private static Password parseUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { assert cryptString.length == 13; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString); // 12 bit salt int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); short salt = (short) (s0 | s1 << 6); // 64 bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(8).drain(); return UnixDESCryptPassword.createRaw(UnixDESCryptPassword.ALGORITHM_CRYPT_DES, salt, hash); }
private static Password parseUnixMD5CryptPasswordString(final char[] cryptString) throws InvalidKeySpecException { assert cryptString[0] == '$'; // previously tested by doIdentifyAlgorithm assert cryptString[1] == '1'; // previously tested by doIdentifyAlgorithm assert cryptString[2] == '$'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 3); try { final byte[] salt = r.delimitedBy('$').drainToString().getBytes(StandardCharsets.ISO_8859_1); if (! r.hasNext()) { throw log.invalidKeySpecNoSaltTerminatorGiven(); } r.next(); // skip $ final byte[] decoded = r.base64Decode(MOD_CRYPT_LE, false).limitedTo(MD5_IDX_REV.length).drain(); if (decoded.length != MD5_IDX.length) { throw log.invalidHashLength(); } byte[] hash = ByteIterator.ofBytes(decoded, MD5_IDX_REV).drain(); return UnixMD5CryptPassword.createRaw(UnixMD5CryptPassword.ALGORITHM_CRYPT_MD5, salt, hash); } catch (NoSuchElementException e) { throw log.invalidKeySpecUnexpectedEndOfPasswordStringWithCause(e); } }
private static Password parseBSDUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { // Note that crypt strings have the format: "_{rounds}{salt}{hash}" as described // in the "DES Extended Format" section here: http://www.freebsd.org/cgi/man.cgi?crypt(3) assert cryptString.length == 20; assert cryptString[0] == '_'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 1); // The next 4 characters correspond to the encoded number of rounds - this is decoded to a 24-bit integer int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); int s2 = MOD_CRYPT.decode(r.next()); int s3 = MOD_CRYPT.decode(r.next()); int iterationCount = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The next 4 characters correspond to the encoded salt - this is decoded to a 24-bit integer s0 = MOD_CRYPT.decode(r.next()); s1 = MOD_CRYPT.decode(r.next()); s2 = MOD_CRYPT.decode(r.next()); s3 = MOD_CRYPT.decode(r.next()); int salt = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The final 11 characters correspond to the encoded password - this is decoded to a 64-bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(11).drain(); return BSDUnixDESCryptPassword.createRaw(BSDUnixDESCryptPassword.ALGORITHM_BSD_CRYPT_DES, hash, salt, iterationCount); }
if (! bi.limitedTo(clientNonce.length).contentEquals(ByteIterator.ofBytes(clientNonce))) { throw saslScram.mechNoncesDoNotMatch();
private static Password parseUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { assert cryptString.length == 13; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString); // 12 bit salt int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); short salt = (short) (s0 | s1 << 6); // 64 bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(8).drain(); return UnixDESCryptPassword.createRaw(UnixDESCryptPassword.ALGORITHM_CRYPT_DES, salt, hash); }
private static Password parseUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { assert cryptString.length == 13; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString); // 12 bit salt int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); short salt = (short) (s0 | s1 << 6); // 64 bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(8).drain(); return UnixDESCryptPassword.createRaw(UnixDESCryptPassword.ALGORITHM_CRYPT_DES, salt, hash); }
private static Password parseUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { assert cryptString.length == 13; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString); // 12 bit salt int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); short salt = (short) (s0 | s1 << 6); // 64 bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(8).drain(); return UnixDESCryptPassword.createRaw(UnixDESCryptPassword.ALGORITHM_CRYPT_DES, salt, hash); }
private static Password parseUnixMD5CryptPasswordString(final char[] cryptString) throws InvalidKeySpecException { assert cryptString[0] == '$'; // previously tested by doIdentifyAlgorithm assert cryptString[1] == '1'; // previously tested by doIdentifyAlgorithm assert cryptString[2] == '$'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 3); try { final byte[] salt = r.delimitedBy('$').drainToString().getBytes(StandardCharsets.ISO_8859_1); if (! r.hasNext()) { throw log.invalidKeySpecNoSaltTerminatorGiven(); } r.next(); // skip $ final byte[] decoded = r.base64Decode(MOD_CRYPT_LE, false).limitedTo(MD5_IDX_REV.length).drain(); if (decoded.length != MD5_IDX.length) { throw log.invalidHashLength(); } byte[] hash = ByteIterator.ofBytes(decoded, MD5_IDX_REV).drain(); return UnixMD5CryptPassword.createRaw(UnixMD5CryptPassword.ALGORITHM_CRYPT_MD5, salt, hash); } catch (NoSuchElementException e) { throw log.invalidKeySpecUnexpectedEndOfPasswordStringWithCause(e); } }
private static Password parseUnixMD5CryptPasswordString(final char[] cryptString) throws InvalidKeySpecException { assert cryptString[0] == '$'; // previously tested by doIdentifyAlgorithm assert cryptString[1] == '1'; // previously tested by doIdentifyAlgorithm assert cryptString[2] == '$'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 3); try { final byte[] salt = r.delimitedBy('$').drainToString().getBytes(StandardCharsets.ISO_8859_1); if (! r.hasNext()) { throw log.invalidKeySpecNoSaltTerminatorGiven(); } r.next(); // skip $ final byte[] decoded = r.base64Decode(MOD_CRYPT_LE, false).limitedTo(MD5_IDX_REV.length).drain(); if (decoded.length != MD5_IDX.length) { throw log.invalidHashLength(); } byte[] hash = ByteIterator.ofBytes(decoded, MD5_IDX_REV).drain(); return UnixMD5CryptPassword.createRaw(UnixMD5CryptPassword.ALGORITHM_CRYPT_MD5, salt, hash); } catch (NoSuchElementException e) { throw log.invalidKeySpecUnexpectedEndOfPasswordStringWithCause(e); } }
private static Password parseUnixMD5CryptPasswordString(final char[] cryptString) throws InvalidKeySpecException { assert cryptString[0] == '$'; // previously tested by doIdentifyAlgorithm assert cryptString[1] == '1'; // previously tested by doIdentifyAlgorithm assert cryptString[2] == '$'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 3); try { final byte[] salt = r.delimitedBy('$').drainToString().getBytes(StandardCharsets.ISO_8859_1); if (! r.hasNext()) { throw log.invalidKeySpecNoSaltTerminatorGiven(); } r.next(); // skip $ final byte[] decoded = r.base64Decode(MOD_CRYPT_LE, false).limitedTo(MD5_IDX_REV.length).drain(); if (decoded.length != MD5_IDX.length) { throw log.invalidHashLength(); } byte[] hash = ByteIterator.ofBytes(decoded, MD5_IDX_REV).drain(); return UnixMD5CryptPassword.createRaw(UnixMD5CryptPassword.ALGORITHM_CRYPT_MD5, salt, hash); } catch (NoSuchElementException e) { throw log.invalidKeySpecUnexpectedEndOfPasswordStringWithCause(e); } }
private static Password parseBSDUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { // Note that crypt strings have the format: "_{rounds}{salt}{hash}" as described // in the "DES Extended Format" section here: http://www.freebsd.org/cgi/man.cgi?crypt(3) assert cryptString.length == 20; assert cryptString[0] == '_'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 1); // The next 4 characters correspond to the encoded number of rounds - this is decoded to a 24-bit integer int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); int s2 = MOD_CRYPT.decode(r.next()); int s3 = MOD_CRYPT.decode(r.next()); int iterationCount = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The next 4 characters correspond to the encoded salt - this is decoded to a 24-bit integer s0 = MOD_CRYPT.decode(r.next()); s1 = MOD_CRYPT.decode(r.next()); s2 = MOD_CRYPT.decode(r.next()); s3 = MOD_CRYPT.decode(r.next()); int salt = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The final 11 characters correspond to the encoded password - this is decoded to a 64-bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(11).drain(); return BSDUnixDESCryptPassword.createRaw(BSDUnixDESCryptPassword.ALGORITHM_BSD_CRYPT_DES, hash, salt, iterationCount); }
private static Password parseBSDUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { // Note that crypt strings have the format: "_{rounds}{salt}{hash}" as described // in the "DES Extended Format" section here: http://www.freebsd.org/cgi/man.cgi?crypt(3) assert cryptString.length == 20; assert cryptString[0] == '_'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 1); // The next 4 characters correspond to the encoded number of rounds - this is decoded to a 24-bit integer int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); int s2 = MOD_CRYPT.decode(r.next()); int s3 = MOD_CRYPT.decode(r.next()); int iterationCount = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The next 4 characters correspond to the encoded salt - this is decoded to a 24-bit integer s0 = MOD_CRYPT.decode(r.next()); s1 = MOD_CRYPT.decode(r.next()); s2 = MOD_CRYPT.decode(r.next()); s3 = MOD_CRYPT.decode(r.next()); int salt = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The final 11 characters correspond to the encoded password - this is decoded to a 64-bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(11).drain(); return BSDUnixDESCryptPassword.createRaw(BSDUnixDESCryptPassword.ALGORITHM_BSD_CRYPT_DES, hash, salt, iterationCount); }
private static Password parseBSDUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { // Note that crypt strings have the format: "_{rounds}{salt}{hash}" as described // in the "DES Extended Format" section here: http://www.freebsd.org/cgi/man.cgi?crypt(3) assert cryptString.length == 20; assert cryptString[0] == '_'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 1); // The next 4 characters correspond to the encoded number of rounds - this is decoded to a 24-bit integer int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); int s2 = MOD_CRYPT.decode(r.next()); int s3 = MOD_CRYPT.decode(r.next()); int iterationCount = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The next 4 characters correspond to the encoded salt - this is decoded to a 24-bit integer s0 = MOD_CRYPT.decode(r.next()); s1 = MOD_CRYPT.decode(r.next()); s2 = MOD_CRYPT.decode(r.next()); s3 = MOD_CRYPT.decode(r.next()); int salt = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The final 11 characters correspond to the encoded password - this is decoded to a 64-bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(11).drain(); return BSDUnixDESCryptPassword.createRaw(BSDUnixDESCryptPassword.ALGORITHM_BSD_CRYPT_DES, hash, salt, iterationCount); }
if (! bi.limitedTo(clientNonce.length).contentEquals(ByteIterator.ofBytes(clientNonce))) { throw saslScram.mechNoncesDoNotMatch();
if (! bi.limitedTo(clientNonce.length).contentEquals(ByteIterator.ofBytes(clientNonce))) { throw saslScram.mechNoncesDoNotMatch();
if (! bi.limitedTo(clientNonce.length).contentEquals(ByteIterator.ofBytes(clientNonce))) { throw saslScram.mechNoncesDoNotMatch();