info.magnolia.cms.security
Class SecurityUtil

java.lang.Object
  extended by info.magnolia.cms.security.SecurityUtil

public class SecurityUtil
extends Object

Utility functions required in the context of Security.

Version:
$Id$

Field Summary
static String MD5
           
static String SHA1
           
static String SHA256
          There are five (5) FIPS-approved* algorithms for generating a condensed representation of a message (message digest): SHA-1, SHA-224, SHA-256,SHA-384, and SHA-512.
static String SHA384
           
static String SHA512
           
 
Constructor Summary
SecurityUtil()
           
 
Method Summary
static String byteArrayToHex(byte[] raw)
           
static Subject createSubjectAndPopulate(User user)
           
static String decrypt(String pass)
           
static String decrypt(String message, String encodedKey)
           
static String encrypt(String pass)
           
static String encrypt(String message, String encodedKey)
           
static MgnlKeyPair generateKeyPair(int keyLength)
           
static String getBCrypt(String text)
           
static byte[] getDigest(byte[] data, String algorithm)
          Message Digesting function.
static String getDigest(String data, String algorithm)
          Message Digesting function.
static DigestInputStream getDigestInputStream(InputStream stream)
           
static DigestOutputStream getDigestOutputStream(OutputStream stream)
           
static String getMD5Hex(byte[] data)
          Gets MD5 encoded -> hex string.
static String getMD5Hex(DigestInputStream stream)
           
static String getMD5Hex(DigestOutputStream stream)
           
static String getMD5Hex(String data)
           
static String getPrivateKey()
           
static String getPublicKey()
           
static String getSHA1Hex(byte[] data)
          Gets SHA-1 encoded -> hex string.
static String getSHA1Hex(String data)
           
static byte[] hexToByteArray(String s)
           
static boolean isAnonymous()
          Checks if the currently acting user is anonymous.
static boolean isAuthenticated()
           
static boolean matchBCrypted(String candidate, String hash)
           
static String stripParameterFromCacheLog(String log, String parameter)
           
static String stripPasswordFromCacheLog(String log)
          Used for removing password parameter from cache key.
static String stripPasswordFromUrl(String url)
           
static void updateKeys(MgnlKeyPair keys)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SHA1

public static final String SHA1
See Also:
Constant Field Values

MD5

public static final String MD5
See Also:
Constant Field Values

SHA256

public static final String SHA256
There are five (5) FIPS-approved* algorithms for generating a condensed representation of a message (message digest): SHA-1, SHA-224, SHA-256,SHA-384, and SHA-512. Not supported yet

See Also:
Constant Field Values

SHA384

public static final String SHA384
See Also:
Constant Field Values

SHA512

public static final String SHA512
See Also:
Constant Field Values
Constructor Detail

SecurityUtil

public SecurityUtil()
Method Detail

isAnonymous

public static boolean isAnonymous()
Checks if the currently acting user is anonymous.


isAuthenticated

public static boolean isAuthenticated()

decrypt

public static String decrypt(String pass)
                      throws SecurityException
Throws:
SecurityException

decrypt

public static String decrypt(String message,
                             String encodedKey)
                      throws SecurityException
Throws:
SecurityException

encrypt

public static String encrypt(String pass)
                      throws SecurityException
Throws:
SecurityException

encrypt

public static String encrypt(String message,
                             String encodedKey)

getPrivateKey

public static String getPrivateKey()

updateKeys

public static void updateKeys(MgnlKeyPair keys)

getPublicKey

public static String getPublicKey()

byteArrayToHex

public static String byteArrayToHex(byte[] raw)

hexToByteArray

public static byte[] hexToByteArray(String s)

generateKeyPair

public static MgnlKeyPair generateKeyPair(int keyLength)
                                   throws NoSuchAlgorithmException
Throws:
NoSuchAlgorithmException

stripPasswordFromCacheLog

public static String stripPasswordFromCacheLog(String log)
Used for removing password parameter from cache key.

Parameters:
cacheKey.toString() -
Returns:

stripPasswordFromUrl

public static String stripPasswordFromUrl(String url)

stripParameterFromCacheLog

public static String stripParameterFromCacheLog(String log,
                                                String parameter)

getBCrypt

public static String getBCrypt(String text)

matchBCrypted

public static boolean matchBCrypted(String candidate,
                                    String hash)

getDigest

public static String getDigest(String data,
                               String algorithm)
                        throws NoSuchAlgorithmException
Message Digesting function.

Throws:
NoSuchAlgorithmException

getDigest

public static byte[] getDigest(byte[] data,
                               String algorithm)
                        throws NoSuchAlgorithmException
Message Digesting function.

Throws:
NoSuchAlgorithmException

getDigestInputStream

public static DigestInputStream getDigestInputStream(InputStream stream)

getDigestOutputStream

public static DigestOutputStream getDigestOutputStream(OutputStream stream)

getSHA1Hex

public static String getSHA1Hex(byte[] data)
Gets SHA-1 encoded -> hex string.


getSHA1Hex

public static String getSHA1Hex(String data)

getMD5Hex

public static String getMD5Hex(byte[] data)
Gets MD5 encoded -> hex string.


getMD5Hex

public static String getMD5Hex(String data)

getMD5Hex

public static String getMD5Hex(DigestInputStream stream)

getMD5Hex

public static String getMD5Hex(DigestOutputStream stream)

createSubjectAndPopulate

public static Subject createSubjectAndPopulate(User user)


Copyright © 2003–2014 Magnolia International Ltd.. All rights reserved.