/*//////////////////////////////////////////////////////////////////////////
* THIS PROGRAM IS A DERIVATIVE OF AN EXISTING WORK :: 7 September 2010
* See: http://pajhome.org.uk/crypt/md5/scripts.html
*
* Significant but mostly superficial changes have been made to the structure of the
* source so that it conforms to the Joose3 object system for JavaScript
* See: http://joose.it/
/*//////////////////////////////////////////////////////////////////////////
Joose.Class('Hash.SHA512', {
/*VERSION*/VERSION : 0.06,
use : [ 'Int64' ],
my : {
has : {
sha512_k : {
is : 'rw',
init : null
}
},
methods : {
/*
* These are the functions you'll usually want to call
* They take string arguments and return either hex or base-64 encoded strings
*/
hex_sha512 : function (s) { return Encode.rstr2hex(this.rstr_sha512(Encode.str2rstr_utf8(s))) },
b64_sha512 : function (s) { return Encode.rstr2b64(this.rstr_sha512(Encode.str2rstr_utf8(s))) },
any_sha512 : function (s, e) { return Encode.rstr2any(this.rstr_sha512(Encode.str2rstr_utf8(s)), e)},
hex_hmac_sha512 : function (k, d) { return Encode.rstr2hex(this.rstr_hmac_sha512(Encode.str2rstr_utf8(k), Encode.str2rstr_utf8(d))) },
b64_hmac_sha512 : function (k, d) { return Encode.rstr2b64(this.rstr_hmac_sha512(Encode.str2rstr_utf8(k), Encode.str2rstr_utf8(d))) },
any_hmac_sha512 : function (k, d, e) { return Encode.rstr2any(this.rstr_hmac_sha512(Encode.str2rstr_utf8(k), Encode.str2rstr_utf8(d)), e)},
/*
* Perform a simple self-test to see if the VM is working
*/
sha512_vm_test : function () {
return this.hex_sha512('abc').toLowerCase() == 'ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f'
},
/*
* Calculate the SHA-512 of a raw string
*/
rstr_sha512 : function (s) {
return Encode.binb2rstr(this.binb_sha512(Encode.rstr2binb(s), s.length * 8))
},
/*
* Calculate the HMAC-SHA-512 of a key and some data (raw strings)
*/
rstr_hmac_sha512 : function (key, data) {
var bkey = Encode.rstr2binb(key)
if(bkey.length > 32) bkey = this.binb_sha512(bkey, key.length * 8)
var ipad = Array(32), opad = Array(32)
for(var i = 0; i < 32; i++) {
ipad[i] = bkey[i] ^ 0x36363636
opad[i] = bkey[i] ^ 0x5C5C5C5C
}
var hash = this.binb_sha512(ipad.concat(Encode.rstr2binb(data)), 1024 + data.length * 8)
return Encode.binb2rstr(this.binb_sha512(opad.concat(hash), 1024 + 512))
},
/*
* Calculate the SHA-512 of an array of big-endian dwords, and a bit length
*/
binb_sha512 : function (x, len) {
//Initial hash values
var H = new Array(
new Int64({ h : 0x6a09e667, l : -205731576}),
new Int64({ h : -1150833019, l : -2067093701}),
new Int64({ h : 0x3c6ef372, l : -23791573}),
new Int64({ h : -1521486534, l : 0x5f1d36f1}),
new Int64({ h : 0x510e527f, l : -1377402159}),
new Int64({ h : -1694144372, l : 0x2b3e6c1f}),
new Int64({ h : 0x1f83d9ab, l : -79577749}),
new Int64({ h : 0x5be0cd19, l : 0x137e2179})
)
var T1 = new Int64({ h : 0, l : 0}),
T2 = new Int64({ h : 0, l : 0}),
a = new Int64({ h : 0, l : 0}),
b = new Int64({ h : 0, l : 0}),
c = new Int64({ h : 0, l : 0}),
d = new Int64({ h : 0, l : 0}),
e = new Int64({ h : 0, l : 0}),
f = new Int64({ h : 0, l : 0}),
g = new Int64({ h : 0, l : 0}),
h = new Int64({ h : 0, l : 0}),
//Temporary variables not specified by the document
s0 = new Int64({ h : 0, l : 0}),
s1 = new Int64({ h : 0, l : 0}),
Ch = new Int64({ h : 0, l : 0}),
Maj = new Int64({ h : 0, l : 0}),
r1 = new Int64({ h : 0, l : 0}),
r2 = new Int64({ h : 0, l : 0}),
r3 = new Int64({ h : 0, l : 0})
var j, i
var W = new Array(80)
for(i=0; i<80; i++) {
W[i] = new Int64({ h : 0, l : 0})
}
// append padding to the source string. The format is described in the FIPS.
x[len >> 5] |= 0x80 << (24 - (len & 0x1f))
x[((len + 128 >> 10)<< 5) + 31] = len
for(i = 0; i<x.length; i+=32) { //32 dwords is the block size
Int64.copy(a, H[0])
Int64.copy(b, H[1])
Int64.copy(c, H[2])
Int64.copy(d, H[3])
Int64.copy(e, H[4])
Int64.copy(f, H[5])
Int64.copy(g, H[6])
Int64.copy(h, H[7])
for(j=0; j<16; j++) {
W[j].h = x[i + 2*j]
W[j].l = x[i + 2*j + 1]
}
for(j=16; j<80; j++) {
//sigma1
Int64.rrot(r1, W[j-2], 19)
Int64.revrrot(r2, W[j-2], 29)
Int64.shr(r3, W[j-2], 6)
s1.l = r1.l ^ r2.l ^ r3.l
s1.h = r1.h ^ r2.h ^ r3.h
//sigma0
Int64.rrot(r1, W[j-15], 1)
Int64.rrot(r2, W[j-15], 8)
Int64.shr(r3, W[j-15], 7)
s0.l = r1.l ^ r2.l ^ r3.l
s0.h = r1.h ^ r2.h ^ r3.h
Int64.add4(W[j], s1, W[j-7], s0, W[j-16])
}
for(j = 0; j < 80; j++) {
//Ch
Ch.l = (e.l & f.l) ^ (~e.l & g.l)
Ch.h = (e.h & f.h) ^ (~e.h & g.h)
//Sigma1
Int64.rrot(r1, e, 14)
Int64.rrot(r2, e, 18)
Int64.revrrot(r3, e, 9)
s1.l = r1.l ^ r2.l ^ r3.l
s1.h = r1.h ^ r2.h ^ r3.h
//Sigma0
Int64.rrot(r1, a, 28)
Int64.revrrot(r2, a, 2)
Int64.revrrot(r3, a, 7)
s0.l = r1.l ^ r2.l ^ r3.l
s0.h = r1.h ^ r2.h ^ r3.h
//Maj
Maj.l = (a.l & b.l) ^ (a.l & c.l) ^ (b.l & c.l)
Maj.h = (a.h & b.h) ^ (a.h & c.h) ^ (b.h & c.h)
Int64.add5(T1, h, s1, Ch, this.getSha512_k()[j], W[j])
Int64.add(T2, s0, Maj)
Int64.copy(h, g)
Int64.copy(g, f)
Int64.copy(f, e)
Int64.add(e, d, T1)
Int64.copy(d, c)
Int64.copy(c, b)
Int64.copy(b, a)
Int64.add(a, T1, T2)
}
Int64.add(H[0], H[0], a)
Int64.add(H[1], H[1], b)
Int64.add(H[2], H[2], c)
Int64.add(H[3], H[3], d)
Int64.add(H[4], H[4], e)
Int64.add(H[5], H[5], f)
Int64.add(H[6], H[6], g)
Int64.add(H[7], H[7], h)
}
//represent the hash as an array of 32-bit dwords
var hash = new Array(16)
for(i=0; i<8; i++) {
hash[2*i] = H[i].h
hash[2*i + 1] = H[i].l
}
return hash
},
initialize : function () {
this.setSha512_k(
new Array(
new Int64({ h : 0x428a2f98, l : -685199838}), new Int64({ h : 0x71374491, l : 0x23ef65cd}),
new Int64({ h : -1245643825, l : -330482897}), new Int64({ h : -373957723, l : -2121671748}),
new Int64({ h : 0x3956c25b, l : -213338824}), new Int64({ h : 0x59f111f1, l : -1241133031}),
new Int64({ h : -1841331548, l : -1357295717}), new Int64({ h : -1424204075, l : -630357736}),
new Int64({ h : -670586216, l : -1560083902}), new Int64({ h : 0x12835b01, l : 0x45706fbe}),
new Int64({ h : 0x243185be, l : 0x4ee4b28c}), new Int64({ h : 0x550c7dc3, l : -704662302}),
new Int64({ h : 0x72be5d74, l : -226784913}), new Int64({ h : -2132889090, l : 0x3b1696b1}),
new Int64({ h : -1680079193, l : 0x25c71235}), new Int64({ h : -1046744716, l : -815192428}),
new Int64({ h : -459576895, l : -1628353838}), new Int64({ h : -272742522, l : 0x384f25e3}),
new Int64({ h : 0xfc19dc6, l : -1953704523}), new Int64({ h : 0x240ca1cc, l : 0x77ac9c65}),
new Int64({ h : 0x2de92c6f, l : 0x592b0275}), new Int64({ h : 0x4a7484aa, l : 0x6ea6e483}),
new Int64({ h : 0x5cb0a9dc, l : -1119749164}), new Int64({ h : 0x76f988da, l : -2096016459}),
new Int64({ h : -1740746414, l : -295247957}), new Int64({ h : -1473132947, l : 0x2db43210}),
new Int64({ h : -1341970488, l : -1728372417}), new Int64({ h : -1084653625, l : -1091629340}),
new Int64({ h : -958395405, l : 0x3da88fc2}), new Int64({ h : -710438585, l : -1828018395}),
new Int64({ h : 0x6ca6351, l : -536640913}), new Int64({ h : 0x14292967, l : 0xa0e6e70}),
new Int64({ h : 0x27b70a85, l : 0x46d22ffc}), new Int64({ h : 0x2e1b2138, l : 0x5c26c926}),
new Int64({ h : 0x4d2c6dfc, l : 0x5ac42aed}), new Int64({ h : 0x53380d13, l : -1651133473}),
new Int64({ h : 0x650a7354, l : -1951439906}), new Int64({ h : 0x766a0abb, l : 0x3c77b2a8}),
new Int64({ h : -2117940946, l : 0x47edaee6}), new Int64({ h : -1838011259, l : 0x1482353b}),
new Int64({ h : -1564481375, l : 0x4cf10364}), new Int64({ h : -1474664885, l : -1136513023}),
new Int64({ h : -1035236496, l : -789014639}), new Int64({ h : -949202525, l : 0x654be30}),
new Int64({ h : -778901479, l : -688958952}), new Int64({ h : -694614492, l : 0x5565a910}),
new Int64({ h : -200395387, l : 0x5771202a}), new Int64({ h : 0x106aa070, l : 0x32bbd1b8}),
new Int64({ h : 0x19a4c116, l : -1194143544}), new Int64({ h : 0x1e376c08, l : 0x5141ab53}),
new Int64({ h : 0x2748774c, l : -544281703}), new Int64({ h : 0x34b0bcb5, l : -509917016}),
new Int64({ h : 0x391c0cb3, l : -976659869}), new Int64({ h : 0x4ed8aa4a, l : -482243893}),
new Int64({ h : 0x5b9cca4f, l : 0x7763e373}), new Int64({ h : 0x682e6ff3, l : -692930397}),
new Int64({ h : 0x748f82ee, l : 0x5defb2fc}), new Int64({ h : 0x78a5636f, l : 0x43172f60}),
new Int64({ h : -2067236844, l : -1578062990}), new Int64({ h : -1933114872, l : 0x1a6439ec}),
new Int64({ h : -1866530822, l : 0x23631e28}), new Int64({ h : -1538233109, l : -561857047}),
new Int64({ h : -1090935817, l : -1295615723}), new Int64({ h : -965641998, l : -479046869}),
new Int64({ h : -903397682, l : -366583396}), new Int64({ h : -779700025, l : 0x21c0c207}),
new Int64({ h : -354779690, l : -840897762}), new Int64({ h : -176337025, l : -294727304}),
new Int64({ h : 0x6f067aa, l : 0x72176fba}), new Int64({ h : 0xa637dc5, l : -1563912026}),
new Int64({ h : 0x113f9804, l : -1090974290}), new Int64({ h : 0x1b710b35, l : 0x131c471b}),
new Int64({ h : 0x28db77f5, l : 0x23047d84}), new Int64({ h : 0x32caab7b, l : 0x40c72493}),
new Int64({ h : 0x3c9ebe0a, l : 0x15c9bebc}), new Int64({ h : 0x431d67c4, l : -1676669620}),
new Int64({ h : 0x4cc5d4be, l : -885112138}), new Int64({ h : 0x597f299c, l : -60457430}),
new Int64({ h : 0x5fcb6fab, l : 0x3ad6faec}), new Int64({ h : 0x6c44198c, l : 0x4a475817}))
)
}
}
}
})
Joose.Class('Int64', {
my : {
methods : {
//Copies src into dst, assuming both are 64-bit numbers
copy : function (dst, src) {
dst.h = src.h
dst.l = src.l
},
//Right-rotates a 64-bit number by shift
//Won't handle cases of shift>=32
//The function revrrot() is for that
rrot : function (dst, x, shift) {
dst.l = (x.l >>> shift) | (x.h << (32-shift))
dst.h = (x.h >>> shift) | (x.l << (32-shift))
},
//Reverses the dwords of the source and then rotates right by shift.
//This is equivalent to rotation by 32+shift
revrrot : function (dst, x, shift) {
dst.l = (x.h >>> shift) | (x.l << (32-shift))
dst.h = (x.l >>> shift) | (x.h << (32-shift))
},
//Bitwise-shifts right a 64-bit number by shift
//Won't handle shift>=32, but it's never needed in SHA512
shr : function (dst, x, shift) {
dst.l = (x.l >>> shift) | (x.h << (32-shift))
dst.h = (x.h >>> shift)
},
//Adds two 64-bit numbers
//Like the original implementation, does not rely on 32-bit operations
add : function (dst, x, y) {
var w0 = (x.l & 0xffff) + (y.l & 0xffff)
var w1 = (x.l >>> 16) + (y.l >>> 16) + (w0 >>> 16)
var w2 = (x.h & 0xffff) + (y.h & 0xffff) + (w1 >>> 16)
var w3 = (x.h >>> 16) + (y.h >>> 16) + (w2 >>> 16)
dst.l = (w0 & 0xffff) | (w1 << 16)
dst.h = (w2 & 0xffff) | (w3 << 16)
},
//Same, except with 4 addends. Works faster than adding them one by one.
add4 : function (dst, a, b, c, d) {
var w0 = (a.l & 0xffff) + (b.l & 0xffff) + (c.l & 0xffff) + (d.l & 0xffff)
var w1 = (a.l >>> 16) + (b.l >>> 16) + (c.l >>> 16) + (d.l >>> 16) + (w0 >>> 16)
var w2 = (a.h & 0xffff) + (b.h & 0xffff) + (c.h & 0xffff) + (d.h & 0xffff) + (w1 >>> 16)
var w3 = (a.h >>> 16) + (b.h >>> 16) + (c.h >>> 16) + (d.h >>> 16) + (w2 >>> 16)
dst.l = (w0 & 0xffff) | (w1 << 16)
dst.h = (w2 & 0xffff) | (w3 << 16)
},
//Same, except with 5 addends
add5 : function (dst, a, b, c, d, e) {
var w0 = (a.l & 0xffff) + (b.l & 0xffff) + (c.l & 0xffff) + (d.l & 0xffff) + (e.l & 0xffff)
var w1 = (a.l >>> 16) + (b.l >>> 16) + (c.l >>> 16) + (d.l >>> 16) + (e.l >>> 16) + (w0 >>> 16)
var w2 = (a.h & 0xffff) + (b.h & 0xffff) + (c.h & 0xffff) + (d.h & 0xffff) + (e.h & 0xffff) + (w1 >>> 16)
var w3 = (a.h >>> 16) + (b.h >>> 16) + (c.h >>> 16) + (d.h >>> 16) + (e.h >>> 16) + (w2 >>> 16)
dst.l = (w0 & 0xffff) | (w1 << 16)
dst.h = (w2 & 0xffff) | (w3 << 16)
}
}
},
has : {
h : {
is : 'rw',
init : null
},
l : {
is : 'rw',
init : null
}
}
})
/*///////////////////// ORIGINAL LICENSE BELOW ////////////////////////////////
* A JavaScript implementation of the Secure Hash Algorithm, SHA-512, as defined
* in FIPS 180-2
* Version 2.2 Copyright Anonymous Contributor, Paul Johnston 2000 - 2009.
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
* Distributed under the BSD License
* All rights reserved.
*
* See http://pajhome.org.uk/crypt/md5 for details.
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* * Neither the name of the <ORGANIZATION> nor the names of its contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
/*///////////////////////////////////////////////////////////////////////////