/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.tomcat.util.security; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.HashMap; import java.util.Map; import java.util.Queue; import java.util.concurrent.ConcurrentLinkedQueue; /** * A thread safe wrapper around {@link MessageDigest} that does not make use * of ThreadLocal and - broadly - only creates enough MessageDigest objects * to satisfy the concurrency requirements. */ public class ConcurrentMessageDigest { private static final String MD5 = "MD5"; private static final String SHA1 = "SHA-1"; private static final Map<String,Queue<MessageDigest>> queues = new HashMap<>(); private ConcurrentMessageDigest() { // Hide default constructor for this utility class } static { try { // Init commonly used algorithms init(MD5); init(SHA1); } catch (NoSuchAlgorithmException e) { throw new IllegalArgumentException(e); } } public static byte[] digestMD5(byte[]... input) { return digest(MD5, input); } public static byte[] digestSHA1(byte[]... input) { return digest(SHA1, input); } public static byte[] digest(String algorithm, byte[]... input) { return digest(algorithm, 1, input); } public static byte[] digest(String algorithm, int rounds, byte[]... input) { Queue<MessageDigest> queue = queues.get(algorithm); if (queue == null) { throw new IllegalStateException("Must call init() first"); } MessageDigest md = queue.poll(); if (md == null) { try { md = MessageDigest.getInstance(algorithm); } catch (NoSuchAlgorithmException e) { // Ignore. Impossible if init() has been successfully called // first. throw new IllegalStateException("Must call init() first"); } } // Round 1 for (byte[] bytes : input) { md.update(bytes); } byte[] result = md.digest(); // Subsequent rounds if (rounds > 1) { for (int i = 1; i < rounds; i++) { md.update(result); result = md.digest(); } } queue.add(md); return result; } /** * Ensures that {@link #digest(String, byte[][])} will support the specified * algorithm. This method <b>must</b> be called and return successfully * before using {@link #digest(String, byte[][])}. * * @param algorithm The message digest algorithm to be supported * * @throws NoSuchAlgorithmException If the algorithm is not supported by the * JVM */ public static void init(String algorithm) throws NoSuchAlgorithmException { synchronized (queues) { if (!queues.containsKey(algorithm)) { MessageDigest md = MessageDigest.getInstance(algorithm); Queue<MessageDigest> queue = new ConcurrentLinkedQueue<>(); queue.add(md); queues.put(algorithm, queue); } } } }