Implement 389 DS's PBKDF2_SHA256 password scheme.

[lgpl/argeo-commons.git] / org.argeo.enterprise / src / org / argeo / osgi / useradmin / AuthenticatingUser.java
diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AuthenticatingUser.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AuthenticatingUser.java

index 2689d34fcae39c4d6b55738955aeab59d6d5697b..01db8be9895b9f3548728f2b6d5c580f684424e4 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AuthenticatingUser.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AuthenticatingUser.java
@@ -1,9 +1,5 @@
  package org.argeo.osgi.useradmin;
  
-import java.nio.ByteBuffer;
-import java.nio.CharBuffer;
-import java.nio.charset.Charset;
-import java.util.Arrays;
  import java.util.Dictionary;
  import java.util.Hashtable;
  
@@ -25,6 +21,8 @@ public class AuthenticatingUser implements User {
         private final Dictionary<String, Object> credentials;
  
         public AuthenticatingUser(LdapName name) {
+               if (name == null)
+                       throw new NullPointerException("Provided name cannot be null.");
                 this.name = name.toString();
                 this.credentials = new Hashtable<>();
         }
@@ -35,10 +33,12 @@ public class AuthenticatingUser implements User {
         }
  
         public AuthenticatingUser(String name, char[] password) {
+               if (name == null)
+                       throw new NullPointerException("Provided name cannot be null.");
                 this.name = name;
                 credentials = new Hashtable<>();
                 credentials.put(SHARED_STATE_NAME, name);
-               byte[] pwd = charsToBytes(password);
+               byte[] pwd = DigestUtils.charsToBytes(password);
                 credentials.put(SHARED_STATE_PWD, pwd);
         }
  
@@ -52,13 +52,13 @@ public class AuthenticatingUser implements User {
                 return User.USER;
         }
  
-       @SuppressWarnings("rawtypes")
+       @SuppressWarnings({ "rawtypes", "unchecked" })
         @Override
         public Dictionary getProperties() {
                 throw new UnsupportedOperationException();
         }
  
-       @SuppressWarnings("rawtypes")
+       @SuppressWarnings({ "rawtypes", "unchecked" })
         @Override
         public Dictionary getCredentials() {
                 return credentials;
@@ -69,22 +69,14 @@ public class AuthenticatingUser implements User {
                 throw new UnsupportedOperationException();
         }
  
-       static byte[] charsToBytes(char[] chars) {
-               CharBuffer charBuffer = CharBuffer.wrap(chars);
-               ByteBuffer byteBuffer = Charset.forName("UTF-8").encode(charBuffer);
-               byte[] bytes = Arrays.copyOfRange(byteBuffer.array(), byteBuffer.position(), byteBuffer.limit());
-               Arrays.fill(charBuffer.array(), '\u0000'); // clear sensitive data
-               Arrays.fill(byteBuffer.array(), (byte) 0); // clear sensitive data
-               return bytes;
+       @Override
+       public int hashCode() {
+               return name.hashCode();
         }
  
-       static char[] bytesToChars(byte[] bytes) {
-               ByteBuffer byteBuffer = ByteBuffer.wrap(bytes);
-               CharBuffer charBuffer = Charset.forName("UTF-8").decode(byteBuffer);
-               char[] chars = Arrays.copyOfRange(charBuffer.array(), charBuffer.position(), charBuffer.limit());
-               Arrays.fill(charBuffer.array(), '\u0000'); // clear sensitive data
-               Arrays.fill(byteBuffer.array(), (byte) 0); // clear sensitive data
-               return chars;
+       @Override
+       public String toString() {
+               return "Authenticating user " + name;
         }
  
  }