1 // SPDX-License-Identifier: BSD-2-Clause
2 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
3 *
4 * LibTomCrypt is a library that provides various cryptographic
5 * algorithms in a highly modular and flexible manner.
6 *
7 * The library is free for all purposes without any express
8 * guarantee it works.
9 */
10 #include "tomcrypt_private.h"
11
12 /**
13 @file rmd320.c
14 RMD320 hash function
15 */
16
17 #ifdef LTC_RIPEMD320
18
19 const struct ltc_hash_descriptor rmd320_desc =
20 {
21 "rmd320",
22 14,
23 40,
24 64,
25
26 /* OID ... does not exist
27 * http://oid-info.com/get/1.3.36.3.2 */
28 { 0 },
29 0,
30
31 &rmd320_init,
32 &rmd320_process,
33 &rmd320_done,
34 &rmd320_test,
35 NULL
36 };
37
38 /* the five basic functions F(), G() and H() */
39 #define F(x, y, z) ((x) ^ (y) ^ (z))
40 #define G(x, y, z) (((x) & (y)) | (~(x) & (z)))
41 #define H(x, y, z) (((x) | ~(y)) ^ (z))
42 #define I(x, y, z) (((x) & (z)) | ((y) & ~(z)))
43 #define J(x, y, z) ((x) ^ ((y) | ~(z)))
44
45 /* the ten basic operations FF() through III() */
46 #define FF(a, b, c, d, e, x, s) \
47 (a) += F((b), (c), (d)) + (x);\
48 (a) = ROLc((a), (s)) + (e);\
49 (c) = ROLc((c), 10);
50
51 #define GG(a, b, c, d, e, x, s) \
52 (a) += G((b), (c), (d)) + (x) + 0x5a827999UL;\
53 (a) = ROLc((a), (s)) + (e);\
54 (c) = ROLc((c), 10);
55
56 #define HH(a, b, c, d, e, x, s) \
57 (a) += H((b), (c), (d)) + (x) + 0x6ed9eba1UL;\
58 (a) = ROLc((a), (s)) + (e);\
59 (c) = ROLc((c), 10);
60
61 #define II(a, b, c, d, e, x, s) \
62 (a) += I((b), (c), (d)) + (x) + 0x8f1bbcdcUL;\
63 (a) = ROLc((a), (s)) + (e);\
64 (c) = ROLc((c), 10);
65
66 #define JJ(a, b, c, d, e, x, s) \
67 (a) += J((b), (c), (d)) + (x) + 0xa953fd4eUL;\
68 (a) = ROLc((a), (s)) + (e);\
69 (c) = ROLc((c), 10);
70
71 #define FFF(a, b, c, d, e, x, s) \
72 (a) += F((b), (c), (d)) + (x);\
73 (a) = ROLc((a), (s)) + (e);\
74 (c) = ROLc((c), 10);
75
76 #define GGG(a, b, c, d, e, x, s) \
77 (a) += G((b), (c), (d)) + (x) + 0x7a6d76e9UL;\
78 (a) = ROLc((a), (s)) + (e);\
79 (c) = ROLc((c), 10);
80
81 #define HHH(a, b, c, d, e, x, s) \
82 (a) += H((b), (c), (d)) + (x) + 0x6d703ef3UL;\
83 (a) = ROLc((a), (s)) + (e);\
84 (c) = ROLc((c), 10);
85
86 #define III(a, b, c, d, e, x, s) \
87 (a) += I((b), (c), (d)) + (x) + 0x5c4dd124UL;\
88 (a) = ROLc((a), (s)) + (e);\
89 (c) = ROLc((c), 10);
90
91 #define JJJ(a, b, c, d, e, x, s) \
92 (a) += J((b), (c), (d)) + (x) + 0x50a28be6UL;\
93 (a) = ROLc((a), (s)) + (e);\
94 (c) = ROLc((c), 10);
95
96
97 #ifdef LTC_CLEAN_STACK
_rmd320_compress(hash_state * md,const unsigned char * buf)98 static int _rmd320_compress(hash_state *md, const unsigned char *buf)
99 #else
100 static int rmd320_compress(hash_state *md, const unsigned char *buf)
101 #endif
102 {
103 ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,tmp,X[16];
104 int i;
105
106 /* load words X */
107 for (i = 0; i < 16; i++){
108 LOAD32L(X[i], buf + (4 * i));
109 }
110
111 /* load state */
112 aa = md->rmd320.state[0];
113 bb = md->rmd320.state[1];
114 cc = md->rmd320.state[2];
115 dd = md->rmd320.state[3];
116 ee = md->rmd320.state[4];
117 aaa = md->rmd320.state[5];
118 bbb = md->rmd320.state[6];
119 ccc = md->rmd320.state[7];
120 ddd = md->rmd320.state[8];
121 eee = md->rmd320.state[9];
122
123 /* round 1 */
124 FF(aa, bb, cc, dd, ee, X[ 0], 11);
125 FF(ee, aa, bb, cc, dd, X[ 1], 14);
126 FF(dd, ee, aa, bb, cc, X[ 2], 15);
127 FF(cc, dd, ee, aa, bb, X[ 3], 12);
128 FF(bb, cc, dd, ee, aa, X[ 4], 5);
129 FF(aa, bb, cc, dd, ee, X[ 5], 8);
130 FF(ee, aa, bb, cc, dd, X[ 6], 7);
131 FF(dd, ee, aa, bb, cc, X[ 7], 9);
132 FF(cc, dd, ee, aa, bb, X[ 8], 11);
133 FF(bb, cc, dd, ee, aa, X[ 9], 13);
134 FF(aa, bb, cc, dd, ee, X[10], 14);
135 FF(ee, aa, bb, cc, dd, X[11], 15);
136 FF(dd, ee, aa, bb, cc, X[12], 6);
137 FF(cc, dd, ee, aa, bb, X[13], 7);
138 FF(bb, cc, dd, ee, aa, X[14], 9);
139 FF(aa, bb, cc, dd, ee, X[15], 8);
140
141 /* parallel round 1 */
142 JJJ(aaa, bbb, ccc, ddd, eee, X[ 5], 8);
143 JJJ(eee, aaa, bbb, ccc, ddd, X[14], 9);
144 JJJ(ddd, eee, aaa, bbb, ccc, X[ 7], 9);
145 JJJ(ccc, ddd, eee, aaa, bbb, X[ 0], 11);
146 JJJ(bbb, ccc, ddd, eee, aaa, X[ 9], 13);
147 JJJ(aaa, bbb, ccc, ddd, eee, X[ 2], 15);
148 JJJ(eee, aaa, bbb, ccc, ddd, X[11], 15);
149 JJJ(ddd, eee, aaa, bbb, ccc, X[ 4], 5);
150 JJJ(ccc, ddd, eee, aaa, bbb, X[13], 7);
151 JJJ(bbb, ccc, ddd, eee, aaa, X[ 6], 7);
152 JJJ(aaa, bbb, ccc, ddd, eee, X[15], 8);
153 JJJ(eee, aaa, bbb, ccc, ddd, X[ 8], 11);
154 JJJ(ddd, eee, aaa, bbb, ccc, X[ 1], 14);
155 JJJ(ccc, ddd, eee, aaa, bbb, X[10], 14);
156 JJJ(bbb, ccc, ddd, eee, aaa, X[ 3], 12);
157 JJJ(aaa, bbb, ccc, ddd, eee, X[12], 6);
158
159 tmp = aa; aa = aaa; aaa = tmp;
160
161 /* round 2 */
162 GG(ee, aa, bb, cc, dd, X[ 7], 7);
163 GG(dd, ee, aa, bb, cc, X[ 4], 6);
164 GG(cc, dd, ee, aa, bb, X[13], 8);
165 GG(bb, cc, dd, ee, aa, X[ 1], 13);
166 GG(aa, bb, cc, dd, ee, X[10], 11);
167 GG(ee, aa, bb, cc, dd, X[ 6], 9);
168 GG(dd, ee, aa, bb, cc, X[15], 7);
169 GG(cc, dd, ee, aa, bb, X[ 3], 15);
170 GG(bb, cc, dd, ee, aa, X[12], 7);
171 GG(aa, bb, cc, dd, ee, X[ 0], 12);
172 GG(ee, aa, bb, cc, dd, X[ 9], 15);
173 GG(dd, ee, aa, bb, cc, X[ 5], 9);
174 GG(cc, dd, ee, aa, bb, X[ 2], 11);
175 GG(bb, cc, dd, ee, aa, X[14], 7);
176 GG(aa, bb, cc, dd, ee, X[11], 13);
177 GG(ee, aa, bb, cc, dd, X[ 8], 12);
178
179 /* parallel round 2 */
180 III(eee, aaa, bbb, ccc, ddd, X[ 6], 9);
181 III(ddd, eee, aaa, bbb, ccc, X[11], 13);
182 III(ccc, ddd, eee, aaa, bbb, X[ 3], 15);
183 III(bbb, ccc, ddd, eee, aaa, X[ 7], 7);
184 III(aaa, bbb, ccc, ddd, eee, X[ 0], 12);
185 III(eee, aaa, bbb, ccc, ddd, X[13], 8);
186 III(ddd, eee, aaa, bbb, ccc, X[ 5], 9);
187 III(ccc, ddd, eee, aaa, bbb, X[10], 11);
188 III(bbb, ccc, ddd, eee, aaa, X[14], 7);
189 III(aaa, bbb, ccc, ddd, eee, X[15], 7);
190 III(eee, aaa, bbb, ccc, ddd, X[ 8], 12);
191 III(ddd, eee, aaa, bbb, ccc, X[12], 7);
192 III(ccc, ddd, eee, aaa, bbb, X[ 4], 6);
193 III(bbb, ccc, ddd, eee, aaa, X[ 9], 15);
194 III(aaa, bbb, ccc, ddd, eee, X[ 1], 13);
195 III(eee, aaa, bbb, ccc, ddd, X[ 2], 11);
196
197 tmp = bb; bb = bbb; bbb = tmp;
198
199 /* round 3 */
200 HH(dd, ee, aa, bb, cc, X[ 3], 11);
201 HH(cc, dd, ee, aa, bb, X[10], 13);
202 HH(bb, cc, dd, ee, aa, X[14], 6);
203 HH(aa, bb, cc, dd, ee, X[ 4], 7);
204 HH(ee, aa, bb, cc, dd, X[ 9], 14);
205 HH(dd, ee, aa, bb, cc, X[15], 9);
206 HH(cc, dd, ee, aa, bb, X[ 8], 13);
207 HH(bb, cc, dd, ee, aa, X[ 1], 15);
208 HH(aa, bb, cc, dd, ee, X[ 2], 14);
209 HH(ee, aa, bb, cc, dd, X[ 7], 8);
210 HH(dd, ee, aa, bb, cc, X[ 0], 13);
211 HH(cc, dd, ee, aa, bb, X[ 6], 6);
212 HH(bb, cc, dd, ee, aa, X[13], 5);
213 HH(aa, bb, cc, dd, ee, X[11], 12);
214 HH(ee, aa, bb, cc, dd, X[ 5], 7);
215 HH(dd, ee, aa, bb, cc, X[12], 5);
216
217 /* parallel round 3 */
218 HHH(ddd, eee, aaa, bbb, ccc, X[15], 9);
219 HHH(ccc, ddd, eee, aaa, bbb, X[ 5], 7);
220 HHH(bbb, ccc, ddd, eee, aaa, X[ 1], 15);
221 HHH(aaa, bbb, ccc, ddd, eee, X[ 3], 11);
222 HHH(eee, aaa, bbb, ccc, ddd, X[ 7], 8);
223 HHH(ddd, eee, aaa, bbb, ccc, X[14], 6);
224 HHH(ccc, ddd, eee, aaa, bbb, X[ 6], 6);
225 HHH(bbb, ccc, ddd, eee, aaa, X[ 9], 14);
226 HHH(aaa, bbb, ccc, ddd, eee, X[11], 12);
227 HHH(eee, aaa, bbb, ccc, ddd, X[ 8], 13);
228 HHH(ddd, eee, aaa, bbb, ccc, X[12], 5);
229 HHH(ccc, ddd, eee, aaa, bbb, X[ 2], 14);
230 HHH(bbb, ccc, ddd, eee, aaa, X[10], 13);
231 HHH(aaa, bbb, ccc, ddd, eee, X[ 0], 13);
232 HHH(eee, aaa, bbb, ccc, ddd, X[ 4], 7);
233 HHH(ddd, eee, aaa, bbb, ccc, X[13], 5);
234
235 tmp = cc; cc = ccc; ccc = tmp;
236
237 /* round 4 */
238 II(cc, dd, ee, aa, bb, X[ 1], 11);
239 II(bb, cc, dd, ee, aa, X[ 9], 12);
240 II(aa, bb, cc, dd, ee, X[11], 14);
241 II(ee, aa, bb, cc, dd, X[10], 15);
242 II(dd, ee, aa, bb, cc, X[ 0], 14);
243 II(cc, dd, ee, aa, bb, X[ 8], 15);
244 II(bb, cc, dd, ee, aa, X[12], 9);
245 II(aa, bb, cc, dd, ee, X[ 4], 8);
246 II(ee, aa, bb, cc, dd, X[13], 9);
247 II(dd, ee, aa, bb, cc, X[ 3], 14);
248 II(cc, dd, ee, aa, bb, X[ 7], 5);
249 II(bb, cc, dd, ee, aa, X[15], 6);
250 II(aa, bb, cc, dd, ee, X[14], 8);
251 II(ee, aa, bb, cc, dd, X[ 5], 6);
252 II(dd, ee, aa, bb, cc, X[ 6], 5);
253 II(cc, dd, ee, aa, bb, X[ 2], 12);
254
255 /* parallel round 4 */
256 GGG(ccc, ddd, eee, aaa, bbb, X[ 8], 15);
257 GGG(bbb, ccc, ddd, eee, aaa, X[ 6], 5);
258 GGG(aaa, bbb, ccc, ddd, eee, X[ 4], 8);
259 GGG(eee, aaa, bbb, ccc, ddd, X[ 1], 11);
260 GGG(ddd, eee, aaa, bbb, ccc, X[ 3], 14);
261 GGG(ccc, ddd, eee, aaa, bbb, X[11], 14);
262 GGG(bbb, ccc, ddd, eee, aaa, X[15], 6);
263 GGG(aaa, bbb, ccc, ddd, eee, X[ 0], 14);
264 GGG(eee, aaa, bbb, ccc, ddd, X[ 5], 6);
265 GGG(ddd, eee, aaa, bbb, ccc, X[12], 9);
266 GGG(ccc, ddd, eee, aaa, bbb, X[ 2], 12);
267 GGG(bbb, ccc, ddd, eee, aaa, X[13], 9);
268 GGG(aaa, bbb, ccc, ddd, eee, X[ 9], 12);
269 GGG(eee, aaa, bbb, ccc, ddd, X[ 7], 5);
270 GGG(ddd, eee, aaa, bbb, ccc, X[10], 15);
271 GGG(ccc, ddd, eee, aaa, bbb, X[14], 8);
272
273 tmp = dd; dd = ddd; ddd = tmp;
274
275 /* round 5 */
276 JJ(bb, cc, dd, ee, aa, X[ 4], 9);
277 JJ(aa, bb, cc, dd, ee, X[ 0], 15);
278 JJ(ee, aa, bb, cc, dd, X[ 5], 5);
279 JJ(dd, ee, aa, bb, cc, X[ 9], 11);
280 JJ(cc, dd, ee, aa, bb, X[ 7], 6);
281 JJ(bb, cc, dd, ee, aa, X[12], 8);
282 JJ(aa, bb, cc, dd, ee, X[ 2], 13);
283 JJ(ee, aa, bb, cc, dd, X[10], 12);
284 JJ(dd, ee, aa, bb, cc, X[14], 5);
285 JJ(cc, dd, ee, aa, bb, X[ 1], 12);
286 JJ(bb, cc, dd, ee, aa, X[ 3], 13);
287 JJ(aa, bb, cc, dd, ee, X[ 8], 14);
288 JJ(ee, aa, bb, cc, dd, X[11], 11);
289 JJ(dd, ee, aa, bb, cc, X[ 6], 8);
290 JJ(cc, dd, ee, aa, bb, X[15], 5);
291 JJ(bb, cc, dd, ee, aa, X[13], 6);
292
293 /* parallel round 5 */
294 FFF(bbb, ccc, ddd, eee, aaa, X[12] , 8);
295 FFF(aaa, bbb, ccc, ddd, eee, X[15] , 5);
296 FFF(eee, aaa, bbb, ccc, ddd, X[10] , 12);
297 FFF(ddd, eee, aaa, bbb, ccc, X[ 4] , 9);
298 FFF(ccc, ddd, eee, aaa, bbb, X[ 1] , 12);
299 FFF(bbb, ccc, ddd, eee, aaa, X[ 5] , 5);
300 FFF(aaa, bbb, ccc, ddd, eee, X[ 8] , 14);
301 FFF(eee, aaa, bbb, ccc, ddd, X[ 7] , 6);
302 FFF(ddd, eee, aaa, bbb, ccc, X[ 6] , 8);
303 FFF(ccc, ddd, eee, aaa, bbb, X[ 2] , 13);
304 FFF(bbb, ccc, ddd, eee, aaa, X[13] , 6);
305 FFF(aaa, bbb, ccc, ddd, eee, X[14] , 5);
306 FFF(eee, aaa, bbb, ccc, ddd, X[ 0] , 15);
307 FFF(ddd, eee, aaa, bbb, ccc, X[ 3] , 13);
308 FFF(ccc, ddd, eee, aaa, bbb, X[ 9] , 11);
309 FFF(bbb, ccc, ddd, eee, aaa, X[11] , 11);
310
311 tmp = ee; ee = eee; eee = tmp;
312
313 /* combine results */
314 md->rmd320.state[0] += aa;
315 md->rmd320.state[1] += bb;
316 md->rmd320.state[2] += cc;
317 md->rmd320.state[3] += dd;
318 md->rmd320.state[4] += ee;
319 md->rmd320.state[5] += aaa;
320 md->rmd320.state[6] += bbb;
321 md->rmd320.state[7] += ccc;
322 md->rmd320.state[8] += ddd;
323 md->rmd320.state[9] += eee;
324
325 return CRYPT_OK;
326 }
327
328 #ifdef LTC_CLEAN_STACK
rmd320_compress(hash_state * md,const unsigned char * buf)329 static int rmd320_compress(hash_state *md, const unsigned char *buf)
330 {
331 int err;
332 err = _rmd320_compress(md, buf);
333 burn_stack(sizeof(ulong32) * 27 + sizeof(int));
334 return err;
335 }
336 #endif
337
338 /**
339 Initialize the hash state
340 @param md The hash state you wish to initialize
341 @return CRYPT_OK if successful
342 */
rmd320_init(hash_state * md)343 int rmd320_init(hash_state * md)
344 {
345 LTC_ARGCHK(md != NULL);
346 md->rmd320.state[0] = 0x67452301UL;
347 md->rmd320.state[1] = 0xefcdab89UL;
348 md->rmd320.state[2] = 0x98badcfeUL;
349 md->rmd320.state[3] = 0x10325476UL;
350 md->rmd320.state[4] = 0xc3d2e1f0UL;
351 md->rmd320.state[5] = 0x76543210UL;
352 md->rmd320.state[6] = 0xfedcba98UL;
353 md->rmd320.state[7] = 0x89abcdefUL;
354 md->rmd320.state[8] = 0x01234567UL;
355 md->rmd320.state[9] = 0x3c2d1e0fUL;
356 md->rmd320.curlen = 0;
357 md->rmd320.length = 0;
358 return CRYPT_OK;
359 }
360
361 /**
362 Process a block of memory though the hash
363 @param md The hash state
364 @param in The data to hash
365 @param inlen The length of the data (octets)
366 @return CRYPT_OK if successful
367 */
368 HASH_PROCESS(rmd320_process, rmd320_compress, rmd320, 64)
369
370 /**
371 Terminate the hash to get the digest
372 @param md The hash state
373 @param out [out] The destination of the hash (20 bytes)
374 @return CRYPT_OK if successful
375 */
rmd320_done(hash_state * md,unsigned char * out)376 int rmd320_done(hash_state * md, unsigned char *out)
377 {
378 int i;
379
380 LTC_ARGCHK(md != NULL);
381 LTC_ARGCHK(out != NULL);
382
383 if (md->rmd320.curlen >= sizeof(md->rmd320.buf)) {
384 return CRYPT_INVALID_ARG;
385 }
386
387
388 /* increase the length of the message */
389 md->rmd320.length += md->rmd320.curlen * 8;
390
391 /* append the '1' bit */
392 md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0x80;
393
394 /* if the length is currently above 56 bytes we append zeros
395 * then compress. Then we can fall back to padding zeros and length
396 * encoding like normal.
397 */
398 if (md->rmd320.curlen > 56) {
399 while (md->rmd320.curlen < 64) {
400 md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0;
401 }
402 rmd320_compress(md, md->rmd320.buf);
403 md->rmd320.curlen = 0;
404 }
405
406 /* pad upto 56 bytes of zeroes */
407 while (md->rmd320.curlen < 56) {
408 md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0;
409 }
410
411 /* store length */
412 STORE64L(md->rmd320.length, md->rmd320.buf+56);
413 rmd320_compress(md, md->rmd320.buf);
414
415 /* copy output */
416 for (i = 0; i < 10; i++) {
417 STORE32L(md->rmd320.state[i], out+(4*i));
418 }
419 #ifdef LTC_CLEAN_STACK
420 zeromem(md, sizeof(hash_state));
421 #endif
422 return CRYPT_OK;
423 }
424
425 /**
426 Self-test the hash
427 @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
428 */
rmd320_test(void)429 int rmd320_test(void)
430 {
431 #ifndef LTC_TEST
432 return CRYPT_NOP;
433 #else
434 static const struct {
435 const char *msg;
436 unsigned char hash[40];
437 } tests[] = {
438 { "",
439 { 0x22, 0xd6, 0x5d, 0x56, 0x61, 0x53, 0x6c, 0xdc, 0x75, 0xc1,
440 0xfd, 0xf5, 0xc6, 0xde, 0x7b, 0x41, 0xb9, 0xf2, 0x73, 0x25,
441 0xeb, 0xc6, 0x1e, 0x85, 0x57, 0x17, 0x7d, 0x70, 0x5a, 0x0e,
442 0xc8, 0x80, 0x15, 0x1c, 0x3a, 0x32, 0xa0, 0x08, 0x99, 0xb8 }
443 },
444 { "a",
445 { 0xce, 0x78, 0x85, 0x06, 0x38, 0xf9, 0x26, 0x58, 0xa5, 0xa5,
446 0x85, 0x09, 0x75, 0x79, 0x92, 0x6d, 0xda, 0x66, 0x7a, 0x57,
447 0x16, 0x56, 0x2c, 0xfc, 0xf6, 0xfb, 0xe7, 0x7f, 0x63, 0x54,
448 0x2f, 0x99, 0xb0, 0x47, 0x05, 0xd6, 0x97, 0x0d, 0xff, 0x5d }
449 },
450 { "abc",
451 { 0xde, 0x4c, 0x01, 0xb3, 0x05, 0x4f, 0x89, 0x30, 0xa7, 0x9d,
452 0x09, 0xae, 0x73, 0x8e, 0x92, 0x30, 0x1e, 0x5a, 0x17, 0x08,
453 0x5b, 0xef, 0xfd, 0xc1, 0xb8, 0xd1, 0x16, 0x71, 0x3e, 0x74,
454 0xf8, 0x2f, 0xa9, 0x42, 0xd6, 0x4c, 0xdb, 0xc4, 0x68, 0x2d }
455 },
456 { "message digest",
457 { 0x3a, 0x8e, 0x28, 0x50, 0x2e, 0xd4, 0x5d, 0x42, 0x2f, 0x68,
458 0x84, 0x4f, 0x9d, 0xd3, 0x16, 0xe7, 0xb9, 0x85, 0x33, 0xfa,
459 0x3f, 0x2a, 0x91, 0xd2, 0x9f, 0x84, 0xd4, 0x25, 0xc8, 0x8d,
460 0x6b, 0x4e, 0xff, 0x72, 0x7d, 0xf6, 0x6a, 0x7c, 0x01, 0x97 }
461 },
462 { "abcdefghijklmnopqrstuvwxyz",
463 { 0xca, 0xbd, 0xb1, 0x81, 0x0b, 0x92, 0x47, 0x0a, 0x20, 0x93,
464 0xaa, 0x6b, 0xce, 0x05, 0x95, 0x2c, 0x28, 0x34, 0x8c, 0xf4,
465 0x3f, 0xf6, 0x08, 0x41, 0x97, 0x51, 0x66, 0xbb, 0x40, 0xed,
466 0x23, 0x40, 0x04, 0xb8, 0x82, 0x44, 0x63, 0xe6, 0xb0, 0x09 }
467 },
468 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
469 { 0xd0, 0x34, 0xa7, 0x95, 0x0c, 0xf7, 0x22, 0x02, 0x1b, 0xa4,
470 0xb8, 0x4d, 0xf7, 0x69, 0xa5, 0xde, 0x20, 0x60, 0xe2, 0x59,
471 0xdf, 0x4c, 0x9b, 0xb4, 0xa4, 0x26, 0x8c, 0x0e, 0x93, 0x5b,
472 0xbc, 0x74, 0x70, 0xa9, 0x69, 0xc9, 0xd0, 0x72, 0xa1, 0xac }
473 }
474 };
475
476 int i;
477 unsigned char tmp[40];
478 hash_state md;
479
480 for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
481 rmd320_init(&md);
482 rmd320_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
483 rmd320_done(&md, tmp);
484 if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD320", i)) {
485 return CRYPT_FAIL_TESTVECTOR;
486 }
487 }
488 return CRYPT_OK;
489 #endif
490 }
491
492 #endif
493
494 /* ref: $Format:%D$ */
495 /* git commit: $Format:%H$ */
496 /* commit time: $Format:%ai$ */
497