1------------------------------------------------------------------------------ 2-- -- 3-- GNAT LIBRARY COMPONENTS -- 4-- -- 5-- G N A T . S E C U R E _ H A S H E S . S H A 2 _ C O M M O N -- 6-- -- 7-- B o d y -- 8-- -- 9-- Copyright (C) 2009-2021, Free Software Foundation, Inc. -- 10-- -- 11-- GNAT is free software; you can redistribute it and/or modify it under -- 12-- terms of the GNU General Public License as published by the Free Soft- -- 13-- ware Foundation; either version 3, or (at your option) any later ver- -- 14-- sion. GNAT is distributed in the hope that it will be useful, but WITH- -- 15-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -- 16-- or FITNESS FOR A PARTICULAR PURPOSE. -- 17-- -- 18-- As a special exception under Section 7 of GPL version 3, you are granted -- 19-- additional permissions described in the GCC Runtime Library Exception, -- 20-- version 3.1, as published by the Free Software Foundation. -- 21-- -- 22-- You should have received a copy of the GNU General Public License and -- 23-- a copy of the GCC Runtime Library Exception along with this program; -- 24-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see -- 25-- <http://www.gnu.org/licenses/>. -- 26-- -- 27-- GNAT was originally developed by the GNAT team at New York University. -- 28-- Extensive contributions were provided by Ada Core Technologies Inc. -- 29-- -- 30------------------------------------------------------------------------------ 31 32package body GNAT.Secure_Hashes.SHA2_Common is 33 34 --------------- 35 -- Transform -- 36 --------------- 37 38 procedure Transform 39 (H_St : in out Hash_State.State; 40 M_St : in out Message_State) 41 is 42 use System; 43 44 subtype Word is Hash_State.Word; 45 use type Hash_State.Word; 46 47 function Ch (X, Y, Z : Word) return Word; 48 function Maj (X, Y, Z : Word) return Word; 49 pragma Inline (Ch, Maj); 50 -- Elementary functions from FIPS PUB 180-3 51 52 -------- 53 -- Ch -- 54 -------- 55 56 function Ch (X, Y, Z : Word) return Word is 57 begin 58 return (X and Y) xor ((not X) and Z); 59 end Ch; 60 61 --------- 62 -- Maj -- 63 --------- 64 65 function Maj (X, Y, Z : Word) return Word is 66 begin 67 return (X and Y) xor (X and Z) xor (Y and Z); 68 end Maj; 69 70 type Words is array (Natural range <>) of Word; 71 72 X : Words (0 .. 15); 73 for X'Address use M_St.Buffer'Address; 74 pragma Import (Ada, X); 75 76 W : Words (0 .. Rounds - 1); 77 78 A, B, C, D, E, F, G, H, T1, T2 : Word; 79 80 -- Start of processing for Transform 81 82 begin 83 if Default_Bit_Order /= High_Order_First then 84 for J in X'Range loop 85 Hash_State.Swap (X (J)'Address); 86 end loop; 87 end if; 88 89 -- 1. Prepare message schedule 90 91 W (0 .. 15) := X; 92 93 for T in 16 .. Rounds - 1 loop 94 W (T) := S1 (W (T - 2)) + W (T - 7) + S0 (W (T - 15)) + W (T - 16); 95 end loop; 96 97 -- 2. Initialize working variables 98 99 A := H_St (0); 100 B := H_St (1); 101 C := H_St (2); 102 D := H_St (3); 103 E := H_St (4); 104 F := H_St (5); 105 G := H_St (6); 106 H := H_St (7); 107 108 -- 3. Perform transformation rounds 109 110 for T in 0 .. Rounds - 1 loop 111 T1 := H + Sigma1 (E) + Ch (E, F, G) 112 + K (Stream_Element_Offset (T)) + W (T); 113 T2 := Sigma0 (A) + Maj (A, B, C); 114 H := G; 115 G := F; 116 F := E; 117 E := D + T1; 118 D := C; 119 C := B; 120 B := A; 121 A := T1 + T2; 122 end loop; 123 124 -- 4. Update hash state 125 126 H_St (0) := A + H_St (0); 127 H_St (1) := B + H_St (1); 128 H_St (2) := C + H_St (2); 129 H_St (3) := D + H_St (3); 130 H_St (4) := E + H_St (4); 131 H_St (5) := F + H_St (5); 132 H_St (6) := G + H_St (6); 133 H_St (7) := H + H_St (7); 134 end Transform; 135 136end GNAT.Secure_Hashes.SHA2_Common; 137