You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by do...@apache.org on 2010/06/01 23:59:45 UTC
svn commit: r950275 -
/ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java
Author: doogie
Date: Tue Jun 1 21:59:45 2010
New Revision: 950275
URL: http://svn.apache.org/viewvc?rev=950275&view=rev
Log:
Revert wrongly committed 950260
Modified:
ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java
Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java?rev=950275&r1=950274&r2=950275&view=diff
==============================================================================
--- ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java (original)
+++ ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java Tue Jun 1 21:59:45 2010
@@ -18,15 +18,9 @@
*******************************************************************************/
package org.ofbiz.base.crypto;
-import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.util.Random;
-import org.apache.commons.codec.EncoderException;
-import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
-import org.apache.commons.lang.RandomStringUtils;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.GeneralRuntimeException;
import org.ofbiz.base.util.StringUtil;
@@ -39,66 +33,6 @@ import org.ofbiz.base.util.UtilValidate;
public class HashCrypt {
public static final String module = HashCrypt.class.getName();
- public static final String CRYPT_CHAR_SET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
-
- public static boolean comparePassword(String crypted, String defaultCrypt, String password) {
- try {
- if (crypted.startsWith("{")) {
- int typeEnd = crypted.indexOf("}");
- String hashType = crypted.substring(1, typeEnd);
- String hashed = crypted.substring(typeEnd + 1);
- MessageDigest messagedigest = MessageDigest.getInstance(hashType);
- // FIXME: should have been getBytes("UTF-8") originally
- messagedigest.update(password.getBytes());
- char[] digestChars = Hex.encodeHex(messagedigest.digest());
- return hashed.equals(new String(digestChars));
- } else if (crypted.startsWith("$")) {
- int typeEnd = crypted.indexOf("$", 1);
- int saltEnd = crypted.indexOf("$", typeEnd + 1);
- String hashType = crypted.substring(1, typeEnd);
- String salt = crypted.substring(typeEnd + 1, saltEnd);
- String hashed = crypted.substring(saltEnd + 1);
- MessageDigest messagedigest = MessageDigest.getInstance(hashType);
- messagedigest.update(salt.getBytes("UTF-8"));
- messagedigest.update(password.getBytes("UTF-8"));
- return hashed.equals(Base64.encodeBase64String(messagedigest.digest()).replace('+', '.'));
- } else {
- String hashType = defaultCrypt;
- String hashed = crypted;
- MessageDigest messagedigest = MessageDigest.getInstance(hashType);
- // FIXME: should have been getBytes("UTF-8") originally
- messagedigest.update(password.getBytes());
- char[] digestChars = Hex.encodeHex(messagedigest.digest());
- return hashed.equals(new String(digestChars));
- }
- } catch (NoSuchAlgorithmException e) {
- throw new GeneralRuntimeException("Error while comparing password", e);
- } catch (UnsupportedEncodingException e) {
- throw new GeneralRuntimeException("Error while comparing password", e);
- }
- }
-
- public static String cryptPassword(String hashType, String password) {
- Random random = new Random();
- int saltLength = 8;//random.nextInt(15) + 1;
- return cryptPassword(hashType, RandomStringUtils.random(saltLength, CRYPT_CHAR_SET), password);
- }
-
- public static String cryptPassword(String hashType, String salt, String password) {
- try {
- MessageDigest messagedigest = MessageDigest.getInstance(hashType);
- messagedigest.update(salt.getBytes("UTF-8"));
- messagedigest.update(password.getBytes("UTF-8"));
- StringBuilder sb = new StringBuilder();
- sb.append("$").append(hashType).append("$").append(salt).append("$");
- sb.append(Base64.encodeBase64URLSafeString(messagedigest.digest()).replace('+', '.'));
- return sb.toString();
- } catch (NoSuchAlgorithmException e) {
- throw new GeneralRuntimeException("Error while comparing password", e);
- } catch (UnsupportedEncodingException e) {
- throw new GeneralRuntimeException("Error while comparing password", e);
- }
- }
public static String getDigestHash(String str) {
return getDigestHash(str, "SHA");