private static byte[] bytesUtf8(String s) { if (s == null) { return null; } return Utf8.encode(s); // need to check if Utf8.encode() runs in constant time (probably not). This may leak length of string. }
private String encode(CharSequence rawPassword, byte[] salt) { MessageDigest sha; try { sha = MessageDigest.getInstance("SHA"); sha.update(Utf8.encode(rawPassword)); } catch (java.security.NoSuchAlgorithmException e) { throw new IllegalStateException("No SHA implementation available!"); } if (salt != null) { sha.update(salt); } byte[] hash = combineHashAndSalt(sha.digest(), (byte[]) salt); String prefix; if (salt == null || salt.length == 0) { prefix = forceLowerCasePrefix ? SHA_PREFIX_LC : SHA_PREFIX; } else { prefix = forceLowerCasePrefix ? SSHA_PREFIX_LC : SSHA_PREFIX; } return prefix + Utf8.decode(Base64.getEncoder().encode(hash)); }
private String encodePart(byte[] part) { return Utf8.decode(Base64.getEncoder().encode(part)); } }
public static String convertPasswordToString(Object passObj) { Assert.notNull(passObj, "Password object to convert must not be null"); if (passObj instanceof byte[]) { return Utf8.decode((byte[]) passObj); } else if (passObj instanceof String) { return (String) passObj; } else { throw new IllegalArgumentException( "Password object was not a String or byte array."); } }
/** * Constructs a standard password encoder with a secret value as well as iterations * and hash. * * @param secret the secret * @param iterations the number of iterations. Users should aim for taking about .5 * seconds on their own system. * @param hashWidth the size of the hash */ public Pbkdf2PasswordEncoder(CharSequence secret, int iterations, int hashWidth) { this.secret = Utf8.encode(secret); this.iterations = iterations; this.hashWidth = hashWidth; }
public Token allocateToken(String extendedInformation) { Assert.notNull(extendedInformation, "Must provided non-null extendedInformation (but it can be empty)"); long creationTime = new Date().getTime(); String serverSecret = computeServerSecretApplicableAt(creationTime); String pseudoRandomNumber = generatePseudoRandomNumber(); String content = Long.toString(creationTime) + ":" + pseudoRandomNumber + ":" + extendedInformation; // Compute key String sha512Hex = Sha512DigestUtils.shaHex(content + ":" + serverSecret); String keyPayload = content + ":" + sha512Hex; String key = Utf8.decode(Base64.getEncoder().encode(Utf8.encode(keyPayload))); return new DefaultToken(key, creationTime, extendedInformation); }
private String encodePart(byte[] part) { return Utf8.decode(Base64.getEncoder().encode(part)); } }
private static byte[] bytesUtf8(String s) { if (s == null) { return null; } return Utf8.encode(s); // need to check if Utf8.encode() runs in constant time (probably not). This may leak length of string. }
private String encode(CharSequence rawPassword, byte[] salt) { MessageDigest sha; try { sha = MessageDigest.getInstance("SHA"); sha.update(Utf8.encode(rawPassword)); } catch (java.security.NoSuchAlgorithmException e) { throw new IllegalStateException("No SHA implementation available!"); } if (salt != null) { sha.update(salt); } byte[] hash = combineHashAndSalt(sha.digest(), (byte[]) salt); String prefix; if (salt == null || salt.length == 0) { prefix = forceLowerCasePrefix ? SHA_PREFIX_LC : SHA_PREFIX; } else { prefix = forceLowerCasePrefix ? SSHA_PREFIX_LC : SSHA_PREFIX; } return prefix + Utf8.decode(Base64.getEncoder().encode(hash)); }
private String encode(byte[] digest) { if (this.encodeHashAsBase64) { return Utf8.decode(Base64.getEncoder().encode(digest)); } else { return new String(Hex.encode(digest)); } }
/** * Constructs a standard password encoder with a secret value as well as iterations * and hash. * * @param secret the secret * @param iterations the number of iterations. Users should aim for taking about .5 * seconds on their own system. * @param hashWidth the size of the hash */ public Pbkdf2PasswordEncoder(CharSequence secret, int iterations, int hashWidth) { this.secret = Utf8.encode(secret); this.iterations = iterations; this.hashWidth = hashWidth; }
public Token allocateToken(String extendedInformation) { Assert.notNull(extendedInformation, "Must provided non-null extendedInformation (but it can be empty)"); long creationTime = new Date().getTime(); String serverSecret = computeServerSecretApplicableAt(creationTime); String pseudoRandomNumber = generatePseudoRandomNumber(); String content = Long.toString(creationTime) + ":" + pseudoRandomNumber + ":" + extendedInformation; // Compute key String sha512Hex = Sha512DigestUtils.shaHex(content + ":" + serverSecret); String keyPayload = content + ":" + sha512Hex; String key = Utf8.decode(Base64.getEncoder().encode(Utf8.encode(keyPayload))); return new DefaultToken(key, creationTime, extendedInformation); }
private String encode(byte[] digest) { if (this.encodeHashAsBase64) { return Utf8.decode(Base64.getEncoder().encode(digest)); } else { return new String(Hex.encode(digest)); } }
private byte[] decodePart(String part) { return Base64.getDecoder().decode(Utf8.encode(part)); }
private String encode(byte[] digest) { if (this.encodeHashAsBase64) { return Utf8.decode(Base64.getEncoder().encode(digest)); } else { return new String(Hex.encode(digest)); } }
private byte[] decodePart(String part) { return Base64.getDecoder().decode(Utf8.encode(part)); }
@Override public AuditEvent getAuditEvent() { String name = getAuthentication().getName(); try { // Store hash of name, to conceal accidental entry of sensitive info // (e.g. password) name = Utf8.decode(Base64.encode(MessageDigest.getInstance("SHA-1").digest(Utf8.encode(name)))); } catch (NoSuchAlgorithmException shouldNeverHappen) { name = "NOSHA"; } return createAuditRecord(name, AuditEventType.UserNotFound, getOrigin(getAuthenticationDetails()), ""); } }
private String encode(byte[] digest) { if (this.encodeHashAsBase64) { return Utf8.decode(Base64.getEncoder().encode(digest)); } else { return new String(Hex.encode(digest)); } }
private String digest(CharSequence rawPassword, byte[] salt) { byte[] derived = SCrypt.generate(Utf8.encode(rawPassword), salt, cpuCost, memoryCost, parallelization, keyLength); String params = Long .toString(((int) (Math.log(cpuCost) / Math.log(2)) << 16L) | memoryCost << 8 | parallelization, 16); StringBuilder sb = new StringBuilder((salt.length + derived.length) * 2); sb.append("$").append(params).append('$'); sb.append(encodePart(salt)).append('$'); sb.append(encodePart(derived)); return sb.toString(); }