Object writeReplace() { return BSDUnixDESCryptPassword.createRaw(getAlgorithm(), hash, salt, iterationCount); }
BSDUnixDESCryptPasswordImpl(final BSDUnixDESCryptPassword password) throws InvalidKeyException { this.salt = password.getSalt(); this.iterationCount = password.getIterationCount(); final byte[] hash = password.getHash(); if (hash == null || hash.length != BSDUnixDESCryptPassword.BSD_CRYPT_DES_HASH_SIZE) { throw log.invalidKeyBsdDesCryptPasswordHashMustBeBytes(BSDUnixDESCryptPassword.BSD_CRYPT_DES_HASH_SIZE); } this.hash = hash.clone(); }
default boolean impliesParameters(AlgorithmParameterSpec parameterSpec) { Assert.checkNotNullParam("parameterSpec", parameterSpec); if (parameterSpec instanceof IteratedSaltedPasswordAlgorithmSpec) { final IteratedSaltedPasswordAlgorithmSpec spec = (IteratedSaltedPasswordAlgorithmSpec) parameterSpec; return getIterationCount() <= spec.getIterationCount() && Arrays.equals(getParameterSpec().getSalt(), spec.getSalt()); } else if (parameterSpec instanceof SaltedPasswordAlgorithmSpec) { return Arrays.equals(getParameterSpec().getSalt(), ((SaltedPasswordAlgorithmSpec) parameterSpec).getSalt()); } else if (parameterSpec instanceof IteratedPasswordAlgorithmSpec) { return getIterationCount() <= ((IteratedPasswordAlgorithmSpec) parameterSpec).getIterationCount(); } else { return false; } }
default IteratedSaltedPasswordAlgorithmSpec getParameterSpec() { final int salt = getSalt(); byte[] saltBytes = new byte[4]; // Big-endian format saltBytes[0] = (byte) (salt >>> 24 & 0xff); saltBytes[1] = (byte) (salt >>> 16 & 0xff); saltBytes[2] = (byte) (salt >>> 8 & 0xff); saltBytes[3] = (byte) (salt & 0xff); return new IteratedSaltedPasswordAlgorithmSpec(getIterationCount(), saltBytes); }
default IteratedSaltedPasswordAlgorithmSpec getParameterSpec() { final int salt = getSalt(); byte[] saltBytes = new byte[4]; // Big-endian format saltBytes[0] = (byte) (salt >>> 24 & 0xff); saltBytes[1] = (byte) (salt >>> 16 & 0xff); saltBytes[2] = (byte) (salt >>> 8 & 0xff); saltBytes[3] = (byte) (salt & 0xff); return new IteratedSaltedPasswordAlgorithmSpec(getIterationCount(), saltBytes); }
private static void composeBsdCryptBasedPassword(ByteArrayOutputStream out, BSDUnixDESCryptPassword password) throws IOException { out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 6 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 12 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 18 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 6 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 12 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 18 & 0x3f)); out.write(ByteIterator.ofBytes(password.getHash()).base64Encode(ModularCrypt.MOD_CRYPT, false).asUtf8().drain()); }
default IteratedSaltedPasswordAlgorithmSpec getParameterSpec() { final int salt = getSalt(); byte[] saltBytes = new byte[4]; // Big-endian format saltBytes[0] = (byte) (salt >>> 24 & 0xff); saltBytes[1] = (byte) (salt >>> 16 & 0xff); saltBytes[2] = (byte) (salt >>> 8 & 0xff); saltBytes[3] = (byte) (salt & 0xff); return new IteratedSaltedPasswordAlgorithmSpec(getIterationCount(), saltBytes); }
default boolean impliesParameters(AlgorithmParameterSpec parameterSpec) { Assert.checkNotNullParam("parameterSpec", parameterSpec); if (parameterSpec instanceof IteratedSaltedPasswordAlgorithmSpec) { final IteratedSaltedPasswordAlgorithmSpec spec = (IteratedSaltedPasswordAlgorithmSpec) parameterSpec; return getIterationCount() <= spec.getIterationCount() && Arrays.equals(getParameterSpec().getSalt(), spec.getSalt()); } else if (parameterSpec instanceof SaltedPasswordAlgorithmSpec) { return Arrays.equals(getParameterSpec().getSalt(), ((SaltedPasswordAlgorithmSpec) parameterSpec).getSalt()); } else if (parameterSpec instanceof IteratedPasswordAlgorithmSpec) { return getIterationCount() <= ((IteratedPasswordAlgorithmSpec) parameterSpec).getIterationCount(); } else { return false; } }
private static Password createBsdCryptBasedPassword(byte[] userPassword) throws InvalidKeySpecException { if (userPassword.length != 27) { throw log.insufficientDataToFormDigestAndSalt(); } int b0 = ModularCrypt.MOD_CRYPT.decode(userPassword[8] & 0xff); int b1 = ModularCrypt.MOD_CRYPT.decode(userPassword[9] & 0xff); int b2 = ModularCrypt.MOD_CRYPT.decode(userPassword[10] & 0xff); int b3 = ModularCrypt.MOD_CRYPT.decode(userPassword[11] & 0xff); if (b0 == -1 || b1 == -1 || b2 == -1 || b3 == -1) { throw log.invalidRounds((char) b0, (char) b1, (char) b2, (char) b3); } int iterationCount = b0 | b1 << 6 | b2 << 12 | b3 << 18; b0 = ModularCrypt.MOD_CRYPT.decode(userPassword[12] & 0xff); b1 = ModularCrypt.MOD_CRYPT.decode(userPassword[13] & 0xff); b2 = ModularCrypt.MOD_CRYPT.decode(userPassword[14] & 0xff); b3 = ModularCrypt.MOD_CRYPT.decode(userPassword[15] & 0xff); if (b0 == -1 || b1 == -1 || b2 == -1 || b3 == -1) { throw log.invalidSalt((char) b0, (char) b1, (char) b2, (char) b3); } int salt = b0 | b1 << 6 | b2 << 12 | b3 << 18; byte[] hash = CodePointIterator.ofUtf8Bytes(userPassword, 16, 11).base64Decode(ModularCrypt.MOD_CRYPT, false).drain(); return BSDUnixDESCryptPassword.createRaw(ALGORITHM_BSD_CRYPT_DES, hash, salt, iterationCount); }
BSDUnixDESCryptPasswordImpl(final BSDUnixDESCryptPassword password) throws InvalidKeyException { this.salt = password.getSalt(); this.iterationCount = password.getIterationCount(); final byte[] hash = password.getHash(); if (hash == null || hash.length != BSDUnixDESCryptPassword.BSD_CRYPT_DES_HASH_SIZE) { throw log.invalidKeyBsdDesCryptPasswordHashMustBeBytes(BSDUnixDESCryptPassword.BSD_CRYPT_DES_HASH_SIZE); } this.hash = hash.clone(); }
default IteratedSaltedPasswordAlgorithmSpec getParameterSpec() { final int salt = getSalt(); byte[] saltBytes = new byte[4]; // Big-endian format saltBytes[0] = (byte) (salt >>> 24 & 0xff); saltBytes[1] = (byte) (salt >>> 16 & 0xff); saltBytes[2] = (byte) (salt >>> 8 & 0xff); saltBytes[3] = (byte) (salt & 0xff); return new IteratedSaltedPasswordAlgorithmSpec(getIterationCount(), saltBytes); }
default boolean impliesParameters(AlgorithmParameterSpec parameterSpec) { Assert.checkNotNullParam("parameterSpec", parameterSpec); if (parameterSpec instanceof IteratedSaltedPasswordAlgorithmSpec) { final IteratedSaltedPasswordAlgorithmSpec spec = (IteratedSaltedPasswordAlgorithmSpec) parameterSpec; return getIterationCount() <= spec.getIterationCount() && Arrays.equals(getParameterSpec().getSalt(), spec.getSalt()); } else if (parameterSpec instanceof SaltedPasswordAlgorithmSpec) { return Arrays.equals(getParameterSpec().getSalt(), ((SaltedPasswordAlgorithmSpec) parameterSpec).getSalt()); } else if (parameterSpec instanceof IteratedPasswordAlgorithmSpec) { return getIterationCount() <= ((IteratedPasswordAlgorithmSpec) parameterSpec).getIterationCount(); } else { return false; } }
private static Password parseBSDUnixDESCryptPasswordString(char[] cryptString) throws InvalidKeySpecException { // Note that crypt strings have the format: "_{rounds}{salt}{hash}" as described // in the "DES Extended Format" section here: http://www.freebsd.org/cgi/man.cgi?crypt(3) assert cryptString.length == 20; assert cryptString[0] == '_'; // previously tested by doIdentifyAlgorithm CodePointIterator r = CodePointIterator.ofChars(cryptString, 1); // The next 4 characters correspond to the encoded number of rounds - this is decoded to a 24-bit integer int s0 = MOD_CRYPT.decode(r.next()); int s1 = MOD_CRYPT.decode(r.next()); int s2 = MOD_CRYPT.decode(r.next()); int s3 = MOD_CRYPT.decode(r.next()); int iterationCount = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The next 4 characters correspond to the encoded salt - this is decoded to a 24-bit integer s0 = MOD_CRYPT.decode(r.next()); s1 = MOD_CRYPT.decode(r.next()); s2 = MOD_CRYPT.decode(r.next()); s3 = MOD_CRYPT.decode(r.next()); int salt = s0 | s1 << 6 | s2 << 12 | s3 << 18; // The final 11 characters correspond to the encoded password - this is decoded to a 64-bit hash byte[] hash = r.base64Decode(MOD_CRYPT, false).limitedTo(11).drain(); return BSDUnixDESCryptPassword.createRaw(BSDUnixDESCryptPassword.ALGORITHM_BSD_CRYPT_DES, hash, salt, iterationCount); }
BSDUnixDESCryptPasswordImpl(final BSDUnixDESCryptPassword password) throws InvalidKeyException { this.salt = password.getSalt(); this.iterationCount = password.getIterationCount(); final byte[] hash = password.getHash(); if (hash == null || hash.length != BSDUnixDESCryptPassword.BSD_CRYPT_DES_HASH_SIZE) { throw log.invalidKeyBsdDesCryptPasswordHashMustBeBytes(BSDUnixDESCryptPassword.BSD_CRYPT_DES_HASH_SIZE); } this.hash = hash.clone(); }
default boolean impliesParameters(AlgorithmParameterSpec parameterSpec) { Assert.checkNotNullParam("parameterSpec", parameterSpec); if (parameterSpec instanceof IteratedSaltedPasswordAlgorithmSpec) { final IteratedSaltedPasswordAlgorithmSpec spec = (IteratedSaltedPasswordAlgorithmSpec) parameterSpec; return getIterationCount() <= spec.getIterationCount() && Arrays.equals(getParameterSpec().getSalt(), spec.getSalt()); } else if (parameterSpec instanceof SaltedPasswordAlgorithmSpec) { return Arrays.equals(getParameterSpec().getSalt(), ((SaltedPasswordAlgorithmSpec) parameterSpec).getSalt()); } else if (parameterSpec instanceof IteratedPasswordAlgorithmSpec) { return getIterationCount() <= ((IteratedPasswordAlgorithmSpec) parameterSpec).getIterationCount(); } else { return false; } }
Object writeReplace() { return BSDUnixDESCryptPassword.createRaw(getAlgorithm(), hash, salt, iterationCount); }
BSDUnixDESCryptPasswordImpl(final BSDUnixDESCryptPassword password) throws InvalidKeyException { this.salt = password.getSalt(); this.iterationCount = password.getIterationCount(); final byte[] hash = password.getHash(); if (hash == null || hash.length != BSDUnixDESCryptPassword.BSD_CRYPT_DES_HASH_SIZE) { throw log.invalidKeyBsdDesCryptPasswordHashMustBeBytes(BSDUnixDESCryptPassword.BSD_CRYPT_DES_HASH_SIZE); } this.hash = hash.clone(); }
Object writeReplace() { return BSDUnixDESCryptPassword.createRaw(getAlgorithm(), hash, salt, iterationCount); }
private static void composeBsdCryptBasedPassword(ByteArrayOutputStream out, BSDUnixDESCryptPassword password) throws IOException { out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 6 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 12 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 18 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 6 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 12 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 18 & 0x3f)); out.write(ByteIterator.ofBytes(password.getHash()).base64Encode(ModularCrypt.MOD_CRYPT, false).asUtf8().drain()); }
Object writeReplace() { return BSDUnixDESCryptPassword.createRaw(getAlgorithm(), hash, salt, iterationCount); }