1------------------------------------------------------------------------------ 2-- -- 3-- GNAT LIBRARY COMPONENTS -- 4-- -- 5-- G N A T . S E C U R E _ H A S H E S . S H A 2 _ 6 4 -- 6-- -- 7-- S p e c -- 8-- -- 9-- Copyright (C) 2009-2018, Free Software Foundation, Inc. -- 10-- -- 11-- GNAT is free software; you can redistribute it and/or modify it under -- 12-- terms of the GNU General Public License as published by the Free Soft- -- 13-- ware Foundation; either version 3, or (at your option) any later ver- -- 14-- sion. GNAT is distributed in the hope that it will be useful, but WITH- -- 15-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -- 16-- or FITNESS FOR A PARTICULAR PURPOSE. -- 17-- -- 18-- As a special exception under Section 7 of GPL version 3, you are granted -- 19-- additional permissions described in the GCC Runtime Library Exception, -- 20-- version 3.1, as published by the Free Software Foundation. -- 21-- -- 22-- You should have received a copy of the GNU General Public License and -- 23-- a copy of the GCC Runtime Library Exception along with this program; -- 24-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see -- 25-- <http://www.gnu.org/licenses/>. -- 26-- -- 27-- GNAT was originally developed by the GNAT team at New York University. -- 28-- Extensive contributions were provided by Ada Core Technologies Inc. -- 29-- -- 30------------------------------------------------------------------------------ 31 32-- This package provides support for the 64-bit FIPS PUB 180-3 functions 33-- SHA-384 and SHA-512. 34 35-- This is an internal unit and should not be used directly in applications. 36-- Use GNAT.SHA384 and GNAT.SHA512 instead. 37 38with Interfaces; 39with GNAT.Byte_Swapping; 40 41with GNAT.Secure_Hashes.SHA2_Common; 42 43package GNAT.Secure_Hashes.SHA2_64 is 44 subtype Word is Interfaces.Unsigned_64; 45 46 package Hash_State is new Hash_Function_State 47 (Word => Word, 48 Swap => GNAT.Byte_Swapping.Swap8, 49 Hash_Bit_Order => System.High_Order_First); 50 -- SHA-384 and SHA-512 operate on 64-bit big endian words 51 52 K : Hash_State.State (0 .. 79) := 53 (16#428a2f98d728ae22#, 16#7137449123ef65cd#, 54 16#b5c0fbcfec4d3b2f#, 16#e9b5dba58189dbbc#, 55 16#3956c25bf348b538#, 16#59f111f1b605d019#, 56 16#923f82a4af194f9b#, 16#ab1c5ed5da6d8118#, 57 16#d807aa98a3030242#, 16#12835b0145706fbe#, 58 16#243185be4ee4b28c#, 16#550c7dc3d5ffb4e2#, 59 16#72be5d74f27b896f#, 16#80deb1fe3b1696b1#, 60 16#9bdc06a725c71235#, 16#c19bf174cf692694#, 61 16#e49b69c19ef14ad2#, 16#efbe4786384f25e3#, 62 16#0fc19dc68b8cd5b5#, 16#240ca1cc77ac9c65#, 63 16#2de92c6f592b0275#, 16#4a7484aa6ea6e483#, 64 16#5cb0a9dcbd41fbd4#, 16#76f988da831153b5#, 65 16#983e5152ee66dfab#, 16#a831c66d2db43210#, 66 16#b00327c898fb213f#, 16#bf597fc7beef0ee4#, 67 16#c6e00bf33da88fc2#, 16#d5a79147930aa725#, 68 16#06ca6351e003826f#, 16#142929670a0e6e70#, 69 16#27b70a8546d22ffc#, 16#2e1b21385c26c926#, 70 16#4d2c6dfc5ac42aed#, 16#53380d139d95b3df#, 71 16#650a73548baf63de#, 16#766a0abb3c77b2a8#, 72 16#81c2c92e47edaee6#, 16#92722c851482353b#, 73 16#a2bfe8a14cf10364#, 16#a81a664bbc423001#, 74 16#c24b8b70d0f89791#, 16#c76c51a30654be30#, 75 16#d192e819d6ef5218#, 16#d69906245565a910#, 76 16#f40e35855771202a#, 16#106aa07032bbd1b8#, 77 16#19a4c116b8d2d0c8#, 16#1e376c085141ab53#, 78 16#2748774cdf8eeb99#, 16#34b0bcb5e19b48a8#, 79 16#391c0cb3c5c95a63#, 16#4ed8aa4ae3418acb#, 80 16#5b9cca4f7763e373#, 16#682e6ff3d6b2b8a3#, 81 16#748f82ee5defb2fc#, 16#78a5636f43172f60#, 82 16#84c87814a1f0ab72#, 16#8cc702081a6439ec#, 83 16#90befffa23631e28#, 16#a4506cebde82bde9#, 84 16#bef9a3f7b2c67915#, 16#c67178f2e372532b#, 85 16#ca273eceea26619c#, 16#d186b8c721c0c207#, 86 16#eada7dd6cde0eb1e#, 16#f57d4f7fee6ed178#, 87 16#06f067aa72176fba#, 16#0a637dc5a2c898a6#, 88 16#113f9804bef90dae#, 16#1b710b35131c471b#, 89 16#28db77f523047d84#, 16#32caab7b40c72493#, 90 16#3c9ebe0a15c9bebc#, 16#431d67c49c100d4c#, 91 16#4cc5d4becb3e42b6#, 16#597f299cfc657e2a#, 92 16#5fcb6fab3ad6faec#, 16#6c44198c4a475817#); 93 -- Constants from FIPS PUB 180-3 94 95 function Sigma0 (X : Word) return Word; 96 function Sigma1 (X : Word) return Word; 97 function S0 (X : Word) return Word; 98 function S1 (X : Word) return Word; 99 pragma Inline (Sigma0, Sigma1, S0, S1); 100 -- Elementary functions Sigma^512_0, Sigma^512_1, sigma^512_0, sigma^512_1 101 -- from FIPS PUB 180-3. 102 103 procedure Transform is new SHA2_Common.Transform 104 (Hash_State => Hash_State, 105 K => K, 106 Rounds => 80, 107 Sigma0 => Sigma0, 108 Sigma1 => Sigma1, 109 S0 => S0, 110 S1 => S1); 111 112 SHA384_Init_State : constant Hash_State.State := 113 (0 => 16#cbbb9d5dc1059ed8#, 114 1 => 16#629a292a367cd507#, 115 2 => 16#9159015a3070dd17#, 116 3 => 16#152fecd8f70e5939#, 117 4 => 16#67332667ffc00b31#, 118 5 => 16#8eb44a8768581511#, 119 6 => 16#db0c2e0d64f98fa7#, 120 7 => 16#47b5481dbefa4fa4#); 121 SHA512_Init_State : constant Hash_State.State := 122 (0 => 16#6a09e667f3bcc908#, 123 1 => 16#bb67ae8584caa73b#, 124 2 => 16#3c6ef372fe94f82b#, 125 3 => 16#a54ff53a5f1d36f1#, 126 4 => 16#510e527fade682d1#, 127 5 => 16#9b05688c2b3e6c1f#, 128 6 => 16#1f83d9abfb41bd6b#, 129 7 => 16#5be0cd19137e2179#); 130 -- Initialization vectors from FIPS PUB 180-3 131 132end GNAT.Secure_Hashes.SHA2_64; 133