The Go Programming Language

Source file src/pkg/crypto/sha256/sha256.go

     1	// Copyright 2009 The Go Authors. All rights reserved.
     2	// Use of this source code is governed by a BSD-style
     3	// license that can be found in the LICENSE file.
     4	
     5	// Package sha256 implements the SHA224 and SHA256 hash algorithms as defined
     6	// in FIPS 180-2.
     7	package sha256
     8	
     9	import (
    10		"crypto"
    11		"hash"
    12		"os"
    13	)
    14	
    15	func init() {
    16		crypto.RegisterHash(crypto.SHA224, New224)
    17		crypto.RegisterHash(crypto.SHA256, New)
    18	}
    19	
    20	// The size of a SHA256 checksum in bytes.
    21	const Size = 32
    22	
    23	// The size of a SHA224 checksum in bytes.
    24	const Size224 = 28
    25	
    26	const (
    27		_Chunk     = 64
    28		_Init0     = 0x6A09E667
    29		_Init1     = 0xBB67AE85
    30		_Init2     = 0x3C6EF372
    31		_Init3     = 0xA54FF53A
    32		_Init4     = 0x510E527F
    33		_Init5     = 0x9B05688C
    34		_Init6     = 0x1F83D9AB
    35		_Init7     = 0x5BE0CD19
    36		_Init0_224 = 0xC1059ED8
    37		_Init1_224 = 0x367CD507
    38		_Init2_224 = 0x3070DD17
    39		_Init3_224 = 0xF70E5939
    40		_Init4_224 = 0xFFC00B31
    41		_Init5_224 = 0x68581511
    42		_Init6_224 = 0x64F98FA7
    43		_Init7_224 = 0xBEFA4FA4
    44	)
    45	
    46	// digest represents the partial evaluation of a checksum.
    47	type digest struct {
    48		h     [8]uint32
    49		x     [_Chunk]byte
    50		nx    int
    51		len   uint64
    52		is224 bool // mark if this digest is SHA-224
    53	}
    54	
    55	func (d *digest) Reset() {
    56		if !d.is224 {
    57			d.h[0] = _Init0
    58			d.h[1] = _Init1
    59			d.h[2] = _Init2
    60			d.h[3] = _Init3
    61			d.h[4] = _Init4
    62			d.h[5] = _Init5
    63			d.h[6] = _Init6
    64			d.h[7] = _Init7
    65		} else {
    66			d.h[0] = _Init0_224
    67			d.h[1] = _Init1_224
    68			d.h[2] = _Init2_224
    69			d.h[3] = _Init3_224
    70			d.h[4] = _Init4_224
    71			d.h[5] = _Init5_224
    72			d.h[6] = _Init6_224
    73			d.h[7] = _Init7_224
    74		}
    75		d.nx = 0
    76		d.len = 0
    77	}
    78	
    79	// New returns a new hash.Hash computing the SHA256 checksum.
    80	func New() hash.Hash {
    81		d := new(digest)
    82		d.Reset()
    83		return d
    84	}
    85	
    86	// New224 returns a new hash.Hash computing the SHA224 checksum.
    87	func New224() hash.Hash {
    88		d := new(digest)
    89		d.is224 = true
    90		d.Reset()
    91		return d
    92	}
    93	
    94	func (d *digest) Size() int {
    95		if !d.is224 {
    96			return Size
    97		}
    98		return Size224
    99	}
   100	
   101	func (d *digest) Write(p []byte) (nn int, err os.Error) {
   102		nn = len(p)
   103		d.len += uint64(nn)
   104		if d.nx > 0 {
   105			n := len(p)
   106			if n > _Chunk-d.nx {
   107				n = _Chunk - d.nx
   108			}
   109			for i := 0; i < n; i++ {
   110				d.x[d.nx+i] = p[i]
   111			}
   112			d.nx += n
   113			if d.nx == _Chunk {
   114				_Block(d, d.x[0:])
   115				d.nx = 0
   116			}
   117			p = p[n:]
   118		}
   119		n := _Block(d, p)
   120		p = p[n:]
   121		if len(p) > 0 {
   122			d.nx = copy(d.x[:], p)
   123		}
   124		return
   125	}
   126	
   127	func (d0 *digest) Sum() []byte {
   128		// Make a copy of d0 so that caller can keep writing and summing.
   129		d := new(digest)
   130		*d = *d0
   131	
   132		// Padding.  Add a 1 bit and 0 bits until 56 bytes mod 64.
   133		len := d.len
   134		var tmp [64]byte
   135		tmp[0] = 0x80
   136		if len%64 < 56 {
   137			d.Write(tmp[0 : 56-len%64])
   138		} else {
   139			d.Write(tmp[0 : 64+56-len%64])
   140		}
   141	
   142		// Length in bits.
   143		len <<= 3
   144		for i := uint(0); i < 8; i++ {
   145			tmp[i] = byte(len >> (56 - 8*i))
   146		}
   147		d.Write(tmp[0:8])
   148	
   149		if d.nx != 0 {
   150			panic("d.nx != 0")
   151		}
   152	
   153		p := make([]byte, 32)
   154		j := 0
   155		for _, s := range d.h {
   156			p[j+0] = byte(s >> 24)
   157			p[j+1] = byte(s >> 16)
   158			p[j+2] = byte(s >> 8)
   159			p[j+3] = byte(s >> 0)
   160			j += 4
   161		}
   162		if d.is224 {
   163			return p[0:28]
   164		}
   165		return p
   166	}

release.r60.3. Except as noted, this content is licensed under a Creative Commons Attribution 3.0 License.