| // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
| // for details. All rights reserved. Use of this source code is governed by a |
| // BSD-style license that can be found in the LICENSE file. |
| |
| part of dart._http; |
| |
| class _CryptoUtils { |
| static Uint8List getRandomBytes(int count) { |
| final Uint8List result = Uint8List(count); |
| for (int i = 0; i < count; i++) { |
| result[i] = Random.secure().nextInt(0xff); |
| } |
| return result; |
| } |
| |
| static String bytesToHex(List<int> bytes) { |
| var result = StringBuffer(); |
| for (var part in bytes) { |
| result.write('${part < 16 ? '0' : ''}${part.toRadixString(16)}'); |
| } |
| return result.toString(); |
| } |
| } |
| |
| // Constants. |
| const _MASK_8 = 0xff; |
| const _MASK_32 = 0xffffffff; |
| const _BITS_PER_BYTE = 8; |
| const _BYTES_PER_WORD = 4; |
| |
| // Base class encapsulating common behavior for cryptographic hash |
| // functions. |
| abstract class _HashBase { |
| // Hasher state. |
| final int _chunkSizeInWords; |
| final bool _bigEndianWords; |
| int _lengthInBytes = 0; |
| List<int> _pendingData; |
| final Uint32List _currentChunk; |
| final Uint32List _h; |
| bool _digestCalled = false; |
| |
| _HashBase(this._chunkSizeInWords, int digestSizeInWords, this._bigEndianWords) |
| : _pendingData = [], |
| _currentChunk = Uint32List(_chunkSizeInWords), |
| _h = Uint32List(digestSizeInWords); |
| |
| // Update the hasher with more data. |
| void add(List<int> data) { |
| if (_digestCalled) { |
| throw StateError('Hash update method called after digest was retrieved'); |
| } |
| _lengthInBytes += data.length; |
| _pendingData.addAll(data); |
| _iterate(); |
| } |
| |
| // Finish the hash computation and return the digest string. |
| List<int> close() { |
| if (_digestCalled) { |
| return _resultAsBytes(); |
| } |
| _digestCalled = true; |
| _finalizeData(); |
| _iterate(); |
| assert(_pendingData.isEmpty); |
| return _resultAsBytes(); |
| } |
| |
| // Returns the block size of the hash in bytes. |
| int get blockSize { |
| return _chunkSizeInWords * _BYTES_PER_WORD; |
| } |
| |
| // One round of the hash computation. |
| _updateHash(Uint32List m); |
| |
| // Helper methods. |
| int _add32(int x, int y) => (x + y) & _MASK_32; |
| int _roundUp(int val, int n) => (val + n - 1) & -n; |
| |
| // Rotate left limiting to unsigned 32-bit values. |
| int _rotl32(int val, int shift) { |
| var mod_shift = shift & 31; |
| return ((val << mod_shift) & _MASK_32) | |
| ((val & _MASK_32) >> (32 - mod_shift)); |
| } |
| |
| // Compute the final result as a list of bytes from the hash words. |
| List<int> _resultAsBytes() { |
| var result = <int>[]; |
| for (var i = 0; i < _h.length; i++) { |
| result.addAll(_wordToBytes(_h[i])); |
| } |
| return result; |
| } |
| |
| // Converts a list of bytes to a chunk of 32-bit words. |
| void _bytesToChunk(List<int> data, int dataIndex) { |
| assert((data.length - dataIndex) >= (_chunkSizeInWords * _BYTES_PER_WORD)); |
| |
| for (var wordIndex = 0; wordIndex < _chunkSizeInWords; wordIndex++) { |
| var w3 = _bigEndianWords ? data[dataIndex] : data[dataIndex + 3]; |
| var w2 = _bigEndianWords ? data[dataIndex + 1] : data[dataIndex + 2]; |
| var w1 = _bigEndianWords ? data[dataIndex + 2] : data[dataIndex + 1]; |
| var w0 = _bigEndianWords ? data[dataIndex + 3] : data[dataIndex]; |
| dataIndex += 4; |
| var word = (w3 & 0xff) << 24; |
| word |= (w2 & _MASK_8) << 16; |
| word |= (w1 & _MASK_8) << 8; |
| word |= (w0 & _MASK_8); |
| _currentChunk[wordIndex] = word; |
| } |
| } |
| |
| // Convert a 32-bit word to four bytes. |
| List<int> _wordToBytes(int word) { |
| List<int> bytes = List.filled(_BYTES_PER_WORD, 0); |
| bytes[0] = (word >> (_bigEndianWords ? 24 : 0)) & _MASK_8; |
| bytes[1] = (word >> (_bigEndianWords ? 16 : 8)) & _MASK_8; |
| bytes[2] = (word >> (_bigEndianWords ? 8 : 16)) & _MASK_8; |
| bytes[3] = (word >> (_bigEndianWords ? 0 : 24)) & _MASK_8; |
| return bytes; |
| } |
| |
| // Iterate through data updating the hash computation for each |
| // chunk. |
| void _iterate() { |
| var len = _pendingData.length; |
| var chunkSizeInBytes = _chunkSizeInWords * _BYTES_PER_WORD; |
| if (len >= chunkSizeInBytes) { |
| var index = 0; |
| for (; (len - index) >= chunkSizeInBytes; index += chunkSizeInBytes) { |
| _bytesToChunk(_pendingData, index); |
| _updateHash(_currentChunk); |
| } |
| _pendingData = _pendingData.sublist(index, len); |
| } |
| } |
| |
| // Finalize the data. Add a 1 bit to the end of the message. Expand with |
| // 0 bits and add the length of the message. |
| void _finalizeData() { |
| _pendingData.add(0x80); |
| var contentsLength = _lengthInBytes + 9; |
| var chunkSizeInBytes = _chunkSizeInWords * _BYTES_PER_WORD; |
| var finalizedLength = _roundUp(contentsLength, chunkSizeInBytes); |
| var zeroPadding = finalizedLength - contentsLength; |
| for (var i = 0; i < zeroPadding; i++) { |
| _pendingData.add(0); |
| } |
| var lengthInBits = _lengthInBytes * _BITS_PER_BYTE; |
| assert(lengthInBits < pow(2, 32)); |
| if (_bigEndianWords) { |
| _pendingData.addAll(_wordToBytes(0)); |
| _pendingData.addAll(_wordToBytes(lengthInBits & _MASK_32)); |
| } else { |
| _pendingData.addAll(_wordToBytes(lengthInBits & _MASK_32)); |
| _pendingData.addAll(_wordToBytes(0)); |
| } |
| } |
| } |
| |
| // The MD5 hasher is used to compute an MD5 message digest. |
| class _MD5 extends _HashBase { |
| _MD5() : super(16, 4, false) { |
| _h[0] = 0x67452301; |
| _h[1] = 0xefcdab89; |
| _h[2] = 0x98badcfe; |
| _h[3] = 0x10325476; |
| } |
| |
| static const _k = [ |
| 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee, 0xf57c0faf, 0x4787c62a, // |
| 0xa8304613, 0xfd469501, 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be, // |
| 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821, 0xf61e2562, 0xc040b340, // |
| 0x265e5a51, 0xe9b6c7aa, 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8, // |
| 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed, 0xa9e3e905, 0xfcefa3f8, // |
| 0x676f02d9, 0x8d2a4c8a, 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c, // |
| 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70, 0x289b7ec6, 0xeaa127fa, // |
| 0xd4ef3085, 0x04881d05, 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665, // |
| 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039, 0x655b59c3, 0x8f0ccc92, // |
| 0xffeff47d, 0x85845dd1, 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1, // |
| 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391 |
| ]; |
| |
| static const _r = [ |
| 7, 12, 17, 22, 7, 12, 17, 22, 7, 12, 17, 22, 7, 12, 17, 22, 5, 9, 14, // |
| 20, 5, 9, 14, 20, 5, 9, 14, 20, 5, 9, 14, 20, 4, 11, 16, 23, 4, 11, // |
| 16, 23, 4, 11, 16, 23, 4, 11, 16, 23, 6, 10, 15, 21, 6, 10, 15, 21, 6, // |
| 10, 15, 21, 6, 10, 15, 21 |
| ]; |
| |
| // Compute one iteration of the MD5 algorithm with a chunk of |
| // 16 32-bit pieces. |
| void _updateHash(Uint32List m) { |
| assert(m.length == 16); |
| |
| var a = _h[0]; |
| var b = _h[1]; |
| var c = _h[2]; |
| var d = _h[3]; |
| |
| int t0; |
| int t1; |
| |
| for (var i = 0; i < 64; i++) { |
| if (i < 16) { |
| t0 = (b & c) | ((~b & _MASK_32) & d); |
| t1 = i; |
| } else if (i < 32) { |
| t0 = (d & b) | ((~d & _MASK_32) & c); |
| t1 = ((5 * i) + 1) % 16; |
| } else if (i < 48) { |
| t0 = b ^ c ^ d; |
| t1 = ((3 * i) + 5) % 16; |
| } else { |
| t0 = c ^ (b | (~d & _MASK_32)); |
| t1 = (7 * i) % 16; |
| } |
| |
| var temp = d; |
| d = c; |
| c = b; |
| b = _add32( |
| b, _rotl32(_add32(_add32(a, t0), _add32(_k[i], m[t1])), _r[i])); |
| a = temp; |
| } |
| |
| _h[0] = _add32(a, _h[0]); |
| _h[1] = _add32(b, _h[1]); |
| _h[2] = _add32(c, _h[2]); |
| _h[3] = _add32(d, _h[3]); |
| } |
| } |
| |
| // The SHA1 hasher is used to compute an SHA1 message digest. |
| class _SHA1 extends _HashBase { |
| final List<int> _w; |
| |
| // Construct a SHA1 hasher object. |
| _SHA1() |
| : _w = List<int>.filled(80, 0), |
| super(16, 5, true) { |
| _h[0] = 0x67452301; |
| _h[1] = 0xEFCDAB89; |
| _h[2] = 0x98BADCFE; |
| _h[3] = 0x10325476; |
| _h[4] = 0xC3D2E1F0; |
| } |
| |
| // Compute one iteration of the SHA1 algorithm with a chunk of |
| // 16 32-bit pieces. |
| void _updateHash(Uint32List m) { |
| assert(m.length == 16); |
| |
| var a = _h[0]; |
| var b = _h[1]; |
| var c = _h[2]; |
| var d = _h[3]; |
| var e = _h[4]; |
| |
| for (var i = 0; i < 80; i++) { |
| if (i < 16) { |
| _w[i] = m[i]; |
| } else { |
| var n = _w[i - 3] ^ _w[i - 8] ^ _w[i - 14] ^ _w[i - 16]; |
| _w[i] = _rotl32(n, 1); |
| } |
| var t = _add32(_add32(_rotl32(a, 5), e), _w[i]); |
| if (i < 20) { |
| t = _add32(_add32(t, (b & c) | (~b & d)), 0x5A827999); |
| } else if (i < 40) { |
| t = _add32(_add32(t, (b ^ c ^ d)), 0x6ED9EBA1); |
| } else if (i < 60) { |
| t = _add32(_add32(t, (b & c) | (b & d) | (c & d)), 0x8F1BBCDC); |
| } else { |
| t = _add32(_add32(t, b ^ c ^ d), 0xCA62C1D6); |
| } |
| |
| e = d; |
| d = c; |
| c = _rotl32(b, 30); |
| b = a; |
| a = t & _MASK_32; |
| } |
| |
| _h[0] = _add32(a, _h[0]); |
| _h[1] = _add32(b, _h[1]); |
| _h[2] = _add32(c, _h[2]); |
| _h[3] = _add32(d, _h[3]); |
| _h[4] = _add32(e, _h[4]); |
| } |
| } |