Package com.ongres.scram.common.util
Class CryptoUtil
java.lang.Object
com.ongres.scram.common.util.CryptoUtil
Utility static methods for cryptography related tasks.
-
Nested Class Summary
Nested Classes -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final int
private static final int
private static final int
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic byte[]
hi
(SecretKeyFactory secretKeyFactory, int keyLength, char[] value, byte[] salt, int iterations) Compute the "Hi" function for SCRAM.static byte[]
hmac
(SecretKeySpec secretKeySpec, Mac mac, byte[] message) Computes the HMAC of a given message.static String
nonce
(int size) Generates a random string (called a 'nonce'), composed of ASCII printable characters, except comma (',').static String
nonce
(int size, SecureRandom random) Generates a random string (called a 'nonce'), composed of ASCII printable characters, except comma (',').static byte[]
xor
(byte[] value1, byte[] value2) Computes a byte-by-byte xor operation.
-
Field Details
-
MIN_ASCII_PRINTABLE_RANGE
private static final int MIN_ASCII_PRINTABLE_RANGE- See Also:
-
MAX_ASCII_PRINTABLE_RANGE
private static final int MAX_ASCII_PRINTABLE_RANGE- See Also:
-
EXCLUDED_CHAR
private static final int EXCLUDED_CHAR- See Also:
-
-
Constructor Details
-
CryptoUtil
public CryptoUtil()
-
-
Method Details
-
nonce
Generates a random string (called a 'nonce'), composed of ASCII printable characters, except comma (',').- Parameters:
size
- The length of the nonce, in characters/bytesrandom
- The SecureRandom to use- Returns:
- The String representing the nonce
-
nonce
Generates a random string (called a 'nonce'), composed of ASCII printable characters, except comma (','). It uses a default SecureRandom instance.- Parameters:
size
- The length of the nonce, in characters/bytes- Returns:
- The String representing the nonce
-
hi
public static byte[] hi(SecretKeyFactory secretKeyFactory, int keyLength, char[] value, byte[] salt, int iterations) Compute the "Hi" function for SCRAM.Hi(str, salt, i): U1 := HMAC(str, salt + INT(1)) U2 := HMAC(str, U1) ... Ui-1 := HMAC(str, Ui-2) Ui := HMAC(str, Ui-1) Hi := U1 XOR U2 XOR ... XOR Ui where "i" is the iteration count, "+" is the string concatenation operator, and INT(g) is a 4-octet encoding of the integer g, most significant octet first. Hi() is, essentially, PBKDF2 [RFC2898] with HMAC() as the pseudorandom function (PRF) and with dkLen == output length of HMAC() == output length of H().
- Parameters:
secretKeyFactory
- The SecretKeyFactory to generate the SecretKeykeyLength
- The length of the key (in bits)value
- The char array to compute the Hi functionsalt
- The saltiterations
- The number of iterations- Returns:
- The bytes of the computed Hi value
-
hmac
Computes the HMAC of a given message.HMAC(key, str): Apply the HMAC keyed hash algorithm (defined in [RFC2104]) using the octet string represented by "key" as the key and the octet string "str" as the input string. The size of the result is the hash result size for the hash function in use. For example, it is 20 octets for SHA-1 (see [RFC3174]).
- Parameters:
secretKeySpec
- A key of the given algorithmmac
- A MAC instance of the given algorithmmessage
- The message to compute the HMAC- Returns:
- The bytes of the computed HMAC value
-
xor
Computes a byte-by-byte xor operation.XOR: Apply the exclusive-or operation to combine the octet string on the left of this operator with the octet string on the right of this operator. The length of the output and each of the two inputs will be the same for this use.
- Parameters:
value1
-value2
-- Returns:
- Throws:
IllegalArgumentException
-