List of usage examples for org.apache.shiro.crypto.hash Hash toBase64
String toBase64();
From source file:CryptoTest.java
License:Apache License
@Test public void test_hashingService() { log.info("*** test_hashingService ***"); final DefaultHashService hashService = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator(); secureRandomNumberGenerator.setDefaultNextBytesSize(64); final ByteSource privateSalt = secureRandomNumberGenerator.nextBytes(); final ByteSource publicSalt = secureRandomNumberGenerator.nextBytes(); log.info("privateSalt .length = {}", privateSalt.getBytes().length); hashService.setHashAlgorithmName("SHA-512"); hashService.setHashIterations(1024 * 64); hashService.setPrivateSalt(privateSalt); hashService.setRandomNumberGenerator(secureRandomNumberGenerator); hashService.setGeneratePublicSalt(true); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").setSalt(publicSalt).build(); final Hash hash = hashService.computeHash(hashRequest); log.info("hash.salt : {}", hash.getSalt()); log.info("publicSalt : {}", publicSalt); log.info("hash Base64 : {}", hash.toBase64()); final String hash1 = hashService.computeHash(hashRequest).toBase64(); final String hash2 = hashService.computeHash(hashRequest).toBase64(); log.info("hash1 Base64 : {}", hash1); log.info("hash2 Base64 : {}", hash2); Assert.assertEquals(hash1, hash2);//www .j a va2 s .c om Sha512Hash encodedPassword = new Sha512Hash("password", publicSalt, 1024 * 64); Sha512Hash encodedPassword2 = new Sha512Hash(encodedPassword.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword Base64 : {}", encodedPassword.toBase64()); log.info("encodedPassword2 Base64 : {}", encodedPassword2.toBase64()); Sha512Hash encodedPassword3 = new Sha512Hash("password", publicSalt, 1024 * 64); Sha512Hash encodedPassword4 = new Sha512Hash(encodedPassword3.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword3 Base64 : {}", encodedPassword3.toBase64()); log.info("encodedPassword4 Base64 : {}", encodedPassword4.toBase64()); Assert.assertEquals(encodedPassword2, encodedPassword4); }
From source file:CryptoTest.java
License:Apache License
@Test public void test_hashingService_usingRandomSalts() { log.info("*** test_hashingService_usingRandomSalts ***"); final DefaultHashService hashService = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator(); secureRandomNumberGenerator.setDefaultNextBytesSize(64); final ByteSource privateSalt = secureRandomNumberGenerator.nextBytes(); hashService.setHashAlgorithmName("SHA-512"); hashService.setHashIterations(1024 * 128); hashService.setPrivateSalt(privateSalt); hashService.setRandomNumberGenerator(secureRandomNumberGenerator); hashService.setGeneratePublicSalt(true); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").build(); final StopWatch stopWatch = new StopWatch(); stopWatch.start();//from www . java2 s.c om final Hash hash = hashService.computeHash(hashRequest); stopWatch.stop(); final byte[] hashBytes = hash.getBytes(); log.info("hashBytes length = {}", hashBytes.length); log.info("hash Base64 length = {}", hash.toBase64().length()); log.info("hash time: {}", stopWatch.getTime()); log.info("hash.salt : {}", hash.getSalt()); final ByteSource salt = hash.getSalt(); log.info("salt : {}", salt); log.info("hash Base64 : {}", hash.toBase64()); final String hash1 = hashService .computeHash(new HashRequest.Builder().setSource("password").setSalt(salt).build()).toBase64(); final String hash2 = hashService .computeHash(new HashRequest.Builder().setSource("password").setSalt(salt).build()).toBase64(); log.info("hash1 Base64 : {}", hash1); log.info("hash2 Base64 : {}", hash2); Assert.assertEquals(hash1, hash2); Sha512Hash encodedPassword = new Sha512Hash("password", salt, 1024 * 64); Sha512Hash encodedPassword2 = new Sha512Hash(encodedPassword.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword Base64 : {}", encodedPassword.toBase64()); log.info("encodedPassword2 Base64 : {}", encodedPassword2.toBase64()); Sha512Hash encodedPassword3 = new Sha512Hash("password", salt, 1024 * 64); Sha512Hash encodedPassword4 = new Sha512Hash(encodedPassword3.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword3 Base64 : {}", encodedPassword3.toBase64()); log.info("encodedPassword4 Base64 : {}", encodedPassword4.toBase64()); Assert.assertEquals(encodedPassword2, encodedPassword4); hashService.setHashIterations(1024 * 127); }
From source file:CryptoTest.java
License:Apache License
@Test public void test_secureRandomNumberGenerator_nextBytesSize() { log.info("*** test_secureRandomNumberGenerator_nextBytesSize ***"); final DefaultHashService hashService = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator(); secureRandomNumberGenerator.setDefaultNextBytesSize(8); final ByteSource privateSalt = secureRandomNumberGenerator.nextBytes(); log.info("privateSalt = {}", privateSalt); log.info("privateSalt byte length = {}", privateSalt.getBytes().length); hashService.setHashAlgorithmName("SHA-512"); hashService.setHashIterations(1024 * 128); hashService.setPrivateSalt(privateSalt); hashService.setRandomNumberGenerator(secureRandomNumberGenerator); hashService.setGeneratePublicSalt(true); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").build(); final Hash hash = hashService.computeHash(hashRequest); final DefaultHashService hashService2 = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator2 = new SecureRandomNumberGenerator(); secureRandomNumberGenerator2.setDefaultNextBytesSize(16); hashService2.setHashAlgorithmName("SHA-512"); hashService2.setHashIterations(1024 * 128); hashService2.setPrivateSalt(privateSalt); hashService2.setRandomNumberGenerator(secureRandomNumberGenerator2); hashService2.setGeneratePublicSalt(true); final HashRequest hashRequest2 = new HashRequest.Builder().setSource("password").setSalt(hash.getSalt()) .build();/* w w w . j a va 2 s. c om*/ final Hash hash2 = hashService.computeHash(hashRequest2); log.info("hash = {}", hash.toBase64()); log.info("hash2 = {}", hash2.toBase64()); Assert.assertEquals(hash2.toBase64(), hash.toBase64()); }
From source file:base.web.ShiroDbRealm.java
License:Apache License
/** * ??spring/shiro.xml?credentialsMatcher <br/> * /*from w w w . j av a 2s .co m*/ * ?SHA-256Base64?1024<br/> * SHA-256Base64??(44?)Hex??64?<br/> * ?SHA-384?SHA-512???? * * @author Junas.Cheung */ public String encrytPassword(String password) { // ???? String hashAlgorithmName = ConfigUtil.getValue("password.hash.algorithm.name"); int iterations = ConfigUtil.getIntValue("password.iterations"); boolean isStoredHex = ConfigUtil.getBooleanValue("password.is.stored.hex"); // DefaultHashService hashService = new DefaultHashService(); // hashService.setHashAlgorithmName(hashAlgorithmName); // hashService.setHashIterations(iterations); // ? ByteSource byteSource = ByteSource.Util.bytes(password); Hash hash = hashService.computeHash(new HashRequest.Builder().setSource(byteSource).build()); // ?Hash return isStoredHex ? hash.toHex() : hash.toBase64(); }
From source file:de.dominikschadow.javasecurity.hash.SHA512HashSample.java
License:Apache License
private boolean verifyPassword(byte[] originalHash, ByteSource publicSalt, String password) { ByteSource privateSalt = ByteSource.Util.bytes(PRIVATE_SALT_BYTES); DefaultHashService hashService = new DefaultHashService(); hashService.setPrivateSalt(privateSalt); hashService.setHashIterations(ITERATIONS); HashRequest.Builder builder = new HashRequest.Builder(); builder.setSource(ByteSource.Util.bytes(password)); builder.setSalt(publicSalt);/* www .j a va2 s . co m*/ Hash comparisonHash = hashService.computeHash(builder.build()); logger.info("password: {}", password); logger.info("1 hash: {}", Base64.encodeToString(originalHash)); logger.info("2 hash: {}", comparisonHash.toBase64()); return Arrays.equals(originalHash, comparisonHash.getBytes()); }
From source file:eu.forgestore.ws.util.EncryptionUtil.java
License:Apache License
/** * return hash value of string//from ww w .j av a 2 s.c om * * @param str unhashed string * @return hash value of string */ public static String hash(String str) { Hash hash = new Md5Hash(str); return hash.toBase64(); }
From source file:org.smallmind.nutsnbolts.shiro.realm.DefaultLdapRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { Hashtable<String, String> env; env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + connectionDetails.getHost() + ":" + connectionDetails.getPort() + "/" + connectionDetails.getRootNamespace()); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, connectionDetails.getUserName()); env.put(Context.SECURITY_CREDENTIALS, connectionDetails.getPassword()); try {// w w w .j a va 2s. co m Attributes userAttributes; if ((userAttributes = ((DirContext) new InitialDirContext(env).lookup(searchPath)) .getAttributes("uid=" + token.getPrincipal().toString())) != null) { Attribute passwordAttribute; if ((passwordAttribute = userAttributes.get("userPassword")) != null) { String hashedPasswordPlusAlgorithm; Hash sha1Hash; hashedPasswordPlusAlgorithm = new String((byte[]) passwordAttribute.get()); sha1Hash = new Sha1Hash(new String((char[]) token.getCredentials())); if (hashedPasswordPlusAlgorithm.equals("{SHA}" + sha1Hash.toBase64())) { return new SimpleAuthenticationInfo(token.getPrincipal(), sha1Hash.getBytes(), getName()); } } } } catch (NamingException namingException) { throw new AuthenticationException(namingException); } return null; }
From source file:test.com.azaptree.services.security.config.HashServiceConfigTest.java
License:Apache License
@Test public void testHashService() { final SecureRandomNumberGenerator rng = new SecureRandomNumberGenerator(); final byte[] privateSalt = rng.nextBytes(32).getBytes(); final int hashIterations = 1024 * 128; final String algo = "SHA-256"; final int nextBytesSize = 32; final HashServiceConfig config1 = new HashServiceConfig("testHash", privateSalt, hashIterations, algo, nextBytesSize);// w w w . jav a2s .com log.info("hashConfig: {}", config1); final HashService hashService1 = config1.getHashService(); final HashService hashService2 = config1.getHashService(); final HashRequest req1 = new HashRequest.Builder().setSource("password").build(); final Hash hash1 = hashService1.computeHash(req1); final HashRequest req2 = new HashRequest.Builder().setSource("password").setSalt(hash1.getSalt()).build(); final Hash hash2 = hashService2.computeHash(req2); Assert.assertEquals(hash2.toBase64(), hash1.toBase64()); }
From source file:test.com.azaptree.services.security.config.HashServiceConfigTest.java
License:Apache License
@Test public void testHashService2() { final HashServiceConfig config1 = new HashServiceConfig("testHash"); log.info("hashConfig: {}", config1); final HashService hashService1 = config1.getHashService(); final HashService hashService2 = config1.getHashService(); final HashRequest req1 = new HashRequest.Builder().setSource("password").build(); final Hash hash1 = hashService1.computeHash(req1); final HashRequest req2 = new HashRequest.Builder().setSource("password").setSalt(hash1.getSalt()).build(); final Hash hash2 = hashService2.computeHash(req2); Assert.assertEquals(hash2.toBase64(), hash1.toBase64()); }
From source file:test.com.azaptree.services.security.dao.HashedCredentialDAOTest.java
License:Apache License
@Transactional @Test/*from w ww.ja v a2s . c o m*/ public void test_update() { final Subject temp = new SubjectImpl(Status.ACTIVATED); final Subject subject = subjectDao.create(temp); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").build(); final Hash hash = hashService.computeHash(hashRequest); final HashedCredential password = new HashedCredentialImpl(subject.getEntityId(), "password", hashServiceConfig.getEntityId(), hash.getBytes(), hash.getAlgorithmName(), hash.getIterations(), hash.getSalt().getBytes(), null); final HashedCredential savedPassword = hashedCredentialDAO.create(password); final HashRequest hashRequest2 = new HashRequest.Builder().setSource("password") .setAlgorithmName(savedPassword.getHashAlgorithm()).setIterations(savedPassword.getHashIterations()) .setSalt(ByteSource.Util.bytes(savedPassword.getSalt())).build(); final Hash hash2 = hashService.computeHash(hashRequest2); Assert.assertTrue(Arrays.equals(hash2.getBytes(), savedPassword.getHash())); Assert.assertEquals(hash2.toBase64(), ByteSource.Util.bytes(savedPassword.getHash()).toBase64()); final HashRequest hashRequest3 = new HashRequest.Builder().setSource("password2").build(); final Hash hash3 = hashService.computeHash(hashRequest3); final HashedCredential changedPassword = new HashedCredentialImpl(savedPassword, hash3.getBytes(), hash3.getAlgorithmName(), hash3.getIterations(), hash3.getSalt().getBytes(), null); final HashedCredential savedChangedPassword = hashedCredentialDAO.update(changedPassword); Assert.assertEquals(savedChangedPassword.getEntityVersion(), 2l); Assert.assertTrue(savedChangedPassword.getEntityUpdatedOn() > savedPassword.getEntityUpdatedOn()); Assert.assertEquals(savedChangedPassword.getEntityCreatedOn(), savedPassword.getEntityCreatedOn()); Assert.assertNotEquals(savedChangedPassword, savedPassword); }