34 #if defined(POLARSSL_RIPEMD160_C)
38 #if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
42 #if defined(POLARSSL_SELF_TEST)
50 #define GET_UINT32_LE(n,b,i) \
52 (n) = ( (uint32_t) (b)[(i) ] ) \
53 | ( (uint32_t) (b)[(i) + 1] << 8 ) \
54 | ( (uint32_t) (b)[(i) + 2] << 16 ) \
55 | ( (uint32_t) (b)[(i) + 3] << 24 ); \
60 #define PUT_UINT32_LE(n,b,i) \
62 (b)[(i) ] = (unsigned char) ( (n) ); \
63 (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \
64 (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \
65 (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \
77 ctx->
state[0] = 0x67452301;
78 ctx->
state[1] = 0xEFCDAB89;
79 ctx->
state[2] = 0x98BADCFE;
80 ctx->
state[3] = 0x10325476;
81 ctx->
state[4] = 0xC3D2E1F0;
89 uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
91 GET_UINT32_LE( X[ 0], data, 0 );
92 GET_UINT32_LE( X[ 1], data, 4 );
93 GET_UINT32_LE( X[ 2], data, 8 );
94 GET_UINT32_LE( X[ 3], data, 12 );
95 GET_UINT32_LE( X[ 4], data, 16 );
96 GET_UINT32_LE( X[ 5], data, 20 );
97 GET_UINT32_LE( X[ 6], data, 24 );
98 GET_UINT32_LE( X[ 7], data, 28 );
99 GET_UINT32_LE( X[ 8], data, 32 );
100 GET_UINT32_LE( X[ 9], data, 36 );
101 GET_UINT32_LE( X[10], data, 40 );
102 GET_UINT32_LE( X[11], data, 44 );
103 GET_UINT32_LE( X[12], data, 48 );
104 GET_UINT32_LE( X[13], data, 52 );
105 GET_UINT32_LE( X[14], data, 56 );
106 GET_UINT32_LE( X[15], data, 60 );
108 A = Ap = ctx->
state[0];
109 B = Bp = ctx->
state[1];
110 C = Cp = ctx->
state[2];
111 D = Dp = ctx->
state[3];
112 E = Ep = ctx->
state[4];
114 #define F1( x, y, z ) ( x ^ y ^ z )
115 #define F2( x, y, z ) ( ( x & y ) | ( ~x & z ) )
116 #define F3( x, y, z ) ( ( x | ~y ) ^ z )
117 #define F4( x, y, z ) ( ( x & z ) | ( y & ~z ) )
118 #define F5( x, y, z ) ( x ^ ( y | ~z ) )
120 #define S( x, n ) ( ( x << n ) | ( x >> (32 - n) ) )
122 #define P( a, b, c, d, e, r, s, f, k ) \
123 a += f( b, c, d ) + X[r] + k; \
127 #define P2( a, b, c, d, e, r, s, rp, sp ) \
128 P( a, b, c, d, e, r, s, F, K ); \
129 P( a ## p, b ## p, c ## p, d ## p, e ## p, rp, sp, Fp, Kp );
134 #define Kp 0x50A28BE6
135 P2( A, B, C, D, E, 0, 11, 5, 8 );
136 P2( E, A, B, C, D, 1, 14, 14, 9 );
137 P2( D, E, A, B, C, 2, 15, 7, 9 );
138 P2( C, D, E, A, B, 3, 12, 0, 11 );
139 P2( B, C, D, E, A, 4, 5, 9, 13 );
140 P2( A, B, C, D, E, 5, 8, 2, 15 );
141 P2( E, A, B, C, D, 6, 7, 11, 15 );
142 P2( D, E, A, B, C, 7, 9, 4, 5 );
143 P2( C, D, E, A, B, 8, 11, 13, 7 );
144 P2( B, C, D, E, A, 9, 13, 6, 7 );
145 P2( A, B, C, D, E, 10, 14, 15, 8 );
146 P2( E, A, B, C, D, 11, 15, 8, 11 );
147 P2( D, E, A, B, C, 12, 6, 1, 14 );
148 P2( C, D, E, A, B, 13, 7, 10, 14 );
149 P2( B, C, D, E, A, 14, 9, 3, 12 );
150 P2( A, B, C, D, E, 15, 8, 12, 6 );
159 #define Kp 0x5C4DD124
160 P2( E, A, B, C, D, 7, 7, 6, 9 );
161 P2( D, E, A, B, C, 4, 6, 11, 13 );
162 P2( C, D, E, A, B, 13, 8, 3, 15 );
163 P2( B, C, D, E, A, 1, 13, 7, 7 );
164 P2( A, B, C, D, E, 10, 11, 0, 12 );
165 P2( E, A, B, C, D, 6, 9, 13, 8 );
166 P2( D, E, A, B, C, 15, 7, 5, 9 );
167 P2( C, D, E, A, B, 3, 15, 10, 11 );
168 P2( B, C, D, E, A, 12, 7, 14, 7 );
169 P2( A, B, C, D, E, 0, 12, 15, 7 );
170 P2( E, A, B, C, D, 9, 15, 8, 12 );
171 P2( D, E, A, B, C, 5, 9, 12, 7 );
172 P2( C, D, E, A, B, 2, 11, 4, 6 );
173 P2( B, C, D, E, A, 14, 7, 9, 15 );
174 P2( A, B, C, D, E, 11, 13, 1, 13 );
175 P2( E, A, B, C, D, 8, 12, 2, 11 );
184 #define Kp 0x6D703EF3
185 P2( D, E, A, B, C, 3, 11, 15, 9 );
186 P2( C, D, E, A, B, 10, 13, 5, 7 );
187 P2( B, C, D, E, A, 14, 6, 1, 15 );
188 P2( A, B, C, D, E, 4, 7, 3, 11 );
189 P2( E, A, B, C, D, 9, 14, 7, 8 );
190 P2( D, E, A, B, C, 15, 9, 14, 6 );
191 P2( C, D, E, A, B, 8, 13, 6, 6 );
192 P2( B, C, D, E, A, 1, 15, 9, 14 );
193 P2( A, B, C, D, E, 2, 14, 11, 12 );
194 P2( E, A, B, C, D, 7, 8, 8, 13 );
195 P2( D, E, A, B, C, 0, 13, 12, 5 );
196 P2( C, D, E, A, B, 6, 6, 2, 14 );
197 P2( B, C, D, E, A, 13, 5, 10, 13 );
198 P2( A, B, C, D, E, 11, 12, 0, 13 );
199 P2( E, A, B, C, D, 5, 7, 4, 7 );
200 P2( D, E, A, B, C, 12, 5, 13, 5 );
209 #define Kp 0x7A6D76E9
210 P2( C, D, E, A, B, 1, 11, 8, 15 );
211 P2( B, C, D, E, A, 9, 12, 6, 5 );
212 P2( A, B, C, D, E, 11, 14, 4, 8 );
213 P2( E, A, B, C, D, 10, 15, 1, 11 );
214 P2( D, E, A, B, C, 0, 14, 3, 14 );
215 P2( C, D, E, A, B, 8, 15, 11, 14 );
216 P2( B, C, D, E, A, 12, 9, 15, 6 );
217 P2( A, B, C, D, E, 4, 8, 0, 14 );
218 P2( E, A, B, C, D, 13, 9, 5, 6 );
219 P2( D, E, A, B, C, 3, 14, 12, 9 );
220 P2( C, D, E, A, B, 7, 5, 2, 12 );
221 P2( B, C, D, E, A, 15, 6, 13, 9 );
222 P2( A, B, C, D, E, 14, 8, 9, 12 );
223 P2( E, A, B, C, D, 5, 6, 7, 5 );
224 P2( D, E, A, B, C, 6, 5, 10, 15 );
225 P2( C, D, E, A, B, 2, 12, 14, 8 );
234 #define Kp 0x00000000
235 P2( B, C, D, E, A, 4, 9, 12, 8 );
236 P2( A, B, C, D, E, 0, 15, 15, 5 );
237 P2( E, A, B, C, D, 5, 5, 10, 12 );
238 P2( D, E, A, B, C, 9, 11, 4, 9 );
239 P2( C, D, E, A, B, 7, 6, 1, 12 );
240 P2( B, C, D, E, A, 12, 8, 5, 5 );
241 P2( A, B, C, D, E, 2, 13, 8, 14 );
242 P2( E, A, B, C, D, 10, 12, 7, 6 );
243 P2( D, E, A, B, C, 14, 5, 6, 8 );
244 P2( C, D, E, A, B, 1, 12, 2, 13 );
245 P2( B, C, D, E, A, 3, 13, 13, 6 );
246 P2( A, B, C, D, E, 8, 14, 14, 5 );
247 P2( E, A, B, C, D, 11, 11, 0, 15 );
248 P2( D, E, A, B, C, 6, 8, 3, 13 );
249 P2( C, D, E, A, B, 15, 5, 9, 11 );
250 P2( B, C, D, E, A, 13, 6, 11, 11 );
256 C = ctx->
state[1] + C + Dp;
268 const unsigned char *input,
size_t ilen )
276 left = ctx->
total[0] & 0x3F;
279 ctx->
total[0] += (uint32_t) ilen;
280 ctx->
total[0] &= 0xFFFFFFFF;
282 if( ctx->
total[0] < (uint32_t) ilen )
285 if( left && ilen >= fill )
287 memcpy( (
void *) (ctx->
buffer + left), input, fill );
303 memcpy( (
void *) (ctx->
buffer + left), input, ilen );
307 static const unsigned char ripemd160_padding[64] =
309 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
310 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
311 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
312 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
322 unsigned char msglen[8];
324 high = ( ctx->
total[0] >> 29 )
325 | ( ctx->
total[1] << 3 );
326 low = ( ctx->
total[0] << 3 );
328 PUT_UINT32_LE( low, msglen, 0 );
329 PUT_UINT32_LE( high, msglen, 4 );
331 last = ctx->
total[0] & 0x3F;
332 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
337 PUT_UINT32_LE( ctx->
state[0], output, 0 );
338 PUT_UINT32_LE( ctx->
state[1], output, 4 );
339 PUT_UINT32_LE( ctx->
state[2], output, 8 );
340 PUT_UINT32_LE( ctx->
state[3], output, 12 );
341 PUT_UINT32_LE( ctx->
state[4], output, 16 );
347 void ripemd160(
const unsigned char *input,
size_t ilen,
348 unsigned char output[20] )
359 #if defined(POLARSSL_FS_IO)
368 unsigned char buf[1024];
370 if( ( f = fopen( path,
"rb" ) ) == NULL )
375 while( ( n = fread( buf, 1,
sizeof( buf ), f ) ) > 0 )
382 if( ferror( f ) != 0 )
397 const unsigned char *key,
size_t keylen )
400 unsigned char sum[20];
409 memset( ctx->
ipad, 0x36, 64 );
410 memset( ctx->
opad, 0x5C, 64 );
412 for( i = 0; i < keylen; i++ )
414 ctx->
ipad[i] = (
unsigned char)( ctx->
ipad[i] ^ key[i] );
415 ctx->
opad[i] = (
unsigned char)( ctx->
opad[i] ^ key[i] );
421 memset( sum, 0,
sizeof( sum ) );
428 const unsigned char *input,
size_t ilen )
438 unsigned char tmpbuf[20];
446 memset( tmpbuf, 0,
sizeof( tmpbuf ) );
462 const unsigned char *input,
size_t ilen,
463 unsigned char output[20] )
475 #if defined(POLARSSL_SELF_TEST)
482 static const char *ripemd160_test_input[TESTS] =
488 "abcdefghijklmnopqrstuvwxyz",
489 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
490 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
491 "1234567890123456789012345678901234567890"
492 "1234567890123456789012345678901234567890",
495 static const unsigned char ripemd160_test_md[TESTS][20] =
497 { 0x9c, 0x11, 0x85, 0xa5, 0xc5, 0xe9, 0xfc, 0x54, 0x61, 0x28,
498 0x08, 0x97, 0x7e, 0xe8, 0xf5, 0x48, 0xb2, 0x25, 0x8d, 0x31 },
499 { 0x0b, 0xdc, 0x9d, 0x2d, 0x25, 0x6b, 0x3e, 0xe9, 0xda, 0xae,
500 0x34, 0x7b, 0xe6, 0xf4, 0xdc, 0x83, 0x5a, 0x46, 0x7f, 0xfe },
501 { 0x8e, 0xb2, 0x08, 0xf7, 0xe0, 0x5d, 0x98, 0x7a, 0x9b, 0x04,
502 0x4a, 0x8e, 0x98, 0xc6, 0xb0, 0x87, 0xf1, 0x5a, 0x0b, 0xfc },
503 { 0x5d, 0x06, 0x89, 0xef, 0x49, 0xd2, 0xfa, 0xe5, 0x72, 0xb8,
504 0x81, 0xb1, 0x23, 0xa8, 0x5f, 0xfa, 0x21, 0x59, 0x5f, 0x36 },
505 { 0xf7, 0x1c, 0x27, 0x10, 0x9c, 0x69, 0x2c, 0x1b, 0x56, 0xbb,
506 0xdc, 0xeb, 0x5b, 0x9d, 0x28, 0x65, 0xb3, 0x70, 0x8d, 0xbc },
507 { 0x12, 0xa0, 0x53, 0x38, 0x4a, 0x9c, 0x0c, 0x88, 0xe4, 0x05,
508 0xa0, 0x6c, 0x27, 0xdc, 0xf4, 0x9a, 0xda, 0x62, 0xeb, 0x2b },
509 { 0xb0, 0xe2, 0x0b, 0x6e, 0x31, 0x16, 0x64, 0x02, 0x86, 0xed,
510 0x3a, 0x87, 0xa5, 0x71, 0x30, 0x79, 0xb2, 0x1f, 0x51, 0x89 },
511 { 0x9b, 0x75, 0x2e, 0x45, 0x57, 0x3d, 0x4b, 0x39, 0xf4, 0xdb,
512 0xd3, 0x32, 0x3c, 0xab, 0x82, 0xbf, 0x63, 0x32, 0x6b, 0xfb },
515 static const unsigned char ripemd160_test_hmac[KEYS][TESTS][20] =
518 { 0xcf, 0x38, 0x76, 0x77, 0xbf, 0xda, 0x84, 0x83, 0xe6, 0x3b,
519 0x57, 0xe0, 0x6c, 0x3b, 0x5e, 0xcd, 0x8b, 0x7f, 0xc0, 0x55 },
520 { 0x0d, 0x35, 0x1d, 0x71, 0xb7, 0x8e, 0x36, 0xdb, 0xb7, 0x39,
521 0x1c, 0x81, 0x0a, 0x0d, 0x2b, 0x62, 0x40, 0xdd, 0xba, 0xfc },
522 { 0xf7, 0xef, 0x28, 0x8c, 0xb1, 0xbb, 0xcc, 0x61, 0x60, 0xd7,
523 0x65, 0x07, 0xe0, 0xa3, 0xbb, 0xf7, 0x12, 0xfb, 0x67, 0xd6 },
524 { 0xf8, 0x36, 0x62, 0xcc, 0x8d, 0x33, 0x9c, 0x22, 0x7e, 0x60,
525 0x0f, 0xcd, 0x63, 0x6c, 0x57, 0xd2, 0x57, 0x1b, 0x1c, 0x34 },
526 { 0x84, 0x3d, 0x1c, 0x4e, 0xb8, 0x80, 0xac, 0x8a, 0xc0, 0xc9,
527 0xc9, 0x56, 0x96, 0x50, 0x79, 0x57, 0xd0, 0x15, 0x5d, 0xdb },
528 { 0x60, 0xf5, 0xef, 0x19, 0x8a, 0x2d, 0xd5, 0x74, 0x55, 0x45,
529 0xc1, 0xf0, 0xc4, 0x7a, 0xa3, 0xfb, 0x57, 0x76, 0xf8, 0x81 },
530 { 0xe4, 0x9c, 0x13, 0x6a, 0x9e, 0x56, 0x27, 0xe0, 0x68, 0x1b,
531 0x80, 0x8a, 0x3b, 0x97, 0xe6, 0xa6, 0xe6, 0x61, 0xae, 0x79 },
532 { 0x31, 0xbe, 0x3c, 0xc9, 0x8c, 0xee, 0x37, 0xb7, 0x9b, 0x06,
533 0x19, 0xe3, 0xe1, 0xc2, 0xbe, 0x4f, 0x1a, 0xa5, 0x6e, 0x6c },
536 { 0xfe, 0x69, 0xa6, 0x6c, 0x74, 0x23, 0xee, 0xa9, 0xc8, 0xfa,
537 0x2e, 0xff, 0x8d, 0x9d, 0xaf, 0xb4, 0xf1, 0x7a, 0x62, 0xf5 },
538 { 0x85, 0x74, 0x3e, 0x89, 0x9b, 0xc8, 0x2d, 0xbf, 0xa3, 0x6f,
539 0xaa, 0xa7, 0xa2, 0x5b, 0x7c, 0xfd, 0x37, 0x24, 0x32, 0xcd },
540 { 0x6e, 0x4a, 0xfd, 0x50, 0x1f, 0xa6, 0xb4, 0xa1, 0x82, 0x3c,
541 0xa3, 0xb1, 0x0b, 0xd9, 0xaa, 0x0b, 0xa9, 0x7b, 0xa1, 0x82 },
542 { 0x2e, 0x06, 0x6e, 0x62, 0x4b, 0xad, 0xb7, 0x6a, 0x18, 0x4c,
543 0x8f, 0x90, 0xfb, 0xa0, 0x53, 0x33, 0x0e, 0x65, 0x0e, 0x92 },
544 { 0x07, 0xe9, 0x42, 0xaa, 0x4e, 0x3c, 0xd7, 0xc0, 0x4d, 0xed,
545 0xc1, 0xd4, 0x6e, 0x2e, 0x8c, 0xc4, 0xc7, 0x41, 0xb3, 0xd9 },
546 { 0xb6, 0x58, 0x23, 0x18, 0xdd, 0xcf, 0xb6, 0x7a, 0x53, 0xa6,
547 0x7d, 0x67, 0x6b, 0x8a, 0xd8, 0x69, 0xad, 0xed, 0x62, 0x9a },
548 { 0xf1, 0xbe, 0x3e, 0xe8, 0x77, 0x70, 0x31, 0x40, 0xd3, 0x4f,
549 0x97, 0xea, 0x1a, 0xb3, 0xa0, 0x7c, 0x14, 0x13, 0x33, 0xe2 },
550 { 0x85, 0xf1, 0x64, 0x70, 0x3e, 0x61, 0xa6, 0x31, 0x31, 0xbe,
551 0x7e, 0x45, 0x95, 0x8e, 0x07, 0x94, 0x12, 0x39, 0x04, 0xf9 },
555 static const unsigned char ripemd160_test_key[KEYS][20] =
557 { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
558 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x01, 0x23, 0x45, 0x67 },
559 { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc,
560 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x00, 0x11, 0x22, 0x33 },
569 unsigned char output[20];
571 memset( output, 0,
sizeof output );
573 for( i = 0; i < TESTS; i++ )
576 printf(
" RIPEMD-160 test #%d: ", i + 1 );
578 ripemd160( (
const unsigned char *) ripemd160_test_input[i],
579 strlen( ripemd160_test_input[i] ),
582 if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 )
585 printf(
"failed\n" );
591 printf(
"passed\n" );
593 for( j = 0; j < KEYS; j++ )
596 printf(
" HMAC-RIPEMD-160 test #%d, key #%d: ", i + 1, j + 1 );
599 (
const unsigned char *) ripemd160_test_input[i],
600 strlen( ripemd160_test_input[i] ),
603 if( memcmp( output, ripemd160_test_hmac[j][i], 20 ) != 0 )
606 printf(
"failed\n" );
612 printf(
"passed\n" );
void ripemd160_hmac_finish(ripemd160_context *ctx, unsigned char output[20])
RIPEMD-160 HMAC final digest.
void ripemd160_hmac_starts(ripemd160_context *ctx, const unsigned char *key, size_t keylen)
RIPEMD-160 HMAC context setup.
void ripemd160_update(ripemd160_context *ctx, const unsigned char *input, size_t ilen)
RIPEMD-160 process buffer.
void ripemd160_hmac_reset(ripemd160_context *ctx)
RIPEMD-160 HMAC context reset.
RIPEMD-160 context structure.
Configuration options (set of defines)
void ripemd160(const unsigned char *input, size_t ilen, unsigned char output[20])
Output = RIPEMD-160( input buffer )
void ripemd160_hmac_update(ripemd160_context *ctx, const unsigned char *input, size_t ilen)
RIPEMD-160 HMAC process buffer.
void ripemd160_finish(ripemd160_context *ctx, unsigned char output[20])
RIPEMD-160 final digest.
void ripemd160_hmac(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[20])
Output = HMAC-RIPEMD-160( hmac key, input buffer )
#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR
Read/write error in file.
int ripemd160_self_test(int verbose)
Checkup routine.
void ripemd160_process(ripemd160_context *ctx, const unsigned char data[64])
void ripemd160_starts(ripemd160_context *ctx)
RIPEMD-160 context setup.
int ripemd160_file(const char *path, unsigned char output[20])
Output = RIPEMD-160( file contents )