1 packageorg.apache.ranger.plugin.util;2
3 importjava.io.IOException;4 importjava.util.Map;5
6 importjavax.crypto.Cipher;7 importjavax.crypto.SecretKey;8 importjavax.crypto.SecretKeyFactory;9 importjavax.crypto.spec.PBEKeySpec;10 importjavax.crypto.spec.PBEParameterSpec;11
12 importorg.apache.commons.lang.StringUtils;13 importorg.slf4j.Logger;14 importorg.slf4j.LoggerFactory;15
16 importcom.sun.jersey.core.util.Base64;17 public classPasswordUtils {18
19 private static final Logger LOG = LoggerFactory.getLogger(PasswordUtils.class);20
21 private finalString CRYPT_ALGO;22 privateString password;23 private final char[] ENCRYPT_KEY;24 private final byte[] SALT;25 private final intITERATION_COUNT;26 private final char[] encryptKey;27 private final byte[] salt;28 private static final String LEN_SEPARATOR_STR = ":";29
30 public static final String DEFAULT_CRYPT_ALGO = "PBEWithMD5AndDES";31 public static final String DEFAULT_ENCRYPT_KEY = "tzL1AKl5uc4NKYaoQ4P3WLGIBFPXWPWdu1fRm9004jtQiV";32 public static final String DEFAULT_SALT = "f77aLYLo";33 public static final int DEFAULT_ITERATION_COUNT = 17;34
35 public static String encryptPassword(String aPassword) throwsIOException {36 return newPasswordUtils(aPassword).encrypt();37 }38
39 private String encrypt() throwsIOException {40 String ret = null;41 String strToEncrypt = null;42 if (password == null) {43 strToEncrypt = "";44 } else{45 strToEncrypt = password.length() + LEN_SEPARATOR_STR +password;46 }47 try{48 Cipher engine =Cipher.getInstance(CRYPT_ALGO);49 PBEKeySpec keySpec = newPBEKeySpec(encryptKey);50 SecretKeyFactory skf =SecretKeyFactory.getInstance(CRYPT_ALGO);51 SecretKey key =skf.generateSecret(keySpec);52 engine.init(Cipher.ENCRYPT_MODE, key, newPBEParameterSpec(salt, ITERATION_COUNT));53 byte[] encryptedStr =engine.doFinal(strToEncrypt.getBytes());54 ret = newString(Base64.encode(encryptedStr));55 }56 catch(Throwable t) {57 LOG.error("Unable to encrypt password due to error", t);58 throw new IOException("Unable to encrypt password due to error", t);59 }60 returnret;61 }62
63 PasswordUtils(String aPassword) {64 String[] crypt_algo_array = null;65 int count = 0;66 if (aPassword != null && aPassword.contains(",")) {67 count = StringUtils.countMatches(aPassword, ",");68 crypt_algo_array = aPassword.split(",");69 }70 if (crypt_algo_array != null && crypt_algo_array.length > 4) {71 CRYPT_ALGO = crypt_algo_array[0];72 ENCRYPT_KEY = crypt_algo_array[1].toCharArray();73 SALT = crypt_algo_array[2].getBytes();74 ITERATION_COUNT = Integer.parseInt(crypt_algo_array[3]);75 password = crypt_algo_array[4];76 if (count > 4) {77 for (int i = 5 ; i<=count ; i++){78 password = password + "," +crypt_algo_array[i];79 }80 }81 } else{82 CRYPT_ALGO =DEFAULT_CRYPT_ALGO;83 ENCRYPT_KEY =DEFAULT_ENCRYPT_KEY.toCharArray();84 SALT =DEFAULT_SALT.getBytes();85 ITERATION_COUNT =DEFAULT_ITERATION_COUNT;86 password =aPassword;87 }88 Map env =System.getenv();89 String encryptKeyStr = env.get("ENCRYPT_KEY");90 if (encryptKeyStr == null) {91 encryptKey=ENCRYPT_KEY;92 }else{93 encryptKey=encryptKeyStr.toCharArray();94 }95 String saltStr = env.get("ENCRYPT_SALT");96 if (saltStr == null) {97 salt =SALT;98 }else{99 salt=saltStr.getBytes();100 }101 }102
103 public static String decryptPassword(String aPassword) throwsIOException {104 return newPasswordUtils(aPassword).decrypt();105 }106
107 private String decrypt() throwsIOException {108 String ret = null;109 try{110 byte[] decodedPassword =Base64.decode(password);111 Cipher engine =Cipher.getInstance(CRYPT_ALGO);112 PBEKeySpec keySpec = newPBEKeySpec(encryptKey);113 SecretKeyFactory skf =SecretKeyFactory.getInstance(CRYPT_ALGO);114 SecretKey key =skf.generateSecret(keySpec);115 engine.init(Cipher.DECRYPT_MODE, key,newPBEParameterSpec(salt, ITERATION_COUNT));116 String decrypted = newString(engine.doFinal(decodedPassword));117 int foundAt =decrypted.indexOf(LEN_SEPARATOR_STR);118 if (foundAt > -1) {119 if (decrypted.length() >foundAt) {120 ret = decrypted.substring(foundAt+1);121 }122 else{123 ret = "";124 }125 }126 else{127 ret = null;128 }129 }130 catch(Throwable t) {131 LOG.error("Unable to decrypt password due to error", t);132 throw new IOException("Unable to decrypt password due to error", t);133 }134 returnret;135 }136
137 public staticString getDecryptPassword(String password) {138 String decryptedPwd = null;139 try{140 decryptedPwd =decryptPassword(password);141 } catch(Exception ex) {142 LOG.warn("Password decryption failed, trying original password string.");143 decryptedPwd = null;144 } finally{145 if (decryptedPwd == null) {146 decryptedPwd =password;147 }148 }149 returndecryptedPwd;150 }151 }
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
