Class UnixDESEncryption
- java.lang.Object
-
- org.silverpeas.core.security.authentication.password.encryption.UnixDESEncryption
-
- All Implemented Interfaces:
PasswordEncryption
@Singleton public class UnixDESEncryption extends Object implements PasswordEncryption
A variation of the DES algorithm (Data Encryption Standard) as used in the Unix systems for a while. It has variations intended to be used for encrypting password and it uses salting to perturb the algorithm in different ways.This symmetric-key encryption method uses a 56-bit key to encrypt a password and as such it is now considered as insecure for many applications; in 1999 it was broken in 22 hours and 15 minutes. It was then replaced by the MD5 algorithm.
It is no more supported in Silverpeas and it shouldn't be used anymore.
It is the Java-based implementation of the unix encrypt command. It is based upon C source code written by Eric Young, eay@psych.uq.oz.au. This class is a renaming of the jcrypt class found at http://www.vulcanware.com/java_jcrypt/
- Author:
- John F. Dumas
-
-
Field Summary
-
Fields inherited from interface org.silverpeas.core.security.authentication.password.PasswordEncryption
BAD_PASSWORD_MESSAGE
-
-
Constructor Summary
Constructors Constructor Description UnixDESEncryption()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
check(String password, String digest)
Checks the specified password matches the specified digest.boolean
doUnderstandDigest(String digest)
Does this encryption understand the specified digest?String
encrypt(String password)
Encrypts the specified password by using a random salt (or no salt for some weakness algorithms).String
encrypt(String password, byte[] salt)
Encrypts the specified password by using the specified salt.byte[]
getSaltUsedInDigest(String digest)
Gets the salt that was used to compute the specified digest.
-
-
-
Method Detail
-
encrypt
public String encrypt(String password)
Encrypts the specified password by using a random salt (or no salt for some weakness algorithms).- Specified by:
encrypt
in interfacePasswordEncryption
- Parameters:
password
- the password to encrypt.- Returns:
- a digest of the password.
-
encrypt
public String encrypt(String password, byte[] salt)
Encrypts the specified password by using the specified salt. If the salt is null or empty, then a random salt is computed.- Specified by:
encrypt
in interfacePasswordEncryption
- Parameters:
password
- the password to encrypt.salt
- the salt to use to generate more entropy in the encryption of the password.- Returns:
- a digest of the password.
-
check
public void check(String password, String digest) throws AssertionError
Checks the specified password matches the specified digest.- Specified by:
check
in interfacePasswordEncryption
- Parameters:
password
- an unencrypted password.digest
- a digest of a password with which the specified password has to be matched.- Throws:
AssertionError
- if the digest wasn't computed from the specified password.
-
getSaltUsedInDigest
public byte[] getSaltUsedInDigest(String digest)
Gets the salt that was used to compute the specified digest.According to the cryptographic algorithm that computed the digest, the salt used in the encryption can be retrieved from the digest itself. In the case the salt cannot be determine, an empty one is then returned.
- Specified by:
getSaltUsedInDigest
in interfacePasswordEncryption
- Parameters:
digest
- the digest from which the salt has to be get.- Returns:
- the salt or nothing (an empty salt) if it cannot be get from the digest.
-
doUnderstandDigest
public boolean doUnderstandDigest(String digest)
Does this encryption understand the specified digest? An encryption understands usually the digest it has itself generated. This method is for knowing the encryption that has computed a given digest.The DES encryption is particular in a way that a text in input produces a digest of the same length; the length of the digest isn't fix and it varies with the input text. So, this method can return bad response and it is recommended to ask before to others encryption to have a more accurate in the response.
- Specified by:
doUnderstandDigest
in interfacePasswordEncryption
- Parameters:
digest
- the digest to analyse.- Returns:
- true if the specified digest was computed by this encryption, false if it doesn't understand it (either the encryption hasn't generated the digest or it cannot analyse it).
-
-