1 package org.gudy.bouncycastle.crypto.digests; 2 3 import org.gudy.bouncycastle.crypto.digests.GeneralDigest; 4 5 6 /** 7 * implementation of RIPEMD256. 8 * <p> 9 * <b>note:</b> this algorithm offers the same level of security as RIPEMD128. 10 */ 11 public class RIPEMD256Digest 12 extends GeneralDigest 13 { 14 private static final int DIGEST_LENGTH = 32; 15 16 private int H0, H1, H2, H3, H4, H5, H6, H7; // IV's 17 18 private int[] X = new int[16]; 19 private int xOff; 20 21 /** 22 * Standard constructor 23 */ RIPEMD256Digest()24 public RIPEMD256Digest() 25 { 26 reset(); 27 } 28 29 /** 30 * Copy constructor. This will copy the state of the provided 31 * message digest. 32 */ RIPEMD256Digest(RIPEMD256Digest t)33 public RIPEMD256Digest(RIPEMD256Digest t) 34 { 35 super(t); 36 37 H0 = t.H0; 38 H1 = t.H1; 39 H2 = t.H2; 40 H3 = t.H3; 41 H4 = t.H4; 42 H5 = t.H5; 43 H6 = t.H6; 44 H7 = t.H7; 45 46 System.arraycopy(t.X, 0, X, 0, t.X.length); 47 xOff = t.xOff; 48 } 49 getAlgorithmName()50 public String getAlgorithmName() 51 { 52 return "RIPEMD256"; 53 } 54 getDigestSize()55 public int getDigestSize() 56 { 57 return DIGEST_LENGTH; 58 } 59 processWord( byte[] in, int inOff)60 protected void processWord( 61 byte[] in, 62 int inOff) 63 { 64 X[xOff++] = (in[inOff] & 0xff) | ((in[inOff + 1] & 0xff) << 8) 65 | ((in[inOff + 2] & 0xff) << 16) | ((in[inOff + 3] & 0xff) << 24); 66 67 if (xOff == 16) 68 { 69 processBlock(); 70 } 71 } 72 processLength( long bitLength)73 protected void processLength( 74 long bitLength) 75 { 76 if (xOff > 14) 77 { 78 processBlock(); 79 } 80 81 X[14] = (int)(bitLength & 0xffffffff); 82 X[15] = (int)(bitLength >>> 32); 83 } 84 unpackWord( int word, byte[] out, int outOff)85 private void unpackWord( 86 int word, 87 byte[] out, 88 int outOff) 89 { 90 out[outOff] = (byte)word; 91 out[outOff + 1] = (byte)(word >>> 8); 92 out[outOff + 2] = (byte)(word >>> 16); 93 out[outOff + 3] = (byte)(word >>> 24); 94 } 95 doFinal( byte[] out, int outOff)96 public int doFinal( 97 byte[] out, 98 int outOff) 99 { 100 finish(); 101 102 unpackWord(H0, out, outOff); 103 unpackWord(H1, out, outOff + 4); 104 unpackWord(H2, out, outOff + 8); 105 unpackWord(H3, out, outOff + 12); 106 unpackWord(H4, out, outOff + 16); 107 unpackWord(H5, out, outOff + 20); 108 unpackWord(H6, out, outOff + 24); 109 unpackWord(H7, out, outOff + 28); 110 111 reset(); 112 113 return DIGEST_LENGTH; 114 } 115 116 /** 117 * reset the chaining variables to the IV values. 118 */ reset()119 public void reset() 120 { 121 super.reset(); 122 123 H0 = 0x67452301; 124 H1 = 0xefcdab89; 125 H2 = 0x98badcfe; 126 H3 = 0x10325476; 127 H4 = 0x76543210; 128 H5 = 0xFEDCBA98; 129 H6 = 0x89ABCDEF; 130 H7 = 0x01234567; 131 132 xOff = 0; 133 134 for (int i = 0; i != X.length; i++) 135 { 136 X[i] = 0; 137 } 138 } 139 140 /* 141 * rotate int x left n bits. 142 */ RL( int x, int n)143 private final int RL( 144 int x, 145 int n) 146 { 147 return (x << n) | (x >>> (32 - n)); 148 } 149 150 /* 151 * f1,f2,f3,f4 are the basic RIPEMD128 functions. 152 */ 153 154 /* 155 * F 156 */ f1( int x, int y, int z)157 private final int f1( 158 int x, 159 int y, 160 int z) 161 { 162 return x ^ y ^ z; 163 } 164 165 /* 166 * G 167 */ f2( int x, int y, int z)168 private final int f2( 169 int x, 170 int y, 171 int z) 172 { 173 return (x & y) | (~x & z); 174 } 175 176 /* 177 * H 178 */ f3( int x, int y, int z)179 private final int f3( 180 int x, 181 int y, 182 int z) 183 { 184 return (x | ~y) ^ z; 185 } 186 187 /* 188 * I 189 */ f4( int x, int y, int z)190 private final int f4( 191 int x, 192 int y, 193 int z) 194 { 195 return (x & z) | (y & ~z); 196 } 197 F1( int a, int b, int c, int d, int x, int s)198 private final int F1( 199 int a, 200 int b, 201 int c, 202 int d, 203 int x, 204 int s) 205 { 206 return RL(a + f1(b, c, d) + x, s); 207 } 208 F2( int a, int b, int c, int d, int x, int s)209 private final int F2( 210 int a, 211 int b, 212 int c, 213 int d, 214 int x, 215 int s) 216 { 217 return RL(a + f2(b, c, d) + x + 0x5a827999, s); 218 } 219 F3( int a, int b, int c, int d, int x, int s)220 private final int F3( 221 int a, 222 int b, 223 int c, 224 int d, 225 int x, 226 int s) 227 { 228 return RL(a + f3(b, c, d) + x + 0x6ed9eba1, s); 229 } 230 F4( int a, int b, int c, int d, int x, int s)231 private final int F4( 232 int a, 233 int b, 234 int c, 235 int d, 236 int x, 237 int s) 238 { 239 return RL(a + f4(b, c, d) + x + 0x8f1bbcdc, s); 240 } 241 FF1( int a, int b, int c, int d, int x, int s)242 private final int FF1( 243 int a, 244 int b, 245 int c, 246 int d, 247 int x, 248 int s) 249 { 250 return RL(a + f1(b, c, d) + x, s); 251 } 252 FF2( int a, int b, int c, int d, int x, int s)253 private final int FF2( 254 int a, 255 int b, 256 int c, 257 int d, 258 int x, 259 int s) 260 { 261 return RL(a + f2(b, c, d) + x + 0x6d703ef3, s); 262 } 263 FF3( int a, int b, int c, int d, int x, int s)264 private final int FF3( 265 int a, 266 int b, 267 int c, 268 int d, 269 int x, 270 int s) 271 { 272 return RL(a + f3(b, c, d) + x + 0x5c4dd124, s); 273 } 274 FF4( int a, int b, int c, int d, int x, int s)275 private final int FF4( 276 int a, 277 int b, 278 int c, 279 int d, 280 int x, 281 int s) 282 { 283 return RL(a + f4(b, c, d) + x + 0x50a28be6, s); 284 } 285 processBlock()286 protected void processBlock() 287 { 288 int a, aa; 289 int b, bb; 290 int c, cc; 291 int d, dd; 292 int t; 293 294 a = H0; 295 b = H1; 296 c = H2; 297 d = H3; 298 aa = H4; 299 bb = H5; 300 cc = H6; 301 dd = H7; 302 303 // 304 // Round 1 305 // 306 307 a = F1(a, b, c, d, X[ 0], 11); 308 d = F1(d, a, b, c, X[ 1], 14); 309 c = F1(c, d, a, b, X[ 2], 15); 310 b = F1(b, c, d, a, X[ 3], 12); 311 a = F1(a, b, c, d, X[ 4], 5); 312 d = F1(d, a, b, c, X[ 5], 8); 313 c = F1(c, d, a, b, X[ 6], 7); 314 b = F1(b, c, d, a, X[ 7], 9); 315 a = F1(a, b, c, d, X[ 8], 11); 316 d = F1(d, a, b, c, X[ 9], 13); 317 c = F1(c, d, a, b, X[10], 14); 318 b = F1(b, c, d, a, X[11], 15); 319 a = F1(a, b, c, d, X[12], 6); 320 d = F1(d, a, b, c, X[13], 7); 321 c = F1(c, d, a, b, X[14], 9); 322 b = F1(b, c, d, a, X[15], 8); 323 324 aa = FF4(aa, bb, cc, dd, X[ 5], 8); 325 dd = FF4(dd, aa, bb, cc, X[14], 9); 326 cc = FF4(cc, dd, aa, bb, X[ 7], 9); 327 bb = FF4(bb, cc, dd, aa, X[ 0], 11); 328 aa = FF4(aa, bb, cc, dd, X[ 9], 13); 329 dd = FF4(dd, aa, bb, cc, X[ 2], 15); 330 cc = FF4(cc, dd, aa, bb, X[11], 15); 331 bb = FF4(bb, cc, dd, aa, X[ 4], 5); 332 aa = FF4(aa, bb, cc, dd, X[13], 7); 333 dd = FF4(dd, aa, bb, cc, X[ 6], 7); 334 cc = FF4(cc, dd, aa, bb, X[15], 8); 335 bb = FF4(bb, cc, dd, aa, X[ 8], 11); 336 aa = FF4(aa, bb, cc, dd, X[ 1], 14); 337 dd = FF4(dd, aa, bb, cc, X[10], 14); 338 cc = FF4(cc, dd, aa, bb, X[ 3], 12); 339 bb = FF4(bb, cc, dd, aa, X[12], 6); 340 341 t = a; a = aa; aa = t; 342 343 // 344 // Round 2 345 // 346 a = F2(a, b, c, d, X[ 7], 7); 347 d = F2(d, a, b, c, X[ 4], 6); 348 c = F2(c, d, a, b, X[13], 8); 349 b = F2(b, c, d, a, X[ 1], 13); 350 a = F2(a, b, c, d, X[10], 11); 351 d = F2(d, a, b, c, X[ 6], 9); 352 c = F2(c, d, a, b, X[15], 7); 353 b = F2(b, c, d, a, X[ 3], 15); 354 a = F2(a, b, c, d, X[12], 7); 355 d = F2(d, a, b, c, X[ 0], 12); 356 c = F2(c, d, a, b, X[ 9], 15); 357 b = F2(b, c, d, a, X[ 5], 9); 358 a = F2(a, b, c, d, X[ 2], 11); 359 d = F2(d, a, b, c, X[14], 7); 360 c = F2(c, d, a, b, X[11], 13); 361 b = F2(b, c, d, a, X[ 8], 12); 362 363 aa = FF3(aa, bb, cc, dd, X[ 6], 9); 364 dd = FF3(dd, aa, bb, cc, X[ 11], 13); 365 cc = FF3(cc, dd, aa, bb, X[3], 15); 366 bb = FF3(bb, cc, dd, aa, X[ 7], 7); 367 aa = FF3(aa, bb, cc, dd, X[0], 12); 368 dd = FF3(dd, aa, bb, cc, X[13], 8); 369 cc = FF3(cc, dd, aa, bb, X[5], 9); 370 bb = FF3(bb, cc, dd, aa, X[10], 11); 371 aa = FF3(aa, bb, cc, dd, X[14], 7); 372 dd = FF3(dd, aa, bb, cc, X[15], 7); 373 cc = FF3(cc, dd, aa, bb, X[ 8], 12); 374 bb = FF3(bb, cc, dd, aa, X[12], 7); 375 aa = FF3(aa, bb, cc, dd, X[ 4], 6); 376 dd = FF3(dd, aa, bb, cc, X[ 9], 15); 377 cc = FF3(cc, dd, aa, bb, X[ 1], 13); 378 bb = FF3(bb, cc, dd, aa, X[ 2], 11); 379 380 t = b; b = bb; bb = t; 381 382 // 383 // Round 3 384 // 385 a = F3(a, b, c, d, X[ 3], 11); 386 d = F3(d, a, b, c, X[10], 13); 387 c = F3(c, d, a, b, X[14], 6); 388 b = F3(b, c, d, a, X[ 4], 7); 389 a = F3(a, b, c, d, X[ 9], 14); 390 d = F3(d, a, b, c, X[15], 9); 391 c = F3(c, d, a, b, X[ 8], 13); 392 b = F3(b, c, d, a, X[ 1], 15); 393 a = F3(a, b, c, d, X[ 2], 14); 394 d = F3(d, a, b, c, X[ 7], 8); 395 c = F3(c, d, a, b, X[ 0], 13); 396 b = F3(b, c, d, a, X[ 6], 6); 397 a = F3(a, b, c, d, X[13], 5); 398 d = F3(d, a, b, c, X[11], 12); 399 c = F3(c, d, a, b, X[ 5], 7); 400 b = F3(b, c, d, a, X[12], 5); 401 402 aa = FF2(aa, bb, cc, dd, X[ 15], 9); 403 dd = FF2(dd, aa, bb, cc, X[5], 7); 404 cc = FF2(cc, dd, aa, bb, X[1], 15); 405 bb = FF2(bb, cc, dd, aa, X[ 3], 11); 406 aa = FF2(aa, bb, cc, dd, X[ 7], 8); 407 dd = FF2(dd, aa, bb, cc, X[14], 6); 408 cc = FF2(cc, dd, aa, bb, X[ 6], 6); 409 bb = FF2(bb, cc, dd, aa, X[ 9], 14); 410 aa = FF2(aa, bb, cc, dd, X[11], 12); 411 dd = FF2(dd, aa, bb, cc, X[ 8], 13); 412 cc = FF2(cc, dd, aa, bb, X[12], 5); 413 bb = FF2(bb, cc, dd, aa, X[ 2], 14); 414 aa = FF2(aa, bb, cc, dd, X[10], 13); 415 dd = FF2(dd, aa, bb, cc, X[ 0], 13); 416 cc = FF2(cc, dd, aa, bb, X[ 4], 7); 417 bb = FF2(bb, cc, dd, aa, X[13], 5); 418 419 t = c; c = cc; cc = t; 420 421 // 422 // Round 4 423 // 424 a = F4(a, b, c, d, X[ 1], 11); 425 d = F4(d, a, b, c, X[ 9], 12); 426 c = F4(c, d, a, b, X[11], 14); 427 b = F4(b, c, d, a, X[10], 15); 428 a = F4(a, b, c, d, X[ 0], 14); 429 d = F4(d, a, b, c, X[ 8], 15); 430 c = F4(c, d, a, b, X[12], 9); 431 b = F4(b, c, d, a, X[ 4], 8); 432 a = F4(a, b, c, d, X[13], 9); 433 d = F4(d, a, b, c, X[ 3], 14); 434 c = F4(c, d, a, b, X[ 7], 5); 435 b = F4(b, c, d, a, X[15], 6); 436 a = F4(a, b, c, d, X[14], 8); 437 d = F4(d, a, b, c, X[ 5], 6); 438 c = F4(c, d, a, b, X[ 6], 5); 439 b = F4(b, c, d, a, X[ 2], 12); 440 441 aa = FF1(aa, bb, cc, dd, X[ 8], 15); 442 dd = FF1(dd, aa, bb, cc, X[ 6], 5); 443 cc = FF1(cc, dd, aa, bb, X[ 4], 8); 444 bb = FF1(bb, cc, dd, aa, X[ 1], 11); 445 aa = FF1(aa, bb, cc, dd, X[ 3], 14); 446 dd = FF1(dd, aa, bb, cc, X[11], 14); 447 cc = FF1(cc, dd, aa, bb, X[15], 6); 448 bb = FF1(bb, cc, dd, aa, X[ 0], 14); 449 aa = FF1(aa, bb, cc, dd, X[ 5], 6); 450 dd = FF1(dd, aa, bb, cc, X[12], 9); 451 cc = FF1(cc, dd, aa, bb, X[ 2], 12); 452 bb = FF1(bb, cc, dd, aa, X[13], 9); 453 aa = FF1(aa, bb, cc, dd, X[ 9], 12); 454 dd = FF1(dd, aa, bb, cc, X[ 7], 5); 455 cc = FF1(cc, dd, aa, bb, X[10], 15); 456 bb = FF1(bb, cc, dd, aa, X[14], 8); 457 458 t = d; d = dd; dd = t; 459 460 H0 += a; 461 H1 += b; 462 H2 += c; 463 H3 += d; 464 H4 += aa; 465 H5 += bb; 466 H6 += cc; 467 H7 += dd; 468 469 // 470 // reset the offset and clean out the word buffer. 471 // 472 xOff = 0; 473 for (int i = 0; i != X.length; i++) 474 { 475 X[i] = 0; 476 } 477 } 478 } 479