Class SHA1

All Implemented Interfaces:
Cloneable

public final class SHA1
extends MessageDigest
implements Cloneable
NOTE: As of 0.8.7, use getInstance() instead of new SHA1(), which will return the JVM's MessageDigest if it is faster.

The FIPS PUB 180-2 standard specifies four secure hash algorithms (SHA-1, SHA-256, SHA-384 and SHA-512) for computing a condensed representation of electronic data (message). When a message of any length < 2^^64 bits (for SHA-1 and SHA-256) or < 2^^128 bits (for SHA-384 and SHA-512) is input to an algorithm, the result is an output called a message digest. The message digests range in length from 160 to 512 bits, depending on the algorithm. Secure hash algorithms are typically used with other cryptographic algorithms, such as digital signature algorithms and keyed-hash message authentication codes, or in the generation of random numbers (bits).

The four hash algorithms specified in this "SHS" standard are called secure because, for a given algorithm, it is computationally infeasible 1) to find a message that corresponds to a given message digest, or 2) to find two different messages that produce the same message digest. Any change to a message will, with a very high probability, result in a different message digest. This will result in a verification failure when the secure hash algorithm is used with a digital signature algorithm or a keyed-hash message authentication algorithm.

A "SHS change notice" adds a SHA-224 algorithm for interoperability, which, like SHA-1 and SHA-256, operates on 512-bit blocks and 32-bit words, but truncates the final digest and uses distinct initialization values.

References:

  1. NIST FIPS PUB 180-2, "Secure Hash Signature Standard (SHS) with change notice", National Institute of Standards and Technology (NIST), 2002 August 1, and U.S. Department of Commerce, August 26.
    http://csrc.ncsl.nist.gov/CryptoToolkit/Hash.html
  2. NIST FIPS PUB 180-1, "Secure Hash Standard", U.S. Department of Commerce, May 1993.
    http://www.itl.nist.gov/div897/pubs/fip180-1.htm
  3. Bruce Schneier, "Section 18.7 Secure Hash Algorithm (SHA)", Applied Cryptography, 2nd edition,
    John Wiley & Sons, 1996
  • Field Details

  • Constructor Details

    • SHA1

      public SHA1()
      Creates a SHA1 object with default initial state. NOTE: Use getInstance() to get the fastest implementation.
  • Method Details

    • getInstance

      public static MessageDigest getInstance()
      Returns:
      the fastest digest, either new SHA1() or MessageDigest.getInstance("SHA-1")
      Since:
      0.8.7
    • clone

      public Object clone() throws CloneNotSupportedException
      Clones this object.
      Overrides:
      clone in class MessageDigest
      Throws:
      CloneNotSupportedException
    • engineGetDigestLength

      public int engineGetDigestLength()
      Returns the digest length in bytes. Can be used to allocate your own output buffer when computing multiple digests. Overrides the protected abstract method of java.security.MessageDigestSpi.
      Overrides:
      engineGetDigestLength in class MessageDigestSpi
      Returns:
      the digest length in bytes.
    • engineReset

      protected void engineReset()
      Reset athen initialize the digest context. Overrides the protected abstract method of java.security.MessageDigestSpi.
      Specified by:
      engineReset in class MessageDigestSpi
    • init

      protected void init()
      Initialize the digest context.
    • engineUpdate

      public void engineUpdate​(byte input)
      Updates the digest using the specified byte. Requires internal buffering, and may be slow. Overrides the protected abstract method of java.security.MessageDigestSpi.
      Specified by:
      engineUpdate in class MessageDigestSpi
      Parameters:
      input - the byte to use for the update.
    • engineUpdate

      public void engineUpdate​(byte[] input, int offset, int len)
      Updates the digest using the specified array of bytes, starting at the specified offset. Input length can be any size. May require internal buffering, if input blocks are not multiple of 64 bytes. Overrides the protected abstract method of java.security.MessageDigestSpi.
      Specified by:
      engineUpdate in class MessageDigestSpi
      Parameters:
      input - the array of bytes to use for the update.
      offset - the offset to start from in the array of bytes.
      len - the number of bytes to use, starting at offset.
    • engineDigest

      public byte[] engineDigest()
      Completes the hash computation by performing final operations such as padding. Computes the final hash and returns the final value as a byte[20] array. Once engineDigest has been called, the engine will be automatically reset as specified in the JavaSecurity MessageDigest specification. For faster operations with multiple digests, allocate your own array and use engineDigest(byte[], int offset, int len). Overrides the protected abstract method of java.security.MessageDigestSpi.
      Specified by:
      engineDigest in class MessageDigestSpi
      Returns:
      the length of the digest stored in the output buffer.
    • engineDigest

      public int engineDigest​(byte[] hashvalue, int offset, int len) throws DigestException
      Completes the hash computation by performing final operations such as padding. Once engineDigest has been called, the engine will be automatically reset (see engineReset). Overrides the protected abstract method of java.security.MessageDigestSpi.
      Overrides:
      engineDigest in class MessageDigestSpi
      Parameters:
      hashvalue - the output buffer in which to store the digest.
      offset - offset to start from in the output buffer
      len - number of bytes within buf allotted for the digest. Both this default implementation and the SUN provider do not return partial digests. The presence of this parameter is solely for consistency in our API's. If the value of this parameter is less than the actual digest length, the method will throw a DigestException. This parameter is ignored if its value is greater than or equal to the actual digest length.
      Returns:
      the length of the digest stored in the output buffer.
      Throws:
      DigestException