1 ------------------------------------------------------------------------------
3 -- GNAT LIBRARY COMPONENTS --
5 -- G N A T . S E C U R E _ H A S H E S --
9 -- Copyright (C) 2009, Free Software Foundation, Inc. --
11 -- GNAT is free software; you can redistribute it and/or modify it under --
12 -- terms of the GNU General Public License as published by the Free Soft- --
13 -- ware Foundation; either version 3, or (at your option) any later ver- --
14 -- sion. GNAT is distributed in the hope that it will be useful, but WITH- --
15 -- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY --
16 -- or FITNESS FOR A PARTICULAR PURPOSE. --
18 -- As a special exception under Section 7 of GPL version 3, you are granted --
19 -- additional permissions described in the GCC Runtime Library Exception, --
20 -- version 3.1, as published by the Free Software Foundation. --
22 -- You should have received a copy of the GNU General Public License and --
23 -- a copy of the GCC Runtime Library Exception along with this program; --
24 -- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see --
25 -- <http://www.gnu.org/licenses/>. --
27 -- GNAT was originally developed by the GNAT team at New York University. --
28 -- Extensive contributions were provided by Ada Core Technologies Inc. --
30 ------------------------------------------------------------------------------
32 with System; use System;
33 with Interfaces; use Interfaces;
35 package body GNAT.Secure_Hashes is
39 Hex_Digit : constant array (Stream_Element range 0 .. 15) of Character :=
40 ('0', '1', '2', '3', '4', '5', '6', '7',
41 '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
43 type Fill_Buffer_Access is
45 (M : in out Message_State;
49 -- A procedure to transfer data from S, starting at First, into M's block
50 -- buffer until either the block buffer is full or all data from S has been
53 procedure Fill_Buffer_Copy
54 (M : in out Message_State;
58 -- Transfer procedure which just copies data from S to M
60 procedure Fill_Buffer_Swap
61 (M : in out Message_State;
65 -- Transfer procedure which swaps bytes from S when copying into M. S must
66 -- have even length. Note that the swapping is performed considering pairs
67 -- starting at S'First, even if S'First /= First (that is, if
68 -- First = S'First then the first copied byte is always S (S'First + 1),
69 -- and if First = S'First + 1 then the first copied byte is always
72 procedure To_String (SEA : Stream_Element_Array; S : out String);
73 -- Return the hexadecimal representation of SEA
75 ----------------------
76 -- Fill_Buffer_Copy --
77 ----------------------
79 procedure Fill_Buffer_Copy
80 (M : in out Message_State;
85 Buf_String : String (M.Buffer'Range);
86 for Buf_String'Address use M.Buffer'Address;
87 pragma Import (Ada, Buf_String);
89 Length : constant Natural :=
90 Natural'Min (M.Block_Length - M.Last, S'Last - First + 1);
93 pragma Assert (Length > 0);
95 Buf_String (M.Last + 1 .. M.Last + Length) :=
96 S (First .. First + Length - 1);
97 M.Last := M.Last + Length;
98 Last := First + Length - 1;
101 ----------------------
102 -- Fill_Buffer_Swap --
103 ----------------------
105 procedure Fill_Buffer_Swap
106 (M : in out Message_State;
111 pragma Assert (S'Length mod 2 = 0);
112 Length : constant Natural :=
113 Natural'Min (M.Block_Length - M.Last, S'Last - First + 1);
116 while Last - First < Length loop
117 M.Buffer (M.Last + 1 + Last - First) :=
118 (if (Last - S'First) mod 2 = 0
123 M.Last := M.Last + Length;
124 Last := First + Length - 1;
125 end Fill_Buffer_Swap;
131 procedure To_String (SEA : Stream_Element_Array; S : out String) is
132 pragma Assert (S'Length = 2 * SEA'Length);
134 for J in SEA'Range loop
136 S_J : constant Natural := 1 + Natural (J - SEA'First) * 2;
138 S (S_J) := Hex_Digit (SEA (J) / 16);
139 S (S_J + 1) := Hex_Digit (SEA (J) mod 16);
153 Fill_Buffer : Fill_Buffer_Access);
154 -- Internal common routine for all Update procedures
158 Hash_Bits : out Ada.Streams.Stream_Element_Array);
159 -- Perform final hashing operations (data padding) and extract the
160 -- (possibly truncated) state of C into Hash_Bits.
166 function Digest (C : Context) return Message_Digest is
167 Hash_Bits : Stream_Element_Array
168 (1 .. Stream_Element_Offset (Hash_Length));
170 Final (C, Hash_Bits);
171 return MD : Message_Digest do
172 To_String (Hash_Bits, MD);
176 function Digest (S : String) return Message_Digest is
183 function Digest (A : Stream_Element_Array) return Message_Digest is
194 -- Once a complete message has been processed, it is padded with one
195 -- 1 bit followed by enough 0 bits so that the last block is
196 -- 2 * Word'Size bits short of being completed. The last 2 * Word'Size
197 -- bits are set to the message size in bits (excluding padding).
201 Hash_Bits : out Stream_Element_Array)
206 -- Number of 0 bytes in padding
208 Message_Length : Unsigned_64 := FC.M_State.Length;
209 -- Message length in bytes
211 Size_Length : constant Natural :=
212 2 * Hash_State.Word'Size / 8;
213 -- Length in bytes of the size representation
216 Zeroes := (Block_Length - 1 - Size_Length - FC.M_State.Last)
217 mod FC.M_State.Block_Length;
219 Pad : String (1 .. 1 + Zeroes + Size_Length) :=
220 (1 => Character'Val (128), others => ASCII.NUL);
223 First_Index : Natural;
226 First_Index := (if Hash_Bit_Order = Low_Order_First
227 then Pad'Last - Size_Length + 1
230 Index := First_Index;
231 while Message_Length > 0 loop
232 if Index = First_Index then
234 -- Message_Length is in bytes, but we need to store it as
237 Pad (Index) := Character'Val
238 (Shift_Left (Message_Length and 16#1f#, 3));
239 Message_Length := Shift_Right (Message_Length, 5);
242 Pad (Index) := Character'Val (Message_Length and 16#ff#);
243 Message_Length := Shift_Right (Message_Length, 8);
247 (if Hash_Bit_Order = Low_Order_First then 1 else -1);
253 pragma Assert (FC.M_State.Last = 0);
255 Hash_State.To_Hash (FC.H_State, Hash_Bits);
265 Fill_Buffer : Fill_Buffer_Access)
267 Last : Natural := S'First - 1;
270 C.M_State.Length := C.M_State.Length + S'Length;
272 while Last < S'Last loop
273 Fill_Buffer (C.M_State, S, Last + 1, Last);
275 if C.M_State.Last = Block_Length then
276 Transform (C.H_State, C.M_State);
287 procedure Update (C : in out Context; Input : String) is
289 Update (C, Input, Fill_Buffer_Copy'Access);
296 procedure Update (C : in out Context; Input : Stream_Element_Array) is
297 S : String (1 .. Input'Length);
298 for S'Address use Input'Address;
299 pragma Import (Ada, S);
301 Update (C, S, Fill_Buffer_Copy'Access);
308 procedure Wide_Update (C : in out Context; Input : Wide_String) is
309 S : String (1 .. 2 * Input'Length);
310 for S'Address use Input'Address;
311 pragma Import (Ada, S);
315 (if System.Default_Bit_Order /= Low_Order_First
316 then Fill_Buffer_Swap'Access
317 else Fill_Buffer_Copy'Access));
324 function Wide_Digest (W : Wide_String) return Message_Digest is
333 -------------------------
334 -- Hash_Function_State --
335 -------------------------
337 package body Hash_Function_State is
343 procedure To_Hash (H : State; H_Bits : out Stream_Element_Array) is
344 Hash_Words : constant Natural := H'Size / Word'Size;
345 Result : State (1 .. Hash_Words) :=
346 H (H'Last - Hash_Words + 1 .. H'Last);
348 R_SEA : Stream_Element_Array (1 .. Result'Size / 8);
349 for R_SEA'Address use Result'Address;
350 pragma Import (Ada, R_SEA);
353 if System.Default_Bit_Order /= Hash_Bit_Order then
354 for J in Result'Range loop
355 Swap (Result (J)'Address);
359 -- Return truncated hash
361 pragma Assert (H_Bits'Length <= R_SEA'Length);
362 H_Bits := R_SEA (R_SEA'First .. R_SEA'First + H_Bits'Length - 1);
365 end Hash_Function_State;
367 end GNAT.Secure_Hashes;
OSDN Git Service
