Update SparkleDigest

Author: gefeili

core/src/main/java/org/bouncycastle/crypto/digests/AsconBaseDigest.java

@@ -16,9 +16,8 @@ abstract class AsconBaseDigest
 
     protected AsconBaseDigest()
     {
+        super(ProcessingBufferType.Immediate, 8);
         DigestSize = 32;
-        BlockSize = 8;
-        m_buf = new byte[BlockSize];
     }
 
     private void round(long C)

core/src/main/java/org/bouncycastle/crypto/digests/AsconXof128.java

@@ -18,7 +18,7 @@ public class AsconXof128
     extends AsconBaseDigest
     implements Xof
 {
-    private boolean m_squeezing = false;
+    private boolean m_squeezing;
 
     public AsconXof128()
     {
@@ -96,12 +96,6 @@ public int doFinal(byte[] output, int outOff, int outLen)
         return rlt;
     }
 
-    @Override
-    public int getByteLength()
-    {
-        return 8;
-    }
-
     @Override
     public void reset()
     {

core/src/main/java/org/bouncycastle/crypto/digests/BufferBaseDigest.java

@@ -7,11 +7,94 @@
 public abstract class BufferBaseDigest
     implements ExtendedDigest
 {
+    protected enum ProcessingBufferType
+    {
+        Buffered,
+        Immediate,
+    }
+
     protected int DigestSize;
     protected int BlockSize;
     protected byte[] m_buf;
     protected int m_bufPos;
     protected String algorithmName;
+    protected ProcessingBuffer processor;
+
+    protected BufferBaseDigest(ProcessingBufferType type, int BlockSize)
+    {
+        this.BlockSize = BlockSize;
+        m_buf = new byte[BlockSize];
+        switch (type)
+        {
+        case Buffered:
+            processor = new BufferedProcessor();
+            break;
+        case Immediate:
+            processor = new ImmediateProcessor();
+            break;
+        }
+    }
+
+    protected interface ProcessingBuffer
+    {
+        void update(byte input);
+
+        boolean isLengthWithinAvailableSpace(int len, int available);
+
+        boolean isLengthExceedingBlockSize(int len, int size);
+    }
+
+    private class BufferedProcessor
+        implements ProcessingBuffer
+    {
+        public void update(byte input)
+        {
+            if (m_bufPos == BlockSize)
+            {
+                processBytes(m_buf, 0);
+                m_bufPos = 0;
+            }
+            m_buf[m_bufPos++] = input;
+        }
+
+        @Override
+        public boolean isLengthWithinAvailableSpace(int len, int available)
+        {
+            return len <= available;
+        }
+
+        @Override
+        public boolean isLengthExceedingBlockSize(int len, int size)
+        {
+            return len > size;
+        }
+    }
+
+    private class ImmediateProcessor
+        implements ProcessingBuffer
+    {
+        public void update(byte input)
+        {
+            m_buf[m_bufPos] = input;
+            if (++m_bufPos == BlockSize)
+            {
+                processBytes(m_buf, 0);
+                m_bufPos = 0;
+            }
+        }
+
+        @Override
+        public boolean isLengthWithinAvailableSpace(int len, int available)
+        {
+            return len < available;
+        }
+
+        @Override
+        public boolean isLengthExceedingBlockSize(int len, int size)
+        {
+            return len >= size;
+        }
+    }
 
     @Override
     public String getAlgorithmName()
@@ -34,12 +117,7 @@ public int getByteLength()
     @Override
     public void update(byte in)
     {
-        m_buf[m_bufPos] = in;
-        if (++m_bufPos == BlockSize)
-        {
-            processBytes(m_buf, 0);
-            m_bufPos = 0;
-        }
+        processor.update(in);
     }
 
     @Override
@@ -50,27 +128,27 @@ public void update(byte[] input, int inOff, int len)
             throw new DataLengthException("input buffer too short");
         }
         int available = BlockSize - m_bufPos;
-        if (len < available)
+        if (processor.isLengthWithinAvailableSpace(len, available))
         {
             System.arraycopy(input, inOff, m_buf, m_bufPos, len);
             m_bufPos += len;
             return;
         }
-        int inPos = 0;
         if (m_bufPos > 0)
         {
             System.arraycopy(input, inOff, m_buf, m_bufPos, available);
-            inPos += available;
+            inOff += available;
+            len -= available;
             processBytes(m_buf, 0);
         }
-        int remaining;
-        while ((remaining = len - inPos) >= BlockSize)
+        while (processor.isLengthExceedingBlockSize(len, BlockSize))
         {
-            processBytes(input, inOff + inPos);
-            inPos += BlockSize;
+            processBytes(input, inOff);
+            inOff += BlockSize;
+            len -= BlockSize;
         }
-        System.arraycopy(input, inOff + inPos, m_buf, 0, remaining);
-        m_bufPos = remaining;
+        System.arraycopy(input, inOff, m_buf, 0, len);
+        m_bufPos = len;
     }
 
     @Override
@@ -86,5 +164,6 @@ public int doFinal(byte[] output, int outOff)
     }
 
     protected abstract void processBytes(byte[] input, int inOff);
+
     protected abstract void finish(byte[] output, int outOff);
 }

core/src/main/java/org/bouncycastle/crypto/digests/ISAPDigest.java

@@ -19,9 +19,8 @@ public class ISAPDigest
 
     public ISAPDigest()
     {
+        super(ProcessingBufferType.Immediate, 8);
         DigestSize = 32;
-        BlockSize = 8;
-        m_buf = new byte[BlockSize];
         algorithmName = "ISAP Hash";
         reset();
     }

core/src/main/java/org/bouncycastle/crypto/digests/PhotonBeetleDigest.java

@@ -43,13 +43,12 @@ public class PhotonBeetleDigest
 
     public PhotonBeetleDigest()
     {
+        super(ProcessingBufferType.Buffered, 4);
         state = new byte[STATE_INBYTES];
         state_2d = new byte[D][D];
         DigestSize = 32;
         algorithmName = "Photon-Beetle Hash";
-        BlockSize = 4;
         blockCount = 0;
-        m_buf = new byte[BlockSize];
     }
 
     @Override
@@ -93,7 +92,7 @@ else if (blockCount == 4 && m_bufPos == 0)
             {
                 state[m_bufPos] ^= 0x01; // ozs
             }
-            state[STATE_INBYTES - 1] ^= (m_bufPos == 0 ? (byte)1 : (byte)2) << LAST_THREE_BITS_OFFSET;
+            state[STATE_INBYTES - 1] ^= (m_bufPos % BlockSize == 0 ? (byte)1 : (byte)2) << LAST_THREE_BITS_OFFSET;
         }
         PHOTON_Permutation();
         int SQUEEZE_RATE_INBYTES = 16;

core/src/main/java/org/bouncycastle/crypto/digests/SparkleDigest.java

@@ -1,8 +1,5 @@
 package org.bouncycastle.crypto.digests;
 
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.OutputLengthException;
 import org.bouncycastle.crypto.engines.SparkleEngine;
 import org.bouncycastle.util.Arrays;
 import org.bouncycastle.util.Integers;
@@ -14,7 +11,7 @@
  * Specification: https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/sparkle-spec-final.pdf
  */
 public class SparkleDigest
-    implements ExtendedDigest
+    extends BufferBaseDigest
 {
     public static class Friend
     {
@@ -27,129 +24,54 @@ public enum SparkleParameters
         ESCH256,
         ESCH384
     }
-
-    private static final int RATE_BYTES = 16;
     private static final int RATE_WORDS = 4;
-
-    private String algorithmName;
     private final int[] state;
-    private final byte[] m_buf = new byte[RATE_BYTES];
-    private final int DIGEST_BYTES;
     private final int SPARKLE_STEPS_SLIM;
     private final int SPARKLE_STEPS_BIG;
     private final int STATE_WORDS;
 
-    private int m_bufPos = 0;
-
     public SparkleDigest(SparkleParameters sparkleParameters)
     {
+        super(ProcessingBufferType.Buffered, 16);
         switch (sparkleParameters)
         {
         case ESCH256:
             algorithmName = "ESCH-256";
-            DIGEST_BYTES = 32;
+            DigestSize = 32;
             SPARKLE_STEPS_SLIM = 7;
             SPARKLE_STEPS_BIG = 11;
             STATE_WORDS = 12;
             break;
         case ESCH384:
             algorithmName = "ESCH-384";
-            DIGEST_BYTES = 48;
+            DigestSize = 48;
             SPARKLE_STEPS_SLIM = 8;
             SPARKLE_STEPS_BIG = 12;
             STATE_WORDS = 16;
             break;
         default:
             throw new IllegalArgumentException("Invalid definition of SCHWAEMM instance");
         }
-
         state = new int[STATE_WORDS];
     }
 
     @Override
-    public String getAlgorithmName()
-    {
-        return algorithmName;
-    }
-
-    @Override
-    public int getDigestSize()
-    {
-        return DIGEST_BYTES;
-    }
-
-    @Override
-    public int getByteLength()
-    {
-        return RATE_BYTES;
-    }
-
-    @Override
-    public void update(byte input)
-    {
-        if (m_bufPos == RATE_BYTES)
-        {
-            processBlock(m_buf, 0, SPARKLE_STEPS_SLIM);
-            m_bufPos = 0;
-        }
-
-        m_buf[m_bufPos++] = input;
-    }
-
-    @Override
-    public void update(byte[] in, int inOff, int len)
+    protected void processBytes(byte[] input, int inOff)
     {
-        if (inOff > in.length - len)
-        {
-            throw new DataLengthException(algorithmName + " input buffer too short");
-        }
-
-        if (len < 1)
-            return;
-
-        int available = RATE_BYTES - m_bufPos;
-        if (len <= available)
-        {
-            System.arraycopy(in, inOff, m_buf, m_bufPos, len);
-            m_bufPos += len;
-            return;
-        }
-
-        int inPos = 0;
-        if (m_bufPos > 0)
-        {
-            System.arraycopy(in, inOff, m_buf, m_bufPos, available);
-            processBlock(m_buf, 0, SPARKLE_STEPS_SLIM);
-            inPos += available;
-        }
-
-        int remaining;
-        while ((remaining = len - inPos) > RATE_BYTES)
-        {
-            processBlock(in, inOff + inPos, SPARKLE_STEPS_SLIM);
-            inPos += RATE_BYTES;
-        }
-
-        System.arraycopy(in, inOff + inPos, m_buf, 0, remaining);
-        m_bufPos = remaining;
+        processBlock(input, inOff, SPARKLE_STEPS_SLIM);
     }
 
     @Override
-    public int doFinal(byte[] output, int outOff)
+    protected void finish(byte[] output, int outOff)
     {
-        if (outOff > output.length - DIGEST_BYTES)
-        {
-            throw new OutputLengthException(algorithmName + " input buffer too short");
-        }
-
         // addition of constant M1 or M2 to the state
-        if (m_bufPos < RATE_BYTES)
+        if (m_bufPos < BlockSize)
         {
             state[(STATE_WORDS >> 1) - 1] ^= 1 << 24;
 
             // padding
             m_buf[m_bufPos] = (byte)0x80;
-            while(++m_bufPos < RATE_BYTES)
+            while(++m_bufPos < BlockSize)
             {
                 m_buf[m_bufPos] = 0x00;
             }
@@ -175,9 +97,6 @@ public int doFinal(byte[] output, int outOff)
             SparkleEngine.sparkle_opt12(Friend.INSTANCE, state, SPARKLE_STEPS_SLIM);
             Pack.intToLittleEndian(state, 0, RATE_WORDS, output, outOff + 16);
         }
-
-        reset();
-        return DIGEST_BYTES;
     }
 
     @Override

core/src/main/java/org/bouncycastle/crypto/digests/XoodyakDigest.java

@@ -31,10 +31,9 @@ enum MODE
 
     public XoodyakDigest()
     {
+        super(ProcessingBufferType.Immediate, 16);
         DigestSize = 32;
         state = new byte[48];
-        BlockSize = 16;
-        m_buf = new byte[BlockSize];
         algorithmName = "Xoodyak Hash";
         reset();
     }