/src/wolfssl-sp-math-all/wolfcrypt/src/ripemd.c

Source (jump to first uncovered line)
/* ripemd.c
 *
 * Copyright (C) 2006-2022 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
 * wolfSSL is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * wolfSSL is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */



#ifdef HAVE_CONFIG_H
    #include <config.h>
#endif

#include <wolfssl/wolfcrypt/settings.h>

#ifdef WOLFSSL_RIPEMD

#include <wolfssl/wolfcrypt/ripemd.h>
#ifdef NO_INLINE
    #include <wolfssl/wolfcrypt/misc.h>
#else
    #define WOLFSSL_MISC_INCLUDED
    #include <wolfcrypt/src/misc.c>
#endif

#include <wolfssl/wolfcrypt/error-crypt.h>

int wc_InitRipeMd(RipeMd* ripemd)
{
    if (ripemd == NULL) {
        return BAD_FUNC_ARG;
    }

    ripemd->digest[0] = 0x67452301L;
    ripemd->digest[1] = 0xEFCDAB89L;
    ripemd->digest[2] = 0x98BADCFEL;
    ripemd->digest[3] = 0x10325476L;
    ripemd->digest[4] = 0xC3D2E1F0L;

    ripemd->buffLen = 0;
    ripemd->loLen   = 0;
    ripemd->hiLen   = 0;

    return 0;
}


/* for all */
#define F(x, y, z)    ((x) ^ (y) ^ (z))
#define G(x, y, z)    ((z) ^ ((x) & ((y)^(z))))
#define H(x, y, z)    ((z) ^ ((x) | ~(y)))
#define I(x, y, z)    ((y) ^ ((z) & ((x)^(y))))
#define J(x, y, z)    ((x) ^ ((y) | ~(z)))

#define k0 0
#define k1 0x5a827999
#define k2 0x6ed9eba1
#define k3 0x8f1bbcdc
#define k4 0xa953fd4e
#define k5 0x50a28be6
#define k6 0x5c4dd124
#define k7 0x6d703ef3
#define k8 0x7a6d76e9
#define k9 0

/* for 160 and 320 */
#define Subround(f, a, b, c, d, e, x, s, k) \
    a += f(b, c, d) + (x) + (k);            \
    (a) = rotlFixed((word32)(a), s) + (e);  \
    (c) = rotlFixed((word32)(c), 10U)

static void Transform(RipeMd* ripemd)
{
    word32 a1, b1, c1, d1, e1, a2, b2, c2, d2, e2;
    a1 = a2 = ripemd->digest[0];
    b1 = b2 = ripemd->digest[1];
    c1 = c2 = ripemd->digest[2];
    d1 = d2 = ripemd->digest[3];
    e1 = e2 = ripemd->digest[4];

    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 11, k0);
    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[ 1], 14, k0);
    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[ 2], 15, k0);
    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[ 3], 12, k0);
    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[ 4],  5, k0);
    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[ 5],  8, k0);
    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[ 6],  7, k0);
    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[ 7],  9, k0);
    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 11, k0);
    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[ 9], 13, k0);
    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[10], 14, k0);
    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[11], 15, k0);
    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[12],  6, k0);
    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[13],  7, k0);
    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[14],  9, k0);
    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[15],  8, k0);

    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 7],  7, k1);
    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[ 4],  6, k1);
    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[13],  8, k1);
    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[ 1], 13, k1);
    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[10], 11, k1);
    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 6],  9, k1);
    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[15],  7, k1);
    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[ 3], 15, k1);
    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[12],  7, k1);
    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 12, k1);
    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 9], 15, k1);
    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[ 5],  9, k1);
    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[ 2], 11, k1);
    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[14],  7, k1);
    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[11], 13, k1);
    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 8], 12, k1);

    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[ 3], 11, k2);
    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[10], 13, k2);
    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[14],  6, k2);
    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[ 4],  7, k2);
    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 9], 14, k2);
    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[15],  9, k2);
    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 13, k2);
    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[ 1], 15, k2);
    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[ 2], 14, k2);
    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 7],  8, k2);
    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[ 0], 13, k2);
    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[ 6],  6, k2);
    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[13],  5, k2);
    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[11], 12, k2);
    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  7, k2);
    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[12],  5, k2);

    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 1], 11, k3);
    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[ 9], 12, k3);
    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[11], 14, k3);
    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[10], 15, k3);
    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 0], 14, k3);
    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 15, k3);
    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[12],  9, k3);
    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[ 4],  8, k3);
    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[13],  9, k3);
    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 3], 14, k3);
    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 7],  5, k3);
    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[15],  6, k3);
    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[14],  8, k3);
    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  6, k3);
    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 6],  5, k3);
    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 2], 12, k3);

    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[ 4],  9, k4);
    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 15, k4);
    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  5, k4);
    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[ 9], 11, k4);
    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[ 7],  6, k4);
    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[12],  8, k4);
    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 2], 13, k4);
    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[10], 12, k4);
    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[14],  5, k4);
    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[ 1], 12, k4);
    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[ 3], 13, k4);
    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 8], 14, k4);
    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[11], 11, k4);
    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[ 6],  8, k4);
    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[15],  5, k4);
    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[13],  6, k4);

    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[ 5],  8, k5);
    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[14],  9, k5);
    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 7],  9, k5);
    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[ 0], 11, k5);
    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 13, k5);
    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[ 2], 15, k5);
    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[11], 15, k5);
    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 4],  5, k5);
    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[13],  7, k5);
    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 6],  7, k5);
    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[15],  8, k5);
    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 11, k5);
    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 1], 14, k5);
    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[10], 14, k5);
    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 3], 12, k5);
    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[12],  6, k5);

    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 6],  9, k6);
    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[11], 13, k6);
    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[ 3], 15, k6);
    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[ 7],  7, k6);
    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 12, k6);
    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[13],  8, k6);
    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[ 5],  9, k6);
    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[10], 11, k6);
    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[14],  7, k6);
    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[15],  7, k6);
    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 12, k6);
    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[12],  7, k6);
    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[ 4],  6, k6);
    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 15, k6);
    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[ 1], 13, k6);
    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 2], 11, k6);

    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[15],  9, k7);
    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 5],  7, k7);
    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[ 1], 15, k7);
    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[ 3], 11, k7);
    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  8, k7);
    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[14],  6, k7);
    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 6],  6, k7);
    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 14, k7);
    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[11], 12, k7);
    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 13, k7);
    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[12],  5, k7);
    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 14, k7);
    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[10], 13, k7);
    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 13, k7);
    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 4],  7, k7);
    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[13],  5, k7);

    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[ 8], 15, k8);
    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[ 6],  5, k8);
    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 4],  8, k8);
    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 1], 11, k8);
    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[ 3], 14, k8);
    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[11], 14, k8);
    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[15],  6, k8);
    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 14, k8);
    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 5],  6, k8);
    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[12],  9, k8);
    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 12, k8);
    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[13],  9, k8);
    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 9], 12, k8);
    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  5, k8);
    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[10], 15, k8);
    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[14],  8, k8);

    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[12],  8, k9);
    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[15],  5, k9);
    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[10], 12, k9);
    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 4],  9, k9);
    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 1], 12, k9);
    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[ 5],  5, k9);
    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[ 8], 14, k9);
    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  6, k9);
    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 6],  8, k9);
    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 13, k9);
    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[13],  6, k9);
    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[14],  5, k9);
    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[ 0], 15, k9);
    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 3], 13, k9);
    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 9], 11, k9);
    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[11], 11, k9);

    c1                = ripemd->digest[1] + c1 + d2;
    ripemd->digest[1] = ripemd->digest[2] + d1 + e2;
    ripemd->digest[2] = ripemd->digest[3] + e1 + a2;
    ripemd->digest[3] = ripemd->digest[4] + a1 + b2;
    ripemd->digest[4] = ripemd->digest[0] + b1 + c2;
    ripemd->digest[0] = c1;
}


static WC_INLINE void AddLength(RipeMd* ripemd, word32 len)
{
    word32 tmp = ripemd->loLen;
    if ( (ripemd->loLen += len) < tmp)
        ripemd->hiLen++;                       /* carry low to high */
}


int wc_RipeMdUpdate(RipeMd* ripemd, const byte* data, word32 len)
{
    /* do block size increments */
    byte* local;

    if (ripemd == NULL || (data == NULL && len > 0)) {
        return BAD_FUNC_ARG;
    }

    local = (byte*)ripemd->buffer;

    while (len) {
        word32 add = min(len, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
        XMEMCPY(&local[ripemd->buffLen], data, add);

        ripemd->buffLen += add;
        data         += add;
        len          -= add;

        if (ripemd->buffLen == RIPEMD_BLOCK_SIZE) {
            #ifdef BIG_ENDIAN_ORDER
                ByteReverseWords(ripemd->buffer, ripemd->buffer,
                                 RIPEMD_BLOCK_SIZE);
            #endif
            Transform(ripemd);
            AddLength(ripemd, RIPEMD_BLOCK_SIZE);
            ripemd->buffLen = 0;
        }
    }
    return 0;
}


int wc_RipeMdFinal(RipeMd* ripemd, byte* hash)
{
    byte* local;

    if (ripemd == NULL || hash == NULL) {
        return BAD_FUNC_ARG;
    }

    local = (byte*)ripemd->buffer;

    AddLength(ripemd, ripemd->buffLen);               /* before adding pads */

    local[ripemd->buffLen++] = 0x80;  /* add 1 */

    /* pad with zeros */
    if (ripemd->buffLen > RIPEMD_PAD_SIZE) {
        XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
        ripemd->buffLen += RIPEMD_BLOCK_SIZE - ripemd->buffLen;

        #ifdef BIG_ENDIAN_ORDER
            ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
        #endif
        Transform(ripemd);
        ripemd->buffLen = 0;
    }
    XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_PAD_SIZE - ripemd->buffLen);

    /* put lengths in bits */
    ripemd->loLen = ripemd->loLen << 3;
    ripemd->hiLen = (ripemd->loLen >> (8*sizeof(ripemd->loLen) - 3)) +
                 (ripemd->hiLen << 3);

    /* store lengths */
    #ifdef BIG_ENDIAN_ORDER
        ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
    #endif
    /* ! length ordering dependent on digest endian type ! */
    XMEMCPY(&local[RIPEMD_PAD_SIZE], &ripemd->loLen, sizeof(word32));
    XMEMCPY(&local[RIPEMD_PAD_SIZE + sizeof(word32)], &ripemd->hiLen,
           sizeof(word32));

    Transform(ripemd);
    #ifdef BIG_ENDIAN_ORDER
        ByteReverseWords(ripemd->digest, ripemd->digest, RIPEMD_DIGEST_SIZE);
    #endif
    XMEMCPY(hash, ripemd->digest, RIPEMD_DIGEST_SIZE);

    return wc_InitRipeMd(ripemd);  /* reset state */
}


#endif /* WOLFSSL_RIPEMD */

Coverage Report

Created: 2022-08-24 06:37

Line	Count	Source (jump to first uncovered line)
1		/* ripemd.c
2		*
3		* Copyright (C) 2006-2022 wolfSSL Inc.
4		*
5		* This file is part of wolfSSL.
6		*
7		* wolfSSL is free software; you can redistribute it and/or modify
8		* it under the terms of the GNU General Public License as published by
9		* the Free Software Foundation; either version 2 of the License, or
10		* (at your option) any later version.
11		*
12		* wolfSSL is distributed in the hope that it will be useful,
13		* but WITHOUT ANY WARRANTY; without even the implied warranty of
14		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15		* GNU General Public License for more details.
16		*
17		* You should have received a copy of the GNU General Public License
18		* along with this program; if not, write to the Free Software
19		* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20		*/
21
22
23
24		#ifdef HAVE_CONFIG_H
25		#include <config.h>
26		#endif
27
28		#include <wolfssl/wolfcrypt/settings.h>
29
30		#ifdef WOLFSSL_RIPEMD
31
32		#include <wolfssl/wolfcrypt/ripemd.h>
33		#ifdef NO_INLINE
34		#include <wolfssl/wolfcrypt/misc.h>
35		#else
36		#define WOLFSSL_MISC_INCLUDED
37		#include <wolfcrypt/src/misc.c>
38		#endif
39
40		#include <wolfssl/wolfcrypt/error-crypt.h>
41
42		int wc_InitRipeMd(RipeMd* ripemd)
43	0	{
44	0	if (ripemd == NULL) {
45	0	return BAD_FUNC_ARG;
46	0	}
47
48	0	ripemd->digest[0] = 0x67452301L;
49	0	ripemd->digest[1] = 0xEFCDAB89L;
50	0	ripemd->digest[2] = 0x98BADCFEL;
51	0	ripemd->digest[3] = 0x10325476L;
52	0	ripemd->digest[4] = 0xC3D2E1F0L;
53
54	0	ripemd->buffLen = 0;
55	0	ripemd->loLen = 0;
56	0	ripemd->hiLen = 0;
57
58	0	return 0;
59	0	}
60
61
62		/* for all */
63	0	#define F(x, y, z) ((x) ^ (y) ^ (z))
64	0	#define G(x, y, z) ((z) ^ ((x) & ((y)^(z))))
65	0	#define H(x, y, z) ((z) ^ ((x) \| ~(y)))
66	0	#define I(x, y, z) ((y) ^ ((z) & ((x)^(y))))
67	0	#define J(x, y, z) ((x) ^ ((y) \| ~(z)))
68
69		#define k0 0
70		#define k1 0x5a827999
71		#define k2 0x6ed9eba1
72		#define k3 0x8f1bbcdc
73		#define k4 0xa953fd4e
74		#define k5 0x50a28be6
75		#define k6 0x5c4dd124
76		#define k7 0x6d703ef3
77		#define k8 0x7a6d76e9
78		#define k9 0
79
80		/* for 160 and 320 */
81		#define Subround(f, a, b, c, d, e, x, s, k) \
82	0	a += f(b, c, d) + (x) + (k); \
83	0	(a) = rotlFixed((word32)(a), s) + (e); \
84	0	(c) = rotlFixed((word32)(c), 10U)
85
86		static void Transform(RipeMd* ripemd)
87	0	{
88	0	word32 a1, b1, c1, d1, e1, a2, b2, c2, d2, e2;
89	0	a1 = a2 = ripemd->digest[0];
90	0	b1 = b2 = ripemd->digest[1];
91	0	c1 = c2 = ripemd->digest[2];
92	0	d1 = d2 = ripemd->digest[3];
93	0	e1 = e2 = ripemd->digest[4];
94
95	0	Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 11, k0);
96	0	Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[ 1], 14, k0);
97	0	Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[ 2], 15, k0);
98	0	Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[ 3], 12, k0);
99	0	Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[ 4], 5, k0);
100	0	Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[ 5], 8, k0);
101	0	Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[ 6], 7, k0);
102	0	Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[ 7], 9, k0);
103	0	Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 11, k0);
104	0	Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[ 9], 13, k0);
105	0	Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[10], 14, k0);
106	0	Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[11], 15, k0);
107	0	Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[12], 6, k0);
108	0	Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[13], 7, k0);
109	0	Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[14], 9, k0);
110	0	Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[15], 8, k0);
111
112	0	Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 7], 7, k1);
113	0	Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[ 4], 6, k1);
114	0	Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[13], 8, k1);
115	0	Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[ 1], 13, k1);
116	0	Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[10], 11, k1);
117	0	Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 6], 9, k1);
118	0	Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[15], 7, k1);
119	0	Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[ 3], 15, k1);
120	0	Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[12], 7, k1);
121	0	Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 12, k1);
122	0	Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 9], 15, k1);
123	0	Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[ 5], 9, k1);
124	0	Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[ 2], 11, k1);
125	0	Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[14], 7, k1);
126	0	Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[11], 13, k1);
127	0	Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 8], 12, k1);
128
129	0	Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[ 3], 11, k2);
130	0	Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[10], 13, k2);
131	0	Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[14], 6, k2);
132	0	Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[ 4], 7, k2);
133	0	Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 9], 14, k2);
134	0	Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[15], 9, k2);
135	0	Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 13, k2);
136	0	Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[ 1], 15, k2);
137	0	Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[ 2], 14, k2);
138	0	Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 7], 8, k2);
139	0	Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[ 0], 13, k2);
140	0	Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[ 6], 6, k2);
141	0	Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[13], 5, k2);
142	0	Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[11], 12, k2);
143	0	Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 5], 7, k2);
144	0	Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[12], 5, k2);
145
146	0	Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 1], 11, k3);
147	0	Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[ 9], 12, k3);
148	0	Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[11], 14, k3);
149	0	Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[10], 15, k3);
150	0	Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 0], 14, k3);
151	0	Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 15, k3);
152	0	Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[12], 9, k3);
153	0	Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[ 4], 8, k3);
154	0	Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[13], 9, k3);
155	0	Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 3], 14, k3);
156	0	Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 7], 5, k3);
157	0	Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[15], 6, k3);
158	0	Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[14], 8, k3);
159	0	Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[ 5], 6, k3);
160	0	Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 6], 5, k3);
161	0	Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 2], 12, k3);
162
163	0	Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[ 4], 9, k4);
164	0	Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 15, k4);
165	0	Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[ 5], 5, k4);
166	0	Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[ 9], 11, k4);
167	0	Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[ 7], 6, k4);
168	0	Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[12], 8, k4);
169	0	Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 2], 13, k4);
170	0	Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[10], 12, k4);
171	0	Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[14], 5, k4);
172	0	Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[ 1], 12, k4);
173	0	Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[ 3], 13, k4);
174	0	Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 8], 14, k4);
175	0	Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[11], 11, k4);
176	0	Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[ 6], 8, k4);
177	0	Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[15], 5, k4);
178	0	Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[13], 6, k4);
179
180	0	Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[ 5], 8, k5);
181	0	Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[14], 9, k5);
182	0	Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 7], 9, k5);
183	0	Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[ 0], 11, k5);
184	0	Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 13, k5);
185	0	Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[ 2], 15, k5);
186	0	Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[11], 15, k5);
187	0	Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 4], 5, k5);
188	0	Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[13], 7, k5);
189	0	Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 6], 7, k5);
190	0	Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[15], 8, k5);
191	0	Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 11, k5);
192	0	Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 1], 14, k5);
193	0	Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[10], 14, k5);
194	0	Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 3], 12, k5);
195	0	Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[12], 6, k5);
196
197	0	Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 6], 9, k6);
198	0	Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[11], 13, k6);
199	0	Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[ 3], 15, k6);
200	0	Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[ 7], 7, k6);
201	0	Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 12, k6);
202	0	Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[13], 8, k6);
203	0	Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[ 5], 9, k6);
204	0	Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[10], 11, k6);
205	0	Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[14], 7, k6);
206	0	Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[15], 7, k6);
207	0	Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 12, k6);
208	0	Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[12], 7, k6);
209	0	Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[ 4], 6, k6);
210	0	Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 15, k6);
211	0	Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[ 1], 13, k6);
212	0	Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 2], 11, k6);
213
214	0	Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[15], 9, k7);
215	0	Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 5], 7, k7);
216	0	Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[ 1], 15, k7);
217	0	Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[ 3], 11, k7);
218	0	Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 7], 8, k7);
219	0	Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[14], 6, k7);
220	0	Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 6], 6, k7);
221	0	Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 14, k7);
222	0	Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[11], 12, k7);
223	0	Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 13, k7);
224	0	Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[12], 5, k7);
225	0	Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 14, k7);
226	0	Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[10], 13, k7);
227	0	Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 13, k7);
228	0	Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 4], 7, k7);
229	0	Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[13], 5, k7);
230
231	0	Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[ 8], 15, k8);
232	0	Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[ 6], 5, k8);
233	0	Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 4], 8, k8);
234	0	Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 1], 11, k8);
235	0	Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[ 3], 14, k8);
236	0	Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[11], 14, k8);
237	0	Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[15], 6, k8);
238	0	Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 14, k8);
239	0	Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 5], 6, k8);
240	0	Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[12], 9, k8);
241	0	Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 12, k8);
242	0	Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[13], 9, k8);
243	0	Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 9], 12, k8);
244	0	Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 7], 5, k8);
245	0	Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[10], 15, k8);
246	0	Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[14], 8, k8);
247
248	0	Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[12], 8, k9);
249	0	Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[15], 5, k9);
250	0	Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[10], 12, k9);
251	0	Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 4], 9, k9);
252	0	Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 1], 12, k9);
253	0	Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[ 5], 5, k9);
254	0	Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[ 8], 14, k9);
255	0	Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[ 7], 6, k9);
256	0	Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 6], 8, k9);
257	0	Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 13, k9);
258	0	Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[13], 6, k9);
259	0	Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[14], 5, k9);
260	0	Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[ 0], 15, k9);
261	0	Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 3], 13, k9);
262	0	Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 9], 11, k9);
263	0	Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[11], 11, k9);
264
265	0	c1 = ripemd->digest[1] + c1 + d2;
266	0	ripemd->digest[1] = ripemd->digest[2] + d1 + e2;
267	0	ripemd->digest[2] = ripemd->digest[3] + e1 + a2;
268	0	ripemd->digest[3] = ripemd->digest[4] + a1 + b2;
269	0	ripemd->digest[4] = ripemd->digest[0] + b1 + c2;
270	0	ripemd->digest[0] = c1;
271	0	}
272
273
274		static WC_INLINE void AddLength(RipeMd* ripemd, word32 len)
275	0	{
276	0	word32 tmp = ripemd->loLen;
277	0	if ( (ripemd->loLen += len) < tmp)
278	0	ripemd->hiLen++; /* carry low to high */
279	0	}
280
281
282		int wc_RipeMdUpdate(RipeMd* ripemd, const byte* data, word32 len)
283	0	{
284		/* do block size increments */
285	0	byte* local;
286
287	0	if (ripemd == NULL \|\| (data == NULL && len > 0)) {
288	0	return BAD_FUNC_ARG;
289	0	}
290
291	0	local = (byte*)ripemd->buffer;
292
293	0	while (len) {
294	0	word32 add = min(len, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
295	0	XMEMCPY(&local[ripemd->buffLen], data, add);
296
297	0	ripemd->buffLen += add;
298	0	data += add;
299	0	len -= add;
300
301	0	if (ripemd->buffLen == RIPEMD_BLOCK_SIZE) {
302		#ifdef BIG_ENDIAN_ORDER
303		ByteReverseWords(ripemd->buffer, ripemd->buffer,
304		RIPEMD_BLOCK_SIZE);
305		#endif
306	0	Transform(ripemd);
307	0	AddLength(ripemd, RIPEMD_BLOCK_SIZE);
308	0	ripemd->buffLen = 0;
309	0	}
310	0	}
311	0	return 0;
312	0	}
313
314
315		int wc_RipeMdFinal(RipeMd* ripemd, byte* hash)
316	0	{
317	0	byte* local;
318
319	0	if (ripemd == NULL \|\| hash == NULL) {
320	0	return BAD_FUNC_ARG;
321	0	}
322
323	0	local = (byte*)ripemd->buffer;
324
325	0	AddLength(ripemd, ripemd->buffLen); /* before adding pads */
326
327	0	local[ripemd->buffLen++] = 0x80; /* add 1 */
328
329		/* pad with zeros */
330	0	if (ripemd->buffLen > RIPEMD_PAD_SIZE) {
331	0	XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
332	0	ripemd->buffLen += RIPEMD_BLOCK_SIZE - ripemd->buffLen;
333
334		#ifdef BIG_ENDIAN_ORDER
335		ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
336		#endif
337	0	Transform(ripemd);
338	0	ripemd->buffLen = 0;
339	0	}
340	0	XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_PAD_SIZE - ripemd->buffLen);
341
342		/* put lengths in bits */
343	0	ripemd->loLen = ripemd->loLen << 3;
344	0	ripemd->hiLen = (ripemd->loLen >> (8*sizeof(ripemd->loLen) - 3)) +
345	0	(ripemd->hiLen << 3);
346
347		/* store lengths */
348		#ifdef BIG_ENDIAN_ORDER
349		ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
350		#endif
351		/* ! length ordering dependent on digest endian type ! */
352	0	XMEMCPY(&local[RIPEMD_PAD_SIZE], &ripemd->loLen, sizeof(word32));
353	0	XMEMCPY(&local[RIPEMD_PAD_SIZE + sizeof(word32)], &ripemd->hiLen,
354	0	sizeof(word32));
355
356	0	Transform(ripemd);
357		#ifdef BIG_ENDIAN_ORDER
358		ByteReverseWords(ripemd->digest, ripemd->digest, RIPEMD_DIGEST_SIZE);
359		#endif
360	0	XMEMCPY(hash, ripemd->digest, RIPEMD_DIGEST_SIZE);
361
362	0	return wc_InitRipeMd(ripemd); /* reset state */
363	0	}
364
365
366		#endif /* WOLFSSL_RIPEMD */