org.apache.shiro.crypto.hash.DefaultHashService Java Examples

The following examples show how to use org.apache.shiro.crypto.hash.DefaultHashService. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: QueryAndEncodeDatabaseAuthenticationHandlerTests.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
private String genPassword(final String psw, final String salt, final int iter) {
    try {

        final DefaultHashService hash = new DefaultHashService();
        hash.setPrivateSalt(ByteSource.Util.bytes(STATIC_SALT));
        hash.setHashIterations(iter);
        hash.setGeneratePublicSalt(false);
        hash.setHashAlgorithmName(ALG_NAME);

        final String pswEnc = hash.computeHash(new HashRequest.Builder()
                .setSource(psw).setSalt(salt).setIterations(iter).build()).toHex();

        return pswEnc;

    } catch (final Exception e) {
        throw new RuntimeException(e);
    }
}
 
Example #2
Source File: LegacyNexusPasswordService.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
public LegacyNexusPasswordService() {
  //Initialize and configure sha1 password service
  this.sha1PasswordService = new DefaultPasswordService();
  DefaultHashService sha1HashService = new DefaultHashService();
  sha1HashService.setHashAlgorithmName("SHA-1");
  sha1HashService.setHashIterations(1);
  sha1HashService.setGeneratePublicSalt(false);
  this.sha1PasswordService.setHashService(sha1HashService);
  this.sha1PasswordService.setHashFormat(new HexFormat());

  //Initialize and configure md5 password service
  this.md5PasswordService = new DefaultPasswordService();
  DefaultHashService md5HashService = new DefaultHashService();
  md5HashService.setHashAlgorithmName("MD5");
  md5HashService.setHashIterations(1);
  md5HashService.setGeneratePublicSalt(false);
  this.md5PasswordService.setHashService(md5HashService);
  this.md5PasswordService.setHashFormat(new HexFormat());
}
 
Example #3
Source File: PasswordRealmMixin.java    From attic-polygene-java with Apache License 2.0 6 votes vote down vote up
@Override
public void activateService()
    throws Exception
{
    configuration.refresh();
    PasswordRealmConfiguration config = configuration.get();
    String algorithm = config.hashAlgorithmName().get();
    Integer iterations = config.hashIterationsCount().get();
    if( algorithm != null || iterations != null )
    {
        DefaultHashService hashService = (DefaultHashService) passwordService.getHashService();
        if( algorithm != null )
        {
            hashService.setHashAlgorithmName( algorithm );
        }
        if( iterations != null )
        {
            hashService.setHashIterations( iterations );
        }
    }
}
 
Example #4
Source File: SHA512.java    From JavaSecurity with Apache License 2.0 6 votes vote down vote up
private static Hash calculateHash(String password) {
    ByteSource privateSalt = ByteSource.Util.bytes(PRIVATE_SALT_BYTES);
    DefaultHashService hashService = new DefaultHashService();
    hashService.setPrivateSalt(privateSalt);
    hashService.setGeneratePublicSalt(true);
    hashService.setHashIterations(ITERATIONS);

    HashRequest.Builder builder = new HashRequest.Builder();
    builder.setSource(ByteSource.Util.bytes(password));

    Hash hash = hashService.computeHash(builder.build());

    log.info("Hash algorithm {}, iterations {}, public salt {}", hash.getAlgorithmName(), hash.getIterations(), hash.getSalt());

    return hash;
}
 
Example #5
Source File: SHA512.java    From JavaSecurity with Apache License 2.0 6 votes vote down vote up
private static boolean verifyPassword(byte[] originalHash, ByteSource publicSalt, String password) {
    ByteSource privateSalt = ByteSource.Util.bytes(PRIVATE_SALT_BYTES);
    DefaultHashService hashService = new DefaultHashService();
    hashService.setPrivateSalt(privateSalt);
    hashService.setHashIterations(ITERATIONS);

    HashRequest.Builder builder = new HashRequest.Builder();
    builder.setSource(ByteSource.Util.bytes(password));
    builder.setSalt(publicSalt);

    Hash comparisonHash = hashService.computeHash(builder.build());

    log.info("password: {}", password);
    log.info("1 hash: {}", Hex.encodeToString(originalHash));
    log.info("2 hash: {}", comparisonHash.toHex());

    return Arrays.equals(originalHash, comparisonHash.getBytes());
}
 
Example #6
Source File: QueryAndEncodeDatabaseAuthenticationHandler.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
/**
 * Digest encoded password.
 *
 * @param encodedPassword the encoded password
 * @param values the values retrieved from database
 * @return the digested password
 */
protected String digestEncodedPassword(final String encodedPassword, final Map<String, Object> values) {
    final ConfigurableHashService hashService = new DefaultHashService();

    if (StringUtils.isNotBlank(this.staticSalt)) {
        hashService.setPrivateSalt(ByteSource.Util.bytes(this.staticSalt));
    }
    hashService.setHashAlgorithmName(this.algorithmName);

    Long numOfIterations = this.numberOfIterations;
    if (values.containsKey(this.numberOfIterationsFieldName)) {
        final String longAsStr = values.get(this.numberOfIterationsFieldName).toString();
        numOfIterations = Long.valueOf(longAsStr);
    }

    hashService.setHashIterations(numOfIterations.intValue());
    if (!values.containsKey(this.saltFieldName)) {
        throw new RuntimeException("Specified field name for salt does not exist in the results");
    }

    final String dynaSalt = values.get(this.saltFieldName).toString();
    final HashRequest request = new HashRequest.Builder()
                                .setSalt(dynaSalt)
                                .setSource(encodedPassword)
                                .build();
    return hashService.computeHash(request).toHex();
}
 
Example #7
Source File: PasswordSaltTest.java    From sso with MIT License 5 votes vote down vote up
@Test
    public void test() throws Exception {
        ConfigurableHashService hashService = new DefaultHashService();
        hashService.setPrivateSalt(ByteSource.Util.bytes(this.staticSalt));
        hashService.setHashAlgorithmName(this.algorithmName);
        hashService.setHashIterations(2);
        HashRequest request = new HashRequest.Builder()
                .setSalt(dynaSalt)
                .setSource(encodedPassword)
                .build();
        String res =  hashService.computeHash(request).toHex();
//        System.out.println(res);
        Assert.assertEquals("bfb194d5bd84a5fc77c1d303aefd36c3", res);
    }
 
Example #8
Source File: EntityCrypto.java    From scipio-erp with Apache License 2.0 5 votes vote down vote up
protected ShiroStorageHandler(byte[] kek) {
    hashService = new DefaultHashService();
    cipherService = new AesCipherService();
    cipherService.setMode(OperationMode.ECB);
    saltedCipherService = new AesCipherService();
    this.kek = kek;
}
 
Example #9
Source File: ShiroAutoConfiguration.java    From utils with Apache License 2.0 5 votes vote down vote up
@Bean
@ConditionalOnMissingBean
public PasswordService passwordService() {
    DefaultPasswordService service = new DefaultPasswordService();

    DefaultHashService hashService = new DefaultHashService();
    hashService.setHashAlgorithmName(shiroProperties.getHashAlgorithmName());
    hashService.setHashIterations(shiroProperties.getHashIterations());
    service.setHashService(hashService);

    return service;
}
 
Example #10
Source File: DefaultSecurityPasswordService.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
@Inject
public DefaultSecurityPasswordService(@Named("legacy") final PasswordService legacyPasswordService) {
  this.passwordService = new DefaultPasswordService();
  this.legacyPasswordService = checkNotNull(legacyPasswordService);

  //Create and set a hash service according to our hashing policies
  DefaultHashService hashService = new DefaultHashService();
  hashService.setHashAlgorithmName(DEFAULT_HASH_ALGORITHM);
  hashService.setHashIterations(DEFAULT_HASH_ITERATIONS);
  hashService.setGeneratePublicSalt(true);
  this.passwordService.setHashService(hashService);
}