Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS (src)    NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.security
Class Util

java.lang.Object
  extended byorg.jboss.security.Util
public class Util
extends java.lang.Object

Various security related utilities like MessageDigest factories, SecureRandom access, password hashing. This product includes software developed by Tom Wu and Eugene Jhong for the SRP Distribution (http://srp.stanford.edu/srp/).

Field Summary
static java.lang.String BASE16_ENCODING
           
static java.lang.String BASE64_ENCODING
           
 
Constructor Summary
Util()
           
 
Method Summary
static java.lang.Object accessSealedObject(java.lang.String cipherAlgorithm, java.lang.Object key, byte[] cipherIV, java.lang.Object obj)
           
static byte[] calculatePasswordHash(java.lang.String username, char[] password, byte[] salt)
          Cacluate the SRP RFC2945 password hash = H(salt | H(username | ':' | password)) where H = SHA secure hash.
static byte[] calculateVerifier(java.lang.String username, char[] password, byte[] salt, java.math.BigInteger N, java.math.BigInteger g)
          Calculate x = H(s | H(U | ':' | password)) verifier v = g^x % N described in RFC2945.
static byte[] calculateVerifier(java.lang.String username, char[] password, byte[] salt, byte[] Nb, byte[] gb)
          Calculate x = H(s | H(U | ':' | password)) verifier v = g^x % N described in RFC2945.
static java.security.MessageDigest copy(java.security.MessageDigest md)
           
static java.lang.Object createCipher(java.lang.String cipherAlgorithm)
           
static java.lang.String createPasswordHash(java.lang.String hashAlgorithm, java.lang.String hashEncoding, java.lang.String hashCharset, java.lang.String username, java.lang.String password)
          Calculate a password hash using a MessageDigest.
static java.lang.String createPasswordHash(java.lang.String hashAlgorithm, java.lang.String hashEncoding, java.lang.String hashCharset, java.lang.String username, java.lang.String password, DigestCallback (src)  callback)
          Calculate a password hash using a MessageDigest.
static java.lang.Object createSealedObject(java.lang.String cipherAlgorithm, java.lang.Object key, byte[] cipherIV, java.io.Serializable data)
           
static java.lang.Object createSecretKey(java.lang.String cipherAlgorithm, java.lang.Object key)
          Use reflection to create a javax.crypto.spec.SecretKeySpec to avoid an explicit reference to SecretKeySpec so that the JCE is not needed unless the SRP parameters indicate that encryption is needed.
static java.lang.String encodeBase16(byte[] bytes)
          Hex encoding of hashes, as used by Catalina.
static java.lang.String encodeBase64(byte[] bytes)
          BASE64 encoder implementation.
static byte[] fromb64(java.lang.String str)
           
static byte[] generateSeed(int numBytes)
          Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself.
static java.util.Random getPRNG()
           
static boolean hasUnlimitedCrypto()
          From Appendix E of the JCE ref guide, the xaximum key size allowed by the "Strong" jurisdiction policy files allows a maximum Blowfish cipher size of 128 bits.
static void init()
           
static void init(byte[] prngSeed)
           
static java.security.MessageDigest newDigest()
           
static void nextBytes(byte[] bytes)
          Generates random bytes and places them into a user-supplied byte array.
static double nextDouble()
          Returns the next pseudorandom, uniformly distributed double value between 0.0 and 1.0 from this random number generator's sequence.
static long nextLong()
          Returns the next pseudorandom, uniformly distributed long value from this random number generator's sequence.
static byte[] sessionKeyHash(byte[] number)
          Perform an interleaved even-odd hash on the byte string
static java.lang.String tob64(byte[] buffer)
           
static byte[] trim(byte[] in)
          Treat the input as the MSB representation of a number, and lop off leading zero elements.
static byte[] xor(byte[] b1, byte[] b2, int length)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

BASE64_ENCODING

public static final java.lang.String BASE64_ENCODING
See Also:
Constant Field Values (src)

BASE16_ENCODING

public static final java.lang.String BASE16_ENCODING
See Also:
Constant Field Values (src)
Constructor Detail

Util

public Util()
Method Detail

init

public static void init()
                 throws java.security.NoSuchAlgorithmException
Throws:
java.security.NoSuchAlgorithmException

init

public static void init(byte[] prngSeed)
                 throws java.security.NoSuchAlgorithmException
Throws:
java.security.NoSuchAlgorithmException

newDigest

public static java.security.MessageDigest newDigest()

copy

public static java.security.MessageDigest copy(java.security.MessageDigest md)

getPRNG

public static java.util.Random getPRNG()

nextDouble

public static double nextDouble()
Returns the next pseudorandom, uniformly distributed double value between 0.0 and 1.0 from this random number generator's sequence.

nextLong

public static long nextLong()
Returns the next pseudorandom, uniformly distributed long value from this random number generator's sequence. The general contract of nextLong is that one long value is pseudorandomly generated and returned. All 264 possible long values are produced with (approximately) equal probability.

nextBytes

public static void nextBytes(byte[] bytes)
Generates random bytes and places them into a user-supplied byte array. The number of random bytes produced is equal to the length of the byte array.

generateSeed

public static byte[] generateSeed(int numBytes)
Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself. This call may be used to seed other random number generators.

calculatePasswordHash

public static byte[] calculatePasswordHash(java.lang.String username,
                                           char[] password,
                                           byte[] salt)
Cacluate the SRP RFC2945 password hash = H(salt | H(username | ':' | password)) where H = SHA secure hash. The username is converted to a byte[] using the UTF-8 encoding.

calculateVerifier

public static byte[] calculateVerifier(java.lang.String username,
                                       char[] password,
                                       byte[] salt,
                                       byte[] Nb,
                                       byte[] gb)
Calculate x = H(s | H(U | ':' | password)) verifier v = g^x % N described in RFC2945.

calculateVerifier

public static byte[] calculateVerifier(java.lang.String username,
                                       char[] password,
                                       byte[] salt,
                                       java.math.BigInteger N,
                                       java.math.BigInteger g)
Calculate x = H(s | H(U | ':' | password)) verifier v = g^x % N described in RFC2945.

sessionKeyHash

public static byte[] sessionKeyHash(byte[] number)
Perform an interleaved even-odd hash on the byte string

trim

public static byte[] trim(byte[] in)
Treat the input as the MSB representation of a number, and lop off leading zero elements. For efficiency, the input is simply returned if no leading zeroes are found.

xor

public static byte[] xor(byte[] b1,
                         byte[] b2,
                         int length)

encodeBase16

public static java.lang.String encodeBase16(byte[] bytes)
Hex encoding of hashes, as used by Catalina. Each byte is converted to the corresponding two hex characters.

encodeBase64

public static java.lang.String encodeBase64(byte[] bytes)
BASE64 encoder implementation. Provides encoding methods, using the BASE64 encoding rules, as defined in the MIME specification, rfc1521.

createPasswordHash

public static java.lang.String createPasswordHash(java.lang.String hashAlgorithm,
                                                  java.lang.String hashEncoding,
                                                  java.lang.String hashCharset,
                                                  java.lang.String username,
                                                  java.lang.String password)
Calculate a password hash using a MessageDigest.

Parameters:
hashAlgorithm - - the MessageDigest algorithm name
hashEncoding - - either base64 or hex to specify the type of encoding the MessageDigest as a string.
hashCharset - - the charset used to create the byte[] passed to the MessageDigestfrom the password String. If null the platform default is used.
username - - ignored in default version
password - - the password string to be hashed
Returns:
the hashed string if successful, null if there is a digest exception

createPasswordHash

public static java.lang.String createPasswordHash(java.lang.String hashAlgorithm,
                                                  java.lang.String hashEncoding,
                                                  java.lang.String hashCharset,
                                                  java.lang.String username,
                                                  java.lang.String password,
                                                  DigestCallback (src)  callback)
Calculate a password hash using a MessageDigest.

Parameters:
hashAlgorithm - - the MessageDigest algorithm name
hashEncoding - - either base64 or hex to specify the type of encoding the MessageDigest as a string.
hashCharset - - the charset used to create the byte[] passed to the MessageDigestfrom the password String. If null the platform default is used.
username - - ignored in default version
password - - the password string to be hashed
callback - - the callback used to allow customization of the hash to occur. The preDigest method is called before the password is added and the postDigest method is called after the password has been added.
Returns:
the hashed string if successful, null if there is a digest exception

tob64

public static java.lang.String tob64(byte[] buffer)

fromb64

public static byte[] fromb64(java.lang.String str)
                      throws java.lang.NumberFormatException
Throws:
java.lang.NumberFormatException

hasUnlimitedCrypto

public static boolean hasUnlimitedCrypto()
From Appendix E of the JCE ref guide, the xaximum key size allowed by the "Strong" jurisdiction policy files allows a maximum Blowfish cipher size of 128 bits.

Returns:
true if a Blowfish key can be initialized with 256 bit size, false otherwise.

createSecretKey

public static java.lang.Object createSecretKey(java.lang.String cipherAlgorithm,
                                               java.lang.Object key)
                                        throws java.security.KeyException
Use reflection to create a javax.crypto.spec.SecretKeySpec to avoid an explicit reference to SecretKeySpec so that the JCE is not needed unless the SRP parameters indicate that encryption is needed.

Returns:
a javax.cyrpto.SecretKey
Throws:
java.security.KeyException

createCipher

public static java.lang.Object createCipher(java.lang.String cipherAlgorithm)
                                     throws java.security.GeneralSecurityException
Parameters:
cipherAlgorithm -
Returns:
A javax.crypto.Cipher
Throws:
java.security.GeneralSecurityException

createSealedObject

public static java.lang.Object createSealedObject(java.lang.String cipherAlgorithm,
                                                  java.lang.Object key,
                                                  byte[] cipherIV,
                                                  java.io.Serializable data)
                                           throws java.security.GeneralSecurityException
Throws:
java.security.GeneralSecurityException

accessSealedObject

public static java.lang.Object accessSealedObject(java.lang.String cipherAlgorithm,
                                                  java.lang.Object key,
                                                  byte[] cipherIV,
                                                  java.lang.Object obj)
                                           throws java.security.GeneralSecurityException
Throws:
java.security.GeneralSecurityException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS (src)    NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD