public void testEditingExposedBytesDoesntChangeInternalState() { PasswordDigest pwd1 = new PasswordDigest("webernets".toCharArray()); byte[] digest = pwd1.getDigest(); byte[] salt = pwd1.getSalt(); PasswordDigest pwd2 = PasswordDigest.from(salt, digest); // We'll mess with the digest and salt we got back and make sure both // passwords still verify normally. digest[digest.length / 2]++; salt[salt.length / 2]--; assertTrue(pwd1.verify("webernets".toCharArray())); assertTrue(pwd2.verify("webernets".toCharArray())); }
/** * Create a new password object using the password provided. * * Callers should clear the bytes in the password array when they're done * with it. */ public PasswordDigest(char[] password) { Preconditions.checkNotNull(password, "Password is null"); salt = generateSalt(); digest = createPasswordDigest(password, salt); }
@Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (!(obj instanceof HumanAccountDataImpl)) return false; HumanAccountDataImpl other = (HumanAccountDataImpl) obj; if (id == null) { if (other.id != null) return false; } else if (!id.equals(other.id)) return false; if (passwordDigest == null) { if (other.passwordDigest != null) return false; } else if (!passwordDigest.equals(other.passwordDigest)) return false; if (locale == null) { if (other.locale != null) return false; } else if (!locale.equals(other.locale)) return false; return true; } }
public void testReallyLongPasswordWorksRight() { char[] reallyLongPassword = new char[1024]; for (int i = 0; i < reallyLongPassword.length; i++) { // We'll make a password filled with junk. reallyLongPassword[i] = (char) i; } PasswordDigest pwd = new PasswordDigest(reallyLongPassword); assertTrue(pwd.verify(reallyLongPassword)); // Make a new password that misses the last character. It shouldn't work. char[] shorterPassword = Arrays.copyOf(reallyLongPassword, 1023); assertFalse(pwd.verify(shorterPassword)); }
@Override public AccountData getAccount(ParticipantId id) { AccountData account = accounts.get(id); if (account == null && !id.getAddress().startsWith("xxx")) { account = new HumanAccountDataImpl(id, new PasswordDigest("".toCharArray())); accounts.put(id, account); } return account; }
public void testSaltAtLeast10Bytes() { PasswordDigest pwd = new PasswordDigest("blogosphere".toCharArray()); byte[] salt = pwd.getSalt(); assertTrue(salt.length >= 10); }
} else if (!account.asHuman().getPasswordDigest().verify(password)) {
private static PasswordDigest deserialize(ProtoPasswordDigest data) { return PasswordDigest.from(data.getSalt().toByteArray(), data.getDigest().toByteArray()); }
private static byte[] generateSalt() { return generateSalt(DEFAULT_SALT_LENGTH); }
/** * Verify that the stored password matches the password provided. * * @param providedPassword Password to compare to the password stored * @return true if the passwords match, false otherwise. */ public boolean verify(char[] providedPassword) { Preconditions.checkNotNull(providedPassword, "Provided password is null"); return digest != null && Arrays.equals(digest, createPasswordDigest(providedPassword, salt)); }
public void testEmptyPasswordVerifiesCorrectly() { PasswordDigest pwd = new PasswordDigest(new char[0]); assertTrue(pwd.verify(new char[0])); assertFalse(pwd.verify(new char[1])); } }
/** * Creates a new user. * * @param accountStore the account store with user accounts. * @param participantId requested user wave address. * @param password requested user password * @throws PersistenceException if the persistence layer fails. * @throws IllegalArgumentException if the userId is already in use. */ public static void createUser(AccountStore accountStore, ParticipantId participantId, String password) throws PersistenceException, IllegalArgumentException { if (accountStore.getAccount(participantId) != null) { throw new IllegalArgumentException(String.format("User %s already exists on this domain.", participantId.getAddress())); } HumanAccountDataImpl account = new HumanAccountDataImpl(participantId, new PasswordDigest(password.toCharArray())); accountStore.putAccount(account); } }
private DBObject humanToObject(HumanAccountData account) { DBObject object = new BasicDBObject(); PasswordDigest digest = account.getPasswordDigest(); if (digest != null) { DBObject digestObj = new BasicDBObject(); digestObj.put(PASSWORD_SALT_FIELD, digest.getSalt()); digestObj.put(PASSWORD_DIGEST_FIELD, digest.getDigest()); object.put(HUMAN_PASSWORD_FIELD, digestObj); } return object; }
public void testSaltAtLeast10Bytes() { PasswordDigest pwd = new PasswordDigest("blogosphere".toCharArray()); byte[] salt = pwd.getSalt(); assertTrue(salt.length >= 10); }
public void testRegisterNewUserEnabled() throws Exception { attemptToRegister(req, resp, "foo@example.com", "internet", false); verify(resp).setStatus(HttpServletResponse.SC_OK); ParticipantId participantId = ParticipantId.ofUnsafe("foo@example.com"); AccountData account = store.getAccount(participantId); assertNotNull(account); assertTrue(account.asHuman().getPasswordDigest().verify("internet".toCharArray())); verify(welcomeBot).greet(eq(participantId)); }
private HumanAccountData objectToHuman(ParticipantId id, DBObject object) { PasswordDigest passwordDigest = null; DBObject digestObj = (DBObject) object.get(HUMAN_PASSWORD_FIELD); if (digestObj != null) { byte[] salt = (byte[]) digestObj.get(PASSWORD_SALT_FIELD); byte[] digest = (byte[]) digestObj.get(PASSWORD_DIGEST_FIELD); passwordDigest = PasswordDigest.from(salt, digest); } return new HumanAccountDataImpl(id, passwordDigest); }
public void testEditingExposedBytesDoesntChangeInternalState() { PasswordDigest pwd1 = new PasswordDigest("webernets".toCharArray()); byte[] digest = pwd1.getDigest(); byte[] salt = pwd1.getSalt(); PasswordDigest pwd2 = PasswordDigest.from(salt, digest); // We'll mess with the digest and salt we got back and make sure both // passwords still verify normally. digest[digest.length / 2]++; salt[salt.length / 2]--; assertTrue(pwd1.verify("webernets".toCharArray())); assertTrue(pwd2.verify("webernets".toCharArray())); }
public void testEmptyPasswordVerifiesCorrectly() { PasswordDigest pwd = new PasswordDigest(new char[0]); assertTrue(pwd.verify(new char[0])); assertFalse(pwd.verify(new char[1])); } }
/** * Create a password from the specified salt and digest. */ public static PasswordDigest from(byte[] salt, byte[] digest) { return new PasswordDigest(salt.clone(), digest.clone()); }