clightning-dumpkeys

dump clightning output descriptors
git clone git://jb55.com/clightning-dumpkeys
Log | Files | Refs | README | LICENSE

ripemd160.c (14099B)

      1 /* MIT (BSD) license - see LICENSE file for details */
      2 /* RIPEMD core code translated from the Bitcoin project's C++:
      3  *
      4  * src/crypto/ripemd160.cpp commit f914f1a746d7f91951c1da262a4a749dd3ebfa71
      5  * Copyright (c) 2014 The Bitcoin Core developers
      6  * Distributed under the MIT software license, see the accompanying
      7  * file COPYING or http://www.opensource.org/licenses/mit-license.php.
      8  */
      9 #include "ripemd160.h"
     10 #include "endian.h"
     11 #include "compiler.h"
     12 #include <stdbool.h>
     13 #include <assert.h>
     14 #include <string.h>
     15 
     16 static void invalidate_ripemd160(struct ripemd160_ctx *ctx)
     17 {
     18 #ifdef CCAN_CRYPTO_RIPEMD160_USE_OPENSSL
     19 	ctx->c.num = -1U;
     20 #else
     21 	ctx->bytes = -1ULL;
     22 #endif
     23 }
     24 
     25 static void check_ripemd160(struct ripemd160_ctx *ctx)
     26 {
     27 #ifdef CCAN_CRYPTO_RIPEMD160_USE_OPENSSL
     28 	assert(ctx->c.num != -1U);
     29 #else
     30 	assert(ctx->bytes != -1ULL);
     31 #endif
     32 }
     33 
     34 #ifdef CCAN_CRYPTO_RIPEMD160_USE_OPENSSL
     35 void ripemd160_init(struct ripemd160_ctx *ctx)
     36 {
     37 	RIPEMD160_Init(&ctx->c);
     38 }
     39 
     40 void ripemd160_update(struct ripemd160_ctx *ctx, const void *p, size_t size)
     41 {
     42 	check_ripemd160(ctx);
     43 	RIPEMD160_Update(&ctx->c, p, size);
     44 }
     45 
     46 void ripemd160_done(struct ripemd160_ctx *ctx, struct ripemd160 *res)
     47 {
     48 	RIPEMD160_Final(res->u.u8, &ctx->c);
     49 	invalidate_ripemd160(ctx);
     50 }
     51 #else
     52 inline static uint32_t f1(uint32_t x, uint32_t y, uint32_t z) { return x ^ y ^ z; }
     53 inline static uint32_t f2(uint32_t x, uint32_t y, uint32_t z) { return (x & y) | (~x & z); }
     54 inline static uint32_t f3(uint32_t x, uint32_t y, uint32_t z) { return (x | ~y) ^ z; }
     55 inline static uint32_t f4(uint32_t x, uint32_t y, uint32_t z) { return (x & z) | (y & ~z); }
     56 inline static uint32_t f5(uint32_t x, uint32_t y, uint32_t z) { return x ^ (y | ~z); }
     57 
     58 /** Initialize RIPEMD-160 state. */
     59 inline static void Initialize(uint32_t* s)
     60 {
     61     s[0] = 0x67452301ul;
     62     s[1] = 0xEFCDAB89ul;
     63     s[2] = 0x98BADCFEul;
     64     s[3] = 0x10325476ul;
     65     s[4] = 0xC3D2E1F0ul;
     66 }
     67 
     68 inline static uint32_t rol(uint32_t x, int i) { return (x << i) | (x >> (32 - i)); }
     69 
     70 inline static void Round(uint32_t *a, uint32_t b UNUSED, uint32_t *c, uint32_t d UNUSED, uint32_t e, uint32_t f, uint32_t x, uint32_t k, int r)
     71 {
     72     *a = rol(*a + f + x + k, r) + e;
     73     *c = rol(*c, 10);
     74 }
     75 
     76 inline static void R11(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f1(b, *c, d), x, 0, r); }
     77 inline static void R21(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f2(b, *c, d), x, 0x5A827999ul, r); }
     78 inline static void R31(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f3(b, *c, d), x, 0x6ED9EBA1ul, r); }
     79 inline static void R41(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f4(b, *c, d), x, 0x8F1BBCDCul, r); }
     80 inline static void R51(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f5(b, *c, d), x, 0xA953FD4Eul, r); }
     81 
     82 inline static void R12(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f5(b, *c, d), x, 0x50A28BE6ul, r); }
     83 inline static void R22(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f4(b, *c, d), x, 0x5C4DD124ul, r); }
     84 inline static void R32(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f3(b, *c, d), x, 0x6D703EF3ul, r); }
     85 inline static void R42(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f2(b, *c, d), x, 0x7A6D76E9ul, r); }
     86 inline static void R52(uint32_t *a, uint32_t b, uint32_t *c, uint32_t d, uint32_t e, uint32_t x, int r) { Round(a, b, c, d, e, f1(b, *c, d), x, 0, r); }
     87 
     88 /** Perform a RIPEMD-160 transformation, processing a 64-byte chunk. */
     89 static void Transform(uint32_t *s, const uint32_t *chunk)
     90 {
     91     uint32_t a1 = s[0], b1 = s[1], c1 = s[2], d1 = s[3], e1 = s[4];
     92     uint32_t a2 = a1, b2 = b1, c2 = c1, d2 = d1, e2 = e1;
     93     uint32_t w0 = le32_to_cpu(chunk[0]), w1 = le32_to_cpu(chunk[1]), w2 = le32_to_cpu(chunk[2]), w3 = le32_to_cpu(chunk[3]);
     94     uint32_t w4 = le32_to_cpu(chunk[4]), w5 = le32_to_cpu(chunk[5]), w6 = le32_to_cpu(chunk[6]), w7 = le32_to_cpu(chunk[7]);
     95     uint32_t w8 = le32_to_cpu(chunk[8]), w9 = le32_to_cpu(chunk[9]), w10 = le32_to_cpu(chunk[10]), w11 = le32_to_cpu(chunk[11]);
     96     uint32_t w12 = le32_to_cpu(chunk[12]), w13 = le32_to_cpu(chunk[13]), w14 = le32_to_cpu(chunk[14]), w15 = le32_to_cpu(chunk[15]);
     97     uint32_t t;
     98 
     99     R11(&a1, b1, &c1, d1, e1, w0, 11);
    100     R12(&a2, b2, &c2, d2, e2, w5, 8);
    101     R11(&e1, a1, &b1, c1, d1, w1, 14);
    102     R12(&e2, a2, &b2, c2, d2, w14, 9);
    103     R11(&d1, e1, &a1, b1, c1, w2, 15);
    104     R12(&d2, e2, &a2, b2, c2, w7, 9);
    105     R11(&c1, d1, &e1, a1, b1, w3, 12);
    106     R12(&c2, d2, &e2, a2, b2, w0, 11);
    107     R11(&b1, c1, &d1, e1, a1, w4, 5);
    108     R12(&b2, c2, &d2, e2, a2, w9, 13);
    109     R11(&a1, b1, &c1, d1, e1, w5, 8);
    110     R12(&a2, b2, &c2, d2, e2, w2, 15);
    111     R11(&e1, a1, &b1, c1, d1, w6, 7);
    112     R12(&e2, a2, &b2, c2, d2, w11, 15);
    113     R11(&d1, e1, &a1, b1, c1, w7, 9);
    114     R12(&d2, e2, &a2, b2, c2, w4, 5);
    115     R11(&c1, d1, &e1, a1, b1, w8, 11);
    116     R12(&c2, d2, &e2, a2, b2, w13, 7);
    117     R11(&b1, c1, &d1, e1, a1, w9, 13);
    118     R12(&b2, c2, &d2, e2, a2, w6, 7);
    119     R11(&a1, b1, &c1, d1, e1, w10, 14);
    120     R12(&a2, b2, &c2, d2, e2, w15, 8);
    121     R11(&e1, a1, &b1, c1, d1, w11, 15);
    122     R12(&e2, a2, &b2, c2, d2, w8, 11);
    123     R11(&d1, e1, &a1, b1, c1, w12, 6);
    124     R12(&d2, e2, &a2, b2, c2, w1, 14);
    125     R11(&c1, d1, &e1, a1, b1, w13, 7);
    126     R12(&c2, d2, &e2, a2, b2, w10, 14);
    127     R11(&b1, c1, &d1, e1, a1, w14, 9);
    128     R12(&b2, c2, &d2, e2, a2, w3, 12);
    129     R11(&a1, b1, &c1, d1, e1, w15, 8);
    130     R12(&a2, b2, &c2, d2, e2, w12, 6);
    131 
    132     R21(&e1, a1, &b1, c1, d1, w7, 7);
    133     R22(&e2, a2, &b2, c2, d2, w6, 9);
    134     R21(&d1, e1, &a1, b1, c1, w4, 6);
    135     R22(&d2, e2, &a2, b2, c2, w11, 13);
    136     R21(&c1, d1, &e1, a1, b1, w13, 8);
    137     R22(&c2, d2, &e2, a2, b2, w3, 15);
    138     R21(&b1, c1, &d1, e1, a1, w1, 13);
    139     R22(&b2, c2, &d2, e2, a2, w7, 7);
    140     R21(&a1, b1, &c1, d1, e1, w10, 11);
    141     R22(&a2, b2, &c2, d2, e2, w0, 12);
    142     R21(&e1, a1, &b1, c1, d1, w6, 9);
    143     R22(&e2, a2, &b2, c2, d2, w13, 8);
    144     R21(&d1, e1, &a1, b1, c1, w15, 7);
    145     R22(&d2, e2, &a2, b2, c2, w5, 9);
    146     R21(&c1, d1, &e1, a1, b1, w3, 15);
    147     R22(&c2, d2, &e2, a2, b2, w10, 11);
    148     R21(&b1, c1, &d1, e1, a1, w12, 7);
    149     R22(&b2, c2, &d2, e2, a2, w14, 7);
    150     R21(&a1, b1, &c1, d1, e1, w0, 12);
    151     R22(&a2, b2, &c2, d2, e2, w15, 7);
    152     R21(&e1, a1, &b1, c1, d1, w9, 15);
    153     R22(&e2, a2, &b2, c2, d2, w8, 12);
    154     R21(&d1, e1, &a1, b1, c1, w5, 9);
    155     R22(&d2, e2, &a2, b2, c2, w12, 7);
    156     R21(&c1, d1, &e1, a1, b1, w2, 11);
    157     R22(&c2, d2, &e2, a2, b2, w4, 6);
    158     R21(&b1, c1, &d1, e1, a1, w14, 7);
    159     R22(&b2, c2, &d2, e2, a2, w9, 15);
    160     R21(&a1, b1, &c1, d1, e1, w11, 13);
    161     R22(&a2, b2, &c2, d2, e2, w1, 13);
    162     R21(&e1, a1, &b1, c1, d1, w8, 12);
    163     R22(&e2, a2, &b2, c2, d2, w2, 11);
    164 
    165     R31(&d1, e1, &a1, b1, c1, w3, 11);
    166     R32(&d2, e2, &a2, b2, c2, w15, 9);
    167     R31(&c1, d1, &e1, a1, b1, w10, 13);
    168     R32(&c2, d2, &e2, a2, b2, w5, 7);
    169     R31(&b1, c1, &d1, e1, a1, w14, 6);
    170     R32(&b2, c2, &d2, e2, a2, w1, 15);
    171     R31(&a1, b1, &c1, d1, e1, w4, 7);
    172     R32(&a2, b2, &c2, d2, e2, w3, 11);
    173     R31(&e1, a1, &b1, c1, d1, w9, 14);
    174     R32(&e2, a2, &b2, c2, d2, w7, 8);
    175     R31(&d1, e1, &a1, b1, c1, w15, 9);
    176     R32(&d2, e2, &a2, b2, c2, w14, 6);
    177     R31(&c1, d1, &e1, a1, b1, w8, 13);
    178     R32(&c2, d2, &e2, a2, b2, w6, 6);
    179     R31(&b1, c1, &d1, e1, a1, w1, 15);
    180     R32(&b2, c2, &d2, e2, a2, w9, 14);
    181     R31(&a1, b1, &c1, d1, e1, w2, 14);
    182     R32(&a2, b2, &c2, d2, e2, w11, 12);
    183     R31(&e1, a1, &b1, c1, d1, w7, 8);
    184     R32(&e2, a2, &b2, c2, d2, w8, 13);
    185     R31(&d1, e1, &a1, b1, c1, w0, 13);
    186     R32(&d2, e2, &a2, b2, c2, w12, 5);
    187     R31(&c1, d1, &e1, a1, b1, w6, 6);
    188     R32(&c2, d2, &e2, a2, b2, w2, 14);
    189     R31(&b1, c1, &d1, e1, a1, w13, 5);
    190     R32(&b2, c2, &d2, e2, a2, w10, 13);
    191     R31(&a1, b1, &c1, d1, e1, w11, 12);
    192     R32(&a2, b2, &c2, d2, e2, w0, 13);
    193     R31(&e1, a1, &b1, c1, d1, w5, 7);
    194     R32(&e2, a2, &b2, c2, d2, w4, 7);
    195     R31(&d1, e1, &a1, b1, c1, w12, 5);
    196     R32(&d2, e2, &a2, b2, c2, w13, 5);
    197 
    198     R41(&c1, d1, &e1, a1, b1, w1, 11);
    199     R42(&c2, d2, &e2, a2, b2, w8, 15);
    200     R41(&b1, c1, &d1, e1, a1, w9, 12);
    201     R42(&b2, c2, &d2, e2, a2, w6, 5);
    202     R41(&a1, b1, &c1, d1, e1, w11, 14);
    203     R42(&a2, b2, &c2, d2, e2, w4, 8);
    204     R41(&e1, a1, &b1, c1, d1, w10, 15);
    205     R42(&e2, a2, &b2, c2, d2, w1, 11);
    206     R41(&d1, e1, &a1, b1, c1, w0, 14);
    207     R42(&d2, e2, &a2, b2, c2, w3, 14);
    208     R41(&c1, d1, &e1, a1, b1, w8, 15);
    209     R42(&c2, d2, &e2, a2, b2, w11, 14);
    210     R41(&b1, c1, &d1, e1, a1, w12, 9);
    211     R42(&b2, c2, &d2, e2, a2, w15, 6);
    212     R41(&a1, b1, &c1, d1, e1, w4, 8);
    213     R42(&a2, b2, &c2, d2, e2, w0, 14);
    214     R41(&e1, a1, &b1, c1, d1, w13, 9);
    215     R42(&e2, a2, &b2, c2, d2, w5, 6);
    216     R41(&d1, e1, &a1, b1, c1, w3, 14);
    217     R42(&d2, e2, &a2, b2, c2, w12, 9);
    218     R41(&c1, d1, &e1, a1, b1, w7, 5);
    219     R42(&c2, d2, &e2, a2, b2, w2, 12);
    220     R41(&b1, c1, &d1, e1, a1, w15, 6);
    221     R42(&b2, c2, &d2, e2, a2, w13, 9);
    222     R41(&a1, b1, &c1, d1, e1, w14, 8);
    223     R42(&a2, b2, &c2, d2, e2, w9, 12);
    224     R41(&e1, a1, &b1, c1, d1, w5, 6);
    225     R42(&e2, a2, &b2, c2, d2, w7, 5);
    226     R41(&d1, e1, &a1, b1, c1, w6, 5);
    227     R42(&d2, e2, &a2, b2, c2, w10, 15);
    228     R41(&c1, d1, &e1, a1, b1, w2, 12);
    229     R42(&c2, d2, &e2, a2, b2, w14, 8);
    230 
    231     R51(&b1, c1, &d1, e1, a1, w4, 9);
    232     R52(&b2, c2, &d2, e2, a2, w12, 8);
    233     R51(&a1, b1, &c1, d1, e1, w0, 15);
    234     R52(&a2, b2, &c2, d2, e2, w15, 5);
    235     R51(&e1, a1, &b1, c1, d1, w5, 5);
    236     R52(&e2, a2, &b2, c2, d2, w10, 12);
    237     R51(&d1, e1, &a1, b1, c1, w9, 11);
    238     R52(&d2, e2, &a2, b2, c2, w4, 9);
    239     R51(&c1, d1, &e1, a1, b1, w7, 6);
    240     R52(&c2, d2, &e2, a2, b2, w1, 12);
    241     R51(&b1, c1, &d1, e1, a1, w12, 8);
    242     R52(&b2, c2, &d2, e2, a2, w5, 5);
    243     R51(&a1, b1, &c1, d1, e1, w2, 13);
    244     R52(&a2, b2, &c2, d2, e2, w8, 14);
    245     R51(&e1, a1, &b1, c1, d1, w10, 12);
    246     R52(&e2, a2, &b2, c2, d2, w7, 6);
    247     R51(&d1, e1, &a1, b1, c1, w14, 5);
    248     R52(&d2, e2, &a2, b2, c2, w6, 8);
    249     R51(&c1, d1, &e1, a1, b1, w1, 12);
    250     R52(&c2, d2, &e2, a2, b2, w2, 13);
    251     R51(&b1, c1, &d1, e1, a1, w3, 13);
    252     R52(&b2, c2, &d2, e2, a2, w13, 6);
    253     R51(&a1, b1, &c1, d1, e1, w8, 14);
    254     R52(&a2, b2, &c2, d2, e2, w14, 5);
    255     R51(&e1, a1, &b1, c1, d1, w11, 11);
    256     R52(&e2, a2, &b2, c2, d2, w0, 15);
    257     R51(&d1, e1, &a1, b1, c1, w6, 8);
    258     R52(&d2, e2, &a2, b2, c2, w3, 13);
    259     R51(&c1, d1, &e1, a1, b1, w15, 5);
    260     R52(&c2, d2, &e2, a2, b2, w9, 11);
    261     R51(&b1, c1, &d1, e1, a1, w13, 6);
    262     R52(&b2, c2, &d2, e2, a2, w11, 11);
    263 
    264     t = s[0];
    265     s[0] = s[1] + c1 + d2;
    266     s[1] = s[2] + d1 + e2;
    267     s[2] = s[3] + e1 + a2;
    268     s[3] = s[4] + a1 + b2;
    269     s[4] = t + b1 + c2;
    270 }
    271 
    272 static void add(struct ripemd160_ctx *ctx, const void *p, size_t len)
    273 {
    274 	const unsigned char *data = p;
    275 	size_t bufsize = ctx->bytes % 64;
    276 
    277 	if (bufsize + len >= 64) {
    278 		/* Fill the buffer, and process it. */
    279 		memcpy(ctx->buf.u8 + bufsize, data, 64 - bufsize);
    280 		ctx->bytes += 64 - bufsize;
    281 		data += 64 - bufsize;
    282 		len -= 64 - bufsize;
    283 		Transform(ctx->s, ctx->buf.u32);
    284 		bufsize = 0;
    285 	}
    286 
    287 	while (len >= 64) {
    288 		/* Process full chunks directly from the source. */
    289 		if (alignment_ok(data, sizeof(uint32_t)))
    290 			Transform(ctx->s, (const uint32_t *)data);
    291 		else {
    292 			memcpy(ctx->buf.u8, data, sizeof(ctx->buf));
    293 			Transform(ctx->s, ctx->buf.u32);
    294 		}
    295 		ctx->bytes += 64;
    296 		data += 64;
    297 		len -= 64;
    298 	}
    299 
    300 	if (len) {
    301 		/* Fill the buffer with what remains. */
    302 		memcpy(ctx->buf.u8 + bufsize, data, len);
    303 		ctx->bytes += len;
    304 	}
    305 }
    306 
    307 void ripemd160_init(struct ripemd160_ctx *ctx)
    308 {
    309 	struct ripemd160_ctx init = RIPEMD160_INIT;
    310 	*ctx = init;
    311 }
    312 
    313 void ripemd160_update(struct ripemd160_ctx *ctx, const void *p, size_t size)
    314 {
    315 	check_ripemd160(ctx);
    316 	add(ctx, p, size);
    317 }
    318 
    319 void ripemd160_done(struct ripemd160_ctx *ctx, struct ripemd160 *res)
    320 {
    321 	static const unsigned char pad[64] = {0x80};
    322 	uint64_t sizedesc;
    323 	size_t i;
    324 
    325 	sizedesc = cpu_to_le64(ctx->bytes << 3);
    326 	/* Add '1' bit to terminate, then all 0 bits, up to next block - 8. */
    327 	add(ctx, pad, 1 + ((119 - (ctx->bytes % 64)) % 64));
    328 	/* Add number of bits of data (big endian) */
    329 	add(ctx, &sizedesc, 8);
    330 	for (i = 0; i < sizeof(ctx->s) / sizeof(ctx->s[0]); i++)
    331 		res->u.u32[i] = cpu_to_le32(ctx->s[i]);
    332 	invalidate_ripemd160(ctx);
    333 }
    334 #endif
    335 
    336 void ripemd160(struct ripemd160 *ripemd, const void *p, size_t size)
    337 {
    338 	struct ripemd160_ctx ctx;
    339 
    340 	ripemd160_init(&ctx);
    341 	ripemd160_update(&ctx, p, size);
    342 	ripemd160_done(&ctx, ripemd);
    343 	memset(&ctx, 0, sizeof(ctx));
    344 }
    345 
    346 void ripemd160_u8(struct ripemd160_ctx *ctx, uint8_t v)
    347 {
    348 	ripemd160_update(ctx, &v, sizeof(v));
    349 }
    350 
    351 void ripemd160_u16(struct ripemd160_ctx *ctx, uint16_t v)
    352 {
    353 	ripemd160_update(ctx, &v, sizeof(v));
    354 }
    355 
    356 void ripemd160_u32(struct ripemd160_ctx *ctx, uint32_t v)
    357 {
    358 	ripemd160_update(ctx, &v, sizeof(v));
    359 }
    360 
    361 void ripemd160_u64(struct ripemd160_ctx *ctx, uint64_t v)
    362 {
    363 	ripemd160_update(ctx, &v, sizeof(v));
    364 }
    365 
    366 /* Add as little-endian */
    367 void ripemd160_le16(struct ripemd160_ctx *ctx, uint16_t v)
    368 {
    369 	leint16_t lev = cpu_to_le16(v);
    370 	ripemd160_update(ctx, &lev, sizeof(lev));
    371 }
    372 
    373 void ripemd160_le32(struct ripemd160_ctx *ctx, uint32_t v)
    374 {
    375 	leint32_t lev = cpu_to_le32(v);
    376 	ripemd160_update(ctx, &lev, sizeof(lev));
    377 }
    378 
    379 void ripemd160_le64(struct ripemd160_ctx *ctx, uint64_t v)
    380 {
    381 	leint64_t lev = cpu_to_le64(v);
    382 	ripemd160_update(ctx, &lev, sizeof(lev));
    383 }
    384 
    385 /* Add as big-endian */
    386 void ripemd160_be16(struct ripemd160_ctx *ctx, uint16_t v)
    387 {
    388 	beint16_t bev = cpu_to_be16(v);
    389 	ripemd160_update(ctx, &bev, sizeof(bev));
    390 }
    391 
    392 void ripemd160_be32(struct ripemd160_ctx *ctx, uint32_t v)
    393 {
    394 	beint32_t bev = cpu_to_be32(v);
    395 	ripemd160_update(ctx, &bev, sizeof(bev));
    396 }
    397 
    398 void ripemd160_be64(struct ripemd160_ctx *ctx, uint64_t v)
    399 {
    400 	beint64_t bev = cpu_to_be64(v);
    401 	ripemd160_update(ctx, &bev, sizeof(bev));
    402 }
    403 
    404