1 /* gchecksum.h - data hashing functions
2 *
3 * Copyright (C) 2007 Emmanuele Bassi <ebassi@gnome.org>
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public License
16 * along with this library; if not, see <http://www.gnu.org/licenses/>.
17 */
18
19 #include "config.h"
20
21 #include <string.h>
22
23 #include "gchecksum.h"
24
25 #include "gslice.h"
26 #include "gmem.h"
27 #include "gstrfuncs.h"
28 #include "gtestutils.h"
29 #include "gtypes.h"
30 #include "glibintl.h"
31
32
33 /**
34 * SECTION:checksum
35 * @title: Data Checksums
36 * @short_description: computes the checksum for data
37 *
38 * GLib provides a generic API for computing checksums (or "digests")
39 * for a sequence of arbitrary bytes, using various hashing algorithms
40 * like MD5, SHA-1 and SHA-256. Checksums are commonly used in various
41 * environments and specifications.
42 *
43 * GLib supports incremental checksums using the GChecksum data
44 * structure, by calling g_checksum_update() as long as there's data
45 * available and then using g_checksum_get_string() or
46 * g_checksum_get_digest() to compute the checksum and return it either
47 * as a string in hexadecimal form, or as a raw sequence of bytes. To
48 * compute the checksum for binary blobs and NUL-terminated strings in
49 * one go, use the convenience functions g_compute_checksum_for_data()
50 * and g_compute_checksum_for_string(), respectively.
51 *
52 * Support for checksums has been added in GLib 2.16
53 **/
54
55 #define IS_VALID_TYPE(type) ((type) >= G_CHECKSUM_MD5 && (type) <= G_CHECKSUM_SHA384)
56
57 /* The fact that these are lower case characters is part of the ABI */
58 static const gchar hex_digits[] = "0123456789abcdef";
59
60 #define MD5_DATASIZE 64
61 #define MD5_DIGEST_LEN 16
62
63 typedef struct
64 {
65 guint32 buf[4];
66 guint32 bits[2];
67
68 union {
69 guchar data[MD5_DATASIZE];
70 guint32 data32[MD5_DATASIZE / 4];
71 } u;
72
73 guchar digest[MD5_DIGEST_LEN];
74 } Md5sum;
75
76 #define SHA1_DATASIZE 64
77 #define SHA1_DIGEST_LEN 20
78
79 typedef struct
80 {
81 guint32 buf[5];
82 guint32 bits[2];
83
84 /* we pack 64 unsigned chars into 16 32-bit unsigned integers */
85 guint32 data[16];
86
87 guchar digest[SHA1_DIGEST_LEN];
88 } Sha1sum;
89
90 #define SHA256_DATASIZE 64
91 #define SHA256_DIGEST_LEN 32
92
93 typedef struct
94 {
95 guint32 buf[8];
96 guint32 bits[2];
97
98 guint8 data[SHA256_DATASIZE];
99
100 guchar digest[SHA256_DIGEST_LEN];
101 } Sha256sum;
102
103 /* SHA2 is common thing for SHA-384, SHA-512, SHA-512/224 and SHA-512/256 */
104 #define SHA2_BLOCK_LEN 128 /* 1024 bits message block */
105 #define SHA384_DIGEST_LEN 48
106 #define SHA512_DIGEST_LEN 64
107
108 typedef struct
109 {
110 guint64 H[8];
111
112 guint8 block[SHA2_BLOCK_LEN];
113 guint8 block_len;
114
115 guint64 data_len[2];
116
117 guchar digest[SHA512_DIGEST_LEN];
118 } Sha512sum;
119
120 struct _GChecksum
121 {
122 GChecksumType type;
123
124 gchar *digest_str;
125
126 union {
127 Md5sum md5;
128 Sha1sum sha1;
129 Sha256sum sha256;
130 Sha512sum sha512;
131 } sum;
132 };
133
134 /* we need different byte swapping functions because MD5 expects buffers
135 * to be little-endian, while SHA1 and SHA256 expect them in big-endian
136 * form.
137 */
138
139 #if G_BYTE_ORDER == G_LITTLE_ENDIAN
140 #define md5_byte_reverse(buffer,length)
141 #else
142 /* assume that the passed buffer is integer aligned */
143 static inline void
md5_byte_reverse(guchar * buffer,gulong length)144 md5_byte_reverse (guchar *buffer,
145 gulong length)
146 {
147 guint32 bit;
148
149 do
150 {
151 bit = (guint32) ((unsigned) buffer[3] << 8 | buffer[2]) << 16 |
152 ((unsigned) buffer[1] << 8 | buffer[0]);
153 * (guint32 *) buffer = bit;
154 buffer += 4;
155 }
156 while (--length);
157 }
158 #endif /* G_BYTE_ORDER == G_LITTLE_ENDIAN */
159
160 #if G_BYTE_ORDER == G_BIG_ENDIAN
161 #define sha_byte_reverse(buffer,length)
162 #else
163 static inline void
sha_byte_reverse(guint32 * buffer,gint length)164 sha_byte_reverse (guint32 *buffer,
165 gint length)
166 {
167 length /= sizeof (guint32);
168 while (length--)
169 {
170 *buffer = GUINT32_SWAP_LE_BE (*buffer);
171 ++buffer;
172 }
173 }
174 #endif /* G_BYTE_ORDER == G_BIG_ENDIAN */
175
176 static gchar *
digest_to_string(guint8 * digest,gsize digest_len)177 digest_to_string (guint8 *digest,
178 gsize digest_len)
179 {
180 gsize i, len = digest_len * 2;
181 gchar *retval;
182
183 retval = g_new (gchar, len + 1);
184
185 for (i = 0; i < digest_len; i++)
186 {
187 guint8 byte = digest[i];
188
189 retval[2 * i] = hex_digits[byte >> 4];
190 retval[2 * i + 1] = hex_digits[byte & 0xf];
191 }
192
193 retval[len] = 0;
194
195 return retval;
196 }
197
198 /*
199 * MD5 Checksum
200 */
201
202 /* This MD5 digest computation is based on the equivalent code
203 * written by Colin Plumb. It came with this notice:
204 *
205 * This code implements the MD5 message-digest algorithm.
206 * The algorithm is due to Ron Rivest. This code was
207 * written by Colin Plumb in 1993, no copyright is claimed.
208 * This code is in the public domain; do with it what you wish.
209 *
210 * Equivalent code is available from RSA Data Security, Inc.
211 * This code has been tested against that, and is equivalent,
212 * except that you don't need to include two pages of legalese
213 * with every copy.
214 */
215
216 static void
md5_sum_init(Md5sum * md5)217 md5_sum_init (Md5sum *md5)
218 {
219 /* arbitrary constants */
220 md5->buf[0] = 0x67452301;
221 md5->buf[1] = 0xefcdab89;
222 md5->buf[2] = 0x98badcfe;
223 md5->buf[3] = 0x10325476;
224
225 md5->bits[0] = md5->bits[1] = 0;
226 }
227
228 /*
229 * The core of the MD5 algorithm, this alters an existing MD5 hash to
230 * reflect the addition of 16 longwords of new data. md5_sum_update()
231 * blocks the data and converts bytes into longwords for this routine.
232 */
233 static void
md5_transform(guint32 buf[4],guint32 const in[16])234 md5_transform (guint32 buf[4],
235 guint32 const in[16])
236 {
237 guint32 a, b, c, d;
238
239 /* The four core functions - F1 is optimized somewhat */
240 #define F1(x, y, z) (z ^ (x & (y ^ z)))
241 #define F2(x, y, z) F1 (z, x, y)
242 #define F3(x, y, z) (x ^ y ^ z)
243 #define F4(x, y, z) (y ^ (x | ~z))
244
245 /* This is the central step in the MD5 algorithm. */
246 #define md5_step(f, w, x, y, z, data, s) \
247 ( w += f (x, y, z) + data, w = w << s | w >> (32 - s), w += x )
248
249 a = buf[0];
250 b = buf[1];
251 c = buf[2];
252 d = buf[3];
253
254 md5_step (F1, a, b, c, d, in[0] + 0xd76aa478, 7);
255 md5_step (F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
256 md5_step (F1, c, d, a, b, in[2] + 0x242070db, 17);
257 md5_step (F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
258 md5_step (F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
259 md5_step (F1, d, a, b, c, in[5] + 0x4787c62a, 12);
260 md5_step (F1, c, d, a, b, in[6] + 0xa8304613, 17);
261 md5_step (F1, b, c, d, a, in[7] + 0xfd469501, 22);
262 md5_step (F1, a, b, c, d, in[8] + 0x698098d8, 7);
263 md5_step (F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
264 md5_step (F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
265 md5_step (F1, b, c, d, a, in[11] + 0x895cd7be, 22);
266 md5_step (F1, a, b, c, d, in[12] + 0x6b901122, 7);
267 md5_step (F1, d, a, b, c, in[13] + 0xfd987193, 12);
268 md5_step (F1, c, d, a, b, in[14] + 0xa679438e, 17);
269 md5_step (F1, b, c, d, a, in[15] + 0x49b40821, 22);
270
271 md5_step (F2, a, b, c, d, in[1] + 0xf61e2562, 5);
272 md5_step (F2, d, a, b, c, in[6] + 0xc040b340, 9);
273 md5_step (F2, c, d, a, b, in[11] + 0x265e5a51, 14);
274 md5_step (F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
275 md5_step (F2, a, b, c, d, in[5] + 0xd62f105d, 5);
276 md5_step (F2, d, a, b, c, in[10] + 0x02441453, 9);
277 md5_step (F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
278 md5_step (F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
279 md5_step (F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
280 md5_step (F2, d, a, b, c, in[14] + 0xc33707d6, 9);
281 md5_step (F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
282 md5_step (F2, b, c, d, a, in[8] + 0x455a14ed, 20);
283 md5_step (F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
284 md5_step (F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
285 md5_step (F2, c, d, a, b, in[7] + 0x676f02d9, 14);
286 md5_step (F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
287
288 md5_step (F3, a, b, c, d, in[5] + 0xfffa3942, 4);
289 md5_step (F3, d, a, b, c, in[8] + 0x8771f681, 11);
290 md5_step (F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
291 md5_step (F3, b, c, d, a, in[14] + 0xfde5380c, 23);
292 md5_step (F3, a, b, c, d, in[1] + 0xa4beea44, 4);
293 md5_step (F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
294 md5_step (F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
295 md5_step (F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
296 md5_step (F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
297 md5_step (F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
298 md5_step (F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
299 md5_step (F3, b, c, d, a, in[6] + 0x04881d05, 23);
300 md5_step (F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
301 md5_step (F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
302 md5_step (F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
303 md5_step (F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
304
305 md5_step (F4, a, b, c, d, in[0] + 0xf4292244, 6);
306 md5_step (F4, d, a, b, c, in[7] + 0x432aff97, 10);
307 md5_step (F4, c, d, a, b, in[14] + 0xab9423a7, 15);
308 md5_step (F4, b, c, d, a, in[5] + 0xfc93a039, 21);
309 md5_step (F4, a, b, c, d, in[12] + 0x655b59c3, 6);
310 md5_step (F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
311 md5_step (F4, c, d, a, b, in[10] + 0xffeff47d, 15);
312 md5_step (F4, b, c, d, a, in[1] + 0x85845dd1, 21);
313 md5_step (F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
314 md5_step (F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
315 md5_step (F4, c, d, a, b, in[6] + 0xa3014314, 15);
316 md5_step (F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
317 md5_step (F4, a, b, c, d, in[4] + 0xf7537e82, 6);
318 md5_step (F4, d, a, b, c, in[11] + 0xbd3af235, 10);
319 md5_step (F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
320 md5_step (F4, b, c, d, a, in[9] + 0xeb86d391, 21);
321
322 buf[0] += a;
323 buf[1] += b;
324 buf[2] += c;
325 buf[3] += d;
326
327 #undef F1
328 #undef F2
329 #undef F3
330 #undef F4
331 #undef md5_step
332 }
333
334 static void
md5_sum_update(Md5sum * md5,const guchar * data,gsize length)335 md5_sum_update (Md5sum *md5,
336 const guchar *data,
337 gsize length)
338 {
339 guint32 bit;
340
341 bit = md5->bits[0];
342 md5->bits[0] = bit + ((guint32) length << 3);
343
344 /* carry from low to high */
345 if (md5->bits[0] < bit)
346 md5->bits[1] += 1;
347
348 md5->bits[1] += length >> 29;
349
350 /* bytes already in Md5sum->u.data */
351 bit = (bit >> 3) & 0x3f;
352
353 /* handle any leading odd-sized chunks */
354 if (bit)
355 {
356 guchar *p = md5->u.data + bit;
357
358 bit = MD5_DATASIZE - bit;
359 if (length < bit)
360 {
361 memcpy (p, data, length);
362 return;
363 }
364
365 memcpy (p, data, bit);
366
367 md5_byte_reverse (md5->u.data, 16);
368 md5_transform (md5->buf, md5->u.data32);
369
370 data += bit;
371 length -= bit;
372 }
373
374 /* process data in 64-byte chunks */
375 while (length >= MD5_DATASIZE)
376 {
377 memcpy (md5->u.data, data, MD5_DATASIZE);
378
379 md5_byte_reverse (md5->u.data, 16);
380 md5_transform (md5->buf, md5->u.data32);
381
382 data += MD5_DATASIZE;
383 length -= MD5_DATASIZE;
384 }
385
386 /* handle any remaining bytes of data */
387 memcpy (md5->u.data, data, length);
388 }
389
390 /* closes a checksum */
391 static void
md5_sum_close(Md5sum * md5)392 md5_sum_close (Md5sum *md5)
393 {
394 guint count;
395 guchar *p;
396
397 /* Compute number of bytes mod 64 */
398 count = (md5->bits[0] >> 3) & 0x3F;
399
400 /* Set the first char of padding to 0x80.
401 * This is safe since there is always at least one byte free
402 */
403 p = md5->u.data + count;
404 *p++ = 0x80;
405
406 /* Bytes of padding needed to make 64 bytes */
407 count = MD5_DATASIZE - 1 - count;
408
409 /* Pad out to 56 mod 64 */
410 if (count < 8)
411 {
412 /* Two lots of padding: Pad the first block to 64 bytes */
413 memset (p, 0, count);
414
415 md5_byte_reverse (md5->u.data, 16);
416 md5_transform (md5->buf, md5->u.data32);
417
418 /* Now fill the next block with 56 bytes */
419 memset (md5->u.data, 0, MD5_DATASIZE - 8);
420 }
421 else
422 {
423 /* Pad block to 56 bytes */
424 memset (p, 0, count - 8);
425 }
426
427 md5_byte_reverse (md5->u.data, 14);
428
429 /* Append length in bits and transform */
430 md5->u.data32[14] = md5->bits[0];
431 md5->u.data32[15] = md5->bits[1];
432
433 md5_transform (md5->buf, md5->u.data32);
434 md5_byte_reverse ((guchar *) md5->buf, 4);
435
436 memcpy (md5->digest, md5->buf, 16);
437
438 /* Reset buffers in case they contain sensitive data */
439 memset (md5->buf, 0, sizeof (md5->buf));
440 memset (md5->u.data, 0, sizeof (md5->u.data));
441 }
442
443 static gchar *
md5_sum_to_string(Md5sum * md5)444 md5_sum_to_string (Md5sum *md5)
445 {
446 return digest_to_string (md5->digest, MD5_DIGEST_LEN);
447 }
448
449 static void
md5_sum_digest(Md5sum * md5,guint8 * digest)450 md5_sum_digest (Md5sum *md5,
451 guint8 *digest)
452 {
453 gint i;
454
455 for (i = 0; i < MD5_DIGEST_LEN; i++)
456 digest[i] = md5->digest[i];
457 }
458
459 /*
460 * SHA-1 Checksum
461 */
462
463 /* The following implementation comes from D-Bus dbus-sha.c. I've changed
464 * it to use GLib types and to work more like the MD5 implementation above.
465 * I left the comments to have a history of this code.
466 * -- Emmanuele Bassi, ebassi@gnome.org
467 */
468
469 /* The following comments have the history of where this code
470 * comes from. I actually copied it from GNet in GNOME CVS.
471 * - hp@redhat.com
472 */
473
474 /*
475 * sha.h : Implementation of the Secure Hash Algorithm
476 *
477 * Part of the Python Cryptography Toolkit, version 1.0.0
478 *
479 * Copyright (C) 1995, A.M. Kuchling
480 *
481 * Distribute and use freely; there are no restrictions on further
482 * dissemination and usage except those imposed by the laws of your
483 * country of residence.
484 *
485 */
486
487 /* SHA: NIST's Secure Hash Algorithm */
488
489 /* Based on SHA code originally posted to sci.crypt by Peter Gutmann
490 in message <30ajo5$oe8@ccu2.auckland.ac.nz>.
491 Modified to test for endianness on creation of SHA objects by AMK.
492 Also, the original specification of SHA was found to have a weakness
493 by NSA/NIST. This code implements the fixed version of SHA.
494 */
495
496 /* Here's the first paragraph of Peter Gutmann's posting:
497
498 The following is my SHA (FIPS 180) code updated to allow use of the "fixed"
499 SHA, thanks to Jim Gillogly and an anonymous contributor for the information on
500 what's changed in the new version. The fix is a simple change which involves
501 adding a single rotate in the initial expansion function. It is unknown
502 whether this is an optimal solution to the problem which was discovered in the
503 SHA or whether it's simply a bandaid which fixes the problem with a minimum of
504 effort (for example the reengineering of a great many Capstone chips).
505 */
506
507 static void
sha1_sum_init(Sha1sum * sha1)508 sha1_sum_init (Sha1sum *sha1)
509 {
510 /* initialize constants */
511 sha1->buf[0] = 0x67452301L;
512 sha1->buf[1] = 0xEFCDAB89L;
513 sha1->buf[2] = 0x98BADCFEL;
514 sha1->buf[3] = 0x10325476L;
515 sha1->buf[4] = 0xC3D2E1F0L;
516
517 /* initialize bits */
518 sha1->bits[0] = sha1->bits[1] = 0;
519 }
520
521 /* The SHA f()-functions. */
522
523 #define f1(x,y,z) (z ^ (x & (y ^ z))) /* Rounds 0-19 */
524 #define f2(x,y,z) (x ^ y ^ z) /* Rounds 20-39 */
525 #define f3(x,y,z) (( x & y) | (z & (x | y))) /* Rounds 40-59 */
526 #define f4(x,y,z) (x ^ y ^ z) /* Rounds 60-79 */
527
528 /* The SHA Mysterious Constants */
529 #define K1 0x5A827999L /* Rounds 0-19 */
530 #define K2 0x6ED9EBA1L /* Rounds 20-39 */
531 #define K3 0x8F1BBCDCL /* Rounds 40-59 */
532 #define K4 0xCA62C1D6L /* Rounds 60-79 */
533
534 /* 32-bit rotate left - kludged with shifts */
535 #define ROTL(n,X) (((X) << n ) | ((X) >> (32 - n)))
536
537 /* The initial expanding function. The hash function is defined over an
538 80-word expanded input array W, where the first 16 are copies of the input
539 data, and the remaining 64 are defined by
540
541 W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ]
542
543 This implementation generates these values on the fly in a circular
544 buffer - thanks to Colin Plumb, colin@nyx10.cs.du.edu for this
545 optimization.
546
547 The updated SHA changes the expanding function by adding a rotate of 1
548 bit. Thanks to Jim Gillogly, jim@rand.org, and an anonymous contributor
549 for this information */
550
551 #define expand(W,i) (W[ i & 15 ] = ROTL (1, (W[ i & 15] ^ \
552 W[(i - 14) & 15] ^ \
553 W[(i - 8) & 15] ^ \
554 W[(i - 3) & 15])))
555
556
557 /* The prototype SHA sub-round. The fundamental sub-round is:
558
559 a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data;
560 b' = a;
561 c' = ROTL( 30, b );
562 d' = c;
563 e' = d;
564
565 but this is implemented by unrolling the loop 5 times and renaming the
566 variables ( e, a, b, c, d ) = ( a', b', c', d', e' ) each iteration.
567 This code is then replicated 20 times for each of the 4 functions, using
568 the next 20 values from the W[] array each time */
569
570 #define subRound(a, b, c, d, e, f, k, data) \
571 (e += ROTL (5, a) + f(b, c, d) + k + data, b = ROTL (30, b))
572
573 static void
sha1_transform(guint32 buf[5],guint32 in[16])574 sha1_transform (guint32 buf[5],
575 guint32 in[16])
576 {
577 guint32 A, B, C, D, E;
578
579 A = buf[0];
580 B = buf[1];
581 C = buf[2];
582 D = buf[3];
583 E = buf[4];
584
585 /* Heavy mangling, in 4 sub-rounds of 20 iterations each. */
586 subRound (A, B, C, D, E, f1, K1, in[0]);
587 subRound (E, A, B, C, D, f1, K1, in[1]);
588 subRound (D, E, A, B, C, f1, K1, in[2]);
589 subRound (C, D, E, A, B, f1, K1, in[3]);
590 subRound (B, C, D, E, A, f1, K1, in[4]);
591 subRound (A, B, C, D, E, f1, K1, in[5]);
592 subRound (E, A, B, C, D, f1, K1, in[6]);
593 subRound (D, E, A, B, C, f1, K1, in[7]);
594 subRound (C, D, E, A, B, f1, K1, in[8]);
595 subRound (B, C, D, E, A, f1, K1, in[9]);
596 subRound (A, B, C, D, E, f1, K1, in[10]);
597 subRound (E, A, B, C, D, f1, K1, in[11]);
598 subRound (D, E, A, B, C, f1, K1, in[12]);
599 subRound (C, D, E, A, B, f1, K1, in[13]);
600 subRound (B, C, D, E, A, f1, K1, in[14]);
601 subRound (A, B, C, D, E, f1, K1, in[15]);
602 subRound (E, A, B, C, D, f1, K1, expand (in, 16));
603 subRound (D, E, A, B, C, f1, K1, expand (in, 17));
604 subRound (C, D, E, A, B, f1, K1, expand (in, 18));
605 subRound (B, C, D, E, A, f1, K1, expand (in, 19));
606
607 subRound (A, B, C, D, E, f2, K2, expand (in, 20));
608 subRound (E, A, B, C, D, f2, K2, expand (in, 21));
609 subRound (D, E, A, B, C, f2, K2, expand (in, 22));
610 subRound (C, D, E, A, B, f2, K2, expand (in, 23));
611 subRound (B, C, D, E, A, f2, K2, expand (in, 24));
612 subRound (A, B, C, D, E, f2, K2, expand (in, 25));
613 subRound (E, A, B, C, D, f2, K2, expand (in, 26));
614 subRound (D, E, A, B, C, f2, K2, expand (in, 27));
615 subRound (C, D, E, A, B, f2, K2, expand (in, 28));
616 subRound (B, C, D, E, A, f2, K2, expand (in, 29));
617 subRound (A, B, C, D, E, f2, K2, expand (in, 30));
618 subRound (E, A, B, C, D, f2, K2, expand (in, 31));
619 subRound (D, E, A, B, C, f2, K2, expand (in, 32));
620 subRound (C, D, E, A, B, f2, K2, expand (in, 33));
621 subRound (B, C, D, E, A, f2, K2, expand (in, 34));
622 subRound (A, B, C, D, E, f2, K2, expand (in, 35));
623 subRound (E, A, B, C, D, f2, K2, expand (in, 36));
624 subRound (D, E, A, B, C, f2, K2, expand (in, 37));
625 subRound (C, D, E, A, B, f2, K2, expand (in, 38));
626 subRound (B, C, D, E, A, f2, K2, expand (in, 39));
627
628 subRound (A, B, C, D, E, f3, K3, expand (in, 40));
629 subRound (E, A, B, C, D, f3, K3, expand (in, 41));
630 subRound (D, E, A, B, C, f3, K3, expand (in, 42));
631 subRound (C, D, E, A, B, f3, K3, expand (in, 43));
632 subRound (B, C, D, E, A, f3, K3, expand (in, 44));
633 subRound (A, B, C, D, E, f3, K3, expand (in, 45));
634 subRound (E, A, B, C, D, f3, K3, expand (in, 46));
635 subRound (D, E, A, B, C, f3, K3, expand (in, 47));
636 subRound (C, D, E, A, B, f3, K3, expand (in, 48));
637 subRound (B, C, D, E, A, f3, K3, expand (in, 49));
638 subRound (A, B, C, D, E, f3, K3, expand (in, 50));
639 subRound (E, A, B, C, D, f3, K3, expand (in, 51));
640 subRound (D, E, A, B, C, f3, K3, expand (in, 52));
641 subRound (C, D, E, A, B, f3, K3, expand (in, 53));
642 subRound (B, C, D, E, A, f3, K3, expand (in, 54));
643 subRound (A, B, C, D, E, f3, K3, expand (in, 55));
644 subRound (E, A, B, C, D, f3, K3, expand (in, 56));
645 subRound (D, E, A, B, C, f3, K3, expand (in, 57));
646 subRound (C, D, E, A, B, f3, K3, expand (in, 58));
647 subRound (B, C, D, E, A, f3, K3, expand (in, 59));
648
649 subRound (A, B, C, D, E, f4, K4, expand (in, 60));
650 subRound (E, A, B, C, D, f4, K4, expand (in, 61));
651 subRound (D, E, A, B, C, f4, K4, expand (in, 62));
652 subRound (C, D, E, A, B, f4, K4, expand (in, 63));
653 subRound (B, C, D, E, A, f4, K4, expand (in, 64));
654 subRound (A, B, C, D, E, f4, K4, expand (in, 65));
655 subRound (E, A, B, C, D, f4, K4, expand (in, 66));
656 subRound (D, E, A, B, C, f4, K4, expand (in, 67));
657 subRound (C, D, E, A, B, f4, K4, expand (in, 68));
658 subRound (B, C, D, E, A, f4, K4, expand (in, 69));
659 subRound (A, B, C, D, E, f4, K4, expand (in, 70));
660 subRound (E, A, B, C, D, f4, K4, expand (in, 71));
661 subRound (D, E, A, B, C, f4, K4, expand (in, 72));
662 subRound (C, D, E, A, B, f4, K4, expand (in, 73));
663 subRound (B, C, D, E, A, f4, K4, expand (in, 74));
664 subRound (A, B, C, D, E, f4, K4, expand (in, 75));
665 subRound (E, A, B, C, D, f4, K4, expand (in, 76));
666 subRound (D, E, A, B, C, f4, K4, expand (in, 77));
667 subRound (C, D, E, A, B, f4, K4, expand (in, 78));
668 subRound (B, C, D, E, A, f4, K4, expand (in, 79));
669
670 /* Build message digest */
671 buf[0] += A;
672 buf[1] += B;
673 buf[2] += C;
674 buf[3] += D;
675 buf[4] += E;
676 }
677
678 #undef K1
679 #undef K2
680 #undef K3
681 #undef K4
682 #undef f1
683 #undef f2
684 #undef f3
685 #undef f4
686 #undef ROTL
687 #undef expand
688 #undef subRound
689
690 static void
sha1_sum_update(Sha1sum * sha1,const guchar * buffer,gsize count)691 sha1_sum_update (Sha1sum *sha1,
692 const guchar *buffer,
693 gsize count)
694 {
695 guint32 tmp;
696 guint dataCount;
697
698 /* Update bitcount */
699 tmp = sha1->bits[0];
700 if ((sha1->bits[0] = tmp + ((guint32) count << 3) ) < tmp)
701 sha1->bits[1] += 1; /* Carry from low to high */
702 sha1->bits[1] += count >> 29;
703
704 /* Get count of bytes already in data */
705 dataCount = (guint) (tmp >> 3) & 0x3F;
706
707 /* Handle any leading odd-sized chunks */
708 if (dataCount)
709 {
710 guchar *p = (guchar *) sha1->data + dataCount;
711
712 dataCount = SHA1_DATASIZE - dataCount;
713 if (count < dataCount)
714 {
715 memcpy (p, buffer, count);
716 return;
717 }
718
719 memcpy (p, buffer, dataCount);
720
721 sha_byte_reverse (sha1->data, SHA1_DATASIZE);
722 sha1_transform (sha1->buf, sha1->data);
723
724 buffer += dataCount;
725 count -= dataCount;
726 }
727
728 /* Process data in SHA1_DATASIZE chunks */
729 while (count >= SHA1_DATASIZE)
730 {
731 memcpy (sha1->data, buffer, SHA1_DATASIZE);
732
733 sha_byte_reverse (sha1->data, SHA1_DATASIZE);
734 sha1_transform (sha1->buf, sha1->data);
735
736 buffer += SHA1_DATASIZE;
737 count -= SHA1_DATASIZE;
738 }
739
740 /* Handle any remaining bytes of data. */
741 memcpy (sha1->data, buffer, count);
742 }
743
744 /* Final wrapup - pad to SHA_DATASIZE-byte boundary with the bit pattern
745 1 0* (64-bit count of bits processed, MSB-first) */
746 static void
sha1_sum_close(Sha1sum * sha1)747 sha1_sum_close (Sha1sum *sha1)
748 {
749 gint count;
750 guchar *data_p;
751
752 /* Compute number of bytes mod 64 */
753 count = (gint) ((sha1->bits[0] >> 3) & 0x3f);
754
755 /* Set the first char of padding to 0x80. This is safe since there is
756 always at least one byte free */
757 data_p = (guchar *) sha1->data + count;
758 *data_p++ = 0x80;
759
760 /* Bytes of padding needed to make 64 bytes */
761 count = SHA1_DATASIZE - 1 - count;
762
763 /* Pad out to 56 mod 64 */
764 if (count < 8)
765 {
766 /* Two lots of padding: Pad the first block to 64 bytes */
767 memset (data_p, 0, count);
768
769 sha_byte_reverse (sha1->data, SHA1_DATASIZE);
770 sha1_transform (sha1->buf, sha1->data);
771
772 /* Now fill the next block with 56 bytes */
773 memset (sha1->data, 0, SHA1_DATASIZE - 8);
774 }
775 else
776 {
777 /* Pad block to 56 bytes */
778 memset (data_p, 0, count - 8);
779 }
780
781 /* Append length in bits and transform */
782 sha1->data[14] = sha1->bits[1];
783 sha1->data[15] = sha1->bits[0];
784
785 sha_byte_reverse (sha1->data, SHA1_DATASIZE - 8);
786 sha1_transform (sha1->buf, sha1->data);
787 sha_byte_reverse (sha1->buf, SHA1_DIGEST_LEN);
788
789 memcpy (sha1->digest, sha1->buf, SHA1_DIGEST_LEN);
790
791 /* Reset buffers in case they contain sensitive data */
792 memset (sha1->buf, 0, sizeof (sha1->buf));
793 memset (sha1->data, 0, sizeof (sha1->data));
794 }
795
796 static gchar *
sha1_sum_to_string(Sha1sum * sha1)797 sha1_sum_to_string (Sha1sum *sha1)
798 {
799 return digest_to_string (sha1->digest, SHA1_DIGEST_LEN);
800 }
801
802 static void
sha1_sum_digest(Sha1sum * sha1,guint8 * digest)803 sha1_sum_digest (Sha1sum *sha1,
804 guint8 *digest)
805 {
806 gint i;
807
808 for (i = 0; i < SHA1_DIGEST_LEN; i++)
809 digest[i] = sha1->digest[i];
810 }
811
812 /*
813 * SHA-256 Checksum
814 */
815
816 /* adapted from the SHA256 implementation in gsk/src/hash/gskhash.c.
817 *
818 * Copyright (C) 2006 Dave Benson
819 * Released under the terms of the GNU Lesser General Public License
820 */
821
822 static void
sha256_sum_init(Sha256sum * sha256)823 sha256_sum_init (Sha256sum *sha256)
824 {
825 sha256->buf[0] = 0x6a09e667;
826 sha256->buf[1] = 0xbb67ae85;
827 sha256->buf[2] = 0x3c6ef372;
828 sha256->buf[3] = 0xa54ff53a;
829 sha256->buf[4] = 0x510e527f;
830 sha256->buf[5] = 0x9b05688c;
831 sha256->buf[6] = 0x1f83d9ab;
832 sha256->buf[7] = 0x5be0cd19;
833
834 sha256->bits[0] = sha256->bits[1] = 0;
835 }
836
837 #define GET_UINT32(n,b,i) G_STMT_START{ \
838 (n) = ((guint32) (b)[(i) ] << 24) \
839 | ((guint32) (b)[(i) + 1] << 16) \
840 | ((guint32) (b)[(i) + 2] << 8) \
841 | ((guint32) (b)[(i) + 3] ); } G_STMT_END
842
843 #define PUT_UINT32(n,b,i) G_STMT_START{ \
844 (b)[(i) ] = (guint8) ((n) >> 24); \
845 (b)[(i) + 1] = (guint8) ((n) >> 16); \
846 (b)[(i) + 2] = (guint8) ((n) >> 8); \
847 (b)[(i) + 3] = (guint8) ((n) ); } G_STMT_END
848
849 static void
sha256_transform(guint32 buf[8],guint8 const data[64])850 sha256_transform (guint32 buf[8],
851 guint8 const data[64])
852 {
853 guint32 temp1, temp2, W[64];
854 guint32 A, B, C, D, E, F, G, H;
855
856 GET_UINT32 (W[0], data, 0);
857 GET_UINT32 (W[1], data, 4);
858 GET_UINT32 (W[2], data, 8);
859 GET_UINT32 (W[3], data, 12);
860 GET_UINT32 (W[4], data, 16);
861 GET_UINT32 (W[5], data, 20);
862 GET_UINT32 (W[6], data, 24);
863 GET_UINT32 (W[7], data, 28);
864 GET_UINT32 (W[8], data, 32);
865 GET_UINT32 (W[9], data, 36);
866 GET_UINT32 (W[10], data, 40);
867 GET_UINT32 (W[11], data, 44);
868 GET_UINT32 (W[12], data, 48);
869 GET_UINT32 (W[13], data, 52);
870 GET_UINT32 (W[14], data, 56);
871 GET_UINT32 (W[15], data, 60);
872
873 #define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
874 #define ROTR(x,n) (SHR (x,n) | (x << (32 - n)))
875
876 #define S0(x) (ROTR (x, 7) ^ ROTR (x,18) ^ SHR (x, 3))
877 #define S1(x) (ROTR (x,17) ^ ROTR (x,19) ^ SHR (x,10))
878 #define S2(x) (ROTR (x, 2) ^ ROTR (x,13) ^ ROTR (x,22))
879 #define S3(x) (ROTR (x, 6) ^ ROTR (x,11) ^ ROTR (x,25))
880
881 #define F0(x,y,z) ((x & y) | (z & (x | y)))
882 #define F1(x,y,z) (z ^ (x & (y ^ z)))
883
884 #define R(t) (W[t] = S1(W[t - 2]) + W[t - 7] + \
885 S0(W[t - 15]) + W[t - 16])
886
887 #define P(a,b,c,d,e,f,g,h,x,K) G_STMT_START { \
888 temp1 = h + S3(e) + F1(e,f,g) + K + x; \
889 temp2 = S2(a) + F0(a,b,c); \
890 d += temp1; h = temp1 + temp2; } G_STMT_END
891
892 A = buf[0];
893 B = buf[1];
894 C = buf[2];
895 D = buf[3];
896 E = buf[4];
897 F = buf[5];
898 G = buf[6];
899 H = buf[7];
900
901 P (A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98);
902 P (H, A, B, C, D, E, F, G, W[ 1], 0x71374491);
903 P (G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF);
904 P (F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5);
905 P (E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B);
906 P (D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1);
907 P (C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4);
908 P (B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5);
909 P (A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98);
910 P (H, A, B, C, D, E, F, G, W[ 9], 0x12835B01);
911 P (G, H, A, B, C, D, E, F, W[10], 0x243185BE);
912 P (F, G, H, A, B, C, D, E, W[11], 0x550C7DC3);
913 P (E, F, G, H, A, B, C, D, W[12], 0x72BE5D74);
914 P (D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE);
915 P (C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7);
916 P (B, C, D, E, F, G, H, A, W[15], 0xC19BF174);
917 P (A, B, C, D, E, F, G, H, R(16), 0xE49B69C1);
918 P (H, A, B, C, D, E, F, G, R(17), 0xEFBE4786);
919 P (G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6);
920 P (F, G, H, A, B, C, D, E, R(19), 0x240CA1CC);
921 P (E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F);
922 P (D, E, F, G, H, A, B, C, R(21), 0x4A7484AA);
923 P (C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC);
924 P (B, C, D, E, F, G, H, A, R(23), 0x76F988DA);
925 P (A, B, C, D, E, F, G, H, R(24), 0x983E5152);
926 P (H, A, B, C, D, E, F, G, R(25), 0xA831C66D);
927 P (G, H, A, B, C, D, E, F, R(26), 0xB00327C8);
928 P (F, G, H, A, B, C, D, E, R(27), 0xBF597FC7);
929 P (E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3);
930 P (D, E, F, G, H, A, B, C, R(29), 0xD5A79147);
931 P (C, D, E, F, G, H, A, B, R(30), 0x06CA6351);
932 P (B, C, D, E, F, G, H, A, R(31), 0x14292967);
933 P (A, B, C, D, E, F, G, H, R(32), 0x27B70A85);
934 P (H, A, B, C, D, E, F, G, R(33), 0x2E1B2138);
935 P (G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC);
936 P (F, G, H, A, B, C, D, E, R(35), 0x53380D13);
937 P (E, F, G, H, A, B, C, D, R(36), 0x650A7354);
938 P (D, E, F, G, H, A, B, C, R(37), 0x766A0ABB);
939 P (C, D, E, F, G, H, A, B, R(38), 0x81C2C92E);
940 P (B, C, D, E, F, G, H, A, R(39), 0x92722C85);
941 P (A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1);
942 P (H, A, B, C, D, E, F, G, R(41), 0xA81A664B);
943 P (G, H, A, B, C, D, E, F, R(42), 0xC24B8B70);
944 P (F, G, H, A, B, C, D, E, R(43), 0xC76C51A3);
945 P (E, F, G, H, A, B, C, D, R(44), 0xD192E819);
946 P (D, E, F, G, H, A, B, C, R(45), 0xD6990624);
947 P (C, D, E, F, G, H, A, B, R(46), 0xF40E3585);
948 P (B, C, D, E, F, G, H, A, R(47), 0x106AA070);
949 P (A, B, C, D, E, F, G, H, R(48), 0x19A4C116);
950 P (H, A, B, C, D, E, F, G, R(49), 0x1E376C08);
951 P (G, H, A, B, C, D, E, F, R(50), 0x2748774C);
952 P (F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5);
953 P (E, F, G, H, A, B, C, D, R(52), 0x391C0CB3);
954 P (D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A);
955 P (C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F);
956 P (B, C, D, E, F, G, H, A, R(55), 0x682E6FF3);
957 P (A, B, C, D, E, F, G, H, R(56), 0x748F82EE);
958 P (H, A, B, C, D, E, F, G, R(57), 0x78A5636F);
959 P (G, H, A, B, C, D, E, F, R(58), 0x84C87814);
960 P (F, G, H, A, B, C, D, E, R(59), 0x8CC70208);
961 P (E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA);
962 P (D, E, F, G, H, A, B, C, R(61), 0xA4506CEB);
963 P (C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7);
964 P (B, C, D, E, F, G, H, A, R(63), 0xC67178F2);
965
966 #undef SHR
967 #undef ROTR
968 #undef S0
969 #undef S1
970 #undef S2
971 #undef S3
972 #undef F0
973 #undef F1
974 #undef R
975 #undef P
976
977 buf[0] += A;
978 buf[1] += B;
979 buf[2] += C;
980 buf[3] += D;
981 buf[4] += E;
982 buf[5] += F;
983 buf[6] += G;
984 buf[7] += H;
985 }
986
987 static void
sha256_sum_update(Sha256sum * sha256,const guchar * buffer,gsize length)988 sha256_sum_update (Sha256sum *sha256,
989 const guchar *buffer,
990 gsize length)
991 {
992 guint32 left, fill;
993 const guint8 *input = buffer;
994
995 if (length == 0)
996 return;
997
998 left = sha256->bits[0] & 0x3F;
999 fill = 64 - left;
1000
1001 sha256->bits[0] += length;
1002 sha256->bits[0] &= 0xFFFFFFFF;
1003
1004 if (sha256->bits[0] < length)
1005 sha256->bits[1]++;
1006
1007 if (left > 0 && length >= fill)
1008 {
1009 memcpy ((sha256->data + left), input, fill);
1010
1011 sha256_transform (sha256->buf, sha256->data);
1012 length -= fill;
1013 input += fill;
1014
1015 left = 0;
1016 }
1017
1018 while (length >= SHA256_DATASIZE)
1019 {
1020 sha256_transform (sha256->buf, input);
1021
1022 length -= 64;
1023 input += 64;
1024 }
1025
1026 if (length)
1027 memcpy (sha256->data + left, input, length);
1028 }
1029
1030 static guint8 sha256_padding[64] =
1031 {
1032 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1033 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1034 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1035 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
1036 };
1037
1038 static void
sha256_sum_close(Sha256sum * sha256)1039 sha256_sum_close (Sha256sum *sha256)
1040 {
1041 guint32 last, padn;
1042 guint32 high, low;
1043 guint8 msglen[8];
1044
1045 high = (sha256->bits[0] >> 29)
1046 | (sha256->bits[1] << 3);
1047 low = (sha256->bits[0] << 3);
1048
1049 PUT_UINT32 (high, msglen, 0);
1050 PUT_UINT32 (low, msglen, 4);
1051
1052 last = sha256->bits[0] & 0x3F;
1053 padn = (last < 56) ? (56 - last) : (120 - last);
1054
1055 sha256_sum_update (sha256, sha256_padding, padn);
1056 sha256_sum_update (sha256, msglen, 8);
1057
1058 PUT_UINT32 (sha256->buf[0], sha256->digest, 0);
1059 PUT_UINT32 (sha256->buf[1], sha256->digest, 4);
1060 PUT_UINT32 (sha256->buf[2], sha256->digest, 8);
1061 PUT_UINT32 (sha256->buf[3], sha256->digest, 12);
1062 PUT_UINT32 (sha256->buf[4], sha256->digest, 16);
1063 PUT_UINT32 (sha256->buf[5], sha256->digest, 20);
1064 PUT_UINT32 (sha256->buf[6], sha256->digest, 24);
1065 PUT_UINT32 (sha256->buf[7], sha256->digest, 28);
1066 }
1067
1068 #undef PUT_UINT32
1069 #undef GET_UINT32
1070
1071 static gchar *
sha256_sum_to_string(Sha256sum * sha256)1072 sha256_sum_to_string (Sha256sum *sha256)
1073 {
1074 return digest_to_string (sha256->digest, SHA256_DIGEST_LEN);
1075 }
1076
1077 static void
sha256_sum_digest(Sha256sum * sha256,guint8 * digest)1078 sha256_sum_digest (Sha256sum *sha256,
1079 guint8 *digest)
1080 {
1081 gint i;
1082
1083 for (i = 0; i < SHA256_DIGEST_LEN; i++)
1084 digest[i] = sha256->digest[i];
1085 }
1086
1087 /*
1088 * SHA-384, SHA-512, SHA-512/224 and SHA-512/256 Checksums
1089 *
1090 * Implemented following FIPS-180-4 standard at
1091 * http://csrc.nist.gov/publications/fips/fips180-4/fips180-4.pdf.
1092 * References in the form [§x.y.z] map to sections in that document.
1093 *
1094 * Author(s): Eduardo Lima Mitev <elima@igalia.com>
1095 * Igor Gnatenko <ignatenko@src.gnome.org>
1096 */
1097
1098 /* SHA-384, SHA-512, SHA-512/224 and SHA-512/256 functions [§4.1.3] */
1099 #define Ch(x,y,z) ((x & y) ^ (~x & z))
1100 #define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
1101 #define SHR(n,x) (x >> n)
1102 #define ROTR(n,x) (SHR (n, x) | (x << (64 - n)))
1103 #define SIGMA0(x) (ROTR (28, x) ^ ROTR (34, x) ^ ROTR (39, x))
1104 #define SIGMA1(x) (ROTR (14, x) ^ ROTR (18, x) ^ ROTR (41, x))
1105 #define sigma0(x) (ROTR ( 1, x) ^ ROTR ( 8, x) ^ SHR ( 7, x))
1106 #define sigma1(x) (ROTR (19, x) ^ ROTR (61, x) ^ SHR ( 6, x))
1107
1108 #define PUT_UINT64(n,b,i) G_STMT_START{ \
1109 (b)[(i) ] = (guint8) (n >> 56); \
1110 (b)[(i) + 1] = (guint8) (n >> 48); \
1111 (b)[(i) + 2] = (guint8) (n >> 40); \
1112 (b)[(i) + 3] = (guint8) (n >> 32); \
1113 (b)[(i) + 4] = (guint8) (n >> 24); \
1114 (b)[(i) + 5] = (guint8) (n >> 16); \
1115 (b)[(i) + 6] = (guint8) (n >> 8); \
1116 (b)[(i) + 7] = (guint8) (n ); } G_STMT_END
1117
1118 /* SHA-384 and SHA-512 constants [§4.2.3] */
1119 static const guint64 SHA2_K[80] = {
1120 G_GUINT64_CONSTANT (0x428a2f98d728ae22), G_GUINT64_CONSTANT (0x7137449123ef65cd),
1121 G_GUINT64_CONSTANT (0xb5c0fbcfec4d3b2f), G_GUINT64_CONSTANT (0xe9b5dba58189dbbc),
1122 G_GUINT64_CONSTANT (0x3956c25bf348b538), G_GUINT64_CONSTANT (0x59f111f1b605d019),
1123 G_GUINT64_CONSTANT (0x923f82a4af194f9b), G_GUINT64_CONSTANT (0xab1c5ed5da6d8118),
1124 G_GUINT64_CONSTANT (0xd807aa98a3030242), G_GUINT64_CONSTANT (0x12835b0145706fbe),
1125 G_GUINT64_CONSTANT (0x243185be4ee4b28c), G_GUINT64_CONSTANT (0x550c7dc3d5ffb4e2),
1126 G_GUINT64_CONSTANT (0x72be5d74f27b896f), G_GUINT64_CONSTANT (0x80deb1fe3b1696b1),
1127 G_GUINT64_CONSTANT (0x9bdc06a725c71235), G_GUINT64_CONSTANT (0xc19bf174cf692694),
1128 G_GUINT64_CONSTANT (0xe49b69c19ef14ad2), G_GUINT64_CONSTANT (0xefbe4786384f25e3),
1129 G_GUINT64_CONSTANT (0x0fc19dc68b8cd5b5), G_GUINT64_CONSTANT (0x240ca1cc77ac9c65),
1130 G_GUINT64_CONSTANT (0x2de92c6f592b0275), G_GUINT64_CONSTANT (0x4a7484aa6ea6e483),
1131 G_GUINT64_CONSTANT (0x5cb0a9dcbd41fbd4), G_GUINT64_CONSTANT (0x76f988da831153b5),
1132 G_GUINT64_CONSTANT (0x983e5152ee66dfab), G_GUINT64_CONSTANT (0xa831c66d2db43210),
1133 G_GUINT64_CONSTANT (0xb00327c898fb213f), G_GUINT64_CONSTANT (0xbf597fc7beef0ee4),
1134 G_GUINT64_CONSTANT (0xc6e00bf33da88fc2), G_GUINT64_CONSTANT (0xd5a79147930aa725),
1135 G_GUINT64_CONSTANT (0x06ca6351e003826f), G_GUINT64_CONSTANT (0x142929670a0e6e70),
1136 G_GUINT64_CONSTANT (0x27b70a8546d22ffc), G_GUINT64_CONSTANT (0x2e1b21385c26c926),
1137 G_GUINT64_CONSTANT (0x4d2c6dfc5ac42aed), G_GUINT64_CONSTANT (0x53380d139d95b3df),
1138 G_GUINT64_CONSTANT (0x650a73548baf63de), G_GUINT64_CONSTANT (0x766a0abb3c77b2a8),
1139 G_GUINT64_CONSTANT (0x81c2c92e47edaee6), G_GUINT64_CONSTANT (0x92722c851482353b),
1140 G_GUINT64_CONSTANT (0xa2bfe8a14cf10364), G_GUINT64_CONSTANT (0xa81a664bbc423001),
1141 G_GUINT64_CONSTANT (0xc24b8b70d0f89791), G_GUINT64_CONSTANT (0xc76c51a30654be30),
1142 G_GUINT64_CONSTANT (0xd192e819d6ef5218), G_GUINT64_CONSTANT (0xd69906245565a910),
1143 G_GUINT64_CONSTANT (0xf40e35855771202a), G_GUINT64_CONSTANT (0x106aa07032bbd1b8),
1144 G_GUINT64_CONSTANT (0x19a4c116b8d2d0c8), G_GUINT64_CONSTANT (0x1e376c085141ab53),
1145 G_GUINT64_CONSTANT (0x2748774cdf8eeb99), G_GUINT64_CONSTANT (0x34b0bcb5e19b48a8),
1146 G_GUINT64_CONSTANT (0x391c0cb3c5c95a63), G_GUINT64_CONSTANT (0x4ed8aa4ae3418acb),
1147 G_GUINT64_CONSTANT (0x5b9cca4f7763e373), G_GUINT64_CONSTANT (0x682e6ff3d6b2b8a3),
1148 G_GUINT64_CONSTANT (0x748f82ee5defb2fc), G_GUINT64_CONSTANT (0x78a5636f43172f60),
1149 G_GUINT64_CONSTANT (0x84c87814a1f0ab72), G_GUINT64_CONSTANT (0x8cc702081a6439ec),
1150 G_GUINT64_CONSTANT (0x90befffa23631e28), G_GUINT64_CONSTANT (0xa4506cebde82bde9),
1151 G_GUINT64_CONSTANT (0xbef9a3f7b2c67915), G_GUINT64_CONSTANT (0xc67178f2e372532b),
1152 G_GUINT64_CONSTANT (0xca273eceea26619c), G_GUINT64_CONSTANT (0xd186b8c721c0c207),
1153 G_GUINT64_CONSTANT (0xeada7dd6cde0eb1e), G_GUINT64_CONSTANT (0xf57d4f7fee6ed178),
1154 G_GUINT64_CONSTANT (0x06f067aa72176fba), G_GUINT64_CONSTANT (0x0a637dc5a2c898a6),
1155 G_GUINT64_CONSTANT (0x113f9804bef90dae), G_GUINT64_CONSTANT (0x1b710b35131c471b),
1156 G_GUINT64_CONSTANT (0x28db77f523047d84), G_GUINT64_CONSTANT (0x32caab7b40c72493),
1157 G_GUINT64_CONSTANT (0x3c9ebe0a15c9bebc), G_GUINT64_CONSTANT (0x431d67c49c100d4c),
1158 G_GUINT64_CONSTANT (0x4cc5d4becb3e42b6), G_GUINT64_CONSTANT (0x597f299cfc657e2a),
1159 G_GUINT64_CONSTANT (0x5fcb6fab3ad6faec), G_GUINT64_CONSTANT (0x6c44198c4a475817)
1160 };
1161
1162
1163 static void
sha384_sum_init(Sha512sum * sha512)1164 sha384_sum_init (Sha512sum *sha512)
1165 {
1166 /* Initial Hash Value [§5.3.4] */
1167 sha512->H[0] = G_GUINT64_CONSTANT (0xcbbb9d5dc1059ed8);
1168 sha512->H[1] = G_GUINT64_CONSTANT (0x629a292a367cd507);
1169 sha512->H[2] = G_GUINT64_CONSTANT (0x9159015a3070dd17);
1170 sha512->H[3] = G_GUINT64_CONSTANT (0x152fecd8f70e5939);
1171 sha512->H[4] = G_GUINT64_CONSTANT (0x67332667ffc00b31);
1172 sha512->H[5] = G_GUINT64_CONSTANT (0x8eb44a8768581511);
1173 sha512->H[6] = G_GUINT64_CONSTANT (0xdb0c2e0d64f98fa7);
1174 sha512->H[7] = G_GUINT64_CONSTANT (0x47b5481dbefa4fa4);
1175
1176 sha512->block_len = 0;
1177
1178 sha512->data_len[0] = 0;
1179 sha512->data_len[1] = 0;
1180 }
1181
1182 static void
sha512_sum_init(Sha512sum * sha512)1183 sha512_sum_init (Sha512sum *sha512)
1184 {
1185 /* Initial Hash Value [§5.3.5] */
1186 sha512->H[0] = G_GUINT64_CONSTANT (0x6a09e667f3bcc908);
1187 sha512->H[1] = G_GUINT64_CONSTANT (0xbb67ae8584caa73b);
1188 sha512->H[2] = G_GUINT64_CONSTANT (0x3c6ef372fe94f82b);
1189 sha512->H[3] = G_GUINT64_CONSTANT (0xa54ff53a5f1d36f1);
1190 sha512->H[4] = G_GUINT64_CONSTANT (0x510e527fade682d1);
1191 sha512->H[5] = G_GUINT64_CONSTANT (0x9b05688c2b3e6c1f);
1192 sha512->H[6] = G_GUINT64_CONSTANT (0x1f83d9abfb41bd6b);
1193 sha512->H[7] = G_GUINT64_CONSTANT (0x5be0cd19137e2179);
1194
1195 sha512->block_len = 0;
1196
1197 sha512->data_len[0] = 0;
1198 sha512->data_len[1] = 0;
1199 }
1200
1201 static void
sha512_transform(guint64 H[8],guint8 const data[SHA2_BLOCK_LEN])1202 sha512_transform (guint64 H[8],
1203 guint8 const data[SHA2_BLOCK_LEN])
1204 {
1205 gint i;
1206 gint t;
1207 guint64 a, b, c, d, e, f, g, h;
1208 guint64 M[16];
1209 guint64 W[80];
1210
1211 /* SHA-512 hash computation [§6.4.2] */
1212
1213 /* prepare the message schedule */
1214 for (i = 0; i < 16; i++)
1215 {
1216 gint p = i * 8;
1217
1218 M[i] =
1219 ((guint64) data[p + 0] << 56) |
1220 ((guint64) data[p + 1] << 48) |
1221 ((guint64) data[p + 2] << 40) |
1222 ((guint64) data[p + 3] << 32) |
1223 ((guint64) data[p + 4] << 24) |
1224 ((guint64) data[p + 5] << 16) |
1225 ((guint64) data[p + 6] << 8) |
1226 ((guint64) data[p + 7] );
1227 }
1228
1229 for (t = 0; t < 80; t++)
1230 if (t < 16)
1231 W[t] = M[t];
1232 else
1233 W[t] = sigma1 (W[t - 2]) + W[t - 7] + sigma0 (W[t - 15]) + W[t - 16];
1234
1235 /* initialize the eight working variables */
1236 a = H[0];
1237 b = H[1];
1238 c = H[2];
1239 d = H[3];
1240 e = H[4];
1241 f = H[5];
1242 g = H[6];
1243 h = H[7];
1244
1245 for (t = 0; t < 80; t++)
1246 {
1247 guint64 T1, T2;
1248
1249 T1 = h + SIGMA1 (e) + Ch (e, f, g) + SHA2_K[t] + W[t];
1250 T2 = SIGMA0 (a) + Maj (a, b, c);
1251 h = g;
1252 g = f;
1253 f = e;
1254 e = d + T1;
1255 d = c;
1256 c = b;
1257 b = a;
1258 a = T1 + T2;
1259 }
1260
1261 /* Compute the intermediate hash value H */
1262 H[0] += a;
1263 H[1] += b;
1264 H[2] += c;
1265 H[3] += d;
1266 H[4] += e;
1267 H[5] += f;
1268 H[6] += g;
1269 H[7] += h;
1270 }
1271
1272 static void
sha512_sum_update(Sha512sum * sha512,const guchar * buffer,gsize length)1273 sha512_sum_update (Sha512sum *sha512,
1274 const guchar *buffer,
1275 gsize length)
1276 {
1277 gsize block_left, offset = 0;
1278
1279 if (length == 0)
1280 return;
1281
1282 sha512->data_len[0] += length * 8;
1283 if (sha512->data_len[0] < length)
1284 sha512->data_len[1]++;
1285
1286 /* try to fill current block */
1287 block_left = SHA2_BLOCK_LEN - sha512->block_len;
1288 if (block_left > 0)
1289 {
1290 gsize fill_len;
1291
1292 fill_len = MIN (block_left, length);
1293 memcpy (sha512->block + sha512->block_len, buffer, fill_len);
1294 sha512->block_len += fill_len;
1295 length -= fill_len;
1296 offset += fill_len;
1297
1298 if (sha512->block_len == SHA2_BLOCK_LEN)
1299 {
1300 sha512_transform (sha512->H, sha512->block);
1301 sha512->block_len = 0;
1302 }
1303 }
1304
1305 /* process complete blocks */
1306 while (length >= SHA2_BLOCK_LEN)
1307 {
1308 memcpy (sha512->block, buffer + offset, SHA2_BLOCK_LEN);
1309
1310 sha512_transform (sha512->H, sha512->block);
1311
1312 length -= SHA2_BLOCK_LEN;
1313 offset += SHA2_BLOCK_LEN;
1314 }
1315
1316 /* keep remaining data for next block */
1317 if (length > 0)
1318 {
1319 memcpy (sha512->block, buffer + offset, length);
1320 sha512->block_len = length;
1321 }
1322 }
1323
1324 static void
sha512_sum_close(Sha512sum * sha512)1325 sha512_sum_close (Sha512sum *sha512)
1326 {
1327 guint l;
1328 gint zeros;
1329 guint8 pad[SHA2_BLOCK_LEN * 2] = { 0, };
1330 guint pad_len = 0;
1331 gint i;
1332
1333 /* apply padding [§5.1.2] */
1334 l = sha512->block_len * 8;
1335 zeros = 896 - (l + 1);
1336
1337 if (zeros < 0)
1338 zeros += 128 * 8;
1339
1340 pad[0] = 0x80; /* 1000 0000 */
1341 zeros -= 7;
1342 pad_len++;
1343
1344 memset (pad + pad_len, 0x00, zeros / 8);
1345 pad_len += zeros / 8;
1346 zeros = zeros % 8;
1347 (void) zeros; /* don’t care about the dead store */
1348
1349 /* put message bit length at the end of padding */
1350 PUT_UINT64 (sha512->data_len[1], pad, pad_len);
1351 pad_len += 8;
1352
1353 PUT_UINT64 (sha512->data_len[0], pad, pad_len);
1354 pad_len += 8;
1355
1356 /* update checksum with the padded block */
1357 sha512_sum_update (sha512, pad, pad_len);
1358
1359 /* copy resulting 64-bit words into digest */
1360 for (i = 0; i < 8; i++)
1361 PUT_UINT64 (sha512->H[i], sha512->digest, i * 8);
1362 }
1363
1364 static gchar *
sha384_sum_to_string(Sha512sum * sha512)1365 sha384_sum_to_string (Sha512sum *sha512)
1366 {
1367 return digest_to_string (sha512->digest, SHA384_DIGEST_LEN);
1368 }
1369
1370 static gchar *
sha512_sum_to_string(Sha512sum * sha512)1371 sha512_sum_to_string (Sha512sum *sha512)
1372 {
1373 return digest_to_string (sha512->digest, SHA512_DIGEST_LEN);
1374 }
1375
1376 static void
sha384_sum_digest(Sha512sum * sha512,guint8 * digest)1377 sha384_sum_digest (Sha512sum *sha512,
1378 guint8 *digest)
1379 {
1380 memcpy (digest, sha512->digest, SHA384_DIGEST_LEN);
1381 }
1382
1383 static void
sha512_sum_digest(Sha512sum * sha512,guint8 * digest)1384 sha512_sum_digest (Sha512sum *sha512,
1385 guint8 *digest)
1386 {
1387 memcpy (digest, sha512->digest, SHA512_DIGEST_LEN);
1388 }
1389
1390 #undef Ch
1391 #undef Maj
1392 #undef SHR
1393 #undef ROTR
1394 #undef SIGMA0
1395 #undef SIGMA1
1396 #undef sigma0
1397 #undef sigma1
1398
1399 #undef PUT_UINT64
1400
1401 /*
1402 * Public API
1403 */
1404
1405 /**
1406 * g_checksum_type_get_length:
1407 * @checksum_type: a #GChecksumType
1408 *
1409 * Gets the length in bytes of digests of type @checksum_type
1410 *
1411 * Returns: the checksum length, or -1 if @checksum_type is
1412 * not supported.
1413 *
1414 * Since: 2.16
1415 */
1416 gssize
g_checksum_type_get_length(GChecksumType checksum_type)1417 g_checksum_type_get_length (GChecksumType checksum_type)
1418 {
1419 gssize len = -1;
1420
1421 switch (checksum_type)
1422 {
1423 case G_CHECKSUM_MD5:
1424 len = MD5_DIGEST_LEN;
1425 break;
1426 case G_CHECKSUM_SHA1:
1427 len = SHA1_DIGEST_LEN;
1428 break;
1429 case G_CHECKSUM_SHA256:
1430 len = SHA256_DIGEST_LEN;
1431 break;
1432 case G_CHECKSUM_SHA384:
1433 len = SHA384_DIGEST_LEN;
1434 break;
1435 case G_CHECKSUM_SHA512:
1436 len = SHA512_DIGEST_LEN;
1437 break;
1438 default:
1439 len = -1;
1440 break;
1441 }
1442
1443 return len;
1444 }
1445
1446 /**
1447 * g_checksum_new:
1448 * @checksum_type: the desired type of checksum
1449 *
1450 * Creates a new #GChecksum, using the checksum algorithm @checksum_type.
1451 * If the @checksum_type is not known, %NULL is returned.
1452 * A #GChecksum can be used to compute the checksum, or digest, of an
1453 * arbitrary binary blob, using different hashing algorithms.
1454 *
1455 * A #GChecksum works by feeding a binary blob through g_checksum_update()
1456 * until there is data to be checked; the digest can then be extracted
1457 * using g_checksum_get_string(), which will return the checksum as a
1458 * hexadecimal string; or g_checksum_get_digest(), which will return a
1459 * vector of raw bytes. Once either g_checksum_get_string() or
1460 * g_checksum_get_digest() have been called on a #GChecksum, the checksum
1461 * will be closed and it won't be possible to call g_checksum_update()
1462 * on it anymore.
1463 *
1464 * Returns: (transfer full) (nullable): the newly created #GChecksum, or %NULL.
1465 * Use g_checksum_free() to free the memory allocated by it.
1466 *
1467 * Since: 2.16
1468 */
1469 GChecksum *
g_checksum_new(GChecksumType checksum_type)1470 g_checksum_new (GChecksumType checksum_type)
1471 {
1472 GChecksum *checksum;
1473
1474 if (! IS_VALID_TYPE (checksum_type))
1475 return NULL;
1476
1477 checksum = g_slice_new0 (GChecksum);
1478 checksum->type = checksum_type;
1479
1480 g_checksum_reset (checksum);
1481
1482 return checksum;
1483 }
1484
1485 /**
1486 * g_checksum_reset:
1487 * @checksum: the #GChecksum to reset
1488 *
1489 * Resets the state of the @checksum back to its initial state.
1490 *
1491 * Since: 2.18
1492 **/
1493 void
g_checksum_reset(GChecksum * checksum)1494 g_checksum_reset (GChecksum *checksum)
1495 {
1496 g_return_if_fail (checksum != NULL);
1497
1498 g_free (checksum->digest_str);
1499 checksum->digest_str = NULL;
1500
1501 switch (checksum->type)
1502 {
1503 case G_CHECKSUM_MD5:
1504 md5_sum_init (&(checksum->sum.md5));
1505 break;
1506 case G_CHECKSUM_SHA1:
1507 sha1_sum_init (&(checksum->sum.sha1));
1508 break;
1509 case G_CHECKSUM_SHA256:
1510 sha256_sum_init (&(checksum->sum.sha256));
1511 break;
1512 case G_CHECKSUM_SHA384:
1513 sha384_sum_init (&(checksum->sum.sha512));
1514 break;
1515 case G_CHECKSUM_SHA512:
1516 sha512_sum_init (&(checksum->sum.sha512));
1517 break;
1518 default:
1519 g_assert_not_reached ();
1520 break;
1521 }
1522 }
1523
1524 /**
1525 * g_checksum_copy:
1526 * @checksum: the #GChecksum to copy
1527 *
1528 * Copies a #GChecksum. If @checksum has been closed, by calling
1529 * g_checksum_get_string() or g_checksum_get_digest(), the copied
1530 * checksum will be closed as well.
1531 *
1532 * Returns: (transfer full): the copy of the passed #GChecksum. Use
1533 * g_checksum_free() when finished using it.
1534 *
1535 * Since: 2.16
1536 */
1537 GChecksum *
g_checksum_copy(const GChecksum * checksum)1538 g_checksum_copy (const GChecksum *checksum)
1539 {
1540 GChecksum *copy;
1541
1542 g_return_val_if_fail (checksum != NULL, NULL);
1543
1544 copy = g_slice_new (GChecksum);
1545 *copy = *checksum;
1546
1547 copy->digest_str = g_strdup (checksum->digest_str);
1548
1549 return copy;
1550 }
1551
1552 /**
1553 * g_checksum_free:
1554 * @checksum: a #GChecksum
1555 *
1556 * Frees the memory allocated for @checksum.
1557 *
1558 * Since: 2.16
1559 */
1560 void
g_checksum_free(GChecksum * checksum)1561 g_checksum_free (GChecksum *checksum)
1562 {
1563 if (G_LIKELY (checksum))
1564 {
1565 g_free (checksum->digest_str);
1566
1567 g_slice_free (GChecksum, checksum);
1568 }
1569 }
1570
1571 /**
1572 * g_checksum_update:
1573 * @checksum: a #GChecksum
1574 * @data: (array length=length) (element-type guint8): buffer used to compute the checksum
1575 * @length: size of the buffer, or -1 if it is a null-terminated string.
1576 *
1577 * Feeds @data into an existing #GChecksum. The checksum must still be
1578 * open, that is g_checksum_get_string() or g_checksum_get_digest() must
1579 * not have been called on @checksum.
1580 *
1581 * Since: 2.16
1582 */
1583 void
g_checksum_update(GChecksum * checksum,const guchar * data,gssize length)1584 g_checksum_update (GChecksum *checksum,
1585 const guchar *data,
1586 gssize length)
1587 {
1588 g_return_if_fail (checksum != NULL);
1589 g_return_if_fail (length == 0 || data != NULL);
1590
1591 if (length < 0)
1592 length = strlen ((const gchar *) data);
1593
1594 if (checksum->digest_str)
1595 {
1596 g_warning ("The checksum '%s' has been closed and cannot be updated "
1597 "anymore.",
1598 checksum->digest_str);
1599 return;
1600 }
1601
1602 switch (checksum->type)
1603 {
1604 case G_CHECKSUM_MD5:
1605 md5_sum_update (&(checksum->sum.md5), data, length);
1606 break;
1607 case G_CHECKSUM_SHA1:
1608 sha1_sum_update (&(checksum->sum.sha1), data, length);
1609 break;
1610 case G_CHECKSUM_SHA256:
1611 sha256_sum_update (&(checksum->sum.sha256), data, length);
1612 break;
1613 case G_CHECKSUM_SHA384:
1614 case G_CHECKSUM_SHA512:
1615 sha512_sum_update (&(checksum->sum.sha512), data, length);
1616 break;
1617 default:
1618 g_assert_not_reached ();
1619 break;
1620 }
1621 }
1622
1623 /**
1624 * g_checksum_get_string:
1625 * @checksum: a #GChecksum
1626 *
1627 * Gets the digest as a hexadecimal string.
1628 *
1629 * Once this function has been called the #GChecksum can no longer be
1630 * updated with g_checksum_update().
1631 *
1632 * The hexadecimal characters will be lower case.
1633 *
1634 * Returns: the hexadecimal representation of the checksum. The
1635 * returned string is owned by the checksum and should not be modified
1636 * or freed.
1637 *
1638 * Since: 2.16
1639 */
1640 const gchar *
g_checksum_get_string(GChecksum * checksum)1641 g_checksum_get_string (GChecksum *checksum)
1642 {
1643 gchar *str = NULL;
1644
1645 g_return_val_if_fail (checksum != NULL, NULL);
1646
1647 if (checksum->digest_str)
1648 return checksum->digest_str;
1649
1650 switch (checksum->type)
1651 {
1652 case G_CHECKSUM_MD5:
1653 md5_sum_close (&(checksum->sum.md5));
1654 str = md5_sum_to_string (&(checksum->sum.md5));
1655 break;
1656 case G_CHECKSUM_SHA1:
1657 sha1_sum_close (&(checksum->sum.sha1));
1658 str = sha1_sum_to_string (&(checksum->sum.sha1));
1659 break;
1660 case G_CHECKSUM_SHA256:
1661 sha256_sum_close (&(checksum->sum.sha256));
1662 str = sha256_sum_to_string (&(checksum->sum.sha256));
1663 break;
1664 case G_CHECKSUM_SHA384:
1665 sha512_sum_close (&(checksum->sum.sha512));
1666 str = sha384_sum_to_string (&(checksum->sum.sha512));
1667 break;
1668 case G_CHECKSUM_SHA512:
1669 sha512_sum_close (&(checksum->sum.sha512));
1670 str = sha512_sum_to_string (&(checksum->sum.sha512));
1671 break;
1672 default:
1673 g_assert_not_reached ();
1674 break;
1675 }
1676
1677 checksum->digest_str = str;
1678
1679 return checksum->digest_str;
1680 }
1681
1682 /**
1683 * g_checksum_get_digest: (skip)
1684 * @checksum: a #GChecksum
1685 * @buffer: (array length=digest_len): output buffer
1686 * @digest_len: (inout): an inout parameter. The caller initializes it to the size of @buffer.
1687 * After the call it contains the length of the digest.
1688 *
1689 * Gets the digest from @checksum as a raw binary vector and places it
1690 * into @buffer. The size of the digest depends on the type of checksum.
1691 *
1692 * Once this function has been called, the #GChecksum is closed and can
1693 * no longer be updated with g_checksum_update().
1694 *
1695 * Since: 2.16
1696 */
1697 void
g_checksum_get_digest(GChecksum * checksum,guint8 * buffer,gsize * digest_len)1698 g_checksum_get_digest (GChecksum *checksum,
1699 guint8 *buffer,
1700 gsize *digest_len)
1701 {
1702 gboolean checksum_open = FALSE;
1703 gchar *str = NULL;
1704 gsize len;
1705
1706 g_return_if_fail (checksum != NULL);
1707
1708 len = g_checksum_type_get_length (checksum->type);
1709 g_return_if_fail (*digest_len >= len);
1710
1711 checksum_open = !!(checksum->digest_str == NULL);
1712
1713 switch (checksum->type)
1714 {
1715 case G_CHECKSUM_MD5:
1716 if (checksum_open)
1717 {
1718 md5_sum_close (&(checksum->sum.md5));
1719 str = md5_sum_to_string (&(checksum->sum.md5));
1720 }
1721 md5_sum_digest (&(checksum->sum.md5), buffer);
1722 break;
1723 case G_CHECKSUM_SHA1:
1724 if (checksum_open)
1725 {
1726 sha1_sum_close (&(checksum->sum.sha1));
1727 str = sha1_sum_to_string (&(checksum->sum.sha1));
1728 }
1729 sha1_sum_digest (&(checksum->sum.sha1), buffer);
1730 break;
1731 case G_CHECKSUM_SHA256:
1732 if (checksum_open)
1733 {
1734 sha256_sum_close (&(checksum->sum.sha256));
1735 str = sha256_sum_to_string (&(checksum->sum.sha256));
1736 }
1737 sha256_sum_digest (&(checksum->sum.sha256), buffer);
1738 break;
1739 case G_CHECKSUM_SHA384:
1740 if (checksum_open)
1741 {
1742 sha512_sum_close (&(checksum->sum.sha512));
1743 str = sha384_sum_to_string (&(checksum->sum.sha512));
1744 }
1745 sha384_sum_digest (&(checksum->sum.sha512), buffer);
1746 break;
1747 case G_CHECKSUM_SHA512:
1748 if (checksum_open)
1749 {
1750 sha512_sum_close (&(checksum->sum.sha512));
1751 str = sha512_sum_to_string (&(checksum->sum.sha512));
1752 }
1753 sha512_sum_digest (&(checksum->sum.sha512), buffer);
1754 break;
1755 default:
1756 g_assert_not_reached ();
1757 break;
1758 }
1759
1760 if (str)
1761 checksum->digest_str = str;
1762
1763 *digest_len = len;
1764 }
1765
1766 /**
1767 * g_compute_checksum_for_data:
1768 * @checksum_type: a #GChecksumType
1769 * @data: (array length=length) (element-type guint8): binary blob to compute the digest of
1770 * @length: length of @data
1771 *
1772 * Computes the checksum for a binary @data of @length. This is a
1773 * convenience wrapper for g_checksum_new(), g_checksum_get_string()
1774 * and g_checksum_free().
1775 *
1776 * The hexadecimal string returned will be in lower case.
1777 *
1778 * Returns: (transfer full) (nullable): the digest of the binary data as a
1779 * string in hexadecimal, or %NULL if g_checksum_new() fails for
1780 * @checksum_type. The returned string should be freed with g_free() when
1781 * done using it.
1782 *
1783 * Since: 2.16
1784 */
1785 gchar *
g_compute_checksum_for_data(GChecksumType checksum_type,const guchar * data,gsize length)1786 g_compute_checksum_for_data (GChecksumType checksum_type,
1787 const guchar *data,
1788 gsize length)
1789 {
1790 GChecksum *checksum;
1791 gchar *retval;
1792
1793 g_return_val_if_fail (length == 0 || data != NULL, NULL);
1794
1795 checksum = g_checksum_new (checksum_type);
1796 if (!checksum)
1797 return NULL;
1798
1799 g_checksum_update (checksum, data, length);
1800 retval = g_strdup (g_checksum_get_string (checksum));
1801 g_checksum_free (checksum);
1802
1803 return retval;
1804 }
1805
1806 /**
1807 * g_compute_checksum_for_string:
1808 * @checksum_type: a #GChecksumType
1809 * @str: the string to compute the checksum of
1810 * @length: the length of the string, or -1 if the string is null-terminated.
1811 *
1812 * Computes the checksum of a string.
1813 *
1814 * The hexadecimal string returned will be in lower case.
1815 *
1816 * Returns: (transfer full) (nullable): the checksum as a hexadecimal string,
1817 * or %NULL if g_checksum_new() fails for @checksum_type. The returned string
1818 * should be freed with g_free() when done using it.
1819 *
1820 * Since: 2.16
1821 */
1822 gchar *
g_compute_checksum_for_string(GChecksumType checksum_type,const gchar * str,gssize length)1823 g_compute_checksum_for_string (GChecksumType checksum_type,
1824 const gchar *str,
1825 gssize length)
1826 {
1827 g_return_val_if_fail (length == 0 || str != NULL, NULL);
1828
1829 if (length < 0)
1830 length = strlen (str);
1831
1832 return g_compute_checksum_for_data (checksum_type, (const guchar *) str, length);
1833 }
1834
1835 /**
1836 * g_compute_checksum_for_bytes:
1837 * @checksum_type: a #GChecksumType
1838 * @data: binary blob to compute the digest of
1839 *
1840 * Computes the checksum for a binary @data. This is a
1841 * convenience wrapper for g_checksum_new(), g_checksum_get_string()
1842 * and g_checksum_free().
1843 *
1844 * The hexadecimal string returned will be in lower case.
1845 *
1846 * Returns: (transfer full) (nullable): the digest of the binary data as a
1847 * string in hexadecimal, or %NULL if g_checksum_new() fails for
1848 * @checksum_type. The returned string should be freed with g_free() when
1849 * done using it.
1850 *
1851 * Since: 2.34
1852 */
1853 gchar *
g_compute_checksum_for_bytes(GChecksumType checksum_type,GBytes * data)1854 g_compute_checksum_for_bytes (GChecksumType checksum_type,
1855 GBytes *data)
1856 {
1857 gconstpointer byte_data;
1858 gsize length;
1859
1860 g_return_val_if_fail (data != NULL, NULL);
1861
1862 byte_data = g_bytes_get_data (data, &length);
1863 return g_compute_checksum_for_data (checksum_type, byte_data, length);
1864 }
1865