org.glassfish.security.common
Class SSHA

java.lang.Object
  org.glassfish.security.common.SSHA

public class SSHA
extends java.lang.Object

Util class for salted SHA processing.

Salted SHA (aka SSHA) is computed as follows:
result = {SSHA}BASE64(SHA(password,salt),salt)

Methods are also provided to return partial results, such as SHA( password , salt) without Base64 encoding.

Field Summary

static java.lang.String

defaultAlgo

Constructor Summary

SSHA()

Method Summary

static byte[]	compute(byte[] salt, byte[] password, java.lang.String algo) Compute a salted SHA hash.
static byte[]	decode(java.lang.String encoded, byte[] hashResult, java.lang.String algo) Decodes an encoded SSHA string.
static java.lang.String	encode(byte[] salt, byte[] hash, java.lang.String algo) Perform encoding of salt and computed hash.
static boolean	verify(byte[] salt, byte[] hash, byte[] password, java.lang.String algo) Verifies a password.
static boolean	verify(java.lang.String encoded, byte[] password) Verifies a password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

defaultAlgo

public static java.lang.String defaultAlgo

Constructor Detail

SSHA

public SSHA()

Method Detail

compute

public static byte[] compute(byte[] salt,
                             byte[] password,
                             java.lang.String algo)
                      throws java.lang.IllegalArgumentException

Compute a salted SHA hash.

Parameters:

salt - Salt bytes.

password - Password bytes.

Returns:

Byte array of length 20 bytes containing hash result.

Throws:

java.lang.IllegalArgumentException - Thrown if there is an error.

encode

public static java.lang.String encode(byte[] salt,
                                      byte[] hash,
                                      java.lang.String algo)

Perform encoding of salt and computed hash.

Parameters:

salt - Salt bytes.

hash - Result of prior compute() operation.

Returns:

String Encoded string, as described in class documentation.

verify

public static boolean verify(java.lang.String encoded,
                             byte[] password)
                      throws java.lang.IllegalArgumentException

Verifies a password.

The given password is verified against the provided encoded SSHA result string.

Parameters:

encoded - Encoded SSHA value (e.g. output of computeAndEncode())

password - Password bytes of the password to verify.

Throws:

java.lang.IllegalArgumentException - Thrown if there is an error.

verify

public static boolean verify(byte[] salt,
                             byte[] hash,
                             byte[] password,
                             java.lang.String algo)
                      throws java.lang.IllegalArgumentException

Verifies a password.

The given password is verified against the provided salt and hash buffers.

Parameters:

salt - Salt bytes used in the hash result.

hash - Hash result to compare against.

password - Password bytes of the password to verify.

Throws:

java.lang.IllegalArgumentException - Thrown if there is an error.

decode

public static byte[] decode(java.lang.String encoded,
                            byte[] hashResult,
                            java.lang.String algo)
                     throws java.lang.IllegalArgumentException

Decodes an encoded SSHA string.

Parameters:

encoded - Encoded SSHA value (e.g. output of computeAndEncode())

hashResult - A byte array which must contain 20 elements. Upon succesful return from method, it will be filled by the hash value decoded from the given SSHA string. Existing values are not used and will be overwritten.

Throws:

java.lang.IllegalArgumentException - Thrown if there is an error.