View Javadoc
1   /*
2    * Copyright 2012 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty5.handler.codec.http.websocketx;
17  
18  import io.netty5.util.CharsetUtil;
19  import io.netty5.util.concurrent.FastThreadLocal;
20  
21  import java.security.MessageDigest;
22  import java.security.NoSuchAlgorithmException;
23  import java.util.Base64;
24  import java.util.concurrent.ThreadLocalRandom;
25  
26  /**
27   * A utility class mainly for use by web sockets.
28   */
29  final class WebSocketUtil {
30  
31      private static final String V13_ACCEPT_GUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
32  
33      private static final FastThreadLocal<MessageDigest> SHA1 = new FastThreadLocal<>() {
34          @Override
35          protected MessageDigest initialValue() throws Exception {
36              try {
37                  // Try to get a MessageDigest that uses SHA1.
38                  // Suppress a warning about weak hash algorithm
39                  // since it's defined in https://datatracker.ietf.org/doc/html/rfc6455#section-10.8.
40                  return MessageDigest.getInstance("SHA-1"); // lgtm [java/weak-cryptographic-algorithm]
41              } catch (NoSuchAlgorithmException e) {
42                  // This shouldn't happen! How old is the computer ?
43                  throw new InternalError("SHA-1 not supported on this platform - Outdated ?");
44              }
45          }
46      };
47  
48      /**
49       * Performs a SHA-1 hash on the specified data.
50       *
51       * @param data The data to hash
52       * @return the hashed data
53       */
54      static byte[] sha1(byte[] data) {
55          MessageDigest sha1Digest = SHA1.get();
56          sha1Digest.reset();
57          return sha1Digest.digest(data);
58      }
59  
60      /**
61       * Performs base64 encoding on the specified data.
62       *
63       * @param data The data to encode
64       * @return an encoded string containing the data
65       */
66      static String base64(byte[] data) {
67          return Base64.getEncoder().encodeToString(data);
68      }
69  
70      /**
71       * Creates an arbitrary number of random bytes.
72       *
73       * @param size the number of random bytes to create
74       * @return an array of random bytes
75       */
76      static byte[] randomBytes(int size) {
77          var bytes = new byte[size];
78          ThreadLocalRandom.current().nextBytes(bytes);
79          return bytes;
80      }
81  
82      static String calculateV13Accept(String nonce) {
83          String concat = nonce + V13_ACCEPT_GUID;
84          byte[] sha1 = WebSocketUtil.sha1(concat.getBytes(CharsetUtil.US_ASCII));
85          return WebSocketUtil.base64(sha1);
86      }
87  
88      private WebSocketUtil() {
89      }
90  }