High-performance SHA-1 implementation in x86-64 NASM assembly with C ABI compatibility.

Pure x86-64 assembly implementation of the SHA-1 cryptographic hash function. Features complete 80-round compression, RFC 3174 compliance, and optimized register usage for educational and legacy compatibility purposes.

• Pure x86-64 NASM assembly implementation
• C ABI compatible for easy integration
• RFC 3174 compliant and verified
• Zero external dependencies (only NASM and GCC required)
• Comprehensive test suite with official test vectors
• Clean, readable code with detailed comments

sudo apt-get install nasm gcc

Or run the setup script:

./setup.sh

make

# Hash a string
./sha1_cli "Hello, World!"

# Hash from stdin
echo -n "test" | ./sha1_cli

# Run test suite
make test

$ ./sha1_cli "abc"
a9993e364706816aba3e25717850c26c9cd0d89d

#include "src/sha1.h"

uint8_t digest[20];
const char* message = "abc";
sha1_compute(message, strlen(message), digest);

int sha1_compute(const void* msg, uint64_t len, uint8_t* out20);

Parameters:

• msg: Pointer to input message
• len: Length of message in bytes
• out20: Pointer to 20-byte output buffer for digest

Returns: 0 on success

Run verification:

./verify.sh

sha1x86/
├── src/
│   ├── sha1.asm       # Assembly implementation (295 lines)
│   ├── sha1.h         # C header
│   └── cli.c          # Command-line interface
├── test/
│   └── test_sha1.c    # RFC test vectors
├── examples/
│   ├── example.c      # Usage examples
│   └── Makefile
├── .github/workflows/
│   └── ci.yml         # CI/CD pipeline
├── Makefile           # Build system
├── setup.sh           # Dependency installer
├── verify.sh          # Test runner
├── README.md          # This file
├── ARCHITECTURE.md    # Technical architecture
└── LICENSE            # MIT License

SHA-1 processes messages in 512-bit (64-byte) blocks through an 80-round compression function. The implementation features:

• Message Schedule: Expands 16 words to 80 words using XOR and rotate operations
• Round Functions: Four distinct functions for rounds 0-19, 20-39, 40-59, 60-79
• Hash State: Five 32-bit words (h0-h4) updated after each block
• Padding: Appends 0x80 byte, zeros, and 64-bit length field

See ARCHITECTURE.md for detailed technical documentation.

Typical performance on modern x86-64 CPUs:

• Small messages (<1KB): ~1-2 µs
• Large messages (1MB): ~5-10 ms
• Throughput: ~300-500 MB/s (unoptimized)

SHA-1 is cryptographically broken. Collision attacks are practical as of 2017. This implementation is provided for:

• Educational purposes
• Legacy system compatibility
• Non-cryptographic checksums
• Understanding hash algorithms

For new applications, use SHA-256, SHA-3, or BLAKE3.

make              # Build sha1_cli
make test         # Build and run tests
make verify       # Run comprehensive verification
make examples     # Build example programs
make clean        # Remove build artifacts
make install      # Install to /usr/local/bin

nasm -f elf64 src/sha1.asm -o sha1.o
gcc your_program.c sha1.o -o your_program

ar rcs libsha1.a src/sha1.o
gcc your_program.c -L. -lsha1 -o your_program

# Run RFC test vectors
make test

# Run comprehensive verification
./verify.sh

# Compare with system tools
echo -n "abc" | sha1sum
./sha1_cli "abc"

• Efficient Register Usage: Leverages x86-64 extended registers (r8-r15)
• Stack Management: Proper frame pointers and workspace allocation
• Endianness Handling: BSWAP instruction for big-endian conversion
• Bit Operations: ROL for circular shifts, optimized boolean functions
• ABI Compliance: System V AMD64 calling convention

Contributions welcome! Areas of interest:

• Performance optimizations (SIMD, loop unrolling)
• Additional test vectors
• Documentation improvements
• Architecture ports (ARM, RISC-V)

• RFC 3174 - SHA-1 Specification
• NASM Documentation
• Intel SDM - x86-64 Reference

MIT License - See LICENSE file for details.

Developed as an educational implementation of SHA-1 in pure x86-64 assembly.

Note: This is an educational project demonstrating low-level cryptographic implementation. For production use, rely on established libraries like OpenSSL or libsodium.