Package org.glassfish.security.common

Class SSHA

java.lang.Object

org.glassfish.security.common.SSHA

public class SSHA
extends Object

Util class for salted SHA processing.

Salted SHA (aka SSHA) is computed as follows:
result = {SSHA}BASE64(SHA(password,salt),salt)

Methods are also provided to return partial results, such as SHA( password , salt) without Base64 encoding.

Field Summary

Fields

Modifier and Type	Field	Description
static String	defaultAlgo

Constructor Summary

Constructors

Constructor	Description
SSHA()

Method Summary

Modifier and Type	Method	Description
static byte[]	compute(byte[] salt, byte[] password, String algo)	Compute a salted SHA hash.
static byte[]	decode(String encoded, byte[] hashResult, String algo)	Decodes an encoded SSHA string.
static String	encode(byte[] salt, byte[] hash, String algo)	Perform encoding of salt and computed hash.
static boolean	verify(byte[] salt, byte[] hash, byte[] password, String algo)	Verifies a password.
static boolean	verify(String encoded, byte[] password)	Verifies a password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

defaultAlgo

public static final String defaultAlgo

See Also:

Constant Field Values

Constructor Detail

SSHA

public SSHA()

Method Detail

compute

public static byte[] compute(byte[] salt,
                             byte[] password,
                             String algo)
                      throws IllegalArgumentException

Compute a salted SHA hash.

Parameters:

salt - Salt bytes.

password - Password bytes.

Returns:

Byte array of length 20 bytes containing hash result.

Throws:

IllegalArgumentException - Thrown if there is an error.

encode

public static String encode(byte[] salt,
                            byte[] hash,
                            String algo)

Perform encoding of salt and computed hash.

Parameters:

salt - Salt bytes.

hash - Result of prior compute() operation.

Returns:

String Encoded string, as described in class documentation.

verify

public static boolean verify(String encoded,
                             byte[] password)
                      throws IllegalArgumentException

Verifies a password.

The given password is verified against the provided encoded SSHA result string.

Parameters:

encoded - Encoded SSHA value (e.g. output of computeAndEncode())

password - Password bytes of the password to verify.

Throws:

IllegalArgumentException - Thrown if there is an error.

verify

public static boolean verify(byte[] salt,
                             byte[] hash,
                             byte[] password,
                             String algo)
                      throws IllegalArgumentException

Verifies a password.

The given password is verified against the provided salt and hash buffers.

Parameters:

salt - Salt bytes used in the hash result.

hash - Hash result to compare against.

password - Password bytes of the password to verify.

Throws:

IllegalArgumentException - Thrown if there is an error.

decode

public static byte[] decode(String encoded,
                            byte[] hashResult,
                            String algo)
                     throws IllegalArgumentException

Decodes an encoded SSHA string.

Parameters:

encoded - Encoded SSHA value (e.g. output of computeAndEncode())

hashResult - A byte array which must contain 20 elements. Upon succesful return from method, it will be filled by the hash value decoded from the given SSHA string. Existing values are not used and will be overwritten.

Throws:

IllegalArgumentException - Thrown if there is an error.