IDC资讯中心
/**
* <b>this java class consists the server side for the wondeful javascript library sha1.js. i wrote it because i basically needed
* some cheap client/server login authentication by the usual key/data system. besides, i got the creeps watching the password
* posted unencrypted via http requests. this class makes sure that if your client is using the sha1.js to encrypt the password
* with a key sent by the server, you can always repeat the encrypting on the server side (using the same key) and compare the
* encrypted strings. since anyone who is trapping the http requests can actually send you the same encrypted string, i suggest
* you use the clients ip address as the base for the key generation. since ip address spoofing is not a problem, this authentication
* method is not a very secured solution. if you need a full proof solution use ssl. however, this one, sure beats nothing.
* feel free to do with it whatever you want</b>
* <p><b>this class is an abstract class, to make sure you do not create any new instances of it. it does not throw any exceptions and
* the code is much more c like than pure object oriented. there are no implemented interfaces and no inheritance in use. in fact, it
* is written as close as possible to the original javascript code. i did not test tweaking the instance variables but if you do change
* them, make sure to apply the same change in the sha1.js library or you wont get the same encrypted strings.
* you can call each one of the 6 work methods by using something like: sha1.hex_hmac_sha1("key", "data");
* they are the only public methods. all are public and static. you have no reason to call the private ones anyway.</p></b>
* <p>the sha1.js is a javascript implementation of the secure hash algorithm, sha-1, as defined in fips pub 180-1.
* javascript version 2.1 copyright paul johnston 2000 – 2002. other contributors to javascript version: greg holt,
* andrew kepert, ydnar, lostinet distributed under the bsd license</p>
* <p>see <a href="http://pajhome.org.uk/crypt/md5">http://pajhome.org.uk/crypt/md5</a> for details.</p>
* <p><b>author: </b>t.n.silverman (c.t.xm – sia riga, lv) <a href="mailto:tnsilver@ctcm.com">mailto:tnsilver@ctxm.com</a>
* <br>creation date: (3/27/2004 5:57:00 pm)</p>
* <p>dont forget to visit my company, <b>ctxm</b> site at <a href="http://www.ctxm.com">http://www.ctxm.com</a> where you will find reference to all of the games this code is used in.
*/
public abstract class sha1 {
private static final boolean hexcase = false;/* hex output format. false – lowercase; true – uppercase */
private static final string b64pad = "="; /* base-64 pad character. "=" for strict rfc compliance */
private static final int chrsz = 8; /* bits per input character. 8 – ascii; 16 – unicode */
/**
* this is one of the functions youll usually want to call
* it take a string arguments and returns either hex or base-64 encoded strings
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param key java.lang.string
* @param data java.lang.string
*/
public static string b64_hmac_sha1(string key, string data) {
return binb2b64(core_hmac_sha1(key, data));
}
/**
* this is one of the functions youll usually want to call
* it take a string argument and returns either hex or base-64 encoded strings
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param s java.lang.string
*/
public static string b64_sha1(string s) {
s = (s==null) ? "" : s;
return binb2b64(core_sha1(str2binb(s), s.length() * chrsz));
}
/**
* convert an array of big-endian words to a base-64 string
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param binarray int[]
*/
private static string binb2b64(int[] binarray) {
string tab = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz0123456789+/";
string str = "";
binarray = strechbinarray(binarray, binarray.length * 4);
for (int i = 0; i < binarray.length * 4; i += 3) {
int triplet =
(((binarray[i >> 2] >> 8 * (3 – i % 4)) & 0xff) << 16)
| (((binarray[i + 1 >> 2] >> 8 * (3 – (i + 1) % 4)) & 0xff) << 8)
| ((binarray[i + 2 >> 2] >> 8 * (3 – (i + 2) % 4)) & 0xff);
for (int j = 0; j < 4; j++) {
if (i * 8 + j * 6 > binarray.length * 32)
str += b64pad;
else
str += tab.charat((triplet >> 6 * (3 – j)) & 0x3f);
}
}
return cleanb64str(str);
}
/**
* convert an array of big-endian words to a hex string.
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param binarray int[]
*/
private static string binb2hex(int[] binarray) {
string hex_tab = hexcase ? "0123456789abcdef" : "0123456789abcdef";
string str = "";
for (int i = 0; i < binarray.length * 4; i++) {
char a = (char) hex_tab.charat((binarray[i >> 2] >> ((3 – i % 4) * 8 + 4)) & 0xf);
char b = (char) hex_tab.charat((binarray[i >> 2] >> ((3 – i % 4) * 8)) & 0xf);
str += (new character(a).tostring() + new character(b).tostring());
}
return str;
}
/**
* convert an array of big-endian words to a string
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param bin int[]
*/
private static string binb2str(int[] bin) {
string str = "";
int mask = (1 << chrsz) – 1;
for (int i = 0; i < bin.length * 32; i += chrsz)
str += (char) ((bin[i >> 5] >>> (24 – i % 32)) & mask);
return str;
}
/**
* bitwise rotate a 32-bit number to the left.
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int
* @param num int
* @param cnt int
*/
private static int bit_rol(int num, int cnt) {
return (num << cnt) | (num >>> (32 – cnt));
}
/**
* cleans a base64 string from all the trailing a or other
* characters put there by binb2b64 that made the bin array
* 4 times larger than it originally was.
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param str java.lang.string
*/
private static string cleanb64str(string str) {
str = (str==null) ? "" : str;
int len = str.length();
if (len <= 1)
return str;
char trailchar = str.charat(len – 1);
string trailstr="";
for (int i=len-1;i>=0 && str.charat(i)==trailchar;i–)
trailstr += str.charat(i);
return str.substring(0,str.indexof(trailstr));
}
/**
* makes an int array of a length less than 16 an array of length 16 with all previous
* cells at their previous indexes.
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int[]
* @param str java.lang.string
*/
private static int[] complete216(int[] oldbin) {
if (oldbin.length >= 16)
return oldbin;
int[] newbin = new int[16 – oldbin.length];
for (int i = 0; i < newbin.length; newbin[i] = 0, i++);
return concat(oldbin, newbin);
}
/**
* joins two int arrays and return one that contains all the previous values.
* this corresponds to the concat method of the javascript array object.
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int[]
* @param str java.lang.string
*/
private static int[] concat(int[] oldbin, int[] newbin) {
int[] retval = new int[oldbin.length + newbin.length];
for (int i = 0; i < (oldbin.length + newbin.length); i++) {
if (i < oldbin.length)
retval[i] = oldbin[i];
else
retval[i] = newbin[i – oldbin.length];
}
return retval;
}
/**
* calculate the hmac-sha1 of a key and some data
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int
* @param x java.lang.string[]
* @param len int
*/
private static int[] core_hmac_sha1(string key, string data) {
key = (key == null) ? "" : key;
data = (data == null) ? "" : data;
int[] bkey = complete216(str2binb(key));
if (bkey.length > 16)
bkey = core_sha1(bkey, key.length() * chrsz);
int[] ipad = new int[16];
int[] opad = new int[16];
for (int i = 0; i < 16; ipad[i] = 0, opad[i] = 0, i++);
for (int i = 0; i < 16; i++) {
ipad[i] = bkey[i] ^ 0x36363636;
opad[i] = bkey[i] ^ 0x5c5c5c5c;
}
int[] hash =
core_sha1(concat(ipad, str2binb(data)), 512 + data.length() * chrsz);
return core_sha1(concat(opad, hash), 512 + 160);
}
/**
* calculate the sha-1 of an array of big-endian words, and a bit length
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int
* @param x java.lang.string[]
* @param len int
*/
private static int[] core_sha1(int[] x, int len) {
/* append padding */
int size = (len >> 5);
x = strechbinarray(x, size);
x[len >> 5] |= 0x80 << (24 – len % 32);
size = ((len + 64 >> 9) << 4) + 15;
x = strechbinarray(x, size);
x[((len + 64 >> 9) << 4) + 15] = len;
int[] w = new int[80];
int a = 1732584193;
int b = -271733879;
int c = -1732584194;
int d = 271733878;
int e = -1009589776;
for (int i = 0; i < x.length; i += 16) {
int olda = a;
int oldb = b;
int oldc = c;
int oldd = d;
int olde = e;
for (int j = 0; j < 80; j++) {
if (j < 16)
w[j] = x[i + j];
else
w[j] = rol(w[j – 3] ^ w[j – 8] ^ w[j – 14] ^ w[j – 16], 1);
int t =
safe_add(
safe_add(rol(a, 5), sha1_ft(j, b, c, d)),
safe_add(safe_add(e, w[j]), sha1_kt(j)));
e = d;
d = c;
c = rol(b, 30);
b = a;
a = t;
}
a = safe_add(a, olda);
b = safe_add(b, oldb);
c = safe_add(c, oldc);
d = safe_add(d, oldd);
e = safe_add(e, olde);
}
int[] retval = new int[5];
retval[0] = a;
retval[1] = b;
retval[2] = c;
retval[3] = d;
retval[4] = e;
return retval;
}
/**
* just a test function to output the results of the 6 working funcions to the standard out.
* the two strings used as parameters are null. feel free to test with different values.
* creation date:(3/27/20046:05:10pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
*/
private static void dotest() {
string key="key";
string data="data";
system.out.println("hex_sha1(" + data + ")=" + hex_sha1(data));
system.out.println("b64_sha1(" + data + ")=" + b64_sha1(data));
system.out.println("str_sha1(" + data + ")=" + str_sha1(data));
system.out.println("hex_hmac_sha1(" + key + "," + data + ")=" + hex_hmac_sha1(key, data));
system.out.println("b64_hmac_sha1(" + key + "," + data + ")=" + b64_hmac_sha1(key, data));
system.out.println("str_hmac_sha1(" + key + "," + data + ")=" + str_hmac_sha1(key, data));
}
/**
* this is one of the functions youll usually want to call
* it take a string arguments and returns either hex or base-64 encoded strings
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param key java.lang.string
* @param data java.lang.string
*/
public static string hex_hmac_sha1(string key, string data) {
return binb2hex(core_hmac_sha1(key, data));
}
/**
* this is one of the functions youll usually want to call
* it take a string argument and returns either hex or base-64 encoded strings
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param s java.lang.string
*/
public static string hex_sha1(string s) {
s = (s == null) ? "" : s;
return binb2hex(core_sha1(str2binb(s), s.length() * chrsz));
}
/**
* bitwise rotate a 32-bit number to the left. * creation date: (3/26/2004 1:05:01 pm)
* creation date: (3/27/2004 6:05:10 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int
* @param num int
* @param cnt int
*/
private static int rol(int num, int cnt) {
return (num << cnt) | (num >>> (32 – cnt));
}
/**
* add ints, wrapping at 2^32. this uses 16-bit operations internally
* to work around bugs in some js interpreters. the original function
* is part of the sha1.js library. its here for compatibility.
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int
* @param num int
* @param cnt int
*/
private static int safe_add(int x, int y) {
int lsw = (int) (x & 0xffff) + (int) (y & 0xffff);
int msw = (x >> 16) + (y >> 16) + (lsw >> 16);
return (msw << 16) | (lsw & 0xffff);
}
/**
* perform the appropriate triplet combination function for the current
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int
* @param t int
* @param b int
* @param c int
* @param d int
*/
private static int sha1_ft(int t, int b, int c, int d) {
if (t < 20)
return (b & c) | ((~b) & d);
if (t < 40)
return b ^ c ^ d;
if (t < 60)
return (b & c) | (b & d) | (c & d);
return b ^ c ^ d;
}
/**
* determine the appropriate additive constant for the current iteration
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int
* @param t int
*/
private static int sha1_kt(int t) {
return (t < 20)
? 1518500249
: (t < 40)
? 1859775393
: (t < 60)
? -1894007588
: -899497514;
}
/**
* this is a boolean returnig test function that exists in the sha1.js library.
* if it returns false something is wrong.
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param s java.lang.string
*/
private static boolean sha1_vm_test() {
return hexcase ? hex_sha1("abc").equals("a9993e364706816aba3e25717850c26c9cd0d89d") : hex_sha1("abc").equals("a9993e364706816aba3e25717850c26c9cd0d89d");
}
/**
* this is one of the functions youll usually want to call
* it take a string arguments and returns either hex or base-64 encoded strings
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param key java.lang.string
* @param data java.lang.string
*/
public static string str_hmac_sha1(string key, string data) {
return binb2str(core_hmac_sha1(key, data));
}
/**
* this is one of the functions youll usually want to call
* it take a string argument and returns either hex or base-64 encoded strings
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return java.lang.string
* @param s java.lang.string
*/
public static string str_sha1(string s) {
s = (s == null) ? "" : s;
return binb2str(core_sha1(str2binb(s), s.length() * chrsz));
}
/**
* convert an 8-bit or 16-bit string to an array of big-endian words
* in 8-bit function, characters >255 have their hi-byte silently ignored.
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int[]
* @param str java.lang.string
*/
private static int[] str2binb(string str) {
str = (str==null) ? "" : str;
int[] tmp = new int[str.length() * chrsz];
int mask = (1 << chrsz) – 1;
for(int i = 0; i < str.length() * chrsz; i += chrsz)
tmp[i>>5] |= ( (int)(str.charat(i / chrsz)) & mask) << (24 – i%32);
int len = 0;
for (int i=0;i<tmp.length&&tmp[i]!=0;i++,len++);
int[] bin = new int[len];
for (int i=0;i<len;i++)
bin[i] = tmp[i];
return bin;
}
/**
* increase an int array to a desired sized + 1 while keeping the old values.
* creation date: (3/26/2004 1:05:01 pm)
* @author t.n.silverman
* @version 1.0.0
* @return int[]
* @param str java.lang.string
*/
private static int[] strechbinarray(int[] oldbin, int size) {
int currlen = oldbin.length;
if (currlen >= size + 1)
return oldbin;
int[] newbin = new int[size + 1];
for (int i = 0; i < size; newbin[i] = 0, i++);
for (int i = 0; i < currlen; i++)
newbin[i] = oldbin[i];
return newbin;
}
}
