jomu/shared
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases 7 Activity

added scyrpt support to PasswordUtil

Browse Source
This commit is contained in:
jomu
2014-01-18 17:13:06 +00:00
parent b56501e70d
commit 348999132b
4 changed files with 104 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
pom.xml
View File

@ -13,4 +13,36 @@
<module>util</module> <module>util</module>
<module>jeeutil</module> <module>jeeutil</module>
</modules> </modules>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.10</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.4</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>com.lambdaworks</groupId>
<artifactId>scrypt</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
<type>jar</type>
</dependency>
</dependencies>
</dependencyManagement>
</project> </project>

16
security/pom.xml
View File

@ -26,21 +26,23 @@
<dependencies> <dependencies>
<dependency> <dependency>
<groupId>junit</groupId> <groupId>junit</groupId>
<artifactId>junit</artifactId> <artifactId>junit</artifactId>
<version>4.10</version>
<scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>commons-codec</groupId> <groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId> <artifactId>commons-codec</artifactId>
<version>1.4</version>
<type>jar</type> <type>jar</type>
</dependency> </dependency>
<dependency> <dependency>
<groupId>log4j</groupId> <groupId>log4j</groupId>
<artifactId>log4j</artifactId> <artifactId>log4j</artifactId>
<version>1.2.17</version>
<type>jar</type> <type>jar</type>
</dependency> </dependency>
<dependency>
<groupId>com.lambdaworks</groupId>
<artifactId>scrypt</artifactId>
</dependency>
</dependencies> </dependencies>
</project> </project>

32
security/src/main/java/de/muehlencord/shared/security/PasswordUtil.java
View File

@ -4,6 +4,7 @@
*/ */
package de.muehlencord.shared.security; package de.muehlencord.shared.security;
import com.lambdaworks.crypto.SCryptUtil;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom; import java.security.SecureRandom;
@ -19,6 +20,15 @@ public abstract class PasswordUtil {
/** logging object */ /** logging object */
private final static Logger logger = Logger.getLogger(PasswordUtil.class); private final static Logger logger = Logger.getLogger(PasswordUtil.class);
/** SCrypt CPU cost parameter */
private final static int scryptCpuCostParameter = 16384;
/** SCrypt memory cost parameter */
private final static int scryptMemCostParameter = 8;
/** SCrypt paralelization parameter */
private final static int scryptParallelizationParameter = 1;
/** /**
* returns password (pos 0) and the salt (pos 1) of given plaintext password. Both strings are base64 encoded * returns password (pos 0) and the salt (pos 1) of given plaintext password. Both strings are base64 encoded
@ -210,4 +220,26 @@ public abstract class PasswordUtil {
Base64 decoder = new Base64(); Base64 decoder = new Base64();
return decoder.decode(data.getBytes()); return decoder.decode(data.getBytes());
} }
/**
* returns the crypted parameter string for the given plain text password
*
* @param plainPassword the plain text password to crypt
* @return the crypted password string
*/
public static String getScryptHash(String plainPassword) {
return SCryptUtil.scrypt(plainPassword, scryptCpuCostParameter, scryptMemCostParameter, scryptParallelizationParameter);
}
/**
* returns true, if the given plainPassword re-encrypted matches the given crypted password
*
* @param plainPassword the plain password to validate
* @param hashedPassword the encrypted password to validate against
* @return true, if the encrypted string of the given plain password matches the provided crypted password
*/
public static boolean validateScryptHash(String plainPassword, String hashedPassword) {
return SCryptUtil.check(plainPassword, hashedPassword);
}
} }

52
security/src/test/java/de/muehlencord/shared/security/PasswordUtilTest.java
View File

@ -17,27 +17,7 @@ import static org.junit.Assert.*;
* @author jomu * @author jomu
*/ */
public class PasswordUtilTest { public class PasswordUtilTest {
public PasswordUtilTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/** /**
* Test of createSaltString method, of class PasswordUtil. * Test of createSaltString method, of class PasswordUtil.
*/ */
@ -147,5 +127,35 @@ public class PasswordUtilTest {
assertNotNull(randomString); assertNotNull(randomString);
assertEquals("string length check", 32, randomString.length()); assertEquals("string length check", 32, randomString.length());
} }
/**
* test the hashPassword method
*/
@Test
public void testGetScryptHash() {
String hash1 = PasswordUtil.getScryptHash("secret");
String hash2 = PasswordUtil.getScryptHash("secret");
System.out.println (hash1);
System.out.println (hash2);
assertNotNull (hash1);
assertNotNull (hash2);
// even if password is the same, the has must not be the same due to correct usage of salts
assertFalse (hash1.equals (hash2));
assertTrue (hash1.length() == 79);
assertTrue (hash2.length() == 79);
}
/**
* test for validating passwords
*/
@Test
public void testValidateScryptHash() {
String hash1 = PasswordUtil.getScryptHash("secret");
String hash2 = PasswordUtil.getScryptHash("secret");
assertTrue ("hash must match if correct password is given",PasswordUtil.validateScryptHash("secret", hash1));
assertTrue ("hash must match if correct password is given", PasswordUtil.validateScryptHash("secret", hash2));
assertFalse ("hash must not match if wrong password is given", PasswordUtil.validateScryptHash("secret2", hash1));
}
} }