Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.shiro.crypto.hash
Class AbstractHash

java.lang.Object
  extended by org.apache.shiro.codec.CodecSupport
      extended by org.apache.shiro.crypto.hash.AbstractHash
All Implemented Interfaces:
Serializable, Hash
Direct Known Subclasses:
Md2Hash, Md5Hash, Sha1Hash, Sha256Hash, Sha384Hash, Sha512Hash
public abstract class AbstractHash
extends CodecSupport
implements Hash, Serializable

Provides a base for all Shiro Hash algorithms with support for salts and multiple hash iterations.

Read http://www.owasp.org/index.php/Hashing_Java for a good article on the benefits of hashing, including what a 'salt' is as well as why it and multiple hash iterations can be useful.

This class and its subclasses support hashing with additional capabilities of salting and multiple iterations via overloaded constructors.

Since:
0.9
Author:
Les Hazlewood
See Also:
Serialized Form

Field Summary
 
Fields inherited from class org.apache.shiro.codec.CodecSupport
PREFERRED_ENCODING
 
Constructor Summary
AbstractHash()
          Creates an new instance without any of its properties set (no hashing is performed).
AbstractHash(Object source)
          Creates a hash of the specified source with no salt using a single hash iteration.
AbstractHash(Object source, Object salt)
          Creates a hash of the specified source using the given salt using a single hash iteration.
AbstractHash(Object source, Object salt, int hashIterations)
          Creates a hash of the specified source using the given salt a total of hashIterations times.
 
Method Summary
 boolean equals(Object o)
          Returns true if the specified object is a Hash and its byte array is identical to this Hash's byte array, false otherwise.
protected abstract  String getAlgorithmName()
          Implemented by subclasses, this specifies the name of the MessageDigest algorithm to use when performing the hash.
 byte[] getBytes()
          Returns this Hash's byte array, that is, the hashed value of the original input source.
protected  MessageDigest getDigest(String algorithmName)
          Returns the JDK MessageDigest instance to use for executing the hash.
protected  byte[] hash(byte[] bytes)
          Hashes the specified byte array without a salt for a single iteration.
protected  byte[] hash(byte[] bytes, byte[] salt)
          Hashes the specified byte array using the given salt for a single iteration.
protected  byte[] hash(byte[] bytes, byte[] salt, int hashIterations)
          Hashes the specified byte array using the given salt for the specified number of iterations.
 int hashCode()
          Simply returns toHex().hashCode();
 void setBytes(byte[] alreadyHashedBytes)
          Sets the raw bytes stored by this hash instance.
 String toBase64()
          Returns a Base64-encoded string of the underlying byte array.
 String toHex()
          Returns a hex-encoded string of the underlying byte array.
 String toString()
          Simple implementation that merely returns toHex().
 
Methods inherited from class org.apache.shiro.codec.CodecSupport
isByteSource, objectToBytes, objectToString, toBytes, toBytes, toBytes, toBytes, toBytes, toBytes, toBytes, toChars, toChars, toString, toString, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AbstractHash

public AbstractHash()
Creates an new instance without any of its properties set (no hashing is performed).

Because all constructors in this class (except this one) hash the source constructor argument, this default, no-arg constructor is useful in scenarios when you have a byte array that you know is already hashed and just want to set the bytes in their raw form directly on an instance. After instantiating the instance with this default, no-arg constructor, you can then immediately call setBytes to have a fully-initialized instance.

AbstractHash

public AbstractHash(Object source)
             throws CodecException
Creates a hash of the specified source with no salt using a single hash iteration.

It is a convenience constructor that merely executes this( source, null, 1);.

Please see the AbstractHash(Object,Object,int) constructor for the types of Objects that may be passed into this constructor, as well as how to support further types.

Parameters:
source - the object to be hashed.
Throws:
CodecException - if the specified source cannot be converted into a byte array (byte[]).

AbstractHash

public AbstractHash(Object source,
                    Object salt)
             throws CodecException
Creates a hash of the specified source using the given salt using a single hash iteration.

It is a convenience constructor that merely executes this( source, salt, 1);.

Please see the AbstractHash(Object,Object,int) constructor for the types of Objects that may be passed into this constructor, as well as how to support further types.

Parameters:
source - the source object to be hashed.
salt - the salt to use for the hash
Throws:
CodecException - if either constructor argument cannot be converted into a byte array.

AbstractHash

public AbstractHash(Object source,
                    Object salt,
                    int hashIterations)
             throws CodecException
Creates a hash of the specified source using the given salt a total of hashIterations times.

By default, this class only supports Object method arguments of type byte[], char[], String, File, or InputStream. If either argument is anything other than these types a CodecException will be thrown.

If you want to be able to hash other object types, or use other salt types, you need to override the toBytes(Object) method to support those specific types. Your other option is to convert your arguments to one of the default three supported types first before passing them in to this constructor}.

Parameters:
source - the source object to be hashed.
salt - the salt to use for the hash
hashIterations - the number of times the source argument hashed for attack resiliency.
Throws:
CodecException - if either Object constructor argument cannot be converted into a byte array.
Method Detail

getAlgorithmName

protected abstract String getAlgorithmName()
Implemented by subclasses, this specifies the name of the MessageDigest algorithm to use when performing the hash.

Returns:
the MessageDigest algorithm to use when performing the hash.

getBytes

public byte[] getBytes()
Description copied from interface: Hash
Returns this Hash's byte array, that is, the hashed value of the original input source.

Specified by:
getBytes in interface Hash
Returns:
this Hash's byte array, that is, the hashed value of the original input source.
See Also:
Hash.toHex(), Hash.toBase64()

setBytes

public void setBytes(byte[] alreadyHashedBytes)
Sets the raw bytes stored by this hash instance.

The bytes are kept in raw form - they will not be hashed/changed. This is primarily a utility method for constructing a Hash instance when the hashed value is already known.

Parameters:
alreadyHashedBytes - the raw already-hashed bytes to store in this instance.

getDigest

protected MessageDigest getDigest(String algorithmName)
Returns the JDK MessageDigest instance to use for executing the hash.

Parameters:
algorithmName - the algorithm to use for the hash, provided by subclasses.
Returns:
the MessageDigest object for the specified algorithm.

hash

protected byte[] hash(byte[] bytes)
Hashes the specified byte array without a salt for a single iteration.

Parameters:
bytes - the bytes to hash.
Returns:
the hashed bytes.

hash

protected byte[] hash(byte[] bytes,
                      byte[] salt)
Hashes the specified byte array using the given salt for a single iteration.

Parameters:
bytes - the bytes to hash
salt - the salt to use for the initial hash
Returns:
the hashed bytes

hash

protected byte[] hash(byte[] bytes,
                      byte[] salt,
                      int hashIterations)
Hashes the specified byte array using the given salt for the specified number of iterations.

Parameters:
bytes - the bytes to hash
salt - the salt to use for the initial hash
hashIterations - the number of times the the bytes will be hashed (for attack resiliency).
Returns:
the hashed bytes.

toHex

public String toHex()
Returns a hex-encoded string of the underlying byte array.

This implementation caches the resulting hex string so multiple calls to this method remain efficient. However, calling setBytes will null the cached value, forcing it to be recalculated the next time this method is called.

Specified by:
toHex in interface Hash
Returns:
a hex-encoded string of the underlying byte array.

toBase64

public String toBase64()
Returns a Base64-encoded string of the underlying byte array.

This implementation caches the resulting Base64 string so multiple calls to this method remain efficient. However, calling setBytes will null the cached value, forcing it to be recalculated the next time this method is called.

Specified by:
toBase64 in interface Hash
Returns:
a Base64-encoded string of the underlying byte array.

toString

public String toString()
Simple implementation that merely returns toHex().

Overrides:
toString in class Object
Returns:
the toHex() value.

equals

public boolean equals(Object o)
Returns true if the specified object is a Hash and its byte array is identical to this Hash's byte array, false otherwise.

Overrides:
equals in class Object
Parameters:
o - the object (Hash) to check for equality.
Returns:
true if the specified object is a Hash and its byte array is identical to this Hash's byte array, false otherwise.

hashCode

public int hashCode()
Simply returns toHex().hashCode();

Overrides:
hashCode in class Object
Returns:
toHex().hashCode()
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2010 The Apache Software Foundation. All Rights Reserved.