Line data Source code
1 : /* SHA1 module */
2 :
3 : /* This module provides an interface to the SHA1 algorithm */
4 :
5 : /* See below for information about the original code this module was
6 : based upon. Additional work performed by:
7 :
8 : Andrew Kuchling (amk@amk.ca)
9 : Greg Stein (gstein@lyra.org)
10 : Trevor Perrin (trevp@trevp.net)
11 :
12 : Copyright (C) 2005-2007 Gregory P. Smith (greg@krypto.org)
13 : Licensed to PSF under a Contributor Agreement.
14 :
15 : */
16 :
17 : /* SHA1 objects */
18 : #ifndef Py_BUILD_CORE_BUILTIN
19 : # define Py_BUILD_CORE_MODULE 1
20 : #endif
21 :
22 : #include "Python.h"
23 : #include "hashlib.h"
24 : #include "pycore_strhex.h" // _Py_strhex()
25 :
26 : /*[clinic input]
27 : module _sha1
28 : class SHA1Type "SHA1object *" "&PyType_Type"
29 : [clinic start generated code]*/
30 : /*[clinic end generated code: output=da39a3ee5e6b4b0d input=3dc9a20d1becb759]*/
31 :
32 : /* Some useful types */
33 :
34 : #if SIZEOF_INT == 4
35 : typedef unsigned int SHA1_INT32; /* 32-bit integer */
36 : typedef long long SHA1_INT64; /* 64-bit integer */
37 : #else
38 : /* not defined. compilation will die. */
39 : #endif
40 :
41 : /* The SHA1 block size and message digest sizes, in bytes */
42 :
43 : #define SHA1_BLOCKSIZE 64
44 : #define SHA1_DIGESTSIZE 20
45 :
46 : /* The structure for storing SHA1 info */
47 :
48 : struct sha1_state {
49 : SHA1_INT64 length;
50 : SHA1_INT32 state[5], curlen;
51 : unsigned char buf[SHA1_BLOCKSIZE];
52 : };
53 :
54 : typedef struct {
55 : PyObject_HEAD
56 :
57 : struct sha1_state hash_state;
58 : } SHA1object;
59 :
60 : #include "clinic/sha1module.c.h"
61 :
62 : /* ------------------------------------------------------------------------
63 : *
64 : * This code for the SHA1 algorithm was noted as public domain. The
65 : * original headers are pasted below.
66 : *
67 : * Several changes have been made to make it more compatible with the
68 : * Python environment and desired interface.
69 : *
70 : */
71 :
72 : /* LibTomCrypt, modular cryptographic library -- Tom St Denis
73 : *
74 : * LibTomCrypt is a library that provides various cryptographic
75 : * algorithms in a highly modular and flexible manner.
76 : *
77 : * The library is free for all purposes without any express
78 : * guarantee it works.
79 : *
80 : * Tom St Denis, tomstdenis@gmail.com, https://www.libtom.net
81 : */
82 :
83 : /* rotate the hard way (platform optimizations could be done) */
84 : #define ROL(x, y) ( (((unsigned long)(x)<<(unsigned long)((y)&31)) | (((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
85 : #define ROLc(x, y) ( (((unsigned long)(x)<<(unsigned long)((y)&31)) | (((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
86 :
87 : /* Endian Neutral macros that work on all platforms */
88 :
89 : #define STORE32H(x, y) \
90 : { (y)[0] = (unsigned char)(((x)>>24)&255); (y)[1] = (unsigned char)(((x)>>16)&255); \
91 : (y)[2] = (unsigned char)(((x)>>8)&255); (y)[3] = (unsigned char)((x)&255); }
92 :
93 : #define LOAD32H(x, y) \
94 : { x = ((unsigned long)((y)[0] & 255)<<24) | \
95 : ((unsigned long)((y)[1] & 255)<<16) | \
96 : ((unsigned long)((y)[2] & 255)<<8) | \
97 : ((unsigned long)((y)[3] & 255)); }
98 :
99 : #define STORE64H(x, y) \
100 : { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \
101 : (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \
102 : (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \
103 : (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); }
104 :
105 :
106 : /* SHA1 macros */
107 :
108 : #define F0(x,y,z) (z ^ (x & (y ^ z)))
109 : #define F1(x,y,z) (x ^ y ^ z)
110 : #define F2(x,y,z) ((x & y) | (z & (x | y)))
111 : #define F3(x,y,z) (x ^ y ^ z)
112 :
113 47129 : static void sha1_compress(struct sha1_state *sha1, unsigned char *buf)
114 : {
115 : SHA1_INT32 a,b,c,d,e,W[80],i;
116 :
117 : /* copy the state into 512-bits into W[0..15] */
118 801193 : for (i = 0; i < 16; i++) {
119 754064 : LOAD32H(W[i], buf + (4*i));
120 : }
121 :
122 : /* copy state */
123 47129 : a = sha1->state[0];
124 47129 : b = sha1->state[1];
125 47129 : c = sha1->state[2];
126 47129 : d = sha1->state[3];
127 47129 : e = sha1->state[4];
128 :
129 : /* expand it */
130 3063380 : for (i = 16; i < 80; i++) {
131 3016260 : W[i] = ROL(W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16], 1);
132 : }
133 :
134 : /* compress */
135 : /* round one */
136 : #define FF_0(a,b,c,d,e,i) e = (ROLc(a, 5) + F0(b,c,d) + e + W[i] + 0x5a827999UL); b = ROLc(b, 30);
137 : #define FF_1(a,b,c,d,e,i) e = (ROLc(a, 5) + F1(b,c,d) + e + W[i] + 0x6ed9eba1UL); b = ROLc(b, 30);
138 : #define FF_2(a,b,c,d,e,i) e = (ROLc(a, 5) + F2(b,c,d) + e + W[i] + 0x8f1bbcdcUL); b = ROLc(b, 30);
139 : #define FF_3(a,b,c,d,e,i) e = (ROLc(a, 5) + F3(b,c,d) + e + W[i] + 0xca62c1d6UL); b = ROLc(b, 30);
140 :
141 235645 : for (i = 0; i < 20; ) {
142 188516 : FF_0(a,b,c,d,e,i++);
143 188516 : FF_0(e,a,b,c,d,i++);
144 188516 : FF_0(d,e,a,b,c,i++);
145 188516 : FF_0(c,d,e,a,b,i++);
146 188516 : FF_0(b,c,d,e,a,i++);
147 : }
148 :
149 : /* round two */
150 235645 : for (; i < 40; ) {
151 188516 : FF_1(a,b,c,d,e,i++);
152 188516 : FF_1(e,a,b,c,d,i++);
153 188516 : FF_1(d,e,a,b,c,i++);
154 188516 : FF_1(c,d,e,a,b,i++);
155 188516 : FF_1(b,c,d,e,a,i++);
156 : }
157 :
158 : /* round three */
159 235645 : for (; i < 60; ) {
160 188516 : FF_2(a,b,c,d,e,i++);
161 188516 : FF_2(e,a,b,c,d,i++);
162 188516 : FF_2(d,e,a,b,c,i++);
163 188516 : FF_2(c,d,e,a,b,i++);
164 188516 : FF_2(b,c,d,e,a,i++);
165 : }
166 :
167 : /* round four */
168 235645 : for (; i < 80; ) {
169 188516 : FF_3(a,b,c,d,e,i++);
170 188516 : FF_3(e,a,b,c,d,i++);
171 188516 : FF_3(d,e,a,b,c,i++);
172 188516 : FF_3(c,d,e,a,b,i++);
173 188516 : FF_3(b,c,d,e,a,i++);
174 : }
175 :
176 : #undef FF_0
177 : #undef FF_1
178 : #undef FF_2
179 : #undef FF_3
180 :
181 : /* store */
182 47129 : sha1->state[0] = sha1->state[0] + a;
183 47129 : sha1->state[1] = sha1->state[1] + b;
184 47129 : sha1->state[2] = sha1->state[2] + c;
185 47129 : sha1->state[3] = sha1->state[3] + d;
186 47129 : sha1->state[4] = sha1->state[4] + e;
187 47129 : }
188 :
189 : /**
190 : Initialize the hash state
191 : @param sha1 The hash state you wish to initialize
192 : */
193 : static void
194 29 : sha1_init(struct sha1_state *sha1)
195 : {
196 29 : assert(sha1 != NULL);
197 29 : sha1->state[0] = 0x67452301UL;
198 29 : sha1->state[1] = 0xefcdab89UL;
199 29 : sha1->state[2] = 0x98badcfeUL;
200 29 : sha1->state[3] = 0x10325476UL;
201 29 : sha1->state[4] = 0xc3d2e1f0UL;
202 29 : sha1->curlen = 0;
203 29 : sha1->length = 0;
204 29 : }
205 :
206 : /**
207 : Process a block of memory though the hash
208 : @param sha1 The hash state
209 : @param in The data to hash
210 : @param inlen The length of the data (octets)
211 : */
212 : static void
213 30 : sha1_process(struct sha1_state *sha1,
214 : const unsigned char *in, Py_ssize_t inlen)
215 : {
216 : Py_ssize_t n;
217 :
218 30 : assert(sha1 != NULL);
219 30 : assert(in != NULL);
220 30 : assert(sha1->curlen <= sizeof(sha1->buf));
221 :
222 47135 : while (inlen > 0) {
223 47105 : if (sha1->curlen == 0 && inlen >= SHA1_BLOCKSIZE) {
224 47083 : sha1_compress(sha1, (unsigned char *)in);
225 47083 : sha1->length += SHA1_BLOCKSIZE * 8;
226 47083 : in += SHA1_BLOCKSIZE;
227 47083 : inlen -= SHA1_BLOCKSIZE;
228 : } else {
229 22 : n = Py_MIN(inlen, (Py_ssize_t)(SHA1_BLOCKSIZE - sha1->curlen));
230 22 : memcpy(sha1->buf + sha1->curlen, in, (size_t)n);
231 22 : sha1->curlen += (SHA1_INT32)n;
232 22 : in += n;
233 22 : inlen -= n;
234 22 : if (sha1->curlen == SHA1_BLOCKSIZE) {
235 4 : sha1_compress(sha1, sha1->buf);
236 4 : sha1->length += 8*SHA1_BLOCKSIZE;
237 4 : sha1->curlen = 0;
238 : }
239 : }
240 : }
241 30 : }
242 :
243 : /**
244 : Terminate the hash to get the digest
245 : @param sha1 The hash state
246 : @param out [out] The destination of the hash (20 bytes)
247 : */
248 : static void
249 30 : sha1_done(struct sha1_state *sha1, unsigned char *out)
250 : {
251 : int i;
252 :
253 30 : assert(sha1 != NULL);
254 30 : assert(out != NULL);
255 30 : assert(sha1->curlen < sizeof(sha1->buf));
256 :
257 : /* increase the length of the message */
258 30 : sha1->length += sha1->curlen * 8;
259 :
260 : /* append the '1' bit */
261 30 : sha1->buf[sha1->curlen++] = (unsigned char)0x80;
262 :
263 : /* if the length is currently above 56 bytes we append zeros
264 : * then compress. Then we can fall back to padding zeros and length
265 : * encoding like normal.
266 : */
267 30 : if (sha1->curlen > 56) {
268 56 : while (sha1->curlen < 64) {
269 44 : sha1->buf[sha1->curlen++] = (unsigned char)0;
270 : }
271 12 : sha1_compress(sha1, sha1->buf);
272 12 : sha1->curlen = 0;
273 : }
274 :
275 : /* pad up to 56 bytes of zeroes */
276 1670 : while (sha1->curlen < 56) {
277 1640 : sha1->buf[sha1->curlen++] = (unsigned char)0;
278 : }
279 :
280 : /* store length */
281 30 : STORE64H(sha1->length, sha1->buf+56);
282 30 : sha1_compress(sha1, sha1->buf);
283 :
284 : /* copy output */
285 180 : for (i = 0; i < 5; i++) {
286 150 : STORE32H(sha1->state[i], out+(4*i));
287 : }
288 30 : }
289 :
290 :
291 : /* .Source: /cvs/libtom/libtomcrypt/src/hashes/sha1.c,v $ */
292 : /* .Revision: 1.10 $ */
293 : /* .Date: 2007/05/12 14:25:28 $ */
294 :
295 : /*
296 : * End of copied SHA1 code.
297 : *
298 : * ------------------------------------------------------------------------
299 : */
300 :
301 : typedef struct {
302 : PyTypeObject* sha1_type;
303 : } SHA1State;
304 :
305 : static inline SHA1State*
306 65 : sha1_get_state(PyObject *module)
307 : {
308 65 : void *state = PyModule_GetState(module);
309 65 : assert(state != NULL);
310 65 : return (SHA1State *)state;
311 : }
312 :
313 : static SHA1object *
314 30 : newSHA1object(SHA1State *st)
315 : {
316 30 : SHA1object *sha = (SHA1object *)PyObject_GC_New(SHA1object, st->sha1_type);
317 30 : PyObject_GC_Track(sha);
318 30 : return sha;
319 : }
320 :
321 :
322 : /* Internal methods for a hash object */
323 : static int
324 30 : SHA1_traverse(PyObject *ptr, visitproc visit, void *arg)
325 : {
326 30 : Py_VISIT(Py_TYPE(ptr));
327 30 : return 0;
328 : }
329 :
330 : static void
331 30 : SHA1_dealloc(PyObject *ptr)
332 : {
333 30 : PyTypeObject *tp = Py_TYPE(ptr);
334 30 : PyObject_GC_UnTrack(ptr);
335 30 : PyObject_GC_Del(ptr);
336 30 : Py_DECREF(tp);
337 30 : }
338 :
339 :
340 : /* External methods for a hash object */
341 :
342 : /*[clinic input]
343 : SHA1Type.copy
344 :
345 : cls: defining_class
346 :
347 : Return a copy of the hash object.
348 : [clinic start generated code]*/
349 :
350 : static PyObject *
351 1 : SHA1Type_copy_impl(SHA1object *self, PyTypeObject *cls)
352 : /*[clinic end generated code: output=b32d4461ce8bc7a7 input=6c22e66fcc34c58e]*/
353 : {
354 1 : SHA1State *st = PyType_GetModuleState(cls);
355 :
356 : SHA1object *newobj;
357 1 : if ((newobj = newSHA1object(st)) == NULL)
358 0 : return NULL;
359 :
360 1 : newobj->hash_state = self->hash_state;
361 1 : return (PyObject *)newobj;
362 : }
363 :
364 : /*[clinic input]
365 : SHA1Type.digest
366 :
367 : Return the digest value as a bytes object.
368 : [clinic start generated code]*/
369 :
370 : static PyObject *
371 15 : SHA1Type_digest_impl(SHA1object *self)
372 : /*[clinic end generated code: output=2f05302a7aa2b5cb input=13824b35407444bd]*/
373 : {
374 : unsigned char digest[SHA1_DIGESTSIZE];
375 : struct sha1_state temp;
376 :
377 15 : temp = self->hash_state;
378 15 : sha1_done(&temp, digest);
379 15 : return PyBytes_FromStringAndSize((const char *)digest, SHA1_DIGESTSIZE);
380 : }
381 :
382 : /*[clinic input]
383 : SHA1Type.hexdigest
384 :
385 : Return the digest value as a string of hexadecimal digits.
386 : [clinic start generated code]*/
387 :
388 : static PyObject *
389 15 : SHA1Type_hexdigest_impl(SHA1object *self)
390 : /*[clinic end generated code: output=4161fd71e68c6659 input=97691055c0c74ab0]*/
391 : {
392 : unsigned char digest[SHA1_DIGESTSIZE];
393 : struct sha1_state temp;
394 :
395 : /* Get the raw (binary) digest value */
396 15 : temp = self->hash_state;
397 15 : sha1_done(&temp, digest);
398 :
399 15 : return _Py_strhex((const char *)digest, SHA1_DIGESTSIZE);
400 : }
401 :
402 : /*[clinic input]
403 : SHA1Type.update
404 :
405 : obj: object
406 : /
407 :
408 : Update this hash object's state with the provided string.
409 : [clinic start generated code]*/
410 :
411 : static PyObject *
412 20 : SHA1Type_update(SHA1object *self, PyObject *obj)
413 : /*[clinic end generated code: output=d9902f0e5015e9ae input=aad8e07812edbba3]*/
414 : {
415 : Py_buffer buf;
416 :
417 20 : GET_BUFFER_VIEW_OR_ERROUT(obj, &buf);
418 :
419 20 : sha1_process(&self->hash_state, buf.buf, buf.len);
420 :
421 20 : PyBuffer_Release(&buf);
422 20 : Py_RETURN_NONE;
423 : }
424 :
425 : static PyMethodDef SHA1_methods[] = {
426 : SHA1TYPE_COPY_METHODDEF
427 : SHA1TYPE_DIGEST_METHODDEF
428 : SHA1TYPE_HEXDIGEST_METHODDEF
429 : SHA1TYPE_UPDATE_METHODDEF
430 : {NULL, NULL} /* sentinel */
431 : };
432 :
433 : static PyObject *
434 1 : SHA1_get_block_size(PyObject *self, void *closure)
435 : {
436 1 : return PyLong_FromLong(SHA1_BLOCKSIZE);
437 : }
438 :
439 : static PyObject *
440 10 : SHA1_get_name(PyObject *self, void *closure)
441 : {
442 10 : return PyUnicode_FromStringAndSize("sha1", 4);
443 : }
444 :
445 : static PyObject *
446 5 : sha1_get_digest_size(PyObject *self, void *closure)
447 : {
448 5 : return PyLong_FromLong(SHA1_DIGESTSIZE);
449 : }
450 :
451 : static PyGetSetDef SHA1_getseters[] = {
452 : {"block_size",
453 : (getter)SHA1_get_block_size, NULL,
454 : NULL,
455 : NULL},
456 : {"name",
457 : (getter)SHA1_get_name, NULL,
458 : NULL,
459 : NULL},
460 : {"digest_size",
461 : (getter)sha1_get_digest_size, NULL,
462 : NULL,
463 : NULL},
464 : {NULL} /* Sentinel */
465 : };
466 :
467 : static PyType_Slot sha1_type_slots[] = {
468 : {Py_tp_dealloc, SHA1_dealloc},
469 : {Py_tp_methods, SHA1_methods},
470 : {Py_tp_getset, SHA1_getseters},
471 : {Py_tp_traverse, SHA1_traverse},
472 : {0,0}
473 : };
474 :
475 : static PyType_Spec sha1_type_spec = {
476 : .name = "_sha1.sha1",
477 : .basicsize = sizeof(SHA1object),
478 : .flags = (Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION |
479 : Py_TPFLAGS_IMMUTABLETYPE | Py_TPFLAGS_HAVE_GC),
480 : .slots = sha1_type_slots
481 : };
482 :
483 : /* The single module-level function: new() */
484 :
485 : /*[clinic input]
486 : _sha1.sha1
487 :
488 : string: object(c_default="NULL") = b''
489 : *
490 : usedforsecurity: bool = True
491 :
492 : Return a new SHA1 hash object; optionally initialized with a string.
493 : [clinic start generated code]*/
494 :
495 : static PyObject *
496 30 : _sha1_sha1_impl(PyObject *module, PyObject *string, int usedforsecurity)
497 : /*[clinic end generated code: output=6f8b3af05126e18e input=bd54b68e2bf36a8a]*/
498 : {
499 : SHA1object *new;
500 : Py_buffer buf;
501 :
502 30 : if (string)
503 11 : GET_BUFFER_VIEW_OR_ERROUT(string, &buf);
504 :
505 29 : SHA1State *st = sha1_get_state(module);
506 29 : if ((new = newSHA1object(st)) == NULL) {
507 0 : if (string)
508 0 : PyBuffer_Release(&buf);
509 0 : return NULL;
510 : }
511 :
512 29 : sha1_init(&new->hash_state);
513 :
514 29 : if (PyErr_Occurred()) {
515 0 : Py_DECREF(new);
516 0 : if (string)
517 0 : PyBuffer_Release(&buf);
518 0 : return NULL;
519 : }
520 29 : if (string) {
521 10 : sha1_process(&new->hash_state, buf.buf, buf.len);
522 10 : PyBuffer_Release(&buf);
523 : }
524 :
525 29 : return (PyObject *)new;
526 : }
527 :
528 :
529 : /* List of functions exported by this module */
530 :
531 : static struct PyMethodDef SHA1_functions[] = {
532 : _SHA1_SHA1_METHODDEF
533 : {NULL, NULL} /* Sentinel */
534 : };
535 :
536 : static int
537 30 : _sha1_traverse(PyObject *module, visitproc visit, void *arg)
538 : {
539 30 : SHA1State *state = sha1_get_state(module);
540 30 : Py_VISIT(state->sha1_type);
541 30 : return 0;
542 : }
543 :
544 : static int
545 4 : _sha1_clear(PyObject *module)
546 : {
547 4 : SHA1State *state = sha1_get_state(module);
548 4 : Py_CLEAR(state->sha1_type);
549 4 : return 0;
550 : }
551 :
552 : static void
553 2 : _sha1_free(void *module)
554 : {
555 2 : _sha1_clear((PyObject *)module);
556 2 : }
557 :
558 : static int
559 2 : _sha1_exec(PyObject *module)
560 : {
561 2 : SHA1State* st = sha1_get_state(module);
562 :
563 2 : st->sha1_type = (PyTypeObject *)PyType_FromModuleAndSpec(
564 : module, &sha1_type_spec, NULL);
565 :
566 2 : if (st->sha1_type == NULL) {
567 0 : return -1;
568 : }
569 :
570 2 : Py_INCREF(st->sha1_type);
571 2 : if (PyModule_AddObject(module,
572 : "SHA1Type",
573 2 : (PyObject *)st->sha1_type) < 0) {
574 0 : Py_DECREF(st->sha1_type);
575 0 : return -1;
576 : }
577 :
578 2 : return 0;
579 : }
580 :
581 :
582 : /* Initialize this module. */
583 :
584 : static PyModuleDef_Slot _sha1_slots[] = {
585 : {Py_mod_exec, _sha1_exec},
586 : {0, NULL}
587 : };
588 :
589 : static struct PyModuleDef _sha1module = {
590 : PyModuleDef_HEAD_INIT,
591 : .m_name = "_sha1",
592 : .m_size = sizeof(SHA1State),
593 : .m_methods = SHA1_functions,
594 : .m_slots = _sha1_slots,
595 : .m_traverse = _sha1_traverse,
596 : .m_clear = _sha1_clear,
597 : .m_free = _sha1_free
598 : };
599 :
600 : PyMODINIT_FUNC
601 2 : PyInit__sha1(void)
602 : {
603 2 : return PyModuleDef_Init(&_sha1module);
604 : }
|