Package de.uplanet.security
Class KeyedSaltedHashing
java.lang.Object
de.uplanet.security.KeyedSaltedHashing
Deprecated.
Intrexx >= 9 uses a PBKDF2 based password storage mechanism.
HMAC Keyed Salted Hashing
This class implements a HMAC keyed and SALTed hashing algorithm. It is closely related to the mechanism described in RFC 2104, HMAC: Keyed-Hashing for Message Authentication. Beyond that, it supports SALT in a way that is compatible with common password storing strategies
-
Constructor Summary
ConstructorDescriptionDeprecated.Contruct the hashing class with SHA-1 as the undelying hashing algorithm.KeyedSaltedHashing
(String p_strAlgorithm) Deprecated.Contruct the hashing class with the specified hashing algorithm. -
Method Summary
Modifier and TypeMethodDescriptionboolean
equals
(KeyedSaltedHashing p_another) Deprecated.Do not use this method.byte[]
Deprecated.Get the digest.byte[]
makeDigest
(byte[] p_hashedPassword, byte[] p_message) Deprecated.Create the HMAC.byte[]
makeDigest
(byte[] p_password, byte[] p_salt, byte[] p_message) Deprecated.Create the HMAC.static boolean
verify
(byte[] p_response, byte[] p_hashedPassword, byte[] p_challenge) Deprecated.Verify a given client login response using SHA-1 as the hashing algorithm.static boolean
Deprecated.Verify a given client login response.
-
Constructor Details
-
KeyedSaltedHashing
public KeyedSaltedHashing()Deprecated.Contruct the hashing class with SHA-1 as the undelying hashing algorithm. -
KeyedSaltedHashing
Deprecated.Contruct the hashing class with the specified hashing algorithm.- Throws:
NoSuchAlgorithmException
- If the algorithm is not available in the caller's environment.
-
-
Method Details
-
verify
public static boolean verify(byte[] p_response, byte[] p_hashedPassword, byte[] p_challenge) Deprecated.Verify a given client login response using SHA-1 as the hashing algorithm.This method calls
to calculate the expected response, and then securely compares it with the response given by the client.makeDigest(byte[], byte[])
- Parameters:
p_response
- The client response.p_hashedPassword
- The hashed password.p_challenge
- The challenge.- Returns:
true
if the client's response is correct, orfalse
otherwise.
-
verify
public static boolean verify(byte[] p_response, byte[] p_hashedPassword, byte[] p_challenge, String p_strAlgorithm) throws NoSuchAlgorithmException Deprecated.Verify a given client login response.This method calls
to calculate the expected response, and then securely compares it with the response given by the client.makeDigest(byte[], byte[])
- Parameters:
p_response
- The client response.p_hashedPassword
- The hashed password.p_challenge
- The challenge.p_strAlgorithm
- The hashing algorithm to be used.- Returns:
true
if the client's response is correct, orfalse
otherwise.- Throws:
NoSuchAlgorithmException
- If the requested hashing algorithm is not available.
-
equals
Deprecated.Do not use this method.Compare the digest of this object with the digest of anotherKeyedSaltedHashing
- Parameters:
p_another
- Another instance ofKeyedSaltedHashing
to compare with.- Returns:
true
if the two underlying digests are the same or both digest arenull
,false
otherwise.
-
makeDigest
public byte[] makeDigest(byte[] p_password, byte[] p_salt, byte[] p_message) throws NullPointerException Deprecated.Create the HMAC.The HMAC is computed from the password, the SALT and the message
- Parameters:
p_password
- The plain password as abyte
array.p_salt
- The SALT as abyte
array ornull
if SALT should not be used.p_message
- The message (e.g. challenge) as abyte
array.- Returns:
- The keyed salted digest.
- Throws:
NullPointerException
- if the password or the message isnull
-
makeDigest
Deprecated.Create the HMAC.The HMAC is computed from a hashed password-SALT pair and the message
- Parameters:
p_hashedPassword
- The hashed and password-SALT-pair as abyte
array.p_message
- The message (e.g. challenge) as abyte
array.- Returns:
- The HMAC.
- Throws:
NullPointerException
- ifp_hashedPassword
or the message isnull
-
getDigest
public byte[] getDigest()Deprecated.Get the digest.- Returns:
- The keyed salted digest or
null
if none is available.
-