db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kahat...@apache.org
Subject svn commit: r926520 - in /db/derby/code/trunk/java/engine/org/apache/derby: iapi/util/StringUtil.java impl/jdbc/authentication/AuthenticationServiceBase.java
Date Tue, 23 Mar 2010 10:34:56 GMT
Author: kahatlen
Date: Tue Mar 23 10:34:55 2010
New Revision: 926520

URL: http://svn.apache.org/viewvc?rev=926520&view=rev
Log:
DERBY-4483: Make toHexByte() private to discourage its use in new code

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/util/StringUtil.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/AuthenticationServiceBase.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/util/StringUtil.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/util/StringUtil.java?rev=926520&r1=926519&r2=926520&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/util/StringUtil.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/util/StringUtil.java Tue Mar 23
10:34:55 2010
@@ -227,39 +227,6 @@ public class StringUtil 
 		return s.toString();
 	}
 
-    /**
-
-        Convert a string into a byte array in hex format.
-        <BR>
-        For each character (b) two bytes are generated, the first byte 
-        represents the high nibble (4 bits) in hexidecimal (<code>b & 0xf0</code>),
-        the second byte represents the low nibble (<code>b & 0x0f</code>).
-        <BR>
-        The character at <code>str.charAt(0)</code> is represented by the first
two bytes 
-        in the returned String.
-
-        @param	str string 
-        @param	offset	starting character (zero based) to convert.
-        @param	length	number of characters to convert.
-
-        @return the byte[]  (with hexidecimal format) form of the string (str) 
-    */
-    public static byte[] toHexByte(String str, int offset, int length)
-    {
-        byte[] data = new byte[(length - offset) * 2];
-        int end = offset+length;
-
-        for (int i = offset; i < end; i++)
-        {
-            char ch = str.charAt(i);
-            int high_nibble = (ch & 0xf0) >>> 4;
-            int low_nibble = (ch & 0x0f);
-            data[i] = (byte)high_nibble;
-            data[i+1] = (byte)low_nibble;
-        }
-        return data;
-    }
-		
 	/**
 		Convert a hexidecimal string generated by toHexString() back
 		into a byte array.

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/AuthenticationServiceBase.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/AuthenticationServiceBase.java?rev=926520&r1=926519&r2=926520&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/AuthenticationServiceBase.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/AuthenticationServiceBase.java
Tue Mar 23 10:34:55 2010
@@ -468,8 +468,7 @@ public abstract class AuthenticationServ
 
 		algorithm.reset();
 		byte[] bytePasswd = null;
-        bytePasswd = StringUtil.toHexByte(
-                plainTxtUserPassword,0,plainTxtUserPassword.length());
+        bytePasswd = toHexByte(plainTxtUserPassword);
 		algorithm.update(bytePasswd);
 		byte[] encryptVal = algorithm.digest();
         String hexString = ID_PATTERN_SHA1_SCHEME +
@@ -480,6 +479,47 @@ public abstract class AuthenticationServ
 
     /**
      * <p>
+     * Convert a string into a byte array in hex format.
+     * </p>
+     *
+     * <p>
+     * For each character (b) two bytes are generated, the first byte
+     * represents the high nibble (4 bits) in hexadecimal ({@code b & 0xf0}),
+     * the second byte represents the low nibble ({@code b & 0x0f}).
+     * </p>
+     *
+     * <p>
+     * The character at {@code str.charAt(0)} is represented by the first two
+     * bytes in the returned String.
+     * </p>
+     *
+     * <p>
+     * New code is encouraged to use {@code String.getBytes(String)} or similar
+     * methods instead, since this method does not preserve all bits for
+     * characters whose codepoint exceeds 8 bits. This method is preserved for
+     * compatibility with the SHA-1 authentication scheme.
+     * </p>
+     *
+     * @param str string
+     * @return the byte[] (with hexadecimal format) form of the string (str)
+     */
+    private static byte[] toHexByte(String str)
+    {
+        byte[] data = new byte[str.length() * 2];
+
+        for (int i = 0; i < str.length(); i++)
+        {
+            char ch = str.charAt(i);
+            int high_nibble = (ch & 0xf0) >>> 4;
+            int low_nibble = (ch & 0x0f);
+            data[i] = (byte)high_nibble;
+            data[i+1] = (byte)low_nibble;
+        }
+        return data;
+    }
+
+    /**
+     * <p>
      * Encrypt a password using the specified hash algorithm and with the
      * user name as extra salt. The algorithm must be supported by one of
      * the registered security providers in the JVM.
@@ -671,7 +711,7 @@ public abstract class AuthenticationServ
         messageDigest.reset();
 
         byte[] bytePasswd = null;
-        byte[] userBytes = StringUtil.toHexByte(userName, 0, userName.length());
+        byte[] userBytes = toHexByte(userName);
 
         if (SanityManager.DEBUG)
         {
@@ -699,7 +739,7 @@ public abstract class AuthenticationServ
         // substitute generation right afterwards.
         if (!databaseUser)
         {
-            bytePasswd = StringUtil.toHexByte(password, 0, password.length());
+            bytePasswd = toHexByte(password);
             messageDigest.update(bytePasswd);
             byte[] encryptVal = messageDigest.digest();
             hexString = ID_PATTERN_SHA1_SCHEME +
@@ -722,8 +762,7 @@ public abstract class AuthenticationServ
 
         // Generate some 20-byte password token
         messageDigest.update(userBytes);
-        messageDigest.update(
-                StringUtil.toHexByte(hexString, 0, hexString.length()));
+        messageDigest.update(toHexByte(hexString));
         byte[] passwordToken = messageDigest.digest();
         
         // Now we generate the 20-byte password substitute



Mime
View raw message