jomu/shared
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases 7 Activity

added getRandomgString method

Browse Source
This commit is contained in:
jomu
2013-03-03 22:12:46 +00:00
parent 75d060ec24
commit e0d47d1251
3 changed files with 74 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
security/pom.xml
View File

@ -36,5 +36,11 @@
<version>1.4</version> <version>1.4</version>
<type>jar</type> <type>jar</type>
</dependency> </dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
<type>jar</type>
</dependency>
</dependencies> </dependencies>
</project> </project>

35
security/src/main/java/de/muehlencord/shared/security/PasswordUtil.java
View File

@ -9,6 +9,7 @@ import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom; import java.security.SecureRandom;
import java.util.Arrays; import java.util.Arrays;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
/** /**
* *
@ -16,6 +17,9 @@ import org.apache.commons.codec.binary.Base64;
*/ */
public abstract class PasswordUtil { public abstract class PasswordUtil {
/** logging object */
private final static Logger logger = Logger.getLogger(PasswordUtil.class);
/** /**
* returns password (pos 0) and the salt (pos 1) of given plaintext password. Both strings are base64 encoded * returns password (pos 0) and the salt (pos 1) of given plaintext password. Both strings are base64 encoded
* *
@ -73,8 +77,30 @@ public abstract class PasswordUtil {
* @throws SecurityException if the creation of the salt fails * @throws SecurityException if the creation of the salt fails
*/ */
public static String createSaltString(int saltLength) throws SecurityException { public static String createSaltString(int saltLength) throws SecurityException {
byte[] salt = createSalt(saltLength); byte[] saltByteArray = createSalt(saltLength);
return base64Encode(salt); String saltString = base64Encode(saltByteArray);
if (saltString.length() > saltLength) {
return saltString.substring(0, saltLength);
} else {
return saltString;
}
}
/** returns a random string with total length starting with prefix string
*
* @param prefix the prefix to start the string with
* @param length the maximum length of the string (including prefix)
* @return a random string
*
* @throws SecurityException if the random string could not be computed
*/
public static String getRandomString(String prefix, int length) throws SecurityException {
if (prefix == null) {
prefix = "";
}
int idLength = length - prefix.length();
return prefix + createSaltString(idLength);
} }
@ -90,6 +116,7 @@ public abstract class PasswordUtil {
private static byte[] createSalt(int saltLength) throws SecurityException { private static byte[] createSalt(int saltLength) throws SecurityException {
try { try {
SecureRandom sha1SecureRandom = SecureRandom.getInstance("SHA1PRNG"); SecureRandom sha1SecureRandom = SecureRandom.getInstance("SHA1PRNG");
byte salt[] = new byte[saltLength]; byte salt[] = new byte[saltLength];
synchronized (sha1SecureRandom) { synchronized (sha1SecureRandom) {
sha1SecureRandom.nextBytes(salt); sha1SecureRandom.nextBytes(salt);
@ -102,10 +129,12 @@ public abstract class PasswordUtil {
/** /**
* hashes the given password (md5 hashed, base64 coded) with the given salt * hashes the given password (md5 hashed, base64 coded) with the given salt
*
* @param text the text to salt * @param text the text to salt
* @param salt the salt to use * @param salt the salt to use
* @return the input text salted with password * @return the input text salted with password
* @throws SecurityException *
* @throws SecurityException
*/ */
private static byte[] hashPasswordWithSalt(byte text[], byte salt[]) throws SecurityException { private static byte[] hashPasswordWithSalt(byte text[], byte salt[]) throws SecurityException {
try { try {

36
security/src/test/java/de/muehlencord/shared/security/PasswordUtilTest.java
View File

@ -111,5 +111,41 @@ public class PasswordUtilTest {
result = PasswordUtil.checkPassword(plainTextPassword, cryptedPassword, salt3); result = PasswordUtil.checkPassword(plainTextPassword, cryptedPassword, salt3);
assertEquals(expResult, result); assertEquals(expResult, result);
} }
@Test
public void getRandomString() throws SecurityException {
System.out.println ("getRandomString");
String randomString = PasswordUtil.getRandomString("test-", 32);
System.out.println(randomString);
assertNotNull(randomString);
assertTrue("string must start with prefix", randomString.startsWith("test"));
assertEquals("string length check", 32, randomString.length());
String randomString2 = PasswordUtil.getRandomString("test-", 32);
System.out.println(randomString2);
assertNotNull(randomString2);
assertTrue("string must start with prefix", randomString2.startsWith("test"));
assertEquals("string length check", 32, randomString2.length());
assertNotSame(randomString, randomString2);
}
@Test
public void getRandomStringBlankPrefix() throws SecurityException {
System.out.println ("getRandomStringBlankPrefix");
String randomString = PasswordUtil.getRandomString("", 32);
System.out.println(randomString);
assertNotNull(randomString);
assertEquals("string length check", 32, randomString.length());
}
@Test
public void getRandomStringNullPrefix() throws SecurityException {
System.out.println ("getRandomStringNullPrefix");
String randomString = PasswordUtil.getRandomString(null, 32);
System.out.println(randomString);
assertNotNull(randomString);
assertEquals("string length check", 32, randomString.length());
}
} }