You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by ep...@apache.org on 2003/11/18 12:44:28 UTC
cvs commit: jakarta-turbine-fulcrum/crypto/impl .cvsignore maven.xml project.xml
epugh 2003/11/18 03:44:28
Added: crypto/impl/src/java/org/apache/fulcrum/crypto/provider
UnixCrypt.java OldJavaCrypt.java package.html
ClearCrypt.java JavaCrypt.java
crypto/impl/src/test/org/apache/fulcrum/crypto
CryptoServiceTest.java
crypto/impl/conf block.xml config.xml
crypto/impl/src/java/org/apache/fulcrum/crypto
DefaultCryptoService.xconfig
DefaultCryptoService.java package.html
crypto/api/src/java/org/apache/fulcrum/crypto
CryptoService.java CryptoAlgorithm.java
package.html
crypto/api .cvsignore project.xml
crypto/impl .cvsignore maven.xml project.xml
Log:
Add code
Revision Changes Path
1.1 jakarta-turbine-fulcrum/crypto/impl/src/java/org/apache/fulcrum/crypto/provider/UnixCrypt.java
Index: UnixCrypt.java
===================================================================
package org.apache.fulcrum.crypto.provider;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.fulcrum.crypto.CryptoAlgorithm;
/**
* Implements Standard Unix crypt(3) for use with the Crypto Service.
*
* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
* @version $Id: UnixCrypt.java,v 1.1 2003/11/18 11:44:27 epugh Exp $
*/
public class UnixCrypt
implements CryptoAlgorithm
{
/** The seed to use */
private String seed = null;
/** standard Unix crypt chars (64) */
private static final char[] SALT_CHARS =
(("abcdefghijklmnopqrstuvwxyz" +
"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./").toCharArray());
/**
* C'tor
*
*/
public UnixCrypt()
{
}
/**
* This class never uses anything but
* UnixCrypt, so it is just a dummy
* (Fixme: Should we throw an exception if
* something is requested that we don't support?
*
* @param cipher Cipher (ignored)
*/
public void setCipher(String cipher)
{
/* dummy */
}
/**
* Setting the seed for the UnixCrypt
* algorithm. If a null value is supplied,
* or no seed is set, then a random seed is used.
*
* @param seed The seed value to use.
*/
public void setSeed(String seed)
{
this.seed = seed;
}
/**
* encrypt the supplied string with the requested cipher
*
* @param value The value to be encrypted
*
* @return The encrypted value
*
* @throws Exception An Exception of the underlying implementation.
*/
public String encrypt(String value)
throws Exception
{
if (seed == null)
{
java.util.Random randomGenerator = new java.util.Random();
int numSaltChars = SALT_CHARS.length;
seed = (new StringBuffer())
.append(SALT_CHARS[Math.abs(randomGenerator.nextInt())
% numSaltChars])
.append(SALT_CHARS[Math.abs(randomGenerator.nextInt())
% numSaltChars])
.toString();
}
/* UnixCrypt seems to be a really widespread name... */
return new cryptix.tools.UnixCrypt(seed).crypt(value);
}
}
1.1 jakarta-turbine-fulcrum/crypto/impl/src/java/org/apache/fulcrum/crypto/provider/OldJavaCrypt.java
Index: OldJavaCrypt.java
===================================================================
package org.apache.fulcrum.crypto.provider;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import javax.mail.internet.MimeUtility;
import java.security.MessageDigest;
import java.io.OutputStream;
import java.io.ByteArrayOutputStream;
import org.apache.fulcrum.crypto.CryptoAlgorithm;
/**
* This is the Message Digest Implementation of Turbine 2.1. It does
* not pad the Base64 encryption of the Message Digests correctly but
* truncates after 20 chars. This leads to interoperability problems
* if you want to use e.g. database columns between two languages.
*
* If you upgrade an application from Turbine 2.1 and have already used
* the Security Service with encrypted passwords and no way to rebuild
* your databases, use this provider. It is bug-compatible.
*
* DO NOT USE THIS PROVIDER FOR ANY NEW APPLICATION!
*
* Nevertheless it can be used as the default crypto algorithm .
*
* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
* @version $Id: OldJavaCrypt.java,v 1.1 2003/11/18 11:44:27 epugh Exp $
*/
public class OldJavaCrypt
implements CryptoAlgorithm
{
/** The default cipher */
public static final String DEFAULT_CIPHER = "SHA";
/** The cipher to use for encryption */
private String cipher = null;
/**
* C'tor
*
*/
public OldJavaCrypt()
{
this.cipher = DEFAULT_CIPHER;
}
/**
* Setting the actual cipher requested. If not
* called, then the default cipher (SHA) is used.
*
* This will never throw an error even if there is no
* provider for this cipher. The error will be thrown
* by encrypt() (Fixme?)
*
* @param cipher The cipher to use.
*
*/
public void setCipher(String cipher)
{
this.cipher = cipher;
}
/**
* This class never uses a seed, so this is
* just a dummy.
*
* @param seed Seed (ignored)
*
*/
public void setSeed(String seed)
{
/* dummy */
}
/**
* encrypt the supplied string with the requested cipher
*
* @param value The value to be encrypted
*
* @return The encrypted value
*
* @throws Exception An Exception of the underlying implementation.
*/
public String encrypt(String value)
throws Exception
{
MessageDigest md = MessageDigest.getInstance(cipher);
// We need to use unicode here, to be independent of platform's
// default encoding. Thanks to SGawin for spotting this.
byte[] digest = md.digest(value.getBytes("UTF-8"));
ByteArrayOutputStream bas =
new ByteArrayOutputStream(digest.length + digest.length / 3 + 1);
OutputStream encodedStream = MimeUtility.encode(bas, "base64");
encodedStream.write(digest);
return bas.toString();
}
}
1.1 jakarta-turbine-fulcrum/crypto/impl/src/java/org/apache/fulcrum/crypto/provider/package.html
Index: package.html
===================================================================
<html>
<head>
<!-- head part is ignored -->
</head>
<body>
Algorithm providers for the Crypto Service.
<br>
<font size="-2">$Id: package.html,v 1.1 2003/11/18 11:44:27 epugh Exp $</font>
</body>
</html>
1.1 jakarta-turbine-fulcrum/crypto/impl/src/java/org/apache/fulcrum/crypto/provider/ClearCrypt.java
Index: ClearCrypt.java
===================================================================
package org.apache.fulcrum.crypto.provider;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.fulcrum.crypto.CryptoAlgorithm;
/**
* This is a dummy for "cleartext" encryption. It goes through
* the notions of the CryptoAlgorithm interface but actually does
* nothing. It can be used as a replacement for the "encrypt = no"
* setting in TurbineResources.
*
* Can be used as the default crypto algorithm
*
* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
* @version $Id: ClearCrypt.java,v 1.1 2003/11/18 11:44:27 epugh Exp $
*/
public class ClearCrypt
implements CryptoAlgorithm
{
/**
* C'tor
*
*/
public ClearCrypt()
{
}
/**
* This class never uses an algorithm, so this is
* just a dummy.
*
* @param cipher Cipher (ignored)
*/
public void setCipher(String cipher)
{
/* dummy */
}
/**
* This class never uses a seed, so this is
* just a dummy.
*
* @param seed Seed (ignored)
*/
public void setSeed(String seed)
{
/* dummy */
}
/**
* encrypt the supplied string with the requested cipher
*
* @param value The value to be encrypted
*
* @return The encrypted value
*
* @throws Exception An Exception of the underlying implementation.
*
*/
public String encrypt(String value)
throws Exception
{
/*
* Ultra-clever implementation. ;-)
*/
return value;
}
}
1.1 jakarta-turbine-fulcrum/crypto/impl/src/java/org/apache/fulcrum/crypto/provider/JavaCrypt.java
Index: JavaCrypt.java
===================================================================
package org.apache.fulcrum.crypto.provider;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import java.security.MessageDigest;
import org.apache.commons.codec.base64.Base64;
import org.apache.fulcrum.crypto.CryptoAlgorithm;
/**
* Implements the normal java.security.MessageDigest stream cipers.
* Base64 strings returned by this provider are correctly padded to
* multiples of four bytes. If you run into interoperability problems
* with other languages, especially perl and the Digest::MD5 module,
* note that the md5_base64 function from this package incorrectly drops
* the pad bytes. Use the MIME::Base64 package instead.
*
* If you upgrade from Turbine 2.1 and suddently your old stored passwords
* no longer work, please take a look at the OldJavaCrypt provider for
* bug-to-bug compatibility.
*
* This provider can be used as the default crypto algorithm provider.
*
* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
* @version $Id: JavaCrypt.java,v 1.1 2003/11/18 11:44:27 epugh Exp $
*/
public class JavaCrypt
implements CryptoAlgorithm
{
/** The default cipher */
public static final String DEFAULT_CIPHER = "SHA";
/** The cipher to use for encryption */
private String cipher = null;
/**
* C'tor
*
*/
public JavaCrypt()
{
this.cipher = DEFAULT_CIPHER;
}
/**
* Setting the actual cipher requested. If not
* called, then the default cipher (SHA) is used.
*
* This will never throw an error even if there is no
* provider for this cipher. The error will be thrown
* by encrypt() (Fixme?)
*
* @param cipher The cipher to use.
*
*/
public void setCipher(String cipher)
{
this.cipher = cipher;
}
/**
* This class never uses a seed, so this is
* just a dummy.
*
* @param seed Seed (ignored)
*
*/
public void setSeed(String seed)
{
/* dummy */
}
/**
* encrypt the supplied string with the requested cipher
*
* @param value The value to be encrypted
*
* @return The encrypted value
*
* @throws Exception An Exception of the underlying implementation.
*/
public String encrypt(String value)
throws Exception
{
MessageDigest md = MessageDigest.getInstance(cipher);
// We need to use unicode here, to be independent of platform's
// default encoding. Thanks to SGawin for spotting this.
byte[] digest = md.digest(value.getBytes("UTF-8"));
// Base64-encode the digest.
byte[] encodedDigest = Base64.encode(digest);
return (encodedDigest == null ? null :
new String(encodedDigest));
}
}
1.1 jakarta-turbine-fulcrum/crypto/impl/src/test/org/apache/fulcrum/crypto/CryptoServiceTest.java
Index: CryptoServiceTest.java
===================================================================
package org.apache.fulcrum.crypto;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.avalon.merlin.unit.AbstractMerlinTestCase;
import org.apache.avalon.merlin.unit.UnitHelper;
import junit.framework.TestSuite;
/**
* Basic testing of the Container
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @author <a href="mailto:mcconnell@apache.org">Stephen McConnell</a>
* @version $Id: CryptoServiceTest.java,v 1.1 2003/11/18 11:44:27 epugh Exp $
*/
public class CryptoServiceTest extends AbstractMerlinTestCase
{
private CryptoService sc = null;
private static final String preDefinedInput = "Oeltanks";
/**
* Constructor for test.
*
* @param testName name of the test being executed
*/
public CryptoServiceTest(String testName)
{
super(testName);
}
/**
* Factory method for creating a TestSuite for this class.
*
* @return the test suite
*/
public static TestSuite suite()
{
TestSuite suite = new TestSuite(CryptoServiceTest.class);
return suite;
}
public void setUp() throws Exception
{
super.setUp();
try
{
sc = (CryptoService) this.resolve( "crypto" );
}
catch ( Exception e)
{
final String error =
UnitHelper.packException( e.getMessage(), e, true );
getLogger().error( error );
fail( error );
}
}
public void testUnixCrypt()
{
String preDefinedSeed = "z5";
String preDefinedResult = "z5EQaXpuu059c";
try
{
CryptoAlgorithm ca = sc.getCryptoAlgorithm("unix");
/*
* Test predefined Seed
*/
ca.setSeed(preDefinedSeed);
String output = ca.encrypt(preDefinedInput);
assertEquals("Encryption failed ", preDefinedResult, output);
/*
* Test random Seed
*
*/
ca.setSeed(null);
String result = ca.encrypt(preDefinedInput);
ca.setSeed(result);
output = ca.encrypt(preDefinedInput);
assertEquals("Encryption failed ", output, result);
getLogger().info( "ok" );
}
catch (Exception e)
{
final String error =
UnitHelper.packException( e.getMessage(), e, true );
getLogger().error( error );
fail();
}
}
public void testClearCrypt()
{
String preDefinedResult = "Oeltanks";
try
{
CryptoAlgorithm ca = sc.getCryptoAlgorithm("clear");
String output = ca.encrypt(preDefinedInput);
assertEquals("Encryption failed ", preDefinedResult, output);
getLogger().info( "ok" );
}
catch (Exception e)
{
final String error =
UnitHelper.packException( e.getMessage(), e, true );
getLogger().error( error );
fail();
}
}
public void testOldJavaCryptMd5()
{
String preDefinedResult = "XSop0mncK19Ii2r2CUe2";
try
{
CryptoAlgorithm ca = sc.getCryptoAlgorithm("oldjava");
ca.setCipher("MD5");
String output = ca.encrypt(preDefinedInput);
assertEquals("MD5 Encryption failed ", preDefinedResult, output);
getLogger().info( "ok" );
}
catch (Exception e)
{
final String error =
UnitHelper.packException( e.getMessage(), e, true );
getLogger().error( error );
fail();
}
}
public void testOldJavaCryptSha1()
{
String preDefinedResult = "uVDiJHaavRYX8oWt5ctkaa7j";
try
{
CryptoAlgorithm ca = sc.getCryptoAlgorithm("oldjava");
ca.setCipher("SHA1");
String output = ca.encrypt(preDefinedInput);
assertEquals("SHA1 Encryption failed ", preDefinedResult, output);
getLogger().info( "ok" );
}
catch (Exception e)
{
final String error =
UnitHelper.packException( e.getMessage(), e, true );
getLogger().error( error );
fail();
}
}
public void testJavaCryptMd5()
{
String preDefinedResult = "XSop0mncK19Ii2r2CUe29w==";
try
{
CryptoAlgorithm ca = sc.getCryptoAlgorithm("java");
ca.setCipher("MD5");
String output = ca.encrypt(preDefinedInput);
assertEquals("MD5 Encryption failed ", preDefinedResult, output);
getLogger().info( "ok" );
}
catch (Exception e)
{
final String error =
UnitHelper.packException( e.getMessage(), e, true );
getLogger().error( error );
fail();
}
}
public void testJavaCryptSha1()
{
String preDefinedResult = "uVDiJHaavRYX8oWt5ctkaa7j1cw=";
try
{
CryptoAlgorithm ca = sc.getCryptoAlgorithm("java");
ca.setCipher("SHA1");
String output = ca.encrypt(preDefinedInput);
assertEquals("SHA1 Encryption failed ", preDefinedResult, output);
getLogger().info( "ok" );
}
catch (Exception e)
{
final String error =
UnitHelper.packException( e.getMessage(), e, true );
getLogger().error( error );
fail();
}
}
}
1.1 jakarta-turbine-fulcrum/crypto/impl/conf/block.xml
Index: block.xml
===================================================================
<container name="crypto">
<classloader>
<classpath>
<repository>
<resource id="fulcrum:fulcrum-crypto-api" version="1.0-alpha-4"/>
</repository>
</classpath>
</classloader>
<services>
<service type="org.apache.fulcrum.crypto.CryptoService">
<source>crypto</source>
</service>
</services>
<component name="crypto" class="org.apache.fulcrum.crypto.DefaultCryptoService"/>
</container>
1.1 jakarta-turbine-fulcrum/crypto/impl/conf/config.xml
Index: config.xml
===================================================================
<targets>
<target path="/crypto/crypto">
<categories priority="DEBUG"/>
</target>
</targets>
1.1 jakarta-turbine-fulcrum/crypto/impl/src/java/org/apache/fulcrum/crypto/DefaultCryptoService.xconfig
Index: DefaultCryptoService.xconfig
===================================================================
<?xml version="1.0" encoding="ISO-8859-1"?>
<configuration>
<algorithm>
<unix>org.apache.fulcrum.crypto.provider.UnixCrypt</unix>
<clear>org.apache.fulcrum.crypto.provider.ClearCrypt</clear>
<java>org.apache.fulcrum.crypto.provider.JavaCrypt</java>
<oldjava>org.apache.fulcrum.crypto.provider.OldJavaCrypt</oldjava>
</algorithm>
</configuration>
1.1 jakarta-turbine-fulcrum/crypto/impl/src/java/org/apache/fulcrum/crypto/DefaultCryptoService.java
Index: DefaultCryptoService.java
===================================================================
package org.apache.fulcrum.crypto;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import java.security.NoSuchAlgorithmException;
import java.util.Hashtable;
import org.apache.avalon.framework.activity.Initializable;
import org.apache.avalon.framework.activity.Startable;
import org.apache.avalon.framework.component.Component;
import org.apache.avalon.framework.configuration.Configurable;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.logger.AbstractLogEnabled;
import org.apache.avalon.framework.thread.ThreadSafe;
/**
* An implementation of CryptoService that uses either supplied crypto
* Algorithms (provided in the component config xml file) or tries to get them via
* the normal java mechanisms if this fails.
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
* @version $Id: DefaultCryptoService.java,v 1.1 2003/11/18 11:44:27 epugh Exp $
*
* @avalon.component name="crypto" lifestyle="singleton"
* @avalon.service type="org.apache.fulcrum.crypto.CryptoService"
*/
public class DefaultCryptoService
extends AbstractLogEnabled
implements CryptoService, Configurable, Initializable, ThreadSafe
{
//
// SJM: removed Component and Contextualizable, Startable
//
/** Key Prefix for our algorithms */
private static final String ALGORITHM = "algorithm";
/** Default Key */
private static final String DEFAULT_KEY = "default";
/** Default Encryption Class */
private static final String DEFAULT_CLASS =
"org.apache.fulcrum.crypto.provider.JavaCrypt";
private boolean disposed = false;
/** Names of the registered algorithms and the wanted classes */
private Hashtable algos = null;
/**
* Returns a CryptoAlgorithm Object which represents the requested
* crypto algorithm.
*
* @param algo Name of the requested algorithm
*
* @return An Object representing the algorithm
*
* @throws NoSuchAlgorithmException Requested algorithm is not available
*
*/
public CryptoAlgorithm getCryptoAlgorithm( String algo )
throws NoSuchAlgorithmException
{
String cryptoClass = (String) algos.get(algo);
CryptoAlgorithm ca = null;
if (cryptoClass == null)
{
cryptoClass = (String) algos.get(DEFAULT_KEY);
}
if (cryptoClass == null || cryptoClass.equalsIgnoreCase("none"))
{
throw new NoSuchAlgorithmException(
"TurbineCryptoService: No Algorithm for " + algo + " found");
}
try
{
//@todo should be created via factory service.
//Just trying to get something to work.
//ca = (CryptoAlgorithm) factoryService.getInstance(cryptoClass);
ca = (CryptoAlgorithm) Class.forName(cryptoClass).newInstance();
}
catch (Exception e)
{
throw new NoSuchAlgorithmException(
"TurbineCryptoService: Error instantiating "
+ cryptoClass + " for " + algo);
}
ca.setCipher(algo);
return ca;
}
// ---------------- Avalon Lifecycle Methods ---------------------
/**
* Avalon component lifecycle method
*/
public void configure(Configuration conf) throws ConfigurationException
{
this.algos = new Hashtable();
// Set up default (Can be overridden by default key
// from the properties
algos.put(DEFAULT_KEY, DEFAULT_CLASS);
final Configuration algorithms = conf.getChild(ALGORITHM, false);
if (algorithms != null)
{
Configuration[] nameVal = algorithms.getChildren();
for (int i = 0; i < nameVal.length; i++)
{
String key = nameVal[i].getName();
String val = nameVal[i].getValue();
// getLogger.debug("Registered " + val
// + " for Crypto Algorithm " + key);
algos.put(key, val);
}
}
}
/**
* @see org.apache.avalon.framework.activity.Initializable#initialize()
*/
public void initialize()
throws Exception
{
getLogger().debug("initialize()");
}
/**
* Avalon component lifecycle method
*/
public void dispose()
{
disposed = true;
}
}
1.1 jakarta-turbine-fulcrum/crypto/impl/src/java/org/apache/fulcrum/crypto/package.html
Index: package.html
===================================================================
<html>
<head>
<!-- head part is ignored -->
</head>
<body>
Contains the Crypto Service providing you with a variety of Crypto algorithms.
<br>
<font size="-2">$Id: package.html,v 1.1 2003/11/18 11:44:27 epugh Exp $</font>
</body>
</html>
1.1 jakarta-turbine-fulcrum/crypto/api/src/java/org/apache/fulcrum/crypto/CryptoService.java
Index: CryptoService.java
===================================================================
package org.apache.fulcrum.crypto;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import java.security.NoSuchAlgorithmException;
/**
* An implementation of CryptoService that uses either supplied crypto
* Algorithms (provided in Fulcrum.properties) or tries to get them via
* the normal java mechanisms if this fails.
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @author <a href="mailto:mcconnell@apache.org">Stephen McConnell</a>
*/
public interface CryptoService
{
/** Avalon role - used to id the component within the manager */
String ROLE = CryptoService.class.getName();
/**
* Returns a CryptoAlgorithm Object which represents the requested
* crypto algorithm.
*
* @param algo Name of the requested algorithm
*
* @return An Object representing the algorithm
*
* @throws NoSuchAlgorithmException Requested algorithm is not available
*
*/
public CryptoAlgorithm getCryptoAlgorithm(String algo) throws NoSuchAlgorithmException;
}
1.1 jakarta-turbine-fulcrum/crypto/api/src/java/org/apache/fulcrum/crypto/CryptoAlgorithm.java
Index: CryptoAlgorithm.java
===================================================================
package org.apache.fulcrum.crypto;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
/**
* This interface describes the various Crypto Algorithms that are
* handed out by the Crypto Service.
*
* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
* @version $Id: CryptoAlgorithm.java,v 1.1 2003/11/18 11:44:27 epugh Exp $
*/
public interface CryptoAlgorithm
{
/**
* Allows the user to set a salt value whenever the
* algorithm is used. Setting a new salt should invalidate
* all internal state of this object.
* <p>
* Algorithms that do not use a salt are allowed to ignore
* this parameter.
* <p>
* Algorithms must be able to deal with the null value as salt.
* They should treat it as "use a random salt".
*
* @param salt The salt value
*
*/
void setSeed(String salt);
/**
* Performs the actual encryption.
*
* @param value The value to be encrypted
*
* @return The encrypted value
*
* @throws Exception various errors from the underlying ciphers.
* The caller should catch them and report accordingly.
*
*/
String encrypt(String value)
throws Exception;
/**
* Algorithms that perform multiple ciphers get told
* with setCipher, which cipher to use. This should be
* called before any other method call.
*
* If called after any call to encrypt or setSeed, the
* CryptoAlgorithm may choose to ignore this or to reset
* and use the new cipher.
*
* If any other call is used before this, the algorithm
* should use a default cipher and not throw an error.
*
* @param cipher The cipher to use.
*
*/
void setCipher(String cipher);
}
1.1 jakarta-turbine-fulcrum/crypto/api/src/java/org/apache/fulcrum/crypto/package.html
Index: package.html
===================================================================
<html>
<head>
<!-- head part is ignored -->
</head>
<body>
Contains the Crypto Service providing you with a variety of Crypto algorithms.
<br>
<font size="-2">$Id: package.html,v 1.1 2003/11/18 11:44:27 epugh Exp $</font>
</body>
</html>
1.1 jakarta-turbine-fulcrum/crypto/api/.cvsignore
Index: .cvsignore
===================================================================
target
maven.log
*.log
1.1 jakarta-turbine-fulcrum/crypto/api/project.xml
Index: project.xml
===================================================================
<?xml version="1.0"?>
<project>
<extend>${basedir}/../../merlin-project.xml</extend>
<id>fulcrum-crypto-api</id>
<name>Fulcrum Crypto Component API</name>
<currentVersion>1.0-alpha-4</currentVersion>
<package>org.apache.fulcrum.crypto</package>
</project>
1.1 jakarta-turbine-fulcrum/crypto/impl/.cvsignore
Index: .cvsignore
===================================================================
target
maven.log
*.log
1.1 jakarta-turbine-fulcrum/crypto/impl/maven.xml
Index: maven.xml
===================================================================
<project default="jar:jar" xmlns:maven="jelly:maven" xmlns:j="jelly:core" xmlns:util="jelly:util">
<preGoal name="java:compile">
<attainGoal name="avalon:meta"/>
</preGoal>
</project>
1.1 jakarta-turbine-fulcrum/crypto/impl/project.xml
Index: project.xml
===================================================================
<?xml version="1.0"?>
<project>
<id>fulcrum-crypto-impl</id>
<extend>${basedir}/../../merlin-project.xml</extend>
<name>Fulcrum Crypto Component Implementation</name>
<currentVersion>1.0-alpha-4</currentVersion>
<package>org.apache.fulcrum.crypto</package>
<dependencies>
<dependency>
<groupId>fulcrum</groupId>
<artifactId>fulcrum-crypto-api</artifactId>
<version>1.0-alpha-4</version>
</dependency>
<dependency>
<groupId>avalon-framework</groupId>
<artifactId>avalon-framework-api</artifactId>
<version>4.1.5</version>
</dependency>
<dependency>
<id>javamail</id>
<version>1.3</version>
</dependency>
<dependency>
<id>commons-codec</id>
<version>1.1</version>
</dependency>
<dependency>
<id>cryptix</id>
<version>3.2.0</version>
</dependency>
<!-- testing -->
<dependency>
<groupId>merlin</groupId>
<artifactId>merlin-unit</artifactId>
<version>3.2.2-dev</version>
</dependency>
</dependencies>
</project>
---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org