Coverage Summary for Class: LegacyJasyptPasswordEncryptor (com.acciente.oacc.encryptor.jasypt)

Class Class, % Method, % Line, %
LegacyJasyptPasswordEncryptor 100% (1/ 1) 100% (5/ 5) 100% (24/ 24)


1 /* 2  * Copyright 2009-2018, Acciente LLC 3  * 4  * Acciente LLC licenses this file to you under the 5  * Apache License, Version 2.0 (the "License"); you 6  * may not use this file except in compliance with the 7  * License. You may obtain a copy of the License at 8  * 9  * http://www.apache.org/licenses/LICENSE-2.0 10  * 11  * Unless required by applicable law or agreed to in 12  * writing, software distributed under the License is 13  * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES 14  * OR CONDITIONS OF ANY KIND, either express or implied. 15  * See the License for the specific language governing 16  * permissions and limitations under the License. 17  */ 18 package com.acciente.oacc.encryptor.jasypt; 19  20 import com.acciente.oacc.encryptor.PasswordEncryptor; 21 import com.acciente.oacc.normalizer.TextNormalizer; 22 import org.jasypt.contrib.org.apache.commons.codec_1_3.binary.Base64; 23 import org.jasypt.digest.StandardByteDigester; 24  25 import java.nio.ByteBuffer; 26 import java.nio.CharBuffer; 27 import java.nio.charset.StandardCharsets; 28 import java.util.Arrays; 29  30 /** 31  * Password encryptor implementation that was the sole password encryptor in OACC v2.0.0.rc7 and prior. 32  */ 33 public final class LegacyJasyptPasswordEncryptor implements PasswordEncryptor { 34  private final StandardByteDigester digester; 35  private final Base64 base64; 36  37  /** 38  * Returns an instance of the legacy password encryptor implementation used in OACC v2.0.0.rc7 (and prior). 39  */ 40  public static LegacyJasyptPasswordEncryptor newInstance() { 41  return new LegacyJasyptPasswordEncryptor(); 42  } 43  44  private LegacyJasyptPasswordEncryptor() { 45  this.digester = new StandardByteDigester(); 46  this.digester.setAlgorithm("SHA-256"); 47  this.digester.setIterations(100000); 48  this.digester.setSaltSizeBytes(16); 49  this.digester.initialize(); 50  this.base64 = new Base64(); 51  } 52  53  @Override 54  public String encryptPassword(final char[] password) { 55  if (password == null) { 56  return null; 57  } 58  59  final byte[] digest = this.digester.digest(getCleanedBytes(password)); 60  61  return new String(this.base64.encode(digest), StandardCharsets.US_ASCII); 62  } 63  64  @Override 65  public boolean checkPassword(final char[] plainPassword, 66  final String encryptedPassword) { 67  if (plainPassword == null) { 68  return (encryptedPassword == null); 69  } 70  else if (encryptedPassword == null) { 71  return false; 72  } 73  74  return this.digester.matches(getCleanedBytes(plainPassword), 75  this.base64.decode(encryptedPassword.getBytes(StandardCharsets.US_ASCII))); 76  } 77  78  private byte[] getCleanedBytes(char[] password) { 79  final char[] normalizedChars = TextNormalizer.getInstance().normalizeToNfc(password); 80  final ByteBuffer byteBuffer = StandardCharsets.UTF_8.encode(CharBuffer.wrap(normalizedChars)); 81  final byte[] byteArray = new byte[byteBuffer.remaining()]; 82  byteBuffer.get(byteArray); 83  Arrays.fill(byteBuffer.array(), (byte) 0); 84  return byteArray; 85  } 86 }