OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-dev/] [or1k-gcc/] [libjava/] [classpath/] [gnu/] [java/] [security/] [hash/] [Haval.java] - Blame information for rev 867

Go to most recent revision | Details | Compare with Previous | View Log

Line No. Rev Author Line
1 769 jeremybenn
/* Haval.java --
2
   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
3
 
4
This file is a part of GNU Classpath.
5
 
6
GNU Classpath is free software; you can redistribute it and/or modify
7
it under the terms of the GNU General Public License as published by
8
the Free Software Foundation; either version 2 of the License, or (at
9
your option) any later version.
10
 
11
GNU Classpath is distributed in the hope that it will be useful, but
12
WITHOUT ANY WARRANTY; without even the implied warranty of
13
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14
General Public License for more details.
15
 
16
You should have received a copy of the GNU General Public License
17
along with GNU Classpath; if not, write to the Free Software
18
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
19
USA
20
 
21
Linking this library statically or dynamically with other modules is
22
making a combined work based on this library.  Thus, the terms and
23
conditions of the GNU General Public License cover the whole
24
combination.
25
 
26
As a special exception, the copyright holders of this library give you
27
permission to link this library with independent modules to produce an
28
executable, regardless of the license terms of these independent
29
modules, and to copy and distribute the resulting executable under
30
terms of your choice, provided that you also meet, for each linked
31
independent module, the terms and conditions of the license of that
32
module.  An independent module is a module which is not derived from
33
or based on this library.  If you modify this library, you may extend
34
this exception to your version of the library, but you are not
35
obligated to do so.  If you do not wish to do so, delete this
36
exception statement from your version.  */
37
 
38
 
39
package gnu.java.security.hash;
40
 
41
import gnu.java.security.Registry;
42
import gnu.java.security.util.Util;
43
 
44
/**
45
 * The <i>HAVAL</i> message-digest algorithm is a variable output length, with
46
 * variable number of rounds. By default, this implementation allows <i>HAVAL</i>
47
 * to be used as a drop-in replacement for <i>MD5</i>.
48
 * <p>
49
 * References:
50
 * <ol>
51
 * <li>HAVAL - A One-Way Hashing Algorithm with Variable Length of Output<br>
52
 * Advances in Cryptology - AUSCRYPT'92, Lecture Notes in Computer Science,<br>
53
 * Springer-Verlag, 1993; <br>
54
 * Y. Zheng, J. Pieprzyk and J. Seberry.</li>
55
 * </ol>
56
 */
57
public class Haval
58
    extends BaseHash
59
{
60
  public static final int HAVAL_VERSION = 1;
61
 
62
  public static final int HAVAL_128_BIT = 16;
63
 
64
  public static final int HAVAL_160_BIT = 20;
65
 
66
  public static final int HAVAL_192_BIT = 24;
67
 
68
  public static final int HAVAL_224_BIT = 28;
69
 
70
  public static final int HAVAL_256_BIT = 32;
71
 
72
  public static final int HAVAL_3_ROUND = 3;
73
 
74
  public static final int HAVAL_4_ROUND = 4;
75
 
76
  public static final int HAVAL_5_ROUND = 5;
77
 
78
  private static final int BLOCK_SIZE = 128; // inner block size in bytes
79
 
80
  private static final String DIGEST0 = "C68F39913F901F3DDF44C707357A7D70";
81
 
82
  /** caches the result of the correctness test, once executed. */
83
  private static Boolean valid;
84
 
85
  /**
86
   * Number of HAVAL rounds. Allowed values are integers in the range <code>3
87
   * .. 5</code>.
88
   * The default is <code>3</code>.
89
   */
90
  private int rounds = HAVAL_3_ROUND;
91
 
92
  /** 128-bit interim result. */
93
  private int h0, h1, h2, h3, h4, h5, h6, h7;
94
 
95
  /**
96
   * Calls the constructor with two argument using {@link #HAVAL_128_BIT} as the
97
   * value for the output size (i.e. <code>128</code> bits, and
98
   * {@link #HAVAL_3_ROUND} for the value of number of rounds.
99
   */
100
  public Haval()
101
  {
102
    this(HAVAL_128_BIT, HAVAL_3_ROUND);
103
  }
104
 
105
  /**
106
   * Calls the constructor with two arguments using the designated output size,
107
   * and {@link #HAVAL_3_ROUND} for the value of number of rounds.
108
   *
109
   * @param size the output size in bytes of this instance.
110
   * @throws IllegalArgumentException if the designated output size is invalid.
111
   * @see #HAVAL_128_BIT
112
   * @see #HAVAL_160_BIT
113
   * @see #HAVAL_192_BIT
114
   * @see #HAVAL_224_BIT
115
   * @see #HAVAL_256_BIT
116
   */
117
  public Haval(int size)
118
  {
119
    this(size, HAVAL_3_ROUND);
120
  }
121
 
122
  /**
123
   * Constructs a <code>Haval</code> instance with the designated output size
124
   * (in bytes). Valid output <code>size</code> values are <code>16</code>,
125
   * <code>20</code>, <code>24</code>, <code>28</code> and
126
   * <code>32</code>. Valid values for <code>rounds</code> are in the range
127
   * <code>3..5</code> inclusive.
128
   *
129
   * @param size the output size in bytes of this instance.
130
   * @param rounds the number of rounds to apply when transforming data.
131
   * @throws IllegalArgumentException if the designated output size is invalid,
132
   *           or if the number of rounds is invalid.
133
   * @see #HAVAL_128_BIT
134
   * @see #HAVAL_160_BIT
135
   * @see #HAVAL_192_BIT
136
   * @see #HAVAL_224_BIT
137
   * @see #HAVAL_256_BIT
138
   * @see #HAVAL_3_ROUND
139
   * @see #HAVAL_4_ROUND
140
   * @see #HAVAL_5_ROUND
141
   */
142
  public Haval(int size, int rounds)
143
  {
144
    super(Registry.HAVAL_HASH, size, BLOCK_SIZE);
145
 
146
    if (size != HAVAL_128_BIT
147
        && size != HAVAL_160_BIT
148
        && size != HAVAL_192_BIT
149
        && size != HAVAL_224_BIT
150
        && size != HAVAL_256_BIT)
151
      throw new IllegalArgumentException("Invalid HAVAL output size");
152
 
153
    if (rounds != HAVAL_3_ROUND
154
        && rounds != HAVAL_4_ROUND
155
        && rounds != HAVAL_5_ROUND)
156
      throw new IllegalArgumentException("Invalid HAVAL number of rounds");
157
 
158
    this.rounds = rounds;
159
  }
160
 
161
  /**
162
   * Private constructor for cloning purposes.
163
   *
164
   * @param md the instance to clone.
165
   */
166
  private Haval(Haval md)
167
  {
168
    this(md.hashSize, md.rounds);
169
 
170
    this.h0 = md.h0;
171
    this.h1 = md.h1;
172
    this.h2 = md.h2;
173
    this.h3 = md.h3;
174
    this.h4 = md.h4;
175
    this.h5 = md.h5;
176
    this.h6 = md.h6;
177
    this.h7 = md.h7;
178
    this.count = md.count;
179
    this.buffer = (byte[]) md.buffer.clone();
180
  }
181
 
182
  public Object clone()
183
  {
184
    return new Haval(this);
185
  }
186
 
187
  protected synchronized void transform(byte[] in, int i)
188
  {
189
    int X0 = (in[i++] & 0xFF)
190
           | (in[i++] & 0xFF) << 8
191
           | (in[i++] & 0xFF) << 16
192
           | (in[i++] & 0xFF) << 24;
193
    int X1 = (in[i++] & 0xFF)
194
           | (in[i++] & 0xFF) << 8
195
           | (in[i++] & 0xFF) << 16
196
           | (in[i++] & 0xFF) << 24;
197
    int X2 = (in[i++] & 0xFF)
198
           | (in[i++] & 0xFF) << 8
199
           | (in[i++] & 0xFF) << 16
200
           | (in[i++] & 0xFF) << 24;
201
    int X3 = (in[i++] & 0xFF)
202
           | (in[i++] & 0xFF) << 8
203
           | (in[i++] & 0xFF) << 16
204
           | (in[i++] & 0xFF) << 24;
205
    int X4 = (in[i++] & 0xFF)
206
           | (in[i++] & 0xFF) << 8
207
           | (in[i++] & 0xFF) << 16
208
           | (in[i++] & 0xFF) << 24;
209
    int X5 = (in[i++] & 0xFF)
210
           | (in[i++] & 0xFF) << 8
211
           | (in[i++] & 0xFF) << 16
212
           | (in[i++] & 0xFF) << 24;
213
    int X6 = (in[i++] & 0xFF)
214
           | (in[i++] & 0xFF) << 8
215
           | (in[i++] & 0xFF) << 16
216
           | (in[i++] & 0xFF) << 24;
217
    int X7 = (in[i++] & 0xFF)
218
           | (in[i++] & 0xFF) << 8
219
           | (in[i++] & 0xFF) << 16
220
           | (in[i++] & 0xFF) << 24;
221
    int X8 = (in[i++] & 0xFF)
222
           | (in[i++] & 0xFF) << 8
223
           | (in[i++] & 0xFF) << 16
224
           | (in[i++] & 0xFF) << 24;
225
    int X9 = (in[i++] & 0xFF)
226
           | (in[i++] & 0xFF) << 8
227
           | (in[i++] & 0xFF) << 16
228
           | (in[i++] & 0xFF) << 24;
229
    int X10 = (in[i++] & 0xFF)
230
            | (in[i++] & 0xFF) << 8
231
            | (in[i++] & 0xFF) << 16
232
            | (in[i++] & 0xFF) << 24;
233
    int X11 = (in[i++] & 0xFF)
234
            | (in[i++] & 0xFF) << 8
235
            | (in[i++] & 0xFF) << 16
236
            | (in[i++] & 0xFF) << 24;
237
    int X12 = (in[i++] & 0xFF)
238
            | (in[i++] & 0xFF) << 8
239
            | (in[i++] & 0xFF) << 16
240
            | (in[i++] & 0xFF) << 24;
241
    int X13 = (in[i++] & 0xFF)
242
            | (in[i++] & 0xFF) << 8
243
            | (in[i++] & 0xFF) << 16
244
            | (in[i++] & 0xFF) << 24;
245
    int X14 = (in[i++] & 0xFF)
246
            | (in[i++] & 0xFF) << 8
247
            | (in[i++] & 0xFF) << 16
248
            | (in[i++] & 0xFF) << 24;
249
    int X15 = (in[i++] & 0xFF)
250
            | (in[i++] & 0xFF) << 8
251
            | (in[i++] & 0xFF) << 16
252
            | (in[i++] & 0xFF) << 24;
253
    int X16 = (in[i++] & 0xFF)
254
            | (in[i++] & 0xFF) << 8
255
            | (in[i++] & 0xFF) << 16
256
            | (in[i++] & 0xFF) << 24;
257
    int X17 = (in[i++] & 0xFF)
258
            | (in[i++] & 0xFF) << 8
259
            | (in[i++] & 0xFF) << 16
260
            | (in[i++] & 0xFF) << 24;
261
    int X18 = (in[i++] & 0xFF)
262
            | (in[i++] & 0xFF) << 8
263
            | (in[i++] & 0xFF) << 16
264
            | (in[i++] & 0xFF) << 24;
265
    int X19 = (in[i++] & 0xFF)
266
            | (in[i++] & 0xFF) << 8
267
            | (in[i++] & 0xFF) << 16
268
            | (in[i++] & 0xFF) << 24;
269
    int X20 = (in[i++] & 0xFF)
270
            | (in[i++] & 0xFF) << 8
271
            | (in[i++] & 0xFF) << 16
272
            | (in[i++] & 0xFF) << 24;
273
    int X21 = (in[i++] & 0xFF)
274
            | (in[i++] & 0xFF) << 8
275
            | (in[i++] & 0xFF) << 16
276
            | (in[i++] & 0xFF) << 24;
277
    int X22 = (in[i++] & 0xFF)
278
            | (in[i++] & 0xFF) << 8
279
            | (in[i++] & 0xFF) << 16
280
            | (in[i++] & 0xFF) << 24;
281
    int X23 = (in[i++] & 0xFF)
282
            | (in[i++] & 0xFF) << 8
283
            | (in[i++] & 0xFF) << 16
284
            | (in[i++] & 0xFF) << 24;
285
    int X24 = (in[i++] & 0xFF)
286
            | (in[i++] & 0xFF) << 8
287
            | (in[i++] & 0xFF) << 16
288
            | (in[i++] & 0xFF) << 24;
289
    int X25 = (in[i++] & 0xFF)
290
            | (in[i++] & 0xFF) << 8
291
            | (in[i++] & 0xFF) << 16
292
            | (in[i++] & 0xFF) << 24;
293
    int X26 = (in[i++] & 0xFF)
294
            | (in[i++] & 0xFF) << 8
295
            | (in[i++] & 0xFF) << 16
296
            | (in[i++] & 0xFF) << 24;
297
    int X27 = (in[i++] & 0xFF)
298
            | (in[i++] & 0xFF) << 8
299
            | (in[i++] & 0xFF) << 16
300
            | (in[i++] & 0xFF) << 24;
301
    int X28 = (in[i++] & 0xFF)
302
            | (in[i++] & 0xFF) << 8
303
            | (in[i++] & 0xFF) << 16
304
            | (in[i++] & 0xFF) << 24;
305
    int X29 = (in[i++] & 0xFF)
306
            | (in[i++] & 0xFF) << 8
307
            | (in[i++] & 0xFF) << 16
308
            | (in[i++] & 0xFF) << 24;
309
    int X30 = (in[i++] & 0xFF)
310
            | (in[i++] & 0xFF) << 8
311
            | (in[i++] & 0xFF) << 16
312
            | (in[i++] & 0xFF) << 24;
313
    int X31 = (in[i++] & 0xFF)
314
            | (in[i++] & 0xFF) << 8
315
            | (in[i++] & 0xFF) << 16
316
            | (in[i++] & 0xFF) << 24;
317
    int t0 = h0, t1 = h1, t2 = h2, t3 = h3, t4 = h4, t5 = h5, t6 = h6, t7 = h7;
318
    // Pass 1
319
    t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X0);
320
    t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X1);
321
    t5 = FF1(t5, t4, t3, t2, t1, t0, t7, t6, X2);
322
    t4 = FF1(t4, t3, t2, t1, t0, t7, t6, t5, X3);
323
    t3 = FF1(t3, t2, t1, t0, t7, t6, t5, t4, X4);
324
    t2 = FF1(t2, t1, t0, t7, t6, t5, t4, t3, X5);
325
    t1 = FF1(t1, t0, t7, t6, t5, t4, t3, t2, X6);
326
    t0 = FF1(t0, t7, t6, t5, t4, t3, t2, t1, X7);
327
 
328
    t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X8);
329
    t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X9);
330
    t5 = FF1(t5, t4, t3, t2, t1, t0, t7, t6, X10);
331
    t4 = FF1(t4, t3, t2, t1, t0, t7, t6, t5, X11);
332
    t3 = FF1(t3, t2, t1, t0, t7, t6, t5, t4, X12);
333
    t2 = FF1(t2, t1, t0, t7, t6, t5, t4, t3, X13);
334
    t1 = FF1(t1, t0, t7, t6, t5, t4, t3, t2, X14);
335
    t0 = FF1(t0, t7, t6, t5, t4, t3, t2, t1, X15);
336
 
337
    t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X16);
338
    t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X17);
339
    t5 = FF1(t5, t4, t3, t2, t1, t0, t7, t6, X18);
340
    t4 = FF1(t4, t3, t2, t1, t0, t7, t6, t5, X19);
341
    t3 = FF1(t3, t2, t1, t0, t7, t6, t5, t4, X20);
342
    t2 = FF1(t2, t1, t0, t7, t6, t5, t4, t3, X21);
343
    t1 = FF1(t1, t0, t7, t6, t5, t4, t3, t2, X22);
344
    t0 = FF1(t0, t7, t6, t5, t4, t3, t2, t1, X23);
345
 
346
    t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X24);
347
    t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X25);
348
    t5 = FF1(t5, t4, t3, t2, t1, t0, t7, t6, X26);
349
    t4 = FF1(t4, t3, t2, t1, t0, t7, t6, t5, X27);
350
    t3 = FF1(t3, t2, t1, t0, t7, t6, t5, t4, X28);
351
    t2 = FF1(t2, t1, t0, t7, t6, t5, t4, t3, X29);
352
    t1 = FF1(t1, t0, t7, t6, t5, t4, t3, t2, X30);
353
    t0 = FF1(t0, t7, t6, t5, t4, t3, t2, t1, X31);
354
 
355
    // Pass 2
356
    t7 = FF2(t7, t6, t5, t4, t3, t2, t1, t0, X5, 0x452821E6);
357
    t6 = FF2(t6, t5, t4, t3, t2, t1, t0, t7, X14, 0x38D01377);
358
    t5 = FF2(t5, t4, t3, t2, t1, t0, t7, t6, X26, 0xBE5466CF);
359
    t4 = FF2(t4, t3, t2, t1, t0, t7, t6, t5, X18, 0x34E90C6C);
360
    t3 = FF2(t3, t2, t1, t0, t7, t6, t5, t4, X11, 0xC0AC29B7);
361
    t2 = FF2(t2, t1, t0, t7, t6, t5, t4, t3, X28, 0xC97C50DD);
362
    t1 = FF2(t1, t0, t7, t6, t5, t4, t3, t2, X7, 0x3F84D5B5);
363
    t0 = FF2(t0, t7, t6, t5, t4, t3, t2, t1, X16, 0xB5470917);
364
 
365
    t7 = FF2(t7, t6, t5, t4, t3, t2, t1, t0, X0, 0x9216D5D9);
366
    t6 = FF2(t6, t5, t4, t3, t2, t1, t0, t7, X23, 0x8979FB1B);
367
    t5 = FF2(t5, t4, t3, t2, t1, t0, t7, t6, X20, 0xD1310BA6);
368
    t4 = FF2(t4, t3, t2, t1, t0, t7, t6, t5, X22, 0x98DFB5AC);
369
    t3 = FF2(t3, t2, t1, t0, t7, t6, t5, t4, X1, 0x2FFD72DB);
370
    t2 = FF2(t2, t1, t0, t7, t6, t5, t4, t3, X10, 0xD01ADFB7);
371
    t1 = FF2(t1, t0, t7, t6, t5, t4, t3, t2, X4, 0xB8E1AFED);
372
    t0 = FF2(t0, t7, t6, t5, t4, t3, t2, t1, X8, 0x6A267E96);
373
 
374
    t7 = FF2(t7, t6, t5, t4, t3, t2, t1, t0, X30, 0xBA7C9045);
375
    t6 = FF2(t6, t5, t4, t3, t2, t1, t0, t7, X3, 0xF12C7F99);
376
    t5 = FF2(t5, t4, t3, t2, t1, t0, t7, t6, X21, 0x24A19947);
377
    t4 = FF2(t4, t3, t2, t1, t0, t7, t6, t5, X9, 0xB3916CF7);
378
    t3 = FF2(t3, t2, t1, t0, t7, t6, t5, t4, X17, 0x0801F2E2);
379
    t2 = FF2(t2, t1, t0, t7, t6, t5, t4, t3, X24, 0x858EFC16);
380
    t1 = FF2(t1, t0, t7, t6, t5, t4, t3, t2, X29, 0x636920D8);
381
    t0 = FF2(t0, t7, t6, t5, t4, t3, t2, t1, X6, 0x71574E69);
382
 
383
    t7 = FF2(t7, t6, t5, t4, t3, t2, t1, t0, X19, 0xA458FEA3);
384
    t6 = FF2(t6, t5, t4, t3, t2, t1, t0, t7, X12, 0xF4933D7E);
385
    t5 = FF2(t5, t4, t3, t2, t1, t0, t7, t6, X15, 0x0D95748F);
386
    t4 = FF2(t4, t3, t2, t1, t0, t7, t6, t5, X13, 0x728EB658);
387
    t3 = FF2(t3, t2, t1, t0, t7, t6, t5, t4, X2, 0x718BCD58);
388
    t2 = FF2(t2, t1, t0, t7, t6, t5, t4, t3, X25, 0x82154AEE);
389
    t1 = FF2(t1, t0, t7, t6, t5, t4, t3, t2, X31, 0x7B54A41D);
390
    t0 = FF2(t0, t7, t6, t5, t4, t3, t2, t1, X27, 0xC25A59B5);
391
 
392
    // Pass 3
393
    t7 = FF3(t7, t6, t5, t4, t3, t2, t1, t0, X19, 0x9C30D539);
394
    t6 = FF3(t6, t5, t4, t3, t2, t1, t0, t7, X9, 0x2AF26013);
395
    t5 = FF3(t5, t4, t3, t2, t1, t0, t7, t6, X4, 0xC5D1B023);
396
    t4 = FF3(t4, t3, t2, t1, t0, t7, t6, t5, X20, 0x286085F0);
397
    t3 = FF3(t3, t2, t1, t0, t7, t6, t5, t4, X28, 0xCA417918);
398
    t2 = FF3(t2, t1, t0, t7, t6, t5, t4, t3, X17, 0xB8DB38EF);
399
    t1 = FF3(t1, t0, t7, t6, t5, t4, t3, t2, X8, 0x8E79DCB0);
400
    t0 = FF3(t0, t7, t6, t5, t4, t3, t2, t1, X22, 0x603A180E);
401
 
402
    t7 = FF3(t7, t6, t5, t4, t3, t2, t1, t0, X29, 0x6C9E0E8B);
403
    t6 = FF3(t6, t5, t4, t3, t2, t1, t0, t7, X14, 0xB01E8A3E);
404
    t5 = FF3(t5, t4, t3, t2, t1, t0, t7, t6, X25, 0xD71577C1);
405
    t4 = FF3(t4, t3, t2, t1, t0, t7, t6, t5, X12, 0xBD314B27);
406
    t3 = FF3(t3, t2, t1, t0, t7, t6, t5, t4, X24, 0x78AF2FDA);
407
    t2 = FF3(t2, t1, t0, t7, t6, t5, t4, t3, X30, 0x55605C60);
408
    t1 = FF3(t1, t0, t7, t6, t5, t4, t3, t2, X16, 0xE65525F3);
409
    t0 = FF3(t0, t7, t6, t5, t4, t3, t2, t1, X26, 0xAA55AB94);
410
 
411
    t7 = FF3(t7, t6, t5, t4, t3, t2, t1, t0, X31, 0x57489862);
412
    t6 = FF3(t6, t5, t4, t3, t2, t1, t0, t7, X15, 0x63E81440);
413
    t5 = FF3(t5, t4, t3, t2, t1, t0, t7, t6, X7, 0x55CA396A);
414
    t4 = FF3(t4, t3, t2, t1, t0, t7, t6, t5, X3, 0x2AAB10B6);
415
    t3 = FF3(t3, t2, t1, t0, t7, t6, t5, t4, X1, 0xB4CC5C34);
416
    t2 = FF3(t2, t1, t0, t7, t6, t5, t4, t3, X0, 0x1141E8CE);
417
    t1 = FF3(t1, t0, t7, t6, t5, t4, t3, t2, X18, 0xA15486AF);
418
    t0 = FF3(t0, t7, t6, t5, t4, t3, t2, t1, X27, 0x7C72E993);
419
 
420
    t7 = FF3(t7, t6, t5, t4, t3, t2, t1, t0, X13, 0xB3EE1411);
421
    t6 = FF3(t6, t5, t4, t3, t2, t1, t0, t7, X6, 0x636FBC2A);
422
    t5 = FF3(t5, t4, t3, t2, t1, t0, t7, t6, X21, 0x2BA9C55D);
423
    t4 = FF3(t4, t3, t2, t1, t0, t7, t6, t5, X10, 0x741831F6);
424
    t3 = FF3(t3, t2, t1, t0, t7, t6, t5, t4, X23, 0xCE5C3E16);
425
    t2 = FF3(t2, t1, t0, t7, t6, t5, t4, t3, X11, 0x9B87931E);
426
    t1 = FF3(t1, t0, t7, t6, t5, t4, t3, t2, X5, 0xAFD6BA33);
427
    t0 = FF3(t0, t7, t6, t5, t4, t3, t2, t1, X2, 0x6C24CF5C);
428
 
429
    if (rounds >= 4)
430
      {
431
        t7 = FF4(t7, t6, t5, t4, t3, t2, t1, t0, X24, 0x7A325381);
432
        t6 = FF4(t6, t5, t4, t3, t2, t1, t0, t7, X4, 0x28958677);
433
        t5 = FF4(t5, t4, t3, t2, t1, t0, t7, t6, X0, 0x3B8F4898);
434
        t4 = FF4(t4, t3, t2, t1, t0, t7, t6, t5, X14, 0x6B4BB9AF);
435
        t3 = FF4(t3, t2, t1, t0, t7, t6, t5, t4, X2, 0xC4BFE81B);
436
        t2 = FF4(t2, t1, t0, t7, t6, t5, t4, t3, X7, 0x66282193);
437
        t1 = FF4(t1, t0, t7, t6, t5, t4, t3, t2, X28, 0x61D809CC);
438
        t0 = FF4(t0, t7, t6, t5, t4, t3, t2, t1, X23, 0xFB21A991);
439
        t7 = FF4(t7, t6, t5, t4, t3, t2, t1, t0, X26, 0x487CAC60);
440
        t6 = FF4(t6, t5, t4, t3, t2, t1, t0, t7, X6, 0x5DEC8032);
441
        t5 = FF4(t5, t4, t3, t2, t1, t0, t7, t6, X30, 0xEF845D5D);
442
        t4 = FF4(t4, t3, t2, t1, t0, t7, t6, t5, X20, 0xE98575B1);
443
        t3 = FF4(t3, t2, t1, t0, t7, t6, t5, t4, X18, 0xDC262302);
444
        t2 = FF4(t2, t1, t0, t7, t6, t5, t4, t3, X25, 0xEB651B88);
445
        t1 = FF4(t1, t0, t7, t6, t5, t4, t3, t2, X19, 0x23893E81);
446
        t0 = FF4(t0, t7, t6, t5, t4, t3, t2, t1, X3, 0xD396ACC5);
447
 
448
        t7 = FF4(t7, t6, t5, t4, t3, t2, t1, t0, X22, 0x0F6D6FF3);
449
        t6 = FF4(t6, t5, t4, t3, t2, t1, t0, t7, X11, 0x83F44239);
450
        t5 = FF4(t5, t4, t3, t2, t1, t0, t7, t6, X31, 0x2E0B4482);
451
        t4 = FF4(t4, t3, t2, t1, t0, t7, t6, t5, X21, 0xA4842004);
452
        t3 = FF4(t3, t2, t1, t0, t7, t6, t5, t4, X8, 0x69C8F04A);
453
        t2 = FF4(t2, t1, t0, t7, t6, t5, t4, t3, X27, 0x9E1F9B5E);
454
        t1 = FF4(t1, t0, t7, t6, t5, t4, t3, t2, X12, 0x21C66842);
455
        t0 = FF4(t0, t7, t6, t5, t4, t3, t2, t1, X9, 0xF6E96C9A);
456
        t7 = FF4(t7, t6, t5, t4, t3, t2, t1, t0, X1, 0x670C9C61);
457
        t6 = FF4(t6, t5, t4, t3, t2, t1, t0, t7, X29, 0xABD388F0);
458
        t5 = FF4(t5, t4, t3, t2, t1, t0, t7, t6, X5, 0x6A51A0D2);
459
        t4 = FF4(t4, t3, t2, t1, t0, t7, t6, t5, X15, 0xD8542F68);
460
        t3 = FF4(t3, t2, t1, t0, t7, t6, t5, t4, X17, 0x960FA728);
461
        t2 = FF4(t2, t1, t0, t7, t6, t5, t4, t3, X10, 0xAB5133A3);
462
        t1 = FF4(t1, t0, t7, t6, t5, t4, t3, t2, X16, 0x6EEF0B6C);
463
        t0 = FF4(t0, t7, t6, t5, t4, t3, t2, t1, X13, 0x137A3BE4);
464
 
465
        if (rounds == 5)
466
          {
467
            t7 = FF5(t7, t6, t5, t4, t3, t2, t1, t0, X27, 0xBA3BF050);
468
            t6 = FF5(t6, t5, t4, t3, t2, t1, t0, t7, X3, 0x7EFB2A98);
469
            t5 = FF5(t5, t4, t3, t2, t1, t0, t7, t6, X21, 0xA1F1651D);
470
            t4 = FF5(t4, t3, t2, t1, t0, t7, t6, t5, X26, 0x39AF0176);
471
            t3 = FF5(t3, t2, t1, t0, t7, t6, t5, t4, X17, 0x66CA593E);
472
            t2 = FF5(t2, t1, t0, t7, t6, t5, t4, t3, X11, 0x82430E88);
473
            t1 = FF5(t1, t0, t7, t6, t5, t4, t3, t2, X20, 0x8CEE8619);
474
            t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X29, 0x456F9FB4);
475
 
476
            t7 = FF5(t7, t6, t5, t4, t3, t2, t1, t0, X19, 0x7D84A5C3);
477
            t6 = FF5(t6, t5, t4, t3, t2, t1, t0, t7, X0, 0x3B8B5EBE);
478
            t5 = FF5(t5, t4, t3, t2, t1, t0, t7, t6, X12, 0xE06F75D8);
479
            t4 = FF5(t4, t3, t2, t1, t0, t7, t6, t5, X7, 0x85C12073);
480
            t3 = FF5(t3, t2, t1, t0, t7, t6, t5, t4, X13, 0x401A449F);
481
            t2 = FF5(t2, t1, t0, t7, t6, t5, t4, t3, X8, 0x56C16AA6);
482
            t1 = FF5(t1, t0, t7, t6, t5, t4, t3, t2, X31, 0x4ED3AA62);
483
            t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X10, 0x363F7706);
484
 
485
            t7 = FF5(t7, t6, t5, t4, t3, t2, t1, t0, X5, 0x1BFEDF72);
486
            t6 = FF5(t6, t5, t4, t3, t2, t1, t0, t7, X9, 0x429B023D);
487
            t5 = FF5(t5, t4, t3, t2, t1, t0, t7, t6, X14, 0x37D0D724);
488
            t4 = FF5(t4, t3, t2, t1, t0, t7, t6, t5, X30, 0xD00A1248);
489
            t3 = FF5(t3, t2, t1, t0, t7, t6, t5, t4, X18, 0xDB0FEAD3);
490
            t2 = FF5(t2, t1, t0, t7, t6, t5, t4, t3, X6, 0x49F1C09B);
491
            t1 = FF5(t1, t0, t7, t6, t5, t4, t3, t2, X28, 0x075372C9);
492
            t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X24, 0x80991B7B);
493
 
494
            t7 = FF5(t7, t6, t5, t4, t3, t2, t1, t0, X2, 0x25D479D8);
495
            t6 = FF5(t6, t5, t4, t3, t2, t1, t0, t7, X23, 0xF6E8DEF7);
496
            t5 = FF5(t5, t4, t3, t2, t1, t0, t7, t6, X16, 0xE3FE501A);
497
            t4 = FF5(t4, t3, t2, t1, t0, t7, t6, t5, X22, 0xB6794C3B);
498
            t3 = FF5(t3, t2, t1, t0, t7, t6, t5, t4, X4, 0x976CE0BD);
499
            t2 = FF5(t2, t1, t0, t7, t6, t5, t4, t3, X1, 0x04C006BA);
500
            t1 = FF5(t1, t0, t7, t6, t5, t4, t3, t2, X25, 0xC1A94FB6);
501
            t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X15, 0x409F60C4);
502
          }
503
      }
504
    h7 += t7;
505
    h6 += t6;
506
    h5 += t5;
507
    h4 += t4;
508
    h3 += t3;
509
    h2 += t2;
510
    h1 += t1;
511
    h0 += t0;
512
  }
513
 
514
  protected byte[] padBuffer()
515
  {
516
    // pad out to 118 mod 128. other 10 bytes have special use.
517
    int n = (int)(count % BLOCK_SIZE);
518
    int padding = (n < 118) ? (118 - n) : (246 - n);
519
    byte[] result = new byte[padding + 10];
520
    result[0] = (byte) 0x01;
521
    // save the version number (LSB 3), the number of rounds (3 bits in the
522
    // middle), the fingerprint length (MSB 2 bits and next byte) and the
523
    // number of bits in the unpadded message.
524
    int bl = hashSize * 8;
525
    int sigByte = (bl & 0x03) << 6;
526
    sigByte |= (rounds & 0x07) << 3;
527
    sigByte |= HAVAL_VERSION & 0x07;
528
    result[padding++] = (byte) sigByte;
529
    result[padding++] = (byte)(bl >>> 2);
530
    // save number of bits, casting the long to an array of 8 bytes
531
    long bits = count << 3;
532
    result[padding++] = (byte) bits;
533
    result[padding++] = (byte)(bits >>> 8);
534
    result[padding++] = (byte)(bits >>> 16);
535
    result[padding++] = (byte)(bits >>> 24);
536
    result[padding++] = (byte)(bits >>> 32);
537
    result[padding++] = (byte)(bits >>> 40);
538
    result[padding++] = (byte)(bits >>> 48);
539
    result[padding  ] = (byte)(bits >>> 56);
540
    return result;
541
  }
542
 
543
  protected byte[] getResult()
544
  {
545
    tailorDigestBits(); // tailor context for the designated output size
546
    // cast enough top context values into an array of hashSize bytes
547
    byte[] result = new byte[hashSize];
548
    if (hashSize >= HAVAL_256_BIT)
549
      {
550
        result[31] = (byte)(h7 >>> 24);
551
        result[30] = (byte)(h7 >>> 16);
552
        result[29] = (byte)(h7 >>> 8);
553
        result[28] = (byte) h7;
554
      }
555
    if (hashSize >= HAVAL_224_BIT)
556
      {
557
        result[27] = (byte)(h6 >>> 24);
558
        result[26] = (byte)(h6 >>> 16);
559
        result[25] = (byte)(h6 >>> 8);
560
        result[24] = (byte) h6;
561
      }
562
    if (hashSize >= HAVAL_192_BIT)
563
      {
564
        result[23] = (byte)(h5 >>> 24);
565
        result[22] = (byte)(h5 >>> 16);
566
        result[21] = (byte)(h5 >>> 8);
567
        result[20] = (byte) h5;
568
      }
569
    if (hashSize >= HAVAL_160_BIT)
570
      {
571
        result[19] = (byte)(h4 >>> 24);
572
        result[18] = (byte)(h4 >>> 16);
573
        result[17] = (byte)(h4 >>> 8);
574
        result[16] = (byte) h4;
575
      }
576
    result[15] = (byte)(h3 >>> 24);
577
    result[14] = (byte)(h3 >>> 16);
578
    result[13] = (byte)(h3 >>> 8);
579
    result[12] = (byte) h3;
580
    result[11] = (byte)(h2 >>> 24);
581
    result[10] = (byte)(h2 >>> 16);
582
    result[ 9] = (byte)(h2 >>> 8);
583
    result[ 8] = (byte) h2;
584
    result[ 7] = (byte)(h1 >>> 24);
585
    result[ 6] = (byte)(h1 >>> 16);
586
    result[ 5] = (byte)(h1 >>> 8);
587
    result[ 4] = (byte) h1;
588
    result[ 3] = (byte)(h0 >>> 24);
589
    result[ 2] = (byte)(h0 >>> 16);
590
    result[ 1] = (byte)(h0 >>> 8);
591
    result[ 0] = (byte) h0;
592
    return result;
593
  }
594
 
595
  protected void resetContext()
596
  {
597
    h0 = 0x243F6A88;
598
    h1 = 0x85A308D3;
599
    h2 = 0x13198A2E;
600
    h3 = 0x03707344;
601
    h4 = 0xA4093822;
602
    h5 = 0x299F31D0;
603
    h6 = 0x082EFA98;
604
    h7 = 0xEC4E6C89;
605
  }
606
 
607
  public boolean selfTest()
608
  {
609
    if (valid == null)
610
      {
611
        String d = Util.toString(new Haval().digest());
612
        valid = Boolean.valueOf(DIGEST0.equals(d));
613
      }
614
    return valid.booleanValue();
615
  }
616
 
617
  /** Tailors the last output. */
618
  private void tailorDigestBits()
619
  {
620
    int t;
621
    switch (hashSize)
622
      {
623
      case HAVAL_128_BIT:
624
        t = (h7 & 0x000000FF)
625
          | (h6 & 0xFF000000)
626
          | (h5 & 0x00FF0000)
627
          | (h4 & 0x0000FF00);
628
        h0 += t >>> 8 | t << 24;
629
        t = (h7 & 0x0000FF00)
630
          | (h6 & 0x000000FF)
631
          | (h5 & 0xFF000000)
632
          | (h4 & 0x00FF0000);
633
        h1 += t >>> 16 | t << 16;
634
        t = (h7 & 0x00FF0000)
635
          | (h6 & 0x0000FF00)
636
          | (h5 & 0x000000FF)
637
          | (h4 & 0xFF000000);
638
        h2 += t >>> 24 | t << 8;
639
        t = (h7 & 0xFF000000)
640
          | (h6 & 0x00FF0000)
641
          | (h5 & 0x0000FF00)
642
          | (h4 & 0x000000FF);
643
        h3 += t;
644
        break;
645
      case HAVAL_160_BIT:
646
        t = (h7 & 0x3F) | (h6 & (0x7F << 25)) | (h5 & (0x3F << 19));
647
        h0 += t >>> 19 | t << 13;
648
        t = (h7 & (0x3F << 6)) | (h6 & 0x3F) | (h5 & (0x7F << 25));
649
        h1 += t >>> 25 | t << 7;
650
        t = (h7 & (0x7F << 12)) | (h6 & (0x3F << 6)) | (h5 & 0x3F);
651
        h2 += t;
652
        t = (h7 & (0x3F << 19)) | (h6 & (0x7F << 12)) | (h5 & (0x3F << 6));
653
        h3 += (t >>> 6);
654
        t = (h7 & (0x7F << 25)) | (h6 & (0x3F << 19)) | (h5 & (0x7F << 12));
655
        h4 += (t >>> 12);
656
        break;
657
      case HAVAL_192_BIT:
658
        t = (h7 & 0x1F) | (h6 & (0x3F << 26));
659
        h0 += t >>> 26 | t << 6;
660
        t = (h7 & (0x1F << 5)) | (h6 & 0x1F);
661
        h1 += t;
662
        t = (h7 & (0x3F << 10)) | (h6 & (0x1F << 5));
663
        h2 += (t >>> 5);
664
        t = (h7 & (0x1F << 16)) | (h6 & (0x3F << 10));
665
        h3 += (t >>> 10);
666
        t = (h7 & (0x1F << 21)) | (h6 & (0x1F << 16));
667
        h4 += (t >>> 16);
668
        t = (h7 & (0x3F << 26)) | (h6 & (0x1F << 21));
669
        h5 += (t >>> 21);
670
        break;
671
      case HAVAL_224_BIT:
672
        h0 += ((h7 >>> 27) & 0x1F);
673
        h1 += ((h7 >>> 22) & 0x1F);
674
        h2 += ((h7 >>> 18) & 0x0F);
675
        h3 += ((h7 >>> 13) & 0x1F);
676
        h4 += ((h7 >>>  9) & 0x0F);
677
        h5 += ((h7 >>>  4) & 0x1F);
678
        h6 +=  (h7         & 0x0F);
679
      }
680
  }
681
 
682
  /**
683
   * Permutations phi_{i,j}, i=3,4,5, j=1,...,i.
684
   *
685
   * rounds = 3:   6 5 4 3 2 1 0
686
   *               | | | | | | | (replaced by)
687
   *  phi_{3,1}:   1 0 3 5 6 2 4
688
   *  phi_{3,2}:   4 2 1 0 5 3 6
689
   *  phi_{3,3}:   6 1 2 3 4 5 0
690
   *
691
   * rounds = 4:   6 5 4 3 2 1 0
692
   *               | | | | | | | (replaced by)
693
   *  phi_{4,1}:   2 6 1 4 5 3 0
694
   *  phi_{4,2}:   3 5 2 0 1 6 4
695
   *  phi_{4,3}:   1 4 3 6 0 2 5
696
   *  phi_{4,4}:   6 4 0 5 2 1 3
697
   *
698
   * rounds = 5:   6 5 4 3 2 1 0
699
   *               | | | | | | | (replaced by)
700
   *  phi_{5,1}:   3 4 1 0 5 2 6
701
   *  phi_{5,2}:   6 2 1 0 3 4 5
702
   *  phi_{5,3}:   2 6 0 4 3 1 5
703
   *  phi_{5,4}:   1 5 3 2 0 4 6
704
   *  phi_{5,5}:   2 5 0 6 4 3 1
705
   */
706
  private int FF1(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
707
                  int x0, int w)
708
  {
709
    int t;
710
    switch (rounds)
711
      {
712
      case 3:
713
        t = f1(x1, x0, x3, x5, x6, x2, x4);
714
        break;
715
      case 4:
716
        t = f1(x2, x6, x1, x4, x5, x3, x0);
717
        break;
718
      default:
719
        t = f1(x3, x4, x1, x0, x5, x2, x6);
720
      }
721
    return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w;
722
  }
723
 
724
  private int FF2(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
725
                  int x0, int w, int c)
726
  {
727
    int t;
728
    switch (rounds)
729
      {
730
      case 3:
731
        t = f2(x4, x2, x1, x0, x5, x3, x6);
732
        break;
733
      case 4:
734
        t = f2(x3, x5, x2, x0, x1, x6, x4);
735
        break;
736
      default:
737
        t = f2(x6, x2, x1, x0, x3, x4, x5);
738
      }
739
    return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c;
740
  }
741
 
742
  private int FF3(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
743
                  int x0, int w, int c)
744
  {
745
    int t;
746
    switch (rounds)
747
      {
748
      case 3:
749
        t = f3(x6, x1, x2, x3, x4, x5, x0);
750
        break;
751
      case 4:
752
        t = f3(x1, x4, x3, x6, x0, x2, x5);
753
        break;
754
      default:
755
        t = f3(x2, x6, x0, x4, x3, x1, x5);
756
      }
757
    return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c;
758
  }
759
 
760
  private int FF4(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
761
                  int x0, int w, int c)
762
  {
763
    int t;
764
    switch (rounds)
765
      {
766
      case 4:
767
        t = f4(x6, x4, x0, x5, x2, x1, x3);
768
        break;
769
      default:
770
        t = f4(x1, x5, x3, x2, x0, x4, x6);
771
      }
772
    return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c;
773
  }
774
 
775
  private int FF5(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
776
                  int x0, int w, int c)
777
  {
778
    int t = f5(x2, x5, x0, x6, x4, x3, x1);
779
    return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c;
780
  }
781
 
782
  private int f1(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
783
  {
784
    return x1 & (x0 ^ x4) ^ x2 & x5 ^ x3 & x6 ^ x0;
785
  }
786
 
787
  private int f2(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
788
  {
789
    return x2 & (x1 & ~x3 ^ x4 & x5 ^ x6 ^ x0) ^ x4 & (x1 ^ x5) ^ x3 & x5 ^ x0;
790
  }
791
 
792
  private int f3(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
793
  {
794
    return x3 & (x1 & x2 ^ x6 ^ x0) ^ x1 & x4 ^ x2 & x5 ^ x0;
795
  }
796
 
797
  private int f4(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
798
  {
799
    return x4 & (x5 & ~x2 ^ x3 & ~x6 ^ x1 ^ x6 ^ x0) ^ x3
800
           & (x1 & x2 ^ x5 ^ x6) ^ x2 & x6 ^ x0;
801
  }
802
 
803
  private int f5(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
804
  {
805
    return x0 & (x1 & x2 & x3 ^ ~x5) ^ x1 & x4 ^ x2 & x5 ^ x3 & x6;
806
  }
807
}

powered by: WebSVN 2.1.0

© copyright 1999-2025 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.