126 lines
3.9 KiB
Java
126 lines
3.9 KiB
Java
/*
|
|
* Licensed to the Apache Software Foundation (ASF) under one or more
|
|
* contributor license agreements. See the NOTICE file distributed with
|
|
* this work for additional information regarding copyright ownership.
|
|
* The ASF licenses this file to You under the Apache License, Version 2.0
|
|
* (the "License"); you may not use this file except in compliance with
|
|
* the License. You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
package org.apache.tomcat.util.security;
|
|
|
|
import java.security.MessageDigest;
|
|
import java.security.NoSuchAlgorithmException;
|
|
import java.util.HashMap;
|
|
import java.util.Map;
|
|
import java.util.Queue;
|
|
import java.util.concurrent.ConcurrentLinkedQueue;
|
|
|
|
/**
|
|
* A thread safe wrapper around {@link MessageDigest} that does not make use
|
|
* of ThreadLocal and - broadly - only creates enough MessageDigest objects
|
|
* to satisfy the concurrency requirements.
|
|
*/
|
|
public class ConcurrentMessageDigest {
|
|
|
|
private static final String MD5 = "MD5";
|
|
private static final String SHA1 = "SHA-1";
|
|
|
|
private static final Map<String,Queue<MessageDigest>> queues =
|
|
new HashMap<>();
|
|
|
|
|
|
private ConcurrentMessageDigest() {
|
|
// Hide default constructor for this utility class
|
|
}
|
|
|
|
static {
|
|
try {
|
|
// Init commonly used algorithms
|
|
init(MD5);
|
|
init(SHA1);
|
|
} catch (NoSuchAlgorithmException e) {
|
|
throw new IllegalArgumentException(e);
|
|
}
|
|
}
|
|
|
|
public static byte[] digestMD5(byte[]... input) {
|
|
return digest(MD5, input);
|
|
}
|
|
|
|
public static byte[] digestSHA1(byte[]... input) {
|
|
return digest(SHA1, input);
|
|
}
|
|
|
|
public static byte[] digest(String algorithm, byte[]... input) {
|
|
return digest(algorithm, 1, input);
|
|
}
|
|
|
|
|
|
public static byte[] digest(String algorithm, int rounds, byte[]... input) {
|
|
|
|
Queue<MessageDigest> queue = queues.get(algorithm);
|
|
if (queue == null) {
|
|
throw new IllegalStateException("Must call init() first");
|
|
}
|
|
|
|
MessageDigest md = queue.poll();
|
|
if (md == null) {
|
|
try {
|
|
md = MessageDigest.getInstance(algorithm);
|
|
} catch (NoSuchAlgorithmException e) {
|
|
// Ignore. Impossible if init() has been successfully called
|
|
// first.
|
|
throw new IllegalStateException("Must call init() first");
|
|
}
|
|
}
|
|
|
|
// Round 1
|
|
for (byte[] bytes : input) {
|
|
md.update(bytes);
|
|
}
|
|
byte[] result = md.digest();
|
|
|
|
// Subsequent rounds
|
|
if (rounds > 1) {
|
|
for (int i = 1; i < rounds; i++) {
|
|
md.update(result);
|
|
result = md.digest();
|
|
}
|
|
}
|
|
|
|
queue.add(md);
|
|
|
|
return result;
|
|
}
|
|
|
|
|
|
/**
|
|
* Ensures that {@link #digest(String, byte[][])} will support the specified
|
|
* algorithm. This method <b>must</b> be called and return successfully
|
|
* before using {@link #digest(String, byte[][])}.
|
|
*
|
|
* @param algorithm The message digest algorithm to be supported
|
|
*
|
|
* @throws NoSuchAlgorithmException If the algorithm is not supported by the
|
|
* JVM
|
|
*/
|
|
public static void init(String algorithm) throws NoSuchAlgorithmException {
|
|
synchronized (queues) {
|
|
if (!queues.containsKey(algorithm)) {
|
|
MessageDigest md = MessageDigest.getInstance(algorithm);
|
|
Queue<MessageDigest> queue = new ConcurrentLinkedQueue<>();
|
|
queue.add(md);
|
|
queues.put(algorithm, queue);
|
|
}
|
|
}
|
|
}
|
|
}
|