to reflect the new license. We understand that people may be surprised that we're moving the header entirely to discuss the new license. We checked this carefully with the Foundation's lawyer and we believe this is the correct approach. Essentially, all code in the project is now made available by the LLVM project under our new license, so you will see that the license headers include that license only. Some of our contributors have contributed code under our old license, and accordingly, we have retained a copy of our old license notice in the top-level files in each project and repository. llvm-svn: 351636
222 lines
5.5 KiB
C++
222 lines
5.5 KiB
C++
//===- FuzzerSHA1.h - Private copy of the SHA1 implementation ---*- C++ -* ===//
|
|
//
|
|
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
|
|
// See https://llvm.org/LICENSE.txt for license information.
|
|
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
|
|
//
|
|
//===----------------------------------------------------------------------===//
|
|
// This code is taken from public domain
|
|
// (http://oauth.googlecode.com/svn/code/c/liboauth/src/sha1.c)
|
|
// and modified by adding anonymous namespace, adding an interface
|
|
// function fuzzer::ComputeSHA1() and removing unnecessary code.
|
|
//
|
|
// lib/Fuzzer can not use SHA1 implementation from openssl because
|
|
// openssl may not be available and because we may be fuzzing openssl itself.
|
|
// For the same reason we do not want to depend on SHA1 from LLVM tree.
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
#include "FuzzerSHA1.h"
|
|
#include "FuzzerDefs.h"
|
|
|
|
/* This code is public-domain - it is based on libcrypt
|
|
* placed in the public domain by Wei Dai and other contributors.
|
|
*/
|
|
|
|
#include <iomanip>
|
|
#include <sstream>
|
|
#include <stdint.h>
|
|
#include <string.h>
|
|
|
|
namespace { // Added for LibFuzzer
|
|
|
|
#ifdef __BIG_ENDIAN__
|
|
# define SHA_BIG_ENDIAN
|
|
#elif defined __LITTLE_ENDIAN__
|
|
/* override */
|
|
#elif defined __BYTE_ORDER
|
|
# if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
|
|
# define SHA_BIG_ENDIAN
|
|
# endif
|
|
#else // ! defined __LITTLE_ENDIAN__
|
|
# include <endian.h> // machine/endian.h
|
|
# if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
|
|
# define SHA_BIG_ENDIAN
|
|
# endif
|
|
#endif
|
|
|
|
|
|
/* header */
|
|
|
|
#define HASH_LENGTH 20
|
|
#define BLOCK_LENGTH 64
|
|
|
|
typedef struct sha1nfo {
|
|
uint32_t buffer[BLOCK_LENGTH/4];
|
|
uint32_t state[HASH_LENGTH/4];
|
|
uint32_t byteCount;
|
|
uint8_t bufferOffset;
|
|
uint8_t keyBuffer[BLOCK_LENGTH];
|
|
uint8_t innerHash[HASH_LENGTH];
|
|
} sha1nfo;
|
|
|
|
/* public API - prototypes - TODO: doxygen*/
|
|
|
|
/**
|
|
*/
|
|
void sha1_init(sha1nfo *s);
|
|
/**
|
|
*/
|
|
void sha1_writebyte(sha1nfo *s, uint8_t data);
|
|
/**
|
|
*/
|
|
void sha1_write(sha1nfo *s, const char *data, size_t len);
|
|
/**
|
|
*/
|
|
uint8_t* sha1_result(sha1nfo *s);
|
|
|
|
|
|
/* code */
|
|
#define SHA1_K0 0x5a827999
|
|
#define SHA1_K20 0x6ed9eba1
|
|
#define SHA1_K40 0x8f1bbcdc
|
|
#define SHA1_K60 0xca62c1d6
|
|
|
|
void sha1_init(sha1nfo *s) {
|
|
s->state[0] = 0x67452301;
|
|
s->state[1] = 0xefcdab89;
|
|
s->state[2] = 0x98badcfe;
|
|
s->state[3] = 0x10325476;
|
|
s->state[4] = 0xc3d2e1f0;
|
|
s->byteCount = 0;
|
|
s->bufferOffset = 0;
|
|
}
|
|
|
|
uint32_t sha1_rol32(uint32_t number, uint8_t bits) {
|
|
return ((number << bits) | (number >> (32-bits)));
|
|
}
|
|
|
|
void sha1_hashBlock(sha1nfo *s) {
|
|
uint8_t i;
|
|
uint32_t a,b,c,d,e,t;
|
|
|
|
a=s->state[0];
|
|
b=s->state[1];
|
|
c=s->state[2];
|
|
d=s->state[3];
|
|
e=s->state[4];
|
|
for (i=0; i<80; i++) {
|
|
if (i>=16) {
|
|
t = s->buffer[(i+13)&15] ^ s->buffer[(i+8)&15] ^ s->buffer[(i+2)&15] ^ s->buffer[i&15];
|
|
s->buffer[i&15] = sha1_rol32(t,1);
|
|
}
|
|
if (i<20) {
|
|
t = (d ^ (b & (c ^ d))) + SHA1_K0;
|
|
} else if (i<40) {
|
|
t = (b ^ c ^ d) + SHA1_K20;
|
|
} else if (i<60) {
|
|
t = ((b & c) | (d & (b | c))) + SHA1_K40;
|
|
} else {
|
|
t = (b ^ c ^ d) + SHA1_K60;
|
|
}
|
|
t+=sha1_rol32(a,5) + e + s->buffer[i&15];
|
|
e=d;
|
|
d=c;
|
|
c=sha1_rol32(b,30);
|
|
b=a;
|
|
a=t;
|
|
}
|
|
s->state[0] += a;
|
|
s->state[1] += b;
|
|
s->state[2] += c;
|
|
s->state[3] += d;
|
|
s->state[4] += e;
|
|
}
|
|
|
|
void sha1_addUncounted(sha1nfo *s, uint8_t data) {
|
|
uint8_t * const b = (uint8_t*) s->buffer;
|
|
#ifdef SHA_BIG_ENDIAN
|
|
b[s->bufferOffset] = data;
|
|
#else
|
|
b[s->bufferOffset ^ 3] = data;
|
|
#endif
|
|
s->bufferOffset++;
|
|
if (s->bufferOffset == BLOCK_LENGTH) {
|
|
sha1_hashBlock(s);
|
|
s->bufferOffset = 0;
|
|
}
|
|
}
|
|
|
|
void sha1_writebyte(sha1nfo *s, uint8_t data) {
|
|
++s->byteCount;
|
|
sha1_addUncounted(s, data);
|
|
}
|
|
|
|
void sha1_write(sha1nfo *s, const char *data, size_t len) {
|
|
for (;len--;) sha1_writebyte(s, (uint8_t) *data++);
|
|
}
|
|
|
|
void sha1_pad(sha1nfo *s) {
|
|
// Implement SHA-1 padding (fips180-2 §5.1.1)
|
|
|
|
// Pad with 0x80 followed by 0x00 until the end of the block
|
|
sha1_addUncounted(s, 0x80);
|
|
while (s->bufferOffset != 56) sha1_addUncounted(s, 0x00);
|
|
|
|
// Append length in the last 8 bytes
|
|
sha1_addUncounted(s, 0); // We're only using 32 bit lengths
|
|
sha1_addUncounted(s, 0); // But SHA-1 supports 64 bit lengths
|
|
sha1_addUncounted(s, 0); // So zero pad the top bits
|
|
sha1_addUncounted(s, s->byteCount >> 29); // Shifting to multiply by 8
|
|
sha1_addUncounted(s, s->byteCount >> 21); // as SHA-1 supports bitstreams as well as
|
|
sha1_addUncounted(s, s->byteCount >> 13); // byte.
|
|
sha1_addUncounted(s, s->byteCount >> 5);
|
|
sha1_addUncounted(s, s->byteCount << 3);
|
|
}
|
|
|
|
uint8_t* sha1_result(sha1nfo *s) {
|
|
// Pad to complete the last block
|
|
sha1_pad(s);
|
|
|
|
#ifndef SHA_BIG_ENDIAN
|
|
// Swap byte order back
|
|
int i;
|
|
for (i=0; i<5; i++) {
|
|
s->state[i]=
|
|
(((s->state[i])<<24)& 0xff000000)
|
|
| (((s->state[i])<<8) & 0x00ff0000)
|
|
| (((s->state[i])>>8) & 0x0000ff00)
|
|
| (((s->state[i])>>24)& 0x000000ff);
|
|
}
|
|
#endif
|
|
|
|
// Return pointer to hash (20 characters)
|
|
return (uint8_t*) s->state;
|
|
}
|
|
|
|
} // namespace; Added for LibFuzzer
|
|
|
|
namespace fuzzer {
|
|
|
|
// The rest is added for LibFuzzer
|
|
void ComputeSHA1(const uint8_t *Data, size_t Len, uint8_t *Out) {
|
|
sha1nfo s;
|
|
sha1_init(&s);
|
|
sha1_write(&s, (const char*)Data, Len);
|
|
memcpy(Out, sha1_result(&s), HASH_LENGTH);
|
|
}
|
|
|
|
std::string Sha1ToString(const uint8_t Sha1[kSHA1NumBytes]) {
|
|
std::stringstream SS;
|
|
for (int i = 0; i < kSHA1NumBytes; i++)
|
|
SS << std::hex << std::setfill('0') << std::setw(2) << (unsigned)Sha1[i];
|
|
return SS.str();
|
|
}
|
|
|
|
std::string Hash(const Unit &U) {
|
|
uint8_t Hash[kSHA1NumBytes];
|
|
ComputeSHA1(U.data(), U.size(), Hash);
|
|
return Sha1ToString(Hash);
|
|
}
|
|
|
|
}
|