User: starksm
Date: 02/02/06 11:59:45
Modified: src/main/org/jboss/security Tag: Branch_2_4 Util.java
Log:
Add a createPasswordHash utility method for creating string encodings
of MessageDigest hashes.
Revision Changes Path
No revision
No revision
1.1.4.3 +76 -2 jbosssx/src/main/org/jboss/security/Util.java
Index: Util.java
===================================================================
RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/Util.java,v
retrieving revision 1.1.4.2
retrieving revision 1.1.4.3
diff -u -r1.1.4.2 -r1.1.4.3
--- Util.java 2001/12/29 04:32:21 1.1.4.2
+++ Util.java 2002/02/06 19:59:45 1.1.4.3
@@ -13,20 +13,25 @@
import java.security.SecureRandom;
import java.util.Random;
+import org.jboss.security.Logger;
+
/** Various security related utilities like MessageDigest
- factories, SecureRandom access,
+ factories, SecureRandom access, password hashing.
This product includes software developed by Tom Wu and Eugene
Jhong for the SRP Distribution (http://srp.stanford.edu/srp/).
@author [EMAIL PROTECTED]
- @version $Revision: 1.1.4.2 $
+ @version $Revision: 1.1.4.3 $
*/
public class Util
{
+ private static Logger log = Logger.getLogger(Util.class);
private static final int HASH_LEN = 20;
private static final char[] base64Table =
"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./".toCharArray();
+ public static final String BASE64_ENCODING = "BASE64";
+ public static final String BASE16_ENCODING = "HEX";
private static SecureRandom psuedoRng;
private static MessageDigest sha1Digest;
@@ -267,6 +272,75 @@
{
}
return base64;
+ }
+
+ /**
+ * If hashing is enabled, this method is called from <code>login()</code>
+ * prior to password validation.
+ * <p>
+ * Subclasses may override it to provide customized password hashing,
+ * for example by adding user-specific information or salting.
+ * <p>
+ * The default version calculates the hash based on the following options:
+ * <ul>
+ * <li><em>hashAlgorithm</em>: The digest algorithm to use.
+ * <li><em>hashEncoding</em>: The format used to store the hashes (base64 or hex)
+ * <li><em>hashCharset</em>: The encoding used to convert the password to bytes
+ * for hashing.
+ * </ul>
+ * It will return null if the hash fails for any reason, which will in turn
+ * cause <code>validatePassword()</code> to fail.
+ *
+ * @param hashAlgorithm the MessageDigest algorithm name
+ * @param hashEncoding either base64 or hex to specify the type of
+ encoding the MessageDigest as a string.
+ * @param hashCharset the charset used to create the digest encoded string.
+ If null the platform default is used.
+ * @param username ignored in default version
+ * @param password the password string to be hashed
+ */
+ public static String createPasswordHash(String hashAlgorithm, String
hashEncoding,
+ String hashCharset, String username, String password)
+ {
+ byte[] passBytes;
+ String passwordHash = null;
+
+ // convert password to byte data
+ try
+ {
+ if(hashCharset == null)
+ passBytes = password.getBytes();
+ else
+ passBytes = password.getBytes(hashCharset);
+ }
+ catch(UnsupportedEncodingException uee)
+ {
+ log.error("charset " + hashCharset + " not found. Using platform
default.", uee);
+ passBytes = password.getBytes();
+ }
+
+ // calculate the hash and apply the encoding.
+ try
+ {
+ byte[] hash = MessageDigest.getInstance(hashAlgorithm).digest(passBytes);
+ if(hashEncoding.equalsIgnoreCase(BASE64_ENCODING))
+ {
+ passwordHash = Util.encodeBase64(hash);
+ }
+ else if(hashEncoding.equalsIgnoreCase(BASE16_ENCODING))
+ {
+ passwordHash = Util.encodeBase16(hash);
+ }
+ else
+ {
+ log.error("Unsupported hash encoding format " + hashEncoding);
+ }
+ }
+ catch(Exception e)
+ {
+ log.error("Password hash calculation failed ", e);
+ }
+ return passwordHash;
}
// These functions assume that the byte array has MSB at 0, LSB at end.
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
