org.eclipse.jgit.transport

Class HMACSHA1NonceGenerator

java.lang.Object

org.eclipse.jgit.transport.HMACSHA1NonceGenerator

All Implemented Interfaces:

NonceGenerator

public class HMACSHA1NonceGenerator
extends java.lang.Object
implements NonceGenerator

The nonce generator which was first introduced to git-core.

Since:

4.0

Field Summary

Fields

Modifier and Type	Field and Description
private static java.lang.String	HEX
private javax.crypto.Mac	mac

Constructor Summary

Constructors

Constructor and Description
HMACSHA1NonceGenerator(java.lang.String seed) Constructor for HMACSHA1NonceGenerator.

Method Summary

Modifier and Type	Method and Description
java.lang.String	createNonce(Repository repo, long timestamp) Create nonce to be signed by the pusher
private static java.lang.String	toHex(byte[] bytes)
PushCertificate.NonceStatus	verify(java.lang.String received, java.lang.String sent, Repository db, boolean allowSlop, int slop) Verify trustworthiness of the received nonce.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

mac

private javax.crypto.Mac mac

HEX

private static final java.lang.String HEX

See Also:

Constant Field Values

Constructor Detail

HMACSHA1NonceGenerator

public HMACSHA1NonceGenerator(java.lang.String seed)
                       throws java.lang.IllegalStateException

Constructor for HMACSHA1NonceGenerator.

Parameters:

seed - seed the generator

Throws:

java.lang.IllegalStateException

Method Detail

createNonce

public java.lang.String createNonce(Repository repo,
                                    long timestamp)
                             throws java.lang.IllegalStateException

Create nonce to be signed by the pusher

Specified by:

createNonce in interface NonceGenerator

Parameters:

repo - The repository which should be used to obtain a unique String such that the pusher cannot forge nonces by pushing to another repository at the same time as well and reusing the nonce.

timestamp - The current time in seconds.

Returns:

The nonce to be signed by the pusher

Throws:

java.lang.IllegalStateException

verify

public PushCertificate.NonceStatus verify(java.lang.String received,
                                          java.lang.String sent,
                                          Repository db,
                                          boolean allowSlop,
                                          int slop)

Verify trustworthiness of the received nonce.

Specified by:

verify in interface NonceGenerator

Parameters:

received - The nonce which was received from the server

sent - The nonce which was originally sent out to the client.

db - The repository which should be used to obtain a unique String such that the pusher cannot forge nonces by pushing to another repository at the same time as well and reusing the nonce.

allowSlop - If the receiving backend is is able to generate slop. This is the case for serving via http protocol using more than one http frontend. The client would talk to different http frontends, which may have a slight difference of time due to

slop - If `allowSlop` is true, this specifies the number of seconds which we allow as slop.

Returns:

a NonceStatus indicating the trustworthiness of the received nonce.

toHex

private static java.lang.String toHex(byte[] bytes)