OLD | NEW |
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 library crypto.sha256; | 5 library crypto.sha256; |
6 | 6 |
7 import 'dart:typed_data'; | 7 import 'dart:typed_data'; |
8 | 8 |
9 import 'hash.dart'; | 9 import 'hash.dart'; |
10 import 'hash_base.dart'; | 10 import 'hash_base.dart'; |
11 import 'utils.dart'; | 11 import 'utils.dart'; |
12 | 12 |
13 /** | 13 /// An implementation of the [SHA-256][rfc] hash function. |
14 * SHA256 hash function implementation. | 14 /// |
15 */ | 15 /// [rfc]: http://tools.ietf.org/html/rfc6234 |
16 abstract class SHA256 implements Hash { | 16 abstract class SHA256 implements Hash { |
17 factory SHA256() = _SHA256; | 17 factory SHA256() = _SHA256; |
18 | 18 |
19 SHA256 newInstance(); | 19 SHA256 newInstance(); |
20 } | 20 } |
21 | 21 |
| 22 /// The concrete implementation of [SHA256]. |
| 23 /// |
| 24 /// This is separate so that it can extend [HashBase] without leaking additional |
| 25 /// public memebers. |
22 class _SHA256 extends HashBase implements SHA256 { | 26 class _SHA256 extends HashBase implements SHA256 { |
| 27 /// The sixteen words from the original chunk, extended to 64 words. |
| 28 /// |
| 29 /// This is an instance variable to avoid re-allocating, but its data isn't |
| 30 /// used across invocations of [updateHash]. |
23 final Uint32List _w; | 31 final Uint32List _w; |
24 | 32 |
25 // Construct a SHA256 hasher object. | |
26 _SHA256() | 33 _SHA256() |
27 : _w = new Uint32List(64), | 34 : _w = new Uint32List(64), |
28 super(16, 8, true) { | 35 super(16, 8, true) { |
29 // Initial value of the hash parts. First 32 bits of the fractional parts | 36 // Initial value of the hash parts. First 32 bits of the fractional parts |
30 // of the square roots of the first 8 prime numbers. | 37 // of the square roots of the first 8 prime numbers. |
31 h[0] = 0x6a09e667; | 38 h[0] = 0x6a09e667; |
32 h[1] = 0xbb67ae85; | 39 h[1] = 0xbb67ae85; |
33 h[2] = 0x3c6ef372; | 40 h[2] = 0x3c6ef372; |
34 h[3] = 0xa54ff53a; | 41 h[3] = 0xa54ff53a; |
35 h[4] = 0x510e527f; | 42 h[4] = 0x510e527f; |
36 h[5] = 0x9b05688c; | 43 h[5] = 0x9b05688c; |
37 h[6] = 0x1f83d9ab; | 44 h[6] = 0x1f83d9ab; |
38 h[7] = 0x5be0cd19; | 45 h[7] = 0x5be0cd19; |
39 } | 46 } |
40 | 47 |
41 // Returns a new instance of this Hash. | |
42 SHA256 newInstance() { | 48 SHA256 newInstance() { |
43 return new _SHA256(); | 49 return new _SHA256(); |
44 } | 50 } |
45 | 51 |
46 // Table of round constants. First 32 bits of the fractional | 52 /// Data from a non-linear function that functions as reproducible noise. |
47 // parts of the cube roots of the first 64 prime numbers. | |
48 static const List<int> _K = const [ | 53 static const List<int> _K = const [ |
49 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, | 54 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, |
50 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, | 55 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, |
51 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, | 56 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, |
52 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, | 57 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, |
53 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, | 58 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, |
54 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, | 59 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, |
55 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, | 60 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, |
56 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, | 61 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, |
57 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, | 62 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, |
58 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, | 63 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, |
59 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, | 64 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, |
60 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, | 65 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, |
61 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 | 66 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 |
62 ]; | 67 ]; |
63 | 68 |
64 // Helper functions as defined in http://tools.ietf.org/html/rfc6234 | 69 // The following helper functions are taken directly from |
| 70 // http://tools.ietf.org/html/rfc6234. |
| 71 |
65 _rotr32(n, x) => (x >> n) | ((x << (32 - n)) & MASK_32); | 72 _rotr32(n, x) => (x >> n) | ((x << (32 - n)) & MASK_32); |
66 _ch(x, y, z) => (x & y) ^ ((~x & MASK_32) & z); | 73 _ch(x, y, z) => (x & y) ^ ((~x & MASK_32) & z); |
67 _maj(x, y, z) => (x & y) ^ (x & z) ^ (y & z); | 74 _maj(x, y, z) => (x & y) ^ (x & z) ^ (y & z); |
68 _bsig0(x) => _rotr32(2, x) ^ _rotr32(13, x) ^ _rotr32(22, x); | 75 _bsig0(x) => _rotr32(2, x) ^ _rotr32(13, x) ^ _rotr32(22, x); |
69 _bsig1(x) => _rotr32(6, x) ^ _rotr32(11, x) ^ _rotr32(25, x); | 76 _bsig1(x) => _rotr32(6, x) ^ _rotr32(11, x) ^ _rotr32(25, x); |
70 _ssig0(x) => _rotr32(7, x) ^ _rotr32(18, x) ^ (x >> 3); | 77 _ssig0(x) => _rotr32(7, x) ^ _rotr32(18, x) ^ (x >> 3); |
71 _ssig1(x) => _rotr32(17, x) ^ _rotr32(19, x) ^ (x >> 10); | 78 _ssig1(x) => _rotr32(17, x) ^ _rotr32(19, x) ^ (x >> 10); |
72 | 79 |
73 // Compute one iteration of the SHA256 algorithm with a chunk of | |
74 // 16 32-bit pieces. | |
75 void updateHash(Uint32List M) { | 80 void updateHash(Uint32List M) { |
76 assert(M.length == 16); | 81 assert(M.length == 16); |
77 | 82 |
78 // Prepare message schedule. | 83 // Prepare message schedule. |
79 var i = 0; | 84 var i = 0; |
80 for (; i < 16; i++) { | 85 for (; i < 16; i++) { |
81 _w[i] = M[i]; | 86 _w[i] = M[i]; |
82 } | 87 } |
83 for (; i < 64; i++) { | 88 for (; i < 64; i++) { |
84 _w[i] = add32(add32(_ssig1(_w[i - 2]), _w[i - 7]), | 89 _w[i] = add32(add32(_ssig1(_w[i - 2]), _w[i - 7]), |
(...skipping 28 matching lines...) Expand all Loading... |
113 h[0] = add32(a, h[0]); | 118 h[0] = add32(a, h[0]); |
114 h[1] = add32(b, h[1]); | 119 h[1] = add32(b, h[1]); |
115 h[2] = add32(c, h[2]); | 120 h[2] = add32(c, h[2]); |
116 h[3] = add32(d, h[3]); | 121 h[3] = add32(d, h[3]); |
117 h[4] = add32(e, h[4]); | 122 h[4] = add32(e, h[4]); |
118 h[5] = add32(f, h[5]); | 123 h[5] = add32(f, h[5]); |
119 h[6] = add32(g, h[6]); | 124 h[6] = add32(g, h[6]); |
120 h[7] = add32(j, h[7]); | 125 h[7] = add32(j, h[7]); |
121 } | 126 } |
122 } | 127 } |
OLD | NEW |