diff options
| author | Dan Brown <dan@weetabix> | 2021-05-31 22:45:51 +0200 |
|---|---|---|
| committer | Rob Landley <rob@landley.net> | 2021-06-01 14:05:50 -0500 |
| commit | 2513951e9e3449ec8fb585fc5c2b52e0131131ce (patch) | |
| tree | 6a6a7bf99e2609bf24084f5ed68fa33c373998e2 | |
| parent | db3e9003c5f2c9b10b258728d82dff796c4379de (diff) | |
| download | toybox-2513951e9e3449ec8fb585fc5c2b52e0131131ce.tar.gz | |
first rough version of built-in hash sums
| -rw-r--r-- | toys/lsb/md5sum.c | 393 |
1 files changed, 327 insertions, 66 deletions
diff --git a/toys/lsb/md5sum.c b/toys/lsb/md5sum.c index 99c5faa9..29d22ee8 100644 --- a/toys/lsb/md5sum.c +++ b/toys/lsb/md5sum.c @@ -90,6 +90,7 @@ GLOBALS( int sawline; enum hashmethods { + // TODO: are these names already in use? MD5, SHA1, SHA224, @@ -98,22 +99,30 @@ GLOBALS( SHA512 } hashmethod; - unsigned *rconsttable; - unsigned long *rconsttable64; // for sha384/512 + uint32_t *rconsttable32; + uint64_t *rconsttable64; // for sha384,sha512 // Crypto variables blanked after summing - unsigned state[8], oldstate[8]; - unsigned long state64[8], oldstate64[8]; - unsigned long long count; union { - char c[64]; // bytes. md5 uses 16 of them. - unsigned i[16]; // words - unsigned long i64[16]; // words for sha384/512 + uint32_t i32[8]; // for md5,sha1,sha224,sha256 + uint64_t i64[8]; // for sha384,sha512 + } state; + unsigned long long count; // this is a 64 bit number, which + // is less than the 128 bits needed + // for sha384 and sha512. However, + // we use 64 bits for all methods + // because it would only affect + // hash values for input data that + // is larger than about 23 petabytes + union { + char c[128]; // bytes, 1024 bits + uint32_t i32[16]; // 512 bits for md5,sha1,sha224,sha256 + uint64_t i64[16]; // 1024 bits for sha384,sha512 } buffer; ) // Round constants. Static table for when we haven't got floating point support #if ! CFG_TOYBOX_FLOAT -static unsigned md5nofloat[64] = { +static uint32_t md5nofloat[64] = { 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee, 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501, 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be, 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821, 0xf61e2562, 0xc040b340, @@ -126,11 +135,10 @@ static unsigned md5nofloat[64] = { 0xffeff47d, 0x85845dd1, 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1, 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391 }; -// sha1 needs only 4 values, so we always use precomputed values (defined later) -#else +#else // TODO: move this below the sha512 definition #define md5nofloat 0 #endif -static unsigned sha256nofloat[64] = { +static uint32_t sha256nofloat[64] = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, @@ -143,7 +151,7 @@ static unsigned sha256nofloat[64] = { 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 }; -static unsigned long sha512nofloat[80] = { +static uint64_t sha512nofloat[80] = { 0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc, 0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118, 0xd807aa98a3030242, @@ -172,18 +180,22 @@ static unsigned long sha512nofloat[80] = { 0x431d67c49c100d4c, 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817 }; +// sha1 needs only 4 round constant values, so prefer precomputed +static const uint32_t sha1rconsts[] = { + 0x5A827999, 0x6ED9EBA1, 0x8F1BBCDC, 0xCA62C1D6 +}; // Mix next 64 bytes of data into md5 hash static void md5_transform(void) { - unsigned x[4], *b = (unsigned *)TT.buffer.c; + uint32_t x[4], *b = (uint32_t *)TT.buffer.c; int i; - memcpy(x, TT.state, sizeof(x)); + memcpy(x, TT.state.i32, sizeof(x)); for (i=0; i<64; i++) { - unsigned int in, a, rot, temp; + uint32_t in, a, rot, temp; a = (-i)&3; if (i<16) { @@ -209,32 +221,34 @@ static void md5_transform(void) rot = (5*rot)+(((rot+2)&2)>>1); temp = x[(a+2)&3] ^ (x[(a+1)&3] | ~x[(a+3)&3]); } - temp += x[a] + b[in] + TT.rconsttable[i]; + temp += x[a] + b[in] + TT.rconsttable32[i]; x[a] = x[(a+1)&3] + ((temp<<rot) | (temp>>(32-rot))); } - for (i=0; i<4; i++) TT.state[i] += x[i]; + for (i=0; i<4; i++) TT.state.i32[i] += x[i]; } // Mix next 64 bytes of data into sha1 hash. -static const unsigned sha1rconsts[]={0x5A827999,0x6ED9EBA1,0x8F1BBCDC,0xCA62C1D6}; #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) +#define ror(value, bits) (((value) >> (bits)) | ((value) << (32 - (bits)))) +#define ror64(value, bits) (((value) >> (bits)) | ((value) << (64 - (bits)))) static void sha1_transform(void) { int i, j, k, count; - unsigned *block = TT.buffer.i; - unsigned *rot[5], *temp; + uint32_t *block = TT.buffer.i32; + uint32_t oldstate[5]; + uint32_t *rot[5], *temp; - // Copy context->state[] to working vars + // Copy context->state.i32[] to working vars for (i=0; i<5; i++) { - TT.oldstate[i] = TT.state[i]; - rot[i] = TT.state + i; + oldstate[i] = TT.state.i32[i]; + rot[i] = TT.state.i32 + i; } // 4 rounds of 20 operations each. for (i=count=0; i<4; i++) { for (j=0; j<20; j++) { - unsigned work; + uint32_t work; work = *rot[2] ^ *rot[3]; if (!i) work = (work & *rot[1]) ^ *rot[3]; @@ -259,29 +273,203 @@ static void sha1_transform(void) count++; } } - // Add the previous values of state[] - for (i=0; i<5; i++) TT.state[i] += TT.oldstate[i]; + // Add the previous values of state.i32[] + for (i=0; i<5; i++) TT.state.i32[i] += oldstate[i]; } -// Fill the 64-byte working buffer and call transform() when full. +static void sha256_transform(void) +{ + int i; + uint32_t block[64]; + uint32_t s0, s1, S0, S1, ch, maj, temp1, temp2; + uint32_t rot[8]; // a,b,c,d,e,f,g,h + + //printf("buffer.c[0 1 2 3] = %02hhX %02hhX %02hhX %02hhX\n", TT.buffer.c[0], TT.buffer.c[1], TT.buffer.c[2], TT.buffer.c[3]); + printf("buffer.c[0 - 4] = %02hhX %02hhX %02hhX %02hhX %02hhX\n", TT.buffer.c[0], TT.buffer.c[1], TT.buffer.c[2], TT.buffer.c[3], TT.buffer.c[4]); + printf("buffer.c[56 - 63] = %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX\n", \ + TT.buffer.c[56], TT.buffer.c[57], TT.buffer.c[58], TT.buffer.c[59], \ + TT.buffer.c[60], TT.buffer.c[61], TT.buffer.c[62], TT.buffer.c[63]); + for (i=0; i<16; i++) { + block[i] = SWAP_BE32(TT.buffer.i32[i]); + } + // Extend the message schedule array beyond first 16 words + for (i=16; i<64; i++) { + s0 = ror(block[i-15], 7) ^ ror(block[i-15], 18) ^ (block[i-15] >> 3); + s1 = ror(block[i-2], 17) ^ ror(block[i-2], 19) ^ (block[i-2] >> 10); + block[i] = block[i-16] + s0 + block[i-7] + s1; + } + // Copy context->state.i32[] to working vars + for (i=0; i<8; i++) { + //TT.oldstate32[i] = TT.state.i32[i]; + rot[i] = TT.state.i32[i]; + } + // 64 rounds + for (i=0; i<64; i++) { + S1 = ror(rot[4],6) ^ ror(rot[4],11) ^ ror(rot[4], 25); + ch = (rot[4] & rot[5]) ^ ((~ rot[4]) & rot[6]); + temp1 = rot[7] + S1 + ch + TT.rconsttable32[i] + block[i]; + S0 = ror(rot[0],2) ^ ror(rot[0],13) ^ ror(rot[0], 22); + maj = (rot[0] & rot[1]) ^ (rot[0] & rot[2]) ^ (rot[1] & rot[2]); + temp2 = S0 + maj; + /* if (i < 2) { + printf("begin round %d: rot[0] = %u rot[1] = %u rot[2] = %u\n", i, rot[0], rot[1], rot[2]); + printf(" S1=%u ch=%u temp1=%u S0=%u maj=%u temp2=%u\n", S1,ch,temp1,S0,maj,temp2); + printf(" rot[7]=%u K[i]=%u W[i]=%u TT.buffer.i[i]=%u\n", rot[7],TT.rconsttable32[i],block[i],TT.buffer.i[i]); + } */ + rot[7] = rot[6]; + rot[6] = rot[5]; + rot[5] = rot[4]; + rot[4] = rot[3] + temp1; + rot[3] = rot[2]; + rot[2] = rot[1]; + rot[1] = rot[0]; + rot[0] = temp1 + temp2; + } + //printf("%d rounds done: rot[0] = %u rot[1] = %u rot[2] = %u\n", i, rot[0], rot[1], rot[2]); -static void hash_update(char *data, unsigned int len, void (*transform)(void)) + // Add the previous values of state.i32[] + for (i=0; i<8; i++) TT.state.i32[i] += rot[i]; + //printf("state.i32[0] = %u state.i32[1] = %u state.i32[2] = %u\n", TT.state.i32[0], TT.state.i32[1], TT.state.i32[2]); +} + +static void sha224_transform(void) +{ + sha256_transform(); +} + +static void sha512_transform(void) +{ + int i; + uint64_t block[80]; + uint64_t s0, s1, S0, S1, ch, maj, temp1, temp2; + uint64_t rot[8]; // a,b,c,d,e,f,g,h + + printf("buffer.c[0 - 4] = %02hhX %02hhX %02hhX %02hhX %02hhX\n", TT.buffer.c[0], TT.buffer.c[1], TT.buffer.c[2], TT.buffer.c[3], TT.buffer.c[4]); + printf("buffer.c[112 - 127] = %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX %02hhX\n", \ + TT.buffer.c[112], TT.buffer.c[113], TT.buffer.c[114], TT.buffer.c[115], \ + TT.buffer.c[116], TT.buffer.c[117], TT.buffer.c[118], TT.buffer.c[119], \ + TT.buffer.c[120], TT.buffer.c[121], TT.buffer.c[122], TT.buffer.c[123], \ + TT.buffer.c[124], TT.buffer.c[125], TT.buffer.c[126], TT.buffer.c[127]); + for (i=0; i<16; i++) { + block[i] = SWAP_BE64(TT.buffer.i64[i]); + } + // Extend the message schedule array beyond first 16 words + for (i=16; i<80; i++) { + s0 = ror64(block[i-15], 1) ^ ror64(block[i-15], 8) ^ (block[i-15] >> 7); + s1 = ror64(block[i-2], 19) ^ ror64(block[i-2], 61) ^ (block[i-2] >> 6); + block[i] = block[i-16] + s0 + block[i-7] + s1; + } + // Copy context->state.i64[] to working vars + for (i=0; i<8; i++) { + rot[i] = TT.state.i64[i]; + } + // 80 rounds + for (i=0; i<80; i++) { + S1 = ror64(rot[4],14) ^ ror64(rot[4],18) ^ ror64(rot[4], 41); + ch = (rot[4] & rot[5]) ^ ((~ rot[4]) & rot[6]); + temp1 = rot[7] + S1 + ch + TT.rconsttable64[i] + block[i]; + S0 = ror64(rot[0],28) ^ ror64(rot[0],34) ^ ror64(rot[0], 39); + maj = (rot[0] & rot[1]) ^ (rot[0] & rot[2]) ^ (rot[1] & rot[2]); + temp2 = S0 + maj; + /* + if (i < 3) { + printf(" S1=%lu ch=%lu temp1=%lu S0=%lu maj=%lu temp2=%lu\n", S1,ch,temp1,S0,maj,temp2); + printf(" rot[7]=%lu K[i]=%lu W[i]=%lu TT.buffer.i64[i]=%lu\n", rot[7],TT.rconsttable64[i],block[i],TT.buffer.i64[i]); + } + */ + rot[7] = rot[6]; + rot[6] = rot[5]; + rot[5] = rot[4]; + rot[4] = rot[3] + temp1; + rot[3] = rot[2]; + rot[2] = rot[1]; + rot[1] = rot[0]; + rot[0] = temp1 + temp2; + /* + if ((i < 3) || (i > 77)) { + //printf("after round %d: rot[0] = %lu rot[1] = %lu rot[2] = %lu\n", i, rot[0], rot[1], rot[2]); + printf("t= %d: A=%08X%08X B=%08X%08X C= %08X%08X D=%08X%08X\n", i, \ + (uint32_t) (rot[0] >> 32), (uint32_t) rot[0], \ + (uint32_t) (rot[1] >> 32), (uint32_t) rot[1], \ + (uint32_t) (rot[2] >> 32), (uint32_t) rot[2], \ + (uint32_t) (rot[3] >> 32), (uint32_t) rot[3] \ + ); + printf("t= %d: E=%08X%08X F=%08X%08X G= %08X%08X H=%08X%08X\n", i, \ + (uint32_t) (rot[4] >> 32), (uint32_t) rot[4], \ + (uint32_t) (rot[5] >> 32), (uint32_t) rot[5], \ + (uint32_t) (rot[6] >> 32), (uint32_t) rot[6], \ + (uint32_t) (rot[7] >> 32), (uint32_t) rot[7] \ + ); + } + */ + } + //printf("%d rounds done: rot[0] = %lu rot[1] = %lu rot[2] = %lu\n", i, rot[0], rot[1], rot[2]); + + // Add the previous values of state.i64[] + /* + printf("t= %d: 0=%08X%08X 1=%08X%08X 2= %08X%08X 3=%08X%08X\n", -1, \ + (uint32_t) (TT.state.i64[0] >> 32), (uint32_t) TT.state.i64[0], \ + (uint32_t) (TT.state.i64[1] >> 32), (uint32_t) TT.state.i64[1], \ + (uint32_t) (TT.state.i64[2] >> 32), (uint32_t) TT.state.i64[2], \ + (uint32_t) (TT.state.i64[3] >> 32), (uint32_t) TT.state.i64[3] \ + ); + printf("t= %d: 4=%08X%08X 5=%08X%08X 6= %08X%08X 7=%08X%08X\n", -1, \ + (uint32_t) (TT.state.i64[4] >> 32), (uint32_t) TT.state.i64[4], \ + (uint32_t) (TT.state.i64[5] >> 32), (uint32_t) TT.state.i64[5], \ + (uint32_t) (TT.state.i64[6] >> 32), (uint32_t) TT.state.i64[6], \ + (uint32_t) (TT.state.i64[7] >> 32), (uint32_t) TT.state.i64[7] \ + ); + */ + for (i=0; i<8; i++) TT.state.i64[i] += rot[i]; + /* + printf("t= %d: 0=%08X%08X 1=%08X%08X 2= %08X%08X 3=%08X%08X\n", -2, \ + (uint32_t) (TT.state.i64[0] >> 32), (uint32_t) TT.state.i64[0], \ + (uint32_t) (TT.state.i64[1] >> 32), (uint32_t) TT.state.i64[1], \ + (uint32_t) (TT.state.i64[2] >> 32), (uint32_t) TT.state.i64[2], \ + (uint32_t) (TT.state.i64[3] >> 32), (uint32_t) TT.state.i64[3] \ + ); + printf("t= %d: 4=%08X%08X 5=%08X%08X 6= %08X%08X 7=%08X%08X\n", -2, \ + (uint32_t) (TT.state.i64[4] >> 32), (uint32_t) TT.state.i64[4], \ + (uint32_t) (TT.state.i64[5] >> 32), (uint32_t) TT.state.i64[5], \ + (uint32_t) (TT.state.i64[6] >> 32), (uint32_t) TT.state.i64[6], \ + (uint32_t) (TT.state.i64[7] >> 32), (uint32_t) TT.state.i64[7] \ + ); + */ + //printf("state.i64[0] = %lu state.i64[1] = %lu state.i64[2] = %lu\n", TT.state.i64[0], TT.state.i64[1], TT.state.i64[2]); +} + +static void sha384_transform(void) +{ + sha512_transform(); +} + +// Fill the 64-byte (512-bit) working buffer and call transform() when full. + +static void hash_update(char *data, unsigned int len, void (*transform)(void), int chunksize) { unsigned int i, j; + //printf("starting hash_update() TT.count = %llu len = %d chunksize = %d\n", TT.count,len,chunksize); - j = TT.count & 63; + j = TT.count & (chunksize - 1); TT.count += len; for (;;) { // Grab next chunk of data, return if it's not enough to process a frame - i = 64 - j; + i = chunksize - j; if (i>len) i = len; memcpy(TT.buffer.c+j, data, i); - if (j+i != 64) break; + //printf("checking chunksize. j(%d) + i(%d) = chunksize(%d) ?\n", j,i,chunksize); + if (j+i != chunksize) break; // Process a frame - if (IS_BIG_ENDIAN) - for (j=0; j<16; j++) TT.buffer.i[j] = SWAP_LE32(TT.buffer.i[j]); + if (IS_BIG_ENDIAN) { // TODO: test on big endian architecture + if ((TT.hashmethod == SHA512) || (TT.hashmethod == SHA384)) { + for (j=0; j<16; j++) TT.buffer.i64[j] = SWAP_LE64(TT.buffer.i64[j]); + } else { // MD5, SHA1, SHA224, SHA256 + for (j=0; j<16; j++) TT.buffer.i32[j] = SWAP_LE32(TT.buffer.i32[j]); + } + } + //printf("calling transform. hashmethod = %d\n", TT.hashmethod); transform(); j=0; data += i; @@ -335,28 +523,91 @@ static void do_lib_hash(int fd, char *name) sprintf(toybuf+2*i, "%02x", toybuf[i+128]); } -// Callback for loopfiles() - static void do_builtin_hash(int fd, char *name) { unsigned long long count; - int i, sha1 = toys.which->name[0]=='s'; + int i, chunksize, lengthsize, digestlen; char buf, *pp; void (*transform)(void); - /* SHA1 initialization constants (md5sum uses first 4) */ - TT.state[0] = 0x67452301; - TT.state[1] = 0xEFCDAB89; - TT.state[2] = 0x98BADCFE; - TT.state[3] = 0x10325476; - TT.state[4] = 0xC3D2E1F0; + //printf("starting do_builtin_hash()\n"); TT.count = 0; + switch(TT.hashmethod) { + case MD5: + case SHA1: + transform = (TT.hashmethod == MD5) ? md5_transform : sha1_transform; + digestlen = (TT.hashmethod == MD5) ? 0 : 20; // bytes + chunksize = 64; // bytes + lengthsize = 8; // bytes + TT.state.i32[0] = 0x67452301; + TT.state.i32[1] = 0xEFCDAB89; + TT.state.i32[2] = 0x98BADCFE; + TT.state.i32[3] = 0x10325476; + TT.state.i32[4] = 0xC3D2E1F0; // not used for MD5 + break; + case SHA224: + transform = sha224_transform; + digestlen = 28; + chunksize = 64; + lengthsize = 8; + TT.state.i32[0] = 0xc1059ed8; + TT.state.i32[1] = 0x367cd507; + TT.state.i32[2] = 0x3070dd17; + TT.state.i32[3] = 0xf70e5939; + TT.state.i32[4] = 0xffc00b31; + TT.state.i32[5] = 0x68581511; + TT.state.i32[6] = 0x64f98fa7; + TT.state.i32[7] = 0xbefa4fa4; + break; + case SHA256: + transform = sha256_transform; + digestlen = 32; + chunksize = 64; + lengthsize = 8; + TT.state.i32[0] = 0x6a09e667; + TT.state.i32[1] = 0xbb67ae85; + TT.state.i32[2] = 0x3c6ef372; + TT.state.i32[3] = 0xa54ff53a; + TT.state.i32[4] = 0x510e527f; + TT.state.i32[5] = 0x9b05688c; + TT.state.i32[6] = 0x1f83d9ab; + TT.state.i32[7] = 0x5be0cd19; + break; + case SHA384: + transform = sha384_transform; + digestlen = 48; + chunksize = 128; + lengthsize = 8; // bytes. should be 16 according to spec + TT.state.i64[0] = 0xcbbb9d5dc1059ed8; + TT.state.i64[1] = 0x629a292a367cd507; + TT.state.i64[2] = 0x9159015a3070dd17; + TT.state.i64[3] = 0x152fecd8f70e5939; + TT.state.i64[4] = 0x67332667ffc00b31; + TT.state.i64[5] = 0x8eb44a8768581511; + TT.state.i64[6] = 0xdb0c2e0d64f98fa7; + TT.state.i64[7] = 0x47b5481dbefa4fa4; + break; + case SHA512: + transform = sha512_transform; + digestlen = 64; + chunksize = 128; + lengthsize = 8; // bytes. should be 16 according to spec + TT.state.i64[0] = 0x6a09e667f3bcc908; + TT.state.i64[1] = 0xbb67ae8584caa73b; + TT.state.i64[2] = 0x3c6ef372fe94f82b; + TT.state.i64[3] = 0xa54ff53a5f1d36f1; + TT.state.i64[4] = 0x510e527fade682d1; + TT.state.i64[5] = 0x9b05688c2b3e6c1f; + TT.state.i64[6] = 0x1f83d9abfb41bd6b; + TT.state.i64[7] = 0x5be0cd19137e2179; + break; + default: error_exit("unrecognized hash method name"); break; + } - transform = sha1 ? sha1_transform : md5_transform; for (;;) { i = read(fd, toybuf, sizeof(toybuf)); if (i<1) break; - hash_update(toybuf, i, transform); + hash_update(toybuf, i, transform, chunksize); } count = TT.count << 3; @@ -367,29 +618,39 @@ static void do_builtin_hash(int fd, char *name) // // Since our input up to now has been in whole bytes, we can deal with // bytes here too. - buf = 0x80; do { - hash_update(&buf, 1, transform); + hash_update(&buf, 1, transform, chunksize); buf = 0; - } while ((TT.count & 63) != 56); - count = sha1 ? SWAP_BE64(count) : SWAP_LE64(count); - hash_update((void *)&count, 8, transform); - - if (sha1) - for (i = 0; i < 20; i++) - sprintf(toybuf+2*i, "%02x", 255&(TT.state[i>>2] >> ((3-(i & 3)) * 8))); - else for (i=0; i<4; i++) sprintf(toybuf+8*i, "%08x", bswap_32(TT.state[i])); - + } while ((TT.count & (chunksize - 1)) != (chunksize - lengthsize)); + count = (TT.hashmethod == MD5) ? SWAP_LE64(count) : SWAP_BE64(count); + // Note that we should be using a 128-bit count for SHA384 and SHA512, + // but since we are using a 64-bit count, then SWAP_BE64() is correct. + printf("count=%lld count=%08X %08X\n", count, \ + (uint32_t) (count >> 32), (uint32_t) count); + hash_update((void *)&count, 8, transform, chunksize); + + // write digest to toybuf + if (TT.hashmethod == MD5) { + for (i=0; i<4; i++) sprintf(toybuf+8*i, "%08x", bswap_32(TT.state.i32[i])); + } else if ((TT.hashmethod == SHA1) || (TT.hashmethod == SHA224) || (TT.hashmethod == SHA256)) { + for (i=0; i<digestlen; i++) + sprintf(toybuf+2*i, "%02x", 255&(TT.state.i32[i>>2] >> ((3-(i & 3)) * 8))); + } else { // SHA384 and SHA512 + for (i=0; i<(digestlen/8); i++) { + sprintf(toybuf+16*i, "%016lx", TT.state.i64[i]); + } + } // Wipe variables. Cryptographer paranoia. - // if we do this with memset(), gcc throws a broken warning, and the (long) + // if we do this with memset(), gcc throws a broken warning, and the (uint32_t) // typecasts stop gcc from breaking "undefined behavior" that isn't. - for (pp = (void *)TT.state; (unsigned long)pp-(unsigned long)TT.state<sizeof(TT)-((unsigned long)TT.state-(unsigned long)&TT); pp++) + for (pp = (void *)TT.state.i64; (uint64_t)pp-(uint64_t)TT.state.i64<sizeof(TT)-((uint64_t)TT.state.i64-(uint64_t)&TT); pp++) *pp = 0; i = strlen(toybuf)+1; memset(toybuf+i, 0, sizeof(toybuf)-i); } +// Callback for loopfiles() // Call builtin or lib hash function, then display output if necessary static void do_hash(int fd, char *name) { @@ -466,7 +727,7 @@ void md5sum_main(void) else if (toys.which->name[4]=='5') { TT.hashmethod = SHA256; } else if (toys.which->name[4]=='8') { TT.hashmethod = SHA384; } else if (toys.which->name[4]=='1') { TT.hashmethod = SHA512; } - else { error_exit("unrecognized hash method name: %s", toys.which->name); } + else { error_exit("unrecognized hash method from command name: %s", toys.which->name); } // Calculate table if we have floating point. Static version should drop // out at compile time when we don't need it. @@ -474,20 +735,20 @@ void md5sum_main(void) switch(TT.hashmethod) { case MD5: if (CFG_TOYBOX_FLOAT) { - TT.rconsttable = xmalloc(64*4); - for (i = 0; i<64; i++) TT.rconsttable[i] = fabs(sin(i+1))*(1LL<<32); - } else TT.rconsttable = md5nofloat; + TT.rconsttable32 = xmalloc(64*4); + for (i = 0; i<64; i++) TT.rconsttable32[i] = fabs(sin(i+1))*(1LL<<32); + } else TT.rconsttable32 = md5nofloat; break; case SHA1: break; case SHA224: case SHA256: //if (CFG_TOYBOX_FLOAT) { - // TT.rconsttable = xmalloc(64*4); - // for (i = 0; i<64; i++) TT.rconsttable[i] = TODO + // TT.rconsttable32 = xmalloc(64*4); + // for (i = 0; i<64; i++) TT.rconsttable32[i] = TODO // first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311 -- but perhaps storing a list of primes would use a similar amount of memory anyway -? - //} else TT.rconsttable = sha256nofloat; - TT.rconsttable = sha256nofloat; // temporary + //} else TT.rconsttable32 = sha256nofloat; + TT.rconsttable32 = sha256nofloat; // temporary break; case SHA384: case SHA512: |