Class Security

java.lang.Object
vn.edu.uit.csbu.software_design.software_design_backend.Security
public class Security extends Object
The `Security` class in Java provides methods to detect SQL injection and XSS vulnerabilities in input strings, as well as to generate SHA-3-256 hashes and manipulate the hash output length.

  • Constructor Summary

    Constructors
    Constructor
    Description
    Security()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static boolean
    containsSQLInjection(String input)
    The function checks if a given input string contains SQL injection patterns.
    static boolean
    containsXSS(String input)
    The function checks if a given input string contains a potential Cross-Site Scripting (XSS) attack pattern.
    String
    getHashedStringOfLength(String input, int length)
    The function `getHashedStringOfLength` takes an input string, hashes it using SHA algorithm, and returns a hashed string of specified length by either truncating or padding with '0's.
    byte[]
    getSHA(String input)
    The function `getSHA` calculates the SHA-3-256 hash of a given input string and returns it as a byte array.
    String
    toHexString(byte[] hash)
    The function `toHexString` converts a byte array hash into a hexadecimal string representation with leading zeros.

    Methods inherited from class java.lang.Object

    equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • Security

      public Security()

  • Method Details

    • containsSQLInjection

      public static boolean containsSQLInjection(String input)
      The function checks if a given input string contains SQL injection patterns.
      Parameters:
      input - The `containsSQLInjection` method checks if the input string contains any SQL injection patterns. It returns `true` if a SQL injection pattern is found in the input string, and `false` otherwise.
      Returns:
      The method `containsSQLInjection` returns a boolean value indicating whether the input string contains a SQL injection pattern.

    • containsXSS

      public static boolean containsXSS(String input)
      The function checks if a given input string contains a potential Cross-Site Scripting (XSS) attack pattern.
      Parameters:
      input - The `containsXSS` method checks if the input string contains any potential Cross-Site Scripting (XSS) patterns. It uses a regular expression pattern defined in `XSS_PATTERN` to identify XSS patterns in the input string.
      Returns:
      The method `containsXSS` returns a boolean value indicating whether the input string contains a potential Cross-Site Scripting (XSS) attack pattern. If the input is null or empty, it returns `false` as null or empty strings are not considered XSS. Otherwise, it uses a regular expression pattern (`XSS_PATTERN`) to check if the input string contains any XSS patterns and returns the

    • getSHA

      public byte[] getSHA(String input) throws NoSuchAlgorithmException
      The function `getSHA` calculates the SHA-3-256 hash of a given input string and returns it as a byte array.
      Parameters:
      input - The `getSHA` method you provided takes a `String` input and calculates the SHA-3-256 hash of that input. The `input` parameter is the string for which you want to calculate the hash.
      Returns:
      The method `getSHA` returns an array of bytes which represents the SHA-3-256 hash of the input string provided.
      Throws:
      NoSuchAlgorithmException - the no such algorithm exception

    • toHexString

      public String toHexString(byte[] hash)
      The function `toHexString` converts a byte array hash into a hexadecimal string representation with leading zeros.
      Parameters:
      hash - The `hash` parameter is a byte array that represents a message digest or cryptographic hash value that you want to convert to a hexadecimal string. The method `toHexString` takes this byte array and converts it into a hexadecimal representation.
      Returns:
      The method `toHexString` returns a hexadecimal representation of the input byte array `hash`.

    • getHashedStringOfLength

      public String getHashedStringOfLength(String input, int length) throws NoSuchAlgorithmException
      The function `getHashedStringOfLength` takes an input string, hashes it using SHA algorithm, and returns a hashed string of specified length by either truncating or padding with '0's.
      Parameters:
      input - The `input` parameter is the string that you want to hash and adjust the length of.
      length - The `length` parameter in the `getHashedStringOfLength` method specifies the desired length of the hashed string that will be returned. The method will either truncate the hashed string to match the specified length or pad the hashed string with '0' characters at the end to reach the desired length
      Returns:
      The method `getHashedStringOfLength` returns a hashed string of the specified length. If the hashed string is longer than the specified length, it truncates the hashed string to the specified length. If the hashed string is shorter than the specified length, it pads the hashed string with '0' characters at the end to reach the specified length.
      Throws:
      NoSuchAlgorithmException - the no such algorithm exception