Package org.glassfish.security.common

Class SSHA

java.lang.Object
org.glassfish.security.common.SSHA
public class SSHA extends Object
Util class for salted SHA processing.

Salted SHA (aka SSHA) is computed as follows:
result = {SSHA}BASE64(SHA(password,salt),salt)

Methods are also provided to return partial results, such as SHA( password , salt) without Base64 encoding.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    defaultAlgo
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    SSHA()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static byte[]
    compute(byte[] salt, byte[] password, String algo)
    Compute a salted SHA hash.
    static byte[]
    decode(String encoded, byte[] hashResult, String algo)
    Decodes an encoded SSHA string.
    static String
    encode(byte[] salt, byte[] hash, String algo)
    Perform encoding of salt and computed hash.
    static boolean
    verify(byte[] salt, byte[] hash, byte[] password, String algo)
    Verifies a password.
    static boolean
    verify(String encoded, byte[] password)
    Verifies a password.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • SSHA

      public SSHA()

  • Method Details

    • compute

      public static byte[] compute(byte[] salt, byte[] password, String algo) throws IllegalArgumentException
      Compute a salted SHA hash.
      Parameters:
      salt - Salt bytes.
      password - Password bytes.
      Returns:
      Byte array of length 20 bytes containing hash result.
      Throws:
      IllegalArgumentException - Thrown if there is an error.

    • encode

      public static String encode(byte[] salt, byte[] hash, String algo)
      Perform encoding of salt and computed hash.
      Parameters:
      salt - Salt bytes.
      hash - Result of prior compute() operation.
      Returns:
      String Encoded string, as described in class documentation.

    • verify

      public static boolean verify(String encoded, byte[] password) throws IllegalArgumentException
      Verifies a password.

      The given password is verified against the provided encoded SSHA result string.

      Parameters:
      encoded - Encoded SSHA value (e.g. output of computeAndEncode())
      password - Password bytes of the password to verify.
      Throws:
      IllegalArgumentException - Thrown if there is an error.

    • verify

      public static boolean verify(byte[] salt, byte[] hash, byte[] password, String algo) throws IllegalArgumentException
      Verifies a password.

      The given password is verified against the provided salt and hash buffers.

      Parameters:
      salt - Salt bytes used in the hash result.
      hash - Hash result to compare against.
      password - Password bytes of the password to verify.
      Throws:
      IllegalArgumentException - Thrown if there is an error.

    • decode

      public static byte[] decode(String encoded, byte[] hashResult, String algo) throws IllegalArgumentException
      Decodes an encoded SSHA string.
      Parameters:
      encoded - Encoded SSHA value (e.g. output of computeAndEncode())
      hashResult - A byte array which must contain 20 elements. Upon succesful return from method, it will be filled by the hash value decoded from the given SSHA string. Existing values are not used and will be overwritten.
      Throws:
      IllegalArgumentException - Thrown if there is an error.