Botan 3.6.1
Crypto and TLS for C&
rmd160.cpp
Go to the documentation of this file.
1/*
2* RIPEMD-160
3* (C) 1999-2007 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/internal/rmd160.h>
9
10#include <botan/internal/bit_ops.h>
11#include <botan/internal/loadstor.h>
12#include <botan/internal/rotate.h>
13#include <botan/internal/stl_util.h>
14
15#include <array>
16
17namespace Botan {
18
19namespace {
20
21/*
22* RIPEMD-160 F1 Function
23*/
24template <size_t S>
25inline void F1(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
26 A += (B ^ C ^ D) + M;
27 A = rotl<S>(A) + E;
28 C = rotl<10>(C);
29}
30
31/*
32* RIPEMD-160 F2 Function
33*/
34template <size_t S>
35inline void F2(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
36 A += choose(B, C, D) + M;
37 A = rotl<S>(A) + E;
38 C = rotl<10>(C);
39}
40
41/*
42* RIPEMD-160 F3 Function
43*/
44template <size_t S>
45inline void F3(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
46 A += (D ^ (B | ~C)) + M;
47 A = rotl<S>(A) + E;
48 C = rotl<10>(C);
49}
50
51/*
52* RIPEMD-160 F4 Function
53*/
54template <size_t S>
55inline void F4(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
56 A += choose(D, B, C) + M;
57 A = rotl<S>(A) + E;
58 C = rotl<10>(C);
59}
60
61/*
62* RIPEMD-160 F5 Function
63*/
64template <size_t S>
65inline void F5(uint32_t& A, uint32_t B, uint32_t& C, uint32_t D, uint32_t E, uint32_t M) {
66 A += (B ^ (C | ~D)) + M;
67 A = rotl<S>(A) + E;
68 C = rotl<10>(C);
69}
70
71} // namespace
72
73/*
74* RIPEMD-160 Compression Function
75*/
76void RIPEMD_160::compress_n(digest_type& digest, std::span<const uint8_t> input, size_t blocks) {
77 const uint32_t MAGIC2 = 0x5A827999, MAGIC3 = 0x6ED9EBA1, MAGIC4 = 0x8F1BBCDC, MAGIC5 = 0xA953FD4E,
78 MAGIC6 = 0x50A28BE6, MAGIC7 = 0x5C4DD124, MAGIC8 = 0x6D703EF3, MAGIC9 = 0x7A6D76E9;
79 std::array<uint32_t, 16> M;
80
81 BufferSlicer in(input);
82
83 for(size_t i = 0; i != blocks; ++i) {
84 load_le(M, in.take<block_bytes>());
85
86 uint32_t A1 = digest[0], A2 = A1, B1 = digest[1], B2 = B1, C1 = digest[2], C2 = C1, D1 = digest[3], D2 = D1,
87 E1 = digest[4], E2 = E1;
88
89 // clang-format off
90
91 F1<11>(A1, B1, C1, D1, E1, M[ 0]);
92 F5< 8>(A2, B2, C2, D2, E2, M[ 5] + MAGIC6);
93 F1<14>(E1, A1, B1, C1, D1, M[ 1]);
94 F5< 9>(E2, A2, B2, C2, D2, M[14] + MAGIC6);
95 F1<15>(D1, E1, A1, B1, C1, M[ 2]);
96 F5< 9>(D2, E2, A2, B2, C2, M[ 7] + MAGIC6);
97 F1<12>(C1, D1, E1, A1, B1, M[ 3]);
98 F5<11>(C2, D2, E2, A2, B2, M[ 0] + MAGIC6);
99 F1< 5>(B1, C1, D1, E1, A1, M[ 4]);
100 F5<13>(B2, C2, D2, E2, A2, M[ 9] + MAGIC6);
101 F1< 8>(A1, B1, C1, D1, E1, M[ 5]);
102 F5<15>(A2, B2, C2, D2, E2, M[ 2] + MAGIC6);
103 F1< 7>(E1, A1, B1, C1, D1, M[ 6]);
104 F5<15>(E2, A2, B2, C2, D2, M[11] + MAGIC6);
105 F1< 9>(D1, E1, A1, B1, C1, M[ 7]);
106 F5< 5>(D2, E2, A2, B2, C2, M[ 4] + MAGIC6);
107 F1<11>(C1, D1, E1, A1, B1, M[ 8]);
108 F5< 7>(C2, D2, E2, A2, B2, M[13] + MAGIC6);
109 F1<13>(B1, C1, D1, E1, A1, M[ 9]);
110 F5< 7>(B2, C2, D2, E2, A2, M[ 6] + MAGIC6);
111 F1<14>(A1, B1, C1, D1, E1, M[10]);
112 F5< 8>(A2, B2, C2, D2, E2, M[15] + MAGIC6);
113 F1<15>(E1, A1, B1, C1, D1, M[11]);
114 F5<11>(E2, A2, B2, C2, D2, M[ 8] + MAGIC6);
115 F1< 6>(D1, E1, A1, B1, C1, M[12]);
116 F5<14>(D2, E2, A2, B2, C2, M[ 1] + MAGIC6);
117 F1< 7>(C1, D1, E1, A1, B1, M[13]);
118 F5<14>(C2, D2, E2, A2, B2, M[10] + MAGIC6);
119 F1< 9>(B1, C1, D1, E1, A1, M[14]);
120 F5<12>(B2, C2, D2, E2, A2, M[ 3] + MAGIC6);
121 F1< 8>(A1, B1, C1, D1, E1, M[15]);
122 F5< 6>(A2, B2, C2, D2, E2, M[12] + MAGIC6);
123
124 F2< 7>(E1, A1, B1, C1, D1, M[ 7] + MAGIC2);
125 F4< 9>(E2, A2, B2, C2, D2, M[ 6] + MAGIC7);
126 F2< 6>(D1, E1, A1, B1, C1, M[ 4] + MAGIC2);
127 F4<13>(D2, E2, A2, B2, C2, M[11] + MAGIC7);
128 F2< 8>(C1, D1, E1, A1, B1, M[13] + MAGIC2);
129 F4<15>(C2, D2, E2, A2, B2, M[ 3] + MAGIC7);
130 F2<13>(B1, C1, D1, E1, A1, M[ 1] + MAGIC2);
131 F4< 7>(B2, C2, D2, E2, A2, M[ 7] + MAGIC7);
132 F2<11>(A1, B1, C1, D1, E1, M[10] + MAGIC2);
133 F4<12>(A2, B2, C2, D2, E2, M[ 0] + MAGIC7);
134 F2< 9>(E1, A1, B1, C1, D1, M[ 6] + MAGIC2);
135 F4< 8>(E2, A2, B2, C2, D2, M[13] + MAGIC7);
136 F2< 7>(D1, E1, A1, B1, C1, M[15] + MAGIC2);
137 F4< 9>(D2, E2, A2, B2, C2, M[ 5] + MAGIC7);
138 F2<15>(C1, D1, E1, A1, B1, M[ 3] + MAGIC2);
139 F4<11>(C2, D2, E2, A2, B2, M[10] + MAGIC7);
140 F2< 7>(B1, C1, D1, E1, A1, M[12] + MAGIC2);
141 F4< 7>(B2, C2, D2, E2, A2, M[14] + MAGIC7);
142 F2<12>(A1, B1, C1, D1, E1, M[ 0] + MAGIC2);
143 F4< 7>(A2, B2, C2, D2, E2, M[15] + MAGIC7);
144 F2<15>(E1, A1, B1, C1, D1, M[ 9] + MAGIC2);
145 F4<12>(E2, A2, B2, C2, D2, M[ 8] + MAGIC7);
146 F2< 9>(D1, E1, A1, B1, C1, M[ 5] + MAGIC2);
147 F4< 7>(D2, E2, A2, B2, C2, M[12] + MAGIC7);
148 F2<11>(C1, D1, E1, A1, B1, M[ 2] + MAGIC2);
149 F4< 6>(C2, D2, E2, A2, B2, M[ 4] + MAGIC7);
150 F2< 7>(B1, C1, D1, E1, A1, M[14] + MAGIC2);
151 F4<15>(B2, C2, D2, E2, A2, M[ 9] + MAGIC7);
152 F2<13>(A1, B1, C1, D1, E1, M[11] + MAGIC2);
153 F4<13>(A2, B2, C2, D2, E2, M[ 1] + MAGIC7);
154 F2<12>(E1, A1, B1, C1, D1, M[ 8] + MAGIC2);
155 F4<11>(E2, A2, B2, C2, D2, M[ 2] + MAGIC7);
156
157 F3<11>(D1, E1, A1, B1, C1, M[ 3] + MAGIC3);
158 F3< 9>(D2, E2, A2, B2, C2, M[15] + MAGIC8);
159 F3<13>(C1, D1, E1, A1, B1, M[10] + MAGIC3);
160 F3< 7>(C2, D2, E2, A2, B2, M[ 5] + MAGIC8);
161 F3< 6>(B1, C1, D1, E1, A1, M[14] + MAGIC3);
162 F3<15>(B2, C2, D2, E2, A2, M[ 1] + MAGIC8);
163 F3< 7>(A1, B1, C1, D1, E1, M[ 4] + MAGIC3);
164 F3<11>(A2, B2, C2, D2, E2, M[ 3] + MAGIC8);
165 F3<14>(E1, A1, B1, C1, D1, M[ 9] + MAGIC3);
166 F3< 8>(E2, A2, B2, C2, D2, M[ 7] + MAGIC8);
167 F3< 9>(D1, E1, A1, B1, C1, M[15] + MAGIC3);
168 F3< 6>(D2, E2, A2, B2, C2, M[14] + MAGIC8);
169 F3<13>(C1, D1, E1, A1, B1, M[ 8] + MAGIC3);
170 F3< 6>(C2, D2, E2, A2, B2, M[ 6] + MAGIC8);
171 F3<15>(B1, C1, D1, E1, A1, M[ 1] + MAGIC3);
172 F3<14>(B2, C2, D2, E2, A2, M[ 9] + MAGIC8);
173 F3<14>(A1, B1, C1, D1, E1, M[ 2] + MAGIC3);
174 F3<12>(A2, B2, C2, D2, E2, M[11] + MAGIC8);
175 F3< 8>(E1, A1, B1, C1, D1, M[ 7] + MAGIC3);
176 F3<13>(E2, A2, B2, C2, D2, M[ 8] + MAGIC8);
177 F3<13>(D1, E1, A1, B1, C1, M[ 0] + MAGIC3);
178 F3< 5>(D2, E2, A2, B2, C2, M[12] + MAGIC8);
179 F3< 6>(C1, D1, E1, A1, B1, M[ 6] + MAGIC3);
180 F3<14>(C2, D2, E2, A2, B2, M[ 2] + MAGIC8);
181 F3< 5>(B1, C1, D1, E1, A1, M[13] + MAGIC3);
182 F3<13>(B2, C2, D2, E2, A2, M[10] + MAGIC8);
183 F3<12>(A1, B1, C1, D1, E1, M[11] + MAGIC3);
184 F3<13>(A2, B2, C2, D2, E2, M[ 0] + MAGIC8);
185 F3< 7>(E1, A1, B1, C1, D1, M[ 5] + MAGIC3);
186 F3< 7>(E2, A2, B2, C2, D2, M[ 4] + MAGIC8);
187 F3< 5>(D1, E1, A1, B1, C1, M[12] + MAGIC3);
188 F3< 5>(D2, E2, A2, B2, C2, M[13] + MAGIC8);
189
190 F4<11>(C1, D1, E1, A1, B1, M[ 1] + MAGIC4);
191 F2<15>(C2, D2, E2, A2, B2, M[ 8] + MAGIC9);
192 F4<12>(B1, C1, D1, E1, A1, M[ 9] + MAGIC4);
193 F2< 5>(B2, C2, D2, E2, A2, M[ 6] + MAGIC9);
194 F4<14>(A1, B1, C1, D1, E1, M[11] + MAGIC4);
195 F2< 8>(A2, B2, C2, D2, E2, M[ 4] + MAGIC9);
196 F4<15>(E1, A1, B1, C1, D1, M[10] + MAGIC4);
197 F2<11>(E2, A2, B2, C2, D2, M[ 1] + MAGIC9);
198 F4<14>(D1, E1, A1, B1, C1, M[ 0] + MAGIC4);
199 F2<14>(D2, E2, A2, B2, C2, M[ 3] + MAGIC9);
200 F4<15>(C1, D1, E1, A1, B1, M[ 8] + MAGIC4);
201 F2<14>(C2, D2, E2, A2, B2, M[11] + MAGIC9);
202 F4< 9>(B1, C1, D1, E1, A1, M[12] + MAGIC4);
203 F2< 6>(B2, C2, D2, E2, A2, M[15] + MAGIC9);
204 F4< 8>(A1, B1, C1, D1, E1, M[ 4] + MAGIC4);
205 F2<14>(A2, B2, C2, D2, E2, M[ 0] + MAGIC9);
206 F4< 9>(E1, A1, B1, C1, D1, M[13] + MAGIC4);
207 F2< 6>(E2, A2, B2, C2, D2, M[ 5] + MAGIC9);
208 F4<14>(D1, E1, A1, B1, C1, M[ 3] + MAGIC4);
209 F2< 9>(D2, E2, A2, B2, C2, M[12] + MAGIC9);
210 F4< 5>(C1, D1, E1, A1, B1, M[ 7] + MAGIC4);
211 F2<12>(C2, D2, E2, A2, B2, M[ 2] + MAGIC9);
212 F4< 6>(B1, C1, D1, E1, A1, M[15] + MAGIC4);
213 F2< 9>(B2, C2, D2, E2, A2, M[13] + MAGIC9);
214 F4< 8>(A1, B1, C1, D1, E1, M[14] + MAGIC4);
215 F2<12>(A2, B2, C2, D2, E2, M[ 9] + MAGIC9);
216 F4< 6>(E1, A1, B1, C1, D1, M[ 5] + MAGIC4);
217 F2< 5>(E2, A2, B2, C2, D2, M[ 7] + MAGIC9);
218 F4< 5>(D1, E1, A1, B1, C1, M[ 6] + MAGIC4);
219 F2<15>(D2, E2, A2, B2, C2, M[10] + MAGIC9);
220 F4<12>(C1, D1, E1, A1, B1, M[ 2] + MAGIC4);
221 F2< 8>(C2, D2, E2, A2, B2, M[14] + MAGIC9);
222
223 F5< 9>(B1, C1, D1, E1, A1, M[ 4] + MAGIC5);
224 F1< 8>(B2, C2, D2, E2, A2, M[12]);
225 F5<15>(A1, B1, C1, D1, E1, M[ 0] + MAGIC5);
226 F1< 5>(A2, B2, C2, D2, E2, M[15]);
227 F5< 5>(E1, A1, B1, C1, D1, M[ 5] + MAGIC5);
228 F1<12>(E2, A2, B2, C2, D2, M[10]);
229 F5<11>(D1, E1, A1, B1, C1, M[ 9] + MAGIC5);
230 F1< 9>(D2, E2, A2, B2, C2, M[ 4]);
231 F5< 6>(C1, D1, E1, A1, B1, M[ 7] + MAGIC5);
232 F1<12>(C2, D2, E2, A2, B2, M[ 1]);
233 F5< 8>(B1, C1, D1, E1, A1, M[12] + MAGIC5);
234 F1< 5>(B2, C2, D2, E2, A2, M[ 5]);
235 F5<13>(A1, B1, C1, D1, E1, M[ 2] + MAGIC5);
236 F1<14>(A2, B2, C2, D2, E2, M[ 8]);
237 F5<12>(E1, A1, B1, C1, D1, M[10] + MAGIC5);
238 F1< 6>(E2, A2, B2, C2, D2, M[ 7]);
239 F5< 5>(D1, E1, A1, B1, C1, M[14] + MAGIC5);
240 F1< 8>(D2, E2, A2, B2, C2, M[ 6]);
241 F5<12>(C1, D1, E1, A1, B1, M[ 1] + MAGIC5);
242 F1<13>(C2, D2, E2, A2, B2, M[ 2]);
243 F5<13>(B1, C1, D1, E1, A1, M[ 3] + MAGIC5);
244 F1< 6>(B2, C2, D2, E2, A2, M[13]);
245 F5<14>(A1, B1, C1, D1, E1, M[ 8] + MAGIC5);
246 F1< 5>(A2, B2, C2, D2, E2, M[14]);
247 F5<11>(E1, A1, B1, C1, D1, M[11] + MAGIC5);
248 F1<15>(E2, A2, B2, C2, D2, M[ 0]);
249 F5< 8>(D1, E1, A1, B1, C1, M[ 6] + MAGIC5);
250 F1<13>(D2, E2, A2, B2, C2, M[ 3]);
251 F5< 5>(C1, D1, E1, A1, B1, M[15] + MAGIC5);
252 F1<11>(C2, D2, E2, A2, B2, M[ 9]);
253 F5< 6>(B1, C1, D1, E1, A1, M[13] + MAGIC5);
254 F1<11>(B2, C2, D2, E2, A2, M[11]);
255
256 // clang-format on
257
258 C1 = digest[1] + C1 + D2;
259 digest[1] = digest[2] + D1 + E2;
260 digest[2] = digest[3] + E1 + A2;
261 digest[3] = digest[4] + A1 + B2;
262 digest[4] = digest[0] + B1 + C2;
263 digest[0] = C1;
264 }
265}
266
267void RIPEMD_160::init(digest_type& digest) {
268 digest.assign({0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0});
269}
270
271std::unique_ptr<HashFunction> RIPEMD_160::new_object() const {
272 return std::make_unique<RIPEMD_160>();
273}
274
275std::unique_ptr<HashFunction> RIPEMD_160::copy_state() const {
276 return std::make_unique<RIPEMD_160>(*this);
277}
278
279void RIPEMD_160::add_data(std::span<const uint8_t> input) {
280 m_md.update(input);
281}
282
283void RIPEMD_160::final_result(std::span<uint8_t> output) {
284 m_md.final(output);
285}
286
287} // namespace Botan
Botan::BufferSlicer::take
std::span< const uint8_t > take(const size_t count)
Definition stl_util.h:98
Botan::RIPEMD_160::compress_n
static void compress_n(digest_type &digest, std::span< const uint8_t > input, size_t blocks)
Definition rmd160.cpp:76
Botan::RIPEMD_160::digest_type
secure_vector< uint32_t > digest_type
Definition rmd160.h:20
Botan::RIPEMD_160::copy_state
std::unique_ptr< HashFunction > copy_state() const override
Definition rmd160.cpp:275
Botan::RIPEMD_160::block_bytes
static constexpr size_t block_bytes
Definition rmd160.h:24
Botan::RIPEMD_160::init
static void init(digest_type &digest)
Definition rmd160.cpp:267
Botan::RIPEMD_160::new_object
std::unique_ptr< HashFunction > new_object() const override
Definition rmd160.cpp:271
Botan::rotl
constexpr T rotl(T input)
Definition rotate.h:21
Botan::choose
constexpr T choose(T mask, T a, T b)
Definition bit_ops.h:193
Botan::load_le
constexpr auto load_le(ParamTs &&... params)
Definition loadstor.h:521
Generated by doxygen 1.12.0