Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro.crypto.hash;
020
021import org.apache.shiro.lang.util.ByteSource;
022
023/**
024 * A Cryptographic {@code Hash} represents a one-way conversion algorithm that transforms an input source to an
025 * underlying byte array.  Hex and Base64-encoding output of the hashed bytes are automatically supported by the
026 * inherited {@link #toHex() toHex()} and {@link #toBase64() toBase64()} methods.
027 * <p/>
028 * The bytes returned by the parent interface's {@link #getBytes() getBytes()} are the hashed value of the
029 * original input source, also known as the 'checksum' or 'digest'.
030 *
031 * @see Sha256Hash
032 * @see Sha384Hash
033 * @see Sha512Hash
034 * @since 0.9
035 */
036public interface Hash extends ByteSource {
037
038    /**
039     * Returns the name of the algorithm used to hash the input source, for example, {@code SHA-256}, {@code MD5}, etc.
040     * <p/>
041     * The name is expected to be a {@link java.security.MessageDigest MessageDigest} algorithm name.
042     *
043     * @return the the name of the algorithm used to hash the input source, for example, {@code SHA-256}, {@code MD5}, etc.
044     * @since 1.1
045     */
046    String getAlgorithmName();
047
048    /**
049     * Returns a salt used to compute the hash or {@code null} if no salt was used.
050     *
051     * @return a salt used to compute the hash or {@code null} if no salt was used.
052     * @since 1.2
053     */
054    ByteSource getSalt();
055
056    /**
057     * Returns the number of hash iterations used to compute the hash.
058     *
059     * @return the number of hash iterations used to compute the hash.
060     * @since 1.2
061     */
062    int getIterations();
063
064    /**
065     * Tests if a given passwords matches with this instance.
066     *
067     * <p>Usually implementations will re-create {@code this} but with the given plaintext bytes as secret.</p>
068     *
069     * @param plaintextBytes the plaintext bytes from a user.
070     * @return {@code true} if the given plaintext generates an equal hash with the same parameters as from this hash.
071     */
072    boolean matchesPassword(ByteSource plaintextBytes);
073}