@Override public boolean verifyPassword(String password) { EncryptionVerifier ver = getEncryptionInfo().getVerifier(); SecretKey skey = generateSecretKey(password, ver, getKeySizeInBytes()); Cipher cipher = getCipher(skey); try { byte encryptedVerifier[] = ver.getEncryptedVerifier(); byte verifier[] = cipher.doFinal(encryptedVerifier); setVerifier(verifier); MessageDigest sha1 = CryptoFunctions.getMessageDigest(ver.getHashAlgorithm()); byte[] calcVerifierHash = sha1.digest(verifier); byte encryptedVerifierHash[] = ver.getEncryptedVerifierHash(); byte decryptedVerifierHash[] = cipher.doFinal(encryptedVerifierHash); // see 2.3.4.9 Password Verification (Standard Encryption) // ... The number of bytes used by the encrypted Verifier hash MUST be 32 ... // TODO: check and trim/pad the hashes to 32 byte[] verifierHash = Arrays.copyOf(decryptedVerifierHash, calcVerifierHash.length); if (Arrays.equals(calcVerifierHash, verifierHash)) { setSecretKey(skey); return true; } else { return false; } } catch (GeneralSecurityException e) { throw new EncryptedDocumentException(e); } }
@Override public boolean verifyPassword(String password) { EncryptionVerifier ver = getEncryptionInfo().getVerifier(); SecretKey skey = generateSecretKey(password, ver, getKeySizeInBytes()); Cipher cipher = getCipher(skey); try { byte encryptedVerifier[] = ver.getEncryptedVerifier(); byte verifier[] = cipher.doFinal(encryptedVerifier); setVerifier(verifier); MessageDigest sha1 = CryptoFunctions.getMessageDigest(ver.getHashAlgorithm()); byte[] calcVerifierHash = sha1.digest(verifier); byte encryptedVerifierHash[] = ver.getEncryptedVerifierHash(); byte decryptedVerifierHash[] = cipher.doFinal(encryptedVerifierHash); // see 2.3.4.9 Password Verification (Standard Encryption) // ... The number of bytes used by the encrypted Verifier hash MUST be 32 ... // TODO: check and trim/pad the hashes to 32 byte[] verifierHash = Arrays.copyOf(decryptedVerifierHash, calcVerifierHash.length); if (Arrays.equals(calcVerifierHash, verifierHash)) { setSecretKey(skey); return true; } else { return false; } } catch (GeneralSecurityException e) { throw new EncryptedDocumentException(e); } }