1 18 package sync4j.framework.tools; 19 20 import java.security.MessageDigest ; 21 import java.security.NoSuchAlgorithmException ; 22 import java.security.SecureRandom ; 23 import java.util.logging.Level ; 24 import java.util.logging.Logger ; 25 26 import javax.crypto.Mac; 27 import javax.crypto.spec.SecretKeySpec; 28 29 38 public class SecurityTools { 39 40 private static SecureRandom random = null; 42 43 45 46 protected SecurityTools() { 47 } 48 49 51 56 public static String getRandomPassword() { 57 byte[] nextNonce = new byte[16]; 58 random.nextBytes(nextNonce); 59 60 int i; 61 for (int j=0; j<nextNonce.length; ++j) { 62 i = nextNonce[j] & 0x000000ff; 63 if ((i<32) || (i>128)) { 64 nextNonce[j] = (byte)(32 + (i % 64)); 65 } 66 } 67 68 return new String (Base64.encode(nextNonce)); 69 } 70 71 72 89 public static String getHMACValue( String algorithm, 90 byte[] msg , 91 String username , 92 String password , 93 byte[] nonce , 94 Logger log) 95 throws NoSuchAlgorithmException { 96 97 if (nonce == null) { 98 nonce = new byte[0]; 99 } 100 if (log != null) { 101 if (log.isLoggable(Level.FINEST)) { 102 log.finest("Calculates mac with: " + 103 "\n\talgorith: " + algorithm + 104 "\n\tmsg: " + msg + 105 "\n\tusername: " + username + 106 "\n\tpassword: " + password + 107 "\n\tnonce: " + new String (Base64.encode(nonce)) 108 ); 109 } 110 } 111 112 if (msg == null) { 113 return null; 114 } 115 116 String cred = username + ":" + password; 117 118 byte[] md5 = null; 119 120 md5 = MD5.digest(cred.getBytes()); 122 byte[] digest = Base64.encode(md5); 123 124 cred = new String (digest); 125 126 return getHMACValue(algorithm, msg, cred, nonce, log); 127 } 128 129 130 146 public static String getHMACValue(String algorithm , 147 byte[] msg , 148 String credential, 149 byte[] nonce , 150 Logger log) 151 throws NoSuchAlgorithmException { 152 156 if (log != null) { 157 if (log.isLoggable(Level.FINEST)) { 158 log.finest("Calculates mac with: " + 159 "\n\talgorith: " + algorithm + 160 "\n\tmsg: " + msg + 161 "\n\tcredential: " + credential + 162 "\n\tnonce: " + new String (Base64.encode(nonce)) 163 ); 164 } 165 } 166 167 if (msg == null) { 168 return null; 169 } 170 171 MessageDigest md = null; 172 173 md = MessageDigest.getInstance(algorithm); 174 175 byte[] digestDataMessage = null; 176 byte[] b64DigestDataMessage = null; 177 178 byte[] digest = null; 179 180 182 digestDataMessage = md.digest(msg); 184 185 b64DigestDataMessage = Base64.encode(digestDataMessage); 187 188 md.reset(); 189 190 byte[] credentialBytes = credential.getBytes(); 191 192 byte[] buf = new byte[credentialBytes.length + 2 + nonce.length + b64DigestDataMessage.length]; 197 198 System.arraycopy(credentialBytes, 0, buf, 0, credentialBytes.length); 199 buf[credentialBytes.length] = (byte)':'; 200 System.arraycopy(nonce, 0, buf, credentialBytes.length+1, nonce.length); 201 buf[credentialBytes.length + nonce.length + 1] = (byte)':'; 202 System.arraycopy(b64DigestDataMessage, 0, buf, credentialBytes.length + nonce.length + 2, b64DigestDataMessage.length); 203 204 digest = md.digest(buf); 205 206 String mac = new String (Base64.encode(digest)); 207 if (log != null) { 208 if (log.isLoggable(Level.FINEST)) { 209 log.finest("HMAC: " + mac); 210 } 211 } 212 return mac; 213 } 214 215 216 223 public static byte[] computeHmacSha1(byte[] bKey, byte[] message) 224 throws java.security.GeneralSecurityException { 225 226 String algorithm = "HmacSha1"; 227 byte[] digest = null; 228 229 SecretKeySpec key = new SecretKeySpec(bKey, algorithm); 231 232 Mac mac = Mac.getInstance(algorithm); 234 mac.init(key); 235 236 digest = mac.doFinal(message); 237 238 return digest; 239 } 240 241 242 244 static { 245 try { 246 random = SecureRandom.getInstance("SHA1PRNG"); 247 } catch(Exception e) { 248 e.printStackTrace(); 249 } 250 } 251 } | Popular Tags |