org.apache.commons.codec.digest.Crypt Java Examples

The following examples show how to use org.apache.commons.codec.digest.Crypt. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CryptUtil.java    From TranskribusCore with GNU General Public License v3.0 5 votes vote down vote up
public static boolean isHashCorrect(final String plainToken, final String hash) {
	if(plainToken == null || hash == null){
		return false;
	}
	
	final String check = Crypt.crypt(plainToken, hash);
	return hash.equals(check);
}
 
Example #2
Source File: AuthenticationProviderBasic.java    From pulsar with Apache License 2.0 5 votes vote down vote up
@Override
public String authenticate(AuthenticationDataSource authData) throws AuthenticationException {
    AuthParams authParams = new AuthParams(authData);
    String userId = authParams.getUserId();
    String password = authParams.getPassword();
    String msg = "Unknown user or invalid password";

    if (users.get(userId) == null) {
        throw new AuthenticationException(msg);
    }

    String encryptedPassword = users.get(userId);

    // For md5 algorithm
    if ((users.get(userId).startsWith("$apr1"))) {
        List<String> splitEncryptedPassword = Arrays.asList(encryptedPassword.split("\\$"));
        if (splitEncryptedPassword.size() != 4 || !encryptedPassword
                .equals(Md5Crypt.apr1Crypt(password.getBytes(), splitEncryptedPassword.get(2)))) {
            throw new AuthenticationException(msg);
        }
    // For crypt algorithm
    } else if (!encryptedPassword.equals(Crypt.crypt(password.getBytes(), encryptedPassword.substring(0, 2)))) {
        throw new AuthenticationException(msg);
    }

    return userId;
}
 
Example #3
Source File: CryptSaltFactory.java    From credhub with Apache License 2.0 5 votes vote down vote up
public String generateSalt(final String password) {
  // Password hash format comes from crypt(3) using SHA-512,
  // which is $6$<salt>$<hashed_word>
  // We need to save the salt portion so that the hash can be
  // consistently generated across requests.
  final String passwordHash = Crypt.crypt(password);
  return passwordHash.substring(0, passwordHash.lastIndexOf('$'));
}
 
Example #4
Source File: UserViewTest.java    From credhub with Apache License 2.0 5 votes vote down vote up
@Test
public void canCreateViewFromEntity() throws IOException {
  final UUID uuid = UUID.randomUUID();
  final String salt = new CryptSaltFactory().generateSalt("test-password");
  final String passwordHash = Crypt.crypt("test-password", salt);

  final UserCredentialVersion userCredential = mock(UserCredentialVersion.class);
  when(userCredential.getName()).thenReturn("/foo");
  when(userCredential.getUuid()).thenReturn(uuid);
  when(userCredential.getCredentialType()).thenReturn("user");
  when(userCredential.getPassword()).thenReturn("test-password");
  when(userCredential.getUsername()).thenReturn("test-username");
  when(userCredential.getSalt()).thenReturn(salt);
  JsonObjectMapper objectMapper = new JsonObjectMapper();
  JsonNode metadata = null;
  try {
    metadata = objectMapper.readTree("{\"name\":\"test\"}");
  } catch (IOException e) {
    e.printStackTrace();
  }
  when(userCredential.getMetadata()).thenReturn(metadata);

  final UserView actual = (UserView) UserView.fromEntity(userCredential);

  assertThat(JsonTestHelper.serializeToString(actual), equalTo("{"
    + "\"type\":\"user\","
    + "\"version_created_at\":null,"
    + "\"id\":\"" + uuid.toString() + "\","
    + "\"name\":\"/foo\","
    + "\"metadata\":{\"name\":\"test\"},"
    + "\"value\":{"
    + "\"username\":\"test-username\","
    + "\"password\":\"test-password\","
    + "\"password_hash\":\"" + passwordHash + "\""
    + "}}"));
}
 
Example #5
Source File: PasswordUtil.java    From directory-ldap-api with Apache License 2.0 4 votes vote down vote up
/**
 * encrypts the given credentials based on the algorithm name and optional salt
 *
 * @param credentials the credentials to be encrypted
 * @param algorithm the algorithm to be used for encrypting the credentials
 * @param salt value to be used as salt (optional)
 * @return the encrypted credentials
 */
private static byte[] encryptPassword( byte[] credentials, LdapSecurityConstants algorithm, byte[] salt )
{
    switch ( algorithm )
    {
        case HASH_METHOD_SHA:
        case HASH_METHOD_SSHA:
            return digest( LdapSecurityConstants.HASH_METHOD_SHA, credentials, salt );

        case HASH_METHOD_SHA256:
        case HASH_METHOD_SSHA256:
            return digest( LdapSecurityConstants.HASH_METHOD_SHA256, credentials, salt );

        case HASH_METHOD_SHA384:
        case HASH_METHOD_SSHA384:
            return digest( LdapSecurityConstants.HASH_METHOD_SHA384, credentials, salt );

        case HASH_METHOD_SHA512:
        case HASH_METHOD_SSHA512:
            return digest( LdapSecurityConstants.HASH_METHOD_SHA512, credentials, salt );

        case HASH_METHOD_MD5:
        case HASH_METHOD_SMD5:
            return digest( LdapSecurityConstants.HASH_METHOD_MD5, credentials, salt );

        case HASH_METHOD_CRYPT:
            String saltWithCrypted = Crypt.crypt( Strings.utf8ToString( credentials ), Strings
                .utf8ToString( salt ) );
            String crypted = saltWithCrypted.substring( 2 );
            return Strings.getBytesUtf8( crypted );

        case HASH_METHOD_CRYPT_MD5:
        case HASH_METHOD_CRYPT_SHA256:
        case HASH_METHOD_CRYPT_SHA512:
            String saltWithCrypted2 = Crypt.crypt( Strings.utf8ToString( credentials ),
                algorithm.getSubPrefix() + Strings.utf8ToString( salt ) );
            String crypted2 = saltWithCrypted2.substring( saltWithCrypted2.lastIndexOf( '$' ) + 1 );
            return Strings.getBytesUtf8( crypted2 );

        case HASH_METHOD_CRYPT_BCRYPT:
            String crypted3 = BCrypt.hashPw( Strings.utf8ToString( credentials ), Strings.utf8ToString( salt ) );
            return Strings.getBytesUtf8( crypted3.substring( crypted3.length() - 31 ) );
            
        case HASH_METHOD_PKCS5S2:
            return generatePbkdf2Hash( credentials, algorithm, salt );

        default:
            return credentials;
    }
}
 
Example #6
Source File: CryptUtil.java    From TranskribusCore with GNU General Public License v3.0 3 votes vote down vote up
public static String generateHash(final String token) {
	return Crypt.crypt(token);
}