1
2
3
4
5
6
7
8
9
10
11
12
13
14 package org.eclipse.jetty.http.security;
15
16 import java.lang.reflect.Array;
17 import java.security.MessageDigest;
18
19 import org.eclipse.jetty.util.StringUtil;
20 import org.eclipse.jetty.util.TypeUtil;
21 import org.eclipse.jetty.util.log.Log;
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38 public abstract class Credential
39 {
40
41
42
43
44
45
46
47
48
49
50 public abstract boolean check(Object credentials);
51
52
53
54
55
56
57
58
59
60
61 public static Credential getCredential(String credential)
62 {
63 if (credential.startsWith(Crypt.__TYPE)) return new Crypt(credential);
64 if (credential.startsWith(MD5.__TYPE)) return new MD5(credential);
65
66 return new Password(credential);
67 }
68
69
70
71
72
73 public static class Crypt extends Credential
74 {
75 public static final String __TYPE = "CRYPT:";
76
77 private final String _cooked;
78
79 Crypt(String cooked)
80 {
81 _cooked = cooked.startsWith(Crypt.__TYPE) ? cooked.substring(__TYPE.length()) : cooked;
82 }
83
84 public boolean check(Object credentials)
85 {
86 if (credentials instanceof char[])
87 credentials=new String((char[])credentials);
88 if (!(credentials instanceof String) && !(credentials instanceof Password))
89 Log.warn("Can't check " + credentials.getClass() + " against CRYPT");
90
91 String passwd = credentials.toString();
92 return _cooked.equals(UnixCrypt.crypt(passwd, _cooked));
93 }
94
95 public static String crypt(String user, String pw)
96 {
97 return "CRYPT:" + UnixCrypt.crypt(pw, user);
98 }
99 }
100
101
102
103
104
105 public static class MD5 extends Credential
106 {
107 public static final String __TYPE = "MD5:";
108
109 public static final Object __md5Lock = new Object();
110
111 private static MessageDigest __md;
112
113 private final byte[] _digest;
114
115
116 MD5(String digest)
117 {
118 digest = digest.startsWith(__TYPE) ? digest.substring(__TYPE.length()) : digest;
119 _digest = TypeUtil.parseBytes(digest, 16);
120 }
121
122
123 public byte[] getDigest()
124 {
125 return _digest;
126 }
127
128
129 public boolean check(Object credentials)
130 {
131 try
132 {
133 byte[] digest = null;
134
135 if (credentials instanceof char[])
136 credentials=new String((char[])credentials);
137 if (credentials instanceof Password || credentials instanceof String)
138 {
139 synchronized (__md5Lock)
140 {
141 if (__md == null) __md = MessageDigest.getInstance("MD5");
142 __md.reset();
143 __md.update(credentials.toString().getBytes(StringUtil.__ISO_8859_1));
144 digest = __md.digest();
145 }
146 if (digest == null || digest.length != _digest.length) return false;
147 for (int i = 0; i < digest.length; i++)
148 if (digest[i] != _digest[i]) return false;
149 return true;
150 }
151 else if (credentials instanceof MD5)
152 {
153 MD5 md5 = (MD5) credentials;
154 if (_digest.length != md5._digest.length) return false;
155 for (int i = 0; i < _digest.length; i++)
156 if (_digest[i] != md5._digest[i]) return false;
157 return true;
158 }
159 else if (credentials instanceof Credential)
160 {
161
162
163 return ((Credential) credentials).check(this);
164 }
165 else
166 {
167 Log.warn("Can't check " + credentials.getClass() + " against MD5");
168 return false;
169 }
170 }
171 catch (Exception e)
172 {
173 Log.warn(e);
174 return false;
175 }
176 }
177
178
179 public static String digest(String password)
180 {
181 try
182 {
183 byte[] digest;
184 synchronized (__md5Lock)
185 {
186 if (__md == null)
187 {
188 try
189 {
190 __md = MessageDigest.getInstance("MD5");
191 }
192 catch (Exception e)
193 {
194 Log.warn(e);
195 return null;
196 }
197 }
198
199 __md.reset();
200 __md.update(password.getBytes(StringUtil.__ISO_8859_1));
201 digest = __md.digest();
202 }
203
204 return __TYPE + TypeUtil.toString(digest, 16);
205 }
206 catch (Exception e)
207 {
208 Log.warn(e);
209 return null;
210 }
211 }
212 }
213 }