com.aoindustries.aoserv.client.pki.HashedPassword Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aoserv-client Show documentation
Show all versions of aoserv-client Show documentation
Java client for the AOServ Platform.
/*
* aoserv-client - Java client for the AOServ Platform.
* Copyright (C) 2010-2013, 2016, 2017, 2018, 2019, 2020 AO Industries, Inc.
* [email protected]
* 7262 Bull Pen Cir
* Mobile, AL 36695
*
* This file is part of aoserv-client.
*
* aoserv-client is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* aoserv-client is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with aoserv-client. If not, see .
*/
// TODO: Rename schema and package from "pki" to "crypto" since how contains more than just PKI.
package com.aoindustries.aoserv.client.pki;
import static com.aoindustries.aoserv.client.pki.ApplicationResources.accessor;
import com.aoindustries.dto.DtoFactory;
import com.aoindustries.exception.WrappedException;
import com.aoindustries.util.Base64Coder;
import com.aoindustries.validation.InvalidResult;
import com.aoindustries.validation.ValidResult;
import com.aoindustries.validation.ValidationException;
import com.aoindustries.validation.ValidationResult;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.io.ObjectInputValidation;
import java.io.Serializable;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* Represents a hashed password. May be any of:
*
* - Must not be null
* - * - will not match anything
* - Result of SHA1 hash (preferred) - 28 characters
* - Result of crypt (deprecated) - 13 characters
*
*
* @author AO Industries, Inc.
*/
final public class HashedPassword implements
Comparable,
Serializable,
ObjectInputValidation,
DtoFactory
{
private static final long serialVersionUID = 6198625525641344394L;
/**
* Indicates that no password is set.
*/
public static final String NO_PASSWORD = "*";
public static ValidationResult validate(String hashedPassword) {
// May be null
if(hashedPassword==null) return new InvalidResult(accessor, "HashedPassword.validate.isNull");
// Be non-empty
int len = hashedPassword.length();
if(len==0) return new InvalidResult(accessor, "HashedPassword.validate.empty");
// May be *
if(!NO_PASSWORD.equals(hashedPassword)) {
// SHA1
if(len!=28) {
// Crypt
if(len!=13) {
return new InvalidResult(accessor, "HashedPassword.validate.wrongLength");
}
}
}
return ValidResult.getInstance();
}
/**
* Performs a one-way hash of the plaintext value using SHA-1.
*
* @exception WrappedException if any problem occurs.
*/
public static String hash(String plaintext) throws WrappedException {
try {
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(plaintext.getBytes(StandardCharsets.UTF_8));
return new String(Base64Coder.encode(md.digest()));
} catch(NoSuchAlgorithmException err) {
throw new WrappedException(err);
}
}
/**
* @param hashedPassword when {@code null}, returns {@code null}
*/
public static HashedPassword valueOf(String hashedPassword) throws ValidationException {
if(hashedPassword == null) return null;
return new HashedPassword(hashedPassword);
}
final private String hashedPassword;
private HashedPassword(String hashedPassword) throws ValidationException {
this.hashedPassword = hashedPassword;
validate();
}
private void validate() throws ValidationException {
ValidationResult result = validate(hashedPassword);
if(!result.isValid()) throw new ValidationException(result);
}
/**
* Perform same validation as constructor on readObject.
*/
private void readObject(ObjectInputStream ois) throws ClassNotFoundException, IOException {
ois.defaultReadObject();
validateObject();
}
@Override
public void validateObject() throws InvalidObjectException {
try {
validate();
} catch(ValidationException err) {
InvalidObjectException newErr = new InvalidObjectException(err.getMessage());
newErr.initCause(err);
throw newErr;
}
}
@Override
public boolean equals(Object O) {
return
(O instanceof HashedPassword)
&& hashedPassword.equals(((HashedPassword)O).hashedPassword)
;
}
@Override
public int hashCode() {
return hashedPassword.hashCode();
}
@Override
public int compareTo(HashedPassword other) {
return this==other ? 0 : hashedPassword.compareTo(other.hashedPassword);
}
@Override
public String toString() {
return hashedPassword;
}
@Override
public com.aoindustries.aoserv.client.dto.HashedPassword getDto() {
return new com.aoindustries.aoserv.client.dto.HashedPassword(hashedPassword);
}
@SuppressWarnings("deprecation")
public boolean passwordMatches(String plaintext) {
if(hashedPassword.length()==28) return hash(plaintext).equals(hashedPassword);
if(hashedPassword.length()==13) return com.aoindustries.util.UnixCrypt.crypt(plaintext, hashedPassword.substring(0,2)).equals(hashedPassword);
return false;
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy