List of usage examples for org.apache.shiro.crypto.hash Hash getBytes
byte[] getBytes();
From source file:CryptoTest.java
License:Apache License
@Test public void test_hashingService_usingRandomSalts() { log.info("*** test_hashingService_usingRandomSalts ***"); final DefaultHashService hashService = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator(); secureRandomNumberGenerator.setDefaultNextBytesSize(64); final ByteSource privateSalt = secureRandomNumberGenerator.nextBytes(); hashService.setHashAlgorithmName("SHA-512"); hashService.setHashIterations(1024 * 128); hashService.setPrivateSalt(privateSalt); hashService.setRandomNumberGenerator(secureRandomNumberGenerator); hashService.setGeneratePublicSalt(true); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").build(); final StopWatch stopWatch = new StopWatch(); stopWatch.start();//w w w . j a v a2 s.com final Hash hash = hashService.computeHash(hashRequest); stopWatch.stop(); final byte[] hashBytes = hash.getBytes(); log.info("hashBytes length = {}", hashBytes.length); log.info("hash Base64 length = {}", hash.toBase64().length()); log.info("hash time: {}", stopWatch.getTime()); log.info("hash.salt : {}", hash.getSalt()); final ByteSource salt = hash.getSalt(); log.info("salt : {}", salt); log.info("hash Base64 : {}", hash.toBase64()); final String hash1 = hashService .computeHash(new HashRequest.Builder().setSource("password").setSalt(salt).build()).toBase64(); final String hash2 = hashService .computeHash(new HashRequest.Builder().setSource("password").setSalt(salt).build()).toBase64(); log.info("hash1 Base64 : {}", hash1); log.info("hash2 Base64 : {}", hash2); Assert.assertEquals(hash1, hash2); Sha512Hash encodedPassword = new Sha512Hash("password", salt, 1024 * 64); Sha512Hash encodedPassword2 = new Sha512Hash(encodedPassword.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword Base64 : {}", encodedPassword.toBase64()); log.info("encodedPassword2 Base64 : {}", encodedPassword2.toBase64()); Sha512Hash encodedPassword3 = new Sha512Hash("password", salt, 1024 * 64); Sha512Hash encodedPassword4 = new Sha512Hash(encodedPassword3.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword3 Base64 : {}", encodedPassword3.toBase64()); log.info("encodedPassword4 Base64 : {}", encodedPassword4.toBase64()); Assert.assertEquals(encodedPassword2, encodedPassword4); hashService.setHashIterations(1024 * 127); }
From source file:com.azaptree.services.security.domain.impl.HashedCredentialImpl.java
License:Apache License
public HashedCredentialImpl(final UUID subjectId, final String name, final UUID hashServiceConfigurationId, final Hash hash, final Date expiresOn) { this(subjectId, name, hashServiceConfigurationId, hash.getBytes(), hash.getAlgorithmName(), hash.getIterations(), hash.getSalt().getBytes(), expiresOn); }
From source file:de.dominikschadow.javasecurity.hash.SHA512.java
License:Apache License
public static void main(String[] args) { String password = "SHA-512 hash sample text"; Hash hash = calculateHash(password); boolean correct = verifyPassword(hash.getBytes(), hash.getSalt(), password); log.info("Entered password is correct: {}", correct); }
From source file:de.dominikschadow.javasecurity.hash.SHA512.java
License:Apache License
private static boolean verifyPassword(byte[] originalHash, ByteSource publicSalt, String password) { ByteSource privateSalt = ByteSource.Util.bytes(PRIVATE_SALT_BYTES); DefaultHashService hashService = new DefaultHashService(); hashService.setPrivateSalt(privateSalt); hashService.setHashIterations(ITERATIONS); HashRequest.Builder builder = new HashRequest.Builder(); builder.setSource(ByteSource.Util.bytes(password)); builder.setSalt(publicSalt);/*from w w w. j a va2s. c o m*/ Hash comparisonHash = hashService.computeHash(builder.build()); log.info("password: {}", password); log.info("1 hash: {}", Hex.encodeToString(originalHash)); log.info("2 hash: {}", comparisonHash.toHex()); return Arrays.equals(originalHash, comparisonHash.getBytes()); }
From source file:de.dominikschadow.javasecurity.hash.SHA512HashSample.java
License:Apache License
public static void main(String[] args) { SHA512HashSample hs = new SHA512HashSample(); String password = "SHA-512 hash sample text"; Hash hash = hs.calculateHash(password); boolean correct = hs.verifyPassword(hash.getBytes(), hash.getSalt(), password); logger.info("Entered password is correct: {}", correct); }
From source file:de.dominikschadow.javasecurity.hash.SHA512HashSample.java
License:Apache License
private boolean verifyPassword(byte[] originalHash, ByteSource publicSalt, String password) { ByteSource privateSalt = ByteSource.Util.bytes(PRIVATE_SALT_BYTES); DefaultHashService hashService = new DefaultHashService(); hashService.setPrivateSalt(privateSalt); hashService.setHashIterations(ITERATIONS); HashRequest.Builder builder = new HashRequest.Builder(); builder.setSource(ByteSource.Util.bytes(password)); builder.setSalt(publicSalt);/* www . j av a 2 s . c o m*/ Hash comparisonHash = hashService.computeHash(builder.build()); logger.info("password: {}", password); logger.info("1 hash: {}", Base64.encodeToString(originalHash)); logger.info("2 hash: {}", comparisonHash.toBase64()); return Arrays.equals(originalHash, comparisonHash.getBytes()); }
From source file:org.smallmind.nutsnbolts.shiro.realm.ActiveDirectoryLdapRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { try {/* ww w. j av a 2s .c o m*/ SearchControls searchControls; NamingEnumeration answer; String searchFilter; searchFilter = "(&(objectClass=user)(sAMAccountName=" + token.getPrincipal() + "))"; searchControls = new SearchControls(); searchControls.setReturningAttributes(RETURNED_ATTRIBUTES); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); searchControls.setCountLimit(1); answer = getLdapContext(connectionDetails.getUserName(), connectionDetails.getPassword()) .search(searchPath, searchFilter, searchControls); if (answer.hasMoreElements()) { if (((SearchResult) answer.next()).getAttributes() != null) { getLdapContext(token.getPrincipal().toString() + "@" + domain, new String((char[]) token.getCredentials())); Hash sha1Hash; ByteSource salt; sha1Hash = new Sha1Hash(new String((char[]) token.getCredentials()), salt = new SimpleByteSource(UUID.randomUUID().toString())); return new SimpleAuthenticationInfo(token.getPrincipal(), sha1Hash.getBytes(), salt, getName()); } } } catch (NamingException namingException) { throw new AuthenticationException(namingException); } return null; }
From source file:org.smallmind.nutsnbolts.shiro.realm.DefaultLdapRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { Hashtable<String, String> env; env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + connectionDetails.getHost() + ":" + connectionDetails.getPort() + "/" + connectionDetails.getRootNamespace()); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, connectionDetails.getUserName()); env.put(Context.SECURITY_CREDENTIALS, connectionDetails.getPassword()); try {/*from w w w . j av a2s . c o m*/ Attributes userAttributes; if ((userAttributes = ((DirContext) new InitialDirContext(env).lookup(searchPath)) .getAttributes("uid=" + token.getPrincipal().toString())) != null) { Attribute passwordAttribute; if ((passwordAttribute = userAttributes.get("userPassword")) != null) { String hashedPasswordPlusAlgorithm; Hash sha1Hash; hashedPasswordPlusAlgorithm = new String((byte[]) passwordAttribute.get()); sha1Hash = new Sha1Hash(new String((char[]) token.getCredentials())); if (hashedPasswordPlusAlgorithm.equals("{SHA}" + sha1Hash.toBase64())) { return new SimpleAuthenticationInfo(token.getPrincipal(), sha1Hash.getBytes(), getName()); } } } } catch (NamingException namingException) { throw new AuthenticationException(namingException); } return null; }
From source file:test.com.azaptree.services.security.dao.HashedCredentialDAOTest.java
License:Apache License
@Transactional @Test/* ww w . j av a2 s .com*/ public void test_create_findById_cascade_delete() { final Subject temp = new SubjectImpl(Status.ACTIVATED); final Subject subject = subjectDao.create(temp); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").build(); final Hash hash = hashService.computeHash(hashRequest); final Calendar now = Calendar.getInstance(); now.add(Calendar.DATE, 90); final long expiresOn = now.getTimeInMillis(); final HashedCredential password = new HashedCredentialImpl(subject.getEntityId(), "password", hashServiceConfig.getEntityId(), hash.getBytes(), hash.getAlgorithmName(), hash.getIterations(), hash.getSalt().getBytes(), now.getTime()); final HashedCredential savedPassword = hashedCredentialDAO.create(password); Assert.assertNotNull(savedPassword); Assert.assertNotNull(savedPassword.getEntityId()); Assert.assertNotNull(savedPassword.getSubjectId()); log.info(savedPassword.toJson()); final HashedCredential password2 = hashedCredentialDAO.findById(savedPassword.getEntityId()); Assert.assertNotNull(password2); Assert.assertNotNull(password2.getEntityId()); Assert.assertNotNull(password2.getSubjectId()); Assert.assertEquals(password2.getExpiresOn().get().getTime(), expiresOn); log.info(password2.toJson()); Assert.assertEquals(password2, savedPassword); subjectDao.delete(subject.getEntityId()); Assert.assertNull(hashedCredentialDAO.findById(savedPassword.getEntityId())); }
From source file:test.com.azaptree.services.security.dao.HashedCredentialDAOTest.java
License:Apache License
@Transactional @Test/*from w ww. ja v a 2 s. c om*/ public void test_create_findById_delete() { final Subject temp = new SubjectImpl(Status.ACTIVATED); final Subject subject = subjectDao.create(temp); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").build(); final Hash hash = hashService.computeHash(hashRequest); final HashedCredential password = new HashedCredentialImpl(subject.getEntityId(), "password", hashServiceConfig.getEntityId(), hash.getBytes(), hash.getAlgorithmName(), hash.getIterations(), hash.getSalt().getBytes(), null); final HashedCredential savedPassword = hashedCredentialDAO.create(password); Assert.assertNotNull(savedPassword); Assert.assertNotNull(savedPassword.getEntityId()); Assert.assertNotNull(savedPassword.getSubjectId()); log.info(savedPassword.toJson()); final HashedCredential password2 = hashedCredentialDAO.findById(savedPassword.getEntityId()); Assert.assertNotNull(password2); Assert.assertNotNull(password2.getEntityId()); Assert.assertNotNull(password2.getSubjectId()); Assert.assertNotNull(password2.getHash()); Assert.assertNotNull(password2.getHashAlgorithm()); Assert.assertNotNull(password2.getSalt()); Assert.assertEquals(password2.getSubjectId(), subject.getEntityId()); Assert.assertTrue(Arrays.equals(hash.getBytes(), password2.getHash())); Assert.assertTrue(Arrays.equals(hash.getSalt().getBytes(), password2.getSalt())); log.info(password2.toJson()); Assert.assertEquals(password2, savedPassword); hashedCredentialDAO.delete(savedPassword.getEntityId()); Assert.assertNull(hashedCredentialDAO.findById(savedPassword.getEntityId())); }