Class ScramUtils
java.lang.Object
org.apache.activemq.artemis.spi.core.security.scram.ScramUtils
Provides static methods for working with SCRAM/SASL
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
New password data in byte array formatstatic class
New password data in database friendly format, i.e. -
Method Summary
Modifier and TypeMethodDescriptionTransforms NewPasswordByteArrayData into NewPasswordStringData into database friendly (string) representation Uses Base64 to encode the byte arrays into stringsstatic byte[]
computeHmac
(byte[] key, String hmacName, String string) Computes HMAC byte array for given stringstatic byte[]
computeHmac
(byte[] key, Mac hmac, String string) static Mac
createHmac
(byte[] keyBytes, String hmacName) Creates HMACstatic byte[]
generateSaltedPassword
(String password, byte[] salt, int iterationsCount, Mac mac) Generates salted password.static boolean
isNullOrEmpty
(String string) Checks if string is null or emptynewPassword
(String passwordClearText, byte[] salt, int iterations, MessageDigest messageDigest, Mac mac) Computes the data associated with new password like salted password, keys, etc
-
Method Details
-
generateSaltedPassword
public static byte[] generateSaltedPassword(String password, byte[] salt, int iterationsCount, Mac mac) throws ScramException Generates salted password.- Parameters:
password
- Clear form password, i.e. what user typedsalt
- Salt to be usediterationsCount
- Iterations for 'salting'mac
- HMAC to be used- Returns:
- salted password
- Throws:
ScramException
-
createHmac
public static Mac createHmac(byte[] keyBytes, String hmacName) throws NoSuchAlgorithmException, InvalidKeyException Creates HMAC- Parameters:
keyBytes
- keyhmacName
- HMAC name- Returns:
- Mac
- Throws:
InvalidKeyException
- if internal error occur while working with SecretKeySpecNoSuchAlgorithmException
- if hmacName is not supported by the java
-
computeHmac
public static byte[] computeHmac(byte[] key, String hmacName, String string) throws InvalidKeyException, NoSuchAlgorithmException Computes HMAC byte array for given string- Parameters:
key
- keyhmacName
- HMAC namestring
- string for which HMAC will be computed- Returns:
- computed HMAC
- Throws:
InvalidKeyException
- if internal error occur while working with SecretKeySpecNoSuchAlgorithmException
- if hmacName is not supported by the java
-
computeHmac
- Throws:
ScramException
-
isNullOrEmpty
Checks if string is null or empty- Parameters:
string
- String to be tested- Returns:
- true if the string is null or empty, false otherwise
-
newPassword
public static ScramUtils.NewPasswordByteArrayData newPassword(String passwordClearText, byte[] salt, int iterations, MessageDigest messageDigest, Mac mac) throws ScramException Computes the data associated with new password like salted password, keys, etcThis method is supposed to be used by a server when user provides new clear form password. We don't want to save it that way so we generate salted password and store it along with other data required by the SCRAM mechanism
- Parameters:
passwordClearText
- Clear form password, i.e. as provided by the usersalt
- Salt to be usediterations
- Iterations for 'salting'mac
- HMAC name to be usedmessageDigest
- Digest name to be used- Returns:
- new password data while working with SecretKeySpec
- Throws:
ScramException
-
byteArrayToStringData
public static ScramUtils.NewPasswordStringData byteArrayToStringData(ScramUtils.NewPasswordByteArrayData ba) Transforms NewPasswordByteArrayData into NewPasswordStringData into database friendly (string) representation Uses Base64 to encode the byte arrays into strings- Parameters:
ba
- Byte array data- Returns:
- String data
-