• Home
• com.squeakysand
• squeakysand-commons
• 0.6.0
• source code
• EncryptionUtility.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.squeakysand.commons.util.EncryptionUtility Maven / Gradle / Ivy

/*
 * Copyright 2010-2012 Craig S. Dickson (http://craigsdickson.com)
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.squeakysand.commons.util;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * This class provide the utility to encrypt the user password before storing it to the database. It
 * also provide function to compare a non-encrypted password string to the encrypted password in
 * byte[] format.
 */
public final class EncryptionUtility {

    private static final Logger LOG = LoggerFactory.getLogger(EncryptionUtility.class);

    /** SecureHashAlgorithm - SHA */
    private static final String ALGORITHM_NAME = "SHA";
    private static final EncryptionUtility INSTANCE = new EncryptionUtility();
    private static final MessageDigest DIGEST_CALCULATOR;

    static {
        try {
            DIGEST_CALCULATOR = MessageDigest.getInstance(ALGORITHM_NAME);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException(e);
        }
    }

    private EncryptionUtility() {
        super();
    }

    /**
     * Returns the encrypted password in byte format.
     * 
     * @param password
     *            the password to encrypt
     * @return encrypted password in byte format
     */
    public byte[] encryptPassword(String password) {
        return getStringDigest(password);
    }

    /**
     * Accessor to the instance of the EncryptionUtility.
     *
     * @return an instance of EncryptionUtility.
     */
    public static EncryptionUtility getInstance() {
        return INSTANCE;
    }

    /**
     * Compare the password in string to the one in encrypted format.
     * 
     * @param password
     *            the source password in string format
     * @param encryptedPassword
     *            the target password in encrypted format
     * @return true if they are equal, false otherwise
     */
    public boolean isSamePassword(String password, byte[] encryptedPassword) {
        byte[] newEncryptedPassword = getStringDigest(password);
        return MessageDigest.isEqual(newEncryptedPassword, encryptedPassword);
    }

    /**
     * The method that actually calculates the digest of a String. Used by both encryptPassword and
     * isSamePassword. Currently uses SecureHashAlgorithm (SHA) as it's digest algorithm to generate
     * a 160 bit secure digest.
     *
     * @param  target the source string
     *
     * @return the encrypted string in byte format
     */
    private byte[] getStringDigest(String target) {
        return DIGEST_CALCULATOR.digest(target.getBytes());
    }
}