View Javadoc

1   package org.apache.turbine.services.crypto.provider;
2   
3   /*
4    * Copyright 2001-2005 The Apache Software Foundation.
5    *
6    * Licensed under the Apache License, Version 2.0 (the "License")
7    * you may not use this file except in compliance with the License.
8    * You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  import java.io.ByteArrayOutputStream;
20  import java.io.OutputStream;
21  
22  import java.security.MessageDigest;
23  
24  import javax.mail.internet.MimeUtility;
25  
26  import org.apache.turbine.services.crypto.CryptoAlgorithm;
27  
28  /***
29   * This is the Message Digest Implementation of Turbine 2.1. It does
30   * not pad the Base64 encryption of the Message Digests correctly but
31   * truncates after 20 chars. This leads to interoperability problems
32   * if you want to use e.g. database columns between two languages.
33   *
34   * If you upgrade an application from Turbine 2.1 and have already used
35   * the Security Service with encrypted passwords and no way to rebuild
36   * your databases, use this provider. It is bug-compatible.
37   *
38   * DO NOT USE THIS PROVIDER FOR ANY NEW APPLICATION!
39   *
40   * Nevertheless it can be used as the default crypto algorithm .
41   *
42   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
43   * @version $Id: OldJavaCrypt.java 264148 2005-08-29 14:21:04Z henning $
44   */
45  public class OldJavaCrypt
46          implements CryptoAlgorithm
47  {
48  
49      /*** The default cipher */
50      public static final String DEFAULT_CIPHER = "SHA";
51  
52      /*** The cipher to use for encryption */
53      private String cipher = null;
54  
55      /***
56       * C'tor
57       */
58      public OldJavaCrypt()
59      {
60          this.cipher = DEFAULT_CIPHER;
61      }
62  
63      /***
64       * Setting the actual cipher requested. If not
65       * called, then the default cipher (SHA) is used.
66       *
67       * This will never throw an error even if there is no
68       * provider for this cipher. The error will be thrown
69       * by encrypt() (Fixme?)
70       *
71       * @param cipher     The cipher to use.
72       */
73      public void setCipher(String cipher)
74      {
75          this.cipher = cipher;
76      }
77  
78      /***
79       * This class never uses a seed, so this is
80       * just a dummy.
81       *
82       * @param seed        Seed (ignored)
83       */
84      public void setSeed(String seed)
85      {
86          /* dummy */
87      }
88  
89      /***
90       * Encrypt the supplied string with the requested cipher
91       *
92       * @param value       The value to be encrypted
93       * @return The encrypted value
94       * @throws Exception An Exception of the underlying implementation.
95       */
96      public String encrypt(String value)
97              throws Exception
98      {
99          MessageDigest md = MessageDigest.getInstance(cipher);
100 
101         // We need to use unicode here, to be independent of platform's
102         // default encoding. Thanks to SGawin for spotting this.
103 
104         byte[] digest = md.digest(value.getBytes("UTF-8"));
105         ByteArrayOutputStream bas =
106                 new ByteArrayOutputStream(digest.length + digest.length / 3 + 1);
107         OutputStream encodedStream = MimeUtility.encode(bas, "base64");
108         encodedStream.write(digest);
109         return bas.toString();
110     }
111 
112 }