X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?a=blobdiff_plain;f=aaa-authn-api%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Faaa%2Fapi%2FSHA256Calculator.java;h=4eafb05c9e5d7088a69ce646dff2b71f049d2e6b;hb=refs%2Fchanges%2F81%2F69581%2F2;hp=296b0bd1805ffc6720b29138b7d192f88a78c06d;hpb=66138403b1c1e24dd7a73a459af54cfc51146800;p=aaa.git diff --git a/aaa-authn-api/src/main/java/org/opendaylight/aaa/api/SHA256Calculator.java b/aaa-authn-api/src/main/java/org/opendaylight/aaa/api/SHA256Calculator.java index 296b0bd18..4eafb05c9 100644 --- a/aaa-authn-api/src/main/java/org/opendaylight/aaa/api/SHA256Calculator.java +++ b/aaa-authn-api/src/main/java/org/opendaylight/aaa/api/SHA256Calculator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015 Cisco Systems, Inc. and others. All rights reserved. + * Copyright (c) 2015, 2017 Cisco Systems, Inc. and others. All rights reserved. * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License v1.0 which accompanies this distribution, @@ -7,17 +7,22 @@ */ package org.opendaylight.aaa.api; +import java.nio.charset.StandardCharsets; import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; import java.util.concurrent.locks.ReentrantReadWriteLock; import java.util.concurrent.locks.ReentrantReadWriteLock.WriteLock; - +import javax.xml.bind.DatatypeConverter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -/* - * @Author - Sharon Aicler (saichler@cisco.com) +/** + * Calculate SHA256. + * + * @author Sharon Aicler (saichler@cisco.com) */ -public class SHA256Calculator { +@Deprecated +public final class SHA256Calculator { private static final Logger LOG = LoggerFactory.getLogger(SHA256Calculator.class); @@ -25,6 +30,10 @@ public class SHA256Calculator { private static ReentrantReadWriteLock lock = new ReentrantReadWriteLock(); private static WriteLock writeLock = lock.writeLock(); + private SHA256Calculator() { + + } + public static String generateSALT() { StringBuffer salt = new StringBuffer(); for (int i = 0; i < 12; i++) { @@ -34,11 +43,11 @@ public class SHA256Calculator { return salt.toString(); } - public static String getSHA256(byte data[], String salt) { - byte SALT[] = salt.getBytes(); - byte temp[] = new byte[data.length + SALT.length]; + public static String getSHA256(byte[] data, String salt) { + byte[] saltBytes = salt.getBytes(StandardCharsets.UTF_8); + byte[] temp = new byte[data.length + saltBytes.length]; System.arraycopy(data, 0, temp, 0, data.length); - System.arraycopy(SALT, 0, temp, data.length, SALT.length); + System.arraycopy(saltBytes, 0, temp, data.length, saltBytes.length); if (md == null) { try { @@ -46,8 +55,8 @@ public class SHA256Calculator { if (md == null) { try { md = MessageDigest.getInstance("SHA-256"); - } catch (Exception err) { - LOG.error("Error calculating SHA-256 for SALT", err); + } catch (NoSuchAlgorithmException e) { + LOG.error("Error calculating SHA-256 for SALT", e); } } } finally { @@ -55,7 +64,7 @@ public class SHA256Calculator { } } - byte by[] = null; + byte[] by = null; try { writeLock.lock(); @@ -64,20 +73,11 @@ public class SHA256Calculator { } finally { writeLock.unlock(); } - return removeSpecialCharacters(new String(by)); + // Make sure the outcome hash does not contain special characters + return DatatypeConverter.printBase64Binary(by); } public static String getSHA256(String password, String salt) { - return getSHA256(password.getBytes(), salt); - } - - public static String removeSpecialCharacters(String str) { - StringBuilder buff = new StringBuilder(); - for (int i = 0; i < str.length(); i++) { - if (str.charAt(i) != '\'' && str.charAt(i) != 0) { - buff.append(str.charAt(i)); - } - } - return buff.toString(); + return getSHA256(password.getBytes(StandardCharsets.UTF_8), salt); } -} \ No newline at end of file +}