KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > ext > util > CryptUtils


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name$
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */
28 package net.sf.jguard.ext.util;
29
30 import java.security.MessageDigest JavaDoc;
31 import java.security.NoSuchAlgorithmException JavaDoc;
32 import java.security.Security JavaDoc;
33 import java.util.Iterator JavaDoc;
34 import java.util.Set JavaDoc;
35
36
37
38    /**
39     * this class is done originally by andy tagish, with his great jaas modules.
40     * you can reach it <a HREF="http://free.tagish.net/jaas/index.jsp">on his website</a>
41     * the licence of the code provided by andy tagish is also the LGPL.
42     * this class is loaded by the application server classloader.
43     * @author <a HREF="mailto:andy@tagish.com">Andy Armstrong</a>
44     * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
45     *
46     */
47    public class CryptUtils {
48
49        //by default, the NONE digestAlgorithm is provided
50 public final static String JavaDoc NONE_ALGORITHM = "NONE";
51        private static String JavaDoc digestAlgorithm = NONE_ALGORITHM;
52        private static MessageDigest JavaDoc md = null;
53
54        public static char[] salt = null;
55
56        /**
57         * Turn a byte array into a char array containing a printable
58         * hex representation of the bytes. Each byte in the source array
59         * contributes a pair of hex digits to the output array.
60         *
61         * @param src the source array
62         * @return a char array containing a printable version of the source
63         * data
64         */
65        private static char[] hexDump(byte src[])
66        {
67            char buf[] = new char[src.length * 2];
68            for (int b = 0; b < src.length; b++) {
69                String JavaDoc byt = Integer.toHexString(src[b] & 0xFF);
70                if (byt.length() < 2) {
71                    buf[b * 2 + 0] = '0';
72                    buf[b * 2 + 1] = byt.charAt(0);
73                } else {
74                    buf[b * 2 + 0] = byt.charAt(0);
75                    buf[b * 2 + 1] = byt.charAt(1);
76                }
77            }
78            return buf;
79        }
80
81        /**
82         * Zero the contents of the specified array. Typically used to
83         * erase temporary storage that has held plaintext passwords
84         * so that we don't leave them lying around in memory.
85         *
86         * @param pwd the array to zero
87         */
88        public static void smudge(char pwd[])
89        {
90            if (null != pwd) {
91                for (int b = 0; b < pwd.length; b++) {
92                    pwd[b] = 0;
93                }
94            }
95        }
96
97        /**
98         * Zero the contents of the specified array.
99         *
100         * @param pwd the array to zero
101         */
102        public static void smudge(byte pwd[])
103        {
104            if (null != pwd) {
105                for (int b = 0; b < pwd.length; b++) {
106                    pwd[b] = 0;
107                }
108            }
109        }
110
111        /**
112         * Perform message digest hashing on the supplied password and return a char array
113         * containing the encrypted password as a printable string. The hash is
114         * computed on the low 8 bits of each character.
115         *
116         * @param pwd The password to encrypt
117         * @return a character array containing a 32 character long hex encoded
118         * MD5 hash of the password
119         * @throws NoSuchAlgorithmException
120         */
121        public static char[] cryptPassword(char[] pwd) throws NoSuchAlgorithmException JavaDoc{
122
123            char[] newPwd= null;
124
125            if(salt!=null){
126            newPwd = saltPassword(pwd);
127            }else{
128                newPwd = pwd;
129            }
130
131            //if no algorithm is set, we don't crypt the char array
132 if(digestAlgorithm.equals(NONE_ALGORITHM)){
133                return newPwd;
134            }
135
136            //messageDigest algorithm initialization
137 if (null == md) {
138               md = MessageDigest.getInstance(digestAlgorithm);
139            }
140            md.reset();
141
142            //transform char array into byte array
143 byte pwdb[] = new byte[newPwd.length];
144
145            for (int b = 0; b < newPwd.length; b++) {
146                pwdb[b] = (byte) newPwd[b];
147            }
148
149            char crypt[] = hexDump(md.digest(pwdb));
150            smudge(pwdb);
151            return crypt;
152        }
153
154         private static char[] saltPassword(char[] pwd) {
155             //merge password and salt
156 char[] merged = new char[pwd.length+salt.length];
157                int mergedIndex = 0;
158                for(int i=0;i<pwd.length;i++){
159                    merged[mergedIndex]=pwd[i];
160                    mergedIndex++;
161                }
162                for(int j=0;j<salt.length;j++){
163                    merged[mergedIndex]=salt[j];
164                    mergedIndex++;
165                }
166                return merged;
167         }
168
169         /**
170          * @return digestAlgorithm
171          */
172         public static String JavaDoc getDigestAlgorithm() {
173             return digestAlgorithm;
174         }
175
176         /**
177          * set the message digest algorithm.
178          * before to set, we verify if the algorithm is available with the current jvm.
179          * @param algorithm - digestAlgorithm
180          * @throws NoSuchAlgorithmException
181          */
182         public static void setDigestAlgorithm(String JavaDoc algorithm) throws NoSuchAlgorithmException JavaDoc {
183             if (NONE_ALGORITHM.equals(algorithm)){
184                 digestAlgorithm = algorithm;
185                 return;
186             }
187             Set JavaDoc algorithmsSet = Security.getAlgorithms("MessageDigest");
188             if(algorithmsSet.size()<1){
189                 throw new NoSuchAlgorithmException JavaDoc("no Message Digest algorithms implemented in this jvm ");
190             }
191             Iterator JavaDoc it = algorithmsSet.iterator();
192             boolean algorithmImplemented =false;
193             String JavaDoc algorithmTemp;
194
195             short count = 0;
196             while(it.hasNext()){
197                 count++;
198                 algorithmTemp = (String JavaDoc)it.next();
199                 if(algorithmTemp.equalsIgnoreCase(algorithm)){
200                     algorithmImplemented=true;
201                     break;
202                 }
203             }
204
205             if(algorithmImplemented==true){
206               digestAlgorithm = algorithm;
207             }else{
208                 throw new NoSuchAlgorithmException JavaDoc("Message Digest algorithm '"+algorithm+"' not implemented ");
209             }
210         }
211
212         /**
213          * define 'salt' for a better security.
214          * it protects against <a HREF="http://en.wikipedia.org/wiki/Rainbow_table">'rainbow tables'</a>.
215          *
216          * @param saltCandidate
217          * @return
218          */
219         public static boolean setSalt(char[] saltCandidate) {
220             if(salt!=null && saltCandidate!=null &&!saltCandidate.equals("")){
221                 return false;
222             }
223             CryptUtils.salt = saltCandidate;
224             return true;
225
226         }
227
228         public static char[] getSalt() {
229             return salt;
230         }
231
232    }
233
Popular Tags