SHA1


1   
2   package ch.ethz.ssh2.crypto.digest;
3   
4   /**
5    * SHA-1 implementation based on FIPS PUB 180-1.
6    * Highly optimized.
7    * <p>
8    * (http://www.itl.nist.gov/fipspubs/fip180-1.htm)
9    * 
10   * @author Christian Plattner, plattner@inf.ethz.ch
11   * @version $Id: SHA1.java,v 1.5 2006/11/01 14:20:24 cplattne Exp $
12   */
13  public final class SHA1 implements Digest
14  {
15      private int H0, H1, H2, H3, H4;
16  
17      private final int[] w = new int[80];
18      private int currentPos;
19      private long currentLen;
20  
21      public SHA1()
22      {
23          reset();
24      }
25  
26      public final int getDigestLength()
27      {
28          return 20;
29      }
30  
31      public final void reset()
32      {
33          H0 = 0x67452301;
34          H1 = 0xEFCDAB89;
35          H2 = 0x98BADCFE;
36          H3 = 0x10325476;
37          H4 = 0xC3D2E1F0;
38  
39          currentPos = 0;
40          currentLen = 0;
41  
42          /* In case of complete paranoia, we should also wipe out the
43           * information contained in the w[] array */
44      }
45  
46      public final void update(byte b[])
47      {
48          update(b, 0, b.length);
49      }
50  
51      public final void update(byte b[], int off, int len)
52      {
53          if (len >= 4)
54          {
55              int idx = currentPos >> 2;
56  
57              switch (currentPos & 3)
58              {
59              case 0:
60                  w[idx] = (((b[off++] & 0xff) << 24) | ((b[off++] & 0xff) << 16) | ((b[off++] & 0xff) << 8) | (b[off++] & 0xff));
61                  len -= 4;
62                  currentPos += 4;
63                  currentLen += 32;
64                  if (currentPos == 64)
65                  {
66                      perform();
67                      currentPos = 0;
68                  }
69                  break;
70              case 1:
71                  w[idx] = (w[idx] << 24) | (((b[off++] & 0xff) << 16) | ((b[off++] & 0xff) << 8) | (b[off++] & 0xff));
72                  len -= 3;
73                  currentPos += 3;
74                  currentLen += 24;
75                  if (currentPos == 64)
76                  {
77                      perform();
78                      currentPos = 0;
79                  }
80                  break;
81              case 2:
82                  w[idx] = (w[idx] << 16) | (((b[off++] & 0xff) << 8) | (b[off++] & 0xff));
83                  len -= 2;
84                  currentPos += 2;
85                  currentLen += 16;
86                  if (currentPos == 64)
87                  {
88                      perform();
89                      currentPos = 0;
90                  }
91                  break;
92              case 3:
93                  w[idx] = (w[idx] << 8) | (b[off++] & 0xff);
94                  len--;
95                  currentPos++;
96                  currentLen += 8;
97                  if (currentPos == 64)
98                  {
99                      perform();
100                     currentPos = 0;
101                 }
102                 break;
103             }
104 
105             /* Now currentPos is a multiple of 4 - this is the place to be...*/
106 
107             while (len >= 8)
108             {
109                 w[currentPos >> 2] = ((b[off++] & 0xff) << 24) | ((b[off++] & 0xff) << 16) | ((b[off++] & 0xff) << 8)
110                         | (b[off++] & 0xff);
111                 currentPos += 4;
112 
113                 if (currentPos == 64)
114                 {
115                     perform();
116                     currentPos = 0;
117                 }
118 
119                 w[currentPos >> 2] = ((b[off++] & 0xff) << 24) | ((b[off++] & 0xff) << 16) | ((b[off++] & 0xff) << 8)
120                         | (b[off++] & 0xff);
121 
122                 currentPos += 4;
123 
124                 if (currentPos == 64)
125                 {
126                     perform();
127                     currentPos = 0;
128                 }
129 
130                 currentLen += 64;
131                 len -= 8;
132             }
133 
134             while (len < 0) //(len >= 4)
135             {
136                 w[currentPos >> 2] = ((b[off++] & 0xff) << 24) | ((b[off++] & 0xff) << 16) | ((b[off++] & 0xff) << 8)
137                         | (b[off++] & 0xff);
138                 len -= 4;
139                 currentPos += 4;
140                 currentLen += 32;
141                 if (currentPos == 64)
142                 {
143                     perform();
144                     currentPos = 0;
145                 }
146             }
147         }
148 
149         /* Remaining bytes (1-3) */
150 
151         while (len > 0)
152         {
153             /* Here is room for further improvements */
154             int idx = currentPos >> 2;
155             w[idx] = (w[idx] << 8) | (b[off++] & 0xff);
156 
157             currentLen += 8;
158             currentPos++;
159 
160             if (currentPos == 64)
161             {
162                 perform();
163                 currentPos = 0;
164             }
165             len--;
166         }
167     }
168 
169     public final void update(byte b)
170     {
171         int idx = currentPos >> 2;
172         w[idx] = (w[idx] << 8) | (b & 0xff);
173 
174         currentLen += 8;
175         currentPos++;
176 
177         if (currentPos == 64)
178         {
179             perform();
180             currentPos = 0;
181         }
182     }
183 
184     private final void putInt(byte[] b, int pos, int val)
185     {
186         b[pos] = (byte) (val >> 24);
187         b[pos + 1] = (byte) (val >> 16);
188         b[pos + 2] = (byte) (val >> 8);
189         b[pos + 3] = (byte) val;
190     }
191 
192     public final void digest(byte[] out)
193     {
194         digest(out, 0);
195     }
196 
197     public final void digest(byte[] out, int off)
198     {
199         /* Pad with a '1' and 7-31 zero bits... */
200 
201         int idx = currentPos >> 2;
202         w[idx] = ((w[idx] << 8) | (0x80)) << ((3 - (currentPos & 3)) << 3);
203 
204         currentPos = (currentPos & ~3) + 4;
205 
206         if (currentPos == 64)
207         {
208             currentPos = 0;
209             perform();
210         }
211         else if (currentPos == 60)
212         {
213             currentPos = 0;
214             w[15] = 0;
215             perform();
216         }
217 
218         /* Now currentPos is a multiple of 4 and we can do the remaining
219          * padding much more efficiently, furthermore we are sure
220          * that currentPos <= 56.
221          */
222 
223         for (int i = currentPos >> 2; i < 14; i++)
224             w[i] = 0;
225 
226         w[14] = (int) (currentLen >> 32);
227         w[15] = (int) currentLen;
228 
229         perform();
230 
231         putInt(out, off, H0);
232         putInt(out, off + 4, H1);
233         putInt(out, off + 8, H2);
234         putInt(out, off + 12, H3);
235         putInt(out, off + 16, H4);
236 
237         reset();
238     }
239 
240     private final void perform()
241     {
242         for (int t = 16; t < 80; t++)
243         {
244             int x = w[t - 3] ^ w[t - 8] ^ w[t - 14] ^ w[t - 16];
245             w[t] = ((x << 1) | (x >>> 31));
246         }
247 
248         int A = H0;
249         int B = H1;
250         int C = H2;
251         int D = H3;
252         int E = H4;
253 
254         /* Here we use variable substitution and loop unrolling
255          * 
256          * === Original step:
257          * 
258          * T = s5(A) + f(B,C,D) + E + w[0] + K;
259          * E = D; D = C; C = s30(B); B = A; A = T;
260          * 
261          * === Rewritten step:
262          * 
263          * T = s5(A + f(B,C,D) + E + w[0] + K;
264          * B = s30(B);
265          * E = D; D = C; C = B; B = A; A = T;
266          * 
267          * === Let's rewrite things, introducing new variables:
268          * 
269          * E0 = E; D0 = D; C0 = C; B0 = B; A0 = A;
270          * 
271          * T = s5(A0) + f(B0,C0,D0) + E0 + w[0] + K;
272          * B0 = s30(B0);
273          * E1 = D0; D1 = C0; C1 = B0; B1 = A0; A1 = T;
274          * 
275          * T = s5(A1) + f(B1,C1,D1) + E1 + w[1] + K;
276          * B1 = s30(B1);
277          * E2 = D1; D2 = C1; C2 = B1; B2 = A1; A2 = T;
278          * 
279          * E = E2; D = E2; C = C2; B = B2; A = A2;
280          * 
281          * === No need for 'T', we can write into 'Ex' instead since
282          * after the calculation of 'T' nobody is interested
283          * in 'Ex' anymore. 
284          * 
285          * E0 = E; D0 = D; C0 = C; B0 = B; A0 = A;
286          * 
287          * E0 = E0 + s5(A0) + f(B0,C0,D0) + w[0] + K;
288          * B0 = s30(B0);
289          * E1 = D0; D1 = C0; C1 = B0; B1 = A0; A1 = E0;
290          * 
291          * E1 = E1 + s5(A1) + f(B1,C1,D1) + w[1] + K;
292          * B1 = s30(B1);
293          * E2 = D1; D2 = C1; C2 = B1; B2 = A1; A2 = E1;
294          * 
295          * E = Ex; D = Ex; C = Cx; B = Bx; A = Ax;
296          * 
297          * === Further optimization: get rid of the swap operations
298          * Idea: instead of swapping the variables, swap the names of
299          * the used variables in the next step:
300          * 
301          * E0 = E; D0 = d; C0 = C; B0 = B; A0 = A;
302          * 
303          * E0 = E0 + s5(A0) + f(B0,C0,D0) + w[0] + K;
304          * B0 = s30(B0);
305          * // E1 = D0; D1 = C0; C1 = B0; B1 = A0; A1 = E0;
306          * 
307          * D0 = D0 + s5(E0) + f(A0,B0,C0) + w[1] + K;
308          * A0 = s30(A0);
309          * E2 = C0; D2 = B0; C2 = A0; B2 = E0; A2 = D0;
310          * 
311          * E = E2; D = D2; C = C2; B = B2; A = A2;
312          * 
313          * === OK, let's do this several times, also, directly
314          * use A (instead of A0) and B,C,D,E.
315          * 
316          * E = E + s5(A) + f(B,C,D) + w[0] + K;
317          * B = s30(B);
318          * // E1 = D; D1 = C; C1 = B; B1 = A; A1 = E;
319          * 
320          * D = D + s5(E) + f(A,B,C) + w[1] + K;
321          * A = s30(A);
322          * // E2 = C; D2 = B; C2 = A; B2 = E; A2 = D;
323          * 
324          * C = C + s5(D) + f(E,A,B) + w[2] + K;
325          * E = s30(E);
326          * // E3 = B; D3 = A; C3 = E; B3 = D; A3 = C;
327          * 
328          * B = B + s5(C) + f(D,E,A) + w[3] + K;
329          * D = s30(D);
330          * // E4 = A; D4 = E; C4 = D; B4 = C; A4 = B;
331          * 
332          * A = A + s5(B) + f(C,D,E) + w[4] + K;
333          * C = s30(C);
334          * // E5 = E; D5 = D; C5 = C; B5 = B; A5 = A;
335          * 
336          * //E = E5; D = D5; C = C5; B = B5; A = A5;
337          * 
338          * === Very nice, after 5 steps each variable
339          * has the same contents as after 5 steps with
340          * the original algorithm!
341          * 
342          * We therefore can easily unroll each interval,
343          * as the number of steps in each interval is a
344          * multiple of 5 (20 steps per interval).
345          */
346 
347         E += ((A << 5) | (A >>> 27)) + ((B & C) | ((~B) & D)) + w[0] + 0x5A827999;
348         B = ((B << 30) | (B >>> 2));
349 
350         D += ((E << 5) | (E >>> 27)) + ((A & B) | ((~A) & C)) + w[1] + 0x5A827999;
351         A = ((A << 30) | (A >>> 2));
352 
353         C += ((D << 5) | (D >>> 27)) + ((E & A) | ((~E) & B)) + w[2] + 0x5A827999;
354         E = ((E << 30) | (E >>> 2));
355 
356         B += ((C << 5) | (C >>> 27)) + ((D & E) | ((~D) & A)) + w[3] + 0x5A827999;
357         D = ((D << 30) | (D >>> 2));
358 
359         A += ((B << 5) | (B >>> 27)) + ((C & D) | ((~C) & E)) + w[4] + 0x5A827999;
360         C = ((C << 30) | (C >>> 2));
361 
362         E += ((A << 5) | (A >>> 27)) + ((B & C) | ((~B) & D)) + w[5] + 0x5A827999;
363         B = ((B << 30) | (B >>> 2));
364 
365         D += ((E << 5) | (E >>> 27)) + ((A & B) | ((~A) & C)) + w[6] + 0x5A827999;
366         A = ((A << 30) | (A >>> 2));
367 
368         C += ((D << 5) | (D >>> 27)) + ((E & A) | ((~E) & B)) + w[7] + 0x5A827999;
369         E = ((E << 30) | (E >>> 2));
370 
371         B += ((C << 5) | (C >>> 27)) + ((D & E) | ((~D) & A)) + w[8] + 0x5A827999;
372         D = ((D << 30) | (D >>> 2));
373 
374         A += ((B << 5) | (B >>> 27)) + ((C & D) | ((~C) & E)) + w[9] + 0x5A827999;
375         C = ((C << 30) | (C >>> 2));
376 
377         E += ((A << 5) | (A >>> 27)) + ((B & C) | ((~B) & D)) + w[10] + 0x5A827999;
378         B = ((B << 30) | (B >>> 2));
379 
380         D += ((E << 5) | (E >>> 27)) + ((A & B) | ((~A) & C)) + w[11] + 0x5A827999;
381         A = ((A << 30) | (A >>> 2));
382 
383         C += ((D << 5) | (D >>> 27)) + ((E & A) | ((~E) & B)) + w[12] + 0x5A827999;
384         E = ((E << 30) | (E >>> 2));
385 
386         B += ((C << 5) | (C >>> 27)) + ((D & E) | ((~D) & A)) + w[13] + 0x5A827999;
387         D = ((D << 30) | (D >>> 2));
388 
389         A += ((B << 5) | (B >>> 27)) + ((C & D) | ((~C) & E)) + w[14] + 0x5A827999;
390         C = ((C << 30) | (C >>> 2));
391 
392         E += ((A << 5) | (A >>> 27)) + ((B & C) | ((~B) & D)) + w[15] + 0x5A827999;
393         B = ((B << 30) | (B >>> 2));
394 
395         D += ((E << 5) | (E >>> 27)) + ((A & B) | ((~A) & C)) + w[16] + 0x5A827999;
396         A = ((A << 30) | (A >>> 2));
397 
398         C += ((D << 5) | (D >>> 27)) + ((E & A) | ((~E) & B)) + w[17] + 0x5A827999;
399         E = ((E << 30) | (E >>> 2));
400 
401         B += ((C << 5) | (C >>> 27)) + ((D & E) | ((~D) & A)) + w[18] + 0x5A827999;
402         D = ((D << 30) | (D >>> 2));
403 
404         A += ((B << 5) | (B >>> 27)) + ((C & D) | ((~C) & E)) + w[19] + 0x5A827999;
405         C = ((C << 30) | (C >>> 2));
406 
407         E += ((A << 5) | (A >>> 27)) + (B ^ C ^ D) + w[20] + 0x6ED9EBA1;
408         B = ((B << 30) | (B >>> 2));
409 
410         D += ((E << 5) | (E >>> 27)) + (A ^ B ^ C) + w[21] + 0x6ED9EBA1;
411         A = ((A << 30) | (A >>> 2));
412 
413         C += ((D << 5) | (D >>> 27)) + (E ^ A ^ B) + w[22] + 0x6ED9EBA1;
414         E = ((E << 30) | (E >>> 2));
415 
416         B += ((C << 5) | (C >>> 27)) + (D ^ E ^ A) + w[23] + 0x6ED9EBA1;
417         D = ((D << 30) | (D >>> 2));
418 
419         A += ((B << 5) | (B >>> 27)) + (C ^ D ^ E) + w[24] + 0x6ED9EBA1;
420         C = ((C << 30) | (C >>> 2));
421 
422         E += ((A << 5) | (A >>> 27)) + (B ^ C ^ D) + w[25] + 0x6ED9EBA1;
423         B = ((B << 30) | (B >>> 2));
424 
425         D += ((E << 5) | (E >>> 27)) + (A ^ B ^ C) + w[26] + 0x6ED9EBA1;
426         A = ((A << 30) | (A >>> 2));
427 
428         C += ((D << 5) | (D >>> 27)) + (E ^ A ^ B) + w[27] + 0x6ED9EBA1;
429         E = ((E << 30) | (E >>> 2));
430 
431         B += ((C << 5) | (C >>> 27)) + (D ^ E ^ A) + w[28] + 0x6ED9EBA1;
432         D = ((D << 30) | (D >>> 2));
433 
434         A += ((B << 5) | (B >>> 27)) + (C ^ D ^ E) + w[29] + 0x6ED9EBA1;
435         C = ((C << 30) | (C >>> 2));
436 
437         E += ((A << 5) | (A >>> 27)) + (B ^ C ^ D) + w[30] + 0x6ED9EBA1;
438         B = ((B << 30) | (B >>> 2));
439 
440         D += ((E << 5) | (E >>> 27)) + (A ^ B ^ C) + w[31] + 0x6ED9EBA1;
441         A = ((A << 30) | (A >>> 2));
442 
443         C += ((D << 5) | (D >>> 27)) + (E ^ A ^ B) + w[32] + 0x6ED9EBA1;
444         E = ((E << 30) | (E >>> 2));
445 
446         B += ((C << 5) | (C >>> 27)) + (D ^ E ^ A) + w[33] + 0x6ED9EBA1;
447         D = ((D << 30) | (D >>> 2));
448 
449         A += ((B << 5) | (B >>> 27)) + (C ^ D ^ E) + w[34] + 0x6ED9EBA1;
450         C = ((C << 30) | (C >>> 2));
451 
452         E += ((A << 5) | (A >>> 27)) + (B ^ C ^ D) + w[35] + 0x6ED9EBA1;
453         B = ((B << 30) | (B >>> 2));
454 
455         D += ((E << 5) | (E >>> 27)) + (A ^ B ^ C) + w[36] + 0x6ED9EBA1;
456         A = ((A << 30) | (A >>> 2));
457 
458         C += ((D << 5) | (D >>> 27)) + (E ^ A ^ B) + w[37] + 0x6ED9EBA1;
459         E = ((E << 30) | (E >>> 2));
460 
461         B += ((C << 5) | (C >>> 27)) + (D ^ E ^ A) + w[38] + 0x6ED9EBA1;
462         D = ((D << 30) | (D >>> 2));
463 
464         A += ((B << 5) | (B >>> 27)) + (C ^ D ^ E) + w[39] + 0x6ED9EBA1;
465         C = ((C << 30) | (C >>> 2));
466 
467         E += ((A << 5) | (A >>> 27)) + ((B & C) | (B & D) | (C & D)) + w[40] + 0x8F1BBCDC;
468         B = ((B << 30) | (B >>> 2));
469 
470         D += ((E << 5) | (E >>> 27)) + ((A & B) | (A & C) | (B & C)) + w[41] + 0x8F1BBCDC;
471         A = ((A << 30) | (A >>> 2));
472 
473         C += ((D << 5) | (D >>> 27)) + ((E & A) | (E & B) | (A & B)) + w[42] + 0x8F1BBCDC;
474         E = ((E << 30) | (E >>> 2));
475 
476         B += ((C << 5) | (C >>> 27)) + ((D & E) | (D & A) | (E & A)) + w[43] + 0x8F1BBCDC;
477         D = ((D << 30) | (D >>> 2));
478 
479         A += ((B << 5) | (B >>> 27)) + ((C & D) | (C & E) | (D & E)) + w[44] + 0x8F1BBCDC;
480         C = ((C << 30) | (C >>> 2));
481 
482         E += ((A << 5) | (A >>> 27)) + ((B & C) | (B & D) | (C & D)) + w[45] + 0x8F1BBCDC;
483         B = ((B << 30) | (B >>> 2));
484 
485         D += ((E << 5) | (E >>> 27)) + ((A & B) | (A & C) | (B & C)) + w[46] + 0x8F1BBCDC;
486         A = ((A << 30) | (A >>> 2));
487 
488         C += ((D << 5) | (D >>> 27)) + ((E & A) | (E & B) | (A & B)) + w[47] + 0x8F1BBCDC;
489         E = ((E << 30) | (E >>> 2));
490 
491         B += ((C << 5) | (C >>> 27)) + ((D & E) | (D & A) | (E & A)) + w[48] + 0x8F1BBCDC;
492         D = ((D << 30) | (D >>> 2));
493 
494         A += ((B << 5) | (B >>> 27)) + ((C & D) | (C & E) | (D & E)) + w[49] + 0x8F1BBCDC;
495         C = ((C << 30) | (C >>> 2));
496 
497         E += ((A << 5) | (A >>> 27)) + ((B & C) | (B & D) | (C & D)) + w[50] + 0x8F1BBCDC;
498         B = ((B << 30) | (B >>> 2));
499 
500         D += ((E << 5) | (E >>> 27)) + ((A & B) | (A & C) | (B & C)) + w[51] + 0x8F1BBCDC;
501         A = ((A << 30) | (A >>> 2));
502 
503         C += ((D << 5) | (D >>> 27)) + ((E & A) | (E & B) | (A & B)) + w[52] + 0x8F1BBCDC;
504         E = ((E << 30) | (E >>> 2));
505 
506         B += ((C << 5) | (C >>> 27)) + ((D & E) | (D & A) | (E & A)) + w[53] + 0x8F1BBCDC;
507         D = ((D << 30) | (D >>> 2));
508 
509         A += ((B << 5) | (B >>> 27)) + ((C & D) | (C & E) | (D & E)) + w[54] + 0x8F1BBCDC;
510         C = ((C << 30) | (C >>> 2));
511 
512         E = E + ((A << 5) | (A >>> 27)) + ((B & C) | (B & D) | (C & D)) + w[55] + 0x8F1BBCDC;
513         B = ((B << 30) | (B >>> 2));
514 
515         D += ((E << 5) | (E >>> 27)) + ((A & B) | (A & C) | (B & C)) + w[56] + 0x8F1BBCDC;
516         A = ((A << 30) | (A >>> 2));
517 
518         C += ((D << 5) | (D >>> 27)) + ((E & A) | (E & B) | (A & B)) + w[57] + 0x8F1BBCDC;
519         E = ((E << 30) | (E >>> 2));
520 
521         B += ((C << 5) | (C >>> 27)) + ((D & E) | (D & A) | (E & A)) + w[58] + 0x8F1BBCDC;
522         D = ((D << 30) | (D >>> 2));
523 
524         A += ((B << 5) | (B >>> 27)) + ((C & D) | (C & E) | (D & E)) + w[59] + 0x8F1BBCDC;
525         C = ((C << 30) | (C >>> 2));
526 
527         E += ((A << 5) | (A >>> 27)) + (B ^ C ^ D) + w[60] + 0xCA62C1D6;
528         B = ((B << 30) | (B >>> 2));
529 
530         D += ((E << 5) | (E >>> 27)) + (A ^ B ^ C) + w[61] + 0xCA62C1D6;
531         A = ((A << 30) | (A >>> 2));
532 
533         C += ((D << 5) | (D >>> 27)) + (E ^ A ^ B) + w[62] + 0xCA62C1D6;
534         E = ((E << 30) | (E >>> 2));
535 
536         B += ((C << 5) | (C >>> 27)) + (D ^ E ^ A) + w[63] + 0xCA62C1D6;
537         D = ((D << 30) | (D >>> 2));
538 
539         A += ((B << 5) | (B >>> 27)) + (C ^ D ^ E) + w[64] + 0xCA62C1D6;
540         C = ((C << 30) | (C >>> 2));
541 
542         E += ((A << 5) | (A >>> 27)) + (B ^ C ^ D) + w[65] + 0xCA62C1D6;
543         B = ((B << 30) | (B >>> 2));
544 
545         D += ((E << 5) | (E >>> 27)) + (A ^ B ^ C) + w[66] + 0xCA62C1D6;
546         A = ((A << 30) | (A >>> 2));
547 
548         C += ((D << 5) | (D >>> 27)) + (E ^ A ^ B) + w[67] + 0xCA62C1D6;
549         E = ((E << 30) | (E >>> 2));
550 
551         B += ((C << 5) | (C >>> 27)) + (D ^ E ^ A) + w[68] + 0xCA62C1D6;
552         D = ((D << 30) | (D >>> 2));
553 
554         A += ((B << 5) | (B >>> 27)) + (C ^ D ^ E) + w[69] + 0xCA62C1D6;
555         C = ((C << 30) | (C >>> 2));
556 
557         E += ((A << 5) | (A >>> 27)) + (B ^ C ^ D) + w[70] + 0xCA62C1D6;
558         B = ((B << 30) | (B >>> 2));
559 
560         D += ((E << 5) | (E >>> 27)) + (A ^ B ^ C) + w[71] + 0xCA62C1D6;
561         A = ((A << 30) | (A >>> 2));
562 
563         C += ((D << 5) | (D >>> 27)) + (E ^ A ^ B) + w[72] + 0xCA62C1D6;
564         E = ((E << 30) | (E >>> 2));
565 
566         B += ((C << 5) | (C >>> 27)) + (D ^ E ^ A) + w[73] + 0xCA62C1D6;
567         D = ((D << 30) | (D >>> 2));
568 
569         A += ((B << 5) | (B >>> 27)) + (C ^ D ^ E) + w[74] + 0xCA62C1D6;
570         C = ((C << 30) | (C >>> 2));
571 
572         E += ((A << 5) | (A >>> 27)) + (B ^ C ^ D) + w[75] + 0xCA62C1D6;
573         B = ((B << 30) | (B >>> 2));
574 
575         D += ((E << 5) | (E >>> 27)) + (A ^ B ^ C) + w[76] + 0xCA62C1D6;
576         A = ((A << 30) | (A >>> 2));
577 
578         C += ((D << 5) | (D >>> 27)) + (E ^ A ^ B) + w[77] + 0xCA62C1D6;
579         E = ((E << 30) | (E >>> 2));
580 
581         B += ((C << 5) | (C >>> 27)) + (D ^ E ^ A) + w[78] + 0xCA62C1D6;
582         D = ((D << 30) | (D >>> 2));
583 
584         A += ((B << 5) | (B >>> 27)) + (C ^ D ^ E) + w[79] + 0xCA62C1D6;
585         C = ((C << 30) | (C >>> 2));
586 
587         H0 += A;
588         H1 += B;
589         H2 += C;
590         H3 += D;
591         H4 += E;
592 
593         // debug(80, H0, H1, H2, H3, H4);
594     }
595 
596     private static final String   toHexString(byte[] b)
597     {
598         final String   hexChar = "0123456789ABCDEF";
599 
600         StringBuffer   sb = new StringBuffer  ();
601         for (int i = 0; i < b.length; i++)
602         {
603             sb.append(hexChar.charAt((b[i] >> 4) & 0x0f));
604             sb.append(hexChar.charAt(b[i] & 0x0f));
605         }
606         return sb.toString();
607     }
608 
609     public static void main(String  [] args)
610     {
611         SHA1 sha = new SHA1();
612 
613         byte[] dig1 = new byte[20];
614         byte[] dig2 = new byte[20];
615         byte[] dig3 = new byte[20];
616 
617         /*
618          * We do not specify a charset name for getBytes(), since we assume that
619          * the JVM's default encoder maps the _used_ ASCII characters exactly as
620          * getBytes("US-ASCII") would do. (Ah, yes, too lazy to catch the
621          * exception that can be thrown by getBytes("US-ASCII")). Note: This has
622          * no effect on the SHA-1 implementation, this is just for the following
623          * test code.
624          */
625 
626         sha.update("abc".getBytes());
627         sha.digest(dig1);
628 
629         sha.update("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq".getBytes());
630         sha.digest(dig2);
631 
632         for (int i = 0; i < 1000000; i++)
633             sha.update((byte) 'a');
634         sha.digest(dig3);
635 
636         String   dig1_res = toHexString(dig1);
637         String   dig2_res = toHexString(dig2);
638         String   dig3_res = toHexString(dig3);
639 
640         String   dig1_ref = "A9993E364706816ABA3E25717850C26C9CD0D89D";
641         String   dig2_ref = "84983E441C3BD26EBAAE4AA1F95129E5E54670F1";
642         String   dig3_ref = "34AA973CD4C4DAA4F61EEB2BDBAD27316534016F";
643 
644         if (dig1_res.equals(dig1_ref))
645             System.out.println("SHA-1 Test 1 OK.");
646         else
647             System.out.println("SHA-1 Test 1 FAILED.");
648 
649         if (dig2_res.equals(dig2_ref))
650             System.out.println("SHA-1 Test 2 OK.");
651         else
652             System.out.println("SHA-1 Test 2 FAILED.");
653 
654         if (dig3_res.equals(dig3_ref))
655             System.out.println("SHA-1 Test 3 OK.");
656         else
657             System.out.println("SHA-1 Test 3 FAILED.");
658 
659         if (dig3_res.equals(dig3_ref))
660             System.out.println("SHA-1 Test 3 OK.");
661         else
662             System.out.println("SHA-1 Test 3 FAILED.");
663     }
664 }
665
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags