com.kapil.framework.crypto.SaltedSecureHashDigester Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of iframework Show documentation

This is a set of utilities and classes that I have found useful over the years. In my career spanning over a decade, I have time and again written the same code or some part of the code over and over again. I never found the time to collate the details in a reusable library. This project will be a collection of such files. The work that I have been doing is more than 5 years old, however the project has been conceived in 2011.

The newest version!

/*******************************************************************************
 * Copyright 2011 @ Kapil Viren Ahuja
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 * 
 * http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
 * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations under the License.
 ******************************************************************************/
package com.kapil.framework.crypto;

import com.kapil.framework.lang.ArrayUtils;


/**
 * 
 * Computes a text digest using the Salted Secure Hash Algorithm (SSHA). SSHA adds extra
 * security to the digest produced by SHA-1 by adding a random string (salt) to it. 
 * 
 */
public final class SaltedSecureHashDigester implements IDigester
{

    /**
     * 
     * Computes an SSHA digest of a text message.
     * 
     * 
     * @param text A {@link java.lang.String} containing the text to be digested.
     * @return A printable {@link java.lang.String} digest.
     */
    public String digest(String text)
    {
        return addPrefix(getRawDigest(text));
    }


    /**
     * Adds prefix {SHA} to a digest if it is not blank.
     * 
     * @param digest An array of bytes containing the digest value.
     * @return {@link java.lang.String} containing digest in Base-64 encoded form, with the algorith name prefixed.
     */
    private String addPrefix(byte[] digest)
    {
        return digest == null ? null : "{SSHA}" + Base64Util.encode(digest);
    }


    /**
     * Computes SSHA digest for a text message.
     * 
     * @param text {@link java.lang.String} text.
     * @return An array of bytes containing the digest.
     */
    public byte[] getRawDigest(String text)
    {
        SecureHashDigester secureDigester = new SecureHashDigester();
        byte[] digest = secureDigester.getRawDigest(text);

        // If a non-null digest was obtained, add salt to it.
        if (digest != null)
        {
            // Obtain salt by computing a secure digest of current system time.
            byte[] salt = secureDigester.getRawDigest(String.valueOf(System.currentTimeMillis()));

            // Append the salt to the digest.
            digest = ArrayUtils.mergeByteArrays(digest, salt);
        }

        return digest;
    }
}