/** * Digest the plain string using the given algorithm. * * @param algorithm The alogrithm for the digest. This algorithm must be * supported by the MessageDigest class. * @param data The plain text String to be digested. * @param enc The character encoding to use * @return The digested plain text String represented as Hex digits. * @throws java.security.NoSuchAlgorithmException if the desired algorithm is not supported by * the MessageDigest class. * @throws java.io.UnsupportedEncodingException if the encoding is not supported */ public static String digest(String algorithm, String data, String enc) throws NoSuchAlgorithmException, UnsupportedEncodingException { return digest(algorithm, data.getBytes(enc)); }
/** * Digest the plain string using the given algorithm. * * @param algorithm The alogrithm for the digest. This algorithm must be * supported by the MessageDigest class. * @param data The plain text String to be digested. * @param enc The character encoding to use * @return The digested plain text String represented as Hex digits. * @throws java.security.NoSuchAlgorithmException if the desired algorithm is not supported by * the MessageDigest class. * @throws java.io.UnsupportedEncodingException if the encoding is not supported */ public static String digest(String algorithm, String data, String enc) throws NoSuchAlgorithmException, UnsupportedEncodingException { return digest(algorithm, data.getBytes(enc)); }
/** * Digest the plain string using the given algorithm. * * @param algorithm The alogrithm for the digest. This algorithm must be * supported by the MessageDigest class. * @param data The plain text String to be digested. * @param enc The character encoding to use * @return The digested plain text String represented as Hex digits. * @throws java.security.NoSuchAlgorithmException if the desired algorithm is not supported by * the MessageDigest class. * @throws java.io.UnsupportedEncodingException if the encoding is not supported */ public static String digest(String algorithm, String data, String enc) throws NoSuchAlgorithmException, UnsupportedEncodingException { return digest(algorithm, data.getBytes(enc)); }
/** * Digest the plain string using the given algorithm. * * @param algorithm The alogrithm for the digest. This algorithm must be * supported by the MessageDigest class. * @param data The plain text String to be digested. * @param enc The character encoding to use * @return The digested plain text String represented as Hex digits. * @throws java.security.NoSuchAlgorithmException if the desired algorithm is not supported by * the MessageDigest class. * @throws java.io.UnsupportedEncodingException if the encoding is not supported */ public static String digest(String algorithm, String data, String enc) throws NoSuchAlgorithmException, UnsupportedEncodingException { return digest(algorithm, data.getBytes(enc)); }
/** * Digest the plain string using the given algorithm. * * @param algorithm The alogrithm for the digest. This algorithm must be * supported by the MessageDigest class. * @param data The plain text String to be digested. * @param enc The character encoding to use * @return The digested plain text String represented as Hex digits. * @throws java.security.NoSuchAlgorithmException if the desired algorithm is not supported by * the MessageDigest class. * @throws java.io.UnsupportedEncodingException if the encoding is not supported */ public static String digest(String algorithm, String data, String enc) throws NoSuchAlgorithmException, UnsupportedEncodingException { return digest(algorithm, data.getBytes(enc)); }
/** * Calculate an MD5 hash of the string given. * * @param data the data to encode * @param enc the character encoding to use * @return a hex encoded string of the md5 digested input */ public static String md5(String data, String enc) throws UnsupportedEncodingException { try { return digest("MD5", data.getBytes(enc)); } catch (NoSuchAlgorithmException e) { throw new InternalError("MD5 digest not available???"); } }
/** * Calculate an MD5 hash of the string given. * * @param data the data to encode * @param enc the character encoding to use * @return a hex encoded string of the md5 digested input */ public static String md5(String data, String enc) throws UnsupportedEncodingException { try { return digest("MD5", data.getBytes(enc)); } catch (NoSuchAlgorithmException e) { throw new InternalError("MD5 digest not available???"); } }
/** * Calculate an MD5 hash of the string given. * * @param data the data to encode * @param enc the character encoding to use * @return a hex encoded string of the md5 digested input */ public static String md5(String data, String enc) throws UnsupportedEncodingException { try { return digest("MD5", data.getBytes(enc)); } catch (NoSuchAlgorithmException e) { throw new InternalError("MD5 digest not available???"); } }
/** * Calculate an MD5 hash of the string given. * * @param data the data to encode * @param enc the character encoding to use * @return a hex encoded string of the md5 digested input */ public static String md5(String data, String enc) throws UnsupportedEncodingException { try { return digest("MD5", data.getBytes(enc)); } catch (NoSuchAlgorithmException e) { throw new InternalError("MD5 digest not available???"); } }
/** * Calculate an MD5 hash of the string given. * * @param data the data to encode * @param enc the character encoding to use * @return a hex encoded string of the md5 digested input */ public static String md5(String data, String enc) throws UnsupportedEncodingException { try { return digest("MD5", data.getBytes(enc)); } catch (NoSuchAlgorithmException e) { throw new InternalError("MD5 digest not available???"); } }
private static String generateHash(String pwd, String algorithm, String salt, int iterations) throws NoSuchAlgorithmException { StringBuilder passwordHash = new StringBuilder(); passwordHash.append('{').append(algorithm).append('}'); if (salt != null && salt.length() > 0) { StringBuilder data = new StringBuilder(); data.append(salt).append(pwd); passwordHash.append(salt).append(DELIMITER); if (iterations > NO_ITERATIONS) { passwordHash.append(iterations).append(DELIMITER); } passwordHash.append(generateDigest(data.toString(), algorithm, iterations)); } else { // backwards compatible to jr 2.0: no salt, no iterations passwordHash.append(Text.digest(algorithm, pwd.getBytes(ENCODING))); } return passwordHash.toString(); }
private static String getDigestedKey(String key) throws RepositoryException { try { StringBuilder sb = new StringBuilder(); sb.append("{").append(SecurityConstants.DEFAULT_DIGEST).append("}"); sb.append(Text.digest(SecurityConstants.DEFAULT_DIGEST, key, "UTF-8")); return sb.toString(); } catch (NoSuchAlgorithmException e) { throw new RepositoryException("Failed to generate login token."); } catch (UnsupportedEncodingException e) { throw new RepositoryException("Failed to generate login token."); } }
private static String getDigestedKey(String key) throws RepositoryException { try { StringBuilder sb = new StringBuilder(); sb.append("{").append(SecurityConstants.DEFAULT_DIGEST).append("}"); sb.append(Text.digest(SecurityConstants.DEFAULT_DIGEST, key, "UTF-8")); return sb.toString(); } catch (NoSuchAlgorithmException e) { throw new RepositoryException("Failed to generate login token."); } catch (UnsupportedEncodingException e) { throw new RepositoryException("Failed to generate login token."); } }
private static String generateHash(String pwd, String algorithm, String salt, int iterations) throws NoSuchAlgorithmException { StringBuilder passwordHash = new StringBuilder(); passwordHash.append('{').append(algorithm).append('}'); if (salt != null && salt.length() > 0) { StringBuilder data = new StringBuilder(); data.append(salt).append(pwd); passwordHash.append(salt).append(DELIMITER); if (iterations > NO_ITERATIONS) { passwordHash.append(iterations).append(DELIMITER); } passwordHash.append(generateDigest(data.toString(), algorithm, iterations)); } else { // backwards compatible to jr 2.0: no salt, no iterations passwordHash.append(Text.digest(algorithm, pwd.getBytes(ENCODING))); } return passwordHash.toString(); }
@NotNull private static String generateHash(@NotNull String pwd, @NotNull String algorithm, @Nullable String salt, int iterations) throws NoSuchAlgorithmException, UnsupportedEncodingException { StringBuilder passwordHash = new StringBuilder(); passwordHash.append('{').append(algorithm).append('}'); if (salt != null && !salt.isEmpty()) { StringBuilder data = new StringBuilder(); data.append(salt).append(pwd); passwordHash.append(salt).append(DELIMITER); if (iterations > NO_ITERATIONS) { passwordHash.append(iterations).append(DELIMITER); } String digest; if (algorithm.startsWith(PBKDF2_PREFIX)) { digest = generatePBKDF2(pwd, salt, algorithm, iterations, 128); } else { digest = generateDigest(data.toString(), algorithm, iterations); } passwordHash.append(digest); } else { // backwards compatible to jr 2.0: no salt, no iterations passwordHash.append(Text.digest(algorithm, pwd.getBytes(ENCODING))); } return passwordHash.toString(); }
@Nonnull private static String generateHash(@Nonnull String pwd, @Nonnull String algorithm, @Nullable String salt, int iterations) throws NoSuchAlgorithmException, UnsupportedEncodingException { StringBuilder passwordHash = new StringBuilder(); passwordHash.append('{').append(algorithm).append('}'); if (salt != null && !salt.isEmpty()) { StringBuilder data = new StringBuilder(); data.append(salt).append(pwd); passwordHash.append(salt).append(DELIMITER); if (iterations > NO_ITERATIONS) { passwordHash.append(iterations).append(DELIMITER); } String digest; if (algorithm.startsWith(PBKDF2_PREFIX)) { digest = generatePBKDF2(pwd, salt, algorithm, iterations, 128); } else { digest = generateDigest(data.toString(), algorithm, iterations); } passwordHash.append(digest); } else { // backwards compatible to jr 2.0: no salt, no iterations passwordHash.append(Text.digest(algorithm, pwd.getBytes(ENCODING))); } return passwordHash.toString(); }
protected String buildPassword(String uid, boolean createDigest) throws IllegalArgumentException { if (createDigest) { try { StringBuilder password = new StringBuilder(); password.append("{").append(SecurityConstants.DEFAULT_DIGEST).append("}"); password.append(Text.digest(SecurityConstants.DEFAULT_DIGEST, uid.getBytes(StandardCharsets.UTF_8))); return password.toString(); } catch (NoSuchAlgorithmException e) { throw new IllegalArgumentException(e.toString()); } } else { return uid; } }
@Test public void testBuildPasswordHashNoSaltNoIterations() throws Exception { assumeFalse(PasswordUtil.DEFAULT_ALGORITHM.startsWith(PasswordUtil.PBKDF2_PREFIX)); String jr2Hash = "{"+PasswordUtil.DEFAULT_ALGORITHM+"}" + Text.digest(PasswordUtil.DEFAULT_ALGORITHM, "pw".getBytes("utf-8")); assertTrue(PasswordUtil.isSame(jr2Hash, "pw")); }
public void testChangePassword() throws RepositoryException, NotExecutableException, NoSuchAlgorithmException, UnsupportedEncodingException { User u = (User) userMgr.getAuthorizable(uID); String sha1Hash = "{" +SecurityConstants.DEFAULT_DIGEST+ "}" + Text.digest(SecurityConstants.DEFAULT_DIGEST, "abc".getBytes()); String md5Hash = "{md5}" + Text.digest("md5", "abc".getBytes());
public void testPasswordMatch() throws NoSuchAlgorithmException, UnsupportedEncodingException { // simple credentials containing the crypted pw must not match. SimpleCredentials sc = new SimpleCredentials(userID, cCreds.get(0).getPassword().toCharArray()); for (CryptedSimpleCredentials cc : cCreds) { assertFalse(cc.matches(sc)); } // simple credentials containing different pw must not match. SimpleCredentials sc2 = new SimpleCredentials(userID, "otherPw".toCharArray()); for (CryptedSimpleCredentials cc : cCreds) { assertFalse(cc.matches(sc2)); } // simple credentials with pw in digested form must not match. SimpleCredentials sc3 = new SimpleCredentials(userID, "{unknown}somePw".toCharArray()); for (CryptedSimpleCredentials cc : cCreds) { assertFalse(cc.matches(sc3)); } // simple credentials with pw with different digest must not match SimpleCredentials sc4 = new SimpleCredentials(userID, ("{md5}"+Text.digest("md5", pw.getBytes("UTF-8"))).toCharArray()); for (CryptedSimpleCredentials cc : cCreds) { assertFalse(cc.matches(sc4)); } }