Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Simplify Digester utility class.

This commit is contained in:
Luke Taylor 2011-05-25 19:09:08 +01:00
parent 84902ebb50
commit 42e0e158b4
2 changed files with 10 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
core/src/main/java/org/springframework/security/crypto/password/Digester.java
View File

@ -22,12 +22,12 @@ import java.security.NoSuchProviderException;
/** /**
* Helper for working with the MessageDigest API. * Helper for working with the MessageDigest API.
* *
* Performs 1024 iterations of the hashing algorithm per digest to aid in protecting against brute force attacks. * Performs the configured number of iterations of the hashing algorithm per digest to aid in protecting against brute force attacks.
* *
* @author Keith Donald * @author Keith Donald
* @author Luke Taylor * @author Luke Taylor
*/ */
class Digester { final class Digester {
private final MessageDigest messageDigest; private final MessageDigest messageDigest;
@ -36,6 +36,7 @@ class Digester {
/** /**
* Create a new Digester. * Create a new Digester.
* @param algorithm the digest algorithm; for example, "SHA-1" or "SHA-256". * @param algorithm the digest algorithm; for example, "SHA-1" or "SHA-256".
* @param iterations the number of times to apply the digest algorithm to the input
*/ */
public Digester(String algorithm, int iterations) { public Digester(String algorithm, int iterations) {
try { try {
@ -49,16 +50,10 @@ class Digester {
public byte[] digest(byte[] value) { public byte[] digest(byte[] value) {
synchronized (messageDigest) { synchronized (messageDigest) {
for (int i = 0; i < (iterations - 1); i++) { for (int i = 0; i < iterations; i++) {
value = invokeDigest(value); value = messageDigest.digest(value);
} }
return messageDigest.digest(value); return value;
} }
} }
private byte[] invokeDigest(byte[] value) {
messageDigest.reset();
return messageDigest.digest(value);
}
} }

8
core/src/test/java/org/springframework/security/crypto/password/DigesterTests.java
View File

@ -14,11 +14,11 @@ import org.springframework.security.crypto.password.Digester;
public class DigesterTests { public class DigesterTests {
@Test @Test
public void digestIsCorrectFor2Iterations() { public void digestIsCorrectFor3Iterations() {
Digester digester = new Digester("SHA-1", 2); Digester digester = new Digester("SHA-1", 3);
byte[] result = digester.digest(Utf8.encode("text")); byte[] result = digester.digest(Utf8.encode("text"));
// echo -n text | openssl sha1 -binary | openssl sha1 // echo -n text | openssl sha1 -binary | openssl sha1 -binary | openssl sha1
assertEquals("cdcefc6a573f294e60e1d633bca3aeba450954a3", new String(Hex.encode(result))); assertEquals("3cfa28da425eca5b894f0af2b158adf7001e000f", new String(Hex.encode(result)));
} }
} }