Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 54573 invoked from network); 22 Oct 2010 22:21:00 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 22 Oct 2010 22:21:00 -0000 Received: (qmail 59204 invoked by uid 500); 22 Oct 2010 22:21:00 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 59169 invoked by uid 500); 22 Oct 2010 22:21:00 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 59162 invoked by uid 99); 22 Oct 2010 22:21:00 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 22 Oct 2010 22:21:00 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 22 Oct 2010 22:20:56 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 0EC492388978; Fri, 22 Oct 2010 22:19:58 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1026513 - in /directory: apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/ shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/constants/ Date: Fri, 22 Oct 2010 22:19:57 -0000 To: commits@directory.apache.org From: kayyagari@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101022221958.0EC492388978@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: kayyagari Date: Fri Oct 22 22:19:57 2010 New Revision: 1026513 URL: http://svn.apache.org/viewvc?rev=1026513&view=rev Log: o moved reusable code from SimpleAuthenticator to PasswordUtil class and EncryptionMethod class to a new public class o added support for SHA-2 group of algorithms(SHA-256,384 and 512 including the slated versions) Added: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/EncryptionMethod.java Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/PasswordUtil.java directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/constants/LdapSecurityConstants.java Added: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/EncryptionMethod.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/EncryptionMethod.java?rev=1026513&view=auto ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/EncryptionMethod.java (added) +++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/EncryptionMethod.java Fri Oct 22 22:19:57 2010 @@ -0,0 +1,92 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +package org.apache.directory.server.core.authn; + + +import org.apache.directory.shared.ldap.constants.LdapSecurityConstants; +import org.apache.directory.shared.ldap.util.StringTools; + + +/** + * A class to store all informations about the existing + * password found in the cache or get from the backend. + * + * This is necessary as we have to compute : + * - the used algorithm + * - the salt if any + * - the password itself. + * + * If we have a on-way encrypted password, it is stored using this + * format : + * {} + * where the encrypted password format can be : + * - MD5/SHA : base64() + * - SMD5/SSH : base64() + * - crypt : + * + * Algorithm are currently MD5, SMD5, SHA, SSHA, SHA2, SSHA-2 (except SHA-224), CRYPT and empty + * @author Apache Directory Project + */ +public class EncryptionMethod +{ + private byte[] salt; + private LdapSecurityConstants algorithm; + + + /** package protected */EncryptionMethod( LdapSecurityConstants algorithm, byte[] salt ) + { + this.algorithm = algorithm; + this.salt = salt; + } + + + public LdapSecurityConstants getAlgorithm() + { + return algorithm; + } + + + public byte[] getSalt() + { + return salt; + } + + + /** package protected */ void setSalt( byte[] salt ) + { + // just to make this class immutable, though we have a setter + if ( this.salt != null ) + { + throw new IllegalStateException( "salt will only be allowed to set once" ); + } + + this.salt = salt; + } + + + @Override + public String toString() + { + return "EncryptionMethod [algorithm=" + algorithm.getName().toUpperCase() + ", salt=" + StringTools.dumpBytes( salt ) + "]"; + } + + +} Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/PasswordUtil.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/PasswordUtil.java?rev=1026513&r1=1026512&r2=1026513&view=diff ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/PasswordUtil.java (original) +++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/PasswordUtil.java Fri Oct 22 22:19:57 2010 @@ -21,10 +21,12 @@ package org.apache.directory.server.core.authn; +import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.ArrayList; +import java.util.Arrays; import java.util.Date; import java.util.Iterator; import java.util.List; @@ -32,10 +34,12 @@ import java.util.List; import org.apache.directory.shared.ldap.constants.LdapSecurityConstants; import org.apache.directory.shared.ldap.entry.EntryAttribute; import org.apache.directory.shared.ldap.entry.Value; +import org.apache.directory.shared.ldap.util.Base64; import org.apache.directory.shared.ldap.util.DateUtils; import org.apache.directory.shared.ldap.util.StringTools; import org.apache.directory.shared.ldap.util.UnixCrypt; + /** * A utility class containing methods related to processing passwords. * @@ -43,6 +47,23 @@ import org.apache.directory.shared.ldap. */ public class PasswordUtil { + + /** The SHA1 hash length */ + public static final int SHA1_LENGTH = 20; + + /** The SHA256 hash length */ + public static final int SHA256_LENGTH = 32; + + /** The SHA384 hash length */ + public static final int SHA384_LENGTH = 48; + + /** The SHA512 hash length */ + public static final int SHA512_LENGTH = 64; + + /** The MD5 hash length */ + public static final int MD5_LENGTH = 16; + + /** * Get the algorithm from the stored password. * It can be found on the beginning of the stored password, between @@ -97,7 +118,61 @@ public class PasswordUtil } } - + + public static byte[] createStoragePassword( String credentials, LdapSecurityConstants algorithm ) + { + byte[] salt; + + switch( algorithm ) + { + case HASH_METHOD_SSHA: + case HASH_METHOD_SSHA256: + case HASH_METHOD_SSHA384: + case HASH_METHOD_SSHA512: + case HASH_METHOD_SMD5: + salt = new byte[8]; // we use 8 byte salt always except for "crypt" which needs 2 byte salt + new SecureRandom().nextBytes( salt ); + break; + + case HASH_METHOD_CRYPT: + salt = null; // we calculate this salt in encryptPassword() method + + default: + salt = null; + } + + byte[] hashedPassword = encryptPassword( StringTools.getBytesUtf8( credentials ), algorithm, salt ); + StringBuffer sb = new StringBuffer(); + + if ( algorithm != null ) + { + sb.append( '{' ).append( algorithm.getName().toUpperCase() ).append( '}' ); + + if ( algorithm == LdapSecurityConstants.HASH_METHOD_CRYPT ) + { + sb.append( StringTools.utf8ToString( salt ) ); + sb.append( StringTools.utf8ToString( hashedPassword ) ); + } + else if ( salt != null ) + { + byte[] hashedPasswordWithSaltBytes = new byte[hashedPassword.length + salt.length]; + merge( hashedPasswordWithSaltBytes, hashedPassword, salt ); + sb.append( String.valueOf( Base64.encode( hashedPasswordWithSaltBytes ) ) ); + } + else + { + sb.append( String.valueOf( Base64.encode( hashedPassword ) ) ); + } + } + else + { + sb.append( StringTools.utf8ToString( hashedPassword ) ); + } + + return StringTools.getBytesUtf8( sb.toString() ); + } + + /** * encrypts the given credentials based on the algorithm name and optional salt * @@ -115,8 +190,17 @@ public class PasswordUtil return digest( LdapSecurityConstants.HASH_METHOD_SHA, credentials, salt ); case HASH_METHOD_SHA256: + case HASH_METHOD_SSHA256: return digest( LdapSecurityConstants.HASH_METHOD_SHA256, credentials, salt ); - + + case HASH_METHOD_SHA384: + case HASH_METHOD_SSHA384: + return digest( LdapSecurityConstants.HASH_METHOD_SHA384, credentials, salt ); + + case HASH_METHOD_SHA512: + case HASH_METHOD_SSHA512: + return digest( LdapSecurityConstants.HASH_METHOD_SHA512, credentials, salt ); + case HASH_METHOD_MD5: case HASH_METHOD_SMD5: return digest( LdapSecurityConstants.HASH_METHOD_MD5, credentials, salt ); @@ -179,7 +263,143 @@ public class PasswordUtil } } - + + /** + * Decompose the stored password in an algorithm, an eventual salt + * and the password itself. + * + * If the algorithm is SHA, SSHA, MD5 or SMD5, the part following the algorithm + * is base64 encoded + * + * @param encryptionMethod The structure to feed + * @return The password + * @param credentials the credentials to split + */ + public static byte[] splitCredentials( byte[] credentials, EncryptionMethod encryptionMethod ) + { + int algoLength = encryptionMethod.getAlgorithm().getName().length() + 2; + + int hashLen = 0; + + switch ( encryptionMethod.getAlgorithm() ) + { + case HASH_METHOD_MD5: + case HASH_METHOD_SHA: + try + { + // We just have the password just after the algorithm, base64 encoded. + // Just decode the password and return it. + return Base64 + .decode( new String( credentials, algoLength, credentials.length - algoLength, "UTF-8" ) + .toCharArray() ); + } + catch ( UnsupportedEncodingException uee ) + { + // do nothing + return credentials; + } + + case HASH_METHOD_SMD5: + try + { + // The password is associated with a salt. Decompose it + // in two parts, after having decoded the password. + // The salt will be stored into the EncryptionMethod structure + // The salt is at the end of the credentials, and is 8 bytes long + byte[] passwordAndSalt = Base64.decode( new String( credentials, algoLength, credentials.length + - algoLength, "UTF-8" ).toCharArray() ); + + int saltLength = passwordAndSalt.length - MD5_LENGTH; + encryptionMethod.setSalt( new byte[saltLength] ); + byte[] password = new byte[MD5_LENGTH]; + split( passwordAndSalt, 0, password, encryptionMethod.getSalt() ); + + return password; + } + catch ( UnsupportedEncodingException uee ) + { + // do nothing + return credentials; + } + + case HASH_METHOD_SSHA: + hashLen = SHA1_LENGTH; + + case HASH_METHOD_SHA256: + case HASH_METHOD_SSHA256: + if ( hashLen == 0 ) + { + hashLen = SHA256_LENGTH; + } + + case HASH_METHOD_SHA384: + case HASH_METHOD_SSHA384: + if ( hashLen == 0 ) + { + hashLen = SHA384_LENGTH; + } + + case HASH_METHOD_SHA512: + case HASH_METHOD_SSHA512: + if ( hashLen == 0 ) + { + hashLen = SHA512_LENGTH; + } + + try + { + // The password is associated with a salt. Decompose it + // in two parts, after having decoded the password. + // The salt will be stored into the EncryptionMethod structure + // The salt is at the end of the credentials, and is 8 bytes long + byte[] passwordAndSalt = Base64.decode( new String( credentials, algoLength, credentials.length + - algoLength, "UTF-8" ).toCharArray() ); + + int saltLength = passwordAndSalt.length - hashLen; + encryptionMethod.setSalt( new byte[saltLength] ); + byte[] password = new byte[hashLen]; + split( passwordAndSalt, 0, password, encryptionMethod.getSalt() ); + + return password; + } + catch ( UnsupportedEncodingException uee ) + { + // do nothing + return credentials; + } + + case HASH_METHOD_CRYPT: + // The password is associated with a salt. Decompose it + // in two parts, storing the salt into the EncryptionMethod structure. + // The salt comes first, not like for SSHA and SMD5, and is 2 bytes long + encryptionMethod.setSalt( new byte[2] ); + byte[] password = new byte[credentials.length - encryptionMethod.getSalt().length - algoLength]; + split( credentials, algoLength, encryptionMethod.getSalt(), password ); + + return password; + + default: + // unknown method + return credentials; + + } + } + + + private static void split( byte[] all, int offset, byte[] left, byte[] right ) + { + System.arraycopy( all, offset, left, 0, left.length ); + System.arraycopy( all, offset + left.length, right, 0, right.length ); + } + + + private static void merge( byte[] all, byte[] left, byte[] right ) + { + System.arraycopy( left, 0, all, 0, left.length ); + System.arraycopy( right, 0, all, left.length, right.length ); + } + + /** * checks if the given password's change time is older than the max age * @@ -193,21 +413,21 @@ public class PasswordUtil long time = pwdMaxAgeSec * 1000; time += pwdChangeDate.getTime(); - + Date expiryDate = new Date( time ); Date now = new Date(); - + boolean expired = false; - - if( expiryDate.equals( now ) || expiryDate.after( now ) ) + + if ( expiryDate.equals( now ) || expiryDate.after( now ) ) { - expired = true; + expired = true; } - + return expired; } - - + + /** * purges failure timestamps which are older than the configured interval * (section 7.6 in the draft) @@ -216,34 +436,33 @@ public class PasswordUtil { long interval = config.getPwdFailureCountInterval(); - if( interval == 0 ) + if ( interval == 0 ) { return; } - + Iterator> itr = pwdFailTimeAt.getAll(); interval *= 1000; - + long currentTime = System.currentTimeMillis(); List> valList = new ArrayList>(); - - while( itr.hasNext() ) + + while ( itr.hasNext() ) { Value val = itr.next(); String failureTime = val.getString(); long time = DateUtils.getDate( failureTime ).getTime(); time += interval; - - if( currentTime > time ) + + if ( currentTime > time ) { valList.add( val ); } } - - for( Value val : valList ) + + for ( Value val : valList ) { pwdFailTimeAt.remove( val ); } } - } Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java?rev=1026513&r1=1026512&r2=1026513&view=diff ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java (original) +++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java Fri Oct 22 22:19:57 2010 @@ -20,7 +20,6 @@ package org.apache.directory.server.core.authn; -import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Arrays; @@ -78,12 +77,6 @@ public class SimpleAuthenticator extends /** A speedup for logger in debug mode */ private static final boolean IS_DEBUG = LOG.isDebugEnabled(); - /** The SHA1 hash length */ - private static final int SHA1_LENGTH = 20; - - /** The MD5 hash length */ - private static final int MD5_LENGTH = 16; - /** * A cache to store passwords. It's a speedup, we will be able to avoid backend lookups. * @@ -152,37 +145,6 @@ public class SimpleAuthenticator extends credentialCache = new LRUMap( cacheSize > 0 ? cacheSize : DEFAULT_CACHE_SIZE ); } - /** - * A private class to store all informations about the existing - * password found in the cache or get from the backend. - * - * This is necessary as we have to compute : - * - the used algorithm - * - the salt if any - * - the password itself. - * - * If we have a on-way encrypted password, it is stored using this - * format : - * {} - * where the encrypted password format can be : - * - MD5/SHA : base64([]) - * - crypt : - * - * Algorithm are currently MD5, SMD5, SHA, SSHA, CRYPT and empty - */ - private class EncryptionMethod - { - private byte[] salt; - private LdapSecurityConstants algorithm; - - - private EncryptionMethod( LdapSecurityConstants algorithm, byte[] salt ) - { - this.algorithm = algorithm; - this.salt = salt; - } - } - /** * Get the password either from cache or from backend. @@ -305,11 +267,11 @@ public class SimpleAuthenticator extends // and the salt, if any. // But we should also get the algorithm and salt to // be able to encrypt the submitted user password in the next step - byte[] encryptedStored = splitCredentials( storedPassword, encryptionMethod ); + byte[] encryptedStored = PasswordUtil.splitCredentials( storedPassword, encryptionMethod ); // Reuse the saltedPassword informations to construct the encrypted // password given by the user. - byte[] userPassword = PasswordUtil.encryptPassword( credentials, encryptionMethod.algorithm, encryptionMethod.salt ); + byte[] userPassword = PasswordUtil.encryptPassword( credentials, encryptionMethod.getAlgorithm(), encryptionMethod.getSalt() ); // Now, compare the two passwords. if ( Arrays.equals( userPassword, encryptedStored ) ) @@ -353,111 +315,6 @@ public class SimpleAuthenticator extends } - private static void split( byte[] all, int offset, byte[] left, byte[] right ) - { - System.arraycopy( all, offset, left, 0, left.length ); - System.arraycopy( all, offset + left.length, right, 0, right.length ); - } - - - /** - * Decompose the stored password in an algorithm, an eventual salt - * and the password itself. - * - * If the algorithm is SHA, SSHA, MD5 or SMD5, the part following the algorithm - * is base64 encoded - * - * @param encryptionMethod The structure to feed - * @return The password - * @param credentials the credentials to split - */ - private byte[] splitCredentials( byte[] credentials, EncryptionMethod encryptionMethod ) - { - int algoLength = encryptionMethod.algorithm.getName().length() + 2; - - switch ( encryptionMethod.algorithm ) - { - case HASH_METHOD_MD5: - case HASH_METHOD_SHA: - case HASH_METHOD_SHA256: - try - { - // We just have the password just after the algorithm, base64 encoded. - // Just decode the password and return it. - return Base64 - .decode( new String( credentials, algoLength, credentials.length - algoLength, "UTF-8" ) - .toCharArray() ); - } - catch ( UnsupportedEncodingException uee ) - { - // do nothing - return credentials; - } - - case HASH_METHOD_SMD5: - try - { - // The password is associated with a salt. Decompose it - // in two parts, after having decoded the password. - // The salt will be stored into the EncryptionMethod structure - // The salt is at the end of the credentials, and is 8 bytes long - byte[] passwordAndSalt = Base64.decode( new String( credentials, algoLength, credentials.length - - algoLength, "UTF-8" ).toCharArray() ); - - int saltLength = passwordAndSalt.length - MD5_LENGTH; - encryptionMethod.salt = new byte[saltLength]; - byte[] password = new byte[MD5_LENGTH]; - split( passwordAndSalt, 0, password, encryptionMethod.salt ); - - return password; - } - catch ( UnsupportedEncodingException uee ) - { - // do nothing - return credentials; - } - - case HASH_METHOD_SSHA: - try - { - // The password is associated with a salt. Decompose it - // in two parts, after having decoded the password. - // The salt will be stored into the EncryptionMethod structure - // The salt is at the end of the credentials, and is 8 bytes long - byte[] passwordAndSalt = Base64.decode( new String( credentials, algoLength, credentials.length - - algoLength, "UTF-8" ).toCharArray() ); - - int saltLength = passwordAndSalt.length - SHA1_LENGTH; - encryptionMethod.salt = new byte[saltLength]; - byte[] password = new byte[SHA1_LENGTH]; - split( passwordAndSalt, 0, password, encryptionMethod.salt ); - - return password; - } - catch ( UnsupportedEncodingException uee ) - { - // do nothing - return credentials; - } - - case HASH_METHOD_CRYPT: - // The password is associated with a salt. Decompose it - // in two parts, storing the salt into the EncryptionMethod structure. - // The salt comes first, not like for SSHA and SMD5, and is 2 bytes long - encryptionMethod.salt = new byte[2]; - byte[] password = new byte[credentials.length - encryptionMethod.salt.length - algoLength]; - split( credentials, algoLength, encryptionMethod.salt, password ); - - return password; - - default: - // unknown method - return credentials; - - } - } - - /** * Local function which request the password from the backend * @param bindContext the Bind operation context Modified: directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/constants/LdapSecurityConstants.java URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/constants/LdapSecurityConstants.java?rev=1026513&r1=1026512&r2=1026513&view=diff ============================================================================== --- directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/constants/LdapSecurityConstants.java (original) +++ directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/constants/LdapSecurityConstants.java Fri Oct 22 22:19:57 2010 @@ -43,7 +43,36 @@ public enum LdapSecurityConstants HASH_METHOD_CRYPT("crypt"), /** The SHA-256 encryption method */ - HASH_METHOD_SHA256("sha-256"); + HASH_METHOD_SHA256("sha-256"), + + /** The salted SHA-256 encryption method */ + HASH_METHOD_SSHA256("ssha-256"), + + /** The SHA-384 encryption method */ + HASH_METHOD_SHA384("sha-384"), + + /** The salted SHA-384 encryption method */ + HASH_METHOD_SSHA384("ssha-384"), + + /** The SHA-512 encryption method */ + HASH_METHOD_SHA512("sha-512"), + + /** The salted SHA-512 encryption method */ + HASH_METHOD_SSHA512("ssha-512"); + + /* These encryption types are not yet supported + ** The AES encryption method * + ENC_METHOD_AES("aes"), + + ** The 3DES encryption method * + ENC_METHOD_3DES("3des"), + + ** The Blowfish encryption method * + ENC_METHOD_BLOWFISH("blowfish"), + + ** The RC4 encryption method * + ENC_METHOD_RC4("rc4"); + */ /** The associated name */ private String name; @@ -114,6 +143,53 @@ public enum LdapSecurityConstants return HASH_METHOD_SHA256; } + if ( HASH_METHOD_SSHA256.getName().equalsIgnoreCase( algorithm ) ) + { + return HASH_METHOD_SSHA256; + } + + if ( HASH_METHOD_SHA384.getName().equalsIgnoreCase( algorithm ) ) + { + return HASH_METHOD_SHA384; + } + + if ( HASH_METHOD_SSHA384.getName().equalsIgnoreCase( algorithm ) ) + { + return HASH_METHOD_SSHA384; + } + + if ( HASH_METHOD_SHA512.getName().equalsIgnoreCase( algorithm ) ) + { + return HASH_METHOD_SHA512; + } + + if ( HASH_METHOD_SSHA512.getName().equalsIgnoreCase( algorithm ) ) + { + return HASH_METHOD_SSHA512; + } + + /* + if ( ENC_METHOD_AES.getName().equalsIgnoreCase( algorithm ) ) + { + return ENC_METHOD_AES; + } + + if ( ENC_METHOD_3DES.getName().equalsIgnoreCase( algorithm ) ) + { + return ENC_METHOD_3DES; + } + + if ( ENC_METHOD_BLOWFISH.getName().equalsIgnoreCase( algorithm ) ) + { + return ENC_METHOD_BLOWFISH; + } + + if ( ENC_METHOD_RC4.getName().equalsIgnoreCase( algorithm ) ) + { + return ENC_METHOD_RC4; + } + */ + return null; } }