< prev index next >

src/java.base/share/classes/sun/security/provider/SHA3.java

Print this page
rev 60737 : 8252204: AArch64: Implement SHA3 accelerator/intrinsic
Reviewed-by: duke
Contributed-by: dongbo4@huawei.com


   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.security.provider;
  27 

  28 import static sun.security.provider.ByteArrayAccess.*;
  29 import java.nio.*;
  30 import java.util.*;
  31 import java.security.*;
  32 
  33 /**
  34  * This class implements the Secure Hash Algorithm SHA-3 developed by
  35  * the National Institute of Standards and Technology along with the
  36  * National Security Agency as defined in FIPS PUB 202.
  37  *
  38  * <p>It implements java.security.MessageDigestSpi, and can be used
  39  * through Java Cryptography Architecture (JCA), as a pluggable
  40  * MessageDigest implementation.
  41  *
  42  * @since       9
  43  * @author      Valerie Peng
  44  */
  45 abstract class SHA3 extends DigestBase {
  46 
  47     private static final int WIDTH = 200; // in bytes, e.g. 1600 bits


  56         0x8000000080008081L, 0x8000000000008009L, 0x8aL,
  57         0x88L, 0x80008009L, 0x8000000aL,
  58         0x8000808bL, 0x800000000000008bL, 0x8000000000008089L,
  59         0x8000000000008003L, 0x8000000000008002L, 0x8000000000000080L,
  60         0x800aL, 0x800000008000000aL, 0x8000000080008081L,
  61         0x8000000000008080L, 0x80000001L, 0x8000000080008008L,
  62     };
  63 
  64     private final byte suffix;
  65     private byte[] state = new byte[WIDTH];
  66     private long[] lanes = new long[DM*DM];
  67 
  68     /**
  69      * Creates a new SHA-3 object.
  70      */
  71     SHA3(String name, int digestLength, byte suffix, int c) {
  72         super(name, digestLength, (WIDTH - c));
  73         this.suffix = suffix;
  74     }
  75 




  76     /**
  77      * Core compression function. Processes blockSize bytes at a time
  78      * and updates the state of this object.
  79      */
  80     void implCompress(byte[] b, int ofs) {






  81         for (int i = 0; i < buffer.length; i++) {
  82             state[i] ^= b[ofs++];
  83         }
  84         keccak();
  85     }
  86 
  87     /**
  88      * Return the digest. Subclasses do not need to reset() themselves,
  89      * DigestBase calls implReset() when necessary.
  90      */
  91     void implDigest(byte[] out, int ofs) {
  92         int numOfPadding =
  93             setPaddingBytes(suffix, buffer, (int)(bytesProcessed % buffer.length));
  94         if (numOfPadding < 1) {
  95             throw new ProviderException("Incorrect pad size: " + numOfPadding);
  96         }
  97         for (int i = 0; i < buffer.length; i++) {
  98             state[i] ^= buffer[i];
  99         }
 100         keccak();
 101         System.arraycopy(state, 0, out, ofs, engineGetDigestLength());
 102     }
 103 
 104     /**
 105      * Resets the internal state to start a new hash.
 106      */
 107     void implReset() {
 108         Arrays.fill(state, (byte)0);
 109         Arrays.fill(lanes, 0L);
 110     }
 111 
 112     /**
 113      * Utility function for padding the specified data based on the
 114      * pad10*1 algorithm (section 5.1) and the 2-bit suffix "01" required
 115      * for SHA-3 hash (section 6.1).
 116      */
 117     private static int setPaddingBytes(byte suffix, byte[] in, int len) {
 118         if (len != in.length) {
 119             // erase leftover values
 120             Arrays.fill(in, len, in.length, (byte)0);




   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.security.provider;
  27 
  28 import jdk.internal.HotSpotIntrinsicCandidate;
  29 import static sun.security.provider.ByteArrayAccess.*;
  30 import java.nio.*;
  31 import java.util.*;
  32 import java.security.*;
  33 
  34 /**
  35  * This class implements the Secure Hash Algorithm SHA-3 developed by
  36  * the National Institute of Standards and Technology along with the
  37  * National Security Agency as defined in FIPS PUB 202.
  38  *
  39  * <p>It implements java.security.MessageDigestSpi, and can be used
  40  * through Java Cryptography Architecture (JCA), as a pluggable
  41  * MessageDigest implementation.
  42  *
  43  * @since       9
  44  * @author      Valerie Peng
  45  */
  46 abstract class SHA3 extends DigestBase {
  47 
  48     private static final int WIDTH = 200; // in bytes, e.g. 1600 bits


  57         0x8000000080008081L, 0x8000000000008009L, 0x8aL,
  58         0x88L, 0x80008009L, 0x8000000aL,
  59         0x8000808bL, 0x800000000000008bL, 0x8000000000008089L,
  60         0x8000000000008003L, 0x8000000000008002L, 0x8000000000000080L,
  61         0x800aL, 0x800000008000000aL, 0x8000000080008081L,
  62         0x8000000000008080L, 0x80000001L, 0x8000000080008008L,
  63     };
  64 
  65     private final byte suffix;
  66     private byte[] state = new byte[WIDTH];
  67     private long[] lanes = new long[DM*DM];
  68 
  69     /**
  70      * Creates a new SHA-3 object.
  71      */
  72     SHA3(String name, int digestLength, byte suffix, int c) {
  73         super(name, digestLength, (WIDTH - c));
  74         this.suffix = suffix;
  75     }
  76 
  77     private void implCompressCheck(byte[] b, int ofs) {
  78         Objects.requireNonNull(b);
  79     }
  80 
  81     /**
  82      * Core compression function. Processes blockSize bytes at a time
  83      * and updates the state of this object.
  84      */
  85     void implCompress(byte[] b, int ofs) {
  86         implCompressCheck(b, ofs);
  87         implCompress0(b, ofs);
  88     }
  89 
  90     @HotSpotIntrinsicCandidate
  91     private void implCompress0(byte[] b, int ofs) {
  92        for (int i = 0; i < buffer.length; i++) {
  93            state[i] ^= b[ofs++];
  94        }
  95        keccak();
  96     }
  97 
  98     /**
  99      * Return the digest. Subclasses do not need to reset() themselves,
 100      * DigestBase calls implReset() when necessary.
 101      */
 102     void implDigest(byte[] out, int ofs) {
 103         int numOfPadding =
 104             setPaddingBytes(suffix, buffer, (int)(bytesProcessed % buffer.length));
 105         if (numOfPadding < 1) {
 106             throw new ProviderException("Incorrect pad size: " + numOfPadding);
 107         }
 108         implCompress(buffer, 0);



 109         System.arraycopy(state, 0, out, ofs, engineGetDigestLength());
 110     }
 111 
 112     /**
 113      * Resets the internal state to start a new hash.
 114      */
 115     void implReset() {
 116         Arrays.fill(state, (byte)0);
 117         Arrays.fill(lanes, 0L);
 118     }
 119 
 120     /**
 121      * Utility function for padding the specified data based on the
 122      * pad10*1 algorithm (section 5.1) and the 2-bit suffix "01" required
 123      * for SHA-3 hash (section 6.1).
 124      */
 125     private static int setPaddingBytes(byte suffix, byte[] in, int len) {
 126         if (len != in.length) {
 127             // erase leftover values
 128             Arrays.fill(in, len, in.length, (byte)0);


< prev index next >