directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pamarce...@apache.org
Subject svn commit: r1459293 - in /directory/studio/trunk/plugins: ldapbrowser.core/src/main/java/org/apache/directory/studio/ldapbrowser/core/model/Password.java valueeditors/src/main/java/org/apache/directory/studio/valueeditors/password/PasswordDialog.java
Date Thu, 21 Mar 2013 13:14:56 GMT
Author: pamarcelot
Date: Thu Mar 21 13:14:55 2013
New Revision: 1459293

URL: http://svn.apache.org/r1459293
Log:
Fix for DIRSTUDIO-890 (Add support for SSHA2 in Password Editor).

Modified:
    directory/studio/trunk/plugins/ldapbrowser.core/src/main/java/org/apache/directory/studio/ldapbrowser/core/model/Password.java
    directory/studio/trunk/plugins/valueeditors/src/main/java/org/apache/directory/studio/valueeditors/password/PasswordDialog.java

Modified: directory/studio/trunk/plugins/ldapbrowser.core/src/main/java/org/apache/directory/studio/ldapbrowser/core/model/Password.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/plugins/ldapbrowser.core/src/main/java/org/apache/directory/studio/ldapbrowser/core/model/Password.java?rev=1459293&r1=1459292&r2=1459293&view=diff
==============================================================================
--- directory/studio/trunk/plugins/ldapbrowser.core/src/main/java/org/apache/directory/studio/ldapbrowser/core/model/Password.java
(original)
+++ directory/studio/trunk/plugins/ldapbrowser.core/src/main/java/org/apache/directory/studio/ldapbrowser/core/model/Password.java
Thu Mar 21 13:14:55 2013
@@ -55,6 +55,24 @@ public class Password
     /** The constant used for the salted SHA hash, value <code>SSHA</code> */
     public static final String HASH_METHOD_SSHA = "SSHA"; //$NON-NLS-1$
 
+    /** The constant used for the SHA-256 hash, value <code>SHA-256</code> */
+    public static final String HASH_METHOD_SHA_256 = "SHA-256"; //$NON-NLS-1$
+
+    /** The constant used for the salted SHA-256 hash, value <code>SSHA-256</code>
*/
+    public static final String HASH_METHOD_SSHA_256 = "SSHA-256"; //$NON-NLS-1$
+
+    /** The constant used for the SHA-384 hash, value <code>SHA-384</code> */
+    public static final String HASH_METHOD_SHA_384 = "SHA-384"; //$NON-NLS-1$
+
+    /** The constant used for the salted SHA-384 hash, value <code>SSHA-384</code>
*/
+    public static final String HASH_METHOD_SSHA_384 = "SSHA-384"; //$NON-NLS-1$
+
+    /** The constant used for the SHA-512 hash, value <code>SHA-512</code> */
+    public static final String HASH_METHOD_SHA_512 = "SHA-512"; //$NON-NLS-1$
+
+    /** The constant used for the salted SHA-512 hash, value <code>SSHA-512</code>
*/
+    public static final String HASH_METHOD_SSHA_512 = "SSHA-512"; //$NON-NLS-1$
+
     /** The constant used for the MD5 hash, value <code>MD5</code> */
     public static final String HASH_METHOD_MD5 = "MD5"; //$NON-NLS-1$
 
@@ -115,22 +133,43 @@ public class Password
                 hashMethod = password.substring( password.indexOf( '{' ) + 1, password.indexOf(
'}' ) );
                 String rest = password.substring( hashMethod.length() + 2 );
 
-                if ( HASH_METHOD_SHA.equalsIgnoreCase( hashMethod ) || HASH_METHOD_MD5.equalsIgnoreCase(
hashMethod ) )
+                if ( HASH_METHOD_SHA.equalsIgnoreCase( hashMethod )
+                    || HASH_METHOD_SHA_256.equalsIgnoreCase( hashMethod )
+                    || HASH_METHOD_SHA_384.equalsIgnoreCase( hashMethod )
+                    || HASH_METHOD_SHA_512.equalsIgnoreCase( hashMethod )
+                    || HASH_METHOD_MD5.equalsIgnoreCase( hashMethod ) )
                 {
                     hashedPassword = LdifUtils.base64decodeToByteArray( rest );
                     salt = null;
                 }
-                else if ( HASH_METHOD_SSHA.equalsIgnoreCase( hashMethod ) )
-                {
-                    byte[] hashedPasswordWithSalt = LdifUtils.base64decodeToByteArray( rest
);
-                    hashedPassword = new byte[20];
-                    salt = new byte[hashedPasswordWithSalt.length - hashedPassword.length];
-                    split( hashedPasswordWithSalt, hashedPassword, salt );
-                }
-                else if ( HASH_METHOD_SMD5.equalsIgnoreCase( hashMethod ) )
+                else if ( HASH_METHOD_SSHA.equalsIgnoreCase( hashMethod )
+                    || HASH_METHOD_SSHA_256.equalsIgnoreCase( hashMethod )
+                    || HASH_METHOD_SSHA_384.equalsIgnoreCase( hashMethod )
+                    || HASH_METHOD_SSHA_512.equalsIgnoreCase( hashMethod )
+                    || HASH_METHOD_SMD5.equalsIgnoreCase( hashMethod ) )
                 {
+                    if ( HASH_METHOD_SSHA.equalsIgnoreCase( hashMethod ) )
+                    {
+                        hashedPassword = new byte[20];
+                    }
+                    else if ( HASH_METHOD_SSHA_256.equalsIgnoreCase( hashMethod ) )
+                    {
+                        hashedPassword = new byte[32];
+                    }
+                    else if ( HASH_METHOD_SSHA_384.equalsIgnoreCase( hashMethod ) )
+                    {
+                        hashedPassword = new byte[48];
+                    }
+                    else if ( HASH_METHOD_SSHA_512.equalsIgnoreCase( hashMethod ) )
+                    {
+                        hashedPassword = new byte[64];
+                    }
+                    else if ( HASH_METHOD_SMD5.equalsIgnoreCase( hashMethod ) )
+                    {
+                        hashedPassword = new byte[16];
+                    }
+
                     byte[] hashedPasswordWithSalt = LdifUtils.base64decodeToByteArray( rest
);
-                    hashedPassword = new byte[16];
                     salt = new byte[hashedPasswordWithSalt.length - hashedPassword.length];
                     split( hashedPasswordWithSalt, hashedPassword, salt );
                 }
@@ -177,6 +216,9 @@ public class Password
     {
         if ( !( hashMethod == null || HASH_METHOD_NO.equalsIgnoreCase( hashMethod )
             || HASH_METHOD_SHA.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SSHA.equalsIgnoreCase(
hashMethod )
+            || HASH_METHOD_SHA_256.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SSHA_256.equalsIgnoreCase(
hashMethod )
+            || HASH_METHOD_SHA_384.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SSHA_384.equalsIgnoreCase(
hashMethod )
+            || HASH_METHOD_SHA_512.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SSHA_512.equalsIgnoreCase(
hashMethod )
             || HASH_METHOD_MD5.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SMD5.equalsIgnoreCase(
hashMethod ) || HASH_METHOD_CRYPT
                 .equalsIgnoreCase( hashMethod ) ) )
         {
@@ -195,7 +237,11 @@ public class Password
         this.hashMethod = hashMethod;
 
         // set salt
-        if ( HASH_METHOD_SSHA.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SMD5.equalsIgnoreCase(
hashMethod ) )
+        if ( HASH_METHOD_SSHA.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_256.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_384.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_512.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SMD5.equalsIgnoreCase( hashMethod ) )
         {
             this.salt = new byte[8];
             new SecureRandom().nextBytes( this.salt );
@@ -215,11 +261,28 @@ public class Password
         }
 
         // digest
-        if ( HASH_METHOD_SHA.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SSHA.equalsIgnoreCase(
hashMethod ) )
+        if ( HASH_METHOD_SHA.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA.equalsIgnoreCase( hashMethod ) )
         {
             this.hashedPassword = digest( HASH_METHOD_SHA, passwordAsPlaintext, this.salt
);
         }
-        else if ( HASH_METHOD_MD5.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SMD5.equalsIgnoreCase(
hashMethod ) )
+        else if ( HASH_METHOD_SHA_256.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_256.equalsIgnoreCase( hashMethod ) )
+        {
+            this.hashedPassword = digest( HASH_METHOD_SHA_256, passwordAsPlaintext, this.salt
);
+        }
+        else if ( HASH_METHOD_SHA_384.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_384.equalsIgnoreCase( hashMethod ) )
+        {
+            this.hashedPassword = digest( HASH_METHOD_SHA_384, passwordAsPlaintext, this.salt
);
+        }
+        else if ( HASH_METHOD_SHA_512.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_512.equalsIgnoreCase( hashMethod ) )
+        {
+            this.hashedPassword = digest( HASH_METHOD_SHA_512, passwordAsPlaintext, this.salt
);
+        }
+        else if ( HASH_METHOD_MD5.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SMD5.equalsIgnoreCase( hashMethod ) )
         {
             this.hashedPassword = digest( HASH_METHOD_MD5, passwordAsPlaintext, this.salt
);
         }
@@ -253,12 +316,32 @@ public class Password
         {
             verified = testPasswordAsPlaintext.equals( LdifUtils.utf8decode( hashedPassword
) );
         }
-        else if ( HASH_METHOD_SHA.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SSHA.equalsIgnoreCase(
hashMethod ) )
+        else if ( HASH_METHOD_SHA.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA.equalsIgnoreCase( hashMethod ) )
         {
             byte[] hash = digest( HASH_METHOD_SHA, testPasswordAsPlaintext, salt );
             verified = equals( hash, hashedPassword );
         }
-        else if ( HASH_METHOD_MD5.equalsIgnoreCase( hashMethod ) || HASH_METHOD_SMD5.equalsIgnoreCase(
hashMethod ) )
+        else if ( HASH_METHOD_SHA_256.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_256.equalsIgnoreCase( hashMethod ) )
+        {
+            byte[] hash = digest( HASH_METHOD_SHA_256, testPasswordAsPlaintext, salt );
+            verified = equals( hash, hashedPassword );
+        }
+        else if ( HASH_METHOD_SHA_384.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_384.equalsIgnoreCase( hashMethod ) )
+        {
+            byte[] hash = digest( HASH_METHOD_SHA_384, testPasswordAsPlaintext, salt );
+            verified = equals( hash, hashedPassword );
+        }
+        else if ( HASH_METHOD_SHA_512.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SSHA_512.equalsIgnoreCase( hashMethod ) )
+        {
+            byte[] hash = digest( HASH_METHOD_SHA_512, testPasswordAsPlaintext, salt );
+            verified = equals( hash, hashedPassword );
+        }
+        else if ( HASH_METHOD_MD5.equalsIgnoreCase( hashMethod )
+            || HASH_METHOD_SMD5.equalsIgnoreCase( hashMethod ) )
         {
             byte[] hash = digest( HASH_METHOD_MD5, testPasswordAsPlaintext, salt );
             verified = equals( hash, hashedPassword );

Modified: directory/studio/trunk/plugins/valueeditors/src/main/java/org/apache/directory/studio/valueeditors/password/PasswordDialog.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/plugins/valueeditors/src/main/java/org/apache/directory/studio/valueeditors/password/PasswordDialog.java?rev=1459293&r1=1459292&r2=1459293&view=diff
==============================================================================
--- directory/studio/trunk/plugins/valueeditors/src/main/java/org/apache/directory/studio/valueeditors/password/PasswordDialog.java
(original)
+++ directory/studio/trunk/plugins/valueeditors/src/main/java/org/apache/directory/studio/valueeditors/password/PasswordDialog.java
Thu Mar 21 13:14:55 2013
@@ -67,8 +67,19 @@ public class PasswordDialog extends Dial
 
     /** The supported hash methods */
     private static final String[] HASH_METHODS =
-        { Password.HASH_METHOD_SHA, Password.HASH_METHOD_SSHA, Password.HASH_METHOD_MD5,
Password.HASH_METHOD_SMD5,
-            Password.HASH_METHOD_CRYPT, Password.HASH_METHOD_NO };
+        {
+            Password.HASH_METHOD_SHA,
+            Password.HASH_METHOD_SHA_256,
+            Password.HASH_METHOD_SHA_384,
+            Password.HASH_METHOD_SHA_512,
+            Password.HASH_METHOD_SSHA,
+            Password.HASH_METHOD_SSHA_256,
+            Password.HASH_METHOD_SSHA_384,
+            Password.HASH_METHOD_SSHA_512,
+            Password.HASH_METHOD_MD5,
+            Password.HASH_METHOD_SMD5,
+            Password.HASH_METHOD_CRYPT,
+            Password.HASH_METHOD_NO };
 
     private static final int CURRENT_TAB = 0;
 



Mime
View raw message