Class SimpleDigesterConfig

  • All Implemented Interfaces:
    DigesterConfig
    Direct Known Subclasses:
    EnvironmentDigesterConfig, SimpleStringDigesterConfig

    public class SimpleDigesterConfig
    extends java.lang.Object
    implements DigesterConfig

    Bean implementation for DigesterConfig. This class allows the values for the configuration parameters to be set via "standard" setX methods.

    For any of the configuration parameters, if its setX method is not called, a null value will be returned by the corresponding getX method.

    Note that there is not an exact correspondence between setX() and getX() methods, as sometimes two methods like setProvider() and setProviderClassName() will affect the same configuration parameter (getProvider()). This means that several combinations of setX() methods collide, and should not be called together (a call to setProviderClassName() will override any previous call to setProvider()).

    Since:
    1.0
    • Constructor Summary

      Constructors 
      Constructor Description
      SimpleDigesterConfig()
      Creates a new SimpleDigesterConfig instance.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String getAlgorithm()
      Returns the name of an algorithm to be used for hashing, like "MD5" or "SHA-1".
      java.lang.Boolean getInvertPositionOfPlainSaltInEncryptionResults()
      Returns Boolean.TRUE if the plain (not hashed) salt bytes are to be appended after the digest operation result bytes.
      java.lang.Boolean getInvertPositionOfSaltInMessageBeforeDigesting()
      Returns Boolean.TRUE if the salt bytes are to be appended after the message ones before performing the digest operation on the whole.
      java.lang.Integer getIterations()
      Returns the number of times the hash function will be applied recursively.
      java.lang.Integer getPoolSize()
      Get the size of the pool of digesters to be created.
      java.security.Provider getProvider()
      Returns the java.security.Provider implementation object to be used by the digester for obtaining the digest algorithm.
      java.lang.String getProviderName()
      Returns the name of the java.security.Provider implementation to be used by the digester for obtaining the digest algorithm.
      SaltGenerator getSaltGenerator()
      Returns a SaltGenerator implementation to be used by the digester.
      java.lang.Integer getSaltSizeBytes()
      Returns the size of the salt to be used to compute the digest.
      java.lang.Boolean getUseLenientSaltSizeCheck()
      Returns Boolean.TRUE if digest matching operations will allow matching digests with a salt size different to the one configured in the "saltSizeBytes" property.
      void setAlgorithm​(java.lang.String algorithm)
      Sets the name of the algorithm.
      void setInvertPositionOfPlainSaltInEncryptionResults​(java.lang.Boolean invertPositionOfPlainSaltInEncryptionResults)
      Whether the plain (not hashed) salt bytes are to be appended after the digest operation result bytes.
      void setInvertPositionOfSaltInMessageBeforeDigesting​(java.lang.Boolean invertPositionOfSaltInMessageBeforeDigesting)
      Whether the salt bytes are to be appended after the message ones before performing the digest operation on the whole.
      void setIterations​(java.lang.Integer iterations)
      Sets the number of hashing iterations.
      void setIterations​(java.lang.String iterations)
      Sets the number of hashing iterations.
      void setPoolSize​(java.lang.Integer poolSize)
      Sets the size of the pool of digesters to be created.
      void setPoolSize​(java.lang.String poolSize)
      Sets the size of the pool of digesters to be created.
      void setProvider​(java.security.Provider provider)
      Sets the security provider to be used for obtaining the digest algorithm.
      void setProviderClassName​(java.lang.String providerClassName)
      Sets the class name for the security provider to be used for obtaining the digest algorithm.
      void setProviderName​(java.lang.String providerName)
      Sets the name of the security provider to be asked for the digest algorithm.
      void setSaltGenerator​(SaltGenerator saltGenerator)
      Sets the salt generator.
      void setSaltGeneratorClassName​(java.lang.String saltGeneratorClassName)
      Sets the class name of the salt generator.
      void setSaltSizeBytes​(java.lang.Integer saltSizeBytes)
      Size in bytes of the salt to be used.
      void setSaltSizeBytes​(java.lang.String saltSizeBytes)
      Size in bytes of the salt to be used.
      void setUseLenientSaltSizeCheck​(java.lang.Boolean useLenientSaltSizeCheck)
      Whether digest matching operations will allow matching digests with a salt size different to the one configured in the "saltSizeBytes" property.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • algorithm

        private java.lang.String algorithm
      • iterations

        private java.lang.Integer iterations
      • saltSizeBytes

        private java.lang.Integer saltSizeBytes
      • providerName

        private java.lang.String providerName
      • provider

        private java.security.Provider provider
      • invertPositionOfSaltInMessageBeforeDigesting

        private java.lang.Boolean invertPositionOfSaltInMessageBeforeDigesting
      • invertPositionOfPlainSaltInEncryptionResults

        private java.lang.Boolean invertPositionOfPlainSaltInEncryptionResults
      • useLenientSaltSizeCheck

        private java.lang.Boolean useLenientSaltSizeCheck
      • poolSize

        private java.lang.Integer poolSize
    • Constructor Detail

      • SimpleDigesterConfig

        public SimpleDigesterConfig()

        Creates a new SimpleDigesterConfig instance.

    • Method Detail

      • setAlgorithm

        public void setAlgorithm​(java.lang.String algorithm)

        Sets the name of the algorithm.

        This algorithm has to be supported by your security infrastructure, and it should be allowed as an algorithm for creating java.security.MessageDigest instances.

        If you are specifying a security provider with setProvider(Provider) or setProviderName(String), this algorithm should be supported by your specified provider.

        If you are not specifying a provider, you will be able to use those algorithms provided by the default security provider of your JVM vendor. For valid names in the Sun JVM, see Java Cryptography Architecture API Specification & Reference.

        Determines the result of: getAlgorithm()

        Parameters:
        algorithm - the name of the algorithm.
      • setIterations

        public void setIterations​(java.lang.Integer iterations)

        Sets the number of hashing iterations.

        If not set, null will be returned.

        Determines the result of: getIterations()

        Parameters:
        iterations - the number of iterations.
      • setIterations

        public void setIterations​(java.lang.String iterations)

        Sets the number of hashing iterations.

        If not set, null will be returned.

        Determines the result of: getIterations()

        Parameters:
        iterations - the number of iterations.
        Since:
        1.4
      • setSaltSizeBytes

        public void setSaltSizeBytes​(java.lang.Integer saltSizeBytes)

        Size in bytes of the salt to be used.

        If not set, null will be returned.

        Determines the result of: getSaltSizeBytes()

        Parameters:
        saltSizeBytes - the size of the salt, in bytes.
      • setSaltSizeBytes

        public void setSaltSizeBytes​(java.lang.String saltSizeBytes)

        Size in bytes of the salt to be used.

        If not set, null will be returned.

        Determines the result of: getSaltSizeBytes()

        Parameters:
        saltSizeBytes - the size of the salt, in bytes.
        Since:
        1.4
      • setSaltGenerator

        public void setSaltGenerator​(SaltGenerator saltGenerator)

        Sets the salt generator.

        If not set, null will be returned.

        Determines the result of: getSaltGenerator()

        Parameters:
        saltGenerator - the salt generator.
        Since:
        1.2
      • setSaltGeneratorClassName

        public void setSaltGeneratorClassName​(java.lang.String saltGeneratorClassName)

        Sets the class name of the salt generator.

        If not set, null will be returned.

        Determines the result of: getSaltGenerator()

        Parameters:
        saltGeneratorClassName - the name of the salt generator class.
        Since:
        1.4
      • setProviderName

        public void setProviderName​(java.lang.String providerName)

        Sets the name of the security provider to be asked for the digest algorithm. This provider should be already registered.

        If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the digester object.

        If not set, null will be returned.

        Determines the result of: getProviderName()

        Parameters:
        providerName - the name of the security provider.
        Since:
        1.3
      • setProvider

        public void setProvider​(java.security.Provider provider)

        Sets the security provider to be used for obtaining the digest algorithm. This method is an alternative to both setProviderName(String) and setProviderClassName(String) and they should not be used altogether. The provider specified with setProvider(Provider) does not have to be registered beforehand, and its use will not result in its being registered.

        If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the digester object.

        If not set, null will be returned.

        Determines the result of: getProvider()

        Parameters:
        provider - the security provider object.
        Since:
        1.3
      • setProviderClassName

        public void setProviderClassName​(java.lang.String providerClassName)

        Sets the class name for the security provider to be used for obtaining the digest algorithm. This method is an alternative to both setProviderName(String) setProvider(Provider) and they should not be used altogether. The provider specified with setProviderClassName(String) does not have to be registered beforehand, and its use will not result in its being registered.

        If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the digester object.

        If not set, null will be returned.

        Determines the result of: getProvider()

        Parameters:
        providerClassName - the name of the security provider class.
        Since:
        1.4
      • setInvertPositionOfSaltInMessageBeforeDigesting

        public void setInvertPositionOfSaltInMessageBeforeDigesting​(java.lang.Boolean invertPositionOfSaltInMessageBeforeDigesting)

        Whether the salt bytes are to be appended after the message ones before performing the digest operation on the whole. The default behaviour is to insert those bytes before the message bytes, but setting this configuration item to true allows compatibility with some external systems and specifications (e.g. LDAP {SSHA}).

        If not set, null will be returned.

        Determines the result of: getInvertPositionOfSaltInMessageBeforeDigesting()

        Parameters:
        invertPositionOfSaltInMessageBeforeDigesting - whether salt will be appended after the message before applying the digest operation on the whole, instead of inserted before it (which is the default).
        Since:
        1.7
      • setInvertPositionOfPlainSaltInEncryptionResults

        public void setInvertPositionOfPlainSaltInEncryptionResults​(java.lang.Boolean invertPositionOfPlainSaltInEncryptionResults)

        Whether the plain (not hashed) salt bytes are to be appended after the digest operation result bytes. The default behaviour is to insert them before the digest result, but setting this configuration item to true allows compatibility with some external systems and specifications (e.g. LDAP {SSHA}).

        If not set, null will be returned.

        Determines the result of: getInvertPositionOfPlainSaltInEncryptionResults()

        Parameters:
        invertPositionOfPlainSaltInEncryptionResults - whether plain salt will be appended after the digest operation result instead of inserted before it (which is the default).
        Since:
        1.7
      • setUseLenientSaltSizeCheck

        public void setUseLenientSaltSizeCheck​(java.lang.Boolean useLenientSaltSizeCheck)

        Whether digest matching operations will allow matching digests with a salt size different to the one configured in the "saltSizeBytes" property. This is possible because digest algorithms will produce a fixed-size result, so the remaining bytes from the hashed input will be considered salt.

        This will allow the digester to match digests produced in environments which do not establish a fixed salt size as standard (for example, SSHA password encryption in LDAP systems).

        The value of this property will not affect the creation of digests, which will always have a salt of the size established by the "saltSizeBytes" property. It will only affect digest matching.

        Setting this property to true is not compatible with SaltGenerator implementations which return false for their SaltGenerator.includePlainSaltInEncryptionResults() property.

        Also, be aware that some algorithms or algorithm providers might not support knowing the size of the digests beforehand, which is also incompatible with a lenient behaviour.

        If not set, null will be returned.

        Determines the result of: getUseLenientSaltSizeCheck()

        Parameters:
        useLenientSaltSizeCheck - whether the digester will allow matching of digests with different salt sizes than established or not (default is false).
        Since:
        1.7
      • setPoolSize

        public void setPoolSize​(java.lang.Integer poolSize)

        Sets the size of the pool of digesters to be created.

        This parameter will be ignored if used with a non-pooled digester.

        If not set, null will be returned.

        Determines the result of: getPoolSize()

        Parameters:
        poolSize - the size of the pool to be used if this configuration is used with a pooled digester
        Since:
        1.7
      • setPoolSize

        public void setPoolSize​(java.lang.String poolSize)

        Sets the size of the pool of digesters to be created.

        This parameter will be ignored if used with a non-pooled digester.

        If not set, null will be returned.

        Determines the result of: getPoolSize()

        Parameters:
        poolSize - the size of the pool to be used if this configuration is used with a pooled digester
        Since:
        1.7
      • getAlgorithm

        public java.lang.String getAlgorithm()
        Description copied from interface: DigesterConfig

        Returns the name of an algorithm to be used for hashing, like "MD5" or "SHA-1".

        This algorithm has to be supported by your Java Virtual Machine, and it should be allowed as an algorithm for creating java.security.MessageDigest instances.

        If this method returns null, the digester will ignore the config object when deciding the algorithm to be used.

        Specified by:
        getAlgorithm in interface DigesterConfig
        Returns:
        the name of the algorithm to be used, or null if this object will not want to set an algorithm. See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.
      • getIterations

        public java.lang.Integer getIterations()
        Description copied from interface: DigesterConfig

        Returns the number of times the hash function will be applied recursively.
        The hash function will be applied to its own results as many times as specified: h(h(...h(x)...))

        This mechanism is explained in PKCS #5: Password-Based Cryptography Standard.

        If this method returns null, the digester will ignore the config object when deciding the number of hashing iterations.

        Specified by:
        getIterations in interface DigesterConfig
        Returns:
        the number of iterations, or null if this object will not want to set the number of iterations.
      • getSaltSizeBytes

        public java.lang.Integer getSaltSizeBytes()
        Description copied from interface: DigesterConfig

        Returns the size of the salt to be used to compute the digest. This mechanism is explained in PKCS #5: Password-Based Cryptography Standard.

        If salt size is set to zero, then no salt will be used.

        If this method returns null, the digester will ignore the config object when deciding the size of the salt to be used.

        Specified by:
        getSaltSizeBytes in interface DigesterConfig
        Returns:
        the size of the salt to be used, in bytes, or null if this object will not want to set a size for salt.
      • getSaltGenerator

        public SaltGenerator getSaltGenerator()
        Description copied from interface: DigesterConfig

        Returns a SaltGenerator implementation to be used by the digester.

        If this method returns null, the digester will ignore the config object when deciding the salt generator to be used.

        Specified by:
        getSaltGenerator in interface DigesterConfig
        Returns:
        the salt generator, or null if this object will not want to set a specific SaltGenerator implementation.
      • getProviderName

        public java.lang.String getProviderName()
        Description copied from interface: DigesterConfig

        Returns the name of the java.security.Provider implementation to be used by the digester for obtaining the digest algorithm. This provider must have been registered beforehand.

        If this method returns null, the digester will ignore this parameter when deciding the name of the security provider to be used.

        If this method does not return null, and neither does DigesterConfig.getProvider(), providerName will be ignored, and the provider object returned by getProvider() will be used.

        Specified by:
        getProviderName in interface DigesterConfig
        Returns:
        the name of the security provider to be used.
      • getProvider

        public java.security.Provider getProvider()
        Description copied from interface: DigesterConfig

        Returns the java.security.Provider implementation object to be used by the digester for obtaining the digest algorithm.

        If this method returns null, the digester will ignore this parameter when deciding the security provider object to be used.

        If this method does not return null, and neither does DigesterConfig.getProviderName(), providerName will be ignored, and the provider object returned by getProvider() will be used.

        The provider returned by this method does not need to be registered beforehand, and its use will not result in its being registered.

        Specified by:
        getProvider in interface DigesterConfig
        Returns:
        the security provider object to be asked for the digest algorithm.
      • getInvertPositionOfSaltInMessageBeforeDigesting

        public java.lang.Boolean getInvertPositionOfSaltInMessageBeforeDigesting()
        Description copied from interface: DigesterConfig

        Returns Boolean.TRUE if the salt bytes are to be appended after the message ones before performing the digest operation on the whole. The default behaviour is to insert those bytes before the message bytes, but setting this configuration item to true allows compatibility with some external systems and specifications (e.g. LDAP {SSHA}).

        Specified by:
        getInvertPositionOfSaltInMessageBeforeDigesting in interface DigesterConfig
        Returns:
        whether salt will be appended after the message before applying the digest operation on the whole, instead of inserted before it (which is the default). If null is returned, the default behaviour will be applied.
      • getInvertPositionOfPlainSaltInEncryptionResults

        public java.lang.Boolean getInvertPositionOfPlainSaltInEncryptionResults()
        Description copied from interface: DigesterConfig

        Returns Boolean.TRUE if the plain (not hashed) salt bytes are to be appended after the digest operation result bytes. The default behaviour is to insert them before the digest result, but setting this configuration item to true allows compatibility with some external systems and specifications (e.g. LDAP {SSHA}).

        Specified by:
        getInvertPositionOfPlainSaltInEncryptionResults in interface DigesterConfig
        Returns:
        whether plain salt will be appended after the digest operation result instead of inserted before it (which is the default). If null is returned, the default behaviour will be applied.
      • getUseLenientSaltSizeCheck

        public java.lang.Boolean getUseLenientSaltSizeCheck()
        Description copied from interface: DigesterConfig

        Returns Boolean.TRUE if digest matching operations will allow matching digests with a salt size different to the one configured in the "saltSizeBytes" property. This is possible because digest algorithms will produce a fixed-size result, so the remaining bytes from the hashed input will be considered salt.

        This will allow the digester to match digests produced in environments which do not establish a fixed salt size as standard (for example, SSHA password encryption in LDAP systems).

        The value of this property will not affect the creation of digests, which will always have a salt of the size established by the "saltSizeBytes" property. It will only affect digest matching.

        Setting this property to true is not compatible with SaltGenerator implementations which return false for their SaltGenerator.includePlainSaltInEncryptionResults() property.

        Also, be aware that some algorithms or algorithm providers might not support knowing the size of the digests beforehand, which is also incompatible with a lenient behaviour.

        Default is FALSE.

        Specified by:
        getUseLenientSaltSizeCheck in interface DigesterConfig
        Returns:
        whether the digester will allow matching of digests with different salt sizes than established or not (default is false).
      • getPoolSize

        public java.lang.Integer getPoolSize()
        Description copied from interface: DigesterConfig

        Get the size of the pool of digesters to be created.

        This parameter will be ignored if used with a non-pooled digester.

        Specified by:
        getPoolSize in interface DigesterConfig
        Returns:
        the size of the pool to be used if this configuration is used with a pooled digester