@Override protected String getDigest(String value) { return DigestUtils.sha256Hex(value); }
private String hash(String contentType, String data) { return sha256Hex("data:" + contentType + ";base64," + data); } }
private String digestWithSalt(String content, String key) { String result = content; for (int i = 0; i < 5; i++) { result = DigestUtils.sha256Hex(result + key); } return result; }
@Override String transform(final String value) { return DigestUtils.sha256Hex(value); }
private String calculateEtag(List<EnvironmentConfig> environmentConfigs) { final String environmentConfigSegment = environmentConfigs .stream() .map(this::etagFor) .collect(Collectors.joining(SEP_CHAR)); return DigestUtils.sha256Hex(environmentConfigSegment); } }
private String getSha(Path localFile, Configuration conf) throws IOException, IllegalArgumentException { InputStream is = null; try { FileSystem localFs = FileSystem.getLocal(conf); is = localFs.open(localFile); return DigestUtils.sha256Hex(is); } finally { if (is != null) { is.close(); } } }
private String generateRandomPasswordSalt() { return DigestUtils.sha256Hex(String.valueOf(System.nanoTime())); }
public String getHash() { if (hash == null) { hash = DigestUtils.sha256Hex(toDataURI()); } return hash; }
public static String md5Fingerprint(X509Certificate certificate) { try { return DigestUtils.sha256Hex(certificate.getEncoded()); } catch (GeneralSecurityException gse) { throw bomb(gse); } } }
private static String of(Map... maps) { StringBuilder sb = new StringBuilder(); for (Map map : maps) { appendMap(sb, map); } return DigestUtils.sha256Hex(sb.toString()); }
public String computeFor(String serverId) { String jdbcUrl = config.get(JDBC_URL.getKey()).orElseThrow(() -> new IllegalStateException("Missing JDBC URL")); return DigestUtils.sha256Hex(serverId + "|" + jdbcUrlSanitizer.sanitize(jdbcUrl)); }
public String generateState(HttpServletRequest request, HttpServletResponse response) { // Create a state token to prevent request forgery. // Store it in the session for later validation. String state = new BigInteger(130, new SecureRandom()).toString(32); response.addCookie(newCookieBuilder(request).setName(CSRF_STATE_COOKIE).setValue(sha256Hex(state)).setHttpOnly(true).setExpiry(-1).build()); return state; }
@Test public void testSha256() throws IOException { // Examples from FIPS 180-2 assertEquals("ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad", DigestUtils.sha256Hex("abc")); assertEquals("ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad", DigestUtils.sha256Hex(getBytesUtf8("abc"))); assertEquals("248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1", DigestUtils.sha256Hex("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq")); assertEquals(DigestUtils.sha256Hex(testData), DigestUtils.sha256Hex(new ByteArrayInputStream(testData))); }
@Test public void verify_state() { String state = "state"; when(request.getCookies()).thenReturn(new Cookie[] {new Cookie("OAUTHSTATE", sha256Hex(state))}); when(request.getParameter("aStateParameter")).thenReturn(state); underTest.verifyState(request, response, identityProvider, "aStateParameter"); verify(response).addCookie(cookieArgumentCaptor.capture()); Cookie updatedCookie = cookieArgumentCaptor.getValue(); assertThat(updatedCookie.getName()).isEqualTo("OAUTHSTATE"); assertThat(updatedCookie.getValue()).isNull(); assertThat(updatedCookie.getPath()).isEqualTo("/"); assertThat(updatedCookie.getMaxAge()).isEqualTo(0); }
@Test public void verify_state_using_default_state_parameter() { String state = "state"; when(request.getCookies()).thenReturn(new Cookie[] {new Cookie("OAUTHSTATE", sha256Hex(state))}); when(request.getParameter("state")).thenReturn(state); underTest.verifyState(request, response, identityProvider); verify(response).addCookie(cookieArgumentCaptor.capture()); Cookie updatedCookie = cookieArgumentCaptor.getValue(); assertThat(updatedCookie.getName()).isEqualTo("OAUTHSTATE"); assertThat(updatedCookie.getValue()).isNull(); assertThat(updatedCookie.getPath()).isEqualTo("/"); assertThat(updatedCookie.getMaxAge()).isEqualTo(0); }
public void verifyState(HttpServletRequest request, HttpServletResponse response, OAuth2IdentityProvider provider, String parameterName) { Cookie cookie = findCookie(CSRF_STATE_COOKIE, request) .orElseThrow(AuthenticationException.newBuilder() .setSource(Source.oauth2(provider)) .setMessage(format("Cookie '%s' is missing", CSRF_STATE_COOKIE))::build); String hashInCookie = cookie.getValue(); // remove cookie response.addCookie(newCookieBuilder(request).setName(CSRF_STATE_COOKIE).setValue(null).setHttpOnly(true).setExpiry(0).build()); String stateInRequest = request.getParameter(parameterName); if (isBlank(stateInRequest) || !sha256Hex(stateInRequest).equals(hashInCookie)) { throw AuthenticationException.newBuilder() .setSource(Source.oauth2(provider)) .setMessage("CSRF state value is invalid") .build(); } }
@Test public void shouldComputeForAnEmptyStringUsing256SHA() { String fingerprint = ""; String computeMD5 = CachedDigestUtils.sha256Hex(fingerprint); assertThat(computeMD5, is(DigestUtils.sha256Hex(fingerprint))); }
@Test public void shouldComputeForAGiveStringUsing256SHA() { String fingerprint = "Some String"; String computeMD5 = CachedDigestUtils.sha256Hex(fingerprint); assertThat(computeMD5, is(DigestUtils.sha256Hex(fingerprint))); }
@Test public void shouldGeneratePipelineUniqueFingerprintBasedOnFingerprintAndDest() throws Exception { SvnMaterial one = new SvnMaterial("url", "username", "password", true, "folder1"); SvnMaterial two = new SvnMaterial("url", "username", "password", true, "folder2"); assertThat(one.getPipelineUniqueFingerprint(), is(Matchers.not(two.getFingerprint()))); assertThat(one.getPipelineUniqueFingerprint(), is(DigestUtils.sha256Hex("type=SvnMaterial<|>url=url<|>username=username<|>checkExternals=true<|>dest=folder1"))); }
@Test public void shouldGenerateFingerprintBasedOnSqlCriteria() throws Exception { SvnMaterial one = new SvnMaterial("url", "username", "password", true); SvnMaterial two = new SvnMaterial("url", "username", "password", false); assertThat(one.getFingerprint(), is(Matchers.not(two.getFingerprint()))); assertThat(one.getFingerprint(), is(DigestUtils.sha256Hex("type=SvnMaterial<|>url=url<|>username=username<|>checkExternals=true"))); }