Class SHA1


  • public class SHA1
    extends java.lang.Object
    Pure Java implementation of SHA-1 from FIPS 180-1 / RFC 3174.

    See RFC 3174.

    Unlike MessageDigest, this implementation includes the algorithm used by sha1dc to detect cryptanalytic collision attacks against SHA-1, such as the one used by SHAttered. See sha1collisiondetection for more information.

    When detectCollision is true (default), this implementation throws Sha1CollisionException from any digest method if a potential collision was detected.

    Since:
    4.7
    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      private static class  SHA1.State  
    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      private SHA1()  
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private void compress()  
      private void compress​(byte[] block, int p)  
      byte[] digest()
      Finish the digest and return the resulting hash.
      void digest​(MutableObjectId id)
      Finish the digest and return the resulting hash.
      private static boolean eq​(SHA1.State q, SHA1.State r)  
      private void finish()  
      boolean hasCollision()
      Check if a collision was detected.
      private void initBlock​(byte[] block, int p)  
      static SHA1 newInstance()
      Create a new context to compute a SHA-1 hash of data.
      private void recompress​(int t)  
      SHA1 reset()
      Reset this instance to compute another hash.
      private static int s1​(int a, int b, int c, int d, int w_t)  
      private static int s2​(int a, int b, int c, int d, int w_t)  
      private static int s3​(int a, int b, int c, int d, int w_t)  
      private static int s4​(int a, int b, int c, int d, int w_t)  
      SHA1 setDetectCollision​(boolean detect)
      Enable likely collision detection.
      ObjectId toObjectId()
      Finish the digest and return the resulting hash.
      void update​(byte b)
      Update the digest computation by adding a byte.
      void update​(byte[] in)
      Update the digest computation by adding bytes to the message.
      void update​(byte[] in, int p, int len)
      Update the digest computation by adding bytes to the message.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • LOG

        private static final org.slf4j.Logger LOG
      • DETECT_COLLISIONS

        private static final boolean DETECT_COLLISIONS
      • w

        private final int[] w
      • buffer

        private final byte[] buffer
        Buffer to accumulate partial blocks to 64 byte alignment.
      • length

        private long length
        Total number of bytes in the message.
      • detectCollision

        private boolean detectCollision
      • foundCollision

        private boolean foundCollision
      • w2

        private final int[] w2
    • Constructor Detail

      • SHA1

        private SHA1()
    • Method Detail

      • newInstance

        public static SHA1 newInstance()
        Create a new context to compute a SHA-1 hash of data.
        Returns:
        a new context to compute a SHA-1 hash of data.
      • setDetectCollision

        public SHA1 setDetectCollision​(boolean detect)
        Enable likely collision detection.

        Default is true.

        May also be set by system property: -Dorg.eclipse.jgit.util.sha1.detectCollision=true.

        Parameters:
        detect - a boolean.
        Returns:
        this
      • update

        public void update​(byte b)
        Update the digest computation by adding a byte.
        Parameters:
        b - a byte.
      • update

        public void update​(byte[] in)
        Update the digest computation by adding bytes to the message.
        Parameters:
        in - input array of bytes.
      • update

        public void update​(byte[] in,
                           int p,
                           int len)
        Update the digest computation by adding bytes to the message.
        Parameters:
        in - input array of bytes.
        p - offset to start at from in.
        len - number of bytes to hash.
      • compress

        private void compress​(byte[] block,
                              int p)
      • initBlock

        private void initBlock​(byte[] block,
                               int p)
      • compress

        private void compress()
      • recompress

        private void recompress​(int t)
      • s1

        private static int s1​(int a,
                              int b,
                              int c,
                              int d,
                              int w_t)
      • s2

        private static int s2​(int a,
                              int b,
                              int c,
                              int d,
                              int w_t)
      • s3

        private static int s3​(int a,
                              int b,
                              int c,
                              int d,
                              int w_t)
      • s4

        private static int s4​(int a,
                              int b,
                              int c,
                              int d,
                              int w_t)
      • finish

        private void finish()
      • digest

        public byte[] digest()
                      throws Sha1CollisionException
        Finish the digest and return the resulting hash.

        Once digest() is called, this instance should be discarded.

        Returns:
        the bytes for the resulting hash.
        Throws:
        Sha1CollisionException - if a collision was detected and safeHash is false.
      • toObjectId

        public ObjectId toObjectId()
                            throws Sha1CollisionException
        Finish the digest and return the resulting hash.

        Once digest() is called, this instance should be discarded.

        Returns:
        the ObjectId for the resulting hash.
        Throws:
        Sha1CollisionException - if a collision was detected and safeHash is false.
      • digest

        public void digest​(MutableObjectId id)
                    throws Sha1CollisionException
        Finish the digest and return the resulting hash.

        Once digest() is called, this instance should be discarded.

        Parameters:
        id - destination to copy the digest to.
        Throws:
        Sha1CollisionException - if a collision was detected and safeHash is false.
      • hasCollision

        public boolean hasCollision()
        Check if a collision was detected.

        This method only returns an accurate result after the digest was obtained through digest(), digest(MutableObjectId) or toObjectId(), as the hashing function must finish processing to know the final state.

        Returns:
        true if a likely collision was detected.
      • reset

        public SHA1 reset()
        Reset this instance to compute another hash.
        Returns:
        this.