SHA256Digest.java revision b61a96e7ef1a78acf013bbf08fe537e5b5f129ca 
1b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampackage org.bouncycastle.crypto.digests;
2b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
3b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
4b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.crypto.digests.GeneralDigest;
5b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
6b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
7b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam/**
8b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * FIPS 180-2 implementation of SHA-256.
9b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam *
10b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * <pre>
11b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam *         block  word  digest
12b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * SHA-1   512    32    160
13b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * SHA-256 512    32    256
14b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * SHA-384 1024   64    384
15b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * SHA-512 1024   64    512
16b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * </pre>
17b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */
18b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampublic class SHA256Digest
19b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    extends GeneralDigest
20b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam{
21b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private static final int    DIGEST_LENGTH = 32;
22b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
23b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int     H1, H2, H3, H4, H5, H6, H7, H8;
24b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
25b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int[]   X = new int[64];
26b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int     xOff;
27b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
28b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    /**
29b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * Standard constructor
30b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     */
31b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public SHA256Digest()
32b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
33b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        reset();
34b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
35b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
36b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    /**
37b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * Copy constructor.  This will copy the state of the provided
38b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * message digest.
39b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     */
40b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public SHA256Digest(SHA256Digest t)
41b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
42b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        super(t);
43b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
44b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H1 = t.H1;
45b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H2 = t.H2;
46b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H3 = t.H3;
47b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H4 = t.H4;
48b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H5 = t.H5;
49b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H6 = t.H6;
50b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H7 = t.H7;
51b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H8 = t.H8;
52b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
53b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        System.arraycopy(t.X, 0, X, 0, t.X.length);
54b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        xOff = t.xOff;
55b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
56b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
57b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public String getAlgorithmName()
58b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
59b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return "SHA-256";
60b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
61b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
62b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public int getDigestSize()
63b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
64b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return DIGEST_LENGTH;
65b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
66b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
67b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    protected void processWord(
68b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        byte[]  in,
69b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     inOff)
70b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
71b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        X[xOff++] = ((in[inOff] & 0xff) << 24) | ((in[inOff + 1] & 0xff) << 16)
72b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam                    | ((in[inOff + 2] & 0xff) << 8) | ((in[inOff + 3] & 0xff));
73b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
74b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        if (xOff == 16)
75b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
76b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            processBlock();
77b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
78b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
79b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
80b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private void unpackWord(
81b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     word,
82b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        byte[]  out,
83b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     outOff)
84b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
85b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        out[outOff]     = (byte)(word >>> 24);
86b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        out[outOff + 1] = (byte)(word >>> 16);
87b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        out[outOff + 2] = (byte)(word >>> 8);
88b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        out[outOff + 3] = (byte)word;
89b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
90b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
91b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    protected void processLength(
92b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        long    bitLength)
93b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
94b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        if (xOff > 14)
95b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
96b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            processBlock();
97b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
98b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
99b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        X[14] = (int)(bitLength >>> 32);
100b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        X[15] = (int)(bitLength & 0xffffffff);
101b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
102b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
103b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public int doFinal(
104b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        byte[]  out,
105b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     outOff)
106b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
107b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        finish();
108b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
109b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        unpackWord(H1, out, outOff);
110b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        unpackWord(H2, out, outOff + 4);
111b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        unpackWord(H3, out, outOff + 8);
112b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        unpackWord(H4, out, outOff + 12);
113b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        unpackWord(H5, out, outOff + 16);
114b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        unpackWord(H6, out, outOff + 20);
115b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        unpackWord(H7, out, outOff + 24);
116b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        unpackWord(H8, out, outOff + 28);
117b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
118b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        reset();
119b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
120b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return DIGEST_LENGTH;
121b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
122b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
123b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    /**
124b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * reset the chaining variables
125b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     */
126b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    public void reset()
127b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
128b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        super.reset();
129b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
130b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        /* SHA-256 initial hash value
131b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam         * The first 32 bits of the fractional parts of the square roots
132b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam         * of the first eight prime numbers
133b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam         */
134b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
135b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H1 = 0x6a09e667;
136b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H2 = 0xbb67ae85;
137b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H3 = 0x3c6ef372;
138b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H4 = 0xa54ff53a;
139b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H5 = 0x510e527f;
140b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H6 = 0x9b05688c;
141b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H7 = 0x1f83d9ab;
142b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H8 = 0x5be0cd19;
143b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
144b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        xOff = 0;
145b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        for (int i = 0; i != X.length; i++)
146b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
147b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            X[i] = 0;
148b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
149b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
150b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
151b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    protected void processBlock()
152b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
153b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        //
154b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        // expand 16 word block into 64 word blocks.
155b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        //
156b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        for (int t = 16; t <= 63; t++)
157b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
158b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            X[t] = Theta1(X[t - 2]) + X[t - 7] + Theta0(X[t - 15]) + X[t - 16];
159b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
160b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
161b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        //
162b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        // set up working variables.
163b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        //
164b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     a = H1;
165b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     b = H2;
166b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     c = H3;
167b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     d = H4;
168b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     e = H5;
169b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     f = H6;
170b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     g = H7;
171b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int     h = H8;
172b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
173b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int t = 0;
174b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        for(int i = 0; i < 8; i ++)
175b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
176b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            // t = 8 * i
177b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            h += Sum1(e) + Ch(e, f, g) + K[t] + X[t++];
178b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            d += h;
179b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            h += Sum0(a) + Maj(a, b, c);
180b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
181b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            // t = 8 * i + 1
182b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            g += Sum1(d) + Ch(d, e, f) + K[t] + X[t++];
183b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            c += g;
184b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            g += Sum0(h) + Maj(h, a, b);
185b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
186b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            // t = 8 * i + 2
187b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            f += Sum1(c) + Ch(c, d, e) + K[t] + X[t++];
188b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            b += f;
189b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            f += Sum0(g) + Maj(g, h, a);
190b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
191b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            // t = 8 * i + 3
192b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            e += Sum1(b) + Ch(b, c, d) + K[t] + X[t++];
193b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            a += e;
194b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            e += Sum0(f) + Maj(f, g, h);
195b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
196b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            // t = 8 * i + 4
197b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            d += Sum1(a) + Ch(a, b, c) + K[t] + X[t++];
198b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            h += d;
199b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            d += Sum0(e) + Maj(e, f, g);
200b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
201b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            // t = 8 * i + 5
202b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            c += Sum1(h) + Ch(h, a, b) + K[t] + X[t++];
203b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            g += c;
204b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            c += Sum0(d) + Maj(d, e, f);
205b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
206b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            // t = 8 * i + 6
207b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            b += Sum1(g) + Ch(g, h, a) + K[t] + X[t++];
208b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            f += b;
209b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            b += Sum0(c) + Maj(c, d, e);
210b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
211b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            // t = 8 * i + 7
212b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            a += Sum1(f) + Ch(f, g, h) + K[t] + X[t++];
213b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            e += a;
214b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            a += Sum0(b) + Maj(b, c, d);
215b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
216b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
217b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H1 += a;
218b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H2 += b;
219b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H3 += c;
220b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H4 += d;
221b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H5 += e;
222b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H6 += f;
223b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H7 += g;
224b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        H8 += h;
225b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
226b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        //
227b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        // reset the offset and clean out the word buffer.
228b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        //
229b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        xOff = 0;
230b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        for (int i = 0; i < 16; i++)
231b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        {
232b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam            X[i] = 0;
233b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        }
234b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
235b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
236b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    /* SHA-256 functions */
237b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int Ch(
238b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    x,
239b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    y,
240b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    z)
241b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
242b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return (x & y) ^ ((~x) & z);
243b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
244b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
245b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int Maj(
246b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    x,
247b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    y,
248b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    z)
249b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
250b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return (x & y) ^ (x & z) ^ (y & z);
251b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
252b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
253b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int Sum0(
254b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    x)
255b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
256b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return ((x >>> 2) | (x << 30)) ^ ((x >>> 13) | (x << 19)) ^ ((x >>> 22) | (x << 10));
257b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
258b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
259b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int Sum1(
260b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    x)
261b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
262b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return ((x >>> 6) | (x << 26)) ^ ((x >>> 11) | (x << 21)) ^ ((x >>> 25) | (x << 7));
263b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
264b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
265b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int Theta0(
266b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    x)
267b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
268b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return ((x >>> 7) | (x << 25)) ^ ((x >>> 18) | (x << 14)) ^ (x >>> 3);
269b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
270b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
271b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    private int Theta1(
272b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        int    x)
273b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    {
274b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        return ((x >>> 17) | (x << 15)) ^ ((x >>> 19) | (x << 13)) ^ (x >>> 10);
275b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    }
276b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
277b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    /* SHA-256 Constants
278b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * (represent the first 32 bits of the fractional parts of the
279b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     * cube roots of the first sixty-four prime numbers)
280b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam     */
281b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    static final int K[] = {
282b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
283b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
284b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
285b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
286b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
287b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
288b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam        0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
289b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam    };
290b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam}
291b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam
292