summaryrefslogtreecommitdiffstats
path: root/security-utils/src/main/java/org/openecomp/sdc/security/Passwords.java
diff options
context:
space:
mode:
Diffstat (limited to 'security-utils/src/main/java/org/openecomp/sdc/security/Passwords.java')
-rw-r--r--security-utils/src/main/java/org/openecomp/sdc/security/Passwords.java36
1 files changed, 31 insertions, 5 deletions
diff --git a/security-utils/src/main/java/org/openecomp/sdc/security/Passwords.java b/security-utils/src/main/java/org/openecomp/sdc/security/Passwords.java
index ef424b95de..5f5e00722e 100644
--- a/security-utils/src/main/java/org/openecomp/sdc/security/Passwords.java
+++ b/security-utils/src/main/java/org/openecomp/sdc/security/Passwords.java
@@ -20,6 +20,9 @@
package org.openecomp.sdc.security;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
@@ -27,8 +30,10 @@ import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Random;
+
public class Passwords {
+ private static Logger log = LoggerFactory.getLogger( Passwords.class.getName());
private static final Random RANDOM = new SecureRandom();
private static final int SALT = 0;
private static final int HASH = 1;
@@ -47,13 +52,14 @@ public class Passwords {
* @return a "salt:hash" value
*/
public static String hashPassword(String password) {
- byte[] salt = getNextSalt();
- byte byteData[] = hash(salt, password.getBytes());
- if (byteData != null) {
- return toHex(salt) + ":" + toHex(byteData);
+ if (password!=null){
+ byte[] salt = getNextSalt();
+ byte byteData[] = hash(salt, password.getBytes());
+ if (byteData != null) {
+ return toHex(salt) + ":" + toHex(byteData);
+ }
}
return null;
-
}
/**
@@ -64,6 +70,15 @@ public class Passwords {
* @return
*/
public static boolean isExpectedPassword(String password, String expectedHash) {
+ if (password==null && expectedHash==null)
+ return true;
+ if (password==null || expectedHash==null) //iff exactly 1 is null
+ return false;
+ if (!expectedHash.contains(":")){
+ log.error("invalid password expecting hash at the prefix of the password (ex. e0277df331f4ff8f74752ac4a8fbe03b:6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0)\n" +
+ "\t\t\t");
+ return false;
+ }
String[] params = expectedHash.split(":");
return isExpectedPassword(password, params[SALT], params[HASH]);
}
@@ -78,6 +93,15 @@ public class Passwords {
* @return true if the password matched the hash
*/
public static boolean isExpectedPassword(String password, String salt, String hash) {
+ if ( password == null && hash == null )
+ return true;
+ if ( salt == null ){
+ log.error("salt must be initialized");
+ return false;
+ }
+ //unintialized params
+ if ( password == null || hash == null )
+ return false;
byte[] saltBytes = fromHex(salt);
byte[] hashBytes = fromHex(hash);
@@ -137,6 +161,8 @@ public class Passwords {
* @return the hex string decoded into a byte array
*/
private static byte[] fromHex(String hex) {
+ if ( hex == null )
+ return null;
byte[] binary = new byte[hex.length() / 2];
for (int i = 0; i < binary.length; i++) {
binary[i] = (byte) Integer.parseInt(hex.substring(2 * i, 2 * i + 2), 16);