aaac7fed
 liuqimichale
add
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
var Buffer = require('safe-buffer').Buffer
var ZEROES = Buffer.alloc(16, 0)
function toArray (buf) {
return [
buf.readUInt32BE(0),
buf.readUInt32BE(4),
buf.readUInt32BE(8),
buf.readUInt32BE(12)
]
}
function fromArray (out) {
var buf = Buffer.allocUnsafe(16)
buf.writeUInt32BE(out[0] >>> 0, 0)
buf.writeUInt32BE(out[1] >>> 0, 4)
buf.writeUInt32BE(out[2] >>> 0, 8)
buf.writeUInt32BE(out[3] >>> 0, 12)
return buf
}
function GHASH (key) {
this.h = key
this.state = Buffer.alloc(16, 0)
this.cache = Buffer.allocUnsafe(0)
}
// from http://bitwiseshiftleft.github.io/sjcl/doc/symbols/src/core_gcm.js.html
// by Juho Vähä-Herttua
GHASH.prototype.ghash = function (block) {
var i = -1
while (++i < block.length) {
this.state[i] ^= block[i]
}
this._multiply()
}
GHASH.prototype._multiply = function () {
var Vi = toArray(this.h)
var Zi = [0, 0, 0, 0]
var j, xi, lsbVi
var i = -1
while (++i < 128) {
xi = (this.state[~~(i / 8)] & (1 << (7 - (i % 8)))) !== 0
if (xi) {
// Z_i+1 = Z_i ^ V_i
Zi[0] ^= Vi[0]
Zi[1] ^= Vi[1]
Zi[2] ^= Vi[2]
Zi[3] ^= Vi[3]
}
// Store the value of LSB(V_i)
lsbVi = (Vi[3] & 1) !== 0
// V_i+1 = V_i >> 1
for (j = 3; j > 0; j--) {
Vi[j] = (Vi[j] >>> 1) | ((Vi[j - 1] & 1) << 31)
}
Vi[0] = Vi[0] >>> 1
// If LSB(V_i) is 1, V_i+1 = (V_i >> 1) ^ R
if (lsbVi) {
Vi[0] = Vi[0] ^ (0xe1 << 24)
}
}
this.state = fromArray(Zi)
}
GHASH.prototype.update = function (buf) {
this.cache = Buffer.concat([this.cache, buf])
var chunk
while (this.cache.length >= 16) {
chunk = this.cache.slice(0, 16)
this.cache = this.cache.slice(16)
this.ghash(chunk)
}
}
GHASH.prototype.final = function (abl, bl) {
if (this.cache.length) {
this.ghash(Buffer.concat([this.cache, ZEROES], 16))
}
this.ghash(fromArray([0, abl, 0, bl]))
return this.state
}
module.exports = GHASH
|
