All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.landawn.abacus.util.WSSecurityUtil Maven / Gradle / Ivy

/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package com.landawn.abacus.util;

import java.security.MessageDigest;
import java.security.SecureRandom;

/**
 * 

* Note: it's copied from Apache WSS4J developed at The Apache Software Foundation (http://www.apache.org/), or * under the Apache License 2.0. The methods copied from other products/frameworks may be modified in this class. *

* * WS-Security Utility methods. *

* * @author Davanum Srinivas ([email protected]). */ public final class WSSecurityUtil { private static final String RNG_ALGORITHM = "SHA1PRNG"; private static final String HASH_ALGORITHM = "SHA-1"; /** * A cached pseudo-random number generator NB. On some JVMs, caching this random number generator is required to * overcome punitive overhead. */ private static SecureRandom random = null; /** A cached MessageDigest object. */ private static MessageDigest digest = null; private WSSecurityUtil() { // Complete } /** * Generate a nonce of the given length using the SHA1PRNG algorithm. The SecureRandom instance that backs this * method is cached for efficiency. * * @param length * @return a nonce of the given length */ public static byte[] generateNonce(int length) { synchronized (WSSecurityUtil.class) { try { if (random == null) { random = SecureRandom.getInstance(RNG_ALGORITHM); } byte[] temp = new byte[length]; random.nextBytes(temp); return temp; } catch (Exception ex) { throw new RuntimeException("Error in generating nonce of length " + length, ex); } } } /** * Generate a (SHA1) digest of the input bytes. The MessageDigest instance that backs this method is cached for * efficiency. * * @param inputBytes * the bytes to digest * @return */ public static byte[] generateDigest(byte[] inputBytes) { synchronized (WSSecurityUtil.class) { try { if (digest == null) { digest = MessageDigest.getInstance(HASH_ALGORITHM); } return digest.digest(inputBytes); } catch (Exception e) { throw new RuntimeException("Error in generating digest", e); } } } /** * Do password digest. * * @param nonce * @param created * @param password * @return */ public static String doPasswordDigest(byte[] nonce, byte[] created, byte[] password) { String passwdDigest = null; byte[] b4 = new byte[nonce.length + created.length + password.length]; int offset = 0; N.copy(nonce, 0, b4, offset, nonce.length); offset += nonce.length; N.copy(created, 0, b4, offset, created.length); offset += created.length; N.copy(password, 0, b4, offset, password.length); byte[] digestBytes = generateDigest(b4); passwdDigest = N.base64Encode(digestBytes); return passwdDigest; } /** * Do password digest. * * @param nonce * @param created * @param password * @return */ public static String doPasswordDigest(String nonce, String created, String password) { return doPasswordDigest(nonce.getBytes(Charsets.UTF_8), created.getBytes(Charsets.UTF_8), password.getBytes(Charsets.UTF_8)); } }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy