Botan 3.9.0
Crypto and TLS for C&
rmd160.cpp
Go to the documentation of this file.
1/*
2* RIPEMD-160
3* (C) 1999-2007 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/internal/rmd160.h>
9
10#include <botan/internal/bit_ops.h>
11#include <botan/internal/loadstor.h>
12#include <botan/internal/rotate.h>
13#include <botan/internal/stl_util.h>
14
15#include <array>
16
17namespace Botan {
18
19namespace {
20
21/*
22* RIPEMD-160 F1 Function
23*/
24template <size_t S>
25inline void F1(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
26 A += (B ^ C ^ D) + M;
27 A = rotl<S>(A) + E;
28 C = rotl<10>(C);
29}
30
31/*
32* RIPEMD-160 F2 Function
33*/
34template <size_t S>
35inline void F2(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
36 A += choose(B, C, D) + M;
37 A = rotl<S>(A) + E;
38 C = rotl<10>(C);
39}
40
41/*
42* RIPEMD-160 F3 Function
43*/
44template <size_t S>
45inline void F3(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
46 A += (D ^ (B | ~C)) + M;
47 A = rotl<S>(A) + E;
48 C = rotl<10>(C);
49}
50
51/*
52* RIPEMD-160 F4 Function
53*/
54template <size_t S>
55inline void F4(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
56 A += choose(D, B, C) + M;
57 A = rotl<S>(A) + E;
58 C = rotl<10>(C);
59}
60
61/*
62* RIPEMD-160 F5 Function
63*/
64template <size_t S>
65inline void F5(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
66 A += (B ^ (C | ~D)) + M;
67 A = rotl<S>(A) + E;
68 C = rotl<10>(C);
69}
70
71} // namespace
72
73/*
74* RIPEMD-160 Compression Function
75*/
76void RIPEMD_160::compress_n(digest_type& digest, std::span<const uint8_t> input, size_t blocks) {
77 constexpr uint32_t MAGIC2 = 0x5A827999;
78 constexpr uint32_t MAGIC3 = 0x6ED9EBA1;
79 constexpr uint32_t MAGIC4 = 0x8F1BBCDC;
80 constexpr uint32_t MAGIC5 = 0xA953FD4E;
81 constexpr uint32_t MAGIC6 = 0x50A28BE6;
82 constexpr uint32_t MAGIC7 = 0x5C4DD124;
83 constexpr uint32_t MAGIC8 = 0x6D703EF3;
84 constexpr uint32_t MAGIC9 = 0x7A6D76E9;
85
86 std::array<uint32_t, 16> M{};
87
88 BufferSlicer in(input);
89
90 for(size_t i = 0; i != blocks; ++i) {
91 load_le(M, in.take<block_bytes>());
92
93 uint32_t A1 = digest[0];
94 uint32_t B1 = digest[1];
95 uint32_t C1 = digest[2];
96 uint32_t D1 = digest[3];
97 uint32_t E1 = digest[4];
98
99 uint32_t A2 = A1;
100 uint32_t B2 = B1;
101 uint32_t C2 = C1;
102 uint32_t D2 = D1;
103 uint32_t E2 = E1;
104
105 // clang-format off
106
107 F1<11>(A1, B1, C1, D1, E1, M[ 0]);
108 F5< 8>(A2, B2, C2, D2, E2, M[ 5] + MAGIC6);
109 F1<14>(E1, A1, B1, C1, D1, M[ 1]);
110 F5< 9>(E2, A2, B2, C2, D2, M[14] + MAGIC6);
111 F1<15>(D1, E1, A1, B1, C1, M[ 2]);
112 F5< 9>(D2, E2, A2, B2, C2, M[ 7] + MAGIC6);
113 F1<12>(C1, D1, E1, A1, B1, M[ 3]);
114 F5<11>(C2, D2, E2, A2, B2, M[ 0] + MAGIC6);
115 F1< 5>(B1, C1, D1, E1, A1, M[ 4]);
116 F5<13>(B2, C2, D2, E2, A2, M[ 9] + MAGIC6);
117 F1< 8>(A1, B1, C1, D1, E1, M[ 5]);
118 F5<15>(A2, B2, C2, D2, E2, M[ 2] + MAGIC6);
119 F1< 7>(E1, A1, B1, C1, D1, M[ 6]);
120 F5<15>(E2, A2, B2, C2, D2, M[11] + MAGIC6);
121 F1< 9>(D1, E1, A1, B1, C1, M[ 7]);
122 F5< 5>(D2, E2, A2, B2, C2, M[ 4] + MAGIC6);
123 F1<11>(C1, D1, E1, A1, B1, M[ 8]);
124 F5< 7>(C2, D2, E2, A2, B2, M[13] + MAGIC6);
125 F1<13>(B1, C1, D1, E1, A1, M[ 9]);
126 F5< 7>(B2, C2, D2, E2, A2, M[ 6] + MAGIC6);
127 F1<14>(A1, B1, C1, D1, E1, M[10]);
128 F5< 8>(A2, B2, C2, D2, E2, M[15] + MAGIC6);
129 F1<15>(E1, A1, B1, C1, D1, M[11]);
130 F5<11>(E2, A2, B2, C2, D2, M[ 8] + MAGIC6);
131 F1< 6>(D1, E1, A1, B1, C1, M[12]);
132 F5<14>(D2, E2, A2, B2, C2, M[ 1] + MAGIC6);
133 F1< 7>(C1, D1, E1, A1, B1, M[13]);
134 F5<14>(C2, D2, E2, A2, B2, M[10] + MAGIC6);
135 F1< 9>(B1, C1, D1, E1, A1, M[14]);
136 F5<12>(B2, C2, D2, E2, A2, M[ 3] + MAGIC6);
137 F1< 8>(A1, B1, C1, D1, E1, M[15]);
138 F5< 6>(A2, B2, C2, D2, E2, M[12] + MAGIC6);
139
140 F2< 7>(E1, A1, B1, C1, D1, M[ 7] + MAGIC2);
141 F4< 9>(E2, A2, B2, C2, D2, M[ 6] + MAGIC7);
142 F2< 6>(D1, E1, A1, B1, C1, M[ 4] + MAGIC2);
143 F4<13>(D2, E2, A2, B2, C2, M[11] + MAGIC7);
144 F2< 8>(C1, D1, E1, A1, B1, M[13] + MAGIC2);
145 F4<15>(C2, D2, E2, A2, B2, M[ 3] + MAGIC7);
146 F2<13>(B1, C1, D1, E1, A1, M[ 1] + MAGIC2);
147 F4< 7>(B2, C2, D2, E2, A2, M[ 7] + MAGIC7);
148 F2<11>(A1, B1, C1, D1, E1, M[10] + MAGIC2);
149 F4<12>(A2, B2, C2, D2, E2, M[ 0] + MAGIC7);
150 F2< 9>(E1, A1, B1, C1, D1, M[ 6] + MAGIC2);
151 F4< 8>(E2, A2, B2, C2, D2, M[13] + MAGIC7);
152 F2< 7>(D1, E1, A1, B1, C1, M[15] + MAGIC2);
153 F4< 9>(D2, E2, A2, B2, C2, M[ 5] + MAGIC7);
154 F2<15>(C1, D1, E1, A1, B1, M[ 3] + MAGIC2);
155 F4<11>(C2, D2, E2, A2, B2, M[10] + MAGIC7);
156 F2< 7>(B1, C1, D1, E1, A1, M[12] + MAGIC2);
157 F4< 7>(B2, C2, D2, E2, A2, M[14] + MAGIC7);
158 F2<12>(A1, B1, C1, D1, E1, M[ 0] + MAGIC2);
159 F4< 7>(A2, B2, C2, D2, E2, M[15] + MAGIC7);
160 F2<15>(E1, A1, B1, C1, D1, M[ 9] + MAGIC2);
161 F4<12>(E2, A2, B2, C2, D2, M[ 8] + MAGIC7);
162 F2< 9>(D1, E1, A1, B1, C1, M[ 5] + MAGIC2);
163 F4< 7>(D2, E2, A2, B2, C2, M[12] + MAGIC7);
164 F2<11>(C1, D1, E1, A1, B1, M[ 2] + MAGIC2);
165 F4< 6>(C2, D2, E2, A2, B2, M[ 4] + MAGIC7);
166 F2< 7>(B1, C1, D1, E1, A1, M[14] + MAGIC2);
167 F4<15>(B2, C2, D2, E2, A2, M[ 9] + MAGIC7);
168 F2<13>(A1, B1, C1, D1, E1, M[11] + MAGIC2);
169 F4<13>(A2, B2, C2, D2, E2, M[ 1] + MAGIC7);
170 F2<12>(E1, A1, B1, C1, D1, M[ 8] + MAGIC2);
171 F4<11>(E2, A2, B2, C2, D2, M[ 2] + MAGIC7);
172
173 F3<11>(D1, E1, A1, B1, C1, M[ 3] + MAGIC3);
174 F3< 9>(D2, E2, A2, B2, C2, M[15] + MAGIC8);
175 F3<13>(C1, D1, E1, A1, B1, M[10] + MAGIC3);
176 F3< 7>(C2, D2, E2, A2, B2, M[ 5] + MAGIC8);
177 F3< 6>(B1, C1, D1, E1, A1, M[14] + MAGIC3);
178 F3<15>(B2, C2, D2, E2, A2, M[ 1] + MAGIC8);
179 F3< 7>(A1, B1, C1, D1, E1, M[ 4] + MAGIC3);
180 F3<11>(A2, B2, C2, D2, E2, M[ 3] + MAGIC8);
181 F3<14>(E1, A1, B1, C1, D1, M[ 9] + MAGIC3);
182 F3< 8>(E2, A2, B2, C2, D2, M[ 7] + MAGIC8);
183 F3< 9>(D1, E1, A1, B1, C1, M[15] + MAGIC3);
184 F3< 6>(D2, E2, A2, B2, C2, M[14] + MAGIC8);
185 F3<13>(C1, D1, E1, A1, B1, M[ 8] + MAGIC3);
186 F3< 6>(C2, D2, E2, A2, B2, M[ 6] + MAGIC8);
187 F3<15>(B1, C1, D1, E1, A1, M[ 1] + MAGIC3);
188 F3<14>(B2, C2, D2, E2, A2, M[ 9] + MAGIC8);
189 F3<14>(A1, B1, C1, D1, E1, M[ 2] + MAGIC3);
190 F3<12>(A2, B2, C2, D2, E2, M[11] + MAGIC8);
191 F3< 8>(E1, A1, B1, C1, D1, M[ 7] + MAGIC3);
192 F3<13>(E2, A2, B2, C2, D2, M[ 8] + MAGIC8);
193 F3<13>(D1, E1, A1, B1, C1, M[ 0] + MAGIC3);
194 F3< 5>(D2, E2, A2, B2, C2, M[12] + MAGIC8);
195 F3< 6>(C1, D1, E1, A1, B1, M[ 6] + MAGIC3);
196 F3<14>(C2, D2, E2, A2, B2, M[ 2] + MAGIC8);
197 F3< 5>(B1, C1, D1, E1, A1, M[13] + MAGIC3);
198 F3<13>(B2, C2, D2, E2, A2, M[10] + MAGIC8);
199 F3<12>(A1, B1, C1, D1, E1, M[11] + MAGIC3);
200 F3<13>(A2, B2, C2, D2, E2, M[ 0] + MAGIC8);
201 F3< 7>(E1, A1, B1, C1, D1, M[ 5] + MAGIC3);
202 F3< 7>(E2, A2, B2, C2, D2, M[ 4] + MAGIC8);
203 F3< 5>(D1, E1, A1, B1, C1, M[12] + MAGIC3);
204 F3< 5>(D2, E2, A2, B2, C2, M[13] + MAGIC8);
205
206 F4<11>(C1, D1, E1, A1, B1, M[ 1] + MAGIC4);
207 F2<15>(C2, D2, E2, A2, B2, M[ 8] + MAGIC9);
208 F4<12>(B1, C1, D1, E1, A1, M[ 9] + MAGIC4);
209 F2< 5>(B2, C2, D2, E2, A2, M[ 6] + MAGIC9);
210 F4<14>(A1, B1, C1, D1, E1, M[11] + MAGIC4);
211 F2< 8>(A2, B2, C2, D2, E2, M[ 4] + MAGIC9);
212 F4<15>(E1, A1, B1, C1, D1, M[10] + MAGIC4);
213 F2<11>(E2, A2, B2, C2, D2, M[ 1] + MAGIC9);
214 F4<14>(D1, E1, A1, B1, C1, M[ 0] + MAGIC4);
215 F2<14>(D2, E2, A2, B2, C2, M[ 3] + MAGIC9);
216 F4<15>(C1, D1, E1, A1, B1, M[ 8] + MAGIC4);
217 F2<14>(C2, D2, E2, A2, B2, M[11] + MAGIC9);
218 F4< 9>(B1, C1, D1, E1, A1, M[12] + MAGIC4);
219 F2< 6>(B2, C2, D2, E2, A2, M[15] + MAGIC9);
220 F4< 8>(A1, B1, C1, D1, E1, M[ 4] + MAGIC4);
221 F2<14>(A2, B2, C2, D2, E2, M[ 0] + MAGIC9);
222 F4< 9>(E1, A1, B1, C1, D1, M[13] + MAGIC4);
223 F2< 6>(E2, A2, B2, C2, D2, M[ 5] + MAGIC9);
224 F4<14>(D1, E1, A1, B1, C1, M[ 3] + MAGIC4);
225 F2< 9>(D2, E2, A2, B2, C2, M[12] + MAGIC9);
226 F4< 5>(C1, D1, E1, A1, B1, M[ 7] + MAGIC4);
227 F2<12>(C2, D2, E2, A2, B2, M[ 2] + MAGIC9);
228 F4< 6>(B1, C1, D1, E1, A1, M[15] + MAGIC4);
229 F2< 9>(B2, C2, D2, E2, A2, M[13] + MAGIC9);
230 F4< 8>(A1, B1, C1, D1, E1, M[14] + MAGIC4);
231 F2<12>(A2, B2, C2, D2, E2, M[ 9] + MAGIC9);
232 F4< 6>(E1, A1, B1, C1, D1, M[ 5] + MAGIC4);
233 F2< 5>(E2, A2, B2, C2, D2, M[ 7] + MAGIC9);
234 F4< 5>(D1, E1, A1, B1, C1, M[ 6] + MAGIC4);
235 F2<15>(D2, E2, A2, B2, C2, M[10] + MAGIC9);
236 F4<12>(C1, D1, E1, A1, B1, M[ 2] + MAGIC4);
237 F2< 8>(C2, D2, E2, A2, B2, M[14] + MAGIC9);
238
239 F5< 9>(B1, C1, D1, E1, A1, M[ 4] + MAGIC5);
240 F1< 8>(B2, C2, D2, E2, A2, M[12]);
241 F5<15>(A1, B1, C1, D1, E1, M[ 0] + MAGIC5);
242 F1< 5>(A2, B2, C2, D2, E2, M[15]);
243 F5< 5>(E1, A1, B1, C1, D1, M[ 5] + MAGIC5);
244 F1<12>(E2, A2, B2, C2, D2, M[10]);
245 F5<11>(D1, E1, A1, B1, C1, M[ 9] + MAGIC5);
246 F1< 9>(D2, E2, A2, B2, C2, M[ 4]);
247 F5< 6>(C1, D1, E1, A1, B1, M[ 7] + MAGIC5);
248 F1<12>(C2, D2, E2, A2, B2, M[ 1]);
249 F5< 8>(B1, C1, D1, E1, A1, M[12] + MAGIC5);
250 F1< 5>(B2, C2, D2, E2, A2, M[ 5]);
251 F5<13>(A1, B1, C1, D1, E1, M[ 2] + MAGIC5);
252 F1<14>(A2, B2, C2, D2, E2, M[ 8]);
253 F5<12>(E1, A1, B1, C1, D1, M[10] + MAGIC5);
254 F1< 6>(E2, A2, B2, C2, D2, M[ 7]);
255 F5< 5>(D1, E1, A1, B1, C1, M[14] + MAGIC5);
256 F1< 8>(D2, E2, A2, B2, C2, M[ 6]);
257 F5<12>(C1, D1, E1, A1, B1, M[ 1] + MAGIC5);
258 F1<13>(C2, D2, E2, A2, B2, M[ 2]);
259 F5<13>(B1, C1, D1, E1, A1, M[ 3] + MAGIC5);
260 F1< 6>(B2, C2, D2, E2, A2, M[13]);
261 F5<14>(A1, B1, C1, D1, E1, M[ 8] + MAGIC5);
262 F1< 5>(A2, B2, C2, D2, E2, M[14]);
263 F5<11>(E1, A1, B1, C1, D1, M[11] + MAGIC5);
264 F1<15>(E2, A2, B2, C2, D2, M[ 0]);
265 F5< 8>(D1, E1, A1, B1, C1, M[ 6] + MAGIC5);
266 F1<13>(D2, E2, A2, B2, C2, M[ 3]);
267 F5< 5>(C1, D1, E1, A1, B1, M[15] + MAGIC5);
268 F1<11>(C2, D2, E2, A2, B2, M[ 9]);
269 F5< 6>(B1, C1, D1, E1, A1, M[13] + MAGIC5);
270 F1<11>(B2, C2, D2, E2, A2, M[11]);
271
272 // clang-format on
273
274 C1 = digest[1] + C1 + D2;
275 digest[1] = digest[2] + D1 + E2;
276 digest[2] = digest[3] + E1 + A2;
277 digest[3] = digest[4] + A1 + B2;
278 digest[4] = digest[0] + B1 + C2;
279 digest[0] = C1;
280 }
281}
282
283void RIPEMD_160::init(digest_type& digest) {
284 digest.assign({0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0});
285}
286
287std::unique_ptr<HashFunction> RIPEMD_160::new_object() const {
288 return std::make_unique<RIPEMD_160>();
289}
290
291std::unique_ptr<HashFunction> RIPEMD_160::copy_state() const {
292 return std::make_unique<RIPEMD_160>(*this);
293}
294
295void RIPEMD_160::add_data(std::span<const uint8_t> input) {
296 m_md.update(input);
297}
298
299void RIPEMD_160::final_result(std::span<uint8_t> output) {
300 m_md.final(output);
301}
302
303} // namespace Botan
Botan::BufferSlicer::take
std::span< const uint8_t > take(const size_t count)
Definition stl_util.h:90
Botan::RIPEMD_160::compress_n
static void compress_n(digest_type &digest, std::span< const uint8_t > input, size_t blocks)
Definition rmd160.cpp:76
Botan::RIPEMD_160::digest_type
secure_vector< uint32_t > digest_type
Definition rmd160.h:20
Botan::RIPEMD_160::copy_state
std::unique_ptr< HashFunction > copy_state() const override
Definition rmd160.cpp:291
Botan::RIPEMD_160::block_bytes
static constexpr size_t block_bytes
Definition rmd160.h:24
Botan::RIPEMD_160::init
static void init(digest_type &digest)
Definition rmd160.cpp:283
Botan::RIPEMD_160::new_object
std::unique_ptr< HashFunction > new_object() const override
Definition rmd160.cpp:287
Botan::SHA1_F::F2
void F2(uint32_t A, uint32_t &B, uint32_t C, uint32_t D, uint32_t &E, uint32_t M)
Definition sha1_f.h:26
Botan::SHA1_F::F4
void F4(uint32_t A, uint32_t &B, uint32_t C, uint32_t D, uint32_t &E, uint32_t M)
Definition sha1_f.h:37
Botan::SHA1_F::F3
void F3(uint32_t A, uint32_t &B, uint32_t C, uint32_t D, uint32_t &E, uint32_t M)
Definition sha1_f.h:31
Botan::SHA1_F::F1
void F1(uint32_t A, uint32_t &B, uint32_t C, uint32_t D, uint32_t &E, uint32_t M)
Definition sha1_f.h:21
Botan::rotl
BOTAN_FORCE_INLINE constexpr T rotl(T input)
Definition rotate.h:23
Botan::choose
BOTAN_FORCE_INLINE constexpr T choose(T mask, T a, T b)
Definition bit_ops.h:196
Botan::load_le
constexpr auto load_le(ParamTs &&... params)
Definition loadstor.h:495
Generated by doxygen 1.14.0