CryptoUtils.java

1
package com.renomad.minum.utils;
2
3
import javax.crypto.SecretKeyFactory;
4
import javax.crypto.spec.PBEKeySpec;
5
import java.nio.charset.StandardCharsets;
6
import java.security.spec.KeySpec;
7
8
/**
9
 * Handy helpers for dealing with cryptographic functions
10
 */
11
public final class CryptoUtils {
12
13
    private CryptoUtils() {
14
        // cannot construct
15
    }
16
17
    /**
18
     * Converts an array of bytes to their corresponding hex string
19
     * @param bytes an array of bytes
20
     * @return a hex string of that array
21
     */
22
    public static String bytesToHex(byte[] bytes) {
23
        StringBuilder hexString = new StringBuilder();
24
        for (byte b : bytes) {
25 1 1. bytesToHex : Replaced bitwise AND with OR → KILLED
            String hex = Integer.toHexString(0xff & b);
26 1 1. bytesToHex : negated conditional → KILLED
            if (hex.length() == 1) hexString.append('0');
27
            hexString.append(hex);
28
        }
29 1 1. bytesToHex : replaced return value with "" for com/renomad/minum/utils/CryptoUtils::bytesToHex → KILLED
        return hexString.toString();
30
    }
31
32
    /**
33
     * Hash the input string with the provided PBKDF2 algorithm, and return a string representation
34
     * Note that the PBKDF2WithHmacSHA1 algorithm is specifically designed to take a long time,
35
     * to slow down an attacker.
36
     * <p>
37
     * See docs/http_protocol/password_storage_cheat_sheet
38
     * </p>
39
     */
40
    public static String createPasswordHash(String password, String salt) {
41 1 1. createPasswordHash : replaced return value with "" for com/renomad/minum/utils/CryptoUtils::createPasswordHash → KILLED
        return createPasswordHash(password, salt, "PBKDF2WithHmacSHA1");
42
    }
43
44
    static String createPasswordHash(String password, String salt, String algorithm) {
45
        final KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(StandardCharsets.UTF_8), 65536, 128);
46
        final SecretKeyFactory factory;
47
48
        try {
49
            factory = SecretKeyFactory.getInstance(algorithm);
50
            final byte[] hashed = factory.generateSecret(spec).getEncoded();
51 1 1. createPasswordHash : replaced return value with "" for com/renomad/minum/utils/CryptoUtils::createPasswordHash → KILLED
            return bytesToHex(hashed);
52
        } catch (Exception e) {
53
            throw new UtilsException(e);
54
        }
55
    }
56
57
}

Mutations

25

1.1
Location : bytesToHex
Killed by : com.renomad.minum.utils.CryptoUtilsTests.testBytesToHex(com.renomad.minum.utils.CryptoUtilsTests)
Replaced bitwise AND with OR → KILLED

26

1.1
Location : bytesToHex
Killed by : com.renomad.minum.utils.CryptoUtilsTests.testBytesToHex(com.renomad.minum.utils.CryptoUtilsTests)
negated conditional → KILLED

29

1.1
Location : bytesToHex
Killed by : com.renomad.minum.utils.CryptoUtilsTests.testBytesToHex(com.renomad.minum.utils.CryptoUtilsTests)
replaced return value with "" for com/renomad/minum/utils/CryptoUtils::bytesToHex → KILLED

41

1.1
Location : createPasswordHash
Killed by : com.renomad.minum.utils.CryptoUtilsTests.testCreatePasswordHash(com.renomad.minum.utils.CryptoUtilsTests)
replaced return value with "" for com/renomad/minum/utils/CryptoUtils::createPasswordHash → KILLED

51

1.1
Location : createPasswordHash
Killed by : com.renomad.minum.utils.CryptoUtilsTests.testCreatePasswordHash(com.renomad.minum.utils.CryptoUtilsTests)
replaced return value with "" for com/renomad/minum/utils/CryptoUtils::createPasswordHash → KILLED

Active mutators

Tests examined


Report generated by PIT 1.17.0