KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > alfresco > repo > security > authentication > MD4PasswordEncoderImpl


1 /*
2  * Copyright (C) 2005 Alfresco, Inc.
3  *
4  * Licensed under the Mozilla Public License version 1.1
5  * with a permitted attribution clause. You may obtain a
6  * copy of the License at
7  *
8  * http://www.alfresco.org/legal/license.txt
9  *
10  * Unless required by applicable law or agreed to in writing,
11  * software distributed under the License is distributed on an
12  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
13  * either express or implied. See the License for the specific
14  * language governing permissions and limitations under the
15  * License.
16  */
17 package org.alfresco.repo.security.authentication;
18
19 import java.io.UnsupportedEncodingException JavaDoc;
20 import java.security.MessageDigest JavaDoc;
21 import java.security.NoSuchAlgorithmException JavaDoc;
22 import java.security.Security JavaDoc;
23
24 import net.sf.acegisecurity.providers.encoding.BaseDigestPasswordEncoder;
25
26 import org.apache.commons.codec.DecoderException;
27 import org.apache.commons.codec.binary.Base64;
28 import org.apache.commons.codec.binary.Hex;
29
30 import cryptix.jce.provider.CryptixCrypto;
31
32 /**
33  * <p>
34  * MD4 implementation of PasswordEncoder.
35  * </p>
36  *
37  * <p>
38  * If a <code>null</code> password is presented, it will be treated as an
39  * empty <code>String</code> ("") password.
40  * </p>
41  *
42  * <P>
43  * As MD4 is a one-way hash, the salt can contain any characters.
44  * </p>
45  */
46 public class MD4PasswordEncoderImpl extends BaseDigestPasswordEncoder implements MD4PasswordEncoder
47 {
48
49     static
50     {
51         try
52         {
53             MessageDigest.getInstance("MD4");
54         }
55         catch (NoSuchAlgorithmException JavaDoc e)
56         {
57             Security.addProvider(new CryptixCrypto());
58         }
59     }
60
61     
62     public MD4PasswordEncoderImpl()
63     {
64         super();
65         // TODO Auto-generated constructor stub
66 }
67
68     // ~ Methods
69 // ================================================================
70
71     public boolean isPasswordValid(String JavaDoc encPass, String JavaDoc rawPass, Object JavaDoc salt)
72     {
73         String JavaDoc pass1 = "" + encPass;
74         String JavaDoc pass2 = encodeInternal(mergePasswordAndSalt(rawPass, salt, false));
75
76         return pass1.equals(pass2);
77     }
78
79     public String JavaDoc encodePassword(String JavaDoc rawPass, Object JavaDoc salt)
80     {
81         return encodeInternal(mergePasswordAndSalt(rawPass, salt, false));
82     }
83
84     private String JavaDoc encodeInternal(String JavaDoc input)
85     {
86         if (!getEncodeHashAsBase64())
87         {
88             return new String JavaDoc(Hex.encodeHex(md4(input)));
89         }
90
91         byte[] encoded = Base64.encodeBase64(md4(input));
92
93         try
94         {
95             return new String JavaDoc(encoded, "UTF8");
96         }
97         catch (UnsupportedEncodingException JavaDoc e)
98         {
99             throw new RuntimeException JavaDoc("UTF8 not supported!", e);
100         }
101     }
102
103     private byte[] md4(String JavaDoc input)
104     {
105         try
106         {
107             MessageDigest JavaDoc digester = MessageDigest.getInstance("MD4");
108             return digester.digest(input.getBytes("UnicodeLittleUnmarked"));
109         }
110         catch (NoSuchAlgorithmException JavaDoc e)
111         {
112             throw new RuntimeException JavaDoc(e.getMessage(), e);
113         }
114         catch (UnsupportedEncodingException JavaDoc e)
115         {
116             throw new RuntimeException JavaDoc(e.getMessage(), e);
117         }
118     }
119
120     public byte[] decodeHash(String JavaDoc encodedHash)
121     {
122         if (!getEncodeHashAsBase64())
123         {
124             try
125             {
126                 return Hex.decodeHex(encodedHash.toCharArray());
127             }
128             catch (DecoderException e)
129             {
130                throw new RuntimeException JavaDoc("Unable to decode password hash");
131             }
132         }
133         else
134         {
135             return Base64.decodeBase64(encodedHash.getBytes());
136         }
137     }
138
139 }
140
Popular Tags