ariba.util.core
Class MessageDigestUtil

java.lang.Object
  ariba.util.core.MessageDigestUtil

public class MessageDigestUtil
extends java.lang.Object

A utility class for generating message digests, suitable for password hashing.

Field Summary

static java.lang.String

InvalidDigest

Constructor Summary

MessageDigestUtil()

Method Summary

static boolean	compareWithSalt(int saltLength, int iterations, java.lang.String hashedMessage, java.lang.String candidate) compares a digested message with a cleartext version, using the salt from the digested message.
static java.lang.String	digestWithSalt(byte[] salt, int saltLength, int iterations, java.lang.String message) Digest a message with salt & iterations.
static java.lang.String	digestWithSalt(int saltLength, int iterations, java.lang.String message) Digest a message with salt & iterations.
static byte[]	secureRandomBytes(int n)

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

InvalidDigest

public static final java.lang.String InvalidDigest

See Also:

Constant Field Values

Constructor Detail

MessageDigestUtil

public MessageDigestUtil()

Method Detail

secureRandomBytes

public static byte[] secureRandomBytes(int n)

digestWithSalt

public static java.lang.String digestWithSalt(int saltLength,
                                              int iterations,
                                              java.lang.String message)

Digest a message with salt & iterations. Note two calls to this method with the same arguments will NOT return the same result. Instead, to compare, use compareDigest. The salt will be generated using a SecureRandom generator. The result will be base64 encoded. This method uses the SHA-256 algorithm.

Parameters:

saltLength - - length of the salt (extra bytes in salt are ignored)

iterations - - number of iterations - makes cracking more computationally expensive. Should choose a reasonably large number here (thousands) to make this worthwhile.

message - - string

Returns:

Base64 encoded message

Throws:

java.lang.SecurityException - shouldn't happen

digestWithSalt

public static java.lang.String digestWithSalt(byte[] salt,
                                              int saltLength,
                                              int iterations,
                                              java.lang.String message)

Digest a message with salt & iterations. The result will be base64 encoded. This method uses the SHA-256 algorithm.

Parameters:

salt - - salt for this digest

saltLength - - length of the salt (extra bytes in salt are ignored)

iterations - - number of iterations - makes cracking more computationally expensive. Should choose a reasonably large number here (thousands) to make this worthwhile.

message - - string

Returns:

Base64 encoded message

Throws:

java.lang.SecurityException - shouldn't happen

compareWithSalt

public static boolean compareWithSalt(int saltLength,
                                      int iterations,
                                      java.lang.String hashedMessage,
                                      java.lang.String candidate)

compares a digested message with a cleartext version, using the salt from the digested message.

Parameters:

saltLength - - salt length used for the digest

iterations - - number of iterations - makes cracking more computationally expensive

hashedMessage - - the hashed message

candidate - - the candidate cleartext to be compared

Returns:

true if the digests match