private static byte[] bytesUtf8(String s) { if (s == null) { return null; } return Utf8.encode(s); // need to check if Utf8.encode() runs in constant time (probably not). This may leak length of string. }
/** * Constructs a standard password encoder with a secret value as well as iterations * and hash. * * @param secret the secret * @param iterations the number of iterations. Users should aim for taking about .5 * seconds on their own system. * @param hashWidth the size of the hash */ public Pbkdf2PasswordEncoder(CharSequence secret, int iterations, int hashWidth) { this.secret = Utf8.encode(secret); this.iterations = iterations; this.hashWidth = hashWidth; }
private static byte[] bytesUtf8(String s) { if (s == null) { return null; } return Utf8.encode(s); // need to check if Utf8.encode() runs in constant time (probably not). This may leak length of string. }
private byte[] decodePart(String part) { return Base64.getDecoder().decode(Utf8.encode(part)); }
private String digest(CharSequence rawPassword, byte[] salt) { byte[] derived = SCrypt.generate(Utf8.encode(rawPassword), salt, cpuCost, memoryCost, parallelization, keyLength); String params = Long .toString(((int) (Math.log(cpuCost) / Math.log(2)) << 16L) | memoryCost << 8 | parallelization, 16); StringBuilder sb = new StringBuilder((salt.length + derived.length) * 2); sb.append("$").append(params).append('$'); sb.append(encodePart(salt)).append('$'); sb.append(encodePart(derived)); return sb.toString(); }
private String digest(CharSequence rawPassword, byte[] salt) { byte[] derived = SCrypt.generate(Utf8.encode(rawPassword), salt, cpuCost, memoryCost, parallelization, keyLength); String params = Long .toString(((int) (Math.log(cpuCost) / Math.log(2)) << 16L) | memoryCost << 8 | parallelization, 16); StringBuilder sb = new StringBuilder((salt.length + derived.length) * 2); sb.append("$").append(params).append('$'); sb.append(encodePart(salt)).append('$'); sb.append(encodePart(derived)); return sb.toString(); }
public String encrypt(String text) { return new String(Hex.encode(encryptor.encrypt(Utf8.encode(text)))); }
private StandardPasswordEncoder(String algorithm, CharSequence secret) { this.digester = new Digester(algorithm, DEFAULT_ITERATIONS); this.secret = Utf8.encode(secret); this.saltGenerator = KeyGenerators.secureRandom(); }
private String digest(String salt, CharSequence rawPassword) { String saltedPassword = rawPassword + salt; byte[] digest = this.digester.digest(Utf8.encode(saltedPassword)); String encoded = encode(digest); return salt + encoded; }
public Token allocateToken(String extendedInformation) { Assert.notNull(extendedInformation, "Must provided non-null extendedInformation (but it can be empty)"); long creationTime = new Date().getTime(); String serverSecret = computeServerSecretApplicableAt(creationTime); String pseudoRandomNumber = generatePseudoRandomNumber(); String content = Long.toString(creationTime) + ":" + pseudoRandomNumber + ":" + extendedInformation; // Compute key String sha512Hex = Sha512DigestUtils.shaHex(content + ":" + serverSecret); String keyPayload = content + ":" + sha512Hex; String key = Utf8.decode(Base64.getEncoder().encode(Utf8.encode(keyPayload))); return new DefaultToken(key, creationTime, extendedInformation); }
private boolean isLdapPasswordCompare(DirContextOperations user, SpringSecurityLdapTemplate ldapTemplate, String password) { String encodedPassword = passwordEncoder.encode(password); byte[] passwordBytes = Utf8.encode(encodedPassword); return ldapTemplate.compare(user.getDn().toString(), passwordAttributeName, passwordBytes); }
private String digest(String salt, CharSequence rawPassword) { String saltedPassword = rawPassword + salt; byte[] digest = this.digester.digest(Utf8.encode(saltedPassword)); String encoded = encode(digest); return salt + encoded; }
private StandardPasswordEncoder(String algorithm, CharSequence secret) { this.digester = new Digester(algorithm, DEFAULT_ITERATIONS); this.secret = Utf8.encode(secret); this.saltGenerator = KeyGenerators.secureRandom(); }
private byte[] digest(CharSequence rawPassword, byte[] salt) { byte[] digest = digester.digest(concatenate(salt, secret, Utf8.encode(rawPassword))); return concatenate(salt, digest); }
private byte[] digest(CharSequence rawPassword, byte[] salt) { byte[] digest = digester.digest(concatenate(salt, secret, Utf8.encode(rawPassword))); return concatenate(salt, digest); }
private String digest(String salt, CharSequence rawPassword) { if (rawPassword == null) { rawPassword = ""; } String saltedPassword = rawPassword + salt; byte[] saltedPasswordBytes = Utf8.encode(saltedPassword); Md4 md4 = new Md4(); md4.update(saltedPasswordBytes, 0, saltedPasswordBytes.length); byte[] digest = md4.digest(); String encoded = encode(digest); return salt + encoded; }
@Test public void utf8EncodesAndDecodesCorrectly() throws Exception { byte[] bytes = Utf8.encode("6048b75ed560785c"); assertThat(bytes).hasSize(16); assertThat(Arrays.equals("6048b75ed560785c".getBytes("UTF-8"), bytes)).isTrue(); String decoded = Utf8.decode(bytes); assertThat(decoded).isEqualTo("6048b75ed560785c"); } }
public CachingPasswordEncoder() throws NoSuchAlgorithmException { messageDigest = MessageDigest.getInstance("SHA-256"); this.secret = Utf8.encode(new RandomValueStringGenerator().generate()); this.salt = KeyGenerators.secureRandom().generateKey(); iterations = 25; buildCache(); }
private String digest(String salt, CharSequence rawPassword) { if (rawPassword == null) { rawPassword = ""; } String saltedPassword = rawPassword + salt; byte[] saltedPasswordBytes = Utf8.encode(saltedPassword); Md4 md4 = new Md4(); md4.update(saltedPasswordBytes, 0, saltedPasswordBytes.length); byte[] digest = md4.digest(); String encoded = encode(digest); return salt + encoded; }
@Test public void digestIsCorrectFor3Iterations() { Digester digester = new Digester("SHA-1", 3); byte[] result = digester.digest(Utf8.encode("text")); // echo -n text | openssl sha1 -binary | openssl sha1 -binary | openssl sha1 assertThat(new String(Hex.encode(result))).isEqualTo("3cfa28da425eca5b894f0af2b158adf7001e000f"); }