/** * Returns an array of {@link AllowableValue} elements for each {@link HashAlgorithm}. The * complete {@code description} is built from the digest length, safety warnings, etc. See * {@link HashAlgorithm#buildAllowableValueDescription()}. * * @return an ordered {@code AllowableValue[]} containing the values */ public static AllowableValue[] buildHashAlgorithmAllowableValues() { final HashAlgorithm[] hashAlgorithms = HashAlgorithm.values(); List<AllowableValue> allowableValues = new ArrayList<>(hashAlgorithms.length); for (HashAlgorithm algorithm : hashAlgorithms) { allowableValues.add(new AllowableValue(algorithm.getName(), algorithm.getName(), algorithm.buildAllowableValueDescription())); } return allowableValues.toArray(new AllowableValue[0]); }
private static byte[] blake2HashStreaming(HashAlgorithm algorithm, InputStream value) throws IOException { int digestLengthBytes = algorithm.getDigestBytesLength(); Blake2bDigest blake2bDigest = new Blake2bDigest(digestLengthBytes * 8); byte[] rawHash = new byte[blake2bDigest.getDigestSize()]; final byte[] buffer = new byte[BUFFER_SIZE]; int read = value.read(buffer, 0, BUFFER_SIZE); while (read > -1) { blake2bDigest.update(buffer, 0, read); read = value.read(buffer, 0, BUFFER_SIZE); } blake2bDigest.doFinal(rawHash, 0); return rawHash; } }
/** * Returns the hash of the specified value. This method uses an {@link java.io.InputStream} to perform the operation in a streaming manner for large inputs. * * @param algorithm the hash algorithm to use * @param value the value to hash (cannot be {@code null} but can be an empty stream) * @return the hash value in hex */ public static String hashValueStreaming(HashAlgorithm algorithm, InputStream value) throws IOException { if (algorithm == null) { throw new IllegalArgumentException("The hash algorithm cannot be null"); } if (value == null) { throw new IllegalArgumentException("The value cannot be null"); } // The Blake2 algorithms are instantiated differently and rely on BouncyCastle if (algorithm.isBlake2()) { return Hex.encodeHexString(blake2HashStreaming(algorithm, value)); } else { return Hex.encodeHexString(traditionalHashStreaming(algorithm, value)); } }
private static byte[] traditionalHash(HashAlgorithm algorithm, byte[] value) { return DigestUtils.getDigest(algorithm.getName()).digest(value); }
HashAlgorithm algorithm = HashAlgorithm.fromName(algorithmName);
public static HashAlgorithm fromName(String algorithmName) { HashAlgorithm match = Arrays.stream(HashAlgorithm.values()) .filter(algo -> algorithmName.equalsIgnoreCase(algo.name)) .findAny() .orElse(null); if (match == null) { throw new IllegalArgumentException("No algorithm matches " + algorithmName); } else { return match; } } }
/** * Returns a more complete description of the algorithm for {@link org.apache.nifi.components.AllowableValue} construction. * * Ex: * * {@code description} -- Cryptographically broken due to collisions * {@code buildAllowableValueDescription} -- SHA-1 (20 byte output) [WARNING -- Cryptographically broken] Cryptographically broken due to collisions * * @return the description for dropdown help */ public String buildAllowableValueDescription() { StringBuilder sb = new StringBuilder(name); sb.append(" (").append(digestBytesLength).append(" byte output)"); if (!isStrongAlgorithm()) { sb.append(" [WARNING -- Cryptographically broken]"); } if (StringUtils.isNotBlank(description)) { sb.append(" ").append(description); } return sb.toString(); }
private static byte[] traditionalHashStreaming(HashAlgorithm algorithm, InputStream value) throws IOException { MessageDigest digest = DigestUtils.getDigest(algorithm.getName()); // DigestInputStream digestInputStream = new DigestInputStream(value, digest); return DigestUtils.digest(digest, value); }
HashAlgorithm algorithm = HashAlgorithm.fromName(algorithmName);
public static HashAlgorithm fromName(String algorithmName) { HashAlgorithm match = Arrays.stream(HashAlgorithm.values()) .filter(algo -> algorithmName.equalsIgnoreCase(algo.name)) .findAny() .orElse(null); if (match == null) { throw new IllegalArgumentException("No algorithm matches " + algorithmName); } else { return match; } } }
/** * Returns a more complete description of the algorithm for {@link org.apache.nifi.components.AllowableValue} construction. * * Ex: * * {@code description} -- Cryptographically broken due to collisions * {@code buildAllowableValueDescription} -- SHA-1 (20 byte output) [WARNING -- Cryptographically broken] Cryptographically broken due to collisions * * @return the description for dropdown help */ public String buildAllowableValueDescription() { StringBuilder sb = new StringBuilder(name); sb.append(" (").append(digestBytesLength).append(" byte output)"); if (!isStrongAlgorithm()) { sb.append(" [WARNING -- Cryptographically broken]"); } if (StringUtils.isNotBlank(description)) { sb.append(" ").append(description); } return sb.toString(); }
/** * Returns an array of {@link AllowableValue} elements for each {@link HashAlgorithm}. The * complete {@code description} is built from the digest length, safety warnings, etc. See * {@link HashAlgorithm#buildAllowableValueDescription()}. * * @return an ordered {@code AllowableValue[]} containing the values */ public static AllowableValue[] buildHashAlgorithmAllowableValues() { final HashAlgorithm[] hashAlgorithms = HashAlgorithm.values(); List<AllowableValue> allowableValues = new ArrayList<>(hashAlgorithms.length); for (HashAlgorithm algorithm : hashAlgorithms) { allowableValues.add(new AllowableValue(algorithm.getName(), algorithm.getName(), algorithm.buildAllowableValueDescription())); } return allowableValues.toArray(new AllowableValue[0]); }
private String hashValue(HashAlgorithm algorithm, String value, Charset charset) { if (value == null) { getLogger().warn("Tried to calculate {} hash of null value; returning empty string", new Object[]{algorithm.getName()}); return ""; } return HashService.hashValue(algorithm, value, charset); }
private static byte[] blake2Hash(HashAlgorithm algorithm, byte[] value) { int digestLengthBytes = algorithm.getDigestBytesLength(); Blake2bDigest blake2bDigest = new Blake2bDigest(digestLengthBytes * 8); byte[] rawHash = new byte[blake2bDigest.getDigestSize()]; blake2bDigest.update(value, 0, value.length); blake2bDigest.doFinal(rawHash, 0); return rawHash; }
/** * Returns the raw {@code byte[]} hash of the specified value. * * @param algorithm the hash algorithm to use * @param value the value to hash * @return the hash value in bytes */ public static byte[] hashValueRaw(HashAlgorithm algorithm, byte[] value) { if (algorithm == null) { throw new IllegalArgumentException("The hash algorithm cannot be null"); } if (value == null) { throw new IllegalArgumentException("The value cannot be null"); } if (algorithm.isBlake2()) { return blake2Hash(algorithm, value); } else { return traditionalHash(algorithm, value); } }
HashAlgorithm algorithm = HashAlgorithm.fromName(algorithmName);
private static byte[] traditionalHash(HashAlgorithm algorithm, byte[] value) { return DigestUtils.getDigest(algorithm.getName()).digest(value); }
private static byte[] blake2HashStreaming(HashAlgorithm algorithm, InputStream value) throws IOException { int digestLengthBytes = algorithm.getDigestBytesLength(); Blake2bDigest blake2bDigest = new Blake2bDigest(digestLengthBytes * 8); byte[] rawHash = new byte[blake2bDigest.getDigestSize()]; final byte[] buffer = new byte[BUFFER_SIZE]; int read = value.read(buffer, 0, BUFFER_SIZE); while (read > -1) { blake2bDigest.update(buffer, 0, read); read = value.read(buffer, 0, BUFFER_SIZE); } blake2bDigest.doFinal(rawHash, 0); return rawHash; } }
/** * Returns the hash of the specified value. This method uses an {@link java.io.InputStream} to perform the operation in a streaming manner for large inputs. * * @param algorithm the hash algorithm to use * @param value the value to hash (cannot be {@code null} but can be an empty stream) * @return the hash value in hex */ public static String hashValueStreaming(HashAlgorithm algorithm, InputStream value) throws IOException { if (algorithm == null) { throw new IllegalArgumentException("The hash algorithm cannot be null"); } if (value == null) { throw new IllegalArgumentException("The value cannot be null"); } // The Blake2 algorithms are instantiated differently and rely on BouncyCastle if (algorithm.isBlake2()) { return Hex.encodeHexString(blake2HashStreaming(algorithm, value)); } else { return Hex.encodeHexString(traditionalHashStreaming(algorithm, value)); } }
HashAlgorithm algorithm = HashAlgorithm.fromName(algorithmName);