1
package org.bouncycastle.crypto.digests;
3
import org.bouncycastle.crypto.ExtendedDigest;
4
import org.bouncycastle.crypto.util.Pack;
7
* Base class for SHA-384 and SHA-512.
9
public abstract class LongDigest
10
implements ExtendedDigest
12
private static final int BYTE_LENGTH = 128;
17
private long byteCount1;
18
private long byteCount2;
20
protected long H1, H2, H3, H4, H5, H6, H7, H8;
22
private long[] W = new long[80];
26
* Constructor for variable length word
28
protected LongDigest()
37
* Copy constructor. We are using copy constructors in place
38
* of the Object.clone() interface as this interface is not
41
protected LongDigest(LongDigest t)
43
xBuf = new byte[t.xBuf.length];
44
System.arraycopy(t.xBuf, 0, xBuf, 0, t.xBuf.length);
47
byteCount1 = t.byteCount1;
48
byteCount2 = t.byteCount2;
59
System.arraycopy(t.W, 0, W, 0, t.W.length);
68
if (xBufOff == xBuf.length)
83
// fill the current word
85
while ((xBufOff != 0) && (len > 0))
94
// process whole words.
96
while (len > xBuf.length)
98
processWord(in, inOff);
100
inOff += xBuf.length;
102
byteCount1 += xBuf.length;
106
// load in the remainder.
121
long lowBitLength = byteCount1 << 3;
122
long hiBitLength = byteCount2;
125
// add the pad bytes.
134
processLength(lowBitLength, hiBitLength);
145
for (int i = 0; i < xBuf.length; i++)
151
for (int i = 0; i != W.length; i++)
157
public int getByteLength()
162
protected void processWord(
166
W[wOff] = Pack.bigEndianToLong(in, inOff);
175
* adjust the byte counts so that byteCount2 represents the
176
* upper long (less 3 bits) word of the byte count.
178
private void adjustByteCounts()
180
if (byteCount1 > 0x1fffffffffffffffL)
182
byteCount2 += (byteCount1 >>> 61);
183
byteCount1 &= 0x1fffffffffffffffL;
187
protected void processLength(
200
protected void processBlock()
205
// expand 16 word block into 80 word blocks.
207
for (int t = 16; t <= 79; t++)
209
W[t] = Sigma1(W[t - 2]) + W[t - 7] + Sigma0(W[t - 15]) + W[t - 16];
213
// set up working variables.
225
for(int i = 0; i < 10; i ++)
228
h += Sum1(e) + Ch(e, f, g) + K[t] + W[t++];
230
h += Sum0(a) + Maj(a, b, c);
233
g += Sum1(d) + Ch(d, e, f) + K[t] + W[t++];
235
g += Sum0(h) + Maj(h, a, b);
238
f += Sum1(c) + Ch(c, d, e) + K[t] + W[t++];
240
f += Sum0(g) + Maj(g, h, a);
243
e += Sum1(b) + Ch(b, c, d) + K[t] + W[t++];
245
e += Sum0(f) + Maj(f, g, h);
248
d += Sum1(a) + Ch(a, b, c) + K[t] + W[t++];
250
d += Sum0(e) + Maj(e, f, g);
253
c += Sum1(h) + Ch(h, a, b) + K[t] + W[t++];
255
c += Sum0(d) + Maj(d, e, f);
258
b += Sum1(g) + Ch(g, h, a) + K[t] + W[t++];
260
b += Sum0(c) + Maj(c, d, e);
263
a += Sum1(f) + Ch(f, g, h) + K[t] + W[t++];
265
a += Sum0(b) + Maj(b, c, d);
278
// reset the offset and clean out the word buffer.
281
for (int i = 0; i < 16; i++)
287
/* SHA-384 and SHA-512 functions (as for SHA-256 but for longs) */
293
return ((x & y) ^ ((~x) & z));
301
return ((x & y) ^ (x & z) ^ (y & z));
307
return ((x << 36)|(x >>> 28)) ^ ((x << 30)|(x >>> 34)) ^ ((x << 25)|(x >>> 39));
313
return ((x << 50)|(x >>> 14)) ^ ((x << 46)|(x >>> 18)) ^ ((x << 23)|(x >>> 41));
319
return ((x << 63)|(x >>> 1)) ^ ((x << 56)|(x >>> 8)) ^ (x >>> 7);
325
return ((x << 45)|(x >>> 19)) ^ ((x << 3)|(x >>> 61)) ^ (x >>> 6);
328
/* SHA-384 and SHA-512 Constants
329
* (represent the first 64 bits of the fractional parts of the
330
* cube roots of the first sixty-four prime numbers)
332
static final long K[] = {
333
0x428a2f98d728ae22L, 0x7137449123ef65cdL, 0xb5c0fbcfec4d3b2fL, 0xe9b5dba58189dbbcL,
334
0x3956c25bf348b538L, 0x59f111f1b605d019L, 0x923f82a4af194f9bL, 0xab1c5ed5da6d8118L,
335
0xd807aa98a3030242L, 0x12835b0145706fbeL, 0x243185be4ee4b28cL, 0x550c7dc3d5ffb4e2L,
336
0x72be5d74f27b896fL, 0x80deb1fe3b1696b1L, 0x9bdc06a725c71235L, 0xc19bf174cf692694L,
337
0xe49b69c19ef14ad2L, 0xefbe4786384f25e3L, 0x0fc19dc68b8cd5b5L, 0x240ca1cc77ac9c65L,
338
0x2de92c6f592b0275L, 0x4a7484aa6ea6e483L, 0x5cb0a9dcbd41fbd4L, 0x76f988da831153b5L,
339
0x983e5152ee66dfabL, 0xa831c66d2db43210L, 0xb00327c898fb213fL, 0xbf597fc7beef0ee4L,
340
0xc6e00bf33da88fc2L, 0xd5a79147930aa725L, 0x06ca6351e003826fL, 0x142929670a0e6e70L,
341
0x27b70a8546d22ffcL, 0x2e1b21385c26c926L, 0x4d2c6dfc5ac42aedL, 0x53380d139d95b3dfL,
342
0x650a73548baf63deL, 0x766a0abb3c77b2a8L, 0x81c2c92e47edaee6L, 0x92722c851482353bL,
343
0xa2bfe8a14cf10364L, 0xa81a664bbc423001L, 0xc24b8b70d0f89791L, 0xc76c51a30654be30L,
344
0xd192e819d6ef5218L, 0xd69906245565a910L, 0xf40e35855771202aL, 0x106aa07032bbd1b8L,
345
0x19a4c116b8d2d0c8L, 0x1e376c085141ab53L, 0x2748774cdf8eeb99L, 0x34b0bcb5e19b48a8L,
346
0x391c0cb3c5c95a63L, 0x4ed8aa4ae3418acbL, 0x5b9cca4f7763e373L, 0x682e6ff3d6b2b8a3L,
347
0x748f82ee5defb2fcL, 0x78a5636f43172f60L, 0x84c87814a1f0ab72L, 0x8cc702081a6439ecL,
348
0x90befffa23631e28L, 0xa4506cebde82bde9L, 0xbef9a3f7b2c67915L, 0xc67178f2e372532bL,
349
0xca273eceea26619cL, 0xd186b8c721c0c207L, 0xeada7dd6cde0eb1eL, 0xf57d4f7fee6ed178L,
350
0x06f067aa72176fbaL, 0x0a637dc5a2c898a6L, 0x113f9804bef90daeL, 0x1b710b35131c471bL,
351
0x28db77f523047d84L, 0x32caab7b40c72493L, 0x3c9ebe0a15c9bebcL, 0x431d67c49c100d4cL,
352
0x4cc5d4becb3e42b6L, 0x597f299cfc657e2aL, 0x5fcb6fab3ad6faecL, 0x6c44198c4a475817L