1 17 package org.alfresco.repo.security.authentication; 18 19 import java.io.UnsupportedEncodingException ; 20 import java.security.MessageDigest ; 21 import java.security.NoSuchAlgorithmException ; 22 import java.security.Security ; 23 24 import net.sf.acegisecurity.providers.encoding.BaseDigestPasswordEncoder; 25 26 import org.apache.commons.codec.DecoderException; 27 import org.apache.commons.codec.binary.Base64; 28 import org.apache.commons.codec.binary.Hex; 29 30 import cryptix.jce.provider.CryptixCrypto; 31 32 46 public class MD4PasswordEncoderImpl extends BaseDigestPasswordEncoder implements MD4PasswordEncoder 47 { 48 49 static 50 { 51 try 52 { 53 MessageDigest.getInstance("MD4"); 54 } 55 catch (NoSuchAlgorithmException e) 56 { 57 Security.addProvider(new CryptixCrypto()); 58 } 59 } 60 61 62 public MD4PasswordEncoderImpl() 63 { 64 super(); 65 } 67 68 71 public boolean isPasswordValid(String encPass, String rawPass, Object salt) 72 { 73 String pass1 = "" + encPass; 74 String pass2 = encodeInternal(mergePasswordAndSalt(rawPass, salt, false)); 75 76 return pass1.equals(pass2); 77 } 78 79 public String encodePassword(String rawPass, Object salt) 80 { 81 return encodeInternal(mergePasswordAndSalt(rawPass, salt, false)); 82 } 83 84 private String encodeInternal(String input) 85 { 86 if (!getEncodeHashAsBase64()) 87 { 88 return new String (Hex.encodeHex(md4(input))); 89 } 90 91 byte[] encoded = Base64.encodeBase64(md4(input)); 92 93 try 94 { 95 return new String (encoded, "UTF8"); 96 } 97 catch (UnsupportedEncodingException e) 98 { 99 throw new RuntimeException ("UTF8 not supported!", e); 100 } 101 } 102 103 private byte[] md4(String input) 104 { 105 try 106 { 107 MessageDigest digester = MessageDigest.getInstance("MD4"); 108 return digester.digest(input.getBytes("UnicodeLittleUnmarked")); 109 } 110 catch (NoSuchAlgorithmException e) 111 { 112 throw new RuntimeException (e.getMessage(), e); 113 } 114 catch (UnsupportedEncodingException e) 115 { 116 throw new RuntimeException (e.getMessage(), e); 117 } 118 } 119 120 public byte[] decodeHash(String encodedHash) 121 { 122 if (!getEncodeHashAsBase64()) 123 { 124 try 125 { 126 return Hex.decodeHex(encodedHash.toCharArray()); 127 } 128 catch (DecoderException e) 129 { 130 throw new RuntimeException ("Unable to decode password hash"); 131 } 132 } 133 else 134 { 135 return Base64.decodeBase64(encodedHash.getBytes()); 136 } 137 } 138 139 } 140 | Popular Tags |