org.apache.nifi.security.util.crypto

Class ScryptSecureHasher

java.lang.Object

org.apache.nifi.security.util.crypto.AbstractSecureHasher

org.apache.nifi.security.util.crypto.ScryptSecureHasher

All Implemented Interfaces:

SecureHasher

public class ScryptSecureHasher
extends AbstractSecureHasher

Provides an implementation of Scrypt for secure password hashing.

One critical difference is that this implementation uses a static universal salt unless instructed otherwise, which provides strict determinism across nodes in a cluster. The purpose for this is to allow for blind equality comparison of sensitive values hashed on different nodes (with potentially different nifi.sensitive.props.key values) during flow inheritance (see FingerprintFactory).

The resulting output is referred to as a hash to be consistent with SecureHasher terminology, but the length parameter is clarified as the derived key length dkLen in Scrypt terms, not to be confused with the internal concept of hash length for the PBKDF2 cryptographic hash function (CHF) primitive (SHA-256).

Field Summary

Fields

Modifier and Type	Field and Description
private static int	DEFAULT_DK_LENGTH
private static int	DEFAULT_N These values can be calculated automatically using the code ScryptCipherProviderGroovyTest#calculateMinimumParameters or manually updated by a maintainer
private static int	DEFAULT_P
private static int	DEFAULT_R
private static int	DEFAULT_SALT_LENGTH
private int	dkLength
private static org.slf4j.Logger	logger
private static int	MAX_R
private static int	MAX_SALT_LENGTH
private static int	MIN_DK_LENGTH
private static int	MIN_N
private static int	MIN_P
private static int	MIN_R
private static int	MIN_SALT_LENGTH
private int	n
private int	p
private int	r

Fields inherited from class org.apache.nifi.security.util.crypto.AbstractSecureHasher

saltLength, UPPER_BOUNDARY

Constructor Summary

Constructors

Constructor and Description
ScryptSecureHasher() Instantiates an Scrypt secure hasher using the default cost parameters (N = DEFAULT_N, r = DEFAULT_R, p = DEFAULT_R, dkLen = DEFAULT_DK_LENGTH).
ScryptSecureHasher(int n, int r, int p, int dkLength) Instantiates an Scrypt secure hasher using the provided cost parameters.
ScryptSecureHasher(int n, int r, int p, int dkLength, int saltLength) Instantiates an Scrypt secure hasher using the provided cost parameters.

Method Summary

Modifier and Type	Method and Description
(package private) boolean	acceptsEmptyInput() Returns true if the algorithm can accept empty (non-null) inputs.
(package private) String	getAlgorithmName() Returns the algorithm-specific name for logging and messages.
int	getDefaultSaltLength() Returns the algorithm-specific default salt length in bytes.
int	getMaxSaltLength() Returns the algorithm-specific maximum salt length in bytes.
int	getMinSaltLength() Returns the algorithm-specific minimum salt length in bytes.
(package private) byte[]	hash(byte[] input) Internal method to hash the raw bytes.
(package private) byte[]	hash(byte[] input, byte[] rawSalt) Internal method to hash the raw bytes.
protected static boolean	isDKLengthValid(Integer dkLength) Returns whether the provided hash (derived key) length is within boundaries.
protected static boolean	isNValid(Integer n, int r) Returns true if the provided iteration count N is within boundaries.
protected static boolean	isPValid(int p, int r) Returns true if the provided parallelization factor is within boundaries.
protected static boolean	isRValid(int r) Returns true if the provided block size in bytes is within boundaries.
private void	validateParameters(Integer n, Integer r, int p, Integer dkLength, Integer saltLength) Enforces valid Scrypt secure hasher cost parameters are provided.

Methods inherited from class org.apache.nifi.security.util.crypto.AbstractSecureHasher

getSalt, hashBase64, hashBase64, hashHex, hashHex, hashRaw, hashRaw, initializeSalt, isSaltLengthValid, isUsingStaticSalt

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

private static final org.slf4j.Logger logger

DEFAULT_N

private static final int DEFAULT_N

These values can be calculated automatically using the code ScryptCipherProviderGroovyTest#calculateMinimumParameters or manually updated by a maintainer

DEFAULT_R

private static final int DEFAULT_R

See Also:

Constant Field Values

DEFAULT_P

private static final int DEFAULT_P

See Also:

Constant Field Values

DEFAULT_DK_LENGTH

private static final int DEFAULT_DK_LENGTH

See Also:

Constant Field Values

DEFAULT_SALT_LENGTH

private static final int DEFAULT_SALT_LENGTH

MIN_P

private static final int MIN_P

See Also:

Constant Field Values

MIN_DK_LENGTH

private static final int MIN_DK_LENGTH

See Also:

Constant Field Values

MIN_N

private static final int MIN_N

See Also:

Constant Field Values

MIN_R

private static final int MIN_R

See Also:

Constant Field Values

MAX_R

private static final int MAX_R

MIN_SALT_LENGTH

private static final int MIN_SALT_LENGTH

See Also:

Constant Field Values

MAX_SALT_LENGTH

private static final int MAX_SALT_LENGTH

n

private final int n

r

private final int r

p

private final int p

dkLength

private final int dkLength

Constructor Detail

ScryptSecureHasher

public ScryptSecureHasher()

Instantiates an Scrypt secure hasher using the default cost parameters (N = DEFAULT_N, r = DEFAULT_R, p = DEFAULT_R, dkLen = DEFAULT_DK_LENGTH). A static salt is also used.

ScryptSecureHasher

public ScryptSecureHasher(int n,
                          int r,
                          int p,
                          int dkLength)

Instantiates an Scrypt secure hasher using the provided cost parameters. A static DEFAULT_SALT_LENGTH byte salt will be generated on every hash request.

Parameters:

n - number of iterations (power of 2 from 1 to 2^(128 * r / 8))

r - the block size of memory (> 0)

p - parallelization factor from (1 to ((2^32-1) * 32) / (128 * r))

dkLength - the output length in bytes (1 to (2^32 - 1) * 32)

ScryptSecureHasher

public ScryptSecureHasher(int n,
                          int r,
                          int p,
                          int dkLength,
                          int saltLength)

Instantiates an Scrypt secure hasher using the provided cost parameters. A unique salt of the specified length will be generated on every hash request.

Parameters:

n - number of iterations (power of 2 from 1 to 2^(128 * r / 8))

r - the block size of memory (> 0)

p - parallelization factor from (1 to ((2^32-1) * 32) / (128 * r))

dkLength - the output length in bytes (1 to (2^32 - 1) * 32)

saltLength - the salt length in bytes >= 8)

Method Detail

validateParameters

private void validateParameters(Integer n,
                                Integer r,
                                int p,
                                Integer dkLength,
                                Integer saltLength)

Enforces valid Scrypt secure hasher cost parameters are provided.

Parameters:

n - number of iterations (power of 2 from 1 to 2^(128 * r / 8))

r - the block size of memory (> 0)

p - parallelization factor from (1 to ((2^32-1) * 32) / (128 * r))

dkLength - the output length in bytes (1 to (2^32 - 1) * 32)

saltLength - the salt length in bytes >= 8)

hash

byte[] hash(byte[] input)

Internal method to hash the raw bytes.

Specified by:

hash in class AbstractSecureHasher

Parameters:

input - the raw bytes to hash (can be length 0)

Returns:

the generated hash

hash

byte[] hash(byte[] input,
            byte[] rawSalt)

Internal method to hash the raw bytes.

Specified by:

hash in class AbstractSecureHasher

Parameters:

input - the raw bytes to hash (can be length 0)

rawSalt - the raw bytes to salt

Returns:

the generated hash

isNValid

protected static boolean isNValid(Integer n,
                                  int r)

Returns true if the provided iteration count N is within boundaries. The lower bound >= 1 and the upper bound <= 2^(128 * r / 8).

Parameters:

n - number of iterations

r - the blocksize parameter

Returns:

true if iterations is within boundaries

isRValid

protected static boolean isRValid(int r)

Returns true if the provided block size in bytes is within boundaries. The lower bound >= 1 and the upper bound <= 2^32 - 1.

Parameters:

r - the integer number * 128 B used

Returns:

true if r is within boundaries

isPValid

protected static boolean isPValid(int p,
                                  int r)

Returns true if the provided parallelization factor is within boundaries. The lower bound >= 1 and the upper bound <= ((2^32 - 1) * 32) / (128 * r).

Parameters:

p - degree of parallelism

r - the blocksize parameter

Returns:

true if parallelism is within boundaries

isDKLengthValid

protected static boolean isDKLengthValid(Integer dkLength)

Returns whether the provided hash (derived key) length is within boundaries. The lower bound >= 1 and the upper bound <= (2^32 - 1) * 32.

Parameters:

dkLength - the output length in bytes

Returns:

true if dkLength is within boundaries

getDefaultSaltLength

public int getDefaultSaltLength()

Returns the algorithm-specific default salt length in bytes.

Specified by:

getDefaultSaltLength in class AbstractSecureHasher

Returns:

the Scrypt default salt length

getMinSaltLength

public int getMinSaltLength()

Description copied from class: AbstractSecureHasher

Returns the algorithm-specific minimum salt length in bytes.

Specified by:

getMinSaltLength in class AbstractSecureHasher

Returns:

the min salt length

getMaxSaltLength

public int getMaxSaltLength()

Description copied from class: AbstractSecureHasher

Returns the algorithm-specific maximum salt length in bytes.

Specified by:

getMaxSaltLength in class AbstractSecureHasher

Returns:

the max salt length

getAlgorithmName

String getAlgorithmName()

Description copied from class: AbstractSecureHasher

Returns the algorithm-specific name for logging and messages.

Specified by:

getAlgorithmName in class AbstractSecureHasher

Returns:

the algorithm name

acceptsEmptyInput

boolean acceptsEmptyInput()

Description copied from class: AbstractSecureHasher

Returns true if the algorithm can accept empty (non-null) inputs.

Specified by:

acceptsEmptyInput in class AbstractSecureHasher

Returns:

the true if "" is allowable input