sup

small tool for privilege escalation
git clone https://git.parazyd.org/sup
Log | Files | Refs | README | LICENSE

sha256.c (8957B)

      1 /*
      2  *  FIPS-180-2 compliant SHA-256 implementation
      3  *
      4  *  Copyright (C) 2001-2003  Christophe Devine
      5  *
      6  *  This program is free software; you can redistribute it and/or modify
      7  *  it under the terms of the GNU General Public License as published by
      8  *  the Free Software Foundation; either version 2 of the License, or
      9  *  (at your option) any later version.
     10  *
     11  *  This program is distributed in the hope that it will be useful,
     12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
     13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     14  *  GNU General Public License for more details.
     15  *
     16  *  You should have received a copy of the GNU General Public License
     17  *  along with this program; if not, write to the Free Software
     18  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     19  */
     20 
     21 #include <string.h>
     22 
     23 #include "sha256.h"
     24 
     25 #define GET_UINT32(n,b,i)                       \
     26 {                                               \
     27     (n) = ( (uint32) (b)[(i)    ] << 24 )       \
     28         | ( (uint32) (b)[(i) + 1] << 16 )       \
     29         | ( (uint32) (b)[(i) + 2] <<  8 )       \
     30         | ( (uint32) (b)[(i) + 3]       );      \
     31 }
     32 
     33 #define PUT_UINT32(n,b,i)                       \
     34 {                                               \
     35     (b)[(i)    ] = (uint8) ( (n) >> 24 );       \
     36     (b)[(i) + 1] = (uint8) ( (n) >> 16 );       \
     37     (b)[(i) + 2] = (uint8) ( (n) >>  8 );       \
     38     (b)[(i) + 3] = (uint8) ( (n)       );       \
     39 }
     40 
     41 void sha256_starts( sha256_context *ctx )
     42 {
     43     ctx->total[0] = 0;
     44     ctx->total[1] = 0;
     45 
     46     ctx->state[0] = 0x6A09E667;
     47     ctx->state[1] = 0xBB67AE85;
     48     ctx->state[2] = 0x3C6EF372;
     49     ctx->state[3] = 0xA54FF53A;
     50     ctx->state[4] = 0x510E527F;
     51     ctx->state[5] = 0x9B05688C;
     52     ctx->state[6] = 0x1F83D9AB;
     53     ctx->state[7] = 0x5BE0CD19;
     54 }
     55 
     56 void sha256_process( sha256_context *ctx, uint8 data[64] )
     57 {
     58     uint32 temp1, temp2, W[64];
     59     uint32 A, B, C, D, E, F, G, H;
     60 
     61     GET_UINT32( W[0],  data,  0 );
     62     GET_UINT32( W[1],  data,  4 );
     63     GET_UINT32( W[2],  data,  8 );
     64     GET_UINT32( W[3],  data, 12 );
     65     GET_UINT32( W[4],  data, 16 );
     66     GET_UINT32( W[5],  data, 20 );
     67     GET_UINT32( W[6],  data, 24 );
     68     GET_UINT32( W[7],  data, 28 );
     69     GET_UINT32( W[8],  data, 32 );
     70     GET_UINT32( W[9],  data, 36 );
     71     GET_UINT32( W[10], data, 40 );
     72     GET_UINT32( W[11], data, 44 );
     73     GET_UINT32( W[12], data, 48 );
     74     GET_UINT32( W[13], data, 52 );
     75     GET_UINT32( W[14], data, 56 );
     76     GET_UINT32( W[15], data, 60 );
     77 
     78 #define  SHR(x,n) ((x & 0xFFFFFFFF) >> n)
     79 #define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
     80 
     81 #define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^  SHR(x, 3))
     82 #define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^  SHR(x,10))
     83 
     84 #define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
     85 #define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
     86 
     87 #define F0(x,y,z) ((x & y) | (z & (x | y)))
     88 #define F1(x,y,z) (z ^ (x & (y ^ z)))
     89 
     90 #define R(t)                                    \
     91 (                                               \
     92     W[t] = S1(W[t -  2]) + W[t -  7] +          \
     93            S0(W[t - 15]) + W[t - 16]            \
     94 )
     95 
     96 #define P(a,b,c,d,e,f,g,h,x,K)                  \
     97 {                                               \
     98     temp1 = h + S3(e) + F1(e,f,g) + K + x;      \
     99     temp2 = S2(a) + F0(a,b,c);                  \
    100     d += temp1; h = temp1 + temp2;              \
    101 }
    102 
    103     A = ctx->state[0];
    104     B = ctx->state[1];
    105     C = ctx->state[2];
    106     D = ctx->state[3];
    107     E = ctx->state[4];
    108     F = ctx->state[5];
    109     G = ctx->state[6];
    110     H = ctx->state[7];
    111 
    112     P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 );
    113     P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 );
    114     P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF );
    115     P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 );
    116     P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B );
    117     P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 );
    118     P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 );
    119     P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 );
    120     P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 );
    121     P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 );
    122     P( G, H, A, B, C, D, E, F, W[10], 0x243185BE );
    123     P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 );
    124     P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 );
    125     P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE );
    126     P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 );
    127     P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 );
    128     P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 );
    129     P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 );
    130     P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 );
    131     P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC );
    132     P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F );
    133     P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA );
    134     P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC );
    135     P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA );
    136     P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 );
    137     P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D );
    138     P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 );
    139     P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 );
    140     P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 );
    141     P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 );
    142     P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 );
    143     P( B, C, D, E, F, G, H, A, R(31), 0x14292967 );
    144     P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 );
    145     P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 );
    146     P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC );
    147     P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 );
    148     P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 );
    149     P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB );
    150     P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E );
    151     P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 );
    152     P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 );
    153     P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B );
    154     P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 );
    155     P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 );
    156     P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 );
    157     P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 );
    158     P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 );
    159     P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 );
    160     P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 );
    161     P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 );
    162     P( G, H, A, B, C, D, E, F, R(50), 0x2748774C );
    163     P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 );
    164     P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 );
    165     P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A );
    166     P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F );
    167     P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 );
    168     P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE );
    169     P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F );
    170     P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 );
    171     P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 );
    172     P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA );
    173     P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB );
    174     P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 );
    175     P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 );
    176 
    177     ctx->state[0] += A;
    178     ctx->state[1] += B;
    179     ctx->state[2] += C;
    180     ctx->state[3] += D;
    181     ctx->state[4] += E;
    182     ctx->state[5] += F;
    183     ctx->state[6] += G;
    184     ctx->state[7] += H;
    185 }
    186 
    187 void sha256_update( sha256_context *ctx, uint8 *input, uint32 length )
    188 {
    189     uint32 left, fill;
    190 
    191     if( ! length ) return;
    192 
    193     left = ctx->total[0] & 0x3F;
    194     fill = 64 - left;
    195 
    196     ctx->total[0] += length;
    197     ctx->total[0] &= 0xFFFFFFFF;
    198 
    199     if( ctx->total[0] < length )
    200         ctx->total[1]++;
    201 
    202     if( left && length >= fill )
    203     {
    204         memcpy( (void *) (ctx->buffer + left),
    205                 (void *) input, fill );
    206         sha256_process( ctx, ctx->buffer );
    207         length -= fill;
    208         input  += fill;
    209         left = 0;
    210     }
    211 
    212     while( length >= 64 )
    213     {
    214         sha256_process( ctx, input );
    215         length -= 64;
    216         input  += 64;
    217     }
    218 
    219     if( length )
    220     {
    221         memcpy( (void *) (ctx->buffer + left),
    222                 (void *) input, length );
    223     }
    224 }
    225 
    226 static uint8 sha256_padding[64] =
    227 {
    228  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    229     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    230     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    231     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
    232 };
    233 
    234 void sha256_finish( sha256_context *ctx, uint8 digest[32] )
    235 {
    236     uint32 last, padn;
    237     uint32 high, low;
    238     uint8 msglen[8];
    239 
    240     high = ( ctx->total[0] >> 29 )
    241          | ( ctx->total[1] <<  3 );
    242     low  = ( ctx->total[0] <<  3 );
    243 
    244     PUT_UINT32( high, msglen, 0 );
    245     PUT_UINT32( low,  msglen, 4 );
    246 
    247     last = ctx->total[0] & 0x3F;
    248     padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
    249 
    250     sha256_update( ctx, sha256_padding, padn );
    251     sha256_update( ctx, msglen, 8 );
    252 
    253     PUT_UINT32( ctx->state[0], digest,  0 );
    254     PUT_UINT32( ctx->state[1], digest,  4 );
    255     PUT_UINT32( ctx->state[2], digest,  8 );
    256     PUT_UINT32( ctx->state[3], digest, 12 );
    257     PUT_UINT32( ctx->state[4], digest, 16 );
    258     PUT_UINT32( ctx->state[5], digest, 20 );
    259     PUT_UINT32( ctx->state[6], digest, 24 );
    260     PUT_UINT32( ctx->state[7], digest, 28 );
    261 }