Class HMACSHA1NonceGenerator

java.lang.Object
org.eclipse.jgit.transport.HMACSHA1NonceGenerator
All Implemented Interfaces:
NonceGenerator

public class HMACSHA1NonceGenerator extends Object implements NonceGenerator
The nonce generator which was first introduced to git-core.
Since:
4.0
  • Field Details

  • Constructor Details

  • Method Details

    • createNonce

      public String createNonce(Repository repo, long timestamp) throws IllegalStateException
      Create nonce to be signed by the pusher
      Specified by:
      createNonce in interface NonceGenerator
      Parameters:
      repo - The repository which should be used to obtain a unique String such that the pusher cannot forge nonces by pushing to another repository at the same time as well and reusing the nonce.
      timestamp - The current time in seconds.
      Returns:
      The nonce to be signed by the pusher
      Throws:
      IllegalStateException
    • verify

      public PushCertificate.NonceStatus verify(String received, String sent, Repository db, boolean allowSlop, int slop)
      Verify trustworthiness of the received nonce.
      Specified by:
      verify in interface NonceGenerator
      Parameters:
      received - The nonce which was received from the server
      sent - The nonce which was originally sent out to the client.
      db - The repository which should be used to obtain a unique String such that the pusher cannot forge nonces by pushing to another repository at the same time as well and reusing the nonce.
      allowSlop - If the receiving backend is able to generate slop. This is the case for serving via http protocol using more than one http frontend. The client would talk to different http frontends, which may have a slight difference of time due to
      slop - If `allowSlop` is true, this specifies the number of seconds which we allow as slop.
      Returns:
      a NonceStatus indicating the trustworthiness of the received nonce.
    • toHex

      private static String toHex(byte[] bytes)