finish method

poly1305 finish(
Uint8List mac,
int macpos
)
Implementation

poly1305 finish(Uint8List mac, int macpos) {
  List<Int32> g = List<Int32>.filled(10, Int32());
  int  i;
  Int32 c, mask, f;

  if (_leftover != 0) {
    i = _leftover;
    _buffer[i++] = 1;
    for (; i < 16; i++) _buffer[i] = 0;
    _fin = 1;
    blocks(_buffer, 0, 16);
  }

  c = _h[1].shiftRightUnsigned(13);
  _h[1] &= 0x1fff;
  for (i = 2; i < 10; i++) {
    _h[i] = Int32(_h[i].toInt() + c.toInt());
    c = _h[i].shiftRightUnsigned(13);
    _h[i] &= 0x1fff;
  }
  _h[0] = Int32(_h[0].toInt() + (c.toInt() * 5));
  c = _h[0].shiftRightUnsigned(13);
  _h[0] &= 0x1fff;
  _h[1] = Int32(_h[1].toInt() + c.toInt());
  c = _h[1].shiftRightUnsigned(13);
  _h[1] &= 0x1fff;
  _h[2] = Int32(_h[2].toInt() + c.toInt());

  g[0] = Int32(_h[0].toInt() + 5);
  c = g[0].shiftRightUnsigned(13);
  g[0] &= 0x1fff;
  for (i = 1; i < 10; i++) {
    g[i] = Int32(_h[i].toInt() + c.toInt());
    c = g[i].shiftRightUnsigned(13);
    g[i] &= 0x1fff;
  }
  g[9] = Int32(g[9].toInt() - (1 << 13)); g[9] &= 0xffff;

  /*
                      backport from tweetnacl-fast.js https://github.com/dchest/tweetnacl-js/releases/tag/v0.14.3
                      <<<
                      "The issue was not properly detecting if st->h was >= 2^130 - 5,
                      coupled with [testing mistake] not catching the failure.
                      The chance of the bug affecting anything in the real world is essentially zero luckily,
                      but it's good to have it fixed."
                      >>>
                      */
  ///change mask = (g[9] >>> ((2 * 8) - 1)) - 1; to as
  mask = Int32((c ^ 1).toInt() - 1);
  mask &= 0xffff;
  ///////////////////////////////////////

  for (i = 0; i < 10; i++) g[i] &= mask;
  mask = ~mask;
  for (i = 0; i < 10; i++) _h[i] = (_h[i] & mask) | g[i];

  _h[0] = ((_h[0]       ) | (_h[1] << 13)                    ) & 0xffff;
  _h[1] = ((_h[1].shiftRightUnsigned( 3)) | (_h[2] << 10)                    ) & 0xffff;
  _h[2] = ((_h[2].shiftRightUnsigned( 6)) | (_h[3] <<  7)                    ) & 0xffff;
  _h[3] = ((_h[3].shiftRightUnsigned( 9)) | (_h[4] <<  4)                    ) & 0xffff;
  _h[4] = ((_h[4].shiftRightUnsigned(12)) | (_h[5] <<  1) | (_h[6] << 14)) & 0xffff;
  _h[5] = ((_h[6].shiftRightUnsigned( 2)) | (_h[7] << 11)                    ) & 0xffff;
  _h[6] = ((_h[7].shiftRightUnsigned( 5)) | (_h[8] <<  8)                    ) & 0xffff;
  _h[7] = ((_h[8].shiftRightUnsigned( 8)) | (_h[9] <<  5)                    ) & 0xffff;

  f = Int32(_h[0].toInt() + _pad[0].toInt());
  _h[0] = f & 0xffff;
  for (i = 1; i < 8; i++) {
    f = Int32((((_h[i].toInt() + _pad[i].toInt()) | 0) + (f.shiftRightUnsigned(16)).toInt()) | 0);
    _h[i] = f & 0xffff;
  }

  mac[macpos+ 0] = ((_h[0].shiftRightUnsigned(0 )) & 0xff).toInt();
  mac[macpos+ 1] = ((_h[0].shiftRightUnsigned(8 )) & 0xff).toInt();
  mac[macpos+ 2] = ((_h[1].shiftRightUnsigned(0 )) & 0xff).toInt();
  mac[macpos+ 3] = ((_h[1].shiftRightUnsigned(8 )) & 0xff).toInt();
  mac[macpos+ 4] = ((_h[2].shiftRightUnsigned(0 )) & 0xff).toInt();
  mac[macpos+ 5] = ((_h[2].shiftRightUnsigned(8 )) & 0xff).toInt();
  mac[macpos+ 6] = ((_h[3].shiftRightUnsigned(0 )) & 0xff).toInt();
  mac[macpos+ 7] = ((_h[3].shiftRightUnsigned(8 )) & 0xff).toInt();
  mac[macpos+ 8] = ((_h[4].shiftRightUnsigned(0 )) & 0xff).toInt();
  mac[macpos+ 9] = ((_h[4].shiftRightUnsigned(8 )) & 0xff).toInt();
  mac[macpos+10] = ((_h[5].shiftRightUnsigned(0 )) & 0xff).toInt();
  mac[macpos+11] = ((_h[5].shiftRightUnsigned(8 )) & 0xff).toInt();
  mac[macpos+12] = ((_h[6].shiftRightUnsigned(0 )) & 0xff).toInt();
  mac[macpos+13] = ((_h[6].shiftRightUnsigned(8 )) & 0xff).toInt();
  mac[macpos+14] = ((_h[7].shiftRightUnsigned(0 )) & 0xff).toInt();
  mac[macpos+15] = ((_h[7].shiftRightUnsigned(8 )) & 0xff).toInt();

  return this;
}
finish method

Implementation

poly1305 class
