org.jasypt.digest.config
Class SimpleDigesterConfig

Object
  org.jasypt.digest.config.SimpleDigesterConfig

All Implemented Interfaces:

DigesterConfig

Direct Known Subclasses:

EnvironmentDigesterConfig, SimpleStringDigesterConfig

public class SimpleDigesterConfig
extends Object
implements DigesterConfig

Bean implementation for DigesterConfig. This class allows the values for the configuration parameters to be set via "standard" setX methods.

For any of the configuration parameters, if its setX method is not called, a null value will be returned by the corresponding getX method.

Note that there is not an exact correspondence between setX() and getX() methods, as sometimes two methods like setProvider() and setProviderClassName() will affect the same configuration parameter (getProvider()). This means that several combinations of setX() methods collide, and should not be called together (a call to setProviderClassName() will override any previous call to setProvider()).

Since:

1.0

Author:

Daniel Fernández

Constructor Summary

SimpleDigesterConfig()
Creates a new SimpleDigesterConfig instance.

Method Summary

String	getAlgorithm() Returns the name of an algorithm to be used for hashing, like "MD5" or "SHA-1".
Boolean	getInvertPositionOfPlainSaltInEncryptionResults() Returns Boolean.TRUE if the plain (not hashed) salt bytes are to be appended after the digest operation result bytes.
Boolean	getInvertPositionOfSaltInMessageBeforeDigesting() Returns Boolean.TRUE if the salt bytes are to be appended after the message ones before performing the digest operation on the whole.
Integer	getIterations() Returns the number of times the hash function will be applied recursively.
Integer	getPoolSize() Get the size of the pool of digesters to be created.
Provider	getProvider() Returns the java.security.Provider implementation object to be used by the digester for obtaining the digest algorithm.
String	getProviderName() Returns the name of the java.security.Provider implementation to be used by the digester for obtaining the digest algorithm.
SaltGenerator	getSaltGenerator() Returns a SaltGenerator implementation to be used by the digester.
Integer	getSaltSizeBytes() Returns the size of the salt to be used to compute the digest.
Boolean	getUseLenientSaltSizeCheck() Returns Boolean.TRUE if digest matching operations will allow matching digests with a salt size different to the one configured in the "saltSizeBytes" property.
void	setAlgorithm(String algorithm) Sets the name of the algorithm.
void	setInvertPositionOfPlainSaltInEncryptionResults(Boolean invertPositionOfPlainSaltInEncryptionResults) Whether the plain (not hashed) salt bytes are to be appended after the digest operation result bytes.
void	setInvertPositionOfSaltInMessageBeforeDigesting(Boolean invertPositionOfSaltInMessageBeforeDigesting) Whether the salt bytes are to be appended after the message ones before performing the digest operation on the whole.
void	setIterations(Integer iterations) Sets the number of hashing iterations.
void	setIterations(String iterations) Sets the number of hashing iterations.
void	setPoolSize(Integer poolSize) Sets the size of the pool of digesters to be created.
void	setPoolSize(String poolSize) Sets the size of the pool of digesters to be created.
void	setProvider(Provider provider) Sets the security provider to be used for obtaining the digest algorithm.
void	setProviderClassName(String providerClassName) Sets the class name for the security provider to be used for obtaining the digest algorithm.
void	setProviderName(String providerName) Sets the name of the security provider to be asked for the digest algorithm.
void	setSaltGenerator(SaltGenerator saltGenerator) Sets the salt generator.
void	setSaltGeneratorClassName(String saltGeneratorClassName) Sets the class name of the salt generator.
void	setSaltSizeBytes(Integer saltSizeBytes) Size in bytes of the salt to be used.
void	setSaltSizeBytes(String saltSizeBytes) Size in bytes of the salt to be used.
void	setUseLenientSaltSizeCheck(Boolean useLenientSaltSizeCheck) Whether digest matching operations will allow matching digests with a salt size different to the one configured in the "saltSizeBytes" property.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SimpleDigesterConfig

public SimpleDigesterConfig()

Creates a new SimpleDigesterConfig instance.

Method Detail

setAlgorithm

public void setAlgorithm(String algorithm)

Sets the name of the algorithm.

This algorithm has to be supported by your security infrastructure, and it should be allowed as an algorithm for creating java.security.MessageDigest instances.

If you are specifying a security provider with setProvider(Provider) or setProviderName(String), this algorithm should be supported by your specified provider.

If you are not specifying a provider, you will be able to use those algorithms provided by the default security provider of your JVM vendor. For valid names in the Sun JVM, see Java Cryptography Architecture API Specification & Reference.

Determines the result of: getAlgorithm()

Parameters:

algorithm - the name of the algorithm.

setIterations

public void setIterations(Integer iterations)

Sets the number of hashing iterations.

If not set, null will be returned.

Determines the result of: getIterations()

Parameters:

iterations - the number of iterations.

setIterations

public void setIterations(String iterations)

Sets the number of hashing iterations.

If not set, null will be returned.

Determines the result of: getIterations()

Parameters:

iterations - the number of iterations.

Since:

1.4

setSaltSizeBytes

public void setSaltSizeBytes(Integer saltSizeBytes)

Size in bytes of the salt to be used.

If not set, null will be returned.

Determines the result of: getSaltSizeBytes()

Parameters:

saltSizeBytes - the size of the salt, in bytes.

setSaltSizeBytes

public void setSaltSizeBytes(String saltSizeBytes)

Size in bytes of the salt to be used.

If not set, null will be returned.

Determines the result of: getSaltSizeBytes()

Parameters:

saltSizeBytes - the size of the salt, in bytes.

Since:

1.4

setSaltGenerator

public void setSaltGenerator(SaltGenerator saltGenerator)

Sets the salt generator.

If not set, null will be returned.

Determines the result of: getSaltGenerator()

Parameters:

saltGenerator - the salt generator.

Since:

1.2

setSaltGeneratorClassName

public void setSaltGeneratorClassName(String saltGeneratorClassName)

Sets the class name of the salt generator.

If not set, null will be returned.

Determines the result of: getSaltGenerator()

Parameters:

saltGeneratorClassName - the name of the salt generator class.

Since:

1.4

setProviderName

public void setProviderName(String providerName)

Sets the name of the security provider to be asked for the digest algorithm. This provider should be already registered.

If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the digester object.

If not set, null will be returned.

Determines the result of: getProviderName()

Parameters:

providerName - the name of the security provider.

Since:

1.3

setProvider

public void setProvider(Provider provider)

Sets the security provider to be used for obtaining the digest algorithm. This method is an alternative to both setProviderName(String) and setProviderClassName(String) and they should not be used altogether. The provider specified with setProvider(Provider) does not have to be registered beforehand, and its use will not result in its being registered.

If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the digester object.

If not set, null will be returned.

Determines the result of: getProvider()

Parameters:

provider - the security provider object.

Since:

1.3

setProviderClassName

public void setProviderClassName(String providerClassName)

Sets the class name for the security provider to be used for obtaining the digest algorithm. This method is an alternative to both setProviderName(String) setProvider(Provider) and they should not be used altogether. The provider specified with setProviderClassName(String) does not have to be registered beforehand, and its use will not result in its being registered.

If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the digester object.

If not set, null will be returned.

Determines the result of: getProvider()

Parameters:

providerClassName - the name of the security provider class.

Since:

1.4

setInvertPositionOfSaltInMessageBeforeDigesting

public void setInvertPositionOfSaltInMessageBeforeDigesting(Boolean invertPositionOfSaltInMessageBeforeDigesting)

Whether the salt bytes are to be appended after the message ones before performing the digest operation on the whole. The default behaviour is to insert those bytes before the message bytes, but setting this configuration item to true allows compatibility with some external systems and specifications (e.g. LDAP {SSHA}).

If not set, null will be returned.

Determines the result of: getInvertPositionOfSaltInMessageBeforeDigesting()

Parameters:

invertPositionOfSaltInMessageBeforeDigesting - whether salt will be appended after the message before applying the digest operation on the whole, instead of inserted before it (which is the default).

Since:

1.7

setInvertPositionOfPlainSaltInEncryptionResults

public void setInvertPositionOfPlainSaltInEncryptionResults(Boolean invertPositionOfPlainSaltInEncryptionResults)

Whether the plain (not hashed) salt bytes are to be appended after the digest operation result bytes. The default behaviour is to insert them before the digest result, but setting this configuration item to true allows compatibility with some external systems and specifications (e.g. LDAP {SSHA}).

If not set, null will be returned.

Determines the result of: getInvertPositionOfPlainSaltInEncryptionResults()

Parameters:

invertPositionOfPlainSaltInEncryptionResults - whether plain salt will be appended after the digest operation result instead of inserted before it (which is the default).

Since:

1.7

setUseLenientSaltSizeCheck

public void setUseLenientSaltSizeCheck(Boolean useLenientSaltSizeCheck)

Whether digest matching operations will allow matching digests with a salt size different to the one configured in the "saltSizeBytes" property. This is possible because digest algorithms will produce a fixed-size result, so the remaining bytes from the hashed input will be considered salt.

This will allow the digester to match digests produced in environments which do not establish a fixed salt size as standard (for example, SSHA password encryption in LDAP systems).

The value of this property will not affect the creation of digests, which will always have a salt of the size established by the "saltSizeBytes" property. It will only affect digest matching.

Setting this property to true is not compatible with SaltGenerator implementations which return false for their SaltGenerator.includePlainSaltInEncryptionResults() property.

Also, be aware that some algorithms or algorithm providers might not support knowing the size of the digests beforehand, which is also incompatible with a lenient behaviour.

If not set, null will be returned.

Determines the result of: getUseLenientSaltSizeCheck()

Parameters:

useLenientSaltSizeCheck - whether the digester will allow matching of digests with different salt sizes than established or not (default is false).

Since:

1.7

setPoolSize

public void setPoolSize(Integer poolSize)

Sets the size of the pool of digesters to be created.

This parameter will be ignored if used with a non-pooled digester.

If not set, null will be returned.

Determines the result of: getPoolSize()

Parameters:

poolSize - the size of the pool to be used if this configuration is used with a pooled digester

Since:

1.7

setPoolSize

public void setPoolSize(String poolSize)

Sets the size of the pool of digesters to be created.

This parameter will be ignored if used with a non-pooled digester.

If not set, null will be returned.

Determines the result of: getPoolSize()

Parameters:

poolSize - the size of the pool to be used if this configuration is used with a pooled digester

Since:

1.7

getAlgorithm

public String getAlgorithm()

Description copied from interface: DigesterConfig

Returns the name of an algorithm to be used for hashing, like "MD5" or "SHA-1".

This algorithm has to be supported by your Java Virtual Machine, and it should be allowed as an algorithm for creating java.security.MessageDigest instances.

If this method returns null, the digester will ignore the config object when deciding the algorithm to be used.

Specified by:

getAlgorithm in interface DigesterConfig

Returns:

the name of the algorithm to be used, or null if this object will not want to set an algorithm. See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.

getIterations

public Integer getIterations()

Description copied from interface: DigesterConfig

Returns the number of times the hash function will be applied recursively.
The hash function will be applied to its own results as many times as specified: h(h(...h(x)...))

This mechanism is explained in PKCS #5: Password-Based Cryptography Standard.

If this method returns null, the digester will ignore the config object when deciding the number of hashing iterations.

Specified by:

getIterations in interface DigesterConfig

Returns:

the number of iterations, or null if this object will not want to set the number of iterations.

getSaltSizeBytes

public Integer getSaltSizeBytes()

Description copied from interface: DigesterConfig

Returns the size of the salt to be used to compute the digest. This mechanism is explained in PKCS #5: Password-Based Cryptography Standard.

If salt size is set to zero, then no salt will be used.

If this method returns null, the digester will ignore the config object when deciding the size of the salt to be used.

Specified by:

getSaltSizeBytes in interface DigesterConfig

Returns:

the size of the salt to be used, in bytes, or null if this object will not want to set a size for salt.

getSaltGenerator

public SaltGenerator getSaltGenerator()

Description copied from interface: DigesterConfig

Returns a SaltGenerator implementation to be used by the digester.

If this method returns null, the digester will ignore the config object when deciding the salt generator to be used.

Specified by:

getSaltGenerator in interface DigesterConfig

Returns:

the salt generator, or null if this object will not want to set a specific SaltGenerator implementation.

getProviderName

public String getProviderName()

Description copied from interface: DigesterConfig

Returns the name of the java.security.Provider implementation to be used by the digester for obtaining the digest algorithm. This provider must have been registered beforehand.

If this method returns null, the digester will ignore this parameter when deciding the name of the security provider to be used.

If this method does not return null, and neither does DigesterConfig.getProvider(), providerName will be ignored, and the provider object returned by getProvider() will be used.

Specified by:

getProviderName in interface DigesterConfig

Returns:

the name of the security provider to be used.

getProvider

public Provider getProvider()

Description copied from interface: DigesterConfig

Returns the java.security.Provider implementation object to be used by the digester for obtaining the digest algorithm.

If this method returns null, the digester will ignore this parameter when deciding the security provider object to be used.

If this method does not return null, and neither does DigesterConfig.getProviderName(), providerName will be ignored, and the provider object returned by getProvider() will be used.

The provider returned by this method does not need to be registered beforehand, and its use will not result in its being registered.

Specified by:

getProvider in interface DigesterConfig

Returns:

the security provider object to be asked for the digest algorithm.

getInvertPositionOfSaltInMessageBeforeDigesting

public Boolean getInvertPositionOfSaltInMessageBeforeDigesting()

Description copied from interface: DigesterConfig

Returns Boolean.TRUE if the salt bytes are to be appended after the message ones before performing the digest operation on the whole. The default behaviour is to insert those bytes before the message bytes, but setting this configuration item to true allows compatibility with some external systems and specifications (e.g. LDAP {SSHA}).

Specified by:

getInvertPositionOfSaltInMessageBeforeDigesting in interface DigesterConfig

Returns:

whether salt will be appended after the message before applying the digest operation on the whole, instead of inserted before it (which is the default). If null is returned, the default behaviour will be applied.

getInvertPositionOfPlainSaltInEncryptionResults

public Boolean getInvertPositionOfPlainSaltInEncryptionResults()

Description copied from interface: DigesterConfig

Returns Boolean.TRUE if the plain (not hashed) salt bytes are to be appended after the digest operation result bytes. The default behaviour is to insert them before the digest result, but setting this configuration item to true allows compatibility with some external systems and specifications (e.g. LDAP {SSHA}).

Specified by:

getInvertPositionOfPlainSaltInEncryptionResults in interface DigesterConfig

Returns:

whether plain salt will be appended after the digest operation result instead of inserted before it (which is the default). If null is returned, the default behaviour will be applied.

getUseLenientSaltSizeCheck

public Boolean getUseLenientSaltSizeCheck()

Description copied from interface: DigesterConfig

Returns Boolean.TRUE if digest matching operations will allow matching digests with a salt size different to the one configured in the "saltSizeBytes" property. This is possible because digest algorithms will produce a fixed-size result, so the remaining bytes from the hashed input will be considered salt.

This will allow the digester to match digests produced in environments which do not establish a fixed salt size as standard (for example, SSHA password encryption in LDAP systems).

The value of this property will not affect the creation of digests, which will always have a salt of the size established by the "saltSizeBytes" property. It will only affect digest matching.

Setting this property to true is not compatible with SaltGenerator implementations which return false for their SaltGenerator.includePlainSaltInEncryptionResults() property.

Also, be aware that some algorithms or algorithm providers might not support knowing the size of the digests beforehand, which is also incompatible with a lenient behaviour.

Default is FALSE.

Specified by:

getUseLenientSaltSizeCheck in interface DigesterConfig

Returns:

whether the digester will allow matching of digests with different salt sizes than established or not (default is false).

getPoolSize

public Integer getPoolSize()

Description copied from interface: DigesterConfig

Get the size of the pool of digesters to be created.

This parameter will be ignored if used with a non-pooled digester.

Specified by:

getPoolSize in interface DigesterConfig

Returns:

the size of the pool to be used if this configuration is used with a pooled digester