Rasmus Villemoes | 3248340 | 2015-02-12 15:02:40 -0800 | [diff] [blame] | 1 | #include <linux/compiler.h> |
Paul Gortmaker | 8bc3bcc | 2011-11-16 21:29:17 -0500 | [diff] [blame] | 2 | #include <linux/export.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 3 | #include <linux/cryptohash.h> |
Alexander Kuleshov | 1c78bc1 | 2015-11-06 16:31:11 -0800 | [diff] [blame] | 4 | #include <linux/bitops.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 5 | |
| 6 | /* F, G and H are basic MD4 functions: selection, majority, parity */ |
| 7 | #define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) |
| 8 | #define G(x, y, z) (((x) & (y)) + (((x) ^ (y)) & (z))) |
| 9 | #define H(x, y, z) ((x) ^ (y) ^ (z)) |
| 10 | |
| 11 | /* |
| 12 | * The generic round function. The application is so specific that |
| 13 | * we don't bother protecting all the arguments with parens, as is generally |
| 14 | * good macro practice, in favor of extra legibility. |
| 15 | * Rotation is separate from addition to prevent recomputation |
| 16 | */ |
| 17 | #define ROUND(f, a, b, c, d, x, s) \ |
Alexander Kuleshov | 1c78bc1 | 2015-11-06 16:31:11 -0800 | [diff] [blame] | 18 | (a += f(b, c, d) + x, a = rol32(a, s)) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 19 | #define K1 0 |
| 20 | #define K2 013240474631UL |
| 21 | #define K3 015666365641UL |
| 22 | |
| 23 | /* |
| 24 | * Basic cut-down MD4 transform. Returns only 32 bits of result. |
| 25 | */ |
| 26 | __u32 half_md4_transform(__u32 buf[4], __u32 const in[8]) |
| 27 | { |
| 28 | __u32 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; |
| 29 | |
| 30 | /* Round 1 */ |
| 31 | ROUND(F, a, b, c, d, in[0] + K1, 3); |
| 32 | ROUND(F, d, a, b, c, in[1] + K1, 7); |
| 33 | ROUND(F, c, d, a, b, in[2] + K1, 11); |
| 34 | ROUND(F, b, c, d, a, in[3] + K1, 19); |
| 35 | ROUND(F, a, b, c, d, in[4] + K1, 3); |
| 36 | ROUND(F, d, a, b, c, in[5] + K1, 7); |
| 37 | ROUND(F, c, d, a, b, in[6] + K1, 11); |
| 38 | ROUND(F, b, c, d, a, in[7] + K1, 19); |
| 39 | |
| 40 | /* Round 2 */ |
| 41 | ROUND(G, a, b, c, d, in[1] + K2, 3); |
| 42 | ROUND(G, d, a, b, c, in[3] + K2, 5); |
| 43 | ROUND(G, c, d, a, b, in[5] + K2, 9); |
| 44 | ROUND(G, b, c, d, a, in[7] + K2, 13); |
| 45 | ROUND(G, a, b, c, d, in[0] + K2, 3); |
| 46 | ROUND(G, d, a, b, c, in[2] + K2, 5); |
| 47 | ROUND(G, c, d, a, b, in[4] + K2, 9); |
| 48 | ROUND(G, b, c, d, a, in[6] + K2, 13); |
| 49 | |
| 50 | /* Round 3 */ |
| 51 | ROUND(H, a, b, c, d, in[3] + K3, 3); |
| 52 | ROUND(H, d, a, b, c, in[7] + K3, 9); |
| 53 | ROUND(H, c, d, a, b, in[2] + K3, 11); |
| 54 | ROUND(H, b, c, d, a, in[6] + K3, 15); |
| 55 | ROUND(H, a, b, c, d, in[1] + K3, 3); |
| 56 | ROUND(H, d, a, b, c, in[5] + K3, 9); |
| 57 | ROUND(H, c, d, a, b, in[0] + K3, 11); |
| 58 | ROUND(H, b, c, d, a, in[4] + K3, 15); |
| 59 | |
| 60 | buf[0] += a; |
| 61 | buf[1] += b; |
| 62 | buf[2] += c; |
| 63 | buf[3] += d; |
| 64 | |
| 65 | return buf[1]; /* "most hashed" word */ |
| 66 | } |
| 67 | EXPORT_SYMBOL(half_md4_transform); |