You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2019/12/20 18:00:54 UTC
[openmeetings] branch master updated: [OPENMEETINGS-2157] MD5 is
dropped
This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push:
new 350dd4b [OPENMEETINGS-2157] MD5 is dropped
350dd4b is described below
commit 350dd4b8e3c81ae2dadba3a1722aa46076648045
Author: Maxim Solodovnik <so...@gmail.com>
AuthorDate: Sat Dec 21 01:00:39 2019 +0700
[OPENMEETINGS-2157] MD5 is dropped
---
.../org/apache/openmeetings/util/crypt/MD5.java | 37 -----------------
.../openmeetings/util/crypt/MD5Implementation.java | 48 ----------------------
.../util/crypt/SCryptImplementation.java | 3 --
3 files changed, 88 deletions(-)
diff --git a/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/MD5.java b/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/MD5.java
deleted file mode 100644
index 3a96380..0000000
--- a/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/MD5.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License") + you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.openmeetings.util.crypt;
-
-import static java.nio.charset.StandardCharsets.UTF_8;
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
-import org.apache.commons.codec.binary.Hex;
-
-public class MD5 {
- private MD5() {}
-
- public static String checksum(String data) throws NoSuchAlgorithmException {
- MessageDigest md5 = MessageDigest.getInstance("MD5");
- byte[] b = data == null ? new byte[0] : data.getBytes(UTF_8);
- md5.update(b, 0, b.length);
- return Hex.encodeHexString(md5.digest());
- }
-}
diff --git a/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/MD5Implementation.java b/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/MD5Implementation.java
deleted file mode 100644
index b98c2ca..0000000
--- a/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/MD5Implementation.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License") + you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.openmeetings.util.crypt;
-
-import java.security.NoSuchAlgorithmException;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Package private SHA256 implementation to be able to authenticate against
- * passwords created using OM earlier than 3.1.0
- */
-class MD5Implementation {
- private static final Logger log = LoggerFactory.getLogger(MD5Implementation.class);
-
- private MD5Implementation() {}
-
- private static String hash(String str) {
- String passPhrase = null;
- try {
- passPhrase = MD5.checksum(str);
- } catch (NoSuchAlgorithmException e) {
- log.error("Error", e);
- }
- return passPhrase;
- }
-
- static boolean verify(String str, String hash) {
- return hash != null && hash.equals(hash(str));
- }
-}
diff --git a/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/SCryptImplementation.java b/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/SCryptImplementation.java
index b0465a6..960cdf5 100644
--- a/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/SCryptImplementation.java
+++ b/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/SCryptImplementation.java
@@ -96,9 +96,6 @@ public class SCryptImplementation implements ICrypt {
if (SHA256Implementation.verify(str, hash)) {
return true;
}
- if (MD5Implementation.verify(str, hash)) {
- return true;
- }
return false;
}