< prev index next >
src/java.base/share/classes/com/sun/crypto/provider/GHASH.java
Print this page
*** 122,135 ****
st[0] = Z0;
st[1] = Z1;
}
! /* subkeyH and state are stored in long[] for GHASH intrinsic use */
! // hash subkey H; should not change after the object has been constructed
! private final long[] subkeyH;
// buffer for storing hash
private final long[] state;
// variables for save/restore calls
--- 122,135 ----
st[0] = Z0;
st[1] = Z1;
}
! /* subkeyHtbl and state are stored in long[] for GHASH intrinsic use */
! // hashtable subkeyHtbl; holds 2*9 powers of subkeyH computed using carry-less multiplication
! private long[] subkeyHtbl;
// buffer for storing hash
private final long[] state;
// variables for save/restore calls
*** 147,159 ****
GHASH(byte[] subkeyH) throws ProviderException {
if ((subkeyH == null) || subkeyH.length != AES_BLOCK_SIZE) {
throw new ProviderException("Internal error");
}
state = new long[2];
! this.subkeyH = new long[2];
! this.subkeyH[0] = getLong(subkeyH, 0);
! this.subkeyH[1] = getLong(subkeyH, 8);
}
/**
* Resets the GHASH object to its original state, i.e. blank w/
* the same subkey H. Used after digest() is called and to re-use
--- 147,159 ----
GHASH(byte[] subkeyH) throws ProviderException {
if ((subkeyH == null) || subkeyH.length != AES_BLOCK_SIZE) {
throw new ProviderException("Internal error");
}
state = new long[2];
! subkeyHtbl = new long[2*9];
! subkeyHtbl[0] = getLong(subkeyH, 0);
! subkeyHtbl[1] = getLong(subkeyH, 8);
}
/**
* Resets the GHASH object to its original state, i.e. blank w/
* the same subkey H. Used after digest() is called and to re-use
*** 192,203 ****
void update(byte[] in, int inOfs, int inLen) {
if (inLen == 0) {
return;
}
! ghashRangeCheck(in, inOfs, inLen, state, subkeyH);
! processBlocks(in, inOfs, inLen/AES_BLOCK_SIZE, state, subkeyH);
}
private static void ghashRangeCheck(byte[] in, int inOfs, int inLen, long[] st, long[] subH) {
if (inLen < 0) {
throw new RuntimeException("invalid input length: " + inLen);
--- 192,203 ----
void update(byte[] in, int inOfs, int inLen) {
if (inLen == 0) {
return;
}
! ghashRangeCheck(in, inOfs, inLen, state, subkeyHtbl);
! processBlocks(in, inOfs, inLen/AES_BLOCK_SIZE, state, subkeyHtbl);
}
private static void ghashRangeCheck(byte[] in, int inOfs, int inLen, long[] st, long[] subH) {
if (inLen < 0) {
throw new RuntimeException("invalid input length: " + inLen);
*** 217,228 ****
// These two checks are for C2 checking
if (st.length != 2) {
throw new RuntimeException("internal state has invalid length: " +
st.length);
}
! if (subH.length != 2) {
! throw new RuntimeException("internal subkeyH has invalid length: " +
subH.length);
}
}
/*
* This is an intrinsified method. The method's argument list must match
--- 217,228 ----
// These two checks are for C2 checking
if (st.length != 2) {
throw new RuntimeException("internal state has invalid length: " +
st.length);
}
! if (subH.length != 18) {
! throw new RuntimeException("internal subkeyHtbl has invalid length: " +
subH.length);
}
}
/*
* This is an intrinsified method. The method's argument list must match
< prev index next >