public boolean comparePasswords(byte[] received, byte[] stored) { return PasswordUtil.compareCredentials(received, stored); }
public static void main(String[] args) throws Exception { LdapSecurityConstants test = PasswordUtil.findAlgorithm("{sha}YaE1CJ6sVhov987e77A5db7QAPg=".getBytes()); System.out.println(test); }
/** * Generate a salt for use with the BCrypt.hashpw() method, * selecting a reasonable default for the number of hashing * rounds to apply * @return an encoded salt value */ public static String genSalt() { return gensalt( GENSALT_DEFAULT_LOG2_ROUNDS ); }
/** * Key the Blowfish cipher * @param key an array containing the key */ private void key( byte[] key ) { int i; int[] koffp = { 0 }; int[] lr = { 0, 0 }; int plen = pKey.length; int slen = sKey.length; for ( i = 0; i < plen; i++ ) { pKey[i] = pKey[i] ^ streamToWord( key, koffp ); } for ( i = 0; i < plen; i += 2 ) { encipher( lr, 0 ); pKey[i] = lr[0]; pKey[i + 1] = lr[1]; } for ( i = 0; i < slen; i += 2 ) { encipher( lr, 0 ); sKey[i] = lr[0]; sKey[i + 1] = lr[1]; } }
public byte[] getShaPassword(final String clearPassword) { return PasswordUtil.createStoragePassword(clearPassword.getBytes(), LdapSecurityConstants.HASH_METHOD_SHA); }
/** * Generate a salt for use with the BCrypt.hashpw() method * * @param logRounds the log2 of the number of rounds of * hashing to apply - the work factor therefore increases as * 2**log_rounds. * @return an encoded salt value */ public static String gensalt( int logRounds ) { return genSalt( logRounds, new SecureRandom() ); }
/** * Gets the credentials from a PKCS5S2 hash. * The salt for PKCS5S2 hash is prepended to the password * * @param credentials The password * @param algoLength The length of the algorithm part * @param algorithm The algorithm in use * @return The split credentials, containing the algorithm, the salt and the password */ private static PasswordDetails getPbkdf2Credentials( byte[] credentials, int algoLength, LdapSecurityConstants algorithm ) { // The password is associated with a salt. Decompose it // in two parts, after having decoded the password. // The salt is at the *beginning* of the credentials, and is 16 bytes long // The algorithm, salt, and password will be stored into the PasswordDetails structure. byte[] passwordAndSalt = Base64 .decode( Strings.utf8ToString( credentials, algoLength, credentials.length - algoLength ).toCharArray() ); int saltLength = passwordAndSalt.length - PKCS5S2_LENGTH; byte[] salt = new byte[saltLength]; byte[] password = new byte[PKCS5S2_LENGTH]; split( passwordAndSalt, 0, salt, password ); return new PasswordDetails( algorithm, salt, password ); }
private static PasswordDetails getCryptCredentials( byte[] credentials, int algoLength, LdapSecurityConstants algorithm ) { // The password is associated with a salt. Decompose it // in two parts, no decoding required. // The salt length is dynamic, between the 2nd and 3rd '$'. // The algorithm, salt, and password will be stored into the PasswordDetails structure. // skip {crypt}$x$ int pos = algoLength; while ( pos < credentials.length ) { if ( credentials[pos] == '$' ) { break; } pos++; } byte[] salt = Arrays.copyOfRange( credentials, algoLength, pos ); byte[] password = Arrays.copyOfRange( credentials, pos + 1, credentials.length ); return new PasswordDetails( algorithm, salt, password ); }
/** * Key the Blowfish cipher * @param key an array containing the key */ private void key( byte[] key ) { int i; int[] koffp = { 0 }; int[] lr = { 0, 0 }; int plen = pKey.length; int slen = sKey.length; for ( i = 0; i < plen; i++ ) { pKey[i] = pKey[i] ^ streamToWord( key, koffp ); } for ( i = 0; i < plen; i += 2 ) { encipher( lr, 0 ); pKey[i] = lr[0]; pKey[i + 1] = lr[1]; } for ( i = 0; i < slen; i += 2 ) { encipher( lr, 0 ); sKey[i] = lr[0]; sKey[i + 1] = lr[1]; } }
/** * @see #createStoragePassword(byte[], LdapSecurityConstants) * * @param credentials The password * @param algorithm The algorithm to use * @return The resulting byte[] containing the paswword */ public static byte[] createStoragePassword( String credentials, LdapSecurityConstants algorithm ) { return createStoragePassword( Strings.getBytesUtf8( credentials ), algorithm ); }
/** * Generate a salt for use with the BCrypt.hashpw() method, * selecting a reasonable default for the number of hashing * rounds to apply * @return an encoded salt value */ public static String genSalt() { return gensalt( GENSALT_DEFAULT_LOG2_ROUNDS ); }
/** * Generate a salt for use with the BCrypt.hashpw() method * * @param logRounds the log2 of the number of rounds of * hashing to apply - the work factor therefore increases as * 2**log_rounds. * @return an encoded salt value */ public static String gensalt( int logRounds ) { return genSalt( logRounds, new SecureRandom() ); }
private static PasswordDetails getCryptCredentials( byte[] credentials, int algoLength, LdapSecurityConstants algorithm ) { // The password is associated with a salt. Decompose it // in two parts, no decoding required. // The salt length is dynamic, between the 2nd and 3rd '$'. // The algorithm, salt, and password will be stored into the PasswordDetails structure. // skip {crypt}$x$ int pos = algoLength; while ( pos < credentials.length ) { if ( credentials[pos] == '$' ) { break; } pos++; } byte[] salt = Arrays.copyOfRange( credentials, algoLength, pos ); byte[] password = Arrays.copyOfRange( credentials, pos + 1, credentials.length ); return new PasswordDetails( algorithm, salt, password ); }
/** * Key the Blowfish cipher * @param key an array containing the key */ private void key( byte[] key ) { int i; int[] koffp = { 0 }; int[] lr = { 0, 0 }; int plen = pKey.length; int slen = sKey.length; for ( i = 0; i < plen; i++ ) { pKey[i] = pKey[i] ^ streamToWord( key, koffp ); } for ( i = 0; i < plen; i += 2 ) { encipher( lr, 0 ); pKey[i] = lr[0]; pKey[i + 1] = lr[1]; } for ( i = 0; i < slen; i += 2 ) { encipher( lr, 0 ); sKey[i] = lr[0]; sKey[i + 1] = lr[1]; } }
/** * @see #createStoragePassword(byte[], LdapSecurityConstants) * * @param credentials The password * @param algorithm The algorithm to use * @return The resulting byte[] containing the paswword */ public static byte[] createStoragePassword( String credentials, LdapSecurityConstants algorithm ) { return createStoragePassword( Strings.getBytesUtf8( credentials ), algorithm ); }
/** * Generate a salt for use with the BCrypt.hashpw() method, * selecting a reasonable default for the number of hashing * rounds to apply * @return an encoded salt value */ public static String genSalt() { return gensalt( GENSALT_DEFAULT_LOG2_ROUNDS ); }
/** * Generate a salt for use with the BCrypt.hashpw() method * * @param logRounds the log2 of the number of rounds of * hashing to apply - the work factor therefore increases as * 2**log_rounds. * @return an encoded salt value */ public static String gensalt( int logRounds ) { return genSalt( logRounds, new SecureRandom() ); }
pKey[i] = pKey[i] ^ streamToWord( key, koffp ); lr[0] ^= streamToWord( data, doffp ); lr[1] ^= streamToWord( data, doffp ); encipher( lr, 0 ); pKey[i] = lr[0]; pKey[i + 1] = lr[1]; lr[0] ^= streamToWord( data, doffp ); lr[1] ^= streamToWord( data, doffp ); encipher( lr, 0 ); sKey[i] = lr[0]; sKey[i + 1] = lr[1];
/** * @see #createStoragePassword(byte[], LdapSecurityConstants) * * @param credentials The password * @param algorithm The algorithm to use * @return The resulting byte[] containing the paswword */ public static byte[] createStoragePassword( String credentials, LdapSecurityConstants algorithm ) { return createStoragePassword( Strings.getBytesUtf8( credentials ), algorithm ); }
pKey[i] = pKey[i] ^ streamToWord( key, koffp ); lr[0] ^= streamToWord( data, doffp ); lr[1] ^= streamToWord( data, doffp ); encipher( lr, 0 ); pKey[i] = lr[0]; pKey[i + 1] = lr[1]; lr[0] ^= streamToWord( data, doffp ); lr[1] ^= streamToWord( data, doffp ); encipher( lr, 0 ); sKey[i] = lr[0]; sKey[i + 1] = lr[1];