/** * @see org.opencms.security.I_CmsPasswordHandler#checkPassword(String, String, boolean) */ public boolean checkPassword(String plainPassword, String digestedPassword, boolean useFallback) { boolean success = false; if (DIGEST_TYPE_PLAIN.equals(m_digestType)) { success = plainPassword.equals(digestedPassword); } else if (DIGEST_TYPE_SCRYPT.equals(m_digestType)) { try { success = SCryptUtil.check(plainPassword, digestedPassword); } catch (IllegalArgumentException e) { // hashed valued not right, check if we want to fall back to MD5 if (useFallback) { try { success = digestedPassword.equals(digest(plainPassword, m_scryptFallback, m_inputEncoding)); } catch (CmsPasswordEncryptionException e1) { // success will be false } } } } else { // old default MD5 try { success = digestedPassword.equals(digest(plainPassword)); } catch (CmsPasswordEncryptionException e) { // this indicates validation has failed } } return success; }
/** * @see org.opencms.security.I_CmsPasswordHandler#digest(java.lang.String, java.lang.String, java.lang.String) */ public String digest(String password, String digestType, String inputEncoding) throws CmsPasswordEncryptionException { MessageDigest md; String result; try { if (DIGEST_TYPE_PLAIN.equals(digestType.toLowerCase())) { result = password; } else if (DIGEST_TYPE_SSHA.equals(digestType.toLowerCase())) { byte[] salt = new byte[4]; byte[] digest; byte[] total; if (m_secureRandom == null) { m_secureRandom = SecureRandom.getInstance("SHA1PRNG"); } m_secureRandom.nextBytes(salt); md = MessageDigest.getInstance(DIGEST_TYPE_SHA); md.reset(); md.update(password.getBytes(inputEncoding)); md.update(salt);
/** * @see org.opencms.security.I_CmsPasswordHandler#digest(java.lang.String, java.lang.String, java.lang.String) */ public String digest(String password, String digestType, String inputEncoding) throws CmsPasswordEncryptionException { MessageDigest md; String result; try { if (DIGEST_TYPE_PLAIN.equals(digestType.toLowerCase())) { result = password; } else if (DIGEST_TYPE_SCRYPT.equals(digestType.toLowerCase())) { result = SCryptUtil.scrypt(password, m_scryptN, m_scryptR, m_scryptP); } else if (DIGEST_TYPE_SSHA.equals(digestType.toLowerCase())) { byte[] salt = new byte[4]; byte[] digest; byte[] total; if (m_secureRandom == null) { m_secureRandom = SecureRandom.getInstance("SHA1PRNG"); } m_secureRandom.nextBytes(salt); md = MessageDigest.getInstance(DIGEST_TYPE_SHA); md.reset();