1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
|
#
#
# Nim's Runtime Library
# (c) Copyright 2015 Nim Contributors
#
# See the file "copying.txt", included in this
# distribution, for details about the copyright.
#
## [SHA-1 (Secure Hash Algorithm 1)](https://en.wikipedia.org/wiki/SHA-1)
## is a cryptographic hash function which takes an input and produces
## a 160-bit (20-byte) hash value known as a message digest.
##
## See also
## ========
## * `base64 module<base64.html>`_ for a Base64 encoder and decoder
## * `hashes module<hashes.html>`_ for efficient computations of hash values for diverse Nim types
## * `md5 module<md5.html>`_ for the MD5 checksum algorithm
runnableExamples:
let accessName = secureHash("John Doe")
assert $accessName == "AE6E4D1209F17B460503904FAD297B31E9CF6362"
runnableExamples("-r:off"):
let
a = secureHashFile("myFile.nim")
b = parseSecureHash("10DFAEBF6BFDBC7939957068E2EFACEC4972933C")
assert a == b, "files don't match"
{.deprecated: "use command `nimble install checksums` and import `checksums/sha1` instead".}
import std/strutils
from std/endians import bigEndian32, bigEndian64
when defined(nimPreviewSlimSystem):
import std/syncio
const Sha1DigestSize = 20
type
Sha1Digest* = array[0 .. Sha1DigestSize - 1, uint8]
SecureHash* = distinct Sha1Digest
type
Sha1State* = object
count: int
state: array[5, uint32]
buf: array[64, byte]
# This implementation of the SHA-1 algorithm was ported from the Chromium OS one
# with minor modifications that should not affect its functionality.
proc newSha1State*(): Sha1State =
## Creates a `Sha1State`.
##
## If you use the `secureHash proc <#secureHash,openArray[char]>`_,
## there's no need to call this function explicitly.
result.count = 0
result.state[0] = 0x67452301'u32
result.state[1] = 0xEFCDAB89'u32
result.state[2] = 0x98BADCFE'u32
result.state[3] = 0x10325476'u32
result.state[4] = 0xC3D2E1F0'u32
template ror27(val: uint32): uint32 = (val shr 27) or (val shl 5)
template ror2 (val: uint32): uint32 = (val shr 2) or (val shl 30)
template ror31(val: uint32): uint32 = (val shr 31) or (val shl 1)
proc transform(ctx: var Sha1State) =
var w: array[80, uint32]
var a, b, c, d, e: uint32
var t = 0
a = ctx.state[0]
b = ctx.state[1]
c = ctx.state[2]
d = ctx.state[3]
e = ctx.state[4]
template shaF1(a, b, c, d, e, t: untyped) =
bigEndian32(addr w[t], addr ctx.buf[t * 4])
e += ror27(a) + w[t] + (d xor (b and (c xor d))) + 0x5A827999'u32
b = ror2(b)
while t < 15:
shaF1(a, b, c, d, e, t + 0)
shaF1(e, a, b, c, d, t + 1)
shaF1(d, e, a, b, c, t + 2)
shaF1(c, d, e, a, b, t + 3)
shaF1(b, c, d, e, a, t + 4)
t += 5
shaF1(a, b, c, d, e, t + 0) # 16th one, t == 15
template shaF11(a, b, c, d, e, t: untyped) =
w[t] = ror31(w[t-3] xor w[t-8] xor w[t-14] xor w[t-16])
e += ror27(a) + w[t] + (d xor (b and (c xor d))) + 0x5A827999'u32
b = ror2(b)
shaF11(e, a, b, c, d, t + 1)
shaF11(d, e, a, b, c, t + 2)
shaF11(c, d, e, a, b, t + 3)
shaF11(b, c, d, e, a, t + 4)
template shaF2(a, b, c, d, e, t: untyped) =
w[t] = ror31(w[t-3] xor w[t-8] xor w[t-14] xor w[t-16])
e += ror27(a) + w[t] + (b xor c xor d) + 0x6ED9EBA1'u32
b = ror2(b)
t = 20
while t < 40:
shaF2(a, b, c, d, e, t + 0)
shaF2(e, a, b, c, d, t + 1)
shaF2(d, e, a, b, c, t + 2)
shaF2(c, d, e, a, b, t + 3)
shaF2(b, c, d, e, a, t + 4)
t += 5
template shaF3(a, b, c, d, e, t: untyped) =
w[t] = ror31(w[t-3] xor w[t-8] xor w[t-14] xor w[t-16])
e += ror27(a) + w[t] + ((b and c) or (d and (b or c))) + 0x8F1BBCDC'u32
b = ror2(b)
while t < 60:
shaF3(a, b, c, d, e, t + 0)
shaF3(e, a, b, c, d, t + 1)
shaF3(d, e, a, b, c, t + 2)
shaF3(c, d, e, a, b, t + 3)
shaF3(b, c, d, e, a, t + 4)
t += 5
template shaF4(a, b, c, d, e, t: untyped) =
w[t] = ror31(w[t-3] xor w[t-8] xor w[t-14] xor w[t-16])
e += ror27(a) + w[t] + (b xor c xor d) + 0xCA62C1D6'u32
b = ror2(b)
while t < 80:
shaF4(a, b, c, d, e, t + 0)
shaF4(e, a, b, c, d, t + 1)
shaF4(d, e, a, b, c, t + 2)
shaF4(c, d, e, a, b, t + 3)
shaF4(b, c, d, e, a, t + 4)
t += 5
ctx.state[0] += a
ctx.state[1] += b
ctx.state[2] += c
ctx.state[3] += d
ctx.state[4] += e
proc update*(ctx: var Sha1State, data: openArray[char]) =
## Updates the `Sha1State` with `data`.
##
## If you use the `secureHash proc <#secureHash,openArray[char]>`_,
## there's no need to call this function explicitly.
var i = ctx.count mod 64
var j = 0
var len = data.len
# Gather 64-bytes worth of data in order to perform a round with the leftover
# data we had stored (but not processed yet)
if len > 64 - i:
copyMem(addr ctx.buf[i], unsafeAddr data[j], 64 - i)
len -= 64 - i
j += 64 - i
transform(ctx)
# Update the index since it's used in the while loop below _and_ we want to
# keep its value if this code path isn't executed
i = 0
# Process the bulk of the payload
while len >= 64:
copyMem(addr ctx.buf[0], unsafeAddr data[j], 64)
len -= 64
j += 64
transform(ctx)
# Process the tail of the payload (len is < 64)
while len > 0:
dec len
ctx.buf[i] = byte(data[j])
inc i
inc j
if i == 64:
transform(ctx)
i = 0
ctx.count += data.len
proc finalize*(ctx: var Sha1State): Sha1Digest =
## Finalizes the `Sha1State` and returns a `Sha1Digest`.
##
## If you use the `secureHash proc <#secureHash,openArray[char]>`_,
## there's no need to call this function explicitly.
var cnt = uint64(ctx.count * 8)
# a 1 bit
update(ctx, "\x80")
# Add padding until we reach a complexive size of 64 - 8 bytes
while (ctx.count mod 64) != (64 - 8):
update(ctx, "\x00")
# The message length as a 64bit BE number completes the block
var tmp: array[8, char]
bigEndian64(addr tmp[0], addr cnt)
update(ctx, tmp)
# Turn the result into a single 160-bit number
for i in 0 ..< 5:
bigEndian32(addr ctx.state[i], addr ctx.state[i])
copyMem(addr result[0], addr ctx.state[0], Sha1DigestSize)
# Public API
proc secureHash*(str: openArray[char]): SecureHash =
## Generates a `SecureHash` from `str`.
##
## **See also:**
## * `secureHashFile proc <#secureHashFile,string>`_ for generating a `SecureHash` from a file
## * `parseSecureHash proc <#parseSecureHash,string>`_ for converting a string `hash` to `SecureHash`
runnableExamples:
let hash = secureHash("Hello World")
assert hash == parseSecureHash("0A4D55A8D778E5022FAB701977C5D840BBC486D0")
var state = newSha1State()
state.update(str)
SecureHash(state.finalize())
proc secureHashFile*(filename: string): SecureHash =
## Generates a `SecureHash` from a file.
##
## **See also:**
## * `secureHash proc <#secureHash,openArray[char]>`_ for generating a `SecureHash` from a string
## * `parseSecureHash proc <#parseSecureHash,string>`_ for converting a string `hash` to `SecureHash`
const BufferLength = 8192
let f = open(filename)
var state = newSha1State()
var buffer = newString(BufferLength)
while true:
let length = readChars(f, buffer)
if length == 0:
break
buffer.setLen(length)
state.update(buffer)
if length != BufferLength:
break
close(f)
SecureHash(state.finalize())
proc `$`*(self: SecureHash): string =
## Returns the string representation of a `SecureHash`.
##
## **See also:**
## * `secureHash proc <#secureHash,openArray[char]>`_ for generating a `SecureHash` from a string
runnableExamples:
let hash = secureHash("Hello World")
assert $hash == "0A4D55A8D778E5022FAB701977C5D840BBC486D0"
result = ""
for v in Sha1Digest(self):
result.add(toHex(int(v), 2))
proc parseSecureHash*(hash: string): SecureHash =
## Converts a string `hash` to a `SecureHash`.
##
## **See also:**
## * `secureHash proc <#secureHash,openArray[char]>`_ for generating a `SecureHash` from a string
## * `secureHashFile proc <#secureHashFile,string>`_ for generating a `SecureHash` from a file
runnableExamples:
let
hashStr = "0A4D55A8D778E5022FAB701977C5D840BBC486D0"
secureHash = secureHash("Hello World")
assert secureHash == parseSecureHash(hashStr)
for i in 0 ..< Sha1DigestSize:
Sha1Digest(result)[i] = uint8(parseHexInt(hash[i*2] & hash[i*2 + 1]))
proc `==`*(a, b: SecureHash): bool =
## Checks if two `SecureHash` values are identical.
runnableExamples:
let
a = secureHash("Hello World")
b = secureHash("Goodbye World")
c = parseSecureHash("0A4D55A8D778E5022FAB701977C5D840BBC486D0")
assert a != b
assert a == c
# Not a constant-time comparison, but that's acceptable in this context
Sha1Digest(a) == Sha1Digest(b)
proc isValidSha1Hash*(s: string): bool =
## Checks if a string is a valid sha1 hash sum.
s.len == 40 and allCharsInSet(s, HexDigits)
|
