001/** 002 * 003 * Copyright (c) 2014, the Railo Company Ltd. All rights reserved. 004 * 005 * This library is free software; you can redistribute it and/or 006 * modify it under the terms of the GNU Lesser General Public 007 * License as published by the Free Software Foundation; either 008 * version 2.1 of the License, or (at your option) any later version. 009 * 010 * This library is distributed in the hope that it will be useful, 011 * but WITHOUT ANY WARRANTY; without even the implied warranty of 012 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 013 * Lesser General Public License for more details. 014 * 015 * You should have received a copy of the GNU Lesser General Public 016 * License along with this library. If not, see <http://www.gnu.org/licenses/>. 017 * 018 **/ 019package lucee.runtime.crypt; 020 021public final class SHA1 { 022 023 024 025 026 027 /** size of a SHA-1 digest in octets */ 028 029 public final static int DIGEST_SIZE = 20; 030 031 032 033 034 035 // members 036 037 private int[] m_state; 038 039 private long m_lCount; 040 041 private byte[] m_digestBits; 042 043 private int[] m_block; 044 045 private int m_nBlockIndex; 046 047 048 049 050 051 /** 052 053 * constructor 054 055 */ 056 057 public SHA1() { 058 059 m_state = new int[5]; 060 061 m_block = new int[16]; 062 063 m_digestBits = new byte[DIGEST_SIZE]; 064 065 reset(); 066 067 }; 068 069 070 071 072 073 /** 074 075 * clears all data, use reset() to start again 076 077 */ 078 079 public void clear() { 080 081 int nI; 082 083 for (nI = 0; nI < m_state.length; nI++) 084 085 m_state[nI] = 0; 086 087 m_lCount = 0; 088 089 for (nI = 0; nI < m_digestBits.length; nI++) 090 091 m_digestBits[nI] = 0; 092 093 for (nI = 0; nI < m_block.length; nI++) 094 095 m_block[nI] = 0; 096 097 m_nBlockIndex = 0; 098 099 }; 100 101 102 103 104 105 106 107 // some helper methods... 108 109 110 111 final int rol(int nValue, 112 113 int nBits) { 114 115 116 117 return ((nValue << nBits) | (nValue >>> (32 - nBits))); 118 119 }; 120 121 122 123 final int blk0(int nI) { 124 125 return (m_block[nI] = (rol(m_block[nI],24) & 0xff00ff00) | 126 127 (rol(m_block[nI], 8) & 0x00ff00ff)); 128 129 }; 130 131 132 133 final int blk(int nI) { 134 135 return (m_block[nI & 15] = rol(m_block[(nI + 13) & 15] ^ m_block[(nI + 8) & 15] ^ 136 137 m_block[(nI + 2) & 15] ^ m_block[nI & 15], 1)); 138 139 }; 140 141 142 143 final void r0(int data[], 144 145 int nV, 146 147 int nW, 148 149 int nX , 150 151 int nY, 152 153 int nZ, 154 155 int nI) { 156 157 data[nZ] += ((data[nW] & (data[nX] ^ data[nY])) ^ data[nY]) + 158 159 blk0(nI) + 160 161 0x5a827999 + 162 163 rol(data[nV] ,5); 164 165 data[nW] = rol(data[nW], 30); 166 167 }; 168 169 170 171 final void r1(int data[], 172 173 int nV, 174 175 int nW, 176 177 int nX, 178 179 int nY, 180 181 int nZ, 182 183 int nI) { 184 185 data[nZ] += ((data[nW] & (data[nX] ^ data[nY])) ^ data[nY]) + 186 187 blk(nI) + 188 189 0x5a827999 + 190 191 rol(data[nV] ,5); 192 193 data[nW] = rol(data[nW], 30); 194 195 }; 196 197 198 199 final void r2(int data[], 200 201 int nV, 202 203 int nW, 204 205 int nX, 206 207 int nY, 208 209 int nZ, 210 211 int nI) { 212 213 data[nZ] += (data[nW] ^ data[nX] ^ data[nY]) + 214 215 blk(nI) + 216 217 0x6eD9eba1 + 218 219 rol(data[nV] ,5); 220 221 data[nW] = rol(data[nW], 30); 222 223 }; 224 225 226 227 final void r3(int data[], 228 229 int nV, 230 231 int nW, 232 233 int nX, 234 235 int nY, 236 237 int nZ, 238 239 int nI) { 240 241 data[nZ] += (((data[nW] | data[nX]) & data[nY]) | (data[nW] & data[nX])) + 242 243 blk(nI) + 244 245 0x8f1bbcdc + 246 247 rol(data[nV] ,5); 248 249 data[nW] = rol(data[nW], 30); 250 251 }; 252 253 254 255 final void r4(int data[], 256 257 int nV, 258 259 int nW, 260 261 int nX, 262 263 int nY, 264 265 int nZ, 266 267 int nI) { 268 269 data[nZ] += (data[nW] ^ data[nX] ^ data[nY]) + 270 271 blk(nI) + 272 273 0xca62c1d6 + 274 275 rol(data[nV] ,5); 276 277 data[nW] = rol(data[nW], 30); 278 279 }; 280 281 282 283 void transform() { 284 285 286 287 int[] dd = new int[5]; 288 289 dd[0] = m_state[0]; 290 291 dd[1] = m_state[1]; 292 293 dd[2] = m_state[2]; 294 295 dd[3] = m_state[3]; 296 297 dd[4] = m_state[4]; 298 299 r0(dd, 0, 1, 2, 3, 4, 0); r0(dd, 4, 0, 1, 2, 3, 1); 300 301 r0(dd, 3, 4, 0, 1, 2, 2); r0(dd, 2, 3, 4, 0, 1, 3); 302 303 r0(dd, 1, 2, 3, 4, 0, 4); r0(dd, 0, 1, 2, 3, 4, 5); 304 305 r0(dd, 4, 0, 1, 2, 3, 6); r0(dd, 3, 4, 0, 1, 2, 7); 306 307 r0(dd, 2, 3, 4, 0, 1, 8); r0(dd, 1, 2, 3, 4, 0, 9); 308 309 r0(dd, 0, 1, 2, 3, 4, 10); r0(dd, 4, 0, 1, 2, 3, 11); 310 311 r0(dd, 3, 4, 0, 1, 2, 12); r0(dd, 2, 3, 4, 0, 1, 13); 312 313 r0(dd, 1, 2, 3, 4, 0, 14); r0(dd, 0, 1, 2, 3, 4, 15); 314 315 r1(dd, 4, 0, 1, 2, 3, 16); r1(dd, 3, 4, 0, 1, 2, 17); 316 317 r1(dd, 2, 3, 4, 0, 1, 18); r1(dd, 1, 2, 3, 4, 0, 19); 318 319 r2(dd, 0, 1, 2, 3, 4, 20); r2(dd, 4, 0, 1, 2, 3, 21); 320 321 r2(dd, 3, 4, 0, 1, 2, 22); r2(dd, 2, 3, 4, 0, 1, 23); 322 323 r2(dd, 1, 2, 3, 4, 0, 24); r2(dd, 0, 1, 2, 3, 4, 25); 324 325 r2(dd, 4, 0, 1, 2, 3, 26); r2(dd, 3, 4, 0, 1, 2, 27); 326 327 r2(dd, 2, 3, 4, 0, 1, 28); r2(dd, 1, 2, 3, 4, 0, 29); 328 329 r2(dd, 0, 1, 2, 3, 4, 30); r2(dd, 4, 0, 1, 2, 3, 31); 330 331 r2(dd, 3, 4, 0, 1, 2, 32); r2(dd, 2, 3, 4, 0, 1, 33); 332 333 r2(dd, 1, 2, 3, 4, 0, 34); r2(dd, 0, 1, 2, 3, 4, 35); 334 335 r2(dd, 4, 0, 1, 2, 3, 36); r2(dd, 3, 4, 0, 1, 2, 37); 336 337 r2(dd, 2, 3, 4, 0, 1, 38); r2(dd, 1, 2, 3, 4, 0, 39); 338 339 r3(dd, 0, 1, 2, 3, 4, 40); r3(dd, 4, 0, 1, 2, 3, 41); 340 341 r3(dd, 3, 4, 0, 1, 2, 42); r3(dd, 2, 3, 4, 0, 1, 43); 342 343 r3(dd, 1, 2, 3, 4, 0, 44); r3(dd, 0, 1, 2, 3, 4, 45); 344 345 r3(dd, 4, 0, 1, 2, 3, 46); r3(dd, 3, 4, 0, 1, 2, 47); 346 347 r3(dd, 2, 3, 4, 0, 1, 48); r3(dd, 1, 2, 3, 4, 0, 49); 348 349 r3(dd, 0, 1, 2, 3, 4, 50); r3(dd, 4, 0, 1, 2, 3, 51); 350 351 r3(dd, 3, 4, 0, 1, 2, 52); r3(dd, 2, 3, 4, 0, 1, 53); 352 353 r3(dd, 1, 2, 3, 4, 0, 54); r3(dd, 0, 1, 2, 3, 4, 55); 354 355 r3(dd, 4, 0, 1, 2, 3, 56); r3(dd, 3, 4, 0, 1, 2, 57); 356 357 r3(dd, 2, 3, 4, 0, 1, 58); r3(dd, 1, 2, 3, 4, 0, 59); 358 359 r4(dd, 0, 1, 2, 3, 4, 60); r4(dd, 4, 0, 1, 2, 3, 61); 360 361 r4(dd, 3, 4, 0, 1, 2, 62); r4(dd, 2, 3, 4, 0, 1, 63); 362 363 r4(dd, 1, 2, 3, 4, 0, 64); r4(dd, 0, 1, 2, 3, 4, 65); 364 365 r4(dd, 4, 0, 1, 2, 3, 66); r4(dd, 3, 4, 0, 1, 2, 67); 366 367 r4(dd, 2, 3, 4, 0, 1, 68); r4(dd, 1, 2, 3, 4, 0, 69); 368 369 r4(dd, 0, 1, 2, 3, 4, 70); r4(dd, 4, 0, 1, 2, 3, 71); 370 371 r4(dd, 3, 4, 0, 1, 2, 72); r4(dd, 2, 3, 4, 0, 1, 73); 372 373 r4(dd, 1, 2, 3, 4, 0, 74); r4(dd, 0, 1, 2, 3, 4, 75); 374 375 r4(dd, 4, 0, 1, 2, 3, 76); r4(dd, 3, 4, 0, 1, 2, 77); 376 377 r4(dd, 2, 3, 4, 0, 1, 78); r4(dd, 1, 2, 3, 4, 0, 79); 378 379 m_state[0] += dd[0]; 380 381 m_state[1] += dd[1]; 382 383 m_state[2] += dd[2]; 384 385 m_state[3] += dd[3]; 386 387 m_state[4] += dd[4]; 388 389 } 390 391 392 393 394 395 /** 396 397 * initializes or resets the hasher for a new session respectively 398 399 */ 400 401 public void reset() { 402 403 404 405 m_state[0] = 0x67452301; 406 407 m_state[1] = 0xefcdab89; 408 409 m_state[2] = 0x98badcfe; 410 411 m_state[3] = 0x10325476; 412 413 m_state[4] = 0xc3d2e1f0; 414 415 m_lCount = 0; 416 417 m_digestBits = new byte[20]; 418 419 m_nBlockIndex = 0; 420 421 }; 422 423 424 425 426 427 /** 428 429 * adds a single byte to the digest 430 431 */ 432 433 public void update(byte bB) { 434 435 436 437 int nMask = (m_nBlockIndex & 3) << 3; 438 439 440 441 m_lCount += 8; 442 443 m_block[m_nBlockIndex >> 2] &= ~(0xff << nMask); 444 445 m_block[m_nBlockIndex >> 2] |= (bB & 0xff) << nMask; 446 447 m_nBlockIndex++; 448 449 if (m_nBlockIndex == 64) { 450 451 transform(); 452 453 m_nBlockIndex = 0; 454 455 }; 456 457 }; 458 459 460 461 462 463 /** 464 465 * adds a byte array to the digest 466 467 */ 468 469 public void update(byte[] data) { 470 471 472 473 for (int nI = 0; nI < data.length; nI++) 474 475 update(data[nI]); 476 477 }; 478 479 480 481 482 483 /** 484 485 * adds an ASCII string to the digest 486 487 */ 488 489 public void update(String sData) { 490 491 492 493 for (int nI = 0; nI < sData.length(); nI++) 494 495 update((byte)(sData.charAt(nI) & 0x0ff)); 496 497 }; 498 499 500 501 502 503 504 505 /** 506 507 * finalizes the digest 508 509 */ 510 511 public void finalize() { 512 513 514 515 int nI; 516 517 byte bits[] = new byte[8]; 518 519 520 521 for (nI = 0; nI < 8; nI++) { 522 523 bits[nI] = (byte)((m_lCount >>> (((7 - nI) << 3))) & 0xff); 524 525 }; 526 527 528 529 update((byte) 128); 530 531 while (m_nBlockIndex != 56) 532 533 update((byte) 0); 534 535 536 537 for (nI = 0; nI < bits.length; nI++) 538 539 update(bits[nI]); 540 541 542 543 for (nI = 0; nI < 20; nI++) { 544 545 m_digestBits[nI] = (byte)((m_state[nI >> 2] >> ((3 - (nI & 3)) << 3)) & 0xff); 546 547 }; 548 549 }; 550 551 552 553 554 555 /** 556 557 * gets the digest 558 559 * @return the digst bytes as an array if DIGEST_SIZE bytes 560 561 */ 562 563 public byte[] getDigest() { 564 565 566 567 // deliver a _copy_ 568 569 byte[] result = new byte[DIGEST_SIZE]; 570 571 System.arraycopy(m_digestBits, 0, result, 0, DIGEST_SIZE); 572 573 return result; 574 575 }; 576 577 578 579 580 581 // we need this table for the following method 582 583 private final static String HEXTAB = "0123456789abcdef"; 584 585 586 587 588 589 /** 590 591 * makes a binhex string representation of the current digest 592 593 * @return the string representation 594 595 */ 596 597 public String toString() { 598 599 600 601 StringBuilder buf = new StringBuilder(DIGEST_SIZE * 2); 602 603 604 605 for (int nI = 0; nI < DIGEST_SIZE; nI++) { 606 607 buf.append(HEXTAB.charAt((m_digestBits[nI] >>> 4) & 0x0f)); 608 609 buf.append(HEXTAB.charAt(m_digestBits[nI] & 0x0f)); 610 611 }; 612 613 return buf.toString(); 614 615 }; 616 617 618 619 620 621 622 623 624 625 // references for the selftest 626 627 628 629 private final static String SELFTEST_MESSAGE = 630 631 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; 632 633 634 635 private final static byte[] SELFTEST_DIGEST = { 636 637 (byte)0x84, (byte)0x98, (byte)0x3e, (byte)0x44, (byte)0x1c, 638 639 (byte)0x3b, (byte)0xd2, (byte)0x6e, (byte)0xba, (byte)0xae, 640 641 (byte)0x4a, (byte)0xa1, (byte)0xf9, (byte)0x51, (byte)0x29, 642 643 (byte)0xE5, (byte)0xe5, (byte)0x46, (byte)0x70, (byte)0xf1 644 645 }; 646 647 648 649 650 651 /** 652 653 * runs a selftest 654 655 * @return true: selftest passed / false: selftest failed 656 657 */ 658 659 public boolean selfTest() { 660 661 662 663 SHA1 tester = new SHA1(); 664 665 tester.update(SELFTEST_MESSAGE); 666 667 tester.finalize(); 668 669 byte[] digest = tester.getDigest(); 670 671 tester.clear(); 672 673 for (int nI = 0; nI < DIGEST_SIZE; nI++) 674 675 if (digest[nI] != SELFTEST_DIGEST[nI]) 676 677 return false; 678 679 680 681 // test passed 682 683 return true; 684 685 }; 686 687 688 689}; 690 691 692 693