directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From seelm...@apache.org
Subject svn commit: r1731629 - in /directory/shared/trunk: ./ ldap/model/ ldap/model/src/main/java/org/apache/directory/api/ldap/model/constants/ ldap/model/src/main/java/org/apache/directory/api/ldap/model/password/ ldap/model/src/test/java/org/apache/directo...
Date Mon, 22 Feb 2016 12:20:51 GMT
Author: seelmann
Date: Mon Feb 22 12:20:50 2016
New Revision: 1731629

URL: http://svn.apache.org/viewvc?rev=1731629&view=rev
Log:
DIRAPI-269: Add support for modular crypt format password
* Added dependency to commons-codec which includes Crypt class
* Removed UnixCrypt class, this is now included in commons-codec
* Added contstants and handling for $1$, $5$, $6$ crypt formats
* Added tests
* Updated to latest Mina version

Removed:
    directory/shared/trunk/util/src/main/java/org/apache/directory/api/util/UnixCrypt.java
Modified:
    directory/shared/trunk/ldap/model/pom.xml
    directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/constants/LdapSecurityConstants.java
    directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/password/PasswordUtil.java
    directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/password/PasswordUtilTest.java
    directory/shared/trunk/pom.xml

Modified: directory/shared/trunk/ldap/model/pom.xml
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/model/pom.xml?rev=1731629&r1=1731628&r2=1731629&view=diff
==============================================================================
--- directory/shared/trunk/ldap/model/pom.xml (original)
+++ directory/shared/trunk/ldap/model/pom.xml Mon Feb 22 12:20:50 2016
@@ -87,6 +87,11 @@
     </dependency>
 
     <dependency>
+      <groupId>commons-codec</groupId>
+      <artifactId>commons-codec</artifactId>
+    </dependency>
+
+    <dependency>
       <groupId>findbugs</groupId>
       <artifactId>annotations</artifactId>
       <scope>provided</scope>
@@ -180,6 +185,7 @@
             <Import-Package>
               antlr;version=${antlr.version},
               antlr.collections.impl;version=${antlr.version},
+              org.apache.commons.codec.digest;version=${commons.codec.version},
               org.apache.commons.collections;version=${commons.collections.version},
               org.apache.commons.collections.list;version=${commons.collections.version},
               org.apache.commons.collections.map;version=${commons.collections.version},

Modified: directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/constants/LdapSecurityConstants.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/constants/LdapSecurityConstants.java?rev=1731629&r1=1731628&r2=1731629&view=diff
==============================================================================
--- directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/constants/LdapSecurityConstants.java
(original)
+++ directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/constants/LdapSecurityConstants.java
Mon Feb 22 12:20:50 2016
@@ -59,6 +59,15 @@ public enum LdapSecurityConstants
 
     /** The crypt encryption method */
     HASH_METHOD_CRYPT("CRYPT", "CRYPT", "crypt"),
+    
+    /** The crypt (MD5) encryption method */
+    HASH_METHOD_CRYPT_MD5("CRYPT-MD5", "MD5", "crypt", "$1$"),
+    
+    /** The crypt (SHA-256) encryption method */
+    HASH_METHOD_CRYPT_SHA256("CRYPT-SHA-256", "SHA-256", "crypt", "$5$"),
+    
+    /** The crypt (SHA-512) encryption method */
+    HASH_METHOD_CRYPT_SHA512("CRYPT-SHA-512", "SHA-512", "crypt", "$6$"),
 
     /** The PBKDF2-based encryption method */
     HASH_METHOD_PKCS5S2("PKCS5S2", "PBKDF2WithHmacSHA1", "PKCS5S2");
@@ -85,8 +94,11 @@ public enum LdapSecurityConstants
 
     /** The associated prefix */
     private String prefix;
+    
+    /** The optional sub-prefix */
+    private String subPrefix;
 
-
+    
     /**
      * Creates a new instance of LdapSecurityConstants.
      * 
@@ -96,9 +108,23 @@ public enum LdapSecurityConstants
      */
     private LdapSecurityConstants( String name, String algorithm, String prefix )
     {
+        this( name, algorithm, prefix, "" );
+    }
+
+    /**
+     * Creates a new instance of LdapSecurityConstants.
+     * 
+     * @param name the associated name
+     * @param algorithm the associated algorithm
+     * @param prefix the associated prefix
+     * @param subPrefix the optional sub-prefix
+     */
+    private LdapSecurityConstants( String name, String algorithm, String prefix, String subPrefix
)
+    {
         this.name = name;
         this.algorithm = algorithm;
         this.prefix = prefix;
+        this.subPrefix = subPrefix;
     }
 
 
@@ -130,6 +156,15 @@ public enum LdapSecurityConstants
 
 
     /**
+     * @return the optional sub-prefix associated with the constant.
+     */
+    public String getSubPrefix()
+    {
+        return subPrefix;
+    }
+
+
+    /**
      * Get the associated constant from a string
      *
      * @param algorithm The algorithm's name
@@ -137,86 +172,76 @@ public enum LdapSecurityConstants
      */
     public static LdapSecurityConstants getAlgorithm( String algorithm )
     {
-        if ( HASH_METHOD_SHA.name.equalsIgnoreCase( algorithm )
-            || HASH_METHOD_SHA.prefix.equalsIgnoreCase( algorithm ) )
+        if ( matches( algorithm, HASH_METHOD_SHA ) )
         {
             return HASH_METHOD_SHA;
         }
 
-        if ( HASH_METHOD_SSHA.name.equalsIgnoreCase( algorithm )
-            || HASH_METHOD_SSHA.prefix.equalsIgnoreCase( algorithm ) )
+        if ( matches( algorithm, HASH_METHOD_SSHA ) )
         {
             return HASH_METHOD_SSHA;
         }
-
-        if ( HASH_METHOD_MD5.name.equalsIgnoreCase( algorithm )
-            || HASH_METHOD_MD5.prefix.equalsIgnoreCase( algorithm ) )
+        if ( matches( algorithm, HASH_METHOD_MD5 ) )
         {
             return HASH_METHOD_MD5;
         }
 
-        if ( HASH_METHOD_SMD5.name.equalsIgnoreCase( algorithm )
-            || HASH_METHOD_SMD5.prefix.equalsIgnoreCase( algorithm ) )
+        if ( matches( algorithm, HASH_METHOD_SMD5 ) )
         {
             return HASH_METHOD_SMD5;
         }
 
-        if ( HASH_METHOD_CRYPT.name.equalsIgnoreCase( algorithm )
-            || HASH_METHOD_CRYPT.prefix.equalsIgnoreCase( algorithm ) )
+        if ( matches( algorithm, HASH_METHOD_CRYPT ) )
         {
             return HASH_METHOD_CRYPT;
         }
 
-        if ( ( HASH_METHOD_SHA256.name.equalsIgnoreCase( algorithm ) )
-            || ( HASH_METHOD_SHA256.prefix.equalsIgnoreCase( algorithm ) )
-            // "sha-256" used for backwards compatibility
-            || ( "sha-256".equalsIgnoreCase( algorithm ) ) )
+        if ( matches( algorithm, HASH_METHOD_CRYPT_MD5 ) )
+        {
+            return HASH_METHOD_CRYPT_MD5;
+        }
+
+        if ( matches( algorithm, HASH_METHOD_CRYPT_SHA256 ) )
+        {
+            return HASH_METHOD_CRYPT_SHA256;
+        }
+
+        if ( matches( algorithm, HASH_METHOD_CRYPT_SHA512 ) )
+        {
+            return HASH_METHOD_CRYPT_SHA512;
+        }
+
+        if ( matches( algorithm, HASH_METHOD_SHA256 ) )
         {
             return HASH_METHOD_SHA256;
         }
 
-        if ( ( HASH_METHOD_SSHA256.name.equalsIgnoreCase( algorithm ) )
-            || ( HASH_METHOD_SSHA256.prefix.equalsIgnoreCase( algorithm ) )
-            // "ssha-256" used for backwards compatibility
-            || ( "ssha-256".equalsIgnoreCase( algorithm ) ) )
+        if ( matches( algorithm, HASH_METHOD_SSHA256 ) )
         {
             return HASH_METHOD_SSHA256;
         }
 
-        if ( ( HASH_METHOD_SHA384.name.equalsIgnoreCase( algorithm ) )
-            || ( HASH_METHOD_SHA384.prefix.equalsIgnoreCase( algorithm ) )
-            // "sha-384" used for backwards compatibility
-            || ( "sha-384".equalsIgnoreCase( algorithm ) ) )
+        if ( matches( algorithm, HASH_METHOD_SHA384 ) )
         {
             return HASH_METHOD_SHA384;
         }
 
-        if ( ( HASH_METHOD_SSHA384.name.equalsIgnoreCase( algorithm ) )
-            || ( HASH_METHOD_SSHA384.prefix.equalsIgnoreCase( algorithm ) )
-            // "ssha-384" used for backwards compatibility
-            || ( "ssha-384".equalsIgnoreCase( algorithm ) ) )
+        if ( matches( algorithm, HASH_METHOD_SSHA384 ) )
         {
             return HASH_METHOD_SSHA384;
         }
 
-        if ( ( HASH_METHOD_SHA512.name.equalsIgnoreCase( algorithm ) )
-            || ( HASH_METHOD_SHA512.prefix.equalsIgnoreCase( algorithm ) )
-            // "sha-512" used for backwards compatibility
-            || ( "sha-512".equalsIgnoreCase( algorithm ) ) )
+        if ( matches( algorithm, HASH_METHOD_SHA512 ) )
         {
             return HASH_METHOD_SHA512;
         }
 
-        if ( ( HASH_METHOD_SSHA512.name.equalsIgnoreCase( algorithm ) )
-            || ( HASH_METHOD_SSHA512.prefix.equalsIgnoreCase( algorithm ) )
-            // "ssha-512" used for backwards compatibility
-            || ( "ssha-512".equalsIgnoreCase( algorithm ) ) )
+        if ( matches( algorithm, HASH_METHOD_SSHA512 ) )
         {
             return HASH_METHOD_SSHA512;
         }
 
-        if ( HASH_METHOD_PKCS5S2.name.equalsIgnoreCase( algorithm )
-            || HASH_METHOD_PKCS5S2.prefix.equalsIgnoreCase( algorithm ) )
+        if ( matches( algorithm, HASH_METHOD_PKCS5S2 ) )
         {
             return HASH_METHOD_PKCS5S2;
         }
@@ -245,4 +270,12 @@ public enum LdapSecurityConstants
 
         return null;
     }
+
+
+    private static boolean matches( String algorithm, LdapSecurityConstants constant )
+    {
+        return constant.name.equalsIgnoreCase( algorithm )
+            || ( constant.prefix + constant.subPrefix ).equalsIgnoreCase( algorithm );
+    }
+
 }

Modified: directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/password/PasswordUtil.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/password/PasswordUtil.java?rev=1731629&r1=1731628&r2=1731629&view=diff
==============================================================================
--- directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/password/PasswordUtil.java
(original)
+++ directory/shared/trunk/ldap/model/src/main/java/org/apache/directory/api/ldap/model/password/PasswordUtil.java
Mon Feb 22 12:20:50 2016
@@ -26,16 +26,17 @@ import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.spec.KeySpec;
+import java.util.Arrays;
 import java.util.Date;
 
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
 
+import org.apache.commons.codec.digest.Crypt;
 import org.apache.directory.api.ldap.model.constants.LdapSecurityConstants;
 import org.apache.directory.api.util.Base64;
 import org.apache.directory.api.util.DateUtils;
 import org.apache.directory.api.util.Strings;
-import org.apache.directory.api.util.UnixCrypt;
 
 
 /**
@@ -64,6 +65,18 @@ public final class PasswordUtil
     /** The PKCS5S2 hash length */
     public static final int PKCS5S2_LENGTH = 32;
 
+    /** The CRYPT (DES) hash length */
+    public static final int CRYPT_LENGTH = 11;
+
+    /** The CRYPT (MD5) hash length */
+    public static final int CRYPT_MD5_LENGTH = 22;
+
+    /** The CRYPT (SHA-256) hash length */
+    public static final int CRYPT_SHA256_LENGTH = 43;
+
+    /** The CRYPT (SHA-512) hash length */
+    public static final int CRYPT_SHA512_LENGTH = 86;
+
 
     private PasswordUtil()
     {
@@ -109,6 +122,14 @@ public final class PasswordUtil
 
                 String algorithm = Strings.toLowerCaseAscii( Strings.utf8ToString( credentials,
1, pos - 1 ) );
 
+                // support for crypt additional encryption algorithms (e.g. {crypt}$1$salt$ez2vlPGdaLYkJam5pWs/Y1)
+                // currently only one-digit IDs are defined thus this quick check
+                if ( credentials.length > pos + 3 && credentials[pos + 1] == '$'
+                    && Character.isDigit( credentials[pos + 2] ) && credentials[pos
+ 3] == '$' )
+                {
+                    algorithm += Strings.utf8ToString( credentials, pos + 1, 3 );
+                }
+
                 return LdapSecurityConstants.getAlgorithm( algorithm );
             }
             else
@@ -171,13 +192,13 @@ public final class PasswordUtil
                 break;
 
             case HASH_METHOD_CRYPT:
-                salt = new byte[2];
-                SecureRandom sr = new SecureRandom();
-                int i1 = sr.nextInt( 64 );
-                int i2 = sr.nextInt( 64 );
+                salt = generateCryptSalt( 2 );
+                break;
 
-                salt[0] = ( byte ) ( i1 < 12 ? ( i1 + '.' ) : i1 < 38 ? ( i1 + 'A'
- 12 ) : ( i1 + 'a' - 38 ) );
-                salt[1] = ( byte ) ( i2 < 12 ? ( i2 + '.' ) : i2 < 38 ? ( i2 + 'A'
- 12 ) : ( i2 + 'a' - 38 ) );
+            case HASH_METHOD_CRYPT_MD5:
+            case HASH_METHOD_CRYPT_SHA256:
+            case HASH_METHOD_CRYPT_SHA512:
+                salt = generateCryptSalt( 8 );
                 break;
 
             default:
@@ -194,6 +215,15 @@ public final class PasswordUtil
             sb.append( Strings.utf8ToString( salt ) );
             sb.append( Strings.utf8ToString( hashedPassword ) );
         }
+        else if ( algorithm == LdapSecurityConstants.HASH_METHOD_CRYPT_MD5
+            || algorithm == LdapSecurityConstants.HASH_METHOD_CRYPT_SHA256
+            || algorithm == LdapSecurityConstants.HASH_METHOD_CRYPT_SHA512 )
+        {
+            sb.append( algorithm.getSubPrefix() );
+            sb.append( Strings.utf8ToString( salt ) );
+            sb.append( '$' );
+            sb.append( Strings.utf8ToString( hashedPassword ) );
+        }
         else if ( salt != null )
         {
             byte[] hashedPasswordWithSaltBytes = new byte[hashedPassword.length + salt.length];
@@ -337,7 +367,7 @@ public final class PasswordUtil
      * @param salt value to be used as salt (optional)
      * @return the encrypted credentials
      */
-    public static byte[] encryptPassword( byte[] credentials, LdapSecurityConstants algorithm,
byte[] salt )
+    private static byte[] encryptPassword( byte[] credentials, LdapSecurityConstants algorithm,
byte[] salt )
     {
         switch ( algorithm )
         {
@@ -362,12 +392,19 @@ public final class PasswordUtil
                 return digest( LdapSecurityConstants.HASH_METHOD_MD5, credentials, salt );
 
             case HASH_METHOD_CRYPT:
-                String saltWithCrypted = UnixCrypt.crypt( Strings.utf8ToString( credentials
), Strings
+                String saltWithCrypted = Crypt.crypt( Strings.utf8ToString( credentials ),
Strings
                     .utf8ToString( salt ) );
                 String crypted = saltWithCrypted.substring( 2 );
-
                 return Strings.getBytesUtf8( crypted );
 
+            case HASH_METHOD_CRYPT_MD5:
+            case HASH_METHOD_CRYPT_SHA256:
+            case HASH_METHOD_CRYPT_SHA512:
+                String saltWithCrypted2 = Crypt.crypt( Strings.utf8ToString( credentials
),
+                    algorithm.getSubPrefix() + Strings.utf8ToString( salt ) );
+                String crypted2 = saltWithCrypted2.substring( saltWithCrypted2.lastIndexOf(
'$' ) + 1 );
+                return Strings.getBytesUtf8( crypted2 );
+                
             case HASH_METHOD_PKCS5S2:
                 return generatePbkdf2Hash( credentials, algorithm, salt );
 
@@ -463,14 +500,21 @@ public final class PasswordUtil
 
             case HASH_METHOD_CRYPT:
                 // The password is associated with a salt. Decompose it
-                // in two parts, storing the salt into the EncryptionMethod structure.
+                // in two parts, no decoding required.
                 // The salt comes first, not like for SSHA and SMD5, and is 2 bytes long
+                // The algorithm, salt, and password will be stored into the PasswordDetails
structure.
                 byte[] salt = new byte[2];
                 password = new byte[credentials.length - salt.length - algoLength];
                 split( credentials, algoLength, salt, password );
-
                 return new PasswordDetails( algorithm, salt, password );
 
+            case HASH_METHOD_CRYPT_MD5:
+            case HASH_METHOD_CRYPT_SHA256:
+            case HASH_METHOD_CRYPT_SHA512:
+                // skip $x$
+                algoLength = algoLength + 3;
+                return getCryptCredentials( credentials, algoLength, algorithm );
+
             default:
                 // unknown method
                 throw new IllegalArgumentException( "Unknown hash algorithm " + algorithm
);
@@ -486,8 +530,8 @@ public final class PasswordUtil
     {
         // The password is associated with a salt. Decompose it
         // in two parts, after having decoded the password.
-        // The salt will be stored into the EncryptionMethod structure
-        // The salt is at the end of the credentials, and is 8 bytes long
+        // The salt is at the end of the credentials.
+        // The algorithm, salt, and password will be stored into the PasswordDetails structure.
         byte[] passwordAndSalt = Base64
             .decode( Strings.utf8ToString( credentials, algoLength, credentials.length -
algoLength ).toCharArray() );
 
@@ -581,8 +625,8 @@ public final class PasswordUtil
     {
         // The password is associated with a salt. Decompose it
         // in two parts, after having decoded the password.
-        // The salt will be stored into the EncryptionMethod structure
         // The salt is at the *beginning* of the credentials, and is 16 bytes long
+        // The algorithm, salt, and password will be stored into the PasswordDetails structure.
         byte[] passwordAndSalt = Base64
             .decode( Strings.utf8ToString( credentials, algoLength, credentials.length -
algoLength ).toCharArray() );
 
@@ -594,5 +638,49 @@ public final class PasswordUtil
 
         return new PasswordDetails( algorithm, salt, password );
     }
+
+
+    private static final byte[] CRYPT_SALT_CHARS = Strings
+        .getBytesUtf8( "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
);
+
+
+    private static byte[] generateCryptSalt( int length )
+    {
+        byte[] salt = new byte[length];
+        SecureRandom sr = new SecureRandom();
+        for ( int i = 0; i < salt.length; i++ )
+        {
+            salt[i] = CRYPT_SALT_CHARS[sr.nextInt( CRYPT_SALT_CHARS.length )];
+        }
+        
+        return salt;
+    }
+
+
+    private static PasswordDetails getCryptCredentials( byte[] credentials, int algoLength,
+        LdapSecurityConstants algorithm )
+    {
+        // The password is associated with a salt. Decompose it
+        // in two parts, no decoding required.
+        // The salt length is dynamic, between the 2nd and 3rd '$'.
+        // The algorithm, salt, and password will be stored into the PasswordDetails structure.
+
+        // skip {crypt}$x$
+        int pos = algoLength;
+        while ( pos < credentials.length )
+        {
+            if ( credentials[pos] == '$' )
+            {
+                break;
+            }
+
+            pos++;
+        }
+
+        byte[] salt = Arrays.copyOfRange( credentials, algoLength, pos );
+        byte[] password = Arrays.copyOfRange( credentials, pos + 1, credentials.length );
+
+        return new PasswordDetails( algorithm, salt, password );
+    }
 
 }

Modified: directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/password/PasswordUtilTest.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/password/PasswordUtilTest.java?rev=1731629&r1=1731628&r2=1731629&view=diff
==============================================================================
--- directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/password/PasswordUtilTest.java
(original)
+++ directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/password/PasswordUtilTest.java
Mon Feb 22 12:20:50 2016
@@ -22,6 +22,9 @@ package org.apache.directory.api.ldap.mo
 
 
 import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_CRYPT;
+import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_CRYPT_MD5;
+import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_CRYPT_SHA256;
+import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_CRYPT_SHA512;
 import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_MD5;
 import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_PKCS5S2;
 import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_SHA;
@@ -33,6 +36,10 @@ import static org.apache.directory.api.l
 import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_SSHA256;
 import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_SSHA384;
 import static org.apache.directory.api.ldap.model.constants.LdapSecurityConstants.HASH_METHOD_SSHA512;
+import static org.apache.directory.api.ldap.model.password.PasswordUtil.CRYPT_LENGTH;
+import static org.apache.directory.api.ldap.model.password.PasswordUtil.CRYPT_MD5_LENGTH;
+import static org.apache.directory.api.ldap.model.password.PasswordUtil.CRYPT_SHA256_LENGTH;
+import static org.apache.directory.api.ldap.model.password.PasswordUtil.CRYPT_SHA512_LENGTH;
 import static org.apache.directory.api.ldap.model.password.PasswordUtil.MD5_LENGTH;
 import static org.apache.directory.api.ldap.model.password.PasswordUtil.PKCS5S2_LENGTH;
 import static org.apache.directory.api.ldap.model.password.PasswordUtil.SHA1_LENGTH;
@@ -101,6 +108,13 @@ public class PasswordUtilTest
 
 
     @Test
+    public void testUnsupportedHashMethodIsHandledAsPlainText()
+    {
+        testPassword( "{XXX}abc", "{XXX}abc", null, 8, 0 );
+    }
+
+
+    @Test
     public void testPasswordMD5Encrypted()
     {
         testPassword( "secret", "{MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ==", HASH_METHOD_MD5, MD5_LENGTH,
0 );
@@ -275,14 +289,62 @@ public class PasswordUtilTest
     @Test
     public void testPasswordCRYPTEncrypted()
     {
-        testPassword( "secret", "{CRYPT}qFkH8Z1woBlXw", HASH_METHOD_CRYPT, 11, 2 );
+        testPassword( "secret", "{CRYPT}qFkH8Z1woBlXw", HASH_METHOD_CRYPT, CRYPT_LENGTH,
2 );
     }
 
 
     @Test
     public void testPasswordCRYPTEncryptedLowercase()
     {
-        testPassword( "secret", "{crypt}qFkH8Z1woBlXw", HASH_METHOD_CRYPT, 11, 2 );
+        testPassword( "secret", "{crypt}qFkH8Z1woBlXw", HASH_METHOD_CRYPT, CRYPT_LENGTH,
2 );
+    }
+
+
+    @Test
+    public void testPasswordCRYPT1Encrypted()
+    {
+        testPassword( "secret", "{CRYPT}$1$salt$ez2vlPGdaLYkJam5pWs/Y1", HASH_METHOD_CRYPT_MD5,
CRYPT_MD5_LENGTH, 4 );
+    }
+
+
+    @Test
+    public void testPasswordCRYPT1EncryptedLowercase()
+    {
+        testPassword( "secret", "{crypt}$1$salt$ez2vlPGdaLYkJam5pWs/Y1", HASH_METHOD_CRYPT_MD5,
CRYPT_MD5_LENGTH, 4 );
+    }
+
+
+    @Test
+    public void testPasswordCRYPT5Encrypted()
+    {
+        testPassword( "secret", "{CRYPT}$5$salt$kpa26zwgX83BPSR8d7w93OIXbFt/d3UOTZaAu5vsTM6",
HASH_METHOD_CRYPT_SHA256, CRYPT_SHA256_LENGTH,
+            4 );
+    }
+
+
+    @Test
+    public void testPasswordCRYPT5EncryptedLowercase()
+    {
+        testPassword( "secret", "{crypt}$5$salt$kpa26zwgX83BPSR8d7w93OIXbFt/d3UOTZaAu5vsTM6",
HASH_METHOD_CRYPT_SHA256, CRYPT_SHA256_LENGTH,
+            4 );
+    }
+
+
+    @Test
+    public void testPasswordCRYPT6Encrypted()
+    {
+        testPassword( "secret",
+            "{CRYPT}$6$salt$egUxKNxDs8kPfh8iPMNcosMhb2eWah6d3R44JDm5Rj/j/XWR5E33QPd0YmHXoDHOIDR6kL5D3JcQcz0O8FHE00",
+            HASH_METHOD_CRYPT_SHA512, CRYPT_SHA512_LENGTH, 4 );
+    }
+
+
+    @Test
+    public void testPasswordCRYPT6EncryptedLowercase()
+    {
+        testPassword( "secret",
+            "{crypt}$6$salt$egUxKNxDs8kPfh8iPMNcosMhb2eWah6d3R44JDm5Rj/j/XWR5E33QPd0YmHXoDHOIDR6kL5D3JcQcz0O8FHE00",
+            HASH_METHOD_CRYPT_SHA512, CRYPT_SHA512_LENGTH, 4 );
     }
 
 

Modified: directory/shared/trunk/pom.xml
URL: http://svn.apache.org/viewvc/directory/shared/trunk/pom.xml?rev=1731629&r1=1731628&r2=1731629&view=diff
==============================================================================
--- directory/shared/trunk/pom.xml (original)
+++ directory/shared/trunk/pom.xml Mon Feb 22 12:20:50 2016
@@ -46,6 +46,7 @@
     
     <!-- Set versions for depending jars -->
     <antlr.version>2.7.7</antlr.version>
+    <commons.codec.version>1.10</commons.codec.version>
     <commons.collections.version>3.2.2</commons.collections.version>
     <commons.io.version>2.4</commons.io.version>
     <commons.lang.version>2.6</commons.lang.version>
@@ -55,7 +56,7 @@
     <junit.version>4.12</junit.version>
     <log4j.version>1.2.17</log4j.version>
     <logback.version>1.1.3</logback.version>
-    <mina.core.version>2.0.11</mina.core.version>
+    <mina.core.version>2.0.13</mina.core.version>
     <org.osgi.core.version>6.0.0</org.osgi.core.version>
     <org.apache.felix.version>5.4.0</org.apache.felix.version>
     <pax-exam.version>4.8.0</pax-exam.version>
@@ -622,6 +623,12 @@
       <!-- Commons dependencies -->
 
       <dependency>
+        <groupId>commons-codec</groupId>
+        <artifactId>commons-codec</artifactId>
+        <version>${commons.codec.version}</version>
+      </dependency>
+
+      <dependency>
         <groupId>commons-collections</groupId>
         <artifactId>commons-collections</artifactId>
         <version>${commons.collections.version}</version>



Mime
View raw message