How to use

Utf8

in

org.springframework.security.crypto.codec

private static byte[] bytesUtf8(String s) {
  if (s == null) {
    return null;
  }
  return Utf8.encode(s); // need to check if Utf8.encode() runs in constant time (probably not). This may leak length of string.
}

private String encode(CharSequence rawPassword, byte[] salt) {
  MessageDigest sha;
  try {
    sha = MessageDigest.getInstance("SHA");
    sha.update(Utf8.encode(rawPassword));
  }
  catch (java.security.NoSuchAlgorithmException e) {
    throw new IllegalStateException("No SHA implementation available!");
  }
  if (salt != null) {
    sha.update(salt);
  }
  byte[] hash = combineHashAndSalt(sha.digest(), (byte[]) salt);
  String prefix;
  if (salt == null || salt.length == 0) {
    prefix = forceLowerCasePrefix ? SHA_PREFIX_LC : SHA_PREFIX;
  }
  else {
    prefix = forceLowerCasePrefix ? SSHA_PREFIX_LC : SSHA_PREFIX;
  }
  return prefix + Utf8.decode(Base64.getEncoder().encode(hash));
}

  private String encodePart(byte[] part) {
    return Utf8.decode(Base64.getEncoder().encode(part));
  }
}

public static String convertPasswordToString(Object passObj) {
  Assert.notNull(passObj, "Password object to convert must not be null");
  if (passObj instanceof byte[]) {
    return Utf8.decode((byte[]) passObj);
  }
  else if (passObj instanceof String) {
    return (String) passObj;
  }
  else {
    throw new IllegalArgumentException(
        "Password object was not a String or byte array.");
  }
}

/**
 * Constructs a standard password encoder with a secret value as well as iterations
 * and hash.
 *
 * @param secret the secret
 * @param iterations the number of iterations. Users should aim for taking about .5
 * seconds on their own system.
 * @param hashWidth the size of the hash
 */
public Pbkdf2PasswordEncoder(CharSequence secret, int iterations, int hashWidth) {
  this.secret = Utf8.encode(secret);
  this.iterations = iterations;
  this.hashWidth = hashWidth;
}

public Token allocateToken(String extendedInformation) {
  Assert.notNull(extendedInformation,
      "Must provided non-null extendedInformation (but it can be empty)");
  long creationTime = new Date().getTime();
  String serverSecret = computeServerSecretApplicableAt(creationTime);
  String pseudoRandomNumber = generatePseudoRandomNumber();
  String content = Long.toString(creationTime) + ":" + pseudoRandomNumber + ":"
      + extendedInformation;
  // Compute key
  String sha512Hex = Sha512DigestUtils.shaHex(content + ":" + serverSecret);
  String keyPayload = content + ":" + sha512Hex;
  String key = Utf8.decode(Base64.getEncoder().encode(Utf8.encode(keyPayload)));
  return new DefaultToken(key, creationTime, extendedInformation);
}

  private String encodePart(byte[] part) {
    return Utf8.decode(Base64.getEncoder().encode(part));
  }
}

private static byte[] bytesUtf8(String s) {
  if (s == null) {
    return null;
  }
  return Utf8.encode(s); // need to check if Utf8.encode() runs in constant time (probably not). This may leak length of string.
}

private String encode(CharSequence rawPassword, byte[] salt) {
  MessageDigest sha;
  try {
    sha = MessageDigest.getInstance("SHA");
    sha.update(Utf8.encode(rawPassword));
  }
  catch (java.security.NoSuchAlgorithmException e) {
    throw new IllegalStateException("No SHA implementation available!");
  }
  if (salt != null) {
    sha.update(salt);
  }
  byte[] hash = combineHashAndSalt(sha.digest(), (byte[]) salt);
  String prefix;
  if (salt == null || salt.length == 0) {
    prefix = forceLowerCasePrefix ? SHA_PREFIX_LC : SHA_PREFIX;
  }
  else {
    prefix = forceLowerCasePrefix ? SSHA_PREFIX_LC : SSHA_PREFIX;
  }
  return prefix + Utf8.decode(Base64.getEncoder().encode(hash));
}

private String encode(byte[] digest) {
  if (this.encodeHashAsBase64) {
    return Utf8.decode(Base64.getEncoder().encode(digest));
  }
  else {
    return new String(Hex.encode(digest));
  }
}

/**
 * Constructs a standard password encoder with a secret value as well as iterations
 * and hash.
 *
 * @param secret the secret
 * @param iterations the number of iterations. Users should aim for taking about .5
 * seconds on their own system.
 * @param hashWidth the size of the hash
 */
public Pbkdf2PasswordEncoder(CharSequence secret, int iterations, int hashWidth) {
  this.secret = Utf8.encode(secret);
  this.iterations = iterations;
  this.hashWidth = hashWidth;
}

public Token allocateToken(String extendedInformation) {
  Assert.notNull(extendedInformation,
      "Must provided non-null extendedInformation (but it can be empty)");
  long creationTime = new Date().getTime();
  String serverSecret = computeServerSecretApplicableAt(creationTime);
  String pseudoRandomNumber = generatePseudoRandomNumber();
  String content = Long.toString(creationTime) + ":" + pseudoRandomNumber + ":"
      + extendedInformation;
  // Compute key
  String sha512Hex = Sha512DigestUtils.shaHex(content + ":" + serverSecret);
  String keyPayload = content + ":" + sha512Hex;
  String key = Utf8.decode(Base64.getEncoder().encode(Utf8.encode(keyPayload)));
  return new DefaultToken(key, creationTime, extendedInformation);
}

private String encode(byte[] digest) {
  if (this.encodeHashAsBase64) {
    return Utf8.decode(Base64.getEncoder().encode(digest));
  }
  else {
    return new String(Hex.encode(digest));
  }
}

private byte[] decodePart(String part) {
  return Base64.getDecoder().decode(Utf8.encode(part));
}

    Utf8.decode(Base64.getDecoder().decode(Utf8.encode(key))), ":");
Assert.isTrue(tokens.length >= 4, () -> "Expected 4 or more tokens but found "
    + tokens.length);

private String encode(byte[] digest) {
  if (this.encodeHashAsBase64) {
    return Utf8.decode(Base64.getEncoder().encode(digest));
  }
  else {
    return new String(Hex.encode(digest));
  }
}

private byte[] decodePart(String part) {
  return Base64.getDecoder().decode(Utf8.encode(part));
}

  @Override
  public AuditEvent getAuditEvent() {

    String name = getAuthentication().getName();

    try {
      // Store hash of name, to conceal accidental entry of sensitive info
      // (e.g. password)
      name = Utf8.decode(Base64.encode(MessageDigest.getInstance("SHA-1").digest(Utf8.encode(name))));
    } catch (NoSuchAlgorithmException shouldNeverHappen) {
      name = "NOSHA";
    }

    return createAuditRecord(name, AuditEventType.UserNotFound, getOrigin(getAuthenticationDetails()), "");

  }
}

private String encode(byte[] digest) {
  if (this.encodeHashAsBase64) {
    return Utf8.decode(Base64.getEncoder().encode(digest));
  }
  else {
    return new String(Hex.encode(digest));
  }
}

private String digest(CharSequence rawPassword, byte[] salt) {
  byte[] derived = SCrypt.generate(Utf8.encode(rawPassword), salt, cpuCost, memoryCost, parallelization, keyLength);
  String params = Long
      .toString(((int) (Math.log(cpuCost) / Math.log(2)) << 16L) | memoryCost << 8 | parallelization, 16);
  StringBuilder sb = new StringBuilder((salt.length + derived.length) * 2);
  sb.append("$").append(params).append('$');
  sb.append(encodePart(salt)).append('$');
  sb.append(encodePart(derived));
  return sb.toString();
}