java.lang.Object

cloud.opencode.base.captcha.security.CaptchaSecurity

public final class CaptchaSecurity extends Object

Captcha Security - Security utilities for CAPTCHA 验证码安全 - 验证码安全工具

This class provides security-related utilities for CAPTCHA operations.

此类提供验证码操作的安全相关工具。

Features | 主要功能:

Secure random ID generation - 安全随机ID生成
Hash-based answer comparison - 基于哈希的答案比较
Timing-safe comparison - 时间安全的比较

Usage Examples | 使用示例:

String id = CaptchaSecurity.generateId();
String hash = CaptchaSecurity.hashAnswer("abc123");
boolean match = CaptchaSecurity.verifyAnswer(hash, "abc123");

Security | 安全性:

Thread-safe: Yes (stateless utility, uses static SecureRandom) - 线程安全: 是（无状态工具，使用静态SecureRandom）
Null-safe: No (arguments must not be null) - 空值安全: 否（参数不能为null）

Since:

JDK 25, opencode-base-captcha V1.0.0

Author:

Leon Soo www.LeonSoo.com

See Also:

Method Summary

Modifier and Type

Method

Description

static boolean

constantTimeEquals(String a, String b)

Constant-time string comparison to prevent timing attacks.

static String

generateSalt()

Generates a random salt.

static String

generateSecureId()

Generates a secure random ID.

static String

generateSecureToken(int length)

Generates a secure random token.

static String

hashAnswer(String answer, String salt)

Hashes an answer for secure storage.

static boolean

verifyHashedAnswer(String answer, String hashedAnswer, String salt)

Verifies a hashed answer.

Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details
- generateSecureId
  
  public static String generateSecureId()
  
  Generates a secure random ID. 生成安全随机 ID。
  
  Returns:
  
  the random ID | 随机 ID
- generateSecureToken
  
  public static String generateSecureToken(int length)
  
  Generates a secure random token. 生成安全随机令牌。
  
  Parameters:
  
  length - the token length in bytes | 令牌字节长度
  
  Returns:
  
  the random token | 随机令牌
- hashAnswer
  
  public static String hashAnswer(String answer, String salt)
  
  Hashes an answer for secure storage. 对答案进行哈希以安全存储。
  
  Parameters:
  
  answer - the answer | 答案
  
  salt - the salt | 盐
  
  Returns:
  
  the hashed answer | 哈希后的答案
- verifyHashedAnswer
  
  public static boolean verifyHashedAnswer(String answer, String hashedAnswer, String salt)
  
  Verifies a hashed answer. 验证哈希后的答案。
  
  Parameters:
  
  answer - the answer to verify | 要验证的答案
  
  hashedAnswer - the hashed answer | 哈希后的答案
  
  salt - the salt | 盐
  
  Returns:
  
  true if matches | 如果匹配返回 true
- constantTimeEquals
  
  public static boolean constantTimeEquals(String a, String b)
  
  Constant-time string comparison to prevent timing attacks. 常量时间字符串比较以防止时序攻击。
  
  Parameters:
  
  a - first string | 第一个字符串
  
  b - second string | 第二个字符串
  
  Returns:
  
  true if equal | 如果相等返回 true
- generateSalt
  
  public static String generateSalt()
  
  Generates a random salt. 生成随机盐。
  
  Returns:
  
  the salt | 盐

Class CaptchaSecurity

Method Summary

Methods inherited from class Object

Method Details

generateSecureId

generateSecureToken

hashAnswer

verifyHashedAnswer

constantTimeEquals

generateSalt