@Override protected CharArrayPasswordEncoder createCharEncoder() { return new CharArrayPasswordEncoder() { StandardByteDigester digester = new StandardByteDigester(); { digester.setAlgorithm("SHA-256"); digester.setIterations(100000); digester.setSaltSizeBytes(16); digester.initialize(); } @Override public String encodePassword(char[] rawPass, Object salt) { return new String(Base64.encodeBase64(digester.digest(toBytes(rawPass)))); } @Override public boolean isPasswordValid(String encPass, char[] rawPass, Object salt) { return digester.matches(toBytes(rawPass), Base64.decodeBase64(encPass.getBytes())); } }; }
@Override public String encodePassword(char[] rawPass, Object salt) { return new String(Base64.encodeBase64(digester.digest(toBytes(rawPass)))); }
@Override public boolean isPasswordValid(String encPass, char[] rawPass, Object salt) { return digester.matches(toBytes(rawPass), Base64.decodeBase64(encPass.getBytes())); } };
StandardByteDigester cloneDigester() { // Check initialization if (!isInitialized()) { initialize(); } final StandardByteDigester cloned = new StandardByteDigester(); if (CommonUtils.isNotEmpty(this.algorithm)) { cloned.setAlgorithm(this.algorithm); } cloned.setInvertPositionOfPlainSaltInEncryptionResults(this.invertPositionOfPlainSaltInEncryptionResults); cloned.setInvertPositionOfSaltInMessageBeforeDigesting(this.invertPositionOfSaltInMessageBeforeDigesting); cloned.setIterations(this.iterations); if (this.provider != null) { cloned.setProvider(this.provider); } if (this.providerName != null) { cloned.setProviderName(this.providerName); } if (this.saltGenerator != null) { cloned.setSaltGenerator(this.saltGenerator); } cloned.setSaltSizeBytes(this.saltSizeBytes); cloned.setUseLenientSaltSizeCheck(this.useLenientSaltSizeCheck); return cloned; }
/** * Creates a new instance of <tt>Digester</tt>. It will use * the default algorithm unless one is specified with * {@link #setAlgorithm(String)}. * */ public Digester() { super(); this.digester = new StandardByteDigester(); this.digester.setIterations(ITERATIONS); this.digester.setSaltSizeBytes(SALT_SIZE_BYTES); }
if (!isInitialized()) { initialize(); final byte[] encryptedMessage = digest(message, salt); return (digestsAreEqual(encryptedMessage, digest));
/** * Creates a new instance of <tt>PooledStandardByteDigester</tt>. */ public PooledByteDigester() { super(); this.firstDigester = new StandardByteDigester(); }
if (!isInitialized()) { initialize(); return digest(message, salt);
/** * <p> * Sets the algorithm to be used for digesting, like <tt>MD5</tt> * or <tt>SHA-1</tt>. * </p> * <p> * This algorithm has to be supported by your security infrastructure, and * it should be allowed as an algorithm for creating * java.security.MessageDigest instances. * </p> * <p> * If you are specifying a security provider with {@link #setProvider(Provider)} or * {@link #setProviderName(String)}, this algorithm should be * supported by your specified provider. * </p> * <p> * If you are not specifying a provider, you will be able to use those * algorithms provided by the default security provider of your JVM vendor. * For valid names in the Sun JVM, see <a target="_blank" * href="http://java.sun.com/j2se/1.5.0/docs/guide/security/CryptoSpec.html#AppA">Java * Cryptography Architecture API Specification & * Reference</a>. * </p> * * @param algorithm the name of the algorithm to be used. */ public void setAlgorithm(final String algorithm) { this.byteDigester.setAlgorithm(algorithm); }
/** * <p> * Set the number of times the hash function will be applied recursively. * <br/> * The hash function will be applied to its own results as many times as * specified: <i>h(h(...h(x)...))</i> * </p> * <p> * This mechanism is explained in * <a href="http://www.rsasecurity.com/rsalabs/node.asp?id=2127" * target="_blank">PKCS #5: Password-Based Cryptography Standard</a>. * </p> * * @param iterations the number of iterations. */ public synchronized void setIterations(final int iterations) { this.firstDigester.setIterations(iterations); }
/** * <p> * Sets the size of the salt to be used to compute the digest. * This mechanism is explained in * <a href="http://www.rsasecurity.com/rsalabs/node.asp?id=2127" * target="_blank">PKCS #5: Password-Based Cryptography Standard</a>. * </p> * * <p> * If salt size is set to zero, then no salt will be used. * </p> * * @param saltSizeBytes the size of the salt to be used, in bytes. */ public void setSaltSizeBytes(final int saltSizeBytes) { this.byteDigester.setSaltSizeBytes(saltSizeBytes); }
equalsIgnoreCase(this.stringOutputType)); this.byteDigester.initialize();
this.pool[i] = this.pool[i - 1].cloneDigester();
StandardByteDigester cloneDigester() { // Check initialization if (!isInitialized()) { initialize(); } final StandardByteDigester cloned = new StandardByteDigester(); if (CommonUtils.isNotEmpty(this.algorithm)) { cloned.setAlgorithm(this.algorithm); } cloned.setInvertPositionOfPlainSaltInEncryptionResults(this.invertPositionOfPlainSaltInEncryptionResults); cloned.setInvertPositionOfSaltInMessageBeforeDigesting(this.invertPositionOfSaltInMessageBeforeDigesting); cloned.setIterations(this.iterations); if (this.provider != null) { cloned.setProvider(this.provider); } if (this.providerName != null) { cloned.setProviderName(this.providerName); } if (this.saltGenerator != null) { cloned.setSaltGenerator(this.saltGenerator); } cloned.setSaltSizeBytes(this.saltSizeBytes); cloned.setUseLenientSaltSizeCheck(this.useLenientSaltSizeCheck); return cloned; }
/** * Creates a new instance of <tt>Digester</tt>. It will use * the default algorithm unless one is specified with * {@link #setAlgorithm(String)}. * */ public Digester() { super(); this.digester = new StandardByteDigester(); this.digester.setIterations(ITERATIONS); this.digester.setSaltSizeBytes(SALT_SIZE_BYTES); }
if (!isInitialized()) { initialize(); final byte[] encryptedMessage = digest(message, salt); return (digestsAreEqual(encryptedMessage, digest));
/** * Creates a new instance of <tt>PooledStandardByteDigester</tt>. */ public PooledByteDigester() { super(); this.firstDigester = new StandardByteDigester(); }
if (!isInitialized()) { initialize(); return digest(message, salt);
/** * <p> * Sets the algorithm to be used for digesting, like <tt>MD5</tt> * or <tt>SHA-1</tt>. * </p> * <p> * This algorithm has to be supported by your security infrastructure, and * it should be allowed as an algorithm for creating * java.security.MessageDigest instances. * </p> * <p> * If you are specifying a security provider with {@link #setProvider(Provider)} or * {@link #setProviderName(String)}, this algorithm should be * supported by your specified provider. * </p> * <p> * If you are not specifying a provider, you will be able to use those * algorithms provided by the default security provider of your JVM vendor. * For valid names in the Sun JVM, see <a target="_blank" * href="http://java.sun.com/j2se/1.5.0/docs/guide/security/CryptoSpec.html#AppA">Java * Cryptography Architecture API Specification & * Reference</a>. * </p> * * @param algorithm the name of the algorithm to be used. */ public void setAlgorithm(final String algorithm) { this.byteDigester.setAlgorithm(algorithm); }
/** * <p> * Set the number of times the hash function will be applied recursively. * <br/> * The hash function will be applied to its own results as many times as * specified: <i>h(h(...h(x)...))</i> * </p> * <p> * This mechanism is explained in * <a href="http://www.rsasecurity.com/rsalabs/node.asp?id=2127" * target="_blank">PKCS #5: Password-Based Cryptography Standard</a>. * </p> * * @param iterations the number of iterations. */ public synchronized void setIterations(final int iterations) { this.firstDigester.setIterations(iterations); }