X-Git-Url: http://git.osdn.net/view?p=bytom%2Fvapor.git;a=blobdiff_plain;f=crypto%2Fsm3%2Fsm3.go;fp=crypto%2Fsm3%2Fsm3.go;h=0000000000000000000000000000000000000000;hp=45057c080b1ca0957e4297fdba588a908b15283e;hb=cb120a52d80aaf7c52f101644b5aa2f521588382;hpb=4e7f502753546efa47d58ab770a5c275e7b41c77 diff --git a/crypto/sm3/sm3.go b/crypto/sm3/sm3.go deleted file mode 100644 index 45057c08..00000000 --- a/crypto/sm3/sm3.go +++ /dev/null @@ -1,193 +0,0 @@ -package sm3 - -import ( - "encoding/binary" - "hash" -) - -type SM3 struct { - digest [8]uint32 // digest represents the partial evaluation of V - length uint64 // length of the message - unhandleMsg []byte // uint8 // -} - -func (sm3 *SM3) ff0(x, y, z uint32) uint32 { return x ^ y ^ z } - -func (sm3 *SM3) ff1(x, y, z uint32) uint32 { return (x & y) | (x & z) | (y & z) } - -func (sm3 *SM3) gg0(x, y, z uint32) uint32 { return x ^ y ^ z } - -func (sm3 *SM3) gg1(x, y, z uint32) uint32 { return (x & y) | (^x & z) } - -func (sm3 *SM3) p0(x uint32) uint32 { return x ^ sm3.leftRotate(x, 9) ^ sm3.leftRotate(x, 17) } - -func (sm3 *SM3) p1(x uint32) uint32 { return x ^ sm3.leftRotate(x, 15) ^ sm3.leftRotate(x, 23) } - -func (sm3 *SM3) leftRotate(x uint32, i uint32) uint32 { return (x<<(i%32) | x>>(32-i%32)) } - -func (sm3 *SM3) pad() []byte { - msg := sm3.unhandleMsg - msg = append(msg, 0x80) // Append '1' - blockSize := 64 // Append until the resulting message length (in bits) is congruent to 448 (mod 512) - for len(msg)%blockSize != 56 { - msg = append(msg, 0x00) - } - // append message length - // not using loops so that compiler might benefit from it - msg = append(msg, uint8(sm3.length>>56&0xff)) - msg = append(msg, uint8(sm3.length>>48&0xff)) - msg = append(msg, uint8(sm3.length>>40&0xff)) - msg = append(msg, uint8(sm3.length>>32&0xff)) - msg = append(msg, uint8(sm3.length>>24&0xff)) - msg = append(msg, uint8(sm3.length>>16&0xff)) - msg = append(msg, uint8(sm3.length>>8&0xff)) - msg = append(msg, uint8(sm3.length>>0&0xff)) - - if len(msg)%64 != 0 { - panic("------SM3 Pad: error msgLen =") - } - return msg -} - -func (sm3 *SM3) update(msg []byte, nblocks int) { - var w [68]uint32 - var w1 [64]uint32 - - a, b, c, d, e, f, g, h := sm3.digest[0], sm3.digest[1], sm3.digest[2], sm3.digest[3], sm3.digest[4], sm3.digest[5], sm3.digest[6], sm3.digest[7] - for len(msg) >= 64 { - for i := 0; i < 16; i++ { - w[i] = binary.BigEndian.Uint32(msg[4*i : 4*(i+1)]) - } - for i := 16; i < 68; i++ { - w[i] = sm3.p1(w[i-16]^w[i-9]^sm3.leftRotate(w[i-3], 15)) ^ sm3.leftRotate(w[i-13], 7) ^ w[i-6] - } - for i := 0; i < 64; i++ { - w1[i] = w[i] ^ w[i+4] - } - A, B, C, D, E, F, G, H := a, b, c, d, e, f, g, h - for i := 0; i < 16; i++ { - SS1 := sm3.leftRotate(sm3.leftRotate(A, 12)+E+sm3.leftRotate(0x79cc4519, uint32(i)), 7) - SS2 := SS1 ^ sm3.leftRotate(A, 12) - TT1 := sm3.ff0(A, B, C) + D + SS2 + w1[i] - TT2 := sm3.gg0(E, F, G) + H + SS1 + w[i] - D = C - C = sm3.leftRotate(B, 9) - B = A - A = TT1 - H = G - G = sm3.leftRotate(F, 19) - F = E - E = sm3.p0(TT2) - } - for i := 16; i < 64; i++ { - SS1 := sm3.leftRotate(sm3.leftRotate(A, 12)+E+sm3.leftRotate(0x7a879d8a, uint32(i)), 7) - SS2 := SS1 ^ sm3.leftRotate(A, 12) - TT1 := sm3.ff1(A, B, C) + D + SS2 + w1[i] - TT2 := sm3.gg1(E, F, G) + H + SS1 + w[i] - D = C - C = sm3.leftRotate(B, 9) - B = A - A = TT1 - H = G - G = sm3.leftRotate(F, 19) - F = E - E = sm3.p0(TT2) - } - a ^= A - b ^= B - c ^= C - d ^= D - e ^= E - f ^= F - g ^= G - h ^= H - msg = msg[64:] - } - sm3.digest[0], sm3.digest[1], sm3.digest[2], sm3.digest[3], sm3.digest[4], sm3.digest[5], sm3.digest[6], sm3.digest[7] = a, b, c, d, e, f, g, h -} - -func New() hash.Hash { - var sm3 SM3 - - sm3.Reset() - return &sm3 -} - -// BlockSize, required by the hash.Hash interface. -// BlockSize returns the hash's underlying block size. -// The Write method must be able to accept any amount -// of data, but it may operate more efficiently if all writes -// are a multiple of the block size. -func (sm3 *SM3) BlockSize() int { return 64 } - -// Size, required by the hash.Hash interface. -// Size returns the number of bytes Sum will return. -func (sm3 *SM3) Size() int { return 32 } - -// Reset clears the internal state by zeroing bytes in the state buffer. -// This can be skipped for a newly-created hash state; the default zero-allocated state is correct. -func (sm3 *SM3) Reset() { - // Reset digest - sm3.digest[0] = 0x7380166f - sm3.digest[1] = 0x4914b2b9 - sm3.digest[2] = 0x172442d7 - sm3.digest[3] = 0xda8a0600 - sm3.digest[4] = 0xa96f30bc - sm3.digest[5] = 0x163138aa - sm3.digest[6] = 0xe38dee4d - sm3.digest[7] = 0xb0fb0e4e - - sm3.length = 0 // Reset numberic states - sm3.unhandleMsg = []byte{} -} - -// Write, required by the hash.Hash interface. -// Write (via the embedded io.Writer interface) adds more data to the running hash. -// It never returns an error. -func (sm3 *SM3) Write(p []byte) (int, error) { - toWrite := len(p) - sm3.length += uint64(len(p) * 8) - - msg := append(sm3.unhandleMsg, p...) - nblocks := len(msg) / sm3.BlockSize() - sm3.update(msg, nblocks) - - // Update unhandleMsg - sm3.unhandleMsg = msg[nblocks*sm3.BlockSize():] - - return toWrite, nil -} - -// Sum, required by the hash.Hash interface. -// Sum appends the current hash to b and returns the resulting slice. -// It does not change the underlying hash state. -func (sm3 *SM3) Sum(in []byte) []byte { - sm3.Write(in) - msg := sm3.pad() - - // Finialize - sm3.update(msg, len(msg)/sm3.BlockSize()) - - // save hash to in - needed := sm3.Size() - if cap(in)-len(in) < needed { - newIn := make([]byte, len(in), len(in)+needed) - copy(newIn, in) - in = newIn - } - out := in[len(in) : len(in)+needed] - - for i := 0; i < 8; i++ { - binary.BigEndian.PutUint32(out[i*4:], sm3.digest[i]) - } - return out - -} - -func Sm3Sum(data []byte) []byte { - var sm3 SM3 - - sm3.Reset() - sm3.Write(data) - return sm3.Sum(nil) -}