src/java.base/share/classes/com/sun/crypto/provider/GHASH.java
Index Unified diffs Context diffs Sdiffs Patch New Old Previous File Next File 8076112 Sdiff src/java.base/share/classes/com/sun/crypto/provider

src/java.base/share/classes/com/sun/crypto/provider/GHASH.java

Print this page




  14  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  15  * version 2 for more details (a copy is included in the LICENSE file that
  16  * accompanied this code).
  17  *
  18  * You should have received a copy of the GNU General Public License version
  19  * 2 along with this work; if not, write to the Free Software Foundation,
  20  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  21  *
  22  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  23  * or visit www.oracle.com if you need additional information or have any
  24  * questions.
  25  */
  26 /*
  27  * (C) Copyright IBM Corp. 2013
  28  */
  29 
  30 package com.sun.crypto.provider;
  31 
  32 import java.security.ProviderException;
  33 


  34 /**
  35  * This class represents the GHASH function defined in NIST 800-38D
  36  * under section 6.4. It needs to be constructed w/ a hash subkey, i.e.
  37  * block H. Given input of 128-bit blocks, it will process and output
  38  * a 128-bit block.
  39  *
  40  * <p>This function is used in the implementation of GCM mode.
  41  *
  42  * @since 1.8
  43  */
  44 final class GHASH {
  45 
  46     private static long getLong(byte[] buffer, int offset) {
  47         long result = 0;
  48         int end = offset + 8;
  49         for (int i = offset; i < end; ++i) {
  50             result = (result << 8) + (buffer[i] & 0xFF);
  51         }
  52         return result;
  53     }


 210         if (inLen % AES_BLOCK_SIZE != 0) {
 211             throw new RuntimeException("input length/block size mismatch: " +
 212                                        inLen);
 213         }
 214 
 215         // These two checks are for C2 checking
 216         if (st.length != 2) {
 217             throw new RuntimeException("internal state has invalid length: " +
 218                                        st.length);
 219         }
 220         if (subH.length != 2) {
 221             throw new RuntimeException("internal subkeyH has invalid length: " +
 222                                        subH.length);
 223         }
 224     }
 225     /*
 226      * This is an intrinsified method.  The method's argument list must match
 227      * the hotspot signature.  This method and methods called by it, cannot
 228      * throw exceptions or allocate arrays as it will breaking intrinsics
 229      */

 230     private static void processBlocks(byte[] data, int inOfs, int blocks, long[] st, long[] subH) {
 231         int offset = inOfs;
 232         while (blocks > 0) {
 233             processBlock(data, offset, st, subH);
 234             blocks--;
 235             offset += AES_BLOCK_SIZE;
 236         }
 237     }
 238 
 239     byte[] digest() {
 240         byte[] result = new byte[AES_BLOCK_SIZE];
 241         putLong(result, 0, state[0]);
 242         putLong(result, 8, state[1]);
 243         reset();
 244         return result;
 245     }
 246 }


  14  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  15  * version 2 for more details (a copy is included in the LICENSE file that
  16  * accompanied this code).
  17  *
  18  * You should have received a copy of the GNU General Public License version
  19  * 2 along with this work; if not, write to the Free Software Foundation,
  20  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  21  *
  22  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  23  * or visit www.oracle.com if you need additional information or have any
  24  * questions.
  25  */
  26 /*
  27  * (C) Copyright IBM Corp. 2013
  28  */
  29 
  30 package com.sun.crypto.provider;
  31 
  32 import java.security.ProviderException;
  33 
  34 import jdk.internal.HotSpotIntrinsicCandidate;
  35 
  36 /**
  37  * This class represents the GHASH function defined in NIST 800-38D
  38  * under section 6.4. It needs to be constructed w/ a hash subkey, i.e.
  39  * block H. Given input of 128-bit blocks, it will process and output
  40  * a 128-bit block.
  41  *
  42  * <p>This function is used in the implementation of GCM mode.
  43  *
  44  * @since 1.8
  45  */
  46 final class GHASH {
  47 
  48     private static long getLong(byte[] buffer, int offset) {
  49         long result = 0;
  50         int end = offset + 8;
  51         for (int i = offset; i < end; ++i) {
  52             result = (result << 8) + (buffer[i] & 0xFF);
  53         }
  54         return result;
  55     }


 212         if (inLen % AES_BLOCK_SIZE != 0) {
 213             throw new RuntimeException("input length/block size mismatch: " +
 214                                        inLen);
 215         }
 216 
 217         // These two checks are for C2 checking
 218         if (st.length != 2) {
 219             throw new RuntimeException("internal state has invalid length: " +
 220                                        st.length);
 221         }
 222         if (subH.length != 2) {
 223             throw new RuntimeException("internal subkeyH has invalid length: " +
 224                                        subH.length);
 225         }
 226     }
 227     /*
 228      * This is an intrinsified method.  The method's argument list must match
 229      * the hotspot signature.  This method and methods called by it, cannot
 230      * throw exceptions or allocate arrays as it will breaking intrinsics
 231      */
 232     @HotSpotIntrinsicCandidate
 233     private static void processBlocks(byte[] data, int inOfs, int blocks, long[] st, long[] subH) {
 234         int offset = inOfs;
 235         while (blocks > 0) {
 236             processBlock(data, offset, st, subH);
 237             blocks--;
 238             offset += AES_BLOCK_SIZE;
 239         }
 240     }
 241 
 242     byte[] digest() {
 243         byte[] result = new byte[AES_BLOCK_SIZE];
 244         putLong(result, 0, state[0]);
 245         putLong(result, 8, state[1]);
 246         reset();
 247         return result;
 248     }
 249 }
src/java.base/share/classes/com/sun/crypto/provider/GHASH.java
Index Unified diffs Context diffs Sdiffs Patch New Old Previous File Next File