Class CryptoUtil

java.lang.Object
com.ongres.scram.common.util.CryptoUtil

public class CryptoUtil extends Object
Utility static methods for cryptography related tasks.
  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    private static class 
     
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private static final int
     
    private static final int
     
    private static final int
     
  • Constructor Summary

    Constructors
    Constructor
    Description
     
  • Method Summary

    Modifier and Type
    Method
    Description
    static byte[]
    hi(SecretKeyFactory secretKeyFactory, int keyLength, char[] value, byte[] salt, int iterations)
    Compute the "Hi" function for SCRAM.
    static byte[]
    hmac(SecretKeySpec secretKeySpec, Mac mac, byte[] message)
    Computes the HMAC of a given message.
    static String
    nonce(int size)
    Generates a random string (called a 'nonce'), composed of ASCII printable characters, except comma (',').
    static String
    nonce(int size, SecureRandom random)
    Generates a random string (called a 'nonce'), composed of ASCII printable characters, except comma (',').
    static byte[]
    xor(byte[] value1, byte[] value2)
    Computes a byte-by-byte xor operation.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Field Details

  • Constructor Details

    • CryptoUtil

      public CryptoUtil()
  • Method Details

    • nonce

      public static String nonce(int size, SecureRandom random)
      Generates a random string (called a 'nonce'), composed of ASCII printable characters, except comma (',').
      Parameters:
      size - The length of the nonce, in characters/bytes
      random - The SecureRandom to use
      Returns:
      The String representing the nonce
    • nonce

      public static String nonce(int size)
      Generates a random string (called a 'nonce'), composed of ASCII printable characters, except comma (','). It uses a default SecureRandom instance.
      Parameters:
      size - The length of the nonce, in characters/bytes
      Returns:
      The String representing the nonce
    • hi

      public static byte[] hi(SecretKeyFactory secretKeyFactory, int keyLength, char[] value, byte[] salt, int iterations)
      Compute the "Hi" function for SCRAM. Hi(str, salt, i): U1 := HMAC(str, salt + INT(1)) U2 := HMAC(str, U1) ... Ui-1 := HMAC(str, Ui-2) Ui := HMAC(str, Ui-1) Hi := U1 XOR U2 XOR ... XOR Ui where "i" is the iteration count, "+" is the string concatenation operator, and INT(g) is a 4-octet encoding of the integer g, most significant octet first. Hi() is, essentially, PBKDF2 [RFC2898] with HMAC() as the pseudorandom function (PRF) and with dkLen == output length of HMAC() == output length of H().
      Parameters:
      secretKeyFactory - The SecretKeyFactory to generate the SecretKey
      keyLength - The length of the key (in bits)
      value - The char array to compute the Hi function
      salt - The salt
      iterations - The number of iterations
      Returns:
      The bytes of the computed Hi value
    • hmac

      public static byte[] hmac(SecretKeySpec secretKeySpec, Mac mac, byte[] message)
      Computes the HMAC of a given message. HMAC(key, str): Apply the HMAC keyed hash algorithm (defined in [RFC2104]) using the octet string represented by "key" as the key and the octet string "str" as the input string. The size of the result is the hash result size for the hash function in use. For example, it is 20 octets for SHA-1 (see [RFC3174]).
      Parameters:
      secretKeySpec - A key of the given algorithm
      mac - A MAC instance of the given algorithm
      message - The message to compute the HMAC
      Returns:
      The bytes of the computed HMAC value
    • xor

      public static byte[] xor(byte[] value1, byte[] value2) throws IllegalArgumentException
      Computes a byte-by-byte xor operation. XOR: Apply the exclusive-or operation to combine the octet string on the left of this operator with the octet string on the right of this operator. The length of the output and each of the two inputs will be the same for this use.
      Parameters:
      value1 -
      value2 -
      Returns:
      Throws:
      IllegalArgumentException