Home Explore Help
Sign In
cecf
/
observe-server
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: a607ad5d8f
Branches Tags
observe-server
/
utils
/
sm
/
sm3.go

sm3.go 6.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244 
  1. package sm
    2. 

  2. 

  3. import (
    4. 

  4. 	"encoding/binary"
    5. 

  5. 	"hash"
    6. 

  6. )
    7. 

  7. 

  8. type SM3 struct {
    9. 

  9. 	digest      [8]uint32 // digest represents the partial evaluation of V
    10. 

  10. 	length      uint64    // length of the message
    11. 

  11. 	unhandleMsg []byte    // uint8  //
    12. 

  12. }
    13. 

  13. 

  14. func (sm3 *SM3) ff0(x, y, z uint32) uint32 { return x ^ y ^ z }
    15. 

  15. 

  16. func (sm3 *SM3) ff1(x, y, z uint32) uint32 { return (x & y) | (x & z) | (y & z) }
    17. 

  17. 

  18. func (sm3 *SM3) gg0(x, y, z uint32) uint32 { return x ^ y ^ z }
    19. 

  19. 

  20. func (sm3 *SM3) gg1(x, y, z uint32) uint32 { return (x & y) | (^x & z) }
    21. 

  21. 

  22. func (sm3 *SM3) p0(x uint32) uint32 { return x ^ sm3.leftRotate(x, 9) ^ sm3.leftRotate(x, 17) }
    23. 

  23. 

  24. func (sm3 *SM3) p1(x uint32) uint32 { return x ^ sm3.leftRotate(x, 15) ^ sm3.leftRotate(x, 23) }
    25. 

  25. 

  26. func (sm3 *SM3) leftRotate(x uint32, i uint32) uint32 { return x<<(i%32) | x>>(32-i%32) }
    27. 

  27. 

  28. func (sm3 *SM3) pad() []byte {
    29. 

  29. 	msg := sm3.unhandleMsg
    30. 

  30. 	msg = append(msg, 0x80) // Append '1'
    31. 

  31. 	blockSize := 64         // Append until the resulting message length (in bits) is congruent to 448 (mod 512)
    32. 

  32. 	for len(msg)%blockSize != 56 {
    33. 

  33. 		msg = append(msg, 0x00)
    34. 

  34. 	}
    35. 

  35. 	// append message length
    36. 

  36. 	msg = append(msg, uint8(sm3.length>>56&0xff))
    37. 

  37. 	msg = append(msg, uint8(sm3.length>>48&0xff))
    38. 

  38. 	msg = append(msg, uint8(sm3.length>>40&0xff))
    39. 

  39. 	msg = append(msg, uint8(sm3.length>>32&0xff))
    40. 

  40. 	msg = append(msg, uint8(sm3.length>>24&0xff))
    41. 

  41. 	msg = append(msg, uint8(sm3.length>>16&0xff))
    42. 

  42. 	msg = append(msg, uint8(sm3.length>>8&0xff))
    43. 

  43. 	msg = append(msg, uint8(sm3.length>>0&0xff))
    44. 

  44. 

  45. 	if len(msg)%64 != 0 {
    46. 

  46. 		panic("------SM3 Pad: error msgLen =")
    47. 

  47. 	}
    48. 

  48. 	return msg
    49. 

  49. }
    50. 

  50. 

  51. func (sm3 *SM3) update(msg []byte) {
    52. 

  52. 	var w [68]uint32
    53. 

  53. 	var w1 [64]uint32
    54. 

  54. 

  55. 	a, b, c, d, e, f, g, h := sm3.digest[0], sm3.digest[1], sm3.digest[2], sm3.digest[3], sm3.digest[4], sm3.digest[5], sm3.digest[6], sm3.digest[7]
    56. 

  56. 	for len(msg) >= 64 {
    57. 

  57. 		for i := 0; i < 16; i++ {
    58. 

  58. 			w[i] = binary.BigEndian.Uint32(msg[4*i : 4*(i+1)])
    59. 

  59. 		}
    60. 

  60. 		for i := 16; i < 68; i++ {
    61. 

  61. 			w[i] = sm3.p1(w[i-16]^w[i-9]^sm3.leftRotate(w[i-3], 15)) ^ sm3.leftRotate(w[i-13], 7) ^ w[i-6]
    62. 

  62. 		}
    63. 

  63. 		for i := 0; i < 64; i++ {
    64. 

  64. 			w1[i] = w[i] ^ w[i+4]
    65. 

  65. 		}
    66. 

  66. 		A, B, C, D, E, F, G, H := a, b, c, d, e, f, g, h
    67. 

  67. 		for i := 0; i < 16; i++ {
    68. 

  68. 			SS1 := sm3.leftRotate(sm3.leftRotate(A, 12)+E+sm3.leftRotate(0x79cc4519, uint32(i)), 7)
    69. 

  69. 			SS2 := SS1 ^ sm3.leftRotate(A, 12)
    70. 

  70. 			TT1 := sm3.ff0(A, B, C) + D + SS2 + w1[i]
    71. 

  71. 			TT2 := sm3.gg0(E, F, G) + H + SS1 + w[i]
    72. 

  72. 			D = C
    73. 

  73. 			C = sm3.leftRotate(B, 9)
    74. 

  74. 			B = A
    75. 

  75. 			A = TT1
    76. 

  76. 			H = G
    77. 

  77. 			G = sm3.leftRotate(F, 19)
    78. 

  78. 			F = E
    79. 

  79. 			E = sm3.p0(TT2)
    80. 

  80. 		}
    81. 

  81. 		for i := 16; i < 64; i++ {
    82. 

  82. 			SS1 := sm3.leftRotate(sm3.leftRotate(A, 12)+E+sm3.leftRotate(0x7a879d8a, uint32(i)), 7)
    83. 

  83. 			SS2 := SS1 ^ sm3.leftRotate(A, 12)
    84. 

  84. 			TT1 := sm3.ff1(A, B, C) + D + SS2 + w1[i]
    85. 

  85. 			TT2 := sm3.gg1(E, F, G) + H + SS1 + w[i]
    86. 

  86. 			D = C
    87. 

  87. 			C = sm3.leftRotate(B, 9)
    88. 

  88. 			B = A
    89. 

  89. 			A = TT1
    90. 

  90. 			H = G
    91. 

  91. 			G = sm3.leftRotate(F, 19)
    92. 

  92. 			F = E
    93. 

  93. 			E = sm3.p0(TT2)
    94. 

  94. 		}
    95. 

  95. 		a ^= A
    96. 

  96. 		b ^= B
    97. 

  97. 		c ^= C
    98. 

  98. 		d ^= D
    99. 

  99. 		e ^= E
    100. 

  100. 		f ^= F
    101. 

  101. 		g ^= G
    102. 

  102. 		h ^= H
    103. 

  103. 		msg = msg[64:]
    104. 

  104. 	}
    105. 

  105. 	sm3.digest[0], sm3.digest[1], sm3.digest[2], sm3.digest[3], sm3.digest[4], sm3.digest[5], sm3.digest[6], sm3.digest[7] = a, b, c, d, e, f, g, h
    106. 

  106. }
    107. 

  107. func (sm3 *SM3) update2(msg []byte) [8]uint32 {
    108. 

  108. 	var w [68]uint32
    109. 

  109. 	var w1 [64]uint32
    110. 

  110. 

  111. 	a, b, c, d, e, f, g, h := sm3.digest[0], sm3.digest[1], sm3.digest[2], sm3.digest[3], sm3.digest[4], sm3.digest[5], sm3.digest[6], sm3.digest[7]
    112. 

  112. 	for len(msg) >= 64 {
    113. 

  113. 		for i := 0; i < 16; i++ {
    114. 

  114. 			w[i] = binary.BigEndian.Uint32(msg[4*i : 4*(i+1)])
    115. 

  115. 		}
    116. 

  116. 		for i := 16; i < 68; i++ {
    117. 

  117. 			w[i] = sm3.p1(w[i-16]^w[i-9]^sm3.leftRotate(w[i-3], 15)) ^ sm3.leftRotate(w[i-13], 7) ^ w[i-6]
    118. 

  118. 		}
    119. 

  119. 		for i := 0; i < 64; i++ {
    120. 

  120. 			w1[i] = w[i] ^ w[i+4]
    121. 

  121. 		}
    122. 

  122. 		A, B, C, D, E, F, G, H := a, b, c, d, e, f, g, h
    123. 

  123. 		for i := 0; i < 16; i++ {
    124. 

  124. 			SS1 := sm3.leftRotate(sm3.leftRotate(A, 12)+E+sm3.leftRotate(0x79cc4519, uint32(i)), 7)
    125. 

  125. 			SS2 := SS1 ^ sm3.leftRotate(A, 12)
    126. 

  126. 			TT1 := sm3.ff0(A, B, C) + D + SS2 + w1[i]
    127. 

  127. 			TT2 := sm3.gg0(E, F, G) + H + SS1 + w[i]
    128. 

  128. 			D = C
    129. 

  129. 			C = sm3.leftRotate(B, 9)
    130. 

  130. 			B = A
    131. 

  131. 			A = TT1
    132. 

  132. 			H = G
    133. 

  133. 			G = sm3.leftRotate(F, 19)
    134. 

  134. 			F = E
    135. 

  135. 			E = sm3.p0(TT2)
    136. 

  136. 		}
    137. 

  137. 		for i := 16; i < 64; i++ {
    138. 

  138. 			SS1 := sm3.leftRotate(sm3.leftRotate(A, 12)+E+sm3.leftRotate(0x7a879d8a, uint32(i)), 7)
    139. 

  139. 			SS2 := SS1 ^ sm3.leftRotate(A, 12)
    140. 

  140. 			TT1 := sm3.ff1(A, B, C) + D + SS2 + w1[i]
    141. 

  141. 			TT2 := sm3.gg1(E, F, G) + H + SS1 + w[i]
    142. 

  142. 			D = C
    143. 

  143. 			C = sm3.leftRotate(B, 9)
    144. 

  144. 			B = A
    145. 

  145. 			A = TT1
    146. 

  146. 			H = G
    147. 

  147. 			G = sm3.leftRotate(F, 19)
    148. 

  148. 			F = E
    149. 

  149. 			E = sm3.p0(TT2)
    150. 

  150. 		}
    151. 

  151. 		a ^= A
    152. 

  152. 		b ^= B
    153. 

  153. 		c ^= C
    154. 

  154. 		d ^= D
    155. 

  155. 		e ^= E
    156. 

  156. 		f ^= F
    157. 

  157. 		g ^= G
    158. 

  158. 		h ^= H
    159. 

  159. 		msg = msg[64:]
    160. 

  160. 	}
    161. 

  161. 	var digest [8]uint32
    162. 

  162. 	digest[0], digest[1], digest[2], digest[3], digest[4], digest[5], digest[6], digest[7] = a, b, c, d, e, f, g, h
    163. 

  163. 	return digest
    164. 

  164. }
    165. 

  165. 

  166. // 创建哈希计算实例
    167. 

  167. func New() hash.Hash {
    168. 

  168. 	var sm3 SM3
    169. 

  169. 

  170. 	sm3.Reset()
    171. 

  171. 	return &sm3
    172. 

  172. }
    173. 

  173. 

  174. // BlockSize returns the hash's underlying block size.
    175. 

  175. // The Write method must be able to accept any amount
    176. 

  176. // of data, but it may operate more efficiently if all writes
    177. 

  177. // are a multiple of the block size.
    178. 

  178. func (sm3 *SM3) BlockSize() int { return 64 }
    179. 

  179. 

  180. // Size returns the number of bytes Sum will return.
    181. 

  181. func (sm3 *SM3) Size() int { return 32 }
    182. 

  182. 

  183. // Reset clears the internal state by zeroing bytes in the state buffer.
    184. 

  184. // This can be skipped for a newly-created hash state; the default zero-allocated state is correct.
    185. 

  185. func (sm3 *SM3) Reset() {
    186. 

  186. 	// Reset digest
    187. 

  187. 	sm3.digest[0] = 0x7380166f
    188. 

  188. 	sm3.digest[1] = 0x4914b2b9
    189. 

  189. 	sm3.digest[2] = 0x172442d7
    190. 

  190. 	sm3.digest[3] = 0xda8a0600
    191. 

  191. 	sm3.digest[4] = 0xa96f30bc
    192. 

  192. 	sm3.digest[5] = 0x163138aa
    193. 

  193. 	sm3.digest[6] = 0xe38dee4d
    194. 

  194. 	sm3.digest[7] = 0xb0fb0e4e
    195. 

  195. 

  196. 	sm3.length = 0 // Reset numberic states
    197. 

  197. 	sm3.unhandleMsg = []byte{}
    198. 

  198. }
    199. 

  199. 

  200. // Write (via the embedded io.Writer interface) adds more data to the running hash.
    201. 

  201. // It never returns an error.
    202. 

  202. func (sm3 *SM3) Write(p []byte) (int, error) {
    203. 

  203. 	toWrite := len(p)
    204. 

  204. 	sm3.length += uint64(len(p) * 8)
    205. 

  205. 	msg := append(sm3.unhandleMsg, p...)
    206. 

  206. 	nblocks := len(msg) / sm3.BlockSize()
    207. 

  207. 	sm3.update(msg)
    208. 

  208. 	// Update unhandleMsg
    209. 

  209. 	sm3.unhandleMsg = msg[nblocks*sm3.BlockSize():]
    210. 

  210. 

  211. 	return toWrite, nil
    212. 

  212. }
    213. 

  213. 

  214. // 返回SM3哈希算法摘要值
    215. 

  215. // Sum appends the current hash to b and returns the resulting slice.
    216. 

  216. // It does not change the underlying hash state.
    217. 

  217. func (sm3 *SM3) Sum(in []byte) []byte {
    218. 

  218. 	_, _ = sm3.Write(in)
    219. 

  219. 	msg := sm3.pad()
    220. 

  220. 	//Finalize
    221. 

  221. 	digest := sm3.update2(msg)
    222. 

  222. 

  223. 	// save hash to in
    224. 

  224. 	needed := sm3.Size()
    225. 

  225. 	if cap(in)-len(in) < needed {
    226. 

  226. 		newIn := make([]byte, len(in), len(in)+needed)
    227. 

  227. 		copy(newIn, in)
    228. 

  228. 		in = newIn
    229. 

  229. 	}
    230. 

  230. 	out := in[len(in) : len(in)+needed]
    231. 

  231. 	for i := 0; i < 8; i++ {
    232. 

  232. 		binary.BigEndian.PutUint32(out[i*4:], digest[i])
    233. 

  233. 	}
    234. 

  234. 	return out
    235. 

  235. 

  236. }
    237. 

  237. 

  238. func Sm3Sum(data []byte) []byte {
    239. 

  239. 	var sm3 SM3
    240. 

  240. 

  241. 	sm3.Reset()
    242. 

  242. 	_, _ = sm3.Write(data)
    243. 

  243. 	return sm3.Sum(nil)
    244. 

  244. }
    245.