Source for gnu.java.security.provider.MD5

   1: /* MD5.java -- Class implementing the MD5 algorithm as specified in RFC1321.
   2:    Copyright (C) 1999, 2002 Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10:  
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version. */
  37: 
  38: 
  39: package gnu.java.security.provider;
  40: import java.security.MessageDigest;
  41: 
  42: /**
  43:    This class implements the MD5 algorithm as described in RFC1321.
  44: 
  45:    @see java.security.MessageDigest
  46: */
  47: public class MD5 extends MessageDigest implements Cloneable
  48: {
  49:   private final int W[] = new int[16];
  50:   private long bytecount;
  51:   private int A;
  52:   private int B;
  53:   private int C;
  54:   private int D;
  55: 
  56:   public MD5()
  57:   {
  58:     super("MD5");
  59:     engineReset ();
  60:   }
  61: 
  62:   public Object clone()
  63:   {
  64:     return new MD5 (this);
  65:   }
  66: 
  67:   private MD5 (MD5 copy)
  68:   {
  69:     this ();
  70:     bytecount = copy.bytecount;
  71:     A = copy.A;
  72:     B = copy.B;
  73:     C = copy.C;
  74:     D = copy.D;
  75:     System.arraycopy (copy.W, 0, W, 0, 16);
  76:   }
  77: 
  78:   public int engineGetDigestLength()
  79:   {
  80:     return 16;
  81:   }
  82: 
  83:   // Intialize the A,B,C,D needed for the hash
  84:   public void engineReset()
  85:   {
  86:     bytecount = 0;
  87:     A = 0x67452301;
  88:     B = 0xefcdab89;
  89:     C = 0x98badcfe;
  90:     D = 0x10325476;
  91:     for(int i = 0; i < 16; i++)
  92:       W[i] = 0;
  93:   }
  94: 
  95:   public void engineUpdate (byte b)
  96:   {
  97:     int i = (int)bytecount % 64;
  98:     int shift = (3 - i % 4) * 8;
  99:     int idx = i / 4;
 100: 
 101:     // if you could index ints, this would be: W[idx][shift/8] = b
 102:     W[idx] = (W[idx] & ~(0xff << shift)) | ((b & 0xff) << shift);
 103: 
 104:     // if we've filled up a block, then process it
 105:     if ((++ bytecount) % 64 == 0)
 106:       munch ();
 107:   }
 108: 
 109:   public void engineUpdate (byte bytes[], int off, int len)
 110:   {
 111:     if (len < 0)
 112:       throw new ArrayIndexOutOfBoundsException ();
 113: 
 114:     int end = off + len;
 115:     while (off < end)
 116:       engineUpdate (bytes[off++]);
 117:   }
 118: 
 119:   public byte[] engineDigest()
 120:   {
 121:     long bitcount = bytecount * 8;
 122:     engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding
 123: 
 124:     // add the rest of the padding to fill this block out, but leave 8
 125:     // bytes to put in the original bytecount
 126:     while ((int)bytecount % 64 != 56)
 127:       engineUpdate ((byte)0);
 128: 
 129:     // add the length of the original, unpadded block to the end of
 130:     // the padding
 131:     W[14] = SWAP((int)(0xffffffff & bitcount));
 132:     W[15] = SWAP((int)(0xffffffff & (bitcount >>> 32)));
 133:     bytecount += 8;
 134: 
 135:     // digest the fully padded block
 136:     munch ();
 137: 
 138:     A = SWAP(A);
 139:     B = SWAP(B);
 140:     C = SWAP(C);
 141:     D = SWAP(D);
 142:     byte[] result = new byte[] {(byte)(A >>> 24), (byte)(A >>> 16),
 143:                 (byte)(A >>> 8), (byte)A,
 144:                 (byte)(B >>> 24), (byte)(B >>> 16),
 145:                 (byte)(B >>> 8), (byte)B,
 146:                 (byte)(C >>> 24), (byte)(C >>> 16),
 147:                 (byte)(C >>> 8), (byte)C,
 148:                 (byte)(D >>> 24), (byte)(D >>> 16),
 149:                 (byte)(D >>> 8), (byte)D};
 150:     
 151:     engineReset ();
 152:     return result;
 153:   }
 154: 
 155:   private int F( int X, int Y, int Z)
 156:   {
 157:     return ((X & Y) | (~X & Z));
 158:   }
 159: 
 160:   private int G( int X, int Y, int Z)
 161:   {
 162:     return ((X & Z) | (Y & ~Z));
 163:   }
 164: 
 165:   private int H( int X, int Y, int Z)
 166:   {
 167:     return (X ^ Y ^ Z);
 168:   }
 169: 
 170:   private int I( int X, int Y, int Z)
 171:   {
 172:     return (Y ^ (X | ~Z));
 173:   }
 174: 
 175:   private int rotateLeft( int i, int count)
 176:   {
 177:     //Taken from FIPS 180-1
 178:     return ( (i << count) | (i >>> (32 - count)) ) ;
 179:   }
 180: 
 181:   /* Round 1. */
 182:   private int FF( int a, int b, int c, int d, int k, int s, int i)
 183:   {
 184:     /* Let [abcd k s i] denote the operation */
 185:     a += F(b,c,d) + k + i;
 186:     return b + rotateLeft(a, s); 
 187:   } 
 188:   /* Round 2. */
 189:   private int GG( int a, int b, int c, int d, int k, int s, int i)
 190:   {
 191:     /* Let [abcd k s i] denote the operation */
 192:     a += G(b,c,d) + k + i;
 193:     return b + rotateLeft(a, s);
 194:   } 
 195:   /* Round 3. */
 196:   private int HH( int a, int b, int c, int d, int k, int s, int i)
 197:   {
 198:     /* Let [abcd k s t] denote the operation */
 199:     a += H(b,c,d) + k + i;
 200:     return b + rotateLeft(a, s);
 201:   } 
 202: 
 203:   /* Round 4. */
 204:   private int II( int a, int b, int c, int d, int k, int s, int i)
 205:   {
 206:     /* Let [abcd k s t] denote the operation */
 207:     a += I(b,c,d) + k + i;
 208:     return b + rotateLeft(a, s);
 209:   } 
 210: 
 211:   private int SWAP(int n)
 212:   {
 213:     //Copied from md5.c in FSF Gnu Privacy Guard 0.9.2
 214:     return (( (0xff & n) << 24) | ((n & 0xff00) << 8) | ((n >>> 8) & 0xff00) | (n >>> 24));
 215:   }
 216: 
 217:   private void munch()
 218:   {
 219:     int AA,BB,CC,DD, j;
 220:     int X[] = new int[16];
 221: 
 222:     /* Copy block i into X. */
 223:     for(j = 0; j < 16; j++)
 224:       X[j] = SWAP(W[j]);
 225: 
 226:     /* Save A as AA, B as BB, C as CC, and D as DD. */
 227:     AA = A;
 228:     BB = B;
 229:     CC = C;
 230:     DD = D;
 231: 
 232:     /* The hex constants are from md5.c 
 233:        in FSF Gnu Privacy Guard 0.9.2 */
 234:     /* Round 1. */
 235:     /* Let [abcd k s i] denote the operation
 236:        a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */
 237:     /* Do the following 16 operations. */
 238:     A = FF(A,B,C,D,  X[0],  7,  0xd76aa478);
 239:     D = FF(D,A,B,C,  X[1], 12,  0xe8c7b756);
 240:     C = FF(C,D,A,B,  X[2], 17,  0x242070db);
 241:     B = FF(B,C,D,A,  X[3], 22,  0xc1bdceee);
 242: 
 243:     A = FF(A,B,C,D,  X[4],  7,  0xf57c0faf);
 244:     D = FF(D,A,B,C,  X[5], 12,  0x4787c62a);
 245:     C = FF(C,D,A,B,  X[6], 17,  0xa8304613);
 246:     B = FF(B,C,D,A,  X[7], 22,  0xfd469501);
 247: 
 248:     A = FF(A,B,C,D,  X[8],  7,  0x698098d8);
 249:     D = FF(D,A,B,C,  X[9], 12,  0x8b44f7af);
 250:     C = FF(C,D,A,B, X[10], 17,  0xffff5bb1);
 251:     B = FF(B,C,D,A, X[11], 22,  0x895cd7be);
 252: 
 253:     A = FF(A,B,C,D, X[12],  7,  0x6b901122);
 254:     D = FF(D,A,B,C, X[13], 12,  0xfd987193);
 255:     C = FF(C,D,A,B, X[14], 17,  0xa679438e);
 256:     B = FF(B,C,D,A, X[15], 22,  0x49b40821);
 257: 
 258:     /* Round 2. */
 259:     /* Let [abcd k s i] denote the operation
 260:        a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */
 261:     /* Do the following 16 operations. */
 262:     A = GG(A,B,C,D,  X[1],  5, 0xf61e2562);
 263:     D = GG(D,A,B,C,  X[6],  9, 0xc040b340);
 264:     C = GG(C,D,A,B, X[11], 14, 0x265e5a51);
 265:     B = GG(B,C,D,A,  X[0], 20, 0xe9b6c7aa);
 266: 
 267:     A = GG(A,B,C,D,  X[5],  5, 0xd62f105d);
 268:     D = GG(D,A,B,C, X[10],  9, 0x02441453);
 269:     C = GG(C,D,A,B, X[15], 14, 0xd8a1e681);
 270:     B = GG(B,C,D,A,  X[4], 20, 0xe7d3fbc8);
 271: 
 272:     A = GG(A,B,C,D,  X[9],  5, 0x21e1cde6);
 273:     D = GG(D,A,B,C, X[14],  9, 0xc33707d6);
 274:     C = GG(C,D,A,B,  X[3], 14, 0xf4d50d87);
 275:     B = GG(B,C,D,A,  X[8], 20, 0x455a14ed);
 276: 
 277:     A = GG(A,B,C,D, X[13],  5, 0xa9e3e905);
 278:     D = GG(D,A,B,C,  X[2],  9, 0xfcefa3f8);
 279:     C = GG(C,D,A,B,  X[7], 14, 0x676f02d9);
 280:     B = GG(B,C,D,A, X[12], 20, 0x8d2a4c8a);
 281: 
 282:     /* Round 3. */
 283:     /* Let [abcd k s t] denote the operation
 284:        a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */
 285:     /* Do the following 16 operations. */
 286:     A = HH(A,B,C,D,  X[5],  4, 0xfffa3942);
 287:     D = HH(D,A,B,C,  X[8], 11, 0x8771f681);
 288:     C = HH(C,D,A,B, X[11], 16, 0x6d9d6122);
 289:     B = HH(B,C,D,A, X[14], 23, 0xfde5380c);
 290: 
 291:     A = HH(A,B,C,D,  X[1],  4, 0xa4beea44);
 292:     D = HH(D,A,B,C,  X[4], 11, 0x4bdecfa9);
 293:     C = HH(C,D,A,B,  X[7], 16, 0xf6bb4b60);
 294:     B = HH(B,C,D,A, X[10], 23, 0xbebfbc70);
 295: 
 296:     A = HH(A,B,C,D, X[13],  4, 0x289b7ec6);
 297:     D = HH(D,A,B,C,  X[0], 11, 0xeaa127fa);
 298:     C = HH(C,D,A,B,  X[3], 16, 0xd4ef3085);
 299:     B = HH(B,C,D,A,  X[6], 23, 0x04881d05);
 300: 
 301:     A = HH(A,B,C,D,  X[9],  4, 0xd9d4d039);
 302:     D = HH(D,A,B,C, X[12], 11, 0xe6db99e5);
 303:     C = HH(C,D,A,B, X[15], 16, 0x1fa27cf8);
 304:     B = HH(B,C,D,A,  X[2], 23, 0xc4ac5665);
 305: 
 306:     /* Round 4. */
 307:     /* Let [abcd k s t] denote the operation
 308:        a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */
 309:     /* Do the following 16 operations. */
 310:     A = II(A,B,C,D,  X[0],  6, 0xf4292244);
 311:     D = II(D,A,B,C,  X[7], 10, 0x432aff97);
 312:     C = II(C,D,A,B, X[14], 15, 0xab9423a7);
 313:     B = II(B,C,D,A,  X[5], 21, 0xfc93a039);
 314: 
 315:     A = II(A,B,C,D, X[12],  6, 0x655b59c3);
 316:     D = II(D,A,B,C,  X[3], 10, 0x8f0ccc92);
 317:     C = II(C,D,A,B, X[10], 15, 0xffeff47d);
 318:     B = II(B,C,D,A,  X[1], 21, 0x85845dd1);
 319: 
 320:     A = II(A,B,C,D,  X[8],  6, 0x6fa87e4f);
 321:     D = II(D,A,B,C, X[15], 10, 0xfe2ce6e0);
 322:     C = II(C,D,A,B,  X[6], 15, 0xa3014314);
 323:     B = II(B,C,D,A, X[13], 21, 0x4e0811a1);
 324: 
 325:     A = II(A,B,C,D,  X[4],  6, 0xf7537e82);
 326:     D = II(D,A,B,C, X[11], 10, 0xbd3af235);
 327:     C = II(C,D,A,B,  X[2], 15, 0x2ad7d2bb);
 328:     B = II(B,C,D,A,  X[9], 21, 0xeb86d391);
 329: 
 330:     /* Then perform the following additions. (That is increment each
 331:        of the four registers by the value it had before this block
 332:        was started.) */
 333:     A = A + AA;
 334:     B = B + BB;
 335:     C = C + CC;
 336:     D = D + DD;
 337:   }
 338: }