1 31 32 package org.opencms.security; 33 34 import org.opencms.configuration.CmsConfigurationException; 35 import org.opencms.i18n.CmsEncoder; 36 import org.opencms.i18n.CmsMessageContainer; 37 import org.opencms.main.CmsLog; 38 39 import java.io.UnsupportedEncodingException ; 40 import java.security.MessageDigest ; 41 import java.security.NoSuchAlgorithmException ; 42 import java.security.SecureRandom ; 43 import java.util.Collections ; 44 import java.util.Map ; 45 import java.util.SortedMap ; 46 import java.util.TreeMap ; 47 48 import org.apache.commons.codec.binary.Base64; 49 import org.apache.commons.logging.Log; 50 51 62 public class CmsDefaultPasswordHandler implements I_CmsPasswordHandler { 63 64 65 public static final int PASSWORD_MIN_LENGTH = 4; 66 67 68 private static final Log LOG = CmsLog.getLog(CmsDefaultPasswordHandler.class); 69 70 71 private static SecureRandom m_secureRandom; 72 73 74 private SortedMap m_configuration; 75 76 77 private String m_digestType = DIGEST_TYPE_MD5; 78 79 80 private String m_inputEncoding = CmsEncoder.ENCODING_UTF_8; 81 82 85 public CmsDefaultPasswordHandler() { 86 87 m_configuration = new TreeMap (); 88 } 89 90 93 public void addConfigurationParameter(String paramName, String paramValue) { 94 95 m_configuration.put(paramName, paramValue); 96 } 97 98 101 public String digest(String password) throws CmsPasswordEncryptionException { 102 103 return digest(password, m_digestType, m_inputEncoding); 104 } 105 106 109 public String digest(String password, String digestType, String inputEncoding) 110 throws CmsPasswordEncryptionException { 111 112 MessageDigest md; 113 String result; 114 115 try { 116 if (DIGEST_TYPE_PLAIN.equals(digestType.toLowerCase())) { 117 118 result = password; 119 120 } else if (DIGEST_TYPE_SSHA.equals(digestType.toLowerCase())) { 121 122 byte[] salt = new byte[4]; 123 byte[] digest; 124 byte[] total; 125 126 if (m_secureRandom == null) { 127 m_secureRandom = SecureRandom.getInstance("SHA1PRNG"); 128 } 129 m_secureRandom.nextBytes(salt); 130 131 md = MessageDigest.getInstance(DIGEST_TYPE_SHA); 132 md.reset(); 133 md.update(password.getBytes(inputEncoding)); 134 md.update(salt); 135 136 digest = md.digest(); 137 total = new byte[digest.length + salt.length]; 138 System.arraycopy(digest, 0, total, 0, digest.length); 139 System.arraycopy(salt, 0, total, digest.length, salt.length); 140 141 result = new String (Base64.encodeBase64(total)); 142 143 } else { 144 145 md = MessageDigest.getInstance(digestType); 146 md.reset(); 147 md.update(password.getBytes(inputEncoding)); 148 result = new String (Base64.encodeBase64(md.digest())); 149 150 } 151 } catch (NoSuchAlgorithmException e) { 152 CmsMessageContainer message = Messages.get().container(Messages.ERR_UNSUPPORTED_ALGORITHM_1, digestType); 153 if (LOG.isErrorEnabled()) { 154 LOG.error(message.key(), e); 155 } 156 throw new CmsPasswordEncryptionException(message, e); 157 } catch (UnsupportedEncodingException e) { 158 CmsMessageContainer message = Messages.get().container( 159 Messages.ERR_UNSUPPORTED_PASSWORD_ENCODING_1, 160 inputEncoding); 161 if (LOG.isErrorEnabled()) { 162 LOG.error(message.key(), e); 163 } 164 throw new CmsPasswordEncryptionException(message, e); 165 } 166 167 return result; 168 } 169 170 173 public Map getConfiguration() { 174 175 return m_configuration; 176 } 177 178 183 public String getDigestType() { 184 185 return m_digestType; 186 } 187 188 193 public String getInputEncoding() { 194 195 return m_inputEncoding; 196 } 197 198 201 public void initConfiguration() throws CmsConfigurationException { 202 203 if (LOG.isDebugEnabled()) { 205 CmsMessageContainer message = Messages.get().container(Messages.LOG_INIT_CONFIG_CALLED_1, this); 206 LOG.debug(message.key()); 207 LOG.debug(Messages.get().getBundle().key(Messages.LOG_INIT_CONFIG_CALLED_1, this)); 208 if (this == null) { 210 throw new CmsConfigurationException(message); 211 } 212 } 213 m_configuration = Collections.unmodifiableSortedMap(m_configuration); 214 } 215 216 221 public void setDigestType(String digestType) { 222 223 m_digestType = digestType; 224 } 225 226 231 public void setInputEncoding(String inputEncoding) { 232 233 m_inputEncoding = inputEncoding; 234 } 235 236 239 public void validatePassword(String password) throws CmsSecurityException { 240 241 if (password == null || password.length() < PASSWORD_MIN_LENGTH) { 242 throw new CmsSecurityException(Messages.get().container( 243 Messages.ERR_PASSWORD_TOO_SHORT_1, 244 new Integer (PASSWORD_MIN_LENGTH))); 245 } 246 } 247 } | Popular Tags |