Package org.identityconnectors.common.security

Class SecurityUtil

  • public final class SecurityUtil
extends Object

    • Method Detail

      • charsToBytes

        public static byte[] charsToBytes​(char[] chars)
        Converts chars to bytes without using any external functions that might allocate additional buffers for the potentially sensitive data. This guarantees the caller that they only need to cleanup the input and result.
        Parameters:
        chars - The chars
        Returns:
        The bytes

      • bytesToChars

        public static char[] bytesToChars​(byte[] bytes)
        Converts bytes to chars without using any external functions that might allocate additional buffers for the potentially sensitive data. This guarantees the caller that they only need to cleanup the input and result.
        Parameters:
        bytes - The bytes (to convert into characters).
        Returns:
        The characters (converted from the specified bytes).

      • clear

        public static void clear​(byte[] bytes)
        Clears an array of potentially sensitive bytes
        Parameters:
        bytes - The bytes. May be null.

      • clear

        public static void clear​(char[] chars)
        Clears an array of potentially sensitive chars
        Parameters:
        chars - The characters. May be null.

      • computeBase64SHA1Hash

        public static String computeBase64SHA1Hash​(char[] input)
        Computes the base 64 encoded SHA1 hash of the input.
        Parameters:
        input - The input chars
        Returns:
        the hash

      • computeBase64SHA1Hash

        public static String computeBase64SHA1Hash​(byte[] bytes)
        Computes the base 64 encoded SHA1 hash of the input.
        Parameters:
        bytes - The input bytes.
        Returns:
        the hash (computed from the input bytes).

      • verifyBase64SHA1Hash

        public static boolean verifyBase64SHA1Hash​(char[] input,
                                           String hash)
        Verifies the base 64-encoded SHA1 hash of the input.
        Parameters:
        input - The input chars
        hash - The expected hash
        Returns:
        true if the hash of the input characters matches the expected hash.

      • decrypt

        public static String decrypt​(GuardedString guardedString)
        Decrypts the value of a GuardedString.
        Parameters:
        guardedString - the guarded string value.
        Returns:
        the clear string value.
        Since:
        1.4

      • decrypt

        public static byte[] decrypt​(GuardedByteArray guardedByteArray)
        Decrypts the value of a GuardedByteArray.
        Parameters:
        guardedByteArray - the guarded byte array value.
        Returns:
        the clear byte array value.
        Since:
        1.4