mise à jour de upassword

2015-07-01 04:04:04 +04:00 · 2015-07-01 04:04:04 +04:00 · fda97a8289
parent 9509c955ce
commit fda97a8289
1 changed files with 74 additions and 14 deletions
--- a/88
+++ b/88
@ -3754,7 +3754,7 @@ public class upassword {
    // ------------------------------------------------------------------------
    public static class Password {
        public static final String CLEARTEXT = "", CRYPT = "CRYPT", MD5 = "MD5", SMD5 = "SMD5",
-                SHA = "SHA", SSHA = "SSHA";
+                SHA = "SHA", XSHA = "XSHA", SSHA = "SSHA";

        public static final String DEFAULT_SCHEME = SSHA;

@ -3769,34 +3769,56 @@ public class upassword {
        private static final Pattern NORMALIZED_FORMAT = Pattern.compile("\\{.+\\}.+");

        public static final boolean isNormalizedFormat(String pw) {
-            return NORMALIZED_FORMAT.matcher(pw).matches();
+            return pw != null && NORMALIZED_FORMAT.matcher(pw).matches();
        }

-        public static final String getNormalizedScheme(String pw) {
+        private static final Pattern XSHA_FORMAT = Pattern.compile("[A-Fa-f0-9]{40}");
+
+        public static final boolean isXshaFormat(String pw) {
+            return pw != null && XSHA_FORMAT.matcher(pw).matches();
+        }
+
+        public static final String getNormalizedScheme(String pw, boolean parseXsha) {
            if (pw == null) return null;
            if (isNormalizedFormat(pw)) {
                int p = pw.indexOf('}');
                return strSubstr(pw, 1, p).toUpperCase();
+            } else if (parseXsha && isXshaFormat(pw)) {
+                return XSHA;
            } else {
                return CLEARTEXT;
            }
        }

-        public static final String getNormalizedPassword(String pw) {
+        public static final String getNormalizedScheme(String pw) {
+            return getNormalizedScheme(pw, false);
+        }
+
+        public static final String getNormalizedPassword(String pw, boolean parseXsha) {
            if (pw == null) return null;
            if (isNormalizedFormat(pw)) {
                int p = pw.indexOf('}');
                return strSubstr(pw, p + 1);
+            } else if (parseXsha && isXshaFormat(pw)) {
+                return pw;
            } else {
                return pw;
            }
        }

-        public static final boolean isClearScheme(String pw) {
-            String scheme = getNormalizedScheme(pw);
+        public static final String getNormalizedPassword(String pw) {
+            return getNormalizedPassword(pw, false);
+        }
+
+        public static final boolean isClearScheme(String pw, boolean parseXsha) {
+            String scheme = getNormalizedScheme(pw, parseXsha);
            return strIsempty(scheme) || CLEARTEXT.equals(scheme);
        }

+        public static final boolean isClearScheme(String pw) {
+            return isClearScheme(pw, false);
+        }
+
        public static final boolean isCryptScheme(String pw) {
            return CRYPT.equals(getNormalizedScheme(pw));
        }
@ -3813,6 +3835,10 @@ public class upassword {
            return SHA.equals(getNormalizedScheme(pw));
        }

+        public static final boolean isXshaScheme(String pw) {
+            return XSHA.equals(getNormalizedScheme(pw, true));
+        }
+
        public static final boolean isSshaScheme(String pw) {
            return SSHA.equals(getNormalizedScheme(pw));
        }
@ -3852,6 +3878,12 @@ public class upassword {
            setScheme(scheme);
        }

+        protected boolean parseXsha;
+
+        public void setParseXsha(boolean parseXsha) {
+            this.parseXsha = parseXsha;
+        }
+
        protected String scheme;

        public String getScheme() {
@ -3886,6 +3918,10 @@ public class upassword {
            return SHA.equals(scheme);
        }

+        public boolean isXshaScheme() {
+            return XSHA.equals(scheme);
+        }
+
        public boolean isSshaScheme() {
            return SSHA.equals(scheme);
        }
@ -3966,6 +4002,13 @@ public class upassword {
            return this;
        }

+        public Password setXshaPassword(String pw) {
+            reset(true);
+            scheme = XSHA;
+            crypted = pw;
+            return this;
+        }
+
        public Password setSshaPassword(String pw) {
            reset(true);
            scheme = SSHA;
@ -3996,6 +4039,7 @@ public class upassword {
                else if (isMd5Scheme()) crypted = Hash.md5(clear);
                else if (isSmd5Scheme()) crypted = Hash.smd5(clear, randomBinarySalt());
                else if (isShaScheme()) crypted = Hash.sha(clear);
+                else if (isXshaScheme()) crypted = toHex(Hash.sha_bytes(clear));
                else if (isSshaScheme()) crypted = Hash.ssha(clear, randomBinarySalt());
                else throw new IllegalStateException("Type de cryptage non reconnu: " + scheme);
            }
@ -4026,6 +4070,12 @@ public class upassword {
            else return null;
        }

+        public String getXshaCrypted() {
+            if (isXshaScheme()) return getCrypted();
+            else if (clear != null) return toHex(Hash.sha_bytes(clear));
+            else return null;
+        }
+
        public String getSshaCrypted() {
            if (isSshaScheme()) return getCrypted();
            else if (clear != null) return Hash.ssha(clear, randomBinarySalt());
@ -4037,6 +4087,7 @@ public class upassword {
        public String getNormalized() {
            if (normalized == null) {
                if (isClearScheme()) normalized = clear;
+                else if (isXshaScheme()) normalized = getCrypted();
                else normalized = "{" + scheme + "}" + getCrypted();
            }
            return normalized;
@ -4046,16 +4097,20 @@ public class upassword {
            return getNormalized();
        }

-        public Password setNormalized(String pw) {
+        public Password setNormalized(String pw, boolean parseXsha) {
            reset(true);
            if (pw == null) {
                scheme = CLEARTEXT;
                return this;
            }
+
            if (isNormalizedFormat(pw)) {
                int p = pw.indexOf('}');
                scheme = strSubstr(pw, 1, p).toUpperCase();
                crypted = strSubstr(pw, p + 1);
+            } else if (parseXsha && isXshaFormat(pw)) {
+                scheme = XSHA;
+                crypted = pw;
            } else {
                scheme = CLEARTEXT;
                clear = pw;
@ -4063,6 +4118,10 @@ public class upassword {
            return this;
        }

+        public Password setNormalized(String pw) {
+            return setNormalized(pw, parseXsha);
+        }
+
        private static final String NTLM_DISABLED = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";

        protected String ntlmHash;
@ -4089,9 +4148,11 @@ public class upassword {

        public boolean validate(String userPassword) {
            getNormalized();
+
            if (isClearScheme()) {
                return strEquals(strNotnull(this.clear), strNotnull(userPassword));
            }
+
            if (userPassword == null) return false;
            if (isCryptScheme()) {
                return Hash.crypt(userPassword, Salt.getCryptSalt(crypted)).equals(crypted);
@ -4101,6 +4162,8 @@ public class upassword {
                return Hash.smd5(userPassword, Salt.getSmd5Salt(crypted)).equals(crypted);
            } else if (isShaScheme()) {
                return Hash.sha(userPassword).equals(crypted);
+            } else if (isXshaScheme()) {
+                return toHex(Hash.sha_bytes(userPassword)).equals(crypted);
            } else if (isSshaScheme()) {
                return Hash.ssha(userPassword, Salt.getSshaSalt(crypted)).equals(crypted);
            }
@ -4416,7 +4479,7 @@ public class upassword {
                minCounts = tmp;
            }
            StringBuffer sb = new StringBuffer();
-            int i = 0;
+            // int i = 0;
            while (true) {
                int index;
                do {
@ -4425,7 +4488,7 @@ public class upassword {
                String section = sections[index];
                sb.append(section.charAt(rand.nextInt(section.length())));
                minCounts[index]--;
-                i++;
+                // i++;
                boolean done = true;
                for (int j = 0; j < minCounts.length; j++) {
                    if (minCounts[j] > 0) {
@ -4795,10 +4858,6 @@ public class upassword {
        return sb.toString();
    }

-    private static final String getShaHex(String sha) {
-        return toHex(Base64.decode(sha.substring("{SHA}".length())));
-    }
-
    private void run(String[] args) {
        if (args.length == 1 && strEquals(args[0], "--help")) {
            println("USAGE:" //
@ -4941,6 +5000,7 @@ public class upassword {
                }
                String crypt = getPasswordAnySalt(clear, Password.CRYPT, null).getNormalized();
                String sha = getPasswordAnySalt(clear, Password.SHA, null).getNormalized();
+                String xsha = getPasswordAnySalt(clear, Password.XSHA, null).getNormalized();
                String ssha = getPasswordAnySalt(clear, Password.SSHA, null).getNormalized();
                String md5 = getPasswordAnySalt(clear, Password.MD5, null).getNormalized();
                String smd5 = getPasswordAnySalt(clear, Password.SMD5, null).getNormalized();
@ -4958,7 +5018,7 @@ public class upassword {
                printvar("ntlm", ntlm, shell);
                printvar("crypt", crypt, shell);
                printvar("sha", sha, shell);
-                printvar("shahex", getShaHex(sha), shell);
+                printvar("xsha", xsha, shell);
                printvar("ssha", ssha, shell);
                printvar("md5", md5, shell);
                printvar("smd5", smd5, shell);