useradmin/src/main/java/org/apache/felix/useradmin/impl/CredentialAuthenticatorImpl.java - onos-felix - Gitiles

 /**
  *  Licensed to the Apache Software Foundation (ASF) under one or more
  *  contributor license agreements.  See the NOTICE file distributed with
  *  this work for additional information regarding copyright ownership.
  *  The ASF licenses this file to You under the Apache License, Version 2.0
  *  (the "License"); you may not use this file except in compliance with
  *  the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
 package org.apache.felix.useradmin.impl;

 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;

 import org.apache.felix.useradmin.Base64;
 import org.apache.felix.useradmin.CredentialAuthenticator;
 import org.apache.felix.useradmin.MessageDigester;

 /**
  * <p>
  * This <tt>CredentialAuthenticatorImpl</tt> class is used for
  * authentication of credentials.
  * It provides methods for encrypting credentials.
  * Based on system properties it will choose between Base64 encoding or different
  * algorithm.</p>
  *
  * @see org.apache.felix.useradmin.CredentialAuthenticator
  * @see java.security.MessageDigest
  * @see org.apache.felix.useradmin.Base64
  * @version $Rev$ $Date$
  */
 public class CredentialAuthenticatorImpl implements CredentialAuthenticator
 {
     private static final String DEFAULT_CHARSET = "UTF-8";
     private MessageDigester digester;
     private Base64 base64;
     private SecureRandom secureRandom;
     private static final String SECURE_RANDOM_ALGORITHM = "SHA1PRNG";
     private static final String SECURE_DEFAULT_ALGORITHM = "Base64";
     private static final String SECURE_ALOGRITHM_PROP = "org.apache.felix.useradmin.algorithm";
     private static final String SECURE_RNG_ALOGRITHM_PROP = "org.apache.felix.useradmin.rng.algorithm";
     private static final String CHARSET_PROP = "org.apache.felix.useradmin.charset";
     private String charset;
     private final int DEFAULT_BYTES_LENGTH = 20;
     private boolean useDefaultEncryption = true;

     /**
      * <p>
      * Construct new CredentialAuthenticator.
      * Its reading system properties about algorithm which should be used for encoding,charset,
      * secure random number generator algorithm.
      * Default algorithm is Base64 which could be overridden.</p>
      */
     public CredentialAuthenticatorImpl()
     {
         String algorithm = System.getProperty(SECURE_ALOGRITHM_PROP, SECURE_DEFAULT_ALGORITHM);
         // random number generator algorithm used for generating salts.
         String rngAlorithm = System.getProperty(SECURE_RNG_ALOGRITHM_PROP, SECURE_RANDOM_ALGORITHM);
         this.charset = System.getProperty(CHARSET_PROP, DEFAULT_CHARSET);
         this.base64 = new Base64Impl();
         this.base64.setCharset(charset);
         if (!algorithm.equals(SECURE_DEFAULT_ALGORITHM))
         {
             try
             {
                 this.digester = new MessageDigesterImpl(algorithm, rngAlorithm);
                 this.digester.setCharset(charset);
                 this.secureRandom = SecureRandom.getInstance(SECURE_RANDOM_ALGORITHM);
                 this.secureRandom.setSeed(System.currentTimeMillis());
                 this.useDefaultEncryption = false;
             }
             catch (NoSuchAlgorithmException e)
             {
                 // default encryption will be used
             }
         }
     }

     /**
      * @see org.apache.felix.useradmin.CredentialAuthenticator#encryptCredential(Object)
      */
     public Object encryptCredential(Object credential)
     {
         if (useDefaultEncryption)
         {
             return base64.encrypt(credential);
         }

         byte[] salt = digester.generateSalt(DEFAULT_BYTES_LENGTH);
         byte[] digest = digester.encrypt(credential, salt);
         return base64.encrypt(digest);

     }

     /**
      * @see org.apache.felix.useradmin.CredentialAuthenticator#authenticate(Object, Object)
      */
     public boolean authenticate(Object value, Object encryptedValue)
     {
         if (useDefaultEncryption)
         {
             return base64.verify(value, encryptedValue);
         }
         byte[] digest = base64.decryptToByteArray(encryptedValue);
         return digester.verify(value, digest, DEFAULT_BYTES_LENGTH);
     }

     /**
      * @see org.apache.felix.useradmin.CredentialAuthenticator#getBase64()
      */
     public Base64 getBase64()
     {
         return base64;
     }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.felix.useradmin.impl;

	import java.security.NoSuchAlgorithmException;
	import java.security.SecureRandom;

	import org.apache.felix.useradmin.Base64;
	import org.apache.felix.useradmin.CredentialAuthenticator;
	import org.apache.felix.useradmin.MessageDigester;

	/**
	* <p>
	* This <tt>CredentialAuthenticatorImpl</tt> class is used for
	* authentication of credentials.
	* It provides methods for encrypting credentials.
	* Based on system properties it will choose between Base64 encoding or different
	* algorithm.</p>
	*
	* @see org.apache.felix.useradmin.CredentialAuthenticator
	* @see java.security.MessageDigest
	* @see org.apache.felix.useradmin.Base64
	* @version $Rev$ $Date$
	*/
	public class CredentialAuthenticatorImpl implements CredentialAuthenticator
	{
	private static final String DEFAULT_CHARSET = "UTF-8";
	private MessageDigester digester;
	private Base64 base64;
	private SecureRandom secureRandom;
	private static final String SECURE_RANDOM_ALGORITHM = "SHA1PRNG";
	private static final String SECURE_DEFAULT_ALGORITHM = "Base64";
	private static final String SECURE_ALOGRITHM_PROP = "org.apache.felix.useradmin.algorithm";
	private static final String SECURE_RNG_ALOGRITHM_PROP = "org.apache.felix.useradmin.rng.algorithm";
	private static final String CHARSET_PROP = "org.apache.felix.useradmin.charset";
	private String charset;
	private final int DEFAULT_BYTES_LENGTH = 20;
	private boolean useDefaultEncryption = true;

	/**
	* <p>
	* Construct new CredentialAuthenticator.
	* Its reading system properties about algorithm which should be used for encoding,charset,
	* secure random number generator algorithm.
	* Default algorithm is Base64 which could be overridden.</p>
	*/
	public CredentialAuthenticatorImpl()
	{
	String algorithm = System.getProperty(SECURE_ALOGRITHM_PROP, SECURE_DEFAULT_ALGORITHM);
	// random number generator algorithm used for generating salts.
	String rngAlorithm = System.getProperty(SECURE_RNG_ALOGRITHM_PROP, SECURE_RANDOM_ALGORITHM);
	this.charset = System.getProperty(CHARSET_PROP, DEFAULT_CHARSET);
	this.base64 = new Base64Impl();
	this.base64.setCharset(charset);
	if (!algorithm.equals(SECURE_DEFAULT_ALGORITHM))
	{
	try
	{
	this.digester = new MessageDigesterImpl(algorithm, rngAlorithm);
	this.digester.setCharset(charset);
	this.secureRandom = SecureRandom.getInstance(SECURE_RANDOM_ALGORITHM);
	this.secureRandom.setSeed(System.currentTimeMillis());
	this.useDefaultEncryption = false;
	}
	catch (NoSuchAlgorithmException e)
	{
	// default encryption will be used
	}
	}
	}

	/**
	* @see org.apache.felix.useradmin.CredentialAuthenticator#encryptCredential(Object)
	*/
	public Object encryptCredential(Object credential)
	{
	if (useDefaultEncryption)
	{
	return base64.encrypt(credential);
	}

	byte[] salt = digester.generateSalt(DEFAULT_BYTES_LENGTH);
	byte[] digest = digester.encrypt(credential, salt);
	return base64.encrypt(digest);

	}

	/**
	* @see org.apache.felix.useradmin.CredentialAuthenticator#authenticate(Object, Object)
	*/
	public boolean authenticate(Object value, Object encryptedValue)
	{
	if (useDefaultEncryption)
	{
	return base64.verify(value, encryptedValue);
	}
	byte[] digest = base64.decryptToByteArray(encryptedValue);
	return digester.verify(value, digest, DEFAULT_BYTES_LENGTH);
	}

	/**
	* @see org.apache.felix.useradmin.CredentialAuthenticator#getBase64()
	*/
	public Base64 getBase64()
	{
	return base64;
	}
	}