aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/helper/Hashing.java
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2019-03-31 22:35:39 -0700
committerAnton Tananaev <anton.tananaev@gmail.com>2019-03-31 22:35:39 -0700
commit59416923dcb3a756eaf532cc4259f2f6625c0762 (patch)
tree9082dae6616deac8fda432b7bfd80e4a52b6d9dc /src/org/traccar/helper/Hashing.java
parent79a129dd6327d932133d6b9a50190d3f4927bff9 (diff)
downloadtrackermap-server-59416923dcb3a756eaf532cc4259f2f6625c0762.tar.gz
trackermap-server-59416923dcb3a756eaf532cc4259f2f6625c0762.tar.bz2
trackermap-server-59416923dcb3a756eaf532cc4259f2f6625c0762.zip
Convert project to gradle
Diffstat (limited to 'src/org/traccar/helper/Hashing.java')
-rw-r--r--src/org/traccar/helper/Hashing.java100
1 files changed, 0 insertions, 100 deletions
diff --git a/src/org/traccar/helper/Hashing.java b/src/org/traccar/helper/Hashing.java
deleted file mode 100644
index e91310eda..000000000
--- a/src/org/traccar/helper/Hashing.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Copyright 2015 Anton Tananaev (anton@traccar.org)
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.traccar.helper;
-
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.security.spec.InvalidKeySpecException;
-
-public final class Hashing {
-
- public static final int ITERATIONS = 1000;
- public static final int SALT_SIZE = 24;
- public static final int HASH_SIZE = 24;
-
- private static SecretKeyFactory factory;
- static {
- try {
- factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- }
- }
-
- public static class HashingResult {
-
- private final String hash;
- private final String salt;
-
- public HashingResult(String hash, String salt) {
- this.hash = hash;
- this.salt = salt;
- }
-
- public String getHash() {
- return hash;
- }
-
- public String getSalt() {
- return salt;
- }
- }
-
- private Hashing() {
- }
-
- private static byte[] function(char[] password, byte[] salt) {
- try {
- PBEKeySpec spec = new PBEKeySpec(password, salt, ITERATIONS, HASH_SIZE * Byte.SIZE);
- return factory.generateSecret(spec).getEncoded();
- } catch (InvalidKeySpecException e) {
- throw new SecurityException(e);
- }
- }
-
- private static final SecureRandom RANDOM = new SecureRandom();
-
- public static HashingResult createHash(String password) {
- byte[] salt = new byte[SALT_SIZE];
- RANDOM.nextBytes(salt);
- byte[] hash = function(password.toCharArray(), salt);
- return new HashingResult(
- DataConverter.printHex(hash),
- DataConverter.printHex(salt));
- }
-
- public static boolean validatePassword(String password, String hashHex, String saltHex) {
- byte[] hash = DataConverter.parseHex(hashHex);
- byte[] salt = DataConverter.parseHex(saltHex);
- return slowEquals(hash, function(password.toCharArray(), salt));
- }
-
- /**
- * Compares two byte arrays in length-constant time. This comparison method
- * is used so that password hashes cannot be extracted from an on-line
- * system using a timing attack and then attacked off-line.
- */
- private static boolean slowEquals(byte[] a, byte[] b) {
- int diff = a.length ^ b.length;
- for (int i = 0; i < a.length && i < b.length; i++) {
- diff |= a[i] ^ b[i];
- }
- return diff == 0;
- }
-
-}