1 /*
2 * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.provider;
27
28 import java.security.MessageDigestSpi;
29 import java.security.DigestException;
30 import java.security.ProviderException;
31 import java.util.Objects;
32
33 import jdk.internal.HotSpotIntrinsicCandidate;
34
35 /**
36 * Common base message digest implementation for the Sun provider.
37 * It implements all the JCA methods as suitable for a Java message digest
38 * implementation of an algorithm based on a compression function (as all
39 * commonly used algorithms are). The individual digest subclasses only need to
40 * implement the following methods:
41 *
42 * . abstract void implCompress(byte[] b, int ofs);
43 * . abstract void implDigest(byte[] out, int ofs);
44 * . abstract void implReset();
45 *
46 * See the inline documentation for details.
47 *
48 * @since 1.5
49 * @author Andreas Sterbenz
50 */
51 abstract class DigestBase extends MessageDigestSpi implements Cloneable {
52
53 // one element byte array, temporary storage for update(byte)
54 private byte[] oneByte;
55
56 // algorithm name to use in the exception message
57 private final String algorithm;
58 // length of the message digest in bytes
59 private final int digestLength;
60
61 // size of the input to the compression function in bytes
62 private final int blockSize;
63 // buffer to store partial blocks, blockSize bytes large
64 // Subclasses should not access this array directly except possibly in their
65 // implDigest() method. See MD5.java as an example.
66 byte[] buffer;
67 // offset into buffer
68 private int bufOfs;
69
70 // number of bytes processed so far. subclasses should not modify
71 // this value.
72 // also used as a flag to indicate reset status
73 // -1: need to call engineReset() before next call to update()
74 // 0: is already reset
75 long bytesProcessed;
76
77 /**
78 * Main constructor.
79 */
80 DigestBase(String algorithm, int digestLength, int blockSize) {
81 super();
82 this.algorithm = algorithm;
83 this.digestLength = digestLength;
84 this.blockSize = blockSize;
85 buffer = new byte[blockSize];
86 }
87
88 // return digest length. See JCA doc.
89 protected final int engineGetDigestLength() {
90 return digestLength;
91 }
92
93 // single byte update. See JCA doc.
94 protected final void engineUpdate(byte b) {
95 if (oneByte == null) {
96 oneByte = new byte[1];
97 }
98 oneByte[0] = b;
99 engineUpdate(oneByte, 0, 1);
100 }
101
102 // array update. See JCA doc.
103 protected final void engineUpdate(byte[] b, int ofs, int len) {
104 if (len == 0) {
105 return;
106 }
107 if ((ofs < 0) || (len < 0) || (ofs > b.length - len)) {
108 throw new ArrayIndexOutOfBoundsException();
109 }
110 if (bytesProcessed < 0) {
111 engineReset();
112 }
113 bytesProcessed += len;
114 // if buffer is not empty, we need to fill it before proceeding
115 if (bufOfs != 0) {
116 int n = Math.min(len, blockSize - bufOfs);
117 System.arraycopy(b, ofs, buffer, bufOfs, n);
118 bufOfs += n;
119 ofs += n;
120 len -= n;
121 if (bufOfs >= blockSize) {
122 // compress completed block now
123 implCompress(buffer, 0);
124 bufOfs = 0;
125 }
126 }
127 // compress complete blocks
128 if (len >= blockSize) {
129 int limit = ofs + len;
130 ofs = implCompressMultiBlock(b, ofs, limit - blockSize);
131 len = limit - ofs;
132 }
133 // copy remainder to buffer
134 if (len > 0) {
135 System.arraycopy(b, ofs, buffer, 0, len);
136 bufOfs = len;
137 }
138 }
139
140 // compress complete blocks
141 private int implCompressMultiBlock(byte[] b, int ofs, int limit) {
142 implCompressMultiBlockCheck(b, ofs, limit);
143 return implCompressMultiBlock0(b, ofs, limit);
144 }
145
146 @HotSpotIntrinsicCandidate
147 private int implCompressMultiBlock0(byte[] b, int ofs, int limit) {
148 for (; ofs <= limit; ofs += blockSize) {
149 implCompress(b, ofs);
150 }
151 return ofs;
152 }
153
154 private void implCompressMultiBlockCheck(byte[] b, int ofs, int limit) {
155 if (limit < 0) {
156 return; // not an error because implCompressMultiBlockImpl won't execute if limit < 0
157 // and an exception is thrown if ofs < 0.
158 }
159
160 Objects.requireNonNull(b);
161
162 if (ofs < 0 || ofs >= b.length) {
163 throw new ArrayIndexOutOfBoundsException(ofs);
164 }
165
166 int endIndex = (limit / blockSize) * blockSize + blockSize - 1;
167 if (endIndex >= b.length) {
168 throw new ArrayIndexOutOfBoundsException(endIndex);
169 }
170 }
171
172 // reset this object. See JCA doc.
173 protected final void engineReset() {
174 if (bytesProcessed == 0) {
175 // already reset, ignore
176 return;
177 }
178 implReset();
179 bufOfs = 0;
180 bytesProcessed = 0;
181 }
182
183 // return the digest. See JCA doc.
184 protected final byte[] engineDigest() {
185 byte[] b = new byte[digestLength];
186 try {
187 engineDigest(b, 0, b.length);
188 } catch (DigestException e) {
189 throw (ProviderException)
190 new ProviderException("Internal error").initCause(e);
191 }
192 return b;
193 }
194
195 // return the digest in the specified array. See JCA doc.
196 protected final int engineDigest(byte[] out, int ofs, int len)
197 throws DigestException {
198 if (len < digestLength) {
199 throw new DigestException("Length must be at least "
200 + digestLength + " for " + algorithm + "digests");
201 }
202 if ((ofs < 0) || (len < 0) || (ofs > out.length - len)) {
203 throw new DigestException("Buffer too short to store digest");
204 }
205 if (bytesProcessed < 0) {
206 engineReset();
207 }
208 implDigest(out, ofs);
209 bytesProcessed = -1;
210 return digestLength;
211 }
212
213 /**
214 * Core compression function. Processes blockSize bytes at a time
215 * and updates the state of this object.
216 */
217 abstract void implCompress(byte[] b, int ofs);
218
219 /**
220 * Return the digest. Subclasses do not need to reset() themselves,
221 * DigestBase calls implReset() when necessary.
222 */
223 abstract void implDigest(byte[] out, int ofs);
224
225 /**
226 * Reset subclass specific state to their initial values. DigestBase
227 * calls this method when necessary.
228 */
229 abstract void implReset();
230
231 public Object clone() throws CloneNotSupportedException {
232 DigestBase copy = (DigestBase) super.clone();
233 copy.buffer = copy.buffer.clone();
234 return copy;
235 }
236
237 // padding used for the MD5, and SHA-* message digests
238 static final byte[] padding;
239
240 static {
241 // we need 128 byte padding for SHA-384/512
242 // and an additional 8 bytes for the high 8 bytes of the 16
243 // byte bit counter in SHA-384/512
244 padding = new byte[136];
245 padding[0] = (byte)0x80;
246 }
247 }