Author: doogie
Date: Tue Jun 1 21:59:45 2010 New Revision: 950275 URL: http://svn.apache.org/viewvc?rev=950275&view=rev Log: Revert wrongly committed 950260 Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java?rev=950275&r1=950274&r2=950275&view=diff ============================================================================== --- ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java (original) +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/crypto/HashCrypt.java Tue Jun 1 21:59:45 2010 @@ -18,15 +18,9 @@ *******************************************************************************/ package org.ofbiz.base.crypto; -import java.io.UnsupportedEncodingException; import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Random; -import org.apache.commons.codec.EncoderException; -import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Hex; -import org.apache.commons.lang.RandomStringUtils; import org.ofbiz.base.util.Debug; import org.ofbiz.base.util.GeneralRuntimeException; import org.ofbiz.base.util.StringUtil; @@ -39,66 +33,6 @@ import org.ofbiz.base.util.UtilValidate; public class HashCrypt { public static final String module = HashCrypt.class.getName(); - public static final String CRYPT_CHAR_SET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./"; - - public static boolean comparePassword(String crypted, String defaultCrypt, String password) { - try { - if (crypted.startsWith("{")) { - int typeEnd = crypted.indexOf("}"); - String hashType = crypted.substring(1, typeEnd); - String hashed = crypted.substring(typeEnd + 1); - MessageDigest messagedigest = MessageDigest.getInstance(hashType); - // FIXME: should have been getBytes("UTF-8") originally - messagedigest.update(password.getBytes()); - char[] digestChars = Hex.encodeHex(messagedigest.digest()); - return hashed.equals(new String(digestChars)); - } else if (crypted.startsWith("$")) { - int typeEnd = crypted.indexOf("$", 1); - int saltEnd = crypted.indexOf("$", typeEnd + 1); - String hashType = crypted.substring(1, typeEnd); - String salt = crypted.substring(typeEnd + 1, saltEnd); - String hashed = crypted.substring(saltEnd + 1); - MessageDigest messagedigest = MessageDigest.getInstance(hashType); - messagedigest.update(salt.getBytes("UTF-8")); - messagedigest.update(password.getBytes("UTF-8")); - return hashed.equals(Base64.encodeBase64String(messagedigest.digest()).replace('+', '.')); - } else { - String hashType = defaultCrypt; - String hashed = crypted; - MessageDigest messagedigest = MessageDigest.getInstance(hashType); - // FIXME: should have been getBytes("UTF-8") originally - messagedigest.update(password.getBytes()); - char[] digestChars = Hex.encodeHex(messagedigest.digest()); - return hashed.equals(new String(digestChars)); - } - } catch (NoSuchAlgorithmException e) { - throw new GeneralRuntimeException("Error while comparing password", e); - } catch (UnsupportedEncodingException e) { - throw new GeneralRuntimeException("Error while comparing password", e); - } - } - - public static String cryptPassword(String hashType, String password) { - Random random = new Random(); - int saltLength = 8;//random.nextInt(15) + 1; - return cryptPassword(hashType, RandomStringUtils.random(saltLength, CRYPT_CHAR_SET), password); - } - - public static String cryptPassword(String hashType, String salt, String password) { - try { - MessageDigest messagedigest = MessageDigest.getInstance(hashType); - messagedigest.update(salt.getBytes("UTF-8")); - messagedigest.update(password.getBytes("UTF-8")); - StringBuilder sb = new StringBuilder(); - sb.append("$").append(hashType).append("$").append(salt).append("$"); - sb.append(Base64.encodeBase64URLSafeString(messagedigest.digest()).replace('+', '.')); - return sb.toString(); - } catch (NoSuchAlgorithmException e) { - throw new GeneralRuntimeException("Error while comparing password", e); - } catch (UnsupportedEncodingException e) { - throw new GeneralRuntimeException("Error while comparing password", e); - } - } public static String getDigestHash(String str) { return getDigestHash(str, "SHA"); |
Free forum by Nabble | Edit this page |