diff options
author | marha <marha@users.sourceforge.net> | 2009-08-07 12:33:59 +0000 |
---|---|---|
committer | marha <marha@users.sourceforge.net> | 2009-08-07 12:33:59 +0000 |
commit | e7e9a66629ada359ad6a35cdb12e0e35b49e889c (patch) | |
tree | a93f38125aee1970e8a41bd23f4abc9162deeaee /tools/plink/sshsh512.c | |
parent | 527d85e0327133858ddb86169f2840f305c192b3 (diff) | |
download | vcxsrv-e7e9a66629ada359ad6a35cdb12e0e35b49e889c.tar.gz vcxsrv-e7e9a66629ada359ad6a35cdb12e0e35b49e889c.tar.bz2 vcxsrv-e7e9a66629ada359ad6a35cdb12e0e35b49e889c.zip |
Added plink tool (version without console, except if output is generated)
Added possibility to build console application or windows application in makefile.after
Diffstat (limited to 'tools/plink/sshsh512.c')
-rw-r--r-- | tools/plink/sshsh512.c | 358 |
1 files changed, 358 insertions, 0 deletions
diff --git a/tools/plink/sshsh512.c b/tools/plink/sshsh512.c new file mode 100644 index 000000000..c025ffd17 --- /dev/null +++ b/tools/plink/sshsh512.c @@ -0,0 +1,358 @@ +/*
+ * SHA-512 algorithm as described at
+ *
+ * http://csrc.nist.gov/cryptval/shs.html
+ */
+
+#include "ssh.h"
+
+#define BLKSIZE 128
+
+/*
+ * Arithmetic implementations. Note that AND, XOR and NOT can
+ * overlap destination with one source, but the others can't.
+ */
+#define add(r,x,y) ( r.lo = y.lo + x.lo, \
+ r.hi = y.hi + x.hi + (r.lo < y.lo) )
+#define rorB(r,x,y) ( r.lo = (x.hi >> ((y)-32)) | (x.lo << (64-(y))), \
+ r.hi = (x.lo >> ((y)-32)) | (x.hi << (64-(y))) )
+#define rorL(r,x,y) ( r.lo = (x.lo >> (y)) | (x.hi << (32-(y))), \
+ r.hi = (x.hi >> (y)) | (x.lo << (32-(y))) )
+#define shrB(r,x,y) ( r.lo = x.hi >> ((y)-32), r.hi = 0 )
+#define shrL(r,x,y) ( r.lo = (x.lo >> (y)) | (x.hi << (32-(y))), \
+ r.hi = x.hi >> (y) )
+#define and(r,x,y) ( r.lo = x.lo & y.lo, r.hi = x.hi & y.hi )
+#define xor(r,x,y) ( r.lo = x.lo ^ y.lo, r.hi = x.hi ^ y.hi )
+#define not(r,x) ( r.lo = ~x.lo, r.hi = ~x.hi )
+#define INIT(h,l) { h, l }
+#define BUILD(r,h,l) ( r.hi = h, r.lo = l )
+#define EXTRACT(h,l,r) ( h = r.hi, l = r.lo )
+
+/* ----------------------------------------------------------------------
+ * Core SHA512 algorithm: processes 16-doubleword blocks into a
+ * message digest.
+ */
+
+#define Ch(r,t,x,y,z) ( not(t,x), and(r,t,z), and(t,x,y), xor(r,r,t) )
+#define Maj(r,t,x,y,z) ( and(r,x,y), and(t,x,z), xor(r,r,t), \
+ and(t,y,z), xor(r,r,t) )
+#define bigsigma0(r,t,x) ( rorL(r,x,28), rorB(t,x,34), xor(r,r,t), \
+ rorB(t,x,39), xor(r,r,t) )
+#define bigsigma1(r,t,x) ( rorL(r,x,14), rorL(t,x,18), xor(r,r,t), \
+ rorB(t,x,41), xor(r,r,t) )
+#define smallsigma0(r,t,x) ( rorL(r,x,1), rorL(t,x,8), xor(r,r,t), \
+ shrL(t,x,7), xor(r,r,t) )
+#define smallsigma1(r,t,x) ( rorL(r,x,19), rorB(t,x,61), xor(r,r,t), \
+ shrL(t,x,6), xor(r,r,t) )
+
+static void SHA512_Core_Init(SHA512_State *s) {
+ static const uint64 iv[] = {
+ INIT(0x6a09e667, 0xf3bcc908),
+ INIT(0xbb67ae85, 0x84caa73b),
+ INIT(0x3c6ef372, 0xfe94f82b),
+ INIT(0xa54ff53a, 0x5f1d36f1),
+ INIT(0x510e527f, 0xade682d1),
+ INIT(0x9b05688c, 0x2b3e6c1f),
+ INIT(0x1f83d9ab, 0xfb41bd6b),
+ INIT(0x5be0cd19, 0x137e2179),
+ };
+ int i;
+ for (i = 0; i < 8; i++)
+ s->h[i] = iv[i];
+}
+
+static void SHA512_Block(SHA512_State *s, uint64 *block) {
+ uint64 w[80];
+ uint64 a,b,c,d,e,f,g,h;
+ static const uint64 k[] = {
+ INIT(0x428a2f98, 0xd728ae22), INIT(0x71374491, 0x23ef65cd),
+ INIT(0xb5c0fbcf, 0xec4d3b2f), INIT(0xe9b5dba5, 0x8189dbbc),
+ INIT(0x3956c25b, 0xf348b538), INIT(0x59f111f1, 0xb605d019),
+ INIT(0x923f82a4, 0xaf194f9b), INIT(0xab1c5ed5, 0xda6d8118),
+ INIT(0xd807aa98, 0xa3030242), INIT(0x12835b01, 0x45706fbe),
+ INIT(0x243185be, 0x4ee4b28c), INIT(0x550c7dc3, 0xd5ffb4e2),
+ INIT(0x72be5d74, 0xf27b896f), INIT(0x80deb1fe, 0x3b1696b1),
+ INIT(0x9bdc06a7, 0x25c71235), INIT(0xc19bf174, 0xcf692694),
+ INIT(0xe49b69c1, 0x9ef14ad2), INIT(0xefbe4786, 0x384f25e3),
+ INIT(0x0fc19dc6, 0x8b8cd5b5), INIT(0x240ca1cc, 0x77ac9c65),
+ INIT(0x2de92c6f, 0x592b0275), INIT(0x4a7484aa, 0x6ea6e483),
+ INIT(0x5cb0a9dc, 0xbd41fbd4), INIT(0x76f988da, 0x831153b5),
+ INIT(0x983e5152, 0xee66dfab), INIT(0xa831c66d, 0x2db43210),
+ INIT(0xb00327c8, 0x98fb213f), INIT(0xbf597fc7, 0xbeef0ee4),
+ INIT(0xc6e00bf3, 0x3da88fc2), INIT(0xd5a79147, 0x930aa725),
+ INIT(0x06ca6351, 0xe003826f), INIT(0x14292967, 0x0a0e6e70),
+ INIT(0x27b70a85, 0x46d22ffc), INIT(0x2e1b2138, 0x5c26c926),
+ INIT(0x4d2c6dfc, 0x5ac42aed), INIT(0x53380d13, 0x9d95b3df),
+ INIT(0x650a7354, 0x8baf63de), INIT(0x766a0abb, 0x3c77b2a8),
+ INIT(0x81c2c92e, 0x47edaee6), INIT(0x92722c85, 0x1482353b),
+ INIT(0xa2bfe8a1, 0x4cf10364), INIT(0xa81a664b, 0xbc423001),
+ INIT(0xc24b8b70, 0xd0f89791), INIT(0xc76c51a3, 0x0654be30),
+ INIT(0xd192e819, 0xd6ef5218), INIT(0xd6990624, 0x5565a910),
+ INIT(0xf40e3585, 0x5771202a), INIT(0x106aa070, 0x32bbd1b8),
+ INIT(0x19a4c116, 0xb8d2d0c8), INIT(0x1e376c08, 0x5141ab53),
+ INIT(0x2748774c, 0xdf8eeb99), INIT(0x34b0bcb5, 0xe19b48a8),
+ INIT(0x391c0cb3, 0xc5c95a63), INIT(0x4ed8aa4a, 0xe3418acb),
+ INIT(0x5b9cca4f, 0x7763e373), INIT(0x682e6ff3, 0xd6b2b8a3),
+ INIT(0x748f82ee, 0x5defb2fc), INIT(0x78a5636f, 0x43172f60),
+ INIT(0x84c87814, 0xa1f0ab72), INIT(0x8cc70208, 0x1a6439ec),
+ INIT(0x90befffa, 0x23631e28), INIT(0xa4506ceb, 0xde82bde9),
+ INIT(0xbef9a3f7, 0xb2c67915), INIT(0xc67178f2, 0xe372532b),
+ INIT(0xca273ece, 0xea26619c), INIT(0xd186b8c7, 0x21c0c207),
+ INIT(0xeada7dd6, 0xcde0eb1e), INIT(0xf57d4f7f, 0xee6ed178),
+ INIT(0x06f067aa, 0x72176fba), INIT(0x0a637dc5, 0xa2c898a6),
+ INIT(0x113f9804, 0xbef90dae), INIT(0x1b710b35, 0x131c471b),
+ INIT(0x28db77f5, 0x23047d84), INIT(0x32caab7b, 0x40c72493),
+ INIT(0x3c9ebe0a, 0x15c9bebc), INIT(0x431d67c4, 0x9c100d4c),
+ INIT(0x4cc5d4be, 0xcb3e42b6), INIT(0x597f299c, 0xfc657e2a),
+ INIT(0x5fcb6fab, 0x3ad6faec), INIT(0x6c44198c, 0x4a475817),
+ };
+
+ int t;
+
+ for (t = 0; t < 16; t++)
+ w[t] = block[t];
+
+ for (t = 16; t < 80; t++) {
+ uint64 p, q, r, tmp;
+ smallsigma1(p, tmp, w[t-2]);
+ smallsigma0(q, tmp, w[t-15]);
+ add(r, p, q);
+ add(p, r, w[t-7]);
+ add(w[t], p, w[t-16]);
+ }
+
+ a = s->h[0]; b = s->h[1]; c = s->h[2]; d = s->h[3];
+ e = s->h[4]; f = s->h[5]; g = s->h[6]; h = s->h[7];
+
+ for (t = 0; t < 80; t+=8) {
+ uint64 tmp, p, q, r;
+
+#define ROUND(j,a,b,c,d,e,f,g,h) \
+ bigsigma1(p, tmp, e); \
+ Ch(q, tmp, e, f, g); \
+ add(r, p, q); \
+ add(p, r, k[j]) ; \
+ add(q, p, w[j]); \
+ add(r, q, h); \
+ bigsigma0(p, tmp, a); \
+ Maj(tmp, q, a, b, c); \
+ add(q, tmp, p); \
+ add(p, r, d); \
+ d = p; \
+ add(h, q, r);
+
+ ROUND(t+0, a,b,c,d,e,f,g,h);
+ ROUND(t+1, h,a,b,c,d,e,f,g);
+ ROUND(t+2, g,h,a,b,c,d,e,f);
+ ROUND(t+3, f,g,h,a,b,c,d,e);
+ ROUND(t+4, e,f,g,h,a,b,c,d);
+ ROUND(t+5, d,e,f,g,h,a,b,c);
+ ROUND(t+6, c,d,e,f,g,h,a,b);
+ ROUND(t+7, b,c,d,e,f,g,h,a);
+ }
+
+ {
+ uint64 tmp;
+#define UPDATE(state, local) ( tmp = state, add(state, tmp, local) )
+ UPDATE(s->h[0], a); UPDATE(s->h[1], b);
+ UPDATE(s->h[2], c); UPDATE(s->h[3], d);
+ UPDATE(s->h[4], e); UPDATE(s->h[5], f);
+ UPDATE(s->h[6], g); UPDATE(s->h[7], h);
+ }
+}
+
+/* ----------------------------------------------------------------------
+ * Outer SHA512 algorithm: take an arbitrary length byte string,
+ * convert it into 16-doubleword blocks with the prescribed padding
+ * at the end, and pass those blocks to the core SHA512 algorithm.
+ */
+
+void SHA512_Init(SHA512_State *s) {
+ int i;
+ SHA512_Core_Init(s);
+ s->blkused = 0;
+ for (i = 0; i < 4; i++)
+ s->len[i] = 0;
+}
+
+void SHA512_Bytes(SHA512_State *s, const void *p, int len) {
+ unsigned char *q = (unsigned char *)p;
+ uint64 wordblock[16];
+ uint32 lenw = len;
+ int i;
+
+ /*
+ * Update the length field.
+ */
+ for (i = 0; i < 4; i++) {
+ s->len[i] += lenw;
+ lenw = (s->len[i] < lenw);
+ }
+
+ if (s->blkused && s->blkused+len < BLKSIZE) {
+ /*
+ * Trivial case: just add to the block.
+ */
+ memcpy(s->block + s->blkused, q, len);
+ s->blkused += len;
+ } else {
+ /*
+ * We must complete and process at least one block.
+ */
+ while (s->blkused + len >= BLKSIZE) {
+ memcpy(s->block + s->blkused, q, BLKSIZE - s->blkused);
+ q += BLKSIZE - s->blkused;
+ len -= BLKSIZE - s->blkused;
+ /* Now process the block. Gather bytes big-endian into words */
+ for (i = 0; i < 16; i++) {
+ uint32 h, l;
+ h = ( ((uint32)s->block[i*8+0]) << 24 ) |
+ ( ((uint32)s->block[i*8+1]) << 16 ) |
+ ( ((uint32)s->block[i*8+2]) << 8 ) |
+ ( ((uint32)s->block[i*8+3]) << 0 );
+ l = ( ((uint32)s->block[i*8+4]) << 24 ) |
+ ( ((uint32)s->block[i*8+5]) << 16 ) |
+ ( ((uint32)s->block[i*8+6]) << 8 ) |
+ ( ((uint32)s->block[i*8+7]) << 0 );
+ BUILD(wordblock[i], h, l);
+ }
+ SHA512_Block(s, wordblock);
+ s->blkused = 0;
+ }
+ memcpy(s->block, q, len);
+ s->blkused = len;
+ }
+}
+
+void SHA512_Final(SHA512_State *s, unsigned char *digest) {
+ int i;
+ int pad;
+ unsigned char c[BLKSIZE];
+ uint32 len[4];
+
+ if (s->blkused >= BLKSIZE-16)
+ pad = (BLKSIZE-16) + BLKSIZE - s->blkused;
+ else
+ pad = (BLKSIZE-16) - s->blkused;
+
+ for (i = 4; i-- ;) {
+ uint32 lenhi = s->len[i];
+ uint32 lenlo = i > 0 ? s->len[i-1] : 0;
+ len[i] = (lenhi << 3) | (lenlo >> (32-3));
+ }
+
+ memset(c, 0, pad);
+ c[0] = 0x80;
+ SHA512_Bytes(s, &c, pad);
+
+ for (i = 0; i < 4; i++) {
+ c[i*4+0] = (len[3-i] >> 24) & 0xFF;
+ c[i*4+1] = (len[3-i] >> 16) & 0xFF;
+ c[i*4+2] = (len[3-i] >> 8) & 0xFF;
+ c[i*4+3] = (len[3-i] >> 0) & 0xFF;
+ }
+
+ SHA512_Bytes(s, &c, 16);
+
+ for (i = 0; i < 8; i++) {
+ uint32 h, l;
+ EXTRACT(h, l, s->h[i]);
+ digest[i*8+0] = (h >> 24) & 0xFF;
+ digest[i*8+1] = (h >> 16) & 0xFF;
+ digest[i*8+2] = (h >> 8) & 0xFF;
+ digest[i*8+3] = (h >> 0) & 0xFF;
+ digest[i*8+4] = (l >> 24) & 0xFF;
+ digest[i*8+5] = (l >> 16) & 0xFF;
+ digest[i*8+6] = (l >> 8) & 0xFF;
+ digest[i*8+7] = (l >> 0) & 0xFF;
+ }
+}
+
+void SHA512_Simple(const void *p, int len, unsigned char *output) {
+ SHA512_State s;
+
+ SHA512_Init(&s);
+ SHA512_Bytes(&s, p, len);
+ SHA512_Final(&s, output);
+}
+
+#ifdef TEST
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+
+int main(void) {
+ unsigned char digest[64];
+ int i, j, errors;
+
+ struct {
+ const char *teststring;
+ unsigned char digest512[64];
+ } tests[] = {
+ { "abc", {
+ 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
+ 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
+ 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
+ 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
+ 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
+ 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
+ 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
+ 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f,
+ } },
+ { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+ "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", {
+ 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
+ 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
+ 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
+ 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
+ 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
+ 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
+ 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
+ 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09,
+ } },
+ { NULL, {
+ 0xe7, 0x18, 0x48, 0x3d, 0x0c, 0xe7, 0x69, 0x64,
+ 0x4e, 0x2e, 0x42, 0xc7, 0xbc, 0x15, 0xb4, 0x63,
+ 0x8e, 0x1f, 0x98, 0xb1, 0x3b, 0x20, 0x44, 0x28,
+ 0x56, 0x32, 0xa8, 0x03, 0xaf, 0xa9, 0x73, 0xeb,
+ 0xde, 0x0f, 0xf2, 0x44, 0x87, 0x7e, 0xa6, 0x0a,
+ 0x4c, 0xb0, 0x43, 0x2c, 0xe5, 0x77, 0xc3, 0x1b,
+ 0xeb, 0x00, 0x9c, 0x5c, 0x2c, 0x49, 0xaa, 0x2e,
+ 0x4e, 0xad, 0xb2, 0x17, 0xad, 0x8c, 0xc0, 0x9b,
+ } },
+ };
+
+ errors = 0;
+
+ for (i = 0; i < sizeof(tests) / sizeof(*tests); i++) {
+ if (tests[i].teststring) {
+ SHA512_Simple(tests[i].teststring,
+ strlen(tests[i].teststring), digest);
+ } else {
+ SHA512_State s;
+ int n;
+ SHA512_Init(&s);
+ for (n = 0; n < 1000000 / 40; n++)
+ SHA512_Bytes(&s, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+ 40);
+ SHA512_Final(&s, digest);
+ }
+ for (j = 0; j < 64; j++) {
+ if (digest[j] != tests[i].digest512[j]) {
+ fprintf(stderr,
+ "\"%s\" digest512 byte %d should be 0x%02x, is 0x%02x\n",
+ tests[i].teststring, j, tests[i].digest512[j],
+ digest[j]);
+ errors++;
+ }
+ }
+
+ }
+
+ printf("%d errors\n", errors);
+
+ return 0;
+}
+
+#endif
|