Strona główna Odkrywaj Pomoc
Zaloguj się
cpp
/
ZeroTierOne
kopia lustrzana https://github.com/zerotier/ZeroTierOne
2
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: 1.4.0.1
Gałęzie Tagi
ZeroTierOne
/
attic
/
historic
/
anode
/
libanode
/
aes_digest.c

aes_digest.c 3.4 KB
Bezpośredni odnośnik Historia Czysty

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. /* libanode: the Anode C reference implementation
    2. 

  2.  * Copyright (C) 2009-2010 Adam Ierymenko <[email protected]>
    3. 

  3.  *
    4. 

  4.  * This program is free software: you can redistribute it and/or modify
    5. 

  5.  * it under the terms of the GNU General Public License as published by
    6. 

  6.  * the Free Software Foundation, either version 3 of the License, or
    7. 

  7.  * (at your option) any later version.
    8. 

  8.  *
    9. 

  9.  * This program is distributed in the hope that it will be useful,
    10. 

  10.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12.  * GNU General Public License for more details.
    13. 

  13.  *
    14. 

  14.  * You should have received a copy of the GNU General Public License
    15. 

  15.  * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
    16. 

  16. 

  17. #include "anode.h"
    18. 

  18. #include "impl/aes.h"
    19. 

  19. #include "impl/misc.h"
    20. 

  20. #include "impl/types.h"
    21. 

  21. 

  22. void Anode_aes_digest(const void *const message,unsigned long message_len,void *const hash)
    23. 

  23. {
    24. 

  24.   unsigned char previous_digest[16];
    25. 

  25.   unsigned char digest[16];
    26. 

  26.   unsigned char block[32];
    27. 

  27.   const unsigned char *in = (const unsigned char *)message;
    28. 

  28.   const unsigned char *end = in + message_len;
    29. 

  29.   unsigned long block_counter;
    30. 

  30.   AnodeAesExpandedKey expkey;
    31. 

  31. 

  32.   ((uint64_t *)digest)[0] = 0ULL;
    33. 

  33.   ((uint64_t *)digest)[1] = 0ULL;
    34. 

  34.   ((uint64_t *)block)[0] = 0ULL;
    35. 

  35.   ((uint64_t *)block)[1] = 0ULL;
    36. 

  36.   ((uint64_t *)block)[2] = 0ULL;
    37. 

  37.   ((uint64_t *)block)[3] = 0ULL;
    38. 

  38. 

  39.   /* Davis-Meyer hash function built from block cipher */
    40. 

  40.   block_counter = 0;
    41. 

  41.   while (in != end) {
    42. 

  42.     block[block_counter++] = *(in++);
    43. 

  43.     if (block_counter == 32) {
    44. 

  44.       block_counter = 0;
    45. 

  45.       ((uint64_t *)previous_digest)[0] = ((uint64_t *)digest)[0];
    46. 

  46.       ((uint64_t *)previous_digest)[1] = ((uint64_t *)digest)[1];
    47. 

  47.       Anode_aes256_expand_key(block,&expkey);
    48. 

  48.       Anode_aes256_encrypt(&expkey,digest,digest);
    49. 

  49.       ((uint64_t *)digest)[0] ^= ((uint64_t *)previous_digest)[0];
    50. 

  50.       ((uint64_t *)digest)[1] ^= ((uint64_t *)previous_digest)[1];
    51. 

  51.     }
    52. 

  52.   }
    53. 

  53. 

  54.   /* Davis-Meyer end marker */
    55. 

  55.   block[block_counter++] = 0x80;
    56. 

  56.   while (block_counter != 32) block[block_counter++] = 0;
    57. 

  57.   ((uint64_t *)previous_digest)[0] = ((uint64_t *)digest)[0];
    58. 

  58.   ((uint64_t *)previous_digest)[1] = ((uint64_t *)digest)[1];
    59. 

  59.   Anode_aes256_expand_key(block,&expkey);
    60. 

  60.   Anode_aes256_encrypt(&expkey,digest,digest);
    61. 

  61.   ((uint64_t *)digest)[0] ^= ((uint64_t *)previous_digest)[0];
    62. 

  62.   ((uint64_t *)digest)[1] ^= ((uint64_t *)previous_digest)[1];
    63. 

  63. 

  64.   /* Merkle-Damgård length padding */
    65. 

  65.   ((uint64_t *)block)[0] = 0ULL;
    66. 

  66.   if (sizeof(message_len) >= 8) { /* 32/64 bit? this will get optimized out */
    67. 

  67.     block[8] = (uint8_t)((uint64_t)message_len >> 56);
    68. 

  68.     block[9] = (uint8_t)((uint64_t)message_len >> 48);
    69. 

  69.     block[10] = (uint8_t)((uint64_t)message_len >> 40);
    70. 

  70.     block[11] = (uint8_t)((uint64_t)message_len >> 32);
    71. 

  71.   } else ((uint32_t *)block)[2] = 0;
    72. 

  72.   block[12] = (uint8_t)(message_len >> 24);
    73. 

  73.   block[13] = (uint8_t)(message_len >> 16);
    74. 

  74.   block[14] = (uint8_t)(message_len >> 8);
    75. 

  75.   block[15] = (uint8_t)message_len;
    76. 

  76.   ((uint64_t *)previous_digest)[0] = ((uint64_t *)digest)[0];
    77. 

  77.   ((uint64_t *)previous_digest)[1] = ((uint64_t *)digest)[1];
    78. 

  78.   Anode_aes256_expand_key(block,&expkey);
    79. 

  79.   Anode_aes256_encrypt(&expkey,digest,digest);
    80. 

  80.   ((uint64_t *)digest)[0] ^= ((uint64_t *)previous_digest)[0];
    81. 

  81.   ((uint64_t *)digest)[1] ^= ((uint64_t *)previous_digest)[1];
    82. 

  82. 

  83.   ((uint64_t *)hash)[0] = ((uint64_t *)digest)[0];
    84. 

  84.   ((uint64_t *)hash)[1] = ((uint64_t *)digest)[1];
    85. 

  85. }
    86.