1 /* 2 * Copyright (c) 2006-2011 Christian Plattner. All rights reserved. 3 * Please refer to the LICENSE.txt for licensing details. 4 */ 5 package ch.ethz.ssh2.crypto.digest; 6 7 /** 8 * MD5. Based on the example code in RFC 1321. Optimized (...a little). 9 * 10 * @author Christian Plattner 11 * @version 2.50, 03/15/10 12 */ 13 14 /* 15 * The following disclaimer has been copied from RFC 1321: 16 * 17 * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All rights 18 * reserved. 19 * 20 * License to copy and use this software is granted provided that it is 21 * identified as the "RSA Data Security, Inc. MD5 Message-Digest Algorithm" in 22 * all material mentioning or referencing this software or this function. 23 * 24 * License is also granted to make and use derivative works provided that such 25 * works are identified as "derived from the RSA Data Security, Inc. MD5 26 * Message-Digest Algorithm" in all material mentioning or referencing the 27 * derived work. 28 * 29 * RSA Data Security, Inc. makes no representations concerning either the 30 * merchantability of this software or the suitability of this software for any 31 * particular purpose. It is provided "as is" without express or implied 32 * warranty of any kind. 33 * 34 * These notices must be retained in any copies of any part of this 35 * documentation and/or software. 36 * 37 */ 38 39 public final class MD5 implements Digest 40 { 41 private int state0, state1, state2, state3; 42 private long count; 43 private final byte[] block = new byte[64]; 44 private final int x[] = new int[16]; 45 46 private static final byte[] padding = new byte[] { (byte) 128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 47 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 48 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; 49 50 public MD5() 51 { 52 reset(); 53 } 54 55 private static int FF(int a, int b, int c, int d, int x, int s, int ac) 56 { 57 a += ((b & c) | ((~b) & d)) + x + ac; 58 return ((a << s) | (a >>> (32 - s))) + b; 59 } 60 61 private static int GG(int a, int b, int c, int d, int x, int s, int ac) 62 { 63 a += ((b & d) | (c & (~d))) + x + ac; 64 return ((a << s) | (a >>> (32 - s))) + b; 65 } 66 67 private static int HH(int a, int b, int c, int d, int x, int s, int ac) 68 { 69 a += (b ^ c ^ d) + x + ac; 70 return ((a << s) | (a >>> (32 - s))) + b; 71 } 72 73 private static int II(int a, int b, int c, int d, int x, int s, int ac) 74 { 75 a += (c ^ (b | (~d))) + x + ac; 76 return ((a << s) | (a >>> (32 - s))) + b; 77 } 78 79 private static void encode(byte[] dst, int dstoff, int word) 80 { 81 dst[dstoff] = (byte) (word); 82 dst[dstoff + 1] = (byte) (word >> 8); 83 dst[dstoff + 2] = (byte) (word >> 16); 84 dst[dstoff + 3] = (byte) (word >> 24); 85 } 86 87 private void transform(byte[] src, int pos) 88 { 89 int a = state0; 90 int b = state1; 91 int c = state2; 92 int d = state3; 93 94 for (int i = 0; i < 16; i++, pos += 4) 95 { 96 x[i] = (src[pos] & 0xff) | ((src[pos + 1] & 0xff) << 8) | ((src[pos + 2] & 0xff) << 16) 97 | ((src[pos + 3] & 0xff) << 24); 98 } 99 100 /* Round 1 */ 101 102 a = FF(a, b, c, d, x[0], 7, 0xd76aa478); /* 1 */ 103 d = FF(d, a, b, c, x[1], 12, 0xe8c7b756); /* 2 */ 104 c = FF(c, d, a, b, x[2], 17, 0x242070db); /* 3 */ 105 b = FF(b, c, d, a, x[3], 22, 0xc1bdceee); /* 4 */ 106 a = FF(a, b, c, d, x[4], 7, 0xf57c0faf); /* 5 */ 107 d = FF(d, a, b, c, x[5], 12, 0x4787c62a); /* 6 */ 108 c = FF(c, d, a, b, x[6], 17, 0xa8304613); /* 7 */ 109 b = FF(b, c, d, a, x[7], 22, 0xfd469501); /* 8 */ 110 a = FF(a, b, c, d, x[8], 7, 0x698098d8); /* 9 */ 111 d = FF(d, a, b, c, x[9], 12, 0x8b44f7af); /* 10 */ 112 c = FF(c, d, a, b, x[10], 17, 0xffff5bb1); /* 11 */ 113 b = FF(b, c, d, a, x[11], 22, 0x895cd7be); /* 12 */ 114 a = FF(a, b, c, d, x[12], 7, 0x6b901122); /* 13 */ 115 d = FF(d, a, b, c, x[13], 12, 0xfd987193); /* 14 */ 116 c = FF(c, d, a, b, x[14], 17, 0xa679438e); /* 15 */ 117 b = FF(b, c, d, a, x[15], 22, 0x49b40821); /* 16 */ 118 119 /* Round 2 */ 120 a = GG(a, b, c, d, x[1], 5, 0xf61e2562); /* 17 */ 121 d = GG(d, a, b, c, x[6], 9, 0xc040b340); /* 18 */ 122 c = GG(c, d, a, b, x[11], 14, 0x265e5a51); /* 19 */ 123 b = GG(b, c, d, a, x[0], 20, 0xe9b6c7aa); /* 20 */ 124 a = GG(a, b, c, d, x[5], 5, 0xd62f105d); /* 21 */ 125 d = GG(d, a, b, c, x[10], 9, 0x2441453); /* 22 */ 126 c = GG(c, d, a, b, x[15], 14, 0xd8a1e681); /* 23 */ 127 b = GG(b, c, d, a, x[4], 20, 0xe7d3fbc8); /* 24 */ 128 a = GG(a, b, c, d, x[9], 5, 0x21e1cde6); /* 25 */ 129 d = GG(d, a, b, c, x[14], 9, 0xc33707d6); /* 26 */ 130 c = GG(c, d, a, b, x[3], 14, 0xf4d50d87); /* 27 */ 131 b = GG(b, c, d, a, x[8], 20, 0x455a14ed); /* 28 */ 132 a = GG(a, b, c, d, x[13], 5, 0xa9e3e905); /* 29 */ 133 d = GG(d, a, b, c, x[2], 9, 0xfcefa3f8); /* 30 */ 134 c = GG(c, d, a, b, x[7], 14, 0x676f02d9); /* 31 */ 135 b = GG(b, c, d, a, x[12], 20, 0x8d2a4c8a); /* 32 */ 136 137 /* Round 3 */ 138 a = HH(a, b, c, d, x[5], 4, 0xfffa3942); /* 33 */ 139 d = HH(d, a, b, c, x[8], 11, 0x8771f681); /* 34 */ 140 c = HH(c, d, a, b, x[11], 16, 0x6d9d6122); /* 35 */ 141 b = HH(b, c, d, a, x[14], 23, 0xfde5380c); /* 36 */ 142 a = HH(a, b, c, d, x[1], 4, 0xa4beea44); /* 37 */ 143 d = HH(d, a, b, c, x[4], 11, 0x4bdecfa9); /* 38 */ 144 c = HH(c, d, a, b, x[7], 16, 0xf6bb4b60); /* 39 */ 145 b = HH(b, c, d, a, x[10], 23, 0xbebfbc70); /* 40 */ 146 a = HH(a, b, c, d, x[13], 4, 0x289b7ec6); /* 41 */ 147 d = HH(d, a, b, c, x[0], 11, 0xeaa127fa); /* 42 */ 148 c = HH(c, d, a, b, x[3], 16, 0xd4ef3085); /* 43 */ 149 b = HH(b, c, d, a, x[6], 23, 0x4881d05); /* 44 */ 150 a = HH(a, b, c, d, x[9], 4, 0xd9d4d039); /* 45 */ 151 d = HH(d, a, b, c, x[12], 11, 0xe6db99e5); /* 46 */ 152 c = HH(c, d, a, b, x[15], 16, 0x1fa27cf8); /* 47 */ 153 b = HH(b, c, d, a, x[2], 23, 0xc4ac5665); /* 48 */ 154 155 /* Round 4 */ 156 a = II(a, b, c, d, x[0], 6, 0xf4292244); /* 49 */ 157 d = II(d, a, b, c, x[7], 10, 0x432aff97); /* 50 */ 158 c = II(c, d, a, b, x[14], 15, 0xab9423a7); /* 51 */ 159 b = II(b, c, d, a, x[5], 21, 0xfc93a039); /* 52 */ 160 a = II(a, b, c, d, x[12], 6, 0x655b59c3); /* 53 */ 161 d = II(d, a, b, c, x[3], 10, 0x8f0ccc92); /* 54 */ 162 c = II(c, d, a, b, x[10], 15, 0xffeff47d); /* 55 */ 163 b = II(b, c, d, a, x[1], 21, 0x85845dd1); /* 56 */ 164 a = II(a, b, c, d, x[8], 6, 0x6fa87e4f); /* 57 */ 165 d = II(d, a, b, c, x[15], 10, 0xfe2ce6e0); /* 58 */ 166 c = II(c, d, a, b, x[6], 15, 0xa3014314); /* 59 */ 167 b = II(b, c, d, a, x[13], 21, 0x4e0811a1); /* 60 */ 168 a = II(a, b, c, d, x[4], 6, 0xf7537e82); /* 61 */ 169 d = II(d, a, b, c, x[11], 10, 0xbd3af235); /* 62 */ 170 c = II(c, d, a, b, x[2], 15, 0x2ad7d2bb); /* 63 */ 171 b = II(b, c, d, a, x[9], 21, 0xeb86d391); /* 64 */ 172 173 state0 += a; 174 state1 += b; 175 state2 += c; 176 state3 += d; 177 } 178 179 public final void reset() 180 { 181 count = 0; 182 183 state0 = 0x67452301; 184 state1 = 0xefcdab89; 185 state2 = 0x98badcfe; 186 state3 = 0x10325476; 187 188 /* Clear traces in memory... */ 189 190 for (int i = 0; i < 16; i++) 191 x[i] = 0; 192 } 193 194 public final void update(byte b) 195 { 196 final int space = 64 - ((int) (count & 0x3f)); 197 198 count++; 199 200 block[64 - space] = b; 201 202 if (space == 1) 203 transform(block, 0); 204 } 205 206 public final void update(byte[] buff, int pos, int len) 207 { 208 int space = 64 - ((int) (count & 0x3f)); 209 210 count += len; 211 212 while (len > 0) 213 { 214 if (len < space) 215 { 216 System.arraycopy(buff, pos, block, 64 - space, len); 217 break; 218 } 219 220 if (space == 64) 221 { 222 transform(buff, pos); 223 } 224 else 225 { 226 System.arraycopy(buff, pos, block, 64 - space, space); 227 transform(block, 0); 228 } 229 230 pos += space; 231 len -= space; 232 space = 64; 233 } 234 } 235 236 public final void update(byte[] b) 237 { 238 update(b, 0, b.length); 239 } 240 241 public final void digest(byte[] dst, int pos) 242 { 243 byte[] bits = new byte[8]; 244 245 encode(bits, 0, (int) (count << 3)); 246 encode(bits, 4, (int) (count >> 29)); 247 248 int idx = (int) count & 0x3f; 249 int padLen = (idx < 56) ? (56 - idx) : (120 - idx); 250 251 update(padding, 0, padLen); 252 update(bits, 0, 8); 253 254 encode(dst, pos, state0); 255 encode(dst, pos + 4, state1); 256 encode(dst, pos + 8, state2); 257 encode(dst, pos + 12, state3); 258 259 reset(); 260 } 261 262 public final void digest(byte[] dst) 263 { 264 digest(dst, 0); 265 } 266 267 public final int getDigestLength() 268 { 269 return 16; 270 } 271 } 272