KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > openharmonise > rm > security > authentication > CryptPasswordHelper


1 /*
2  * The contents of this file are subject to the
3  * Mozilla Public License Version 1.1 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at http://www.mozilla.org/MPL/
6  *
7  * Software distributed under the License is distributed on an "AS IS"
8  * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
9  * See the License for the specific language governing rights and
10  * limitations under the License.
11  *
12  * The Initial Developer of the Original Code is Simulacra Media Ltd.
13  * Portions created by Simulacra Media Ltd are Copyright (C) Simulacra Media Ltd, 2004.
14  *
15  * All Rights Reserved.
16  *
17  * Contributor(s):
18  *
19  * Created: 14-Dec-2004 by jejking
20  * Version: $Revision: 1.1 $
21  * Last Updated: $Date: 2004/12/15 15:31:16 $
22  */
23 package org.openharmonise.rm.security.authentication;
24
25 import java.security.*;
26 import java.util.logging.*;
27
28
29 /**
30  * @author John King
31  *
32  * TODO To change the template for this generated type comment go to
33  * Window - Preferences - Java - Code Style - Code Templates
34  */
35 public class CryptPasswordHelper implements PasswordHelper {
36     
37     private final String JavaDoc algorithm;
38     
39     private static final String JavaDoc hexits = "0123456789abcdef";
40     private static final Logger logger = Logger.getLogger(CryptPasswordHelper.class.getName());
41     
42     /**
43      * @throws IllegalArgumentException if unsupported algorithm passed in
44      * @param algorithm hashing algorithm to use, Must be MD5 or SHA-1
45      */
46     public CryptPasswordHelper(String JavaDoc algorithm) {
47         if (algorithm.equals("MD5") || algorithm.equals("SHA-1")) {
48             this.algorithm = algorithm;
49             logger.log(Level.FINE, "Set up cryptpassword handler to use algorithm " + algorithm);
50         }
51         else {
52             throw new IllegalArgumentException JavaDoc("Unsupported algorithm - only MD5 or SHA-1 supported");
53         }
54     }
55
56     /* (non-Javadoc)
57      * @see org.openharmonise.rm.security.authentication.PasswordHelper#compare(java.lang.String, java.lang.String, java.lang.String)
58      */
59     public boolean compare(String JavaDoc presentedPassword, String JavaDoc storedPassword, String JavaDoc salt) {
60
61         // need to see what the presented and the salt hash to
62 String JavaDoc hashedPassword = null;
63         try {
64             MessageDigest md = MessageDigest.getInstance(algorithm);
65             md.update(presentedPassword.getBytes());
66             md.update(salt.getBytes());
67             hashedPassword = toHex(md.digest());
68         }
69         catch (NoSuchAlgorithmException e) {
70             logger.log(Level.SEVERE, "no such algorithm exception", e);
71         }
72         
73         if (hashedPassword.equals(storedPassword)) {
74             return true;
75         }
76         else {
77             return false;
78         }
79     }
80
81     /**
82      * Generates a hash of the password for storage in the database.
83      *
84      * @see org.openharmonise.rm.security.authentication.PasswordHelper#getNewPassword(java.lang.String, java.lang.String)
85      */
86     public String JavaDoc getNewPassword(String JavaDoc newPassword, String JavaDoc salt) {
87         String JavaDoc hashedPassword = null;
88         try {
89             MessageDigest md = MessageDigest.getInstance(algorithm);
90             md.update(newPassword.getBytes());
91             md.update(salt.getBytes());
92             hashedPassword = toHex(md.digest());
93         }
94         catch (NoSuchAlgorithmException e) {
95             logger.log(Level.SEVERE, "no such algorithm exception", e);
96         }
97         return hashedPassword;
98     }
99     
100     
101
102     /**
103      * Convert byte array to hex character string
104      * @param block byte array to convert to hexString
105      * @return String representation of byte arrayf
106      */
107     private static String JavaDoc toHex(byte[] block) {
108         StringBuffer JavaDoc buf = new StringBuffer JavaDoc();
109         for (int i = 0; i < block.length; ++i) {
110             buf.append(hexits.charAt((block[i] >>> 4) & 0xf));
111             buf.append(hexits.charAt(block[i] & 0xf));
112         }
113         return buf + "";
114     }
115
116     /**
117      * Convert Hex String to byte array
118      * @param s string to convert
119      * @return byte array
120      */
121     private static byte[] fromHex(String JavaDoc s) {
122         s = s.toLowerCase();
123         byte[] b = new byte[(s.length() + 1) / 2];
124         int j = 0;
125         int h;
126         int nybble = -1;
127         for (int i = 0; i < s.length(); ++i) {
128             h = hexits.indexOf(s.charAt(i));
129             if (h >= 0) {
130                 if (nybble < 0) {
131                     nybble = h;
132                 } else {
133                     b[j++] = (byte) ((nybble << 4) + h);
134                     nybble = -1;
135                 }
136             }
137         }
138         if (nybble >= 0) {
139             b[j++] = (byte) (nybble << 4);
140         }
141         if (j < b.length) {
142             byte[] b2 = new byte[j];
143             System.arraycopy(b, 0, b2, 0, j);
144             b = b2;
145         }
146         return b;
147     }
148
149 }
150
Popular Tags