org.avis.security
Class SHA1

java.lang.Object
  org.avis.security.SHA1

All Implemented Interfaces:

Cloneable

public final class SHA1
extends Object
implements Cloneable

Implements the SHA-1 secure hash algorithm.

The FIPS PUB 180-2 standard specifies four secure hash algorithms (SHA-1, SHA-256, SHA-384 and SHA-512) for computing a condensed representation of electronic data (message). When a message of any length < 2^^64 bits (for SHA-1 and SHA-256) or < 2^^128 bits (for SHA-384 and SHA-512) is input to an algorithm, the result is an output called a message digest. The message digests range in length from 160 to 512 bits, depending on the algorithm. Secure hash algorithms are typically used with other cryptographic algorithms, such as digital signature algorithms and keyed-hash message authentication codes, or in the generation of random numbers (bits).

The four hash algorithms specified in this "SHS" standard are called secure because, for a given algorithm, it is computationally infeasible 1) to find a message that corresponds to a given message digest, or 2) to find two different messages that produce the same message digest. Any change to a message will, with a very high probability, result in a different message digest. This will result in a verification failure when the secure hash algorithm is used with a digital signature algorithm or a keyed-hash message authentication algorithm.

A "SHS change notice" adds a SHA-224 algorithm for interoperability, which, like SHA-1 and SHA-256, operates on 512-bit blocks and 32-bit words,

References:

1. NIST FIPS PUB 180-2, "Secure Hash Signature Standard (SHS) with change notice", National Institute of Standards and Technology (NIST), 2002 August 1, and U.S. Department of Commerce, August 26.
   http://csrc.ncsl.nist.gov/CryptoToolkit/Hash.html
2. NIST FIPS PUB 180-1, "Secure Hash Standard", U.S. Department of Commerce, May 1993.
   http://www.itl.nist.gov/div897/pubs/fip180-1.htm
3. Bruce Schneier, "Section 18.7 Secure Hash Algorithm (SHA)", Applied Cryptography, 2nd edition ,
   John Wiley & Sons, 1996

Constructor Summary

SHA1()
Creates a SHA1 object with default initial state.

SHA1(SHA1 state)
Creates a SHA1 object with state (for cloning).

Method Summary

Object	clone() Clones this object.
byte[]	engineDigest() Completes the hash computation by performing final operations such as padding.
int	engineDigest(byte[] hashvalue, int offset, int len) Completes the hash computation by performing final operations such as padding.
int	engineGetDigestLength() Returns the digest length in bytes.
void	engineUpdate(byte input) Updates the digest using the specified byte.
void	engineUpdate(byte[] input, int offset, int len) Updates the digest using the specified array of bytes, starting at the specified offset.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SHA1

public SHA1()

Creates a SHA1 object with default initial state.

SHA1

public SHA1(SHA1 state)

Creates a SHA1 object with state (for cloning).

Parameters:

state - the existing object to clone

Method Detail

clone

public Object clone()

Clones this object.

Overrides:

clone in class Object

engineGetDigestLength

public int engineGetDigestLength()

Returns the digest length in bytes. Can be used to allocate your own output buffer when computing multiple digests. Overrides the protected abstract method of java.security.MessageDigestSpi.

Returns:

the digest length in bytes.

engineUpdate

public void engineUpdate(byte input)

Updates the digest using the specified byte. Requires internal buffering, and may be slow. Overrides the protected abstract method of java.security.MessageDigestSpi.

Parameters:

input - the byte to use for the update.

engineUpdate

public void engineUpdate(byte[] input,
                         int offset,
                         int len)

Updates the digest using the specified array of bytes, starting at the specified offset. Input length can be any size. May require internal buffering, if input blocks are not multiple of 64 bytes. Overrides the protected abstract method of java.security.MessageDigestSpi.

Parameters:

input - the array of bytes to use for the update.

offset - the offset to start from in the array of bytes.

len - the number of bytes to use, starting at offset.

engineDigest

public byte[] engineDigest()

Completes the hash computation by performing final operations such as padding. Computes the final hash and returns the final value as a byte[20] array. Once engineDigest has been called, the engine will be automatically reset as specified in the JavaSecurity MessageDigest specification. For faster operations with multiple digests, allocate your own array and use engineDigest(byte[], int offset, int len). Overrides the protected abstract method of java.security.MessageDigestSpi.

Returns:

the length of the digest stored in the output buffer.

engineDigest

public int engineDigest(byte[] hashvalue,
                        int offset,
                        int len)

Completes the hash computation by performing final operations such as padding. Once engineDigest has been called, the engine will be automatically reset (see engineReset). Overrides the protected abstract method of java.security.MessageDigestSpi.

Parameters:

hashvalue - the output buffer in which to store the digest.

offset - offset to start from in the output buffer

len - number of bytes within buf allotted for the digest. Both this default implementation and the SUN provider do not return partial digests. The presence of this parameter is solely for consistency in our API's. If the value of this parameter is less than the actual digest length, the method will throw a DigestException. This parameter is ignored if its value is greater than or equal to the actual digest length.

Returns:

the length of the digest stored in the output buffer.