├── sha2.o ├── unpkg ├── unpkg.o ├── pupunpack ├── pupunpack.o ├── Makefile ├── README.md ├── LICENSE ├── pupunpack.c ├── sha2.h ├── unpkg.c └── sha2.c /sha2.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Keyaku/ps4tools/HEAD/sha2.o -------------------------------------------------------------------------------- /unpkg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Keyaku/ps4tools/HEAD/unpkg -------------------------------------------------------------------------------- /unpkg.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Keyaku/ps4tools/HEAD/unpkg.o -------------------------------------------------------------------------------- /pupunpack: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Keyaku/ps4tools/HEAD/pupunpack -------------------------------------------------------------------------------- /pupunpack.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Keyaku/ps4tools/HEAD/pupunpack.o -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | CC = gcc 2 | CFLAGS = -g -O2 -Wall 3 | LDLIBS = 4 | FILES = pupunpack unpkg 5 | COMMON = sha2.o 6 | DEPS = Makefile sha2.h 7 | 8 | OBJS = $(COMMON) $(addsuffix .o, $(FILES)) 9 | 10 | all: $(FILES) 11 | 12 | $(FILES): %: %.o $(COMMON) $(DEPS) 13 | $(CC) $(CFLAGS) -o $@ $< $(COMMON) $(LDLIBS) 14 | 15 | $(OBJS): %.o: %.c $(DEPS) 16 | $(CC) $(CFLAGS) -c -o $@ $< 17 | 18 | clean: 19 | rm -f $(OBJS) $(FILES) *.exe *~ 20 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ps4tools 2 | ======== 3 | 4 | My collection of tools for PS4 file handling. 5 | 6 | Credits 7 | ------- 8 | flat_z (original Python scripts for PUP and PKG unpacking) 9 | 10 | CHANGELOG 11 | -------- 12 | 13 | * First Release 14 | 15 | - pupunpack: splits PS4UPDATE.PUP and exposes inner PUP files (encrypted). 16 | - unpkg: unpacks retail/debug PKG files while collecting data and dumping internal files (mostly a C port of flat_z's Python script, at the moment). 17 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 António Sarmento 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /pupunpack.c: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2013 Hykem 2 | // Licensed under the terms of the GNU GPL, version 2 3 | // http://www.gnu.org/licenses/gpl-2.0.txt 4 | 5 | #include 6 | #include 7 | #include 8 | #include 9 | 10 | #define PS4_PUP_PACK_MAGIC 0x32424C53 // SLB2 11 | #define PS4_PUP_PACK_HEADER_SIZE 0x200 12 | 13 | // Main PUP packed header (size == 0x20): 14 | // 0x00: 53 4C 42 32 -> SLB2 15 | // 0x04: 01 00 00 00 -> Version? 16 | // 0x08: 00 00 00 00 -> Unknown 17 | // 0x0C: 02 00 00 00 -> Number of PUP files in this pack 18 | // 0x10: 03 9F 09 00 -> Total number of blocks (512 bytes) 19 | // 0x14: 00 00 00 00 -> Unknown 20 | // 0x18: 00 00 00 00 -> Unknown 21 | // 0x1C: 00 00 00 00 -> Unknown 22 | struct pup_pack_header { 23 | uint32_t magic; 24 | uint32_t version; 25 | uint32_t unk1; 26 | uint32_t pup_file_num; 27 | uint32_t pup_total_block_num; 28 | uint32_t unk2; 29 | uint32_t unk3; 30 | uint32_t unk4; 31 | struct pup_entry *pup_entry_list; 32 | } __attribute__((packed)); 33 | 34 | // PUP file entry (size == 0x30): 35 | // 0x00: 01 00 00 00 -> Offset (in blocks, so 1 is the first block of 512 bytes after the header) 36 | // 0x04: 00 76 AE 0D -> File size 37 | // 0x08: 00 00 00 00 -> Unknown 38 | // 0x0C: 00 00 00 00 -> Unknown 39 | // 0x10: 50 53 34 55 -> File name (e.g.: PS4UPDATE1.PUP) (0x20 bytes) 40 | // 0x14: 50 44 41 54 41 | // 0x18: 45 31 2E 50 42 | // 0x1C: 55 50 00 00 43 | // 0x20: 00 00 00 00 44 | // 0x24: 00 00 00 00 45 | // 0x28: 00 00 00 00 46 | // 0x2C: 00 00 00 00 47 | struct pup_entry { 48 | uint32_t block_offset; 49 | uint32_t file_size; 50 | uint32_t unk1; 51 | uint32_t unk2; 52 | uint8_t file_name[32]; 53 | } __attribute__((packed)); 54 | 55 | int main (int argc, char *argv[]) 56 | { 57 | if (argc < 2) { 58 | printf("Usage: pupunpack [PS4UPDATE.PUP]\n"); 59 | return 0; 60 | } 61 | 62 | // Open file and set up the header struct. 63 | FILE *in; 64 | FILE *out; 65 | struct pup_pack_header header; 66 | memset(&header, 0, sizeof(struct pup_pack_header)); 67 | 68 | if ((in = fopen(argv[1], "rb")) == NULL ) { 69 | printf("File not found!\n"); 70 | return 0; 71 | } 72 | 73 | // Read in the main pack header. 74 | fseek(in, 0, SEEK_SET); 75 | fread(&header, 1, 0x20, in); 76 | 77 | if (header.magic != PS4_PUP_PACK_MAGIC) { 78 | printf("Invalid PS4 PUP file!\n"); 79 | return 0; 80 | } 81 | 82 | printf("PS4 PUP pack header:\n"); 83 | printf("- PUP pack magic: 0x%X\n", header.magic); 84 | printf("- PUP pack version: %i\n", header.version); 85 | printf("- PUP files in this pack: %i\n", header.pup_file_num); 86 | printf("- Total number of blocks: %i\n", header.pup_total_block_num); 87 | printf("\n"); 88 | 89 | // Read in all the PUP entries. 90 | int i; 91 | header.pup_entry_list = malloc(header.pup_file_num * sizeof(struct pup_entry)); 92 | 93 | for (i = 0; i < header.pup_file_num; ++i) { 94 | fread(&header.pup_entry_list[i], 1, 0x30, in); 95 | printf("PUP file entry %i:\n", i); 96 | printf("- Block offset: 0x%X\n", header.pup_entry_list[i].block_offset); 97 | printf("- PUP file size: %i\n", header.pup_entry_list[i].file_size); 98 | printf("- PUP file name: %s\n", header.pup_entry_list[i].file_name); 99 | printf("\n"); 100 | } 101 | 102 | // Create a large enough buffer and start copying the data. 103 | int buffer_size = PS4_PUP_PACK_HEADER_SIZE * 4; 104 | int pup_offset = PS4_PUP_PACK_HEADER_SIZE; 105 | uint8_t buffer[buffer_size]; 106 | 107 | int ii; 108 | for (ii = 0; ii < header.pup_file_num; ++ii) { 109 | fseek(in, pup_offset, SEEK_SET); 110 | out = fopen(header.pup_entry_list[ii].file_name, "wb"); 111 | 112 | printf("Dumping PUP file %s from offset 0x%X with size %i\n", header.pup_entry_list[ii].file_name, pup_offset, header.pup_entry_list[ii].file_size); 113 | 114 | int fsize = header.pup_entry_list[ii].file_size; 115 | pup_offset += (fsize + 511) & ~511; // 512 bytes alignment. 116 | 117 | while (fsize > 0) { 118 | if (fsize > buffer_size) { 119 | fread(buffer, 1, buffer_size, in); 120 | fwrite(buffer, 1, buffer_size, out); 121 | fsize -= buffer_size; 122 | } else { 123 | fread(buffer, 1, fsize, in); 124 | fwrite(buffer, 1, fsize, out); 125 | fsize = 0; 126 | } 127 | } 128 | 129 | fclose(out); 130 | } 131 | 132 | fclose(in); 133 | 134 | printf("Finished!\n"); 135 | 136 | return 0; 137 | } -------------------------------------------------------------------------------- /sha2.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file sha2.h 3 | * 4 | * \brief SHA-224 and SHA-256 cryptographic hash function 5 | * 6 | * Copyright (C) 2006-2013, Brainspark B.V. 7 | * 8 | * This file is part of PolarSSL (http://www.polarssl.org) 9 | * Lead Maintainer: Paul Bakker 10 | * 11 | * All rights reserved. 12 | * 13 | * This program is free software; you can redistribute it and/or modify 14 | * it under the terms of the GNU General Public License as published by 15 | * the Free Software Foundation; either version 2 of the License, or 16 | * (at your option) any later version. 17 | * 18 | * This program is distributed in the hope that it will be useful, 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 | * GNU General Public License for more details. 22 | * 23 | * You should have received a copy of the GNU General Public License along 24 | * with this program; if not, write to the Free Software Foundation, Inc., 25 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 26 | */ 27 | #ifndef POLARSSL_SHA2_H 28 | #define POLARSSL_SHA2_H 29 | 30 | #include 31 | 32 | #ifdef _MSC_VER 33 | #include 34 | typedef UINT32 uint32_t; 35 | #else 36 | #include 37 | #endif 38 | 39 | #define POLARSSL_ERR_SHA2_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */ 40 | 41 | #if !defined(POLARSSL_SHA2_ALT) 42 | // Regular implementation 43 | // 44 | 45 | /** 46 | * \brief SHA-256 context structure 47 | */ 48 | typedef struct 49 | { 50 | uint32_t total[2]; /*!< number of bytes processed */ 51 | uint32_t state[8]; /*!< intermediate digest state */ 52 | unsigned char buffer[64]; /*!< data block being processed */ 53 | 54 | unsigned char ipad[64]; /*!< HMAC: inner padding */ 55 | unsigned char opad[64]; /*!< HMAC: outer padding */ 56 | int is224; /*!< 0 => SHA-256, else SHA-224 */ 57 | } 58 | sha2_context; 59 | 60 | #ifdef __cplusplus 61 | extern "C" { 62 | #endif 63 | 64 | /** 65 | * \brief SHA-256 context setup 66 | * 67 | * \param ctx context to be initialized 68 | * \param is224 0 = use SHA256, 1 = use SHA224 69 | */ 70 | void sha2_starts( sha2_context *ctx, int is224 ); 71 | 72 | /** 73 | * \brief SHA-256 process buffer 74 | * 75 | * \param ctx SHA-256 context 76 | * \param input buffer holding the data 77 | * \param ilen length of the input data 78 | */ 79 | void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen ); 80 | 81 | /** 82 | * \brief SHA-256 final digest 83 | * 84 | * \param ctx SHA-256 context 85 | * \param output SHA-224/256 checksum result 86 | */ 87 | void sha2_finish( sha2_context *ctx, unsigned char output[32] ); 88 | 89 | /* Internal use */ 90 | void sha2_process( sha2_context *ctx, const unsigned char data[64] ); 91 | 92 | #ifdef __cplusplus 93 | } 94 | #endif 95 | 96 | #else /* POLARSSL_SHA2_ALT */ 97 | #include "sha2_alt.h" 98 | #endif /* POLARSSL_SHA2_ALT */ 99 | 100 | #ifdef __cplusplus 101 | extern "C" { 102 | #endif 103 | 104 | /** 105 | * \brief Output = SHA-256( input buffer ) 106 | * 107 | * \param input buffer holding the data 108 | * \param ilen length of the input data 109 | * \param output SHA-224/256 checksum result 110 | * \param is224 0 = use SHA256, 1 = use SHA224 111 | */ 112 | void sha2( const unsigned char *input, size_t ilen, 113 | unsigned char output[32], int is224 ); 114 | 115 | /** 116 | * \brief Output = SHA-256( file contents ) 117 | * 118 | * \param path input file name 119 | * \param output SHA-224/256 checksum result 120 | * \param is224 0 = use SHA256, 1 = use SHA224 121 | * 122 | * \return 0 if successful, or POLARSSL_ERR_SHA2_FILE_IO_ERROR 123 | */ 124 | int sha2_file( const char *path, unsigned char output[32], int is224 ); 125 | 126 | /** 127 | * \brief SHA-256 HMAC context setup 128 | * 129 | * \param ctx HMAC context to be initialized 130 | * \param key HMAC secret key 131 | * \param keylen length of the HMAC key 132 | * \param is224 0 = use SHA256, 1 = use SHA224 133 | */ 134 | void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen, 135 | int is224 ); 136 | 137 | /** 138 | * \brief SHA-256 HMAC process buffer 139 | * 140 | * \param ctx HMAC context 141 | * \param input buffer holding the data 142 | * \param ilen length of the input data 143 | */ 144 | void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen ); 145 | 146 | /** 147 | * \brief SHA-256 HMAC final digest 148 | * 149 | * \param ctx HMAC context 150 | * \param output SHA-224/256 HMAC checksum result 151 | */ 152 | void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] ); 153 | 154 | /** 155 | * \brief SHA-256 HMAC context reset 156 | * 157 | * \param ctx HMAC context to be reset 158 | */ 159 | void sha2_hmac_reset( sha2_context *ctx ); 160 | 161 | /** 162 | * \brief Output = HMAC-SHA-256( hmac key, input buffer ) 163 | * 164 | * \param key HMAC secret key 165 | * \param keylen length of the HMAC key 166 | * \param input buffer holding the data 167 | * \param ilen length of the input data 168 | * \param output HMAC-SHA-224/256 result 169 | * \param is224 0 = use SHA256, 1 = use SHA224 170 | */ 171 | void sha2_hmac( const unsigned char *key, size_t keylen, 172 | const unsigned char *input, size_t ilen, 173 | unsigned char output[32], int is224 ); 174 | 175 | /** 176 | * \brief Checkup routine 177 | * 178 | * \return 0 if successful, or 1 if the test failed 179 | */ 180 | int sha2_self_test( int verbose ); 181 | 182 | #ifdef __cplusplus 183 | } 184 | #endif 185 | 186 | #endif /* sha2.h */ 187 | -------------------------------------------------------------------------------- /unpkg.c: -------------------------------------------------------------------------------- 1 | // Copyright (C) 2013 Hykem 2 | // Licensed under the terms of the GNU GPL, version 2 3 | // http://www.gnu.org/licenses/gpl-2.0.txt 4 | 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include "sha2.h" 11 | 12 | #define PS4_PKG_MAGIC 0x544E437F // .CNT 13 | 14 | enum PS4_PKG_ENTRY_TYPES { 15 | PS4_PKG_ENTRY_TYPE_DIGEST_TABLE = 0x0001, 16 | PS4_PKG_ENTRY_TYPE_0x800 = 0x0010, 17 | PS4_PKG_ENTRY_TYPE_0x200 = 0x0020, 18 | PS4_PKG_ENTRY_TYPE_0x180 = 0x0080, 19 | PS4_PKG_ENTRY_TYPE_META_TABLE = 0x0100, 20 | PS4_PKG_ENTRY_TYPE_NAME_TABLE = 0x0200, 21 | PS4_PKG_ENTRY_TYPE_LICENSE = 0x0400, 22 | PS4_PKG_ENTRY_TYPE_FILE1 = 0x1000, 23 | PS4_PKG_ENTRY_TYPE_FILE2 = 0x1200 24 | }; 25 | 26 | 27 | #ifdef _WIN32 28 | #define OS_SEPARATOR "\\" 29 | #else 30 | #define OS_SEPARATOR "/" 31 | #endif 32 | 33 | // CNT/PKG structures. 34 | struct cnt_pkg_main_header { 35 | uint32_t magic; 36 | uint32_t type; 37 | uint32_t unk_0x08; 38 | uint32_t unk_0x0C; 39 | uint16_t unk1_entries_num; 40 | uint16_t table_entries_num; 41 | uint16_t system_entries_num; 42 | uint16_t unk2_entries_num; 43 | uint32_t file_table_offset; 44 | uint32_t main_entries_data_size; 45 | uint32_t unk_0x20; 46 | uint32_t body_offset; 47 | uint32_t unk_0x28; 48 | uint32_t body_size; 49 | uint8_t unk_0x30[0x10]; 50 | uint8_t content_id[0x30]; 51 | uint32_t unk_0x70; 52 | uint32_t unk_0x74; 53 | uint32_t unk_0x78; 54 | uint32_t unk_0x7C; 55 | uint32_t date; 56 | uint32_t time; 57 | uint32_t unk_0x88; 58 | uint32_t unk_0x8C; 59 | uint8_t unk_0x90[0x70]; 60 | uint8_t main_entries1_digest[0x20]; 61 | uint8_t main_entries2_digest[0x20]; 62 | uint8_t digest_table_digest[0x20]; 63 | uint8_t body_digest[0x20]; 64 | } __attribute__((packed)); 65 | 66 | struct cnt_pkg_content_header { 67 | uint32_t unk_0x400; 68 | uint32_t unk_0x404; 69 | uint32_t unk_0x408; 70 | uint32_t unk_0x40C; 71 | uint32_t unk_0x410; 72 | uint32_t content_offset; 73 | uint32_t unk_0x418; 74 | uint32_t content_size; 75 | uint32_t unk_0x420; 76 | uint32_t unk_0x424; 77 | uint32_t unk_0x428; 78 | uint32_t unk_0x42C; 79 | uint32_t unk_0x430; 80 | uint32_t unk_0x434; 81 | uint32_t unk_0x438; 82 | uint32_t unk_0x43C; 83 | uint8_t content_digest[0x20]; 84 | uint8_t content_one_block_digest[0x20]; 85 | } __attribute__((packed)); 86 | 87 | struct cnt_pkg_table_entry { 88 | uint32_t type; 89 | uint32_t unk1; 90 | uint32_t flags1; 91 | uint32_t flags2; 92 | uint32_t offset; 93 | uint32_t size; 94 | uint32_t unk2; 95 | uint32_t unk3; 96 | } __attribute__((packed)); 97 | 98 | // Internal structure. 99 | struct file_entry { 100 | int offset; 101 | int size; 102 | char *name; 103 | }; 104 | 105 | // Helper functions. 106 | static inline uint16_t bswap_16(uint16_t val) 107 | { 108 | return ((val & (uint16_t)0x00ffU) << 8) 109 | | ((val & (uint16_t)0xff00U) >> 8); 110 | } 111 | 112 | static inline uint32_t bswap_32(uint32_t val) 113 | { 114 | return ((val & (uint32_t)0x000000ffUL) << 24) 115 | | ((val & (uint32_t)0x0000ff00UL) << 8) 116 | | ((val & (uint32_t)0x00ff0000UL) >> 8) 117 | | ((val & (uint32_t)0xff000000UL) >> 24); 118 | } 119 | 120 | static inline uint64_t bswap_64(uint64_t val) 121 | { 122 | return ((val & (uint64_t)0x00000000000000ffULL) << 56) 123 | | ((val & (uint64_t)0x000000000000ff00ULL) << 40) 124 | | ((val & (uint64_t)0x0000000000ff0000ULL) << 24) 125 | | ((val & (uint64_t)0x00000000ff000000ULL) << 8) 126 | | ((val & (uint64_t)0x000000ff00000000ULL) >> 8) 127 | | ((val & (uint64_t)0x0000ff0000000000ULL) >> 24) 128 | | ((val & (uint64_t)0x00ff000000000000ULL) >> 40) 129 | | ((val & (uint64_t)0xff00000000000000ULL) >> 56); 130 | } 131 | 132 | char *read_string(FILE* f) 133 | { 134 | char *string = malloc(sizeof(char) * 256); 135 | int c; 136 | int length = 0; 137 | if(!string) return string; 138 | while((c = fgetc(f)) != '\00') 139 | { 140 | string[length++] = c; 141 | } 142 | string[length++] = '\0'; 143 | 144 | return realloc(string, sizeof(char) * length); 145 | } 146 | 147 | char *build_path(const char *str, char c, const char *r) 148 | { 149 | int count = 0; 150 | const char *tmp; 151 | for (tmp = str; *tmp; tmp++) { 152 | count += (*tmp == c); 153 | } 154 | 155 | int rlen = strlen(r); 156 | char *res = malloc(strlen(str) + (rlen - 1) * count + 1); 157 | char *ptr = res; 158 | for (tmp = str; *tmp; tmp++) { 159 | if (*tmp == c) { 160 | mkdir(res, S_IRWXU); 161 | memcpy(ptr, r, rlen); 162 | ptr += rlen; 163 | } else { 164 | *ptr++ = *tmp; 165 | } 166 | } 167 | *ptr = 0; 168 | return res; 169 | } 170 | 171 | typedef struct { 172 | uint32_t type; 173 | char *name; 174 | } pkg_entry_value; 175 | 176 | char *get_entry_name_by_type(uint32_t type) 177 | { 178 | pkg_entry_value entries [] = { 179 | { PS4_PKG_ENTRY_TYPE_DIGEST_TABLE, "digest_table.bin" }, 180 | { PS4_PKG_ENTRY_TYPE_0x800, "unknown_entry_0x800.bin" }, 181 | { PS4_PKG_ENTRY_TYPE_0x200, "unknown_entry_0x200.bin" }, 182 | { PS4_PKG_ENTRY_TYPE_0x180, "unknown_entry_0x180.bin" }, 183 | { PS4_PKG_ENTRY_TYPE_META_TABLE, "meta_table.bin" }, 184 | { PS4_PKG_ENTRY_TYPE_NAME_TABLE, "name_table.bin" }, 185 | { 0x0400, "license.dat" }, 186 | { 0x0401, "license.info" }, 187 | { 0x1000, "param.sfo" }, 188 | { 0x1001, "playgo-chunk.dat" }, 189 | { 0x1002, "playgo-chunk.sha" }, 190 | { 0x1003, "playgo-manifest.xml" }, 191 | { 0x1004, "pronunciation.xml" }, 192 | { 0x1005, "pronunciation.sig" }, 193 | { 0x1006, "pic1.png" }, 194 | { 0x1008, "app/playgo-chunk.dat" }, 195 | { 0x1200, "icon0.png" }, 196 | { 0x1220, "pic0.png" }, 197 | { 0x1240, "snd0.at9" }, 198 | { 0x1260, "changeinfo/changeinfo.xml" } 199 | }; 200 | char *entry_name = NULL; 201 | 202 | for (size_t i = 0; i < sizeof entries / sizeof entries[0]; i++) { 203 | if (type == entries[i].type) { 204 | entry_name = entries[i].name; 205 | break; 206 | } 207 | } 208 | 209 | return entry_name; 210 | } 211 | 212 | int main(int argc, char *argv[]) 213 | { 214 | if (argc < 2) { 215 | printf("Usage: unpkg [PKG FILE]\n"); 216 | return 0; 217 | } 218 | 219 | FILE *in = NULL; 220 | FILE *out = NULL; 221 | struct cnt_pkg_main_header m_header; 222 | struct cnt_pkg_content_header c_header; 223 | memset(&m_header, 0, sizeof(struct cnt_pkg_main_header)); 224 | memset(&c_header, 0, sizeof(struct cnt_pkg_content_header)); 225 | 226 | if ((in = fopen(argv[1], "rb")) == NULL) { 227 | printf("File not found!\n"); 228 | return 0; 229 | } 230 | 231 | // Read in the main CNT header (size seems to be 0x180 with 4 hashes included). 232 | fseek(in, 0, SEEK_SET); 233 | fread(&m_header, 1, 0x180, in); 234 | 235 | if (m_header.magic != PS4_PKG_MAGIC) { 236 | printf("Invalid PS4 PKG file!\n"); 237 | return 0; 238 | } 239 | 240 | printf("PS4 PKG header:\n"); 241 | printf("- PKG magic: 0x%X\n", bswap_32(m_header.magic)); 242 | printf("- PKG type: 0x%X\n", bswap_32(m_header.type)); 243 | printf("- PKG table entries: %d\n", bswap_16(m_header.table_entries_num)); 244 | printf("- PKG system entries: %d\n", bswap_16(m_header.system_entries_num)); 245 | printf("- PKG table offset: 0x%X\n", bswap_32(m_header.file_table_offset)); 246 | printf("\n\n"); 247 | 248 | // Seek to offset 0x400 and read content associated header (size seems to be 0x80 with 2 hashes included). 249 | fseek(in, 0x400, SEEK_SET); 250 | fread(&c_header, 1, 0x80, in); 251 | 252 | printf("PS4 PKG content header:\n"); 253 | printf("- PKG content offset: 0x%X\n", bswap_32(c_header.content_offset)); 254 | printf("- PKG content size: 0x%X\n", bswap_32(c_header.content_size)); 255 | printf("\n\n"); 256 | 257 | // Locate the entry table and list each type of section inside the PKG/CNT file. 258 | fseek(in, bswap_32(m_header.file_table_offset), SEEK_SET); 259 | 260 | printf("PS4 PKG table entries:\n"); 261 | struct cnt_pkg_table_entry entries[m_header.table_entries_num]; 262 | int i; 263 | for (i = 0; i < bswap_16(m_header.table_entries_num); i++) { 264 | fread(&entries[i], 1, 0x20, in); 265 | printf("Entry #%d\n", i); 266 | printf("- PKG table entry type: 0x%X\n", bswap_32(entries[i].type)); 267 | printf("- PKG table entry offset: 0x%X\n", bswap_32(entries[i].offset)); 268 | printf("- PKG table entry size: 0x%X\n", bswap_32(entries[i].size)); 269 | printf("\n"); 270 | } 271 | printf("\n"); 272 | 273 | // Vars for file name listing. 274 | struct file_entry entry_files[bswap_16(m_header.table_entries_num)]; 275 | char *file_name_list[256]; 276 | char *unknown_file_name; 277 | int file_name_index = 0; 278 | int unknown_file_count = 0; 279 | int file_count = 0; 280 | 281 | // Vars for entry mapping. 282 | int entry_size; 283 | int entry_offset; 284 | unsigned char *entry_digests; 285 | 286 | // Vars for calculating SHA-256 hashes. 287 | unsigned char *main_entries_data = NULL; 288 | unsigned char *main_entries_sub_data = NULL; 289 | unsigned char *digest_table_data = NULL; 290 | unsigned char *body_data = NULL; 291 | unsigned char *content_one_block_data = NULL; 292 | unsigned char *content_data = NULL; 293 | 294 | int main_entries_data_size = 0; 295 | int main_entries_sub_data_size = 0; 296 | int digest_table_data_size = 0; 297 | int body_data_size = 0; 298 | 299 | unsigned char computed_main_entries_digest[0x20]; 300 | unsigned char computed_main_entries_sub_digest[0x20]; 301 | unsigned char computed_digest_table_digest[0x20]; 302 | unsigned char computed_body_digest[0x20]; 303 | unsigned char computed_content_one_block_digest[0x20]; 304 | unsigned char computed_content_digest[0x20]; 305 | 306 | int block_size = 0x10000; 307 | int num_blocks = (c_header.content_size > 0) ? 1 + ((c_header.content_size - 1) / block_size) : 0; 308 | 309 | // Var for file writing. 310 | unsigned char *entry_file_data; 311 | 312 | // Search through the data entries and locate the name table entry. 313 | // This section should keep relevant strings for internal files inside the PKG/CNT file. 314 | for (i = 0; i < bswap_16(m_header.table_entries_num); i++) { 315 | if (bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_NAME_TABLE) { 316 | printf("Found name table entry. Extracting file names:\n"); 317 | fseek(in, bswap_32(entries[i].offset) + 1, SEEK_SET); 318 | while ((file_name_list[file_name_index] = read_string(in))[0] != '\0') { 319 | printf("%s\n", file_name_list[file_name_index]); 320 | file_name_index++; 321 | } 322 | printf("\n"); 323 | } 324 | } 325 | 326 | // Search through the data entries and locate file entries. 327 | // These entries need to be mapped with the names collected from the name table. 328 | for (i = 0; i < bswap_16(m_header.table_entries_num); i++) { 329 | // Use a predefined list for most file names. 330 | entry_files[i].name = get_entry_name_by_type(bswap_32(entries[i].type)); 331 | entry_files[i].offset = bswap_32(entries[i].offset); 332 | entry_files[i].size = bswap_32(entries[i].size); 333 | 334 | if (((bswap_32(entries[i].type) & PS4_PKG_ENTRY_TYPE_FILE1) == PS4_PKG_ENTRY_TYPE_FILE1) 335 | || (((bswap_32(entries[i].type) & PS4_PKG_ENTRY_TYPE_FILE2) == PS4_PKG_ENTRY_TYPE_FILE2))) { 336 | // If a file was found and it's name is not on the predefined list, try to map it with 337 | // a name from the name table. 338 | if (entry_files[i].name == NULL) { 339 | entry_files[i].name = file_name_list[file_count]; 340 | } 341 | file_count++; 342 | } else { 343 | // If everything failed, give a custom unknown tag to the file. 344 | if (entry_files[i].name == NULL) { 345 | unknown_file_name = (char *)malloc(256); 346 | sprintf(unknown_file_name, "unknown_file_%d.bin", ++unknown_file_count); 347 | entry_files[i].name = unknown_file_name; 348 | } 349 | } 350 | } 351 | printf("Successfully mapped %d files.\n\n", file_count); 352 | 353 | // Search through the data entries and generate SHA-256 hashes for checking with the hash table. 354 | for (i = 0; i < bswap_16(m_header.table_entries_num); i++) { 355 | // Calculate hash for the digest table. 356 | if ((bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_DIGEST_TABLE)) { 357 | entry_size = bswap_32(entries[i].size); 358 | entry_offset = bswap_32(entries[i].offset); 359 | entry_digests = (unsigned char *)realloc(NULL, entry_size); 360 | 361 | fseek(in, entry_offset, SEEK_SET); 362 | fread(entry_digests, 1, entry_size, in); 363 | 364 | digest_table_data_size += entry_size; 365 | digest_table_data = (unsigned char *)realloc(NULL, digest_table_data_size); 366 | *digest_table_data += *entry_digests; 367 | } 368 | } 369 | sha2(digest_table_data, digest_table_data_size, computed_digest_table_digest, 0); 370 | 371 | for (i = 0; i < bswap_16(m_header.table_entries_num); i++) { 372 | // Calculate first hash for the main entries. 373 | if ((bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_DIGEST_TABLE) 374 | || (bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_0x800) 375 | || (bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_0x200) 376 | || (bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_0x180) 377 | || (bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_META_TABLE)) 378 | { 379 | entry_size = bswap_32(entries[i].size); 380 | entry_offset = bswap_32(entries[i].offset); 381 | entry_digests = (unsigned char *)realloc(NULL, entry_size); 382 | 383 | fseek(in, entry_offset, SEEK_SET); 384 | fread(entry_digests, 1, entry_size, in); 385 | 386 | main_entries_data_size += entry_size; 387 | main_entries_data = (unsigned char *)realloc(NULL, main_entries_data_size); 388 | *main_entries_data += *entry_digests; 389 | } 390 | } 391 | sha2(main_entries_data, main_entries_data_size, computed_main_entries_digest, 0); 392 | 393 | for (i = 0; i < bswap_16(m_header.table_entries_num); i++) { 394 | // Calculate second hash for the main entries. 395 | if ((bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_0x800) 396 | || (bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_0x200) 397 | || (bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_0x180) 398 | || (bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_META_TABLE)) 399 | { 400 | if ((bswap_32(entries[i].type) == PS4_PKG_ENTRY_TYPE_META_TABLE)) { 401 | entry_size = bswap_16(m_header.system_entries_num) * 0x20; 402 | } else { 403 | entry_size = bswap_32(entries[i].size); 404 | } 405 | entry_offset = bswap_32(entries[i].offset); 406 | entry_digests = (unsigned char *)realloc(NULL, entry_size); 407 | 408 | fseek(in, entry_offset, SEEK_SET); 409 | fread(entry_digests, 1, entry_size, in); 410 | 411 | main_entries_sub_data_size += entry_size; 412 | main_entries_sub_data = (unsigned char *)realloc(NULL, main_entries_sub_data_size); 413 | *main_entries_sub_data += *entry_digests; 414 | } 415 | } 416 | sha2(main_entries_sub_data, main_entries_sub_data_size, computed_main_entries_sub_digest, 0); 417 | 418 | // Calculate hash for file body. 419 | body_data_size = m_header.body_size; 420 | body_data = (unsigned char *)malloc(body_data_size); 421 | fseek(in, m_header.body_offset, SEEK_SET); 422 | fread(body_data, 1, body_data_size, in); 423 | sha2(body_data, body_data_size, computed_body_digest, 0); 424 | 425 | // Calculate hash for one block of the content section. 426 | content_one_block_data = (unsigned char *)malloc(block_size); 427 | fseek(in, c_header.content_offset, SEEK_SET); 428 | fread(content_one_block_data, 1, block_size, in); 429 | sha2(content_one_block_data, block_size, computed_content_one_block_digest, 0); 430 | 431 | // Calculate hash for the entire content section. 432 | content_data = (unsigned char *)malloc(block_size); 433 | fseek(in, c_header.content_offset, SEEK_SET); 434 | 435 | int bytes_left = c_header.content_size; 436 | int current_size; 437 | int b; 438 | sha2_context ctx; 439 | sha2_starts(&ctx, 0); 440 | for (b = 0; b < num_blocks; b++) { 441 | current_size = (bytes_left > block_size) ? block_size : bytes_left; 442 | fread(content_data, 1, current_size, in); 443 | sha2_update(&ctx, content_data, current_size); 444 | bytes_left -= block_size; 445 | } 446 | sha2_finish(&ctx, computed_content_digest); 447 | 448 | int s; 449 | printf("Calculated SHA-256 hashes:\n"); 450 | printf("Main entries 1:\n"); 451 | for(s = 0; s < 0x20; s++) printf("%X", computed_main_entries_digest[s]); 452 | printf("\n"); 453 | 454 | printf("Main entries 2:\n"); 455 | for(s = 0; s < 0x20; s++) printf("%X", computed_main_entries_sub_digest[s]); 456 | printf("\n"); 457 | 458 | printf("Digest table:\n"); 459 | for(s = 0; s < 0x20; s++) printf("%X", computed_digest_table_digest[s]); 460 | printf("\n"); 461 | 462 | printf("Body:\n"); 463 | for(s = 0; s < 0x20; s++) printf("%X", computed_body_digest[s]); 464 | printf("\n"); 465 | 466 | printf("Content (1 block):\n"); 467 | for(s = 0; s < 0x20; s++) printf("%X", computed_content_one_block_digest[s]); 468 | printf("\n"); 469 | 470 | printf("Content:\n"); 471 | for(s = 0; s < 0x20; s++) printf("%X", computed_content_digest[s]); 472 | printf("\n\n"); 473 | 474 | // Set up the output directory for file writing. 475 | char dest_path[256]; 476 | char pkg_name[256]; 477 | memset(pkg_name, 0, 256); 478 | memcpy(pkg_name, argv[1], 0x13); 479 | mkdir(pkg_name, S_IRWXU); 480 | 481 | // Search through the entries for mapped file data and output it. 482 | printf("Dumping internal PKG files:\n"); 483 | for (i = 0; i < bswap_16(m_header.table_entries_num); i++) { 484 | entry_file_data = (unsigned char *)realloc(NULL, entry_files[i].size); 485 | 486 | fseek(in, entry_files[i].offset, SEEK_SET); 487 | fread(entry_file_data, 1, entry_files[i].size, in); 488 | 489 | sprintf(dest_path, "%s%s%s", pkg_name, OS_SEPARATOR, entry_files[i].name); 490 | 491 | char *path = build_path(dest_path, '/', OS_SEPARATOR); 492 | printf("%s\n", path); 493 | 494 | if ((out = fopen(path, "wb")) == NULL ) { 495 | printf("Can't open file for writing!\n"); 496 | return 0; 497 | } 498 | 499 | fwrite(entry_file_data, 1, entry_files[i].size, out); 500 | } 501 | 502 | // Clean up. 503 | fclose(in); 504 | fclose(out); 505 | 506 | printf("Finished!\n"); 507 | 508 | return 0; 509 | } 510 | -------------------------------------------------------------------------------- /sha2.c: -------------------------------------------------------------------------------- 1 | /* 2 | * FIPS-180-2 compliant SHA-256 implementation 3 | * 4 | * Copyright (C) 2006-2013, Brainspark B.V. 5 | * 6 | * This file is part of PolarSSL (http://www.polarssl.org) 7 | * Lead Maintainer: Paul Bakker 8 | * 9 | * All rights reserved. 10 | * 11 | * This program is free software; you can redistribute it and/or modify 12 | * it under the terms of the GNU General Public License as published by 13 | * the Free Software Foundation; either version 2 of the License, or 14 | * (at your option) any later version. 15 | * 16 | * This program is distributed in the hope that it will be useful, 17 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 18 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 19 | * GNU General Public License for more details. 20 | * 21 | * You should have received a copy of the GNU General Public License along 22 | * with this program; if not, write to the Free Software Foundation, Inc., 23 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 24 | */ 25 | /* 26 | * The SHA-256 Secure Hash Standard was published by NIST in 2002. 27 | * 28 | * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf 29 | */ 30 | 31 | #include "sha2.h" 32 | 33 | #if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) 34 | #include 35 | #endif 36 | 37 | #if !defined(POLARSSL_SHA2_ALT) 38 | 39 | /* 40 | * 32-bit integer manipulation macros (big endian) 41 | */ 42 | #ifndef GET_UINT32_BE 43 | #define GET_UINT32_BE(n,b,i) \ 44 | { \ 45 | (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ 46 | | ( (uint32_t) (b)[(i) + 1] << 16 ) \ 47 | | ( (uint32_t) (b)[(i) + 2] << 8 ) \ 48 | | ( (uint32_t) (b)[(i) + 3] ); \ 49 | } 50 | #endif 51 | 52 | #ifndef PUT_UINT32_BE 53 | #define PUT_UINT32_BE(n,b,i) \ 54 | { \ 55 | (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 56 | (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 57 | (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 58 | (b)[(i) + 3] = (unsigned char) ( (n) ); \ 59 | } 60 | #endif 61 | 62 | /* 63 | * SHA-256 context setup 64 | */ 65 | void sha2_starts( sha2_context *ctx, int is224 ) 66 | { 67 | ctx->total[0] = 0; 68 | ctx->total[1] = 0; 69 | 70 | if( is224 == 0 ) 71 | { 72 | /* SHA-256 */ 73 | ctx->state[0] = 0x6A09E667; 74 | ctx->state[1] = 0xBB67AE85; 75 | ctx->state[2] = 0x3C6EF372; 76 | ctx->state[3] = 0xA54FF53A; 77 | ctx->state[4] = 0x510E527F; 78 | ctx->state[5] = 0x9B05688C; 79 | ctx->state[6] = 0x1F83D9AB; 80 | ctx->state[7] = 0x5BE0CD19; 81 | } 82 | else 83 | { 84 | /* SHA-224 */ 85 | ctx->state[0] = 0xC1059ED8; 86 | ctx->state[1] = 0x367CD507; 87 | ctx->state[2] = 0x3070DD17; 88 | ctx->state[3] = 0xF70E5939; 89 | ctx->state[4] = 0xFFC00B31; 90 | ctx->state[5] = 0x68581511; 91 | ctx->state[6] = 0x64F98FA7; 92 | ctx->state[7] = 0xBEFA4FA4; 93 | } 94 | 95 | ctx->is224 = is224; 96 | } 97 | 98 | void sha2_process( sha2_context *ctx, const unsigned char data[64] ) 99 | { 100 | uint32_t temp1, temp2, W[64]; 101 | uint32_t A, B, C, D, E, F, G, H; 102 | 103 | GET_UINT32_BE( W[ 0], data, 0 ); 104 | GET_UINT32_BE( W[ 1], data, 4 ); 105 | GET_UINT32_BE( W[ 2], data, 8 ); 106 | GET_UINT32_BE( W[ 3], data, 12 ); 107 | GET_UINT32_BE( W[ 4], data, 16 ); 108 | GET_UINT32_BE( W[ 5], data, 20 ); 109 | GET_UINT32_BE( W[ 6], data, 24 ); 110 | GET_UINT32_BE( W[ 7], data, 28 ); 111 | GET_UINT32_BE( W[ 8], data, 32 ); 112 | GET_UINT32_BE( W[ 9], data, 36 ); 113 | GET_UINT32_BE( W[10], data, 40 ); 114 | GET_UINT32_BE( W[11], data, 44 ); 115 | GET_UINT32_BE( W[12], data, 48 ); 116 | GET_UINT32_BE( W[13], data, 52 ); 117 | GET_UINT32_BE( W[14], data, 56 ); 118 | GET_UINT32_BE( W[15], data, 60 ); 119 | 120 | #define SHR(x,n) ((x & 0xFFFFFFFF) >> n) 121 | #define ROTR(x,n) (SHR(x,n) | (x << (32 - n))) 122 | 123 | #define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3)) 124 | #define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10)) 125 | 126 | #define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22)) 127 | #define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25)) 128 | 129 | #define F0(x,y,z) ((x & y) | (z & (x | y))) 130 | #define F1(x,y,z) (z ^ (x & (y ^ z))) 131 | 132 | #define R(t) \ 133 | ( \ 134 | W[t] = S1(W[t - 2]) + W[t - 7] + \ 135 | S0(W[t - 15]) + W[t - 16] \ 136 | ) 137 | 138 | #define P(a,b,c,d,e,f,g,h,x,K) \ 139 | { \ 140 | temp1 = h + S3(e) + F1(e,f,g) + K + x; \ 141 | temp2 = S2(a) + F0(a,b,c); \ 142 | d += temp1; h = temp1 + temp2; \ 143 | } 144 | 145 | A = ctx->state[0]; 146 | B = ctx->state[1]; 147 | C = ctx->state[2]; 148 | D = ctx->state[3]; 149 | E = ctx->state[4]; 150 | F = ctx->state[5]; 151 | G = ctx->state[6]; 152 | H = ctx->state[7]; 153 | 154 | P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 ); 155 | P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 ); 156 | P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF ); 157 | P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 ); 158 | P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B ); 159 | P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 ); 160 | P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 ); 161 | P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 ); 162 | P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 ); 163 | P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 ); 164 | P( G, H, A, B, C, D, E, F, W[10], 0x243185BE ); 165 | P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 ); 166 | P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 ); 167 | P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE ); 168 | P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 ); 169 | P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 ); 170 | P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 ); 171 | P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 ); 172 | P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 ); 173 | P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC ); 174 | P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F ); 175 | P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA ); 176 | P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC ); 177 | P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA ); 178 | P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 ); 179 | P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D ); 180 | P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 ); 181 | P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 ); 182 | P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 ); 183 | P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 ); 184 | P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 ); 185 | P( B, C, D, E, F, G, H, A, R(31), 0x14292967 ); 186 | P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 ); 187 | P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 ); 188 | P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC ); 189 | P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 ); 190 | P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 ); 191 | P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB ); 192 | P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E ); 193 | P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 ); 194 | P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 ); 195 | P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B ); 196 | P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 ); 197 | P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 ); 198 | P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 ); 199 | P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 ); 200 | P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 ); 201 | P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 ); 202 | P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 ); 203 | P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 ); 204 | P( G, H, A, B, C, D, E, F, R(50), 0x2748774C ); 205 | P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 ); 206 | P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 ); 207 | P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A ); 208 | P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F ); 209 | P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 ); 210 | P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE ); 211 | P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F ); 212 | P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 ); 213 | P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 ); 214 | P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA ); 215 | P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB ); 216 | P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 ); 217 | P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 ); 218 | 219 | ctx->state[0] += A; 220 | ctx->state[1] += B; 221 | ctx->state[2] += C; 222 | ctx->state[3] += D; 223 | ctx->state[4] += E; 224 | ctx->state[5] += F; 225 | ctx->state[6] += G; 226 | ctx->state[7] += H; 227 | } 228 | 229 | /* 230 | * SHA-256 process buffer 231 | */ 232 | void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen ) 233 | { 234 | size_t fill; 235 | uint32_t left; 236 | 237 | if( ilen <= 0 ) 238 | return; 239 | 240 | left = ctx->total[0] & 0x3F; 241 | fill = 64 - left; 242 | 243 | ctx->total[0] += (uint32_t) ilen; 244 | ctx->total[0] &= 0xFFFFFFFF; 245 | 246 | if( ctx->total[0] < (uint32_t) ilen ) 247 | ctx->total[1]++; 248 | 249 | if( left && ilen >= fill ) 250 | { 251 | memcpy( (void *) (ctx->buffer + left), input, fill ); 252 | sha2_process( ctx, ctx->buffer ); 253 | input += fill; 254 | ilen -= fill; 255 | left = 0; 256 | } 257 | 258 | while( ilen >= 64 ) 259 | { 260 | sha2_process( ctx, input ); 261 | input += 64; 262 | ilen -= 64; 263 | } 264 | 265 | if( ilen > 0 ) 266 | memcpy( (void *) (ctx->buffer + left), input, ilen ); 267 | } 268 | 269 | static const unsigned char sha2_padding[64] = 270 | { 271 | 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 272 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 273 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 274 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 275 | }; 276 | 277 | /* 278 | * SHA-256 final digest 279 | */ 280 | void sha2_finish( sha2_context *ctx, unsigned char output[32] ) 281 | { 282 | uint32_t last, padn; 283 | uint32_t high, low; 284 | unsigned char msglen[8]; 285 | 286 | high = ( ctx->total[0] >> 29 ) 287 | | ( ctx->total[1] << 3 ); 288 | low = ( ctx->total[0] << 3 ); 289 | 290 | PUT_UINT32_BE( high, msglen, 0 ); 291 | PUT_UINT32_BE( low, msglen, 4 ); 292 | 293 | last = ctx->total[0] & 0x3F; 294 | padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); 295 | 296 | sha2_update( ctx, sha2_padding, padn ); 297 | sha2_update( ctx, msglen, 8 ); 298 | 299 | PUT_UINT32_BE( ctx->state[0], output, 0 ); 300 | PUT_UINT32_BE( ctx->state[1], output, 4 ); 301 | PUT_UINT32_BE( ctx->state[2], output, 8 ); 302 | PUT_UINT32_BE( ctx->state[3], output, 12 ); 303 | PUT_UINT32_BE( ctx->state[4], output, 16 ); 304 | PUT_UINT32_BE( ctx->state[5], output, 20 ); 305 | PUT_UINT32_BE( ctx->state[6], output, 24 ); 306 | 307 | if( ctx->is224 == 0 ) 308 | PUT_UINT32_BE( ctx->state[7], output, 28 ); 309 | } 310 | 311 | #endif /* !POLARSSL_SHA2_ALT */ 312 | 313 | /* 314 | * output = SHA-256( input buffer ) 315 | */ 316 | void sha2( const unsigned char *input, size_t ilen, 317 | unsigned char output[32], int is224 ) 318 | { 319 | sha2_context ctx; 320 | 321 | sha2_starts( &ctx, is224 ); 322 | sha2_update( &ctx, input, ilen ); 323 | sha2_finish( &ctx, output ); 324 | 325 | memset( &ctx, 0, sizeof( sha2_context ) ); 326 | } 327 | 328 | #if defined(POLARSSL_FS_IO) 329 | /* 330 | * output = SHA-256( file contents ) 331 | */ 332 | int sha2_file( const char *path, unsigned char output[32], int is224 ) 333 | { 334 | FILE *f; 335 | size_t n; 336 | sha2_context ctx; 337 | unsigned char buf[1024]; 338 | 339 | if( ( f = fopen( path, "rb" ) ) == NULL ) 340 | return( POLARSSL_ERR_SHA2_FILE_IO_ERROR ); 341 | 342 | sha2_starts( &ctx, is224 ); 343 | 344 | while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) 345 | sha2_update( &ctx, buf, n ); 346 | 347 | sha2_finish( &ctx, output ); 348 | 349 | memset( &ctx, 0, sizeof( sha2_context ) ); 350 | 351 | if( ferror( f ) != 0 ) 352 | { 353 | fclose( f ); 354 | return( POLARSSL_ERR_SHA2_FILE_IO_ERROR ); 355 | } 356 | 357 | fclose( f ); 358 | return( 0 ); 359 | } 360 | #endif /* POLARSSL_FS_IO */ 361 | 362 | /* 363 | * SHA-256 HMAC context setup 364 | */ 365 | void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen, 366 | int is224 ) 367 | { 368 | size_t i; 369 | unsigned char sum[32]; 370 | 371 | if( keylen > 64 ) 372 | { 373 | sha2( key, keylen, sum, is224 ); 374 | keylen = ( is224 ) ? 28 : 32; 375 | key = sum; 376 | } 377 | 378 | memset( ctx->ipad, 0x36, 64 ); 379 | memset( ctx->opad, 0x5C, 64 ); 380 | 381 | for( i = 0; i < keylen; i++ ) 382 | { 383 | ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); 384 | ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); 385 | } 386 | 387 | sha2_starts( ctx, is224 ); 388 | sha2_update( ctx, ctx->ipad, 64 ); 389 | 390 | memset( sum, 0, sizeof( sum ) ); 391 | } 392 | 393 | /* 394 | * SHA-256 HMAC process buffer 395 | */ 396 | void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen ) 397 | { 398 | sha2_update( ctx, input, ilen ); 399 | } 400 | 401 | /* 402 | * SHA-256 HMAC final digest 403 | */ 404 | void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] ) 405 | { 406 | int is224, hlen; 407 | unsigned char tmpbuf[32]; 408 | 409 | is224 = ctx->is224; 410 | hlen = ( is224 == 0 ) ? 32 : 28; 411 | 412 | sha2_finish( ctx, tmpbuf ); 413 | sha2_starts( ctx, is224 ); 414 | sha2_update( ctx, ctx->opad, 64 ); 415 | sha2_update( ctx, tmpbuf, hlen ); 416 | sha2_finish( ctx, output ); 417 | 418 | memset( tmpbuf, 0, sizeof( tmpbuf ) ); 419 | } 420 | 421 | /* 422 | * SHA-256 HMAC context reset 423 | */ 424 | void sha2_hmac_reset( sha2_context *ctx ) 425 | { 426 | sha2_starts( ctx, ctx->is224 ); 427 | sha2_update( ctx, ctx->ipad, 64 ); 428 | } 429 | 430 | /* 431 | * output = HMAC-SHA-256( hmac key, input buffer ) 432 | */ 433 | void sha2_hmac( const unsigned char *key, size_t keylen, 434 | const unsigned char *input, size_t ilen, 435 | unsigned char output[32], int is224 ) 436 | { 437 | sha2_context ctx; 438 | 439 | sha2_hmac_starts( &ctx, key, keylen, is224 ); 440 | sha2_hmac_update( &ctx, input, ilen ); 441 | sha2_hmac_finish( &ctx, output ); 442 | 443 | memset( &ctx, 0, sizeof( sha2_context ) ); 444 | } 445 | 446 | #if defined(POLARSSL_SELF_TEST) 447 | /* 448 | * FIPS-180-2 test vectors 449 | */ 450 | static unsigned char sha2_test_buf[3][57] = 451 | { 452 | { "abc" }, 453 | { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, 454 | { "" } 455 | }; 456 | 457 | static const int sha2_test_buflen[3] = 458 | { 459 | 3, 56, 1000 460 | }; 461 | 462 | static const unsigned char sha2_test_sum[6][32] = 463 | { 464 | /* 465 | * SHA-224 test vectors 466 | */ 467 | { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22, 468 | 0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3, 469 | 0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7, 470 | 0xE3, 0x6C, 0x9D, 0xA7 }, 471 | { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC, 472 | 0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50, 473 | 0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19, 474 | 0x52, 0x52, 0x25, 0x25 }, 475 | { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8, 476 | 0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B, 477 | 0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE, 478 | 0x4E, 0xE7, 0xAD, 0x67 }, 479 | 480 | /* 481 | * SHA-256 test vectors 482 | */ 483 | { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA, 484 | 0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23, 485 | 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C, 486 | 0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD }, 487 | { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8, 488 | 0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39, 489 | 0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67, 490 | 0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 }, 491 | { 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92, 492 | 0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67, 493 | 0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E, 494 | 0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 } 495 | }; 496 | 497 | /* 498 | * RFC 4231 test vectors 499 | */ 500 | static unsigned char sha2_hmac_test_key[7][26] = 501 | { 502 | { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" 503 | "\x0B\x0B\x0B\x0B" }, 504 | { "Jefe" }, 505 | { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" 506 | "\xAA\xAA\xAA\xAA" }, 507 | { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" 508 | "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, 509 | { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" 510 | "\x0C\x0C\x0C\x0C" }, 511 | { "" }, /* 0xAA 131 times */ 512 | { "" } 513 | }; 514 | 515 | static const int sha2_hmac_test_keylen[7] = 516 | { 517 | 20, 4, 20, 25, 20, 131, 131 518 | }; 519 | 520 | static unsigned char sha2_hmac_test_buf[7][153] = 521 | { 522 | { "Hi There" }, 523 | { "what do ya want for nothing?" }, 524 | { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 525 | "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 526 | "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 527 | "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 528 | "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, 529 | { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 530 | "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 531 | "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 532 | "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 533 | "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, 534 | { "Test With Truncation" }, 535 | { "Test Using Larger Than Block-Size Key - Hash Key First" }, 536 | { "This is a test using a larger than block-size key " 537 | "and a larger than block-size data. The key needs to " 538 | "be hashed before being used by the HMAC algorithm." } 539 | }; 540 | 541 | static const int sha2_hmac_test_buflen[7] = 542 | { 543 | 8, 28, 50, 50, 20, 54, 152 544 | }; 545 | 546 | static const unsigned char sha2_hmac_test_sum[14][32] = 547 | { 548 | /* 549 | * HMAC-SHA-224 test vectors 550 | */ 551 | { 0x89, 0x6F, 0xB1, 0x12, 0x8A, 0xBB, 0xDF, 0x19, 552 | 0x68, 0x32, 0x10, 0x7C, 0xD4, 0x9D, 0xF3, 0x3F, 553 | 0x47, 0xB4, 0xB1, 0x16, 0x99, 0x12, 0xBA, 0x4F, 554 | 0x53, 0x68, 0x4B, 0x22 }, 555 | { 0xA3, 0x0E, 0x01, 0x09, 0x8B, 0xC6, 0xDB, 0xBF, 556 | 0x45, 0x69, 0x0F, 0x3A, 0x7E, 0x9E, 0x6D, 0x0F, 557 | 0x8B, 0xBE, 0xA2, 0xA3, 0x9E, 0x61, 0x48, 0x00, 558 | 0x8F, 0xD0, 0x5E, 0x44 }, 559 | { 0x7F, 0xB3, 0xCB, 0x35, 0x88, 0xC6, 0xC1, 0xF6, 560 | 0xFF, 0xA9, 0x69, 0x4D, 0x7D, 0x6A, 0xD2, 0x64, 561 | 0x93, 0x65, 0xB0, 0xC1, 0xF6, 0x5D, 0x69, 0xD1, 562 | 0xEC, 0x83, 0x33, 0xEA }, 563 | { 0x6C, 0x11, 0x50, 0x68, 0x74, 0x01, 0x3C, 0xAC, 564 | 0x6A, 0x2A, 0xBC, 0x1B, 0xB3, 0x82, 0x62, 0x7C, 565 | 0xEC, 0x6A, 0x90, 0xD8, 0x6E, 0xFC, 0x01, 0x2D, 566 | 0xE7, 0xAF, 0xEC, 0x5A }, 567 | { 0x0E, 0x2A, 0xEA, 0x68, 0xA9, 0x0C, 0x8D, 0x37, 568 | 0xC9, 0x88, 0xBC, 0xDB, 0x9F, 0xCA, 0x6F, 0xA8 }, 569 | { 0x95, 0xE9, 0xA0, 0xDB, 0x96, 0x20, 0x95, 0xAD, 570 | 0xAE, 0xBE, 0x9B, 0x2D, 0x6F, 0x0D, 0xBC, 0xE2, 571 | 0xD4, 0x99, 0xF1, 0x12, 0xF2, 0xD2, 0xB7, 0x27, 572 | 0x3F, 0xA6, 0x87, 0x0E }, 573 | { 0x3A, 0x85, 0x41, 0x66, 0xAC, 0x5D, 0x9F, 0x02, 574 | 0x3F, 0x54, 0xD5, 0x17, 0xD0, 0xB3, 0x9D, 0xBD, 575 | 0x94, 0x67, 0x70, 0xDB, 0x9C, 0x2B, 0x95, 0xC9, 576 | 0xF6, 0xF5, 0x65, 0xD1 }, 577 | 578 | /* 579 | * HMAC-SHA-256 test vectors 580 | */ 581 | { 0xB0, 0x34, 0x4C, 0x61, 0xD8, 0xDB, 0x38, 0x53, 582 | 0x5C, 0xA8, 0xAF, 0xCE, 0xAF, 0x0B, 0xF1, 0x2B, 583 | 0x88, 0x1D, 0xC2, 0x00, 0xC9, 0x83, 0x3D, 0xA7, 584 | 0x26, 0xE9, 0x37, 0x6C, 0x2E, 0x32, 0xCF, 0xF7 }, 585 | { 0x5B, 0xDC, 0xC1, 0x46, 0xBF, 0x60, 0x75, 0x4E, 586 | 0x6A, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xC7, 587 | 0x5A, 0x00, 0x3F, 0x08, 0x9D, 0x27, 0x39, 0x83, 588 | 0x9D, 0xEC, 0x58, 0xB9, 0x64, 0xEC, 0x38, 0x43 }, 589 | { 0x77, 0x3E, 0xA9, 0x1E, 0x36, 0x80, 0x0E, 0x46, 590 | 0x85, 0x4D, 0xB8, 0xEB, 0xD0, 0x91, 0x81, 0xA7, 591 | 0x29, 0x59, 0x09, 0x8B, 0x3E, 0xF8, 0xC1, 0x22, 592 | 0xD9, 0x63, 0x55, 0x14, 0xCE, 0xD5, 0x65, 0xFE }, 593 | { 0x82, 0x55, 0x8A, 0x38, 0x9A, 0x44, 0x3C, 0x0E, 594 | 0xA4, 0xCC, 0x81, 0x98, 0x99, 0xF2, 0x08, 0x3A, 595 | 0x85, 0xF0, 0xFA, 0xA3, 0xE5, 0x78, 0xF8, 0x07, 596 | 0x7A, 0x2E, 0x3F, 0xF4, 0x67, 0x29, 0x66, 0x5B }, 597 | { 0xA3, 0xB6, 0x16, 0x74, 0x73, 0x10, 0x0E, 0xE0, 598 | 0x6E, 0x0C, 0x79, 0x6C, 0x29, 0x55, 0x55, 0x2B }, 599 | { 0x60, 0xE4, 0x31, 0x59, 0x1E, 0xE0, 0xB6, 0x7F, 600 | 0x0D, 0x8A, 0x26, 0xAA, 0xCB, 0xF5, 0xB7, 0x7F, 601 | 0x8E, 0x0B, 0xC6, 0x21, 0x37, 0x28, 0xC5, 0x14, 602 | 0x05, 0x46, 0x04, 0x0F, 0x0E, 0xE3, 0x7F, 0x54 }, 603 | { 0x9B, 0x09, 0xFF, 0xA7, 0x1B, 0x94, 0x2F, 0xCB, 604 | 0x27, 0x63, 0x5F, 0xBC, 0xD5, 0xB0, 0xE9, 0x44, 605 | 0xBF, 0xDC, 0x63, 0x64, 0x4F, 0x07, 0x13, 0x93, 606 | 0x8A, 0x7F, 0x51, 0x53, 0x5C, 0x3A, 0x35, 0xE2 } 607 | }; 608 | 609 | /* 610 | * Checkup routine 611 | */ 612 | int sha2_self_test( int verbose ) 613 | { 614 | int i, j, k, buflen; 615 | unsigned char buf[1024]; 616 | unsigned char sha2sum[32]; 617 | sha2_context ctx; 618 | 619 | for( i = 0; i < 6; i++ ) 620 | { 621 | j = i % 3; 622 | k = i < 3; 623 | 624 | if( verbose != 0 ) 625 | printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); 626 | 627 | sha2_starts( &ctx, k ); 628 | 629 | if( j == 2 ) 630 | { 631 | memset( buf, 'a', buflen = 1000 ); 632 | 633 | for( j = 0; j < 1000; j++ ) 634 | sha2_update( &ctx, buf, buflen ); 635 | } 636 | else 637 | sha2_update( &ctx, sha2_test_buf[j], 638 | sha2_test_buflen[j] ); 639 | 640 | sha2_finish( &ctx, sha2sum ); 641 | 642 | if( memcmp( sha2sum, sha2_test_sum[i], 32 - k * 4 ) != 0 ) 643 | { 644 | if( verbose != 0 ) 645 | printf( "failed\n" ); 646 | 647 | return( 1 ); 648 | } 649 | 650 | if( verbose != 0 ) 651 | printf( "passed\n" ); 652 | } 653 | 654 | if( verbose != 0 ) 655 | printf( "\n" ); 656 | 657 | for( i = 0; i < 14; i++ ) 658 | { 659 | j = i % 7; 660 | k = i < 7; 661 | 662 | if( verbose != 0 ) 663 | printf( " HMAC-SHA-%d test #%d: ", 256 - k * 32, j + 1 ); 664 | 665 | if( j == 5 || j == 6 ) 666 | { 667 | memset( buf, '\xAA', buflen = 131 ); 668 | sha2_hmac_starts( &ctx, buf, buflen, k ); 669 | } 670 | else 671 | sha2_hmac_starts( &ctx, sha2_hmac_test_key[j], 672 | sha2_hmac_test_keylen[j], k ); 673 | 674 | sha2_hmac_update( &ctx, sha2_hmac_test_buf[j], 675 | sha2_hmac_test_buflen[j] ); 676 | 677 | sha2_hmac_finish( &ctx, sha2sum ); 678 | 679 | buflen = ( j == 4 ) ? 16 : 32 - k * 4; 680 | 681 | if( memcmp( sha2sum, sha2_hmac_test_sum[i], buflen ) != 0 ) 682 | { 683 | if( verbose != 0 ) 684 | printf( "failed\n" ); 685 | 686 | return( 1 ); 687 | } 688 | 689 | if( verbose != 0 ) 690 | printf( "passed\n" ); 691 | } 692 | 693 | if( verbose != 0 ) 694 | printf( "\n" ); 695 | 696 | return( 0 ); 697 | } 698 | 699 | #endif 700 | --------------------------------------------------------------------------------