org.pfsw.security.crypto
Class CryptoUtil

java.lang.Object
  extended by org.pfsw.security.crypto.CryptoUtil

public class CryptoUtil
extends java.lang.Object

This utility class simplifies hashing passwords and particularly comparison of passwords.


Constructor Summary
protected CryptoUtil()
          Initialize the new instance with default values.
 
Method Summary
 java.lang.String asPlainText(java.lang.String aString)
          Returns the given string as it is if it does not start with a prefix in curly brackets (e.g.
 java.lang.String base64EncodedWithPrefix(byte[] hash, HashMechanism hashMechanism)
           
 java.lang.String base64HashedUTF8(java.lang.String aString, java.lang.String hashMechanism)
          Returns the given string UTF-8 char encoded, hashed with the specified hashing mechanism (e.g.
 byte[] computeHash(byte[] content, CheckedHashAlgorithm hashAlgorithm)
          Computes a hash value for the given input data using the specified hashing algorithm.
 byte[] computeHash(byte[] content, java.lang.String algorithm)
          Computes a hash value for the given input data using the specified hashing algorithm.
 byte[] computeHash(java.lang.String text, org.pfsw.text.CheckedCharsetName charEncoding, java.lang.String algorithm)
          Computes a hash value for the given text using the specified hashing algorithm.
 byte[] computeHash(java.lang.String text, java.lang.String charEncoding, java.lang.String algorithm)
          Computes a hash value for the given text using the specified hashing algorithm.
 byte[] computeUTF8Hash(java.lang.String text, java.lang.String algorithmName)
          Computes a hash value for the given text using UTF-8 character encoding an the specified hashing algorithm.
protected  byte[] concatArrays(byte[] bytes1, byte[] bytes2)
           
 byte[] createSHAhash(java.lang.String aString)
          Returns the SHA-1 hash representation of the given string in the current platform's character encoding.
 byte[] createSSHAhash(java.lang.String aString)
          Returns the SSHA hash representation of the given string
 byte[] createSSHAhash(java.lang.String aString, byte[] salt)
          Returns the SSHA hash representation (SHA-1 based) of the given string.
static CryptoUtil current()
          Returns the only instance this class supports (design pattern "Singleton")
protected  java.lang.String decryptString(java.lang.String aString)
           
 java.lang.String defaultEncrypted(java.lang.String aString)
          Returns the given string encrypted with the default algorithm and base64 encoded with a prefix naming the algorithm in curly brackets (e.g.
 boolean equals(java.lang.String str1, java.lang.String str2)
          Compares whether or not the two given strings are equal.
 boolean equals(java.lang.String str1, java.lang.String str2, org.pfsw.text.CheckedCharsetName charEncoding)
          Compares whether or not the two given strings are equal.
protected  boolean equalsHashedAgainstEncoded(java.lang.String hashed, java.lang.String maybeEncoded, org.pfsw.text.CheckedCharsetName charEncoding)
           
 boolean equalsUTF8(java.lang.String str1, java.lang.String str2)
          Compares whether or not the two given strings are equal.
 byte[] generateSalt(int length)
          Generates a random salt with the specified length.
 byte[] generateSalt20()
          Generates a random salt with the default length of 20.
 java.lang.String getFingerprintOf(java.security.cert.X509Certificate cert)
          Returns the fingerprint (i.e.
 java.lang.String getFingerprintOf(java.security.cert.X509Certificate cert, java.lang.String hexSeparator)
          Returns the fingerprint (i.e.
protected  void handleException(java.lang.Exception ex)
           
 java.lang.String hashed(byte[] data, HashMechanism hashMechanism)
          Returns the given data hashed with the specified hashing mechanism (e.g.
 java.lang.String hashedUTF8(java.lang.String aString, HashMechanism hashMechanism)
          Returns the given string UTF-8 char encoded, hashed with the specified hashing mechanism (e.g.
 java.lang.String hashedUTF8(java.lang.String aString, java.lang.String hashMechanismName)
          Returns the given string UTF-8 char encoded, hashed with the specified hashing mechanism (e.g.
protected  boolean isEncrypted(java.lang.String str)
           
protected  boolean isHashed(java.lang.String str)
           
protected  byte[] obfuscate1(java.lang.String aStr)
          Encrypts the given string according to IAP1 algorithm
protected  java.lang.String plainText1(java.lang.String string)
          Decrypts the given string which must be IAP1 obfuscated
 java.lang.String shaEncrypted(java.lang.String aString)
          Returns the given string SHA encrypted and base64 encoded with a prefix "{SHA}".
 java.lang.String sshaEncrypted(java.lang.String aString)
          Returns the given string SSHA encrypted and base64 encoded with a prefix "{SSHA}".
 java.lang.String sshaEncrypted(java.lang.String aString, byte[] salt)
          Returns the given string SSHA encrypted and base64 encoded with a prefix "{SSHA}".
protected  org.pfsw.text.StringUtil str()
           
protected  void transform1(byte[] bytes, int keyNum)
          Does a XOR transformation of each byte in the given byte array using the key specified by the given keyNum.
protected  java.lang.String unencoded(java.lang.String str)
          Tries to Base64 decode the given string.
 byte[] xor1(java.lang.String string)
          Returns the byte array containing the xor encoded representation of the given input string.
 java.lang.String xor1Encrypted(java.lang.String aString)
          Returns the given string XOR1 encrypted and base64 encoded with a prefix "{XOR1}".
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CryptoUtil

protected CryptoUtil()
Initialize the new instance with default values.

Method Detail

current

public static CryptoUtil current()
Returns the only instance this class supports (design pattern "Singleton")


asPlainText

public java.lang.String asPlainText(java.lang.String aString)
Returns the given string as it is if it does not start with a prefix in curly brackets (e.g. {xor}). If it starts with a prefix the method returns the string decrypted according to the algorithm named by the prefix.

Parameters:
aString - The string to return or to convert into plain text
Returns:
The input string unchanged or converted to plain text if it was encrypted and could be decrypted

sshaEncrypted

public java.lang.String sshaEncrypted(java.lang.String aString)
Returns the given string SSHA encrypted and base64 encoded with a prefix "{SSHA}".

Parameters:
aString - The string to be encrypted

sshaEncrypted

public java.lang.String sshaEncrypted(java.lang.String aString,
                                      byte[] salt)
Returns the given string SSHA encrypted and base64 encoded with a prefix "{SSHA}".

Parameters:
aString - The string to be encrypted
salt - The salt value

shaEncrypted

public java.lang.String shaEncrypted(java.lang.String aString)
Returns the given string SHA encrypted and base64 encoded with a prefix "{SHA}".

Parameters:
aString - The string to be encrypted

base64HashedUTF8

public java.lang.String base64HashedUTF8(java.lang.String aString,
                                         java.lang.String hashMechanism)
Returns the given string UTF-8 char encoded, hashed with the specified hashing mechanism (e.g. CryptoConstants.SHA_2_384_NAME) and base64 encoded with a prefix (e.g. "{SHA256}) for the used mechanism". Finally the whole string gets base64 encoded and returned.

Parameters:
aString - The string to be hashed.
hashMechanism - The hashing mechanism to be used (Not algorithm names!). See CryptoConstants.SHA_1_NAME.
Throws:
CryptoRuntimeException - If the specified mechanism is not supported.

hashedUTF8

public java.lang.String hashedUTF8(java.lang.String aString,
                                   java.lang.String hashMechanismName)
Returns the given string UTF-8 char encoded, hashed with the specified hashing mechanism (e.g. CryptoConstants.SHA_2_512_NAME) and base64 encoded with a prefix (e.g. "{SHA256}) for the used mechanism".

Parameters:
aString - The string to be hashed.
hashMechanismName - The hashing mechanism to be used (Not algorithm names!). See CryptoConstants.
Throws:
CryptoRuntimeException - If the specified mechanism is not supported.

hashedUTF8

public java.lang.String hashedUTF8(java.lang.String aString,
                                   HashMechanism hashMechanism)
Returns the given string UTF-8 char encoded, hashed with the specified hashing mechanism (e.g. HashMechanism.SALTED_SHA_2_256) and base64 encoded with a prefix (e.g. "{SSHA256}") for the used mechanism.

Parameters:
aString - The string to be hashed.
hashMechanism - The hashing mechanism to be used.
Throws:
CryptoRuntimeException - If the specified mechanism is not supported.

hashed

public java.lang.String hashed(byte[] data,
                               HashMechanism hashMechanism)
Returns the given data hashed with the specified hashing mechanism (e.g. HashMechanism.SALTED_SHA_2_512) and base64 encoded with a prefix (e.g. "{SSHA512}") for the used mechanism.

Parameters:
data - The data to be hashed.
hashMechanism - The hashing mechanism to be used.
Throws:
CryptoRuntimeException - If the specified mechanism is not supported.

base64EncodedWithPrefix

public java.lang.String base64EncodedWithPrefix(byte[] hash,
                                                HashMechanism hashMechanism)

xor1Encrypted

public java.lang.String xor1Encrypted(java.lang.String aString)
Returns the given string XOR1 encrypted and base64 encoded with a prefix "{XOR1}".

Parameters:
aString - The string to be encrypted

defaultEncrypted

public java.lang.String defaultEncrypted(java.lang.String aString)
Returns the given string encrypted with the default algorithm and base64 encoded with a prefix naming the algorithm in curly brackets (e.g. {xor}).

Currently it uses the XOR encryption.


equals

public boolean equals(java.lang.String str1,
                      java.lang.String str2)
Compares whether or not the two given strings are equal. If one or both keys are encrypted then they get decrypted before being compared. That allows to compare transparently a plain text string against an XOR encrypted string or even an XOR encrypted string against a SHA hashed value. In the latter case the plain text gets hashed before the comparison.

The sting character encoding used here is the platform's default encoding.


equalsUTF8

public boolean equalsUTF8(java.lang.String str1,
                          java.lang.String str2)
Compares whether or not the two given strings are equal. If one or both keys are encrypted then they get decrypted before being compared. That allows to compare transparently a plain text string against an XOR encrypted string or even an XOR encrypted string against a SHA hashed value. In the latter case the plain text gets hashed before the comparison.

The sting character encoding used here is the platform's default encoding.


equals

public boolean equals(java.lang.String str1,
                      java.lang.String str2,
                      org.pfsw.text.CheckedCharsetName charEncoding)
Compares whether or not the two given strings are equal. If one or both keys are encoded then they get decoded before being compared. That allows to compare transparently a plain text string against an XOR encrypted string or even an XOR encrypted string against a SHA hashed value. In the latter case the plain text gets hashed before the comparison.

Comparing two hashed or XOR encrypted values always return false.

Parameters:
str1 - First string to compare with second.
str2 - Second string to compare with first.
charEncoding - The character encoding used to convert strings to byte arrays.

xor1

public byte[] xor1(java.lang.String string)
Returns the byte array containing the xor encoded representation of the given input string.


createSSHAhash

public byte[] createSSHAhash(java.lang.String aString)
Returns the SSHA hash representation of the given string


createSSHAhash

public byte[] createSSHAhash(java.lang.String aString,
                             byte[] salt)
Returns the SSHA hash representation (SHA-1 based) of the given string.

Parameters:
aString - the string to be hashed.
salt - the salt value for SSHA.

createSHAhash

public byte[] createSHAhash(java.lang.String aString)
Returns the SHA-1 hash representation of the given string in the current platform's character encoding.


computeHash

public byte[] computeHash(byte[] content,
                          java.lang.String algorithm)
Computes a hash value for the given input data using the specified hashing algorithm. The returned byte array contains the hash. Its length depends on the algorithm. If the given algorithm is not supported a CryptoRuntimeExcption will be thrown.

Parameters:
content - The content to be hashed (must not be null).
algorithm - The name of the has algorithm (see CryptoConstants). Must not be null.
Throws:
CryptoRuntimeExcption - If the given algorithm is not supported.

computeHash

public byte[] computeHash(byte[] content,
                          CheckedHashAlgorithm hashAlgorithm)
Computes a hash value for the given input data using the specified hashing algorithm. The returned byte array contains the hash. Its length depends on the algorithm. If the given algorithm is not supported a CryptoRuntimeExcption will be thrown.

Parameters:
content - The content to be hashed (must not be null).
hashAlgorithm - The hash mechanism to use. Must not be null.
Throws:
CryptoRuntimeExcption - If the given algorithm is not supported.

computeHash

public byte[] computeHash(java.lang.String text,
                          java.lang.String charEncoding,
                          java.lang.String algorithm)
Computes a hash value for the given text using the specified hashing algorithm. The returned byte array contains the hash. Its length depends on the algorithm. If the given algorithm is not supported a CryptoRuntimeExcption will be thrown.

Parameters:
text - The content to be hashed (must not be null).
charEncoding - The character encoding to be used when converting the given text to bytes.
algorithm - The name of the has algorithm (see CryptoConstants). Must not be null.
Throws:
CryptoRuntimeExcption - If the given charEncoding or algorithm is not supported.

computeHash

public byte[] computeHash(java.lang.String text,
                          org.pfsw.text.CheckedCharsetName charEncoding,
                          java.lang.String algorithm)
Computes a hash value for the given text using the specified hashing algorithm. The returned byte array contains the hash. Its length depends on the algorithm. If the given algorithm is not supported a CryptoRuntimeExcption will be thrown.

Parameters:
text - The content to be hashed (must not be null).
charEncoding - The character encoding to be used when converting the given text to bytes.
algorithm - The name of the has algorithm (see CryptoConstants). Must not be null.
Throws:
CryptoRuntimeExcption - If the given charEncoding or algorithm is not supported.

computeUTF8Hash

public byte[] computeUTF8Hash(java.lang.String text,
                              java.lang.String algorithmName)
Computes a hash value for the given text using UTF-8 character encoding an the specified hashing algorithm. The returned byte array contains the hash. Its length depends on the algorithm. If the given algorithm is not supported a CryptoRuntimeExcption will be thrown.

Parameters:
text - The content to be hashed (must not be null).
algorithmName - The name of the has algorithm (see CryptoConstants). Must not be null.
Throws:
CryptoRuntimeExcption - If the given charEncoding or algorithm is not supported.

generateSalt

public byte[] generateSalt(int length)
Generates a random salt with the specified length.

Parameters:
length - The length of the salt to be generated.
Returns:
The salt as byte array with the specified length.

generateSalt20

public byte[] generateSalt20()
Generates a random salt with the default length of 20.

Returns:
The salt as byte array with a length of 20.

getFingerprintOf

public java.lang.String getFingerprintOf(java.security.cert.X509Certificate cert)
                                  throws java.security.cert.CertificateEncodingException
Returns the fingerprint (i.e. SHA1 hash) of the given certificate as hexadecimal string (all upper case, no separators).

Throws:
java.security.cert.CertificateEncodingException

getFingerprintOf

public java.lang.String getFingerprintOf(java.security.cert.X509Certificate cert,
                                         java.lang.String hexSeparator)
                                  throws java.security.cert.CertificateEncodingException
Returns the fingerprint (i.e. SHA1 hash) of the given certificate as hexadecimal string (all upper case, each hex byte separated by the given hexSeparator).

Throws:
java.security.cert.CertificateEncodingException

decryptString

protected java.lang.String decryptString(java.lang.String aString)

equalsHashedAgainstEncoded

protected boolean equalsHashedAgainstEncoded(java.lang.String hashed,
                                             java.lang.String maybeEncoded,
                                             org.pfsw.text.CheckedCharsetName charEncoding)

unencoded

protected java.lang.String unencoded(java.lang.String str)
Tries to Base64 decode the given string. Returns the string unchanged if it was not Base64 encoded otherwise returns the decoded string.


isEncrypted

protected boolean isEncrypted(java.lang.String str)

isHashed

protected boolean isHashed(java.lang.String str)

obfuscate1

protected byte[] obfuscate1(java.lang.String aStr)
Encrypts the given string according to IAP1 algorithm


plainText1

protected java.lang.String plainText1(java.lang.String string)
Decrypts the given string which must be IAP1 obfuscated


transform1

protected void transform1(byte[] bytes,
                          int keyNum)
Does a XOR transformation of each byte in the given byte array using the key specified by the given keyNum.


concatArrays

protected byte[] concatArrays(byte[] bytes1,
                              byte[] bytes2)

handleException

protected void handleException(java.lang.Exception ex)

str

protected org.pfsw.text.StringUtil str()