libjava/gnu/java/security/provider/MD5.java

   1 /* MD5.java -- Class implementing the MD5 algorithm as specified in RFC1321.
   2    Copyright (C) 1999, 2002 Free Software Foundation, Inc.
   3
   4 This file is part of GNU Classpath.
   5
   6 GNU Classpath is free software; you can redistribute it and/or modify
   7 it under the terms of the GNU General Public License as published by
   8 the Free Software Foundation; either version 2, or (at your option)
   9 any later version.
  10
  11 GNU Classpath is distributed in the hope that it will be useful, but
  12 WITHOUT ANY WARRANTY; without even the implied warranty of
  13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14 General Public License for more details.
  15
  16 You should have received a copy of the GNU General Public License
  17 along with GNU Classpath; see the file COPYING.  If not, write to the
  18 Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
  19 02111-1307 USA.
  20
  21 Linking this library statically or dynamically with other modules is
  22 making a combined work based on this library.  Thus, the terms and
  23 conditions of the GNU General Public License cover the whole
  24 combination.
  25
  26 As a special exception, the copyright holders of this library give you
  27 permission to link this library with independent modules to produce an
  28 executable, regardless of the license terms of these independent
  29 modules, and to copy and distribute the resulting executable under
  30 terms of your choice, provided that you also meet, for each linked
  31 independent module, the terms and conditions of the license of that
  32 module.  An independent module is a module which is not derived from
  33 or based on this library.  If you modify this library, you may extend
  34 this exception to your version of the library, but you are not
  35 obligated to do so.  If you do not wish to do so, delete this
  36 exception statement from your version. */
  37
  38
  39 package gnu.java.security.provider;
  40 import java.security.MessageDigest;
  41
  42 /**
  43    This class implements the MD5 algorithm as described in RFC1321.
  44
  45    @see java.security.MessageDigest
  46 */
  47 public class MD5 extends MessageDigest implements Cloneable
  48 {
  49   private final int W[] = new int[16];
  50   private long bytecount;
  51   private int A;
  52   private int B;
  53   private int C;
  54   private int D;
  55
  56   public MD5()
  57   {
  58     super("MD5");
  59     engineReset ();
  60   }
  61
  62   public Object clone()
  63   {
  64     return new MD5 (this);
  65   }
  66
  67   private MD5 (MD5 copy)
  68   {
  69     this ();
  70     bytecount = copy.bytecount;
  71     A = copy.A;
  72     B = copy.B;
  73     C = copy.C;
  74     D = copy.D;
  75     System.arraycopy (copy.W, 0, W, 0, 16);
  76   }
  77
  78   public int engineGetDigestLength()
  79   {
  80     return 16;
  81   }
  82
  83   // Intialize the A,B,C,D needed for the hash
  84   public void engineReset()
  85   {
  86     bytecount = 0;
  87     A = 0x67452301;
  88     B = 0xefcdab89;
  89     C = 0x98badcfe;
  90     D = 0x10325476;
  91     for(int i = 0; i < 16; i++)
  92       W[i] = 0;
  93   }
  94
  95   public void engineUpdate (byte b)
  96   {
  97     int i = (int)bytecount % 64;
  98     int shift = (3 - i % 4) * 8;
  99     int idx = i / 4;
 100
 101     // if you could index ints, this would be: W[idx][shift/8] = b
 102     W[idx] = (W[idx] & ~(0xff << shift)) | ((b & 0xff) << shift);
 103
 104     // if we've filled up a block, then process it
 105     if ((++ bytecount) % 64 == 0)
 106       munch ();
 107   }
 108
 109   public void engineUpdate (byte bytes[], int off, int len)
 110   {
 111     if (len < 0)
 112       throw new ArrayIndexOutOfBoundsException ();
 113
 114     int end = off + len;
 115     while (off < end)
 116       engineUpdate (bytes[off++]);
 117   }
 118
 119   public byte[] engineDigest()
 120   {
 121     long bitcount = bytecount * 8;
 122     engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding
 123
 124     // add the rest of the padding to fill this block out, but leave 8
 125     // bytes to put in the original bytecount
 126     while ((int)bytecount % 64 != 56)
 127       engineUpdate ((byte)0);
 128
 129     // add the length of the original, unpadded block to the end of
 130     // the padding
 131     W[14] = SWAP((int)(0xffffffff & bitcount));
 132     W[15] = SWAP((int)(0xffffffff & (bitcount >>> 32)));
 133     bytecount += 8;
 134
 135     // digest the fully padded block
 136     munch ();
 137
 138     A = SWAP(A);
 139     B = SWAP(B);
 140     C = SWAP(C);
 141     D = SWAP(D);
 142     byte[] result = new byte[] {(byte)(A >>> 24), (byte)(A >>> 16),
 143                                 (byte)(A >>> 8), (byte)A,
 144                                 (byte)(B >>> 24), (byte)(B >>> 16),
 145                                 (byte)(B >>> 8), (byte)B,
 146                                 (byte)(C >>> 24), (byte)(C >>> 16),
 147                                 (byte)(C >>> 8), (byte)C,
 148                                 (byte)(D >>> 24), (byte)(D >>> 16),
 149                                 (byte)(D >>> 8), (byte)D};
 150
 151     engineReset ();
 152     return result;
 153   }
 154
 155   private int F( int X, int Y, int Z)
 156   {
 157     return ((X & Y) | (~X & Z));
 158   }
 159
 160   private int G( int X, int Y, int Z)
 161   {
 162     return ((X & Z) | (Y & ~Z));
 163   }
 164
 165   private int H( int X, int Y, int Z)
 166   {
 167     return (X ^ Y ^ Z);
 168   }
 169
 170   private int I( int X, int Y, int Z)
 171   {
 172     return (Y ^ (X | ~Z));
 173   }
 174
 175   private int rotateLeft( int i, int count)
 176   {
 177     //Taken from FIPS 180-1
 178     return ( (i << count) | (i >>> (32 - count)) ) ;
 179   }
 180
 181   /* Round 1. */
 182   private int FF( int a, int b, int c, int d, int k, int s, int i)
 183   {
 184     /* Let [abcd k s i] denote the operation */
 185     a += F(b,c,d) + k + i;
 186     return b + rotateLeft(a, s);
 187   }
 188   /* Round 2. */
 189   private int GG( int a, int b, int c, int d, int k, int s, int i)
 190   {
 191     /* Let [abcd k s i] denote the operation */
 192     a += G(b,c,d) + k + i;
 193     return b + rotateLeft(a, s);
 194   }
 195   /* Round 3. */
 196   private int HH( int a, int b, int c, int d, int k, int s, int i)
 197   {
 198     /* Let [abcd k s t] denote the operation */
 199     a += H(b,c,d) + k + i;
 200     return b + rotateLeft(a, s);
 201   }
 202
 203   /* Round 4. */
 204   private int II( int a, int b, int c, int d, int k, int s, int i)
 205   {
 206     /* Let [abcd k s t] denote the operation */
 207     a += I(b,c,d) + k + i;
 208     return b + rotateLeft(a, s);
 209   }
 210
 211   private int SWAP(int n)
 212   {
 213     //Copied from md5.c in FSF Gnu Privacy Guard 0.9.2
 214     return (( (0xff & n) << 24) | ((n & 0xff00) << 8) | ((n >>> 8) & 0xff00) | (n >>> 24));
 215   }
 216
 217   private void munch()
 218   {
 219     int AA,BB,CC,DD, j;
 220     int X[] = new int[16];
 221
 222     /* Copy block i into X. */
 223     for(j = 0; j < 16; j++)
 224       X[j] = SWAP(W[j]);
 225
 226     /* Save A as AA, B as BB, C as CC, and D as DD. */
 227     AA = A;
 228     BB = B;
 229     CC = C;
 230     DD = D;
 231
 232     /* The hex constants are from md5.c
 233        in FSF Gnu Privacy Guard 0.9.2 */
 234     /* Round 1. */
 235     /* Let [abcd k s i] denote the operation
 236        a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */
 237     /* Do the following 16 operations. */
 238     A = FF(A,B,C,D,  X[0],  7,  0xd76aa478);
 239     D = FF(D,A,B,C,  X[1], 12,  0xe8c7b756);
 240     C = FF(C,D,A,B,  X[2], 17,  0x242070db);
 241     B = FF(B,C,D,A,  X[3], 22,  0xc1bdceee);
 242
 243     A = FF(A,B,C,D,  X[4],  7,  0xf57c0faf);
 244     D = FF(D,A,B,C,  X[5], 12,  0x4787c62a);
 245     C = FF(C,D,A,B,  X[6], 17,  0xa8304613);
 246     B = FF(B,C,D,A,  X[7], 22,  0xfd469501);
 247
 248     A = FF(A,B,C,D,  X[8],  7,  0x698098d8);
 249     D = FF(D,A,B,C,  X[9], 12,  0x8b44f7af);
 250     C = FF(C,D,A,B, X[10], 17,  0xffff5bb1);
 251     B = FF(B,C,D,A, X[11], 22,  0x895cd7be);
 252
 253     A = FF(A,B,C,D, X[12],  7,  0x6b901122);
 254     D = FF(D,A,B,C, X[13], 12,  0xfd987193);
 255     C = FF(C,D,A,B, X[14], 17,  0xa679438e);
 256     B = FF(B,C,D,A, X[15], 22,  0x49b40821);
 257
 258     /* Round 2. */
 259     /* Let [abcd k s i] denote the operation
 260        a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */
 261     /* Do the following 16 operations. */
 262     A = GG(A,B,C,D,  X[1],  5, 0xf61e2562);
 263     D = GG(D,A,B,C,  X[6],  9, 0xc040b340);
 264     C = GG(C,D,A,B, X[11], 14, 0x265e5a51);
 265     B = GG(B,C,D,A,  X[0], 20, 0xe9b6c7aa);
 266
 267     A = GG(A,B,C,D,  X[5],  5, 0xd62f105d);
 268     D = GG(D,A,B,C, X[10],  9, 0x02441453);
 269     C = GG(C,D,A,B, X[15], 14, 0xd8a1e681);
 270     B = GG(B,C,D,A,  X[4], 20, 0xe7d3fbc8);
 271
 272     A = GG(A,B,C,D,  X[9],  5, 0x21e1cde6);
 273     D = GG(D,A,B,C, X[14],  9, 0xc33707d6);
 274     C = GG(C,D,A,B,  X[3], 14, 0xf4d50d87);
 275     B = GG(B,C,D,A,  X[8], 20, 0x455a14ed);
 276
 277     A = GG(A,B,C,D, X[13],  5, 0xa9e3e905);
 278     D = GG(D,A,B,C,  X[2],  9, 0xfcefa3f8);
 279     C = GG(C,D,A,B,  X[7], 14, 0x676f02d9);
 280     B = GG(B,C,D,A, X[12], 20, 0x8d2a4c8a);
 281
 282     /* Round 3. */
 283     /* Let [abcd k s t] denote the operation
 284        a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */
 285     /* Do the following 16 operations. */
 286     A = HH(A,B,C,D,  X[5],  4, 0xfffa3942);
 287     D = HH(D,A,B,C,  X[8], 11, 0x8771f681);
 288     C = HH(C,D,A,B, X[11], 16, 0x6d9d6122);
 289     B = HH(B,C,D,A, X[14], 23, 0xfde5380c);
 290
 291     A = HH(A,B,C,D,  X[1],  4, 0xa4beea44);
 292     D = HH(D,A,B,C,  X[4], 11, 0x4bdecfa9);
 293     C = HH(C,D,A,B,  X[7], 16, 0xf6bb4b60);
 294     B = HH(B,C,D,A, X[10], 23, 0xbebfbc70);
 295
 296     A = HH(A,B,C,D, X[13],  4, 0x289b7ec6);
 297     D = HH(D,A,B,C,  X[0], 11, 0xeaa127fa);
 298     C = HH(C,D,A,B,  X[3], 16, 0xd4ef3085);
 299     B = HH(B,C,D,A,  X[6], 23, 0x04881d05);
 300
 301     A = HH(A,B,C,D,  X[9],  4, 0xd9d4d039);
 302     D = HH(D,A,B,C, X[12], 11, 0xe6db99e5);
 303     C = HH(C,D,A,B, X[15], 16, 0x1fa27cf8);
 304     B = HH(B,C,D,A,  X[2], 23, 0xc4ac5665);
 305
 306     /* Round 4. */
 307     /* Let [abcd k s t] denote the operation
 308        a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */
 309     /* Do the following 16 operations. */
 310     A = II(A,B,C,D,  X[0],  6, 0xf4292244);
 311     D = II(D,A,B,C,  X[7], 10, 0x432aff97);
 312     C = II(C,D,A,B, X[14], 15, 0xab9423a7);
 313     B = II(B,C,D,A,  X[5], 21, 0xfc93a039);
 314
 315     A = II(A,B,C,D, X[12],  6, 0x655b59c3);
 316     D = II(D,A,B,C,  X[3], 10, 0x8f0ccc92);
 317     C = II(C,D,A,B, X[10], 15, 0xffeff47d);
 318     B = II(B,C,D,A,  X[1], 21, 0x85845dd1);
 319
 320     A = II(A,B,C,D,  X[8],  6, 0x6fa87e4f);
 321     D = II(D,A,B,C, X[15], 10, 0xfe2ce6e0);
 322     C = II(C,D,A,B,  X[6], 15, 0xa3014314);
 323     B = II(B,C,D,A, X[13], 21, 0x4e0811a1);
 324
 325     A = II(A,B,C,D,  X[4],  6, 0xf7537e82);
 326     D = II(D,A,B,C, X[11], 10, 0xbd3af235);
 327     C = II(C,D,A,B,  X[2], 15, 0x2ad7d2bb);
 328     B = II(B,C,D,A,  X[9], 21, 0xeb86d391);
 329
 330     /* Then perform the following additions. (That is increment each
 331        of the four registers by the value it had before this block
 332        was started.) */
 333     A = A + AA;
 334     B = B + BB;
 335     C = C + CC;
 336     D = D + DD;
 337   }
 338 }