00001
00026 package org.objectweb.jonas.security.realm.lib;
00027
00028 import java.security.MessageDigest;
00029 import java.security.NoSuchAlgorithmException;
00030
00038 public class HashHelper {
00039
00043 private static final int HEX_CONSTANT = 0xFF;
00044
00048 private static final String[] ALGORITHM = {"MD5", "MD2", "SHA-1", "SHA"};
00049
00053 private static final String[] SEPARATOR_ALGORITHM = {"MD5:", "MD2:", "SHA-1:", "SHA:"};
00054
00058 private static final String[] SEPARATOR_ALGORITHM_BIS = {"{MD5}", "{MD2}", "{SHA-1}", "{SHA}"};
00059
00063 public static final String DEFAULT_ALGO = "MD5";
00064
00068 private HashHelper() {
00069 }
00070
00078 private static boolean isAValidAlgorithm(String algo) {
00079 for (int i = 0; i < ALGORITHM.length; i++) {
00080 if (algo.equalsIgnoreCase(ALGORITHM[i])) {
00081 return true;
00082 }
00083 }
00084 return false;
00085 }
00086
00093 public static HashPassword getHashPassword(String password) {
00094 String pass = null;
00095 String algo = null;
00096
00097 for (int i = 0; i < ALGORITHM.length; i++) {
00098 if (password.toUpperCase().startsWith(SEPARATOR_ALGORITHM[i])) {
00099 pass = password.substring(SEPARATOR_ALGORITHM[i].length());
00100 algo = password.substring(0, SEPARATOR_ALGORITHM[i].length() - 1);
00101 return new HashPassword(pass, algo);
00102 }
00103 if (password.toUpperCase().startsWith(SEPARATOR_ALGORITHM_BIS[i])) {
00104 pass = password.substring(SEPARATOR_ALGORITHM_BIS[i].length());
00105 algo = password.substring(1, SEPARATOR_ALGORITHM_BIS[i].length() - 1);
00106 return new HashPassword(pass, algo);
00107 }
00108 }
00109
00110
00111 return new HashPassword(password, null);
00112 }
00113
00121 public static char[] hexDump(byte[] src) {
00122 char[] buf = new char[src.length * 2];
00123
00124 for (int b = 0; b < src.length; b++) {
00125 String byt = Integer.toHexString(src[b] & HEX_CONSTANT);
00126
00127 if (byt.length() < 2) {
00128 buf[b * 2 + 0] = '0';
00129 buf[b * 2 + 1] = byt.charAt(0);
00130 } else {
00131 buf[b * 2 + 0] = byt.charAt(0);
00132 buf[b * 2 + 1] = byt.charAt(1);
00133 }
00134 }
00135 return buf;
00136 }
00137
00144 public static void smudge(char[] pwd) {
00145 if (pwd != null) {
00146 for (int b = 0; b < pwd.length; b++) {
00147 pwd[b] = 0;
00148 }
00149 }
00150 }
00151
00156 public static void smudge(byte[] pwd) {
00157 if (pwd != null) {
00158 for (int b = 0; b < pwd.length; b++) {
00159 pwd[b] = 0;
00160 }
00161 }
00162 }
00163
00172 public static String hashPassword(char[] pwd) throws NoSuchAlgorithmException {
00173 return hashPassword(pwd, DEFAULT_ALGO);
00174 }
00175
00186 public static String hashPassword(char[] pwd, String algo) throws NoSuchAlgorithmException {
00187
00188 if (!isAValidAlgorithm(algo)) {
00189 throw new NoSuchAlgorithmException("Your algorithm isn't valid or not yet supported.");
00190 }
00191 MessageDigest md = MessageDigest.getInstance(algo);
00192 md.reset();
00193
00194 byte[] pwdb = new byte[pwd.length];
00195 byte[] crypt = null;
00196 for (int b = 0; b < pwd.length; b++) {
00197 pwdb[b] = (byte) pwd[b];
00198 }
00199 crypt = md.digest(pwdb);
00200 smudge(pwdb);
00201 return new String(Base64.encode(crypt));
00202 }
00203
00214 public static String hashPassword(String string, String algo) throws NoSuchAlgorithmException {
00215 return hashPassword(string.toCharArray(), algo);
00216 }
00217 }
