Class ScramUtils
- java.lang.Object
-
- org.apache.activemq.artemis.spi.core.security.scram.ScramUtils
-
public class ScramUtils extends Object
Provides static methods for working with SCRAM/SASL
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
ScramUtils.NewPasswordByteArrayData
New password data in byte array formatstatic class
ScramUtils.NewPasswordStringData
New password data in database friendly format, i.e.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static ScramUtils.NewPasswordStringData
byteArrayToStringData(ScramUtils.NewPasswordByteArrayData ba)
Transforms NewPasswordByteArrayData into NewPasswordStringData into database friendly (string) representation Uses Base64 to encode the byte arrays into stringsstatic byte[]
computeHmac(byte[] key, String hmacName, String string)
Computes HMAC byte array for given stringstatic byte[]
computeHmac(byte[] key, Mac hmac, String string)
static Mac
createHmac(byte[] keyBytes, String hmacName)
Creates HMACstatic byte[]
generateSaltedPassword(String password, byte[] salt, int iterationsCount, Mac mac)
Generates salted password.static boolean
isNullOrEmpty(String string)
Checks if string is null or emptystatic ScramUtils.NewPasswordByteArrayData
newPassword(String passwordClearText, byte[] salt, int iterations, MessageDigest messageDigest, Mac mac)
Computes the data associated with new password like salted password, keys, etc
-
-
-
Method Detail
-
generateSaltedPassword
public static byte[] generateSaltedPassword(String password, byte[] salt, int iterationsCount, Mac mac) throws ScramException
Generates salted password.- Parameters:
password
- Clear form password, i.e. what user typedsalt
- Salt to be usediterationsCount
- Iterations for 'salting'mac
- HMAC to be used- Returns:
- salted password
- Throws:
ScramException
-
createHmac
public static Mac createHmac(byte[] keyBytes, String hmacName) throws NoSuchAlgorithmException, InvalidKeyException
Creates HMAC- Parameters:
keyBytes
- keyhmacName
- HMAC name- Returns:
- Mac
- Throws:
InvalidKeyException
- if internal error occur while working with SecretKeySpecNoSuchAlgorithmException
- if hmacName is not supported by the java
-
computeHmac
public static byte[] computeHmac(byte[] key, String hmacName, String string) throws InvalidKeyException, NoSuchAlgorithmException
Computes HMAC byte array for given string- Parameters:
key
- keyhmacName
- HMAC namestring
- string for which HMAC will be computed- Returns:
- computed HMAC
- Throws:
InvalidKeyException
- if internal error occur while working with SecretKeySpecNoSuchAlgorithmException
- if hmacName is not supported by the java
-
computeHmac
public static byte[] computeHmac(byte[] key, Mac hmac, String string) throws ScramException
- Throws:
ScramException
-
isNullOrEmpty
public static boolean isNullOrEmpty(String string)
Checks if string is null or empty- Parameters:
string
- String to be tested- Returns:
- true if the string is null or empty, false otherwise
-
newPassword
public static ScramUtils.NewPasswordByteArrayData newPassword(String passwordClearText, byte[] salt, int iterations, MessageDigest messageDigest, Mac mac) throws ScramException
Computes the data associated with new password like salted password, keys, etcThis method is supposed to be used by a server when user provides new clear form password. We don't want to save it that way so we generate salted password and store it along with other data required by the SCRAM mechanism
- Parameters:
passwordClearText
- Clear form password, i.e. as provided by the usersalt
- Salt to be usediterations
- Iterations for 'salting'mac
- HMAC name to be usedmessageDigest
- Digest name to be used- Returns:
- new password data while working with SecretKeySpec
- Throws:
ScramException
-
byteArrayToStringData
public static ScramUtils.NewPasswordStringData byteArrayToStringData(ScramUtils.NewPasswordByteArrayData ba)
Transforms NewPasswordByteArrayData into NewPasswordStringData into database friendly (string) representation Uses Base64 to encode the byte arrays into strings- Parameters:
ba
- Byte array data- Returns:
- String data
-
-