC_BIGENDIAN))
120 #undef SHA1DC_BIGENDIAN
121 #endif
122 #if (defined(SHA1DC_FORCE_BIGENDIAN) && !defined(SHA1DC_BIGENDIAN))
123 #define SHA1DC_BIGENDIAN
124 #endif
125 /*ENDIANNESS SELECTION*/
126
127 #if defined(SHA1DC_FORCE_UNALIGNED_ACCESS) || defined(SHA1DC_ON_INTEL_LIKE_PROCESSOR)
128 #define SHA1DC_ALLOW_UNALIGNED_ACCESS
129 #endif /*UNALIGNMENT DETECTION*/
130
131
132 #define rotate_right(x,n) (((x)>>(n))|((x)<<(32-(n))))
133 #define rotate_left(x,n) (((x)<<(n))|((x)>>(32-(n))))
134
135 #define sha1_bswap32(x) \
136 {x = ((x << 8) & 0xFF00FF00) | ((x >> 8) & 0xFF00FF); x = (x << 16) | (x >> 16);}
137
138 #define sha1_mix(W, t) (rotate_left(W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16], 1))
139
140 #ifdef SHA1DC_BIGENDIAN
141 #define sha1_load(m, t, temp) { temp = m[t]; }
142 #else
143 #define sha1_load(m, t, temp) { temp = m[t]; sha1_bswap32(temp); }
144 #endif
145
146 #define sha1_store(W, t, x) *(volatile uint32_t *)&W[t] = x
147
148 #define sha1_f1(b,c,d) ((d)^((b)&((c)^(d))))
149 #define sha1_f2(b,c,d) ((b)^(c)^(d))
150 #define sha1_f3(b,c,d) (((b)&(c))+((d)&((b)^(c))))
151 #define sha1_f4(b,c,d) ((b)^(c)^(d))
152
153 #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, m, t) \
154 { e += rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; b = rotate_left(b, 30); }
155 #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, m, t) \
156 { e += rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; b = rotate_left(b, 30); }
157 #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, m, t) \
158 { e += rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; b = rotate_left(b, 30); }
159 #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, m, t) \
160 { e += rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; b = rotate_left(b, 30); }
161
162 #define HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, m, t) \
163 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999 + m[t]; }
164 #define HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, m, t) \
165 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1 + m[t]; }
166 #define HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, m, t) \
167 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC + m[t]; }
168 #define HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, m, t) \
169 { b = rotate_right(b, 30); e -= rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6 + m[t]; }
170
171 #define SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, t, temp) \
172 {sha1_load(m, t, temp); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30);}
173
174 #define SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(a, b, c, d, e, W, t, temp) \
175 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f1(b,c,d) + 0x5A827999; b = rotate_left(b, 30); }
176
177 #define SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, t, temp) \
178 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f2(b,c,d) + 0x6ED9EBA1; b = rotate_left(b, 30); }
179
180 #define SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, t, temp) \
181 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f3(b,c,d) + 0x8F1BBCDC; b = rotate_left(b, 30); }
182
183 #define SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, t, temp) \
184 {temp = sha1_mix(W, t); sha1_store(W, t, temp); e += temp + rotate_left(a, 5) + sha1_f4(b,c,d) + 0xCA62C1D6; b = rotate_left(b, 30); }
185
186
187 #define SHA1_STORE_STATE(i) states[i][0] = a; states[i][1] = b; states[i][2] = c; states[i][3] = d; states[i][4] = e;
188
189 #ifdef BUILDNOCOLLDETECTSHA1COMPRESSION
190 void sha1_compression(uint32_t ihv[5], const uint32_t m[16])
191 {
192 uint32_t W[80];
193 uint32_t a,b,c,d,e;
194 unsigned i;
195
196 memcpy(W, m, 16 * 4);
197 for (i = 16; i < 80; ++i)
198 W[i] = sha1_mix(W, i);
199
200 a = ihv[0]; b = ihv[1]; c = ihv[2]; d = ihv[3]; e = ihv[4];
201
202 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 0);
203 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 1);
204 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 2);
205 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 3);
206 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 4);
207 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 5);
208 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 6);
209 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 7);
210 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 8);
211 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 9);
212 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 10);
213 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 11);
214 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 12);
215 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 13);
216 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 14);
217 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 15);
218 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 16);
219 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 17);
220 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 18);
221 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 19);
222
223 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 20);
224 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 21);
225 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 22);
226 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 23);
227 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 24);
228 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 25);
229 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 26);
230 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 27);
231 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 28);
232 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 29);
233 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 30);
234 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 31);
235 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 32);
236 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 33);
237 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 34);
238 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 35);
239 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 36);
240 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 37);
241 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 38);
242 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 39);
243
244 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 40);
245 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 41);
246 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 42);
247 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 43);
248 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 44);
249 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 45);
250 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 46);
251 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 47);
252 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 48);
253 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 49);
254 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 50);
255 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 51);
256 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 52);
257 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 53);
258 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 54);
259 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 55);
260 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 56);
261 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 57);
262 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 58);
263 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 59);
264
265 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 60);
266 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 61);
267 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 62);
268 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 63);
269 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 64);
270 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 65);
271 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 66);
272 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 67);
273 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 68);
274 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 69);
275 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 70);
276 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 71);
277 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 72);
278 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 73);
279 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 74);
280 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 75);
281 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 76);
282 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 77);
283 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 78);
284 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 79);
285
286 ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e;
287 }
288 #endif /*BUILDNOCOLLDETECTSHA1COMPRESSION*/
289
290
291 static void sha1_compression_W(uint32_t ihv[5], const uint32_t W[80])
292 {
293 uint32_t a = ihv[0], b = ihv[1], c = ihv[2], d = ihv[3], e = ihv[4];
294
295 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 0);
296 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 1);
297 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 2);
298 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 3);
299 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 4);
300 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 5);
301 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 6);
302 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 7);
303 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 8);
304 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 9);
305 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 10);
306 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 11);
307 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 12);
308 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 13);
309 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 14);
310 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, W, 15);
311 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, W, 16);
312 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, W, 17);
313 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, W, 18);
314 HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, W, 19);
315
316 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 20);
317 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 21);
318 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 22);
319 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 23);
320 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 24);
321 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 25);
322 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 26);
323 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 27);
324 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 28);
325 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 29);
326 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 30);
327 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 31);
328 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 32);
329 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 33);
330 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 34);
331 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, W, 35);
332 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, W, 36);
333 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, W, 37);
334 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, W, 38);
335 HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, W, 39);
336
337 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 40);
338 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 41);
339 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 42);
340 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 43);
341 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 44);
342 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 45);
343 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 46);
344 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 47);
345 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 48);
346 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 49);
347 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 50);
348 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 51);
349 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 52);
350 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 53);
351 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 54);
352 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, W, 55);
353 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, W, 56);
354 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, W, 57);
355 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, W, 58);
356 HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, W, 59);
357
358 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 60);
359 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 61);
360 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 62);
361 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 63);
362 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 64);
363 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 65);
364 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 66);
365 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 67);
366 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 68);
367 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 69);
368 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 70);
369 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 71);
370 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 72);
371 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 73);
372 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 74);
373 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, W, 75);
374 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, W, 76);
375 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, W, 77);
376 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, W, 78);
377 HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, W, 79);
378
379 ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e;
380 }
381
382
383
384 void sha1_compression_states(uint32_t ihv[5], const uint32_t m[16], uint32_t W[80], uint32_t states[80][5])
385 {
386 uint32_t a = ihv[0], b = ihv[1], c = ihv[2], d = ihv[3], e = ihv[4];
387 uint32_t temp;
388
389 #ifdef DOSTORESTATE00
390 SHA1_STORE_STATE(0)
391 #endif
392 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 0, temp);
393
394 #ifdef DOSTORESTATE01
395 SHA1_STORE_STATE(1)
396 #endif
397 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 1, temp);
398
399 #ifdef DOSTORESTATE02
400 SHA1_STORE_STATE(2)
401 #endif
402 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 2, temp);
403
404 #ifdef DOSTORESTATE03
405 SHA1_STORE_STATE(3)
406 #endif
407 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 3, temp);
408
409 #ifdef DOSTORESTATE04
410 SHA1_STORE_STATE(4)
411 #endif
412 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 4, temp);
413
414 #ifdef DOSTORESTATE05
415 SHA1_STORE_STATE(5)
416 #endif
417 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 5, temp);
418
419 #ifdef DOSTORESTATE06
420 SHA1_STORE_STATE(6)
421 #endif
422 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 6, temp);
423
424 #ifdef DOSTORESTATE07
425 SHA1_STORE_STATE(7)
426 #endif
427 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 7, temp);
428
429 #ifdef DOSTORESTATE08
430 SHA1_STORE_STATE(8)
431 #endif
432 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 8, temp);
433
434 #ifdef DOSTORESTATE09
435 SHA1_STORE_STATE(9)
436 #endif
437 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 9, temp);
438
439 #ifdef DOSTORESTATE10
440 SHA1_STORE_STATE(10)
441 #endif
442 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 10, temp);
443
444 #ifdef DOSTORESTATE11
445 SHA1_STORE_STATE(11)
446 #endif
447 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(e, a, b, c, d, m, W, 11, temp);
448
449 #ifdef DOSTORESTATE12
450 SHA1_STORE_STATE(12)
451 #endif
452 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(d, e, a, b, c, m, W, 12, temp);
453
454 #ifdef DOSTORESTATE13
455 SHA1_STORE_STATE(13)
456 #endif
457 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(c, d, e, a, b, m, W, 13, temp);
458
459 #ifdef DOSTORESTATE14
460 SHA1_STORE_STATE(14)
461 #endif
462 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(b, c, d, e, a, m, W, 14, temp);
463
464 #ifdef DOSTORESTATE15
465 SHA1_STORE_STATE(15)
466 #endif
467 SHA1COMPRESS_FULL_ROUND1_STEP_LOAD(a, b, c, d, e, m, W, 15, temp);
468
469 #ifdef DOSTORESTATE16
470 SHA1_STORE_STATE(16)
471 #endif
472 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(e, a, b, c, d, W, 16, temp);
473
474 #ifdef DOSTORESTATE17
475 SHA1_STORE_STATE(17)
476 #endif
477 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(d, e, a, b, c, W, 17, temp);
478
479 #ifdef DOSTORESTATE18
480 SHA1_STORE_STATE(18)
481 #endif
482 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(c, d, e, a, b, W, 18, temp);
483
484 #ifdef DOSTORESTATE19
485 SHA1_STORE_STATE(19)
486 #endif
487 SHA1COMPRESS_FULL_ROUND1_STEP_EXPAND(b, c, d, e, a, W, 19, temp);
488
489
490
491 #ifdef DOSTORESTATE20
492 SHA1_STORE_STATE(20)
493 #endif
494 SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 20, temp);
495
496 #ifdef DOSTORESTATE21
497 SHA1_STORE_STATE(21)
498 #endif
499 SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 21, temp);
500
501 #ifdef DOSTORESTATE22
502 SHA1_STORE_STATE(22)
503 #endif
504 SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 22, temp);
505
506 #ifdef DOSTORESTATE23
507 SHA1_STORE_STATE(23)
508 #endif
509 SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 23, temp);
510
511 #ifdef DOSTORESTATE24
512 SHA1_STORE_STATE(24)
513 #endif
514 SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 24, temp);
515
516 #ifdef DOSTORESTATE25
517 SHA1_STORE_STATE(25)
518 #endif
519 SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 25, temp);
520
521 #ifdef DOSTORESTATE26
522 SHA1_STORE_STATE(26)
523 #endif
524 SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 26, temp);
525
526 #ifdef DOSTORESTATE27
527 SHA1_STORE_STATE(27)
528 #endif
529 SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 27, temp);
530
531 #ifdef DOSTORESTATE28
532 SHA1_STORE_STATE(28)
533 #endif
534 SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 28, temp);
535
536 #ifdef DOSTORESTATE29
537 SHA1_STORE_STATE(29)
538 #endif
539 SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 29, temp);
540
541 #ifdef DOSTORESTATE30
542 SHA1_STORE_STATE(30)
543 #endif
544 SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 30, temp);
545
546 #ifdef DOSTORESTATE31
547 SHA1_STORE_STATE(31)
548 #endif
549 SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 31, temp);
550
551 #ifdef DOSTORESTATE32
552 SHA1_STORE_STATE(32)
553 #endif
554 SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 32, temp);
555
556 #ifdef DOSTORESTATE33
557 SHA1_STORE_STATE(33)
558 #endif
559 SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 33, temp);
560
561 #ifdef DOSTORESTATE34
562 SHA1_STORE_STATE(34)
563 #endif
564 SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 34, temp);
565
566 #ifdef DOSTORESTATE35
567 SHA1_STORE_STATE(35)
568 #endif
569 SHA1COMPRESS_FULL_ROUND2_STEP(a, b, c, d, e, W, 35, temp);
570
571 #ifdef DOSTORESTATE36
572 SHA1_STORE_STATE(36)
573 #endif
574 SHA1COMPRESS_FULL_ROUND2_STEP(e, a, b, c, d, W, 36, temp);
575
576 #ifdef DOSTORESTATE37
577 SHA1_STORE_STATE(37)
578 #endif
579 SHA1COMPRESS_FULL_ROUND2_STEP(d, e, a, b, c, W, 37, temp);
580
581 #ifdef DOSTORESTATE38
582 SHA1_STORE_STATE(38)
583 #endif
584 SHA1COMPRESS_FULL_ROUND2_STEP(c, d, e, a, b, W, 38, temp);
585
586 #ifdef DOSTORESTATE39
587 SHA1_STORE_STATE(39)
588 #endif
589 SHA1COMPRESS_FULL_ROUND2_STEP(b, c, d, e, a, W, 39, temp);
590
591
592
593 #ifdef DOSTORESTATE40
594 SHA1_STORE_STATE(40)
595 #endif
596 SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 40, temp);
597
598 #ifdef DOSTORESTATE41
599 SHA1_STORE_STATE(41)
600 #endif
601 SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 41, temp);
602
603 #ifdef DOSTORESTATE42
604 SHA1_STORE_STATE(42)
605 #endif
606 SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 42, temp);
607
608 #ifdef DOSTORESTATE43
609 SHA1_STORE_STATE(43)
610 #endif
611 SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 43, temp);
612
613 #ifdef DOSTORESTATE44
614 SHA1_STORE_STATE(44)
615 #endif
616 SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 44, temp);
617
618 #ifdef DOSTORESTATE45
619 SHA1_STORE_STATE(45)
620 #endif
621 SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 45, temp);
622
623 #ifdef DOSTORESTATE46
624 SHA1_STORE_STATE(46)
625 #endif
626 SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 46, temp);
627
628 #ifdef DOSTORESTATE47
629 SHA1_STORE_STATE(47)
630 #endif
631 SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 47, temp);
632
633 #ifdef DOSTORESTATE48
634 SHA1_STORE_STATE(48)
635 #endif
636 SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 48, temp);
637
638 #ifdef DOSTORESTATE49
639 SHA1_STORE_STATE(49)
640 #endif
641 SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 49, temp);
642
643 #ifdef DOSTORESTATE50
644 SHA1_STORE_STATE(50)
645 #endif
646 SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 50, temp);
647
648 #ifdef DOSTORESTATE51
649 SHA1_STORE_STATE(51)
650 #endif
651 SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 51, temp);
652
653 #ifdef DOSTORESTATE52
654 SHA1_STORE_STATE(52)
655 #endif
656 SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 52, temp);
657
658 #ifdef DOSTORESTATE53
659 SHA1_STORE_STATE(53)
660 #endif
661 SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 53, temp);
662
663 #ifdef DOSTORESTATE54
664 SHA1_STORE_STATE(54)
665 #endif
666 SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 54, temp);
667
668 #ifdef DOSTORESTATE55
669 SHA1_STORE_STATE(55)
670 #endif
671 SHA1COMPRESS_FULL_ROUND3_STEP(a, b, c, d, e, W, 55, temp);
672
673 #ifdef DOSTORESTATE56
674 SHA1_STORE_STATE(56)
675 #endif
676 SHA1COMPRESS_FULL_ROUND3_STEP(e, a, b, c, d, W, 56, temp);
677
678 #ifdef DOSTORESTATE57
679 SHA1_STORE_STATE(57)
680 #endif
681 SHA1COMPRESS_FULL_ROUND3_STEP(d, e, a, b, c, W, 57, temp);
682
683 #ifdef DOSTORESTATE58
684 SHA1_STORE_STATE(58)
685 #endif
686 SHA1COMPRESS_FULL_ROUND3_STEP(c, d, e, a, b, W, 58, temp);
687
688 #ifdef DOSTORESTATE59
689 SHA1_STORE_STATE(59)
690 #endif
691 SHA1COMPRESS_FULL_ROUND3_STEP(b, c, d, e, a, W, 59, temp);
692
693
694
695
696 #ifdef DOSTORESTATE60
697 SHA1_STORE_STATE(60)
698 #endif
699 SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 60, temp);
700
701 #ifdef DOSTORESTATE61
702 SHA1_STORE_STATE(61)
703 #endif
704 SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 61, temp);
705
706 #ifdef DOSTORESTATE62
707 SHA1_STORE_STATE(62)
708 #endif
709 SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 62, temp);
710
711 #ifdef DOSTORESTATE63
712 SHA1_STORE_STATE(63)
713 #endif
714 SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 63, temp);
715
716 #ifdef DOSTORESTATE64
717 SHA1_STORE_STATE(64)
718 #endif
719 SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 64, temp);
720
721 #ifdef DOSTORESTATE65
722 SHA1_STORE_STATE(65)
723 #endif
724 SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 65, temp);
725
726 #ifdef DOSTORESTATE66
727 SHA1_STORE_STATE(66)
728 #endif
729 SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 66, temp);
730
731 #ifdef DOSTORESTATE67
732 SHA1_STORE_STATE(67)
733 #endif
734 SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 67, temp);
735
736 #ifdef DOSTORESTATE68
737 SHA1_STORE_STATE(68)
738 #endif
739 SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 68, temp);
740
741 #ifdef DOSTORESTATE69
742 SHA1_STORE_STATE(69)
743 #endif
744 SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 69, temp);
745
746 #ifdef DOSTORESTATE70
747 SHA1_STORE_STATE(70)
748 #endif
749 SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 70, temp);
750
751 #ifdef DOSTORESTATE71
752 SHA1_STORE_STATE(71)
753 #endif
754 SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 71, temp);
755
756 #ifdef DOSTORESTATE72
757 SHA1_STORE_STATE(72)
758 #endif
759 SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 72, temp);
760
761 #ifdef DOSTORESTATE73
762 SHA1_STORE_STATE(73)
763 #endif
764 SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 73, temp);
765
766 #ifdef DOSTORESTATE74
767 SHA1_STORE_STATE(74)
768 #endif
769 SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 74, temp);
770
771 #ifdef DOSTORESTATE75
772 SHA1_STORE_STATE(75)
773 #endif
774 SHA1COMPRESS_FULL_ROUND4_STEP(a, b, c, d, e, W, 75, temp);
775
776 #ifdef DOSTORESTATE76
777 SHA1_STORE_STATE(76)
778 #endif
779 SHA1COMPRESS_FULL_ROUND4_STEP(e, a, b, c, d, W, 76, temp);
780
781 #ifdef DOSTORESTATE77
782 SHA1_STORE_STATE(77)
783 #endif
784 SHA1COMPRESS_FULL_ROUND4_STEP(d, e, a, b, c, W, 77, temp);
785
786 #ifdef DOSTORESTATE78
787 SHA1_STORE_STATE(78)
788 #endif
789 SHA1COMPRESS_FULL_ROUND4_STEP(c, d, e, a, b, W, 78, temp);
790
791 #ifdef DOSTORESTATE79
792 SHA1_STORE_STATE(79)
793 #endif
794 SHA1COMPRESS_FULL_ROUND4_STEP(b, c, d, e, a, W, 79, temp);
795
796
797
798 ihv[0] += a; ihv[1] += b; ihv[2] += c; ihv[3] += d; ihv[4] += e;
799 }
800
801
802
803
804 #define SHA1_RECOMPRESS(t) \
805 static void sha1recompress_fast_ ## t (uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5]) \
806 { \
807 uint32_t a = state[0], b = state[1], c = state[2], d = state[3], e = state[4]; \
808 if (t > 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 79); \
809 if (t > 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 78); \
810 if (t > 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 77); \
811 if (t > 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 76); \
812 if (t > 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 75); \
813 if (t > 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 74); \
814 if (t > 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 73); \
815 if (t > 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 72); \
816 if (t > 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 71); \
817 if (t > 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 70); \
818 if (t > 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 69); \
819 if (t > 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 68); \
820 if (t > 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 67); \
821 if (t > 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 66); \
822 if (t > 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 65); \
823 if (t > 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(b, c, d, e, a, me2, 64); \
824 if (t > 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(c, d, e, a, b, me2, 63); \
825 if (t > 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(d, e, a, b, c, me2, 62); \
826 if (t > 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(e, a, b, c, d, me2, 61); \
827 if (t > 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP_BW(a, b, c, d, e, me2, 60); \
828 if (t > 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 59); \
829 if (t > 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 58); \
830 if (t > 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 57); \
831 if (t > 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 56); \
832 if (t > 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 55); \
833 if (t > 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 54); \
834 if (t > 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 53); \
835 if (t > 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 52); \
836 if (t > 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 51); \
837 if (t > 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 50); \
838 if (t > 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 49); \
839 if (t > 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 48); \
840 if (t > 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 47); \
841 if (t > 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 46); \
842 if (t > 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 45); \
843 if (t > 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(b, c, d, e, a, me2, 44); \
844 if (t > 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(c, d, e, a, b, me2, 43); \
845 if (t > 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(d, e, a, b, c, me2, 42); \
846 if (t > 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(e, a, b, c, d, me2, 41); \
847 if (t > 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP_BW(a, b, c, d, e, me2, 40); \
848 if (t > 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 39); \
849 if (t > 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 38); \
850 if (t > 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 37); \
851 if (t > 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 36); \
852 if (t > 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 35); \
853 if (t > 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 34); \
854 if (t > 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 33); \
855 if (t > 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 32); \
856 if (t > 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 31); \
857 if (t > 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 30); \
858 if (t > 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 29); \
859 if (t > 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 28); \
860 if (t > 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 27); \
861 if (t > 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 26); \
862 if (t > 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 25); \
863 if (t > 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(b, c, d, e, a, me2, 24); \
864 if (t > 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(c, d, e, a, b, me2, 23); \
865 if (t > 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(d, e, a, b, c, me2, 22); \
866 if (t > 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(e, a, b, c, d, me2, 21); \
867 if (t > 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP_BW(a, b, c, d, e, me2, 20); \
868 if (t > 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 19); \
869 if (t > 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 18); \
870 if (t > 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 17); \
871 if (t > 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 16); \
872 if (t > 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 15); \
873 if (t > 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 14); \
874 if (t > 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 13); \
875 if (t > 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 12); \
876 if (t > 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 11); \
877 if (t > 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 10); \
878 if (t > 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 9); \
879 if (t > 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 8); \
880 if (t > 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 7); \
881 if (t > 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 6); \
882 if (t > 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 5); \
883 if (t > 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(b, c, d, e, a, me2, 4); \
884 if (t > 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(c, d, e, a, b, me2, 3); \
885 if (t > 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(d, e, a, b, c, me2, 2); \
886 if (t > 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(e, a, b, c, d, me2, 1); \
887 if (t > 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP_BW(a, b, c, d, e, me2, 0); \
888 ihvin[0] = a; ihvin[1] = b; ihvin[2] = c; ihvin[3] = d; ihvin[4] = e; \
889 a = state[0]; b = state[1]; c = state[2]; d = state[3]; e = state[4]; \
890 if (t <= 0) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 0); \
891 if (t <= 1) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 1); \
892 if (t <= 2) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 2); \
893 if (t <= 3) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 3); \
894 if (t <= 4) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 4); \
895 if (t <= 5) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 5); \
896 if (t <= 6) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 6); \
897 if (t <= 7) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 7); \
898 if (t <= 8) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 8); \
899 if (t <= 9) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 9); \
900 if (t <= 10) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 10); \
901 if (t <= 11) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 11); \
902 if (t <= 12) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 12); \
903 if (t <= 13) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 13); \
904 if (t <= 14) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 14); \
905 if (t <= 15) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(a, b, c, d, e, me2, 15); \
906 if (t <= 16) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(e, a, b, c, d, me2, 16); \
907 if (t <= 17) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(d, e, a, b, c, me2, 17); \
908 if (t <= 18) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(c, d, e, a, b, me2, 18); \
909 if (t <= 19) HASHCLASH_SHA1COMPRESS_ROUND1_STEP(b, c, d, e, a, me2, 19); \
910 if (t <= 20) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 20); \
911 if (t <= 21) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 21); \
912 if (t <= 22) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 22); \
913 if (t <= 23) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 23); \
914 if (t <= 24) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 24); \
915 if (t <= 25) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 25); \
916 if (t <= 26) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 26); \
917 if (t <= 27) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 27); \
918 if (t <= 28) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 28); \
919 if (t <= 29) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 29); \
920 if (t <= 30) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 30); \
921 if (t <= 31) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 31); \
922 if (t <= 32) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 32); \
923 if (t <= 33) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 33); \
924 if (t <= 34) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 34); \
925 if (t <= 35) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(a, b, c, d, e, me2, 35); \
926 if (t <= 36) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(e, a, b, c, d, me2, 36); \
927 if (t <= 37) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(d, e, a, b, c, me2, 37); \
928 if (t <= 38) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(c, d, e, a, b, me2, 38); \
929 if (t <= 39) HASHCLASH_SHA1COMPRESS_ROUND2_STEP(b, c, d, e, a, me2, 39); \
930 if (t <= 40) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 40); \
931 if (t <= 41) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 41); \
932 if (t <= 42) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 42); \
933 if (t <= 43) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 43); \
934 if (t <= 44) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 44); \
935 if (t <= 45) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 45); \
936 if (t <= 46) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 46); \
937 if (t <= 47) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 47); \
938 if (t <= 48) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 48); \
939 if (t <= 49) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 49); \
940 if (t <= 50) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 50); \
941 if (t <= 51) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 51); \
942 if (t <= 52) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 52); \
943 if (t <= 53) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 53); \
944 if (t <= 54) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 54); \
945 if (t <= 55) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(a, b, c, d, e, me2, 55); \
946 if (t <= 56) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(e, a, b, c, d, me2, 56); \
947 if (t <= 57) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(d, e, a, b, c, me2, 57); \
948 if (t <= 58) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(c, d, e, a, b, me2, 58); \
949 if (t <= 59) HASHCLASH_SHA1COMPRESS_ROUND3_STEP(b, c, d, e, a, me2, 59); \
950 if (t <= 60) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 60); \
951 if (t <= 61) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 61); \
952 if (t <= 62) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 62); \
953 if (t <= 63) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 63); \
954 if (t <= 64) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 64); \
955 if (t <= 65) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 65); \
956 if (t <= 66) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 66); \
957 if (t <= 67) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 67); \
958 if (t <= 68) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 68); \
959 if (t <= 69) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 69); \
960 if (t <= 70) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 70); \
961 if (t <= 71) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 71); \
962 if (t <= 72) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 72); \
963 if (t <= 73) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 73); \
964 if (t <= 74) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 74); \
965 if (t <= 75) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(a, b, c, d, e, me2, 75); \
966 if (t <= 76) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(e, a, b, c, d, me2, 76); \
967 if (t <= 77) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(d, e, a, b, c, me2, 77); \
968 if (t <= 78) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(c, d, e, a, b, me2, 78); \
969 if (t <= 79) HASHCLASH_SHA1COMPRESS_ROUND4_STEP(b, c, d, e, a, me2, 79); \
970 ihvout[0] = ihvin[0] + a; ihvout[1] = ihvin[1] + b; ihvout[2] = ihvin[2] + c; ihvout[3] = ihvin[3] + d; ihvout[4] = ihvin[4] + e; \
971 }
972
973 #ifdef _MSC_VER
974 #pragma warning(push)
975 #pragma warning(disable: 4127) /* Compiler complains about the checks in the above macro being constant. */
976 #endif
977
978 #ifdef DOSTORESTATE0
979 SHA1_RECOMPRESS(0)
980 #endif
981
982 #ifdef DOSTORESTATE1
983 SHA1_RECOMPRESS(1)
984 #endif
985
986 #ifdef DOSTORESTATE2
987 SHA1_RECOMPRESS(2)
988 #endif
989
990 #ifdef DOSTORESTATE3
991 SHA1_RECOMPRESS(3)
992 #endif
993
994 #ifdef DOSTORESTATE4
995 SHA1_RECOMPRESS(4)
996 #endif
997
998 #ifdef DOSTORESTATE5
999 SHA1_RECOMPRESS(5)
1000 #endif
1001
1002 #ifdef DOSTORESTATE6
1003 SHA1_RECOMPRESS(6)
1004 #endif
1005
1006 #ifdef DOSTORESTATE7
1007 SHA1_RECOMPRESS(7)
1008 #endif
1009
1010 #ifdef DOSTORESTATE8
1011 SHA1_RECOMPRESS(8)
1012 #endif
1013
1014 #ifdef DOSTORESTATE9
1015 SHA1_RECOMPRESS(9)
1016 #endif
1017
1018 #ifdef DOSTORESTATE10
1019 SHA1_RECOMPRESS(10)
1020 #endif
1021
1022 #ifdef DOSTORESTATE11
1023 SHA1_RECOMPRESS(11)
1024 #endif
1025
1026 #ifdef DOSTORESTATE12
1027 SHA1_RECOMPRESS(12)
1028 #endif
1029
1030 #ifdef DOSTORESTATE13
1031 SHA1_RECOMPRESS(13)
1032 #endif
1033
1034 #ifdef DOSTORESTATE14
1035 SHA1_RECOMPRESS(14)
1036 #endif
1037
1038 #ifdef DOSTORESTATE15
1039 SHA1_RECOMPRESS(15)
1040 #endif
1041
1042 #ifdef DOSTORESTATE16
1043 SHA1_RECOMPRESS(16)
1044 #endif
1045
1046 #ifdef DOSTORESTATE17
1047 SHA1_RECOMPRESS(17)
1048 #endif
1049
1050 #ifdef DOSTORESTATE18
1051 SHA1_RECOMPRESS(18)
1052 #endif
1053
1054 #ifdef DOSTORESTATE19
1055 SHA1_RECOMPRESS(19)
1056 #endif
1057
1058 #ifdef DOSTORESTATE20
1059 SHA1_RECOMPRESS(20)
1060 #endif
1061
1062 #ifdef DOSTORESTATE21
1063 SHA1_RECOMPRESS(21)
1064 #endif
1065
1066 #ifdef DOSTORESTATE22
1067 SHA1_RECOMPRESS(22)
1068 #endif
1069
1070 #ifdef DOSTORESTATE23
1071 SHA1_RECOMPRESS(23)
1072 #endif
1073
1074 #ifdef DOSTORESTATE24
1075 SHA1_RECOMPRESS(24)
1076 #endif
1077
1078 #ifdef DOSTORESTATE25
1079 SHA1_RECOMPRESS(25)
1080 #endif
1081
1082 #ifdef DOSTORESTATE26
1083 SHA1_RECOMPRESS(26)
1084 #endif
1085
1086 #ifdef DOSTORESTATE27
1087 SHA1_RECOMPRESS(27)
1088 #endif
1089
1090 #ifdef DOSTORESTATE28
1091 SHA1_RECOMPRESS(28)
1092 #endif
1093
1094 #ifdef DOSTORESTATE29
1095 SHA1_RECOMPRESS(29)
1096 #endif
1097
1098 #ifdef DOSTORESTATE30
1099 SHA1_RECOMPRESS(30)
1100 #endif
1101
1102 #ifdef DOSTORESTATE31
1103 SHA1_RECOMPRESS(31)
1104 #endif
1105
1106 #ifdef DOSTORESTATE32
1107 SHA1_RECOMPRESS(32)
1108 #endif
1109
1110 #ifdef DOSTORESTATE33
1111 SHA1_RECOMPRESS(33)
1112 #endif
1113
1114 #ifdef DOSTORESTATE34
1115 SHA1_RECOMPRESS(34)
1116 #endif
1117
1118 #ifdef DOSTORESTATE35
1119 SHA1_RECOMPRESS(35)
1120 #endif
1121
1122 #ifdef DOSTORESTATE36
1123 SHA1_RECOMPRESS(36)
1124 #endif
1125
1126 #ifdef DOSTORESTATE37
1127 SHA1_RECOMPRESS(37)
1128 #endif
1129
1130 #ifdef DOSTORESTATE38
1131 SHA1_RECOMPRESS(38)
1132 #endif
1133
1134 #ifdef DOSTORESTATE39
1135 SHA1_RECOMPRESS(39)
1136 #endif
1137
1138 #ifdef DOSTORESTATE40
1139 SHA1_RECOMPRESS(40)
1140 #endif
1141
1142 #ifdef DOSTORESTATE41
1143 SHA1_RECOMPRESS(41)
1144 #endif
1145
1146 #ifdef DOSTORESTATE42
1147 SHA1_RECOMPRESS(42)
1148 #endif
1149
1150 #ifdef DOSTORESTATE43
1151 SHA1_RECOMPRESS(43)
1152 #endif
1153
1154 #ifdef DOSTORESTATE44
1155 SHA1_RECOMPRESS(44)
1156 #endif
1157
1158 #ifdef DOSTORESTATE45
1159 SHA1_RECOMPRESS(45)
1160 #endif
1161
1162 #ifdef DOSTORESTATE46
1163 SHA1_RECOMPRESS(46)
1164 #endif
1165
1166 #ifdef DOSTORESTATE47
1167 SHA1_RECOMPRESS(47)
1168 #endif
1169
1170 #ifdef DOSTORESTATE48
1171 SHA1_RECOMPRESS(48)
1172 #endif
1173
1174 #ifdef DOSTORESTATE49
1175 SHA1_RECOMPRESS(49)
1176 #endif
1177
1178 #ifdef DOSTORESTATE50
1179 SHA1_RECOMPRESS(50)
1180 #endif
1181
1182 #ifdef DOSTORESTATE51
1183 SHA1_RECOMPRESS(51)
1184 #endif
1185
1186 #ifdef DOSTORESTATE52
1187 SHA1_RECOMPRESS(52)
1188 #endif
1189
1190 #ifdef DOSTORESTATE53
1191 SHA1_RECOMPRESS(53)
1192 #endif
1193
1194 #ifdef DOSTORESTATE54
1195 SHA1_RECOMPRESS(54)
1196 #endif
1197
1198 #ifdef DOSTORESTATE55
1199 SHA1_RECOMPRESS(55)
1200 #endif
1201
1202 #ifdef DOSTORESTATE56
1203 SHA1_RECOMPRESS(56)
1204 #endif
1205
1206 #ifdef DOSTORESTATE57
1207 SHA1_RECOMPRESS(57)
1208 #endif
1209
1210 #ifdef DOSTORESTATE58
1211 SHA1_RECOMPRESS(58)
1212 #endif
1213
1214 #ifdef DOSTORESTATE59
1215 SHA1_RECOMPRESS(59)
1216 #endif
1217
1218 #ifdef DOSTORESTATE60
1219 SHA1_RECOMPRESS(60)
1220 #endif
1221
1222 #ifdef DOSTORESTATE61
1223 SHA1_RECOMPRESS(61)
1224 #endif
1225
1226 #ifdef DOSTORESTATE62
1227 SHA1_RECOMPRESS(62)
1228 #endif
1229
1230 #ifdef DOSTORESTATE63
1231 SHA1_RECOMPRESS(63)
1232 #endif
1233
1234 #ifdef DOSTORESTATE64
1235 SHA1_RECOMPRESS(64)
1236 #endif
1237
1238 #ifdef DOSTORESTATE65
1239 SHA1_RECOMPRESS(65)
1240 #endif
1241
1242 #ifdef DOSTORESTATE66
1243 SHA1_RECOMPRESS(66)
1244 #endif
1245
1246 #ifdef DOSTORESTATE67
1247 SHA1_RECOMPRESS(67)
1248 #endif
1249
1250 #ifdef DOSTORESTATE68
1251 SHA1_RECOMPRESS(68)
1252 #endif
1253
1254 #ifdef DOSTORESTATE69
1255 SHA1_RECOMPRESS(69)
1256 #endif
1257
1258 #ifdef DOSTORESTATE70
1259 SHA1_RECOMPRESS(70)
1260 #endif
1261
1262 #ifdef DOSTORESTATE71
1263 SHA1_RECOMPRESS(71)
1264 #endif
1265
1266 #ifdef DOSTORESTATE72
1267 SHA1_RECOMPRESS(72)
1268 #endif
1269
1270 #ifdef DOSTORESTATE73
1271 SHA1_RECOMPRESS(73)
1272 #endif
1273
1274 #ifdef DOSTORESTATE74
1275 SHA1_RECOMPRESS(74)
1276 #endif
1277
1278 #ifdef DOSTORESTATE75
1279 SHA1_RECOMPRESS(75)
1280 #endif
1281
1282 #ifdef DOSTORESTATE76
1283 SHA1_RECOMPRESS(76)
1284 #endif
1285
1286 #ifdef DOSTORESTATE77
1287 SHA1_RECOMPRESS(77)
1288 #endif
1289
1290 #ifdef DOSTORESTATE78
1291 SHA1_RECOMPRESS(78)
1292 #endif
1293
1294 #ifdef DOSTORESTATE79
1295 SHA1_RECOMPRESS(79)
1296 #endif
1297
1298 #ifdef _MSC_VER
1299 #pragma warning(pop)
1300 #endif
1301
1302 static void sha1_recompression_step(uint32_t step, uint32_t ihvin[5], uint32_t ihvout[5], const uint32_t me2[80], const uint32_t state[5])
1303 {
1304 switch (step)
1305 {
1306 #ifdef DOSTORESTATE0
1307 case 0:
1308 sha1recompress_fast_0(ihvin, ihvout, me2, state);
1309 break;
1310 #endif
1311 #ifdef DOSTORESTATE1
1312 case 1:
1313 sha1recompress_fast_1(ihvin, ihvout, me2, state);
1314 break;
1315 #endif
1316 #ifdef DOSTORESTATE2
1317 case 2:
1318 sha1recompress_fast_2(ihvin, ihvout, me2, state);
1319 break;
1320 #endif
1321 #ifdef DOSTORESTATE3
1322 case 3:
1323 sha1recompress_fast_3(ihvin, ihvout, me2, state);
1324 break;
1325 #endif
1326 #ifdef DOSTORESTATE4
1327 case 4:
1328 sha1recompress_fast_4(ihvin, ihvout, me2, state);
1329 break;
1330 #endif
1331 #ifdef DOSTORESTATE5
1332 case 5:
1333 sha1recompress_fast_5(ihvin, ihvout, me2, state);
1334 break;
1335 #endif
1336 #ifdef DOSTORESTATE6
1337 case 6:
1338 sha1recompress_fast_6(ihvin, ihvout, me2, state);
1339 break;
1340 #endif
1341 #ifdef DOSTORESTATE7
1342 case 7:
1343 sha1recompress_fast_7(ihvin, ihvout, me2, state);
1344 break;
1345 #endif
1346 #ifdef DOSTORESTATE8
1347 case 8:
1348 sha1recompress_fast_8(ihvin, ihvout, me2, state);
1349 break;
1350 #endif
1351 #ifdef DOSTORESTATE9
1352 case 9:
1353 sha1recompress_fast_9(ihvin, ihvout, me2, state);
1354 break;
1355 #endif
1356 #ifdef DOSTORESTATE10
1357 case 10:
1358 sha1recompress_fast_10(ihvin, ihvout, me2, state);
1359 break;
1360 #endif
1361 #ifdef DOSTORESTATE11
1362 case 11:
1363 sha1recompress_fast_11(ihvin, ihvout, me2, state);
1364 break;
1365 #endif
1366 #ifdef DOSTORESTATE12
1367 case 12:
1368 sha1recompress_fast_12(ihvin, ihvout, me2, state);
1369 break;
1370 #endif
1371 #ifdef DOSTORESTATE13
1372 case 13:
1373 sha1recompress_fast_13(ihvin, ihvout, me2, state);
1374 break;
1375 #endif
1376 #ifdef DOSTORESTATE14
1377 case 14:
1378 sha1recompress_fast_14(ihvin, ihvout, me2, state);
1379 break;
1380 #endif
1381 #ifdef DOSTORESTATE15
1382 case 15:
1383 sha1recompress_fast_15(ihvin, ihvout, me2, state);
1384 break;
1385 #endif
1386 #ifdef DOSTORESTATE16
1387 case 16:
1388 sha1recompress_fast_16(ihvin, ihvout, me2, state);
1389 break;
1390 #endif
1391 #ifdef DOSTORESTATE17
1392 case 17:
1393 sha1recompress_fast_17(ihvin, ihvout, me2, state);
1394 break;
1395 #endif
1396 #ifdef DOSTORESTATE18
1397 case 18:
1398 sha1recompress_fast_18(ihvin, ihvout, me2, state);
1399 break;
1400 #endif
1401 #ifdef DOSTORESTATE19
1402 case 19:
1403 sha1recompress_fast_19(ihvin, ihvout, me2, state);
1404 break;
1405 #endif
1406 #ifdef DOSTORESTATE20
1407 case 20:
1408 sha1recompress_fast_20(ihvin, ihvout, me2, state);
1409 break;
1410 #endif
1411 #ifdef DOSTORESTATE21
1412 case 21:
1413 sha1recompress_fast_21(ihvin, ihvout, me2, state);
1414 break;
1415 #endif
1416 #ifdef DOSTORESTATE22
1417 case 22:
1418 sha1recompress_fast_22(ihvin, ihvout, me2, state);
1419 break;
1420 #endif
1421 #ifdef DOSTORESTATE23
1422 case 23:
1423 sha1recompress_fast_23(ihvin, ihvout, me2, state);
1424 break;
1425 #endif
1426 #ifdef DOSTORESTATE24
1427 case 24:
1428 sha1recompress_fast_24(ihvin, ihvout, me2, state);
1429 break;
1430 #endif
1431 #ifdef DOSTORESTATE25
1432 case 25:
1433 sha1recompress_fast_25(ihvin, ihvout, me2, state);
1434 break;
1435 #endif
1436 #ifdef DOSTORESTATE26
1437 case 26:
1438 sha1recompress_fast_26(ihvin, ihvout, me2, state);
1439 break;
1440 #endif
1441 #ifdef DOSTORESTATE27
1442 case 27:
1443 sha1recompress_fast_27(ihvin, ihvout, me2, state);
1444 break;
1445 #endif
1446 #ifdef DOSTORESTATE28
1447 case 28:
1448 sha1recompress_fast_28(ihvin, ihvout, me2, state);
1449 break;
1450 #endif
1451 #ifdef DOSTORESTATE29
1452 case 29:
1453 sha1recompress_fast_29(ihvin, ihvout, me2, state);
1454 break;
1455 #endif
1456 #ifdef DOSTORESTATE30
1457 case 30:
1458 sha1recompress_fast_30(ihvin, ihvout, me2, state);
1459 break;
1460 #endif
1461 #ifdef DOSTORESTATE31
1462 case 31:
1463 sha1recompress_fast_31(ihvin, ihvout, me2, state);
1464 break;
1465 #endif
1466 #ifdef DOSTORESTATE32
1467 case 32:
1468 sha1recompress_fast_32(ihvin, ihvout, me2, state);
1469 break;
1470 #endif
1471 #ifdef DOSTORESTATE33
1472 case 33:
1473 sha1recompress_fast_33(ihvin, ihvout, me2, state);
1474 break;
1475 #endif
1476 #ifdef DOSTORESTATE34
1477 case 34:
1478 sha1recompress_fast_34(ihvin, ihvout, me2, state);
1479 break;
1480 #endif
1481 #ifdef DOSTORESTATE35
1482 case 35:
1483 sha1recompress_fast_35(ihvin, ihvout, me2, state);
1484 break;
1485 #endif
1486 #ifdef DOSTORESTATE36
1487 case 36:
1488 sha1recompress_fast_36(ihvin, ihvout, me2, state);
1489 break;
1490 #endif
1491 #ifdef DOSTORESTATE37
1492 case 37:
1493 sha1recompress_fast_37(ihvin, ihvout, me2, state);
1494 break;
1495 #endif
1496 #ifdef DOSTORESTATE38
1497 case 38:
1498 sha1recompress_fast_38(ihvin, ihvout, me2, state);
1499 break;
1500 #endif
1501 #ifdef DOSTORESTATE39
1502 case 39:
1503 sha1recompress_fast_39(ihvin, ihvout, me2, state);
1504 break;
1505 #endif
1506 #ifdef DOSTORESTATE40
1507 case 40:
1508 sha1recompress_fast_40(ihvin, ihvout, me2, state);
1509 break;
1510 #endif
1511 #ifdef DOSTORESTATE41
1512 case 41:
1513 sha1recompress_fast_41(ihvin, ihvout, me2, state);
1514 break;
1515 #endif
1516 #ifdef DOSTORESTATE42
1517 case 42:
1518 sha1recompress_fast_42(ihvin, ihvout, me2, state);
1519 break;
1520 #endif
1521 #ifdef DOSTORESTATE43
1522 case 43:
1523 sha1recompress_fast_43(ihvin, ihvout, me2, state);
1524 break;
1525 #endif
1526 #ifdef DOSTORESTATE44
1527 case 44:
1528 sha1recompress_fast_44(ihvin, ihvout, me2, state);
1529 break;
1530 #endif
1531 #ifdef DOSTORESTATE45
1532 case 45:
1533 sha1recompress_fast_45(ihvin, ihvout, me2, state);
1534 break;
1535 #endif
1536 #ifdef DOSTORESTATE46
1537 case 46:
1538 sha1recompress_fast_46(ihvin, ihvout, me2, state);
1539 break;
1540 #endif
1541 #ifdef DOSTORESTATE47
1542 case 47:
1543 sha1recompress_fast_47(ihvin, ihvout, me2, state);
1544 break;
1545 #endif
1546 #ifdef DOSTORESTATE48
1547 case 48:
1548 sha1recompress_fast_48(ihvin, ihvout, me2, state);
1549 break;
1550 #endif
1551 #ifdef DOSTORESTATE49
1552 case 49:
1553 sha1recompress_fast_49(ihvin, ihvout, me2, state);
1554 break;
1555 #endif
1556 #ifdef DOSTORESTATE50
1557 case 50:
1558 sha1recompress_fast_50(ihvin, ihvout, me2, state);
1559 break;
1560 #endif
1561 #ifdef DOSTORESTATE51
1562 case 51:
1563 sha1recompress_fast_51(ihvin, ihvout, me2, state);
1564 break;
1565 #endif
1566 #ifdef DOSTORESTATE52
1567 case 52:
1568 sha1recompress_fast_52(ihvin, ihvout, me2, state);
1569 break;
1570 #endif
1571 #ifdef DOSTORESTATE53
1572 case 53:
1573 sha1recompress_fast_53(ihvin, ihvout, me2, state);
1574 break;
1575 #endif
1576 #ifdef DOSTORESTATE54
1577 case 54:
1578 sha1recompress_fast_54(ihvin, ihvout, me2, state);
1579 break;
1580 #endif
1581 #ifdef DOSTORESTATE55
1582 case 55:
1583 sha1recompress_fast_55(ihvin, ihvout, me2, state);
1584 break;
1585 #endif
1586 #ifdef DOSTORESTATE56
1587 case 56:
1588 sha1recompress_fast_56(ihvin, ihvout, me2, state);
1589 break;
1590 #endif
1591 #ifdef DOSTORESTATE57
1592 case 57:
1593 sha1recompress_fast_57(ihvin, ihvout, me2, state);
1594 break;
1595 #endif
1596 #ifdef DOSTORESTATE58
1597 case 58:
1598 sha1recompress_fast_58(ihvin, ihvout, me2, state);
1599 break;
1600 #endif
1601 #ifdef DOSTORESTATE59
1602 case 59:
1603 sha1recompress_fast_59(ihvin, ihvout, me2, state);
1604 break;
1605 #endif
1606 #ifdef DOSTORESTATE60
1607 case 60:
1608 sha1recompress_fast_60(ihvin, ihvout, me2, state);
1609 break;
1610 #endif
1611 #ifdef DOSTORESTATE61
1612 case 61:
1613 sha1recompress_fast_61(ihvin, ihvout, me2, state);
1614 break;
1615 #endif
1616 #ifdef DOSTORESTATE62
1617 case 62:
1618 sha1recompress_fast_62(ihvin, ihvout, me2, state);
1619 break;
1620 #endif
1621 #ifdef DOSTORESTATE63
1622 case 63:
1623 sha1recompress_fast_63(ihvin, ihvout, me2, state);
1624 break;
1625 #endif
1626 #ifdef DOSTORESTATE64
1627 case 64:
1628 sha1recompress_fast_64(ihvin, ihvout, me2, state);
1629 break;
1630 #endif
1631 #ifdef DOSTORESTATE65
1632 case 65:
1633 sha1recompress_fast_65(ihvin, ihvout, me2, state);
1634 break;
1635 #endif
1636 #ifdef DOSTORESTATE66
1637 case 66:
1638 sha1recompress_fast_66(ihvin, ihvout, me2, state);
1639 break;
1640 #endif
1641 #ifdef DOSTORESTATE67
1642 case 67:
1643 sha1recompress_fast_67(ihvin, ihvout, me2, state);
1644 break;
1645 #endif
1646 #ifdef DOSTORESTATE68
1647 case 68:
1648 sha1recompress_fast_68(ihvin, ihvout, me2, state);
1649 break;
1650 #endif
1651 #ifdef DOSTORESTATE69
1652 case 69:
1653 sha1recompress_fast_69(ihvin, ihvout, me2, state);
1654 break;
1655 #endif
1656 #ifdef DOSTORESTATE70
1657 case 70:
1658 sha1recompress_fast_70(ihvin, ihvout, me2, state);
1659 break;
1660 #endif
1661 #ifdef DOSTORESTATE71
1662 case 71:
1663 sha1recompress_fast_71(ihvin, ihvout, me2, state);
1664 break;
1665 #endif
1666 #ifdef DOSTORESTATE72
1667 case 72:
1668 sha1recompress_fast_72(ihvin, ihvout, me2, state);
1669 break;
1670 #endif
1671 #ifdef DOSTORESTATE73
1672 case 73:
1673 sha1recompress_fast_73(ihvin, ihvout, me2, state);
1674 break;
1675 #endif
1676 #ifdef DOSTORESTATE74
1677 case 74:
1678 sha1recompress_fast_74(ihvin, ihvout, me2, state);
1679 break;
1680 #endif
1681 #ifdef DOSTORESTATE75
1682 case 75:
1683 sha1recompress_fast_75(ihvin, ihvout, me2, state);
1684 break;
1685 #endif
1686 #ifdef DOSTORESTATE76
1687 case 76:
1688 sha1recompress_fast_76(ihvin, ihvout, me2, state);
1689 break;
1690 #endif
1691 #ifdef DOSTORESTATE77
1692 case 77:
1693 sha1recompress_fast_77(ihvin, ihvout, me2, state);
1694 break;
1695 #endif
1696 #ifdef DOSTORESTATE78
1697 case 78:
1698 sha1recompress_fast_78(ihvin, ihvout, me2, state);
1699 break;
1700 #endif
1701 #ifdef DOSTORESTATE79
1702 case 79:
1703 sha1recompress_fast_79(ihvin, ihvout, me2, state);
1704 break;
1705 #endif
1706 default:
1707 abort();
1708 }
1709
1710 }
1711
1712
1713
1714 static void sha1_process(SHA1_CTX* ctx, const uint32_t block[16])
1715 {
1716 unsigned i, j;
1717 uint32_t ubc_dv_mask[DVMASKSIZE] = { 0xFFFFFFFF };
1718 uint32_t ihvtmp[5];
1719
1720 ctx->ihv1[0] = ctx->ihv[0];
1721 ctx->ihv1[1] = ctx->ihv[1];
1722 ctx->ihv1[2] = ctx->ihv[2];
1723 ctx->ihv1[3] = ctx->ihv[3];
1724 ctx->ihv1[4] = ctx->ihv[4];
1725
1726 sha1_compression_states(ctx->ihv, block, ctx->m1, ctx->states);
1727
1728 if (ctx->detect_coll)
1729 {
1730 if (ctx->ubc_check)
1731 {
1732 ubc_check(ctx->m1, ubc_dv_mask);
1733 }
1734
1735 if (ubc_dv_mask[0] != 0)
1736 {
1737 for (i = 0; sha1_dvs[i].dvType != 0; ++i)
1738 {
1739 if (ubc_dv_mask[0] & ((uint32_t)(1) << sha1_dvs[i].maskb))
1740 {
1741 for (j = 0; j < 80; ++j)
1742 ctx->m2[j] = ctx->m1[j] ^ sha1_dvs[i].dm[j];
1743
1744 sha1_recompression_step(sha1_dvs[i].testt, ctx->ihv2, ihvtmp, ctx->m2, ctx->states[sha1_dvs[i].testt]);
1745
1746 /* to verify SHA-1 collision detection code with collisions for reduced-step SHA-1 */
1747 if ((0 == ((ihvtmp[0] ^ ctx->ihv[0]) | (ihvtmp[1] ^ ctx->ihv[1]) | (ihvtmp[2] ^ ctx->ihv[2]) | (ihvtmp[3] ^ ctx->ihv[3]) | (ihvtmp[4] ^ ctx->ihv[4])))
1748 || (ctx->reduced_round_coll && 0==((ctx->ihv1[0] ^ ctx->ihv2[0]) | (ctx->ihv1[1] ^ ctx->ihv2[1]) | (ctx->ihv1[2] ^ ctx->ihv2[2]) | (ctx->ihv1[3] ^ ctx->ihv2[3]) | (ctx->ihv1[4] ^ ctx->ihv2[4]))))
1749 {
1750 ctx->found_collision = 1;
1751
1752 if (ctx->safe_hash)
1753 {
1754 sha1_compression_W(ctx->ihv, ctx->m1);
1755 sha1_compression_W(ctx->ihv, ctx->m1);
1756 }
1757
1758 break;
1759 }
1760 }
1761 }
1762 }
1763 }
1764 }
1765
1766 void SHA1DCInit(SHA1_CTX* ctx)
1767 {
1768 ctx->total = 0;
1769 ctx->ihv[0] = 0x67452301;
1770 ctx->ihv[1] = 0xEFCDAB89;
1771 ctx->ihv[2] = 0x98BADCFE;
1772 ctx->ihv[3] = 0x10325476;
1773 ctx->ihv[4] = 0xC3D2E1F0;
1774 ctx->found_collision = 0;
1775 ctx->safe_hash = SHA1DC_INIT_SAFE_HASH_DEFAULT;
1776 ctx->ubc_check = 1;
1777 ctx->detect_coll = 1;
1778 ctx->reduced_round_coll = 0;
1779 ctx->callback = NULL;
1780 }
1781
1782 void SHA1DCSetSafeHash(SHA1_CTX* ctx, int safehash)
1783 {
1784 if (safehash)
1785 ctx->safe_hash = 1;
1786 else
1787 ctx->safe_hash = 0;
1788 }
1789
1790
1791 void SHA1DCSetUseUBC(SHA1_CTX* ctx, int ubc_check)
1792 {
1793 if (ubc_check)
1794 ctx->ubc_check = 1;
1795 else
1796 ctx->ubc_check = 0;
1797 }
1798
1799 void SHA1DCSetUseDetectColl(SHA1_CTX* ctx, int detect_coll)
1800 {
1801 if (detect_coll)
1802 ctx->detect_coll = 1;
1803 else
1804 ctx->detect_coll = 0;
1805 }
1806
1807 void SHA1DCSetDetectReducedRoundCollision(SHA1_CTX* ctx, int reduced_round_coll)
1808 {
1809 if (reduced_round_coll)
1810 ctx->reduced_round_coll = 1;
1811 else
1812 ctx->reduced_round_coll = 0;
1813 }
1814
1815 void SHA1DCSetCallback(SHA1_CTX* ctx, collision_block_callback callback)
1816 {
1817 ctx->callback = callback;
1818 }
1819
1820 void SHA1DCUpdate(SHA1_CTX* ctx, const char* buf, size_t len)
1821 {
1822 unsigned left, fill;
1823
1824 if (len == 0)
1825 return;
1826
1827 left = ctx->total & 63;
1828 fill = 64 - left;
1829
1830 if (left && len >= fill)
1831 {
1832 ctx->total += fill;
1833 memcpy(ctx->buffer + left, buf, fill);
1834 sha1_process(ctx, (uint32_t*)(ctx->buffer));
1835 buf += fill;
1836 len -= fill;
1837 left = 0;
1838 }
1839 while (len >= 64)
1840 {
1841 ctx->total += 64;
1842
1843 #if defined(SHA1DC_ALLOW_UNALIGNED_ACCESS)
1844 sha1_process(ctx, (uint32_t*)(buf));
1845 #else
1846 memcpy(ctx->buffer, buf, 64);
1847 sha1_process(ctx, (uint32_t*)(ctx->buffer));
1848 #endif /* defined(SHA1DC_ALLOW_UNALIGNED_ACCESS) */
1849 buf += 64;
1850 len -= 64;
1851 }
1852 if (len > 0)
1853 {
1854 ctx->total += len;
1855 memcpy(ctx->buffer + left, buf, len);
1856 }
1857 }
1858
1859 static const unsigned char sha1_padding[64] =
1860 {
1861 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1862 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1863 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1864 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
1865 };
1866
1867 int SHA1DCFinal(unsigned char output[20], SHA1_CTX *ctx)
1868 {
1869 uint32_t last = ctx->total & 63;
1870 uint32_t padn = (last < 56) ? (56 - last) : (120 - last);
1871 uint64_t total;
1872 SHA1DCUpdate(ctx, (const char*)(sha1_padding), padn);
1873
1874 total = ctx->total - padn;
1875 total <<= 3;
1876 ctx->buffer[56] = (unsigned char)(total >> 56);
1877 ctx->buffer[57] = (unsigned char)(total >> 48);
1878 ctx->buffer[58] = (unsigned char)(total >> 40);
1879 ctx->buffer[59] = (unsigned char)(total >> 32);
1880 ctx->buffer[60] = (unsigned char)(total >> 24);
1881 ctx->buffer[61] = (unsigned char)(total >> 16);
1882 ctx->buffer[62] = (unsigned char)(total >> 8);
1883 ctx->buffer[63] = (unsigned char)(total);
1884 sha1_process(ctx, (uint32_t*)(ctx->buffer));
1885 output[0] = (unsigned char)(ctx->ihv[0] >> 24);
1886 output[1] = (unsigned char)(ctx->ihv[0] >> 16);
1887 output[2] = (unsigned char)(ctx->ihv[0] >> 8);
1888 output[3] = (unsigned char)(ctx->ihv[0]);
1889 output[4] = (unsigned char)(ctx->ihv[1] >> 24);
1890 output[5] = (unsigned char)(ctx->ihv[1] >> 16);
1891 output[6] = (unsigned char)(ctx->ihv[1] >> 8);
1892 output[7] = (unsigned char)(ctx->ihv[1]);
1893 output[8] = (unsigned char)(ctx->ihv[2] >> 24);
1894 output[9] = (unsigned char)(ctx->ihv[2] >> 16);
1895 output[10] = (unsigned char)(ctx->ihv[2] >> 8);
1896 output[11] = (unsigned char)(ctx->ihv[2]);
1897 output[12] = (unsigned char)(ctx->ihv[3] >> 24);
1898 output[13] = (unsigned char)(ctx->ihv[3] >> 16);
1899 output[14] = (unsigned char)(ctx->ihv[3] >> 8);
1900 output[15] = (unsigned char)(ctx->ihv[3]);
1901 output[16] = (unsigned char)(ctx->ihv[4] >> 24);
1902 output[17] = (unsigned char)(ctx->ihv[4] >> 16);
1903 output[18] = (unsigned char)(ctx->ihv[4] >> 8);
1904 output[19] = (unsigned char)(ctx->ihv[4]);
1905 return ctx->found_collision;
1906 }
1907
1908 #ifdef SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C
1909 #include SHA1DC_CUSTOM_TRAILING_INCLUDE_SHA1_C
1910 #endif