1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.util.security;
20
21 import java.io.Serializable;
22 import java.nio.charset.StandardCharsets;
23 import java.security.MessageDigest;
24
25 import org.eclipse.jetty.util.StringUtil;
26 import org.eclipse.jetty.util.TypeUtil;
27 import org.eclipse.jetty.util.log.Log;
28 import org.eclipse.jetty.util.log.Logger;
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45 public abstract class Credential implements Serializable
46 {
47 private static final Logger LOG = Log.getLogger(Credential.class);
48
49 private static final long serialVersionUID = -7760551052768181572L;
50
51
52
53
54
55
56
57
58
59
60
61 public abstract boolean check(Object credentials);
62
63
64
65
66
67
68
69
70
71
72 public static Credential getCredential(String credential)
73 {
74 if (credential.startsWith(Crypt.__TYPE)) return new Crypt(credential);
75 if (credential.startsWith(MD5.__TYPE)) return new MD5(credential);
76
77 return new Password(credential);
78 }
79
80
81
82
83
84 public static class Crypt extends Credential
85 {
86 private static final long serialVersionUID = -2027792997664744210L;
87
88 public static final String __TYPE = "CRYPT:";
89
90 private final String _cooked;
91
92 Crypt(String cooked)
93 {
94 _cooked = cooked.startsWith(Crypt.__TYPE) ? cooked.substring(__TYPE.length()) : cooked;
95 }
96
97 @Override
98 public boolean check(Object credentials)
99 {
100 if (credentials instanceof char[])
101 credentials=new String((char[])credentials);
102 if (!(credentials instanceof String) && !(credentials instanceof Password))
103 LOG.warn("Can't check " + credentials.getClass() + " against CRYPT");
104
105 String passwd = credentials.toString();
106 return _cooked.equals(UnixCrypt.crypt(passwd, _cooked));
107 }
108
109 public static String crypt(String user, String pw)
110 {
111 return "CRYPT:" + UnixCrypt.crypt(pw, user);
112 }
113 }
114
115
116
117
118
119 public static class MD5 extends Credential
120 {
121 private static final long serialVersionUID = 5533846540822684240L;
122
123 public static final String __TYPE = "MD5:";
124
125 public static final Object __md5Lock = new Object();
126
127 private static MessageDigest __md;
128
129 private final byte[] _digest;
130
131
132 MD5(String digest)
133 {
134 digest = digest.startsWith(__TYPE) ? digest.substring(__TYPE.length()) : digest;
135 _digest = TypeUtil.parseBytes(digest, 16);
136 }
137
138
139 public byte[] getDigest()
140 {
141 return _digest;
142 }
143
144
145 @Override
146 public boolean check(Object credentials)
147 {
148 try
149 {
150 byte[] digest = null;
151
152 if (credentials instanceof char[])
153 credentials=new String((char[])credentials);
154 if (credentials instanceof Password || credentials instanceof String)
155 {
156 synchronized (__md5Lock)
157 {
158 if (__md == null) __md = MessageDigest.getInstance("MD5");
159 __md.reset();
160 __md.update(credentials.toString().getBytes(StandardCharsets.ISO_8859_1));
161 digest = __md.digest();
162 }
163 if (digest == null || digest.length != _digest.length) return false;
164 for (int i = 0; i < digest.length; i++)
165 if (digest[i] != _digest[i]) return false;
166 return true;
167 }
168 else if (credentials instanceof MD5)
169 {
170 MD5 md5 = (MD5) credentials;
171 if (_digest.length != md5._digest.length) return false;
172 for (int i = 0; i < _digest.length; i++)
173 if (_digest[i] != md5._digest[i]) return false;
174 return true;
175 }
176 else if (credentials instanceof Credential)
177 {
178
179
180 return ((Credential) credentials).check(this);
181 }
182 else
183 {
184 LOG.warn("Can't check " + credentials.getClass() + " against MD5");
185 return false;
186 }
187 }
188 catch (Exception e)
189 {
190 LOG.warn(e);
191 return false;
192 }
193 }
194
195
196 public static String digest(String password)
197 {
198 try
199 {
200 byte[] digest;
201 synchronized (__md5Lock)
202 {
203 if (__md == null)
204 {
205 try
206 {
207 __md = MessageDigest.getInstance("MD5");
208 }
209 catch (Exception e)
210 {
211 LOG.warn(e);
212 return null;
213 }
214 }
215
216 __md.reset();
217 __md.update(password.getBytes(StandardCharsets.ISO_8859_1));
218 digest = __md.digest();
219 }
220
221 return __TYPE + TypeUtil.toString(digest, 16);
222 }
223 catch (Exception e)
224 {
225 LOG.warn(e);
226 return null;
227 }
228 }
229 }
230 }