Project JXTA

net.jxta.impl.id.binaryID
Class DigestTool

java.lang.Object
  extended by net.jxta.impl.id.binaryID.DigestTool

public class DigestTool
extends Object

This is a utility class used to create pipe advertisement named and BinaryID for the pipeID to create a private address space that can be hosted in the public discovery system or sent over unencrypted channeds without revealing their intent or purpose.

We use a one-way hashing algorythum to create an ID from private information like a user's social security number or a user's email address. We search for the pipe by with this private information securly by creating the matching hash using the same methods.

The purpose of this system is to create a way to search for a pipe (or other BinaryID based system) without exposing the pipe owner's clearTextID while allowing for people that know what they are looking for to find the right pipe. The system also has the ability to create pipes that have a specific purpose. For example, the email address is appended with a function name. Say you have a pipe for messages and one for administrative purposes. You would supply the email and a string for the function. The same combination can be created by another peer to search for either of these pipes.

This implementation uses the "SHA-1" algorythum. This was selected for relitive speed. It is used as a one-way conversion that cannot be reversed engineered to create the original string. This allows you to publish the hash without the possibility of the contents being decoded. This allows for public indexing of data that is only known by the parties involved.

Note that this can also be used to generate safe password verification hash codes. Sample useage: String clearTextID = "turbogeek@cluck.com"; String function = "eventPipe"; System.out.println("clear text ID: "+clearTextID); System.out.println("function text: "+function); String digest1 = DigestID.generateHashString(clearTextID, function); String digest2 = DigestID.generateHashString(clearTextID); System.out.println("Digest1: '"+digest1+"'"); System.out.println("Digest2: '"+digest2+"'"); System.out.println("test1: "+DigestID.test(clearTextID, function,digest1)); System.out.println("test2: "+DigestID.test(clearTextID, digest2)); System.out.println("Digest1 != Digest2: "+DigestID.test(clearTextID, function,digest2));

To use an algorythum other than SHA-1, you will need stronger encyption. The BouncyCastle that comes with JXTA is just a minimum implimentation so a good choice is the normal bouncy castle (it is much larger, nearing a meg, which is why it is not a part of the normal JXTA distribution. The full version of bouncy includes SHA-128, SHA-256, SHA-384, and SHA-512.

Here is how you create a provider from the full version of Bouncy. Once you do this, you can access the extended Digest ecryption levels. provider = new org.bouncycastle.jce.provider.BouncyCastleProvider(); System.out.println("provider:"+provider.getName()); Security.addProvider(provider);

Security Note

This class should have all of its fields and properties marked as 'final' to prevent overriding the default behavior. Failure to do so could allow a less scrupulous person to cause the BinaryID or hash codes to contain the original information. Note that the class itself is not final to allow for additional convienience methods to be added. There a no methods for creating ModuleClassBinaryID, ModuleSpecBinaryID, or CodatID because this is meant for general' use, not for extending platform (you can write your own using similar code).

Version:
$Revision: 1.6 $
Author:
Daniel Brookshier turbogeek@cluck.com

Field Summary
(package private)  String algorithmType
           
static boolean debug
          varaible used for conditional compile of debug printing.
 String functionSeperator
          Tilde character used to seperate candidate strings from a function.
static String SHA128
          SHA-128 digest algorithm type.
static String SHA256
          SHA-256 digest algorithm type.
static String SHA384
          SHA-384 digest algorithm type.
static String SHA512
          SHA-512 digest algorithm type.
static String SHAOne
          Defualt SHA-1 digest algorithm type.
 
Constructor Summary
DigestTool()
           
DigestTool(String algorithmType)
           
 
Method Summary
 PeerGroupBinaryID createPeerGroupID(PeerGroupID parentPeerGroupID, String clearTextID, String function)
          Create a PeerGroupID based on the BinaryID type with a digest of the clearTextID and function.
 PeerBinaryID createPeerID(PeerGroupID peerGroupID, String clearTextID, String function)
          Create a PeerID based on the BinaryID type with a digest of the clearTextID and function.
 PipeBinaryID createPipeID(PeerGroupID peerGroupID, String clearTextID, String function)
          Create a PipeID based on the BinaryID type with a digest of the clearTextID and function.
 byte[] generateHash(String clearTextID)
          Generates a SHA-1 digest hash of the string: clearTextID.
 byte[] generateHash(String clearTextID, String function)
          Generates an SHA-1 digest hash of the string: clearTextID+"-"+function or: clearTextID if function was blank.
 String generateHashString(String clearTextID)
          Generates a Base64 encoded string of an SHA-1 digest hash of the string: clearTextID.
 String generateHashString(String clearTextID, String function)
          Generates a Base64 encoded string of an SHA-1 digest hash of the string: clearTextID+"-"+function or: clearTextID if function was blank.
 boolean test(String clearTextID, byte[] testHash)
          Compares a clear text code or ID with a candidate hash code.
 boolean test(String clearTextID, String testHash)
          Compares a clear text code or ID with a candidate hash code.
 boolean test(String clearTextID, String function, String testHash)
          Generates an SHA-1 digest hash of the string: clearTextID.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

debug

public static final boolean debug
varaible used for conditional compile of debug printing.

See Also:
Constant Field Values

SHAOne

public static final String SHAOne
Defualt SHA-1 digest algorithm type. This is a 20 byte hash function (note: that MD5 is only 16 so we don't use it).

See Also:
Constant Field Values

SHA128

public static final String SHA128
SHA-128 digest algorithm type. This is a 128 bit hash function (note: must have another provider registered to use).

See Also:
Constant Field Values

SHA256

public static final String SHA256
SHA-256 digest algorithm type. This is a 256 bit hash function (note: must have another provider registered to use).

See Also:
Constant Field Values

SHA384

public static final String SHA384
SHA-384 digest algorithm type. This is a 384 bit hash function (note: must have another provider registered to use).

See Also:
Constant Field Values

SHA512

public static final String SHA512
SHA-512 digest algorithm type. This is a 512 bit hash function (note: must have another provider registered to use).

See Also:
Constant Field Values

functionSeperator

public final String functionSeperator
Tilde character used to seperate candidate strings from a function.

See Also:
Constant Field Values

algorithmType

String algorithmType
Constructor Detail

DigestTool

public DigestTool()

DigestTool

public DigestTool(String algorithmType)
Method Detail

createPipeID

public final PipeBinaryID createPipeID(PeerGroupID peerGroupID,
                                       String clearTextID,
                                       String function)
Create a PipeID based on the BinaryID type with a digest of the clearTextID and function.

Parameters:
peerGroupID - Parent peer group ID.
clearTextID - String used as the significant part of the address
function - String used to diferentiate different clearTextID addresses (can be null).
Returns:
PipeBinaryID with the digest hash of the string: clearTextID+"~"+function.

createPeerGroupID

public final PeerGroupBinaryID createPeerGroupID(PeerGroupID parentPeerGroupID,
                                                 String clearTextID,
                                                 String function)
Create a PeerGroupID based on the BinaryID type with a digest of the clearTextID and function.

Parameters:
peerGroupID - Parent peer group ID.
clearTextID - String used as the significant part of the address
function - String used to diferentiate different clearTextID addresses (can be null).
Returns:
PeerGroupBinaryID with the digest hash of the string: clearTextID+"~"+function.

createPeerID

public final PeerBinaryID createPeerID(PeerGroupID peerGroupID,
                                       String clearTextID,
                                       String function)
Create a PeerID based on the BinaryID type with a digest of the clearTextID and function.

Parameters:
peerGroupID - Parent peer group ID.
clearTextID - String used as the significant part of the address
function - String used to diferentiate different clearTextID addresses (can be null).
Returns:
PeerBinaryID with the digest hash of the string: clearTextID+"~"+function.

generateHashString

public final String generateHashString(String clearTextID)
Generates a Base64 encoded string of an SHA-1 digest hash of the string: clearTextID.

Parameters:
clearTextID - A string that is to be hashed. This can be any string used for hashing or hiding data.
Returns:
Base64 encoded string containing the hash of the string: clearTextID.

generateHashString

public final String generateHashString(String clearTextID,
                                       String function)
Generates a Base64 encoded string of an SHA-1 digest hash of the string: clearTextID+"-"+function or: clearTextID if function was blank.

Parameters:
clearTextID - A string that is to be hashed. This can be any string used for hashing or hiding data.
function - A function related to the clearTextID string. This is used to create a hash associated with clearTextID so that it is a uique code.
Returns:
Base64 encoded string containing the hash of the string: clearTextID+"-"+function or clearTextID if function was blank.

generateHash

public final byte[] generateHash(String clearTextID)
Generates a SHA-1 digest hash of the string: clearTextID.

Parameters:
clearTextID - A string that is to be hashed. This can be any string used for hashing or hiding data.
Returns:
String containing the hash of the string: clearTextID.

generateHash

public final byte[] generateHash(String clearTextID,
                                 String function)
Generates an SHA-1 digest hash of the string: clearTextID+"-"+function or: clearTextID if function was blank.

Note that the SHA-1 used only creates a 20 byte hash.

Parameters:
clearTextID - A string that is to be hashed. This can be any string used for hashing or hiding data.
function - A function related to the clearTextID string. This is used to create a hash associated with clearTextID so that it is a uique code.
Returns:
array of bytes containing the hash of the string: clearTextID+"-"+function or clearTextID if function was blank. Can return null if SHA-1 does not exist on platform.

test

public final boolean test(String clearTextID,
                          String function,
                          String testHash)
Generates an SHA-1 digest hash of the string: clearTextID.

Parameters:
clearTextID - A string that is to be hashed. This can be any string used for hashing or hiding data.
Returns:
String containing the hash of the string: clearTextID.

test

public final boolean test(String clearTextID,
                          String testHash)
Compares a clear text code or ID with a candidate hash code. This is used to confirm that the clearTextID can be successfully converted to the hash.

Parameters:
clearTextID - A string that is to be hashed. This can be any string used for hashing or hiding data.
testHash - A string of hashed string.
Returns:
true if the hash created from clearTextID is equal to the testHash string.Can return false if SHA-1 does not exist on platform.

test

public final boolean test(String clearTextID,
                          byte[] testHash)
Compares a clear text code or ID with a candidate hash code. This is used to confirm that the clearTextID can be successfully converted to the hash.

Parameters:
clearTextID - A string that is to be hashed. This can be any string used for hashing or hiding data.
testHash - A string of hashed string.
Returns:
true if the hash created from clearTextID is equal to the testHash string.Can return false if SHA-1 does not exist on platform.

JXTA J2SE