001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.pwd;
016    
017    import com.liferay.portal.exception.PwdEncryptorException;
018    import com.liferay.portal.kernel.security.pwd.PasswordEncryptor;
019    import com.liferay.portal.kernel.security.pwd.PasswordEncryptorUtil;
020    import com.liferay.portal.kernel.util.ArrayUtil;
021    import com.liferay.portal.kernel.util.Digester;
022    import com.liferay.portal.kernel.util.Validator;
023    
024    import java.io.UnsupportedEncodingException;
025    
026    import java.util.Random;
027    
028    import org.vps.crypt.Crypt;
029    
030    /**
031     * @author Michael C. Han
032     * @author Tomas Polesovsky
033     */
034    public class CryptPasswordEncryptor
035            extends BasePasswordEncryptor implements PasswordEncryptor {
036    
037            @Override
038            @SuppressWarnings("deprecation")
039            public String[] getSupportedAlgorithmTypes() {
040                    return new String[] {
041                            PasswordEncryptorUtil.TYPE_CRYPT,
042                            PasswordEncryptorUtil.TYPE_UFC_CRYPT
043                    };
044            }
045    
046            @Override
047            protected String doEncrypt(
048                            String algorithm, String plainTextPassword,
049                            String encryptedPassword)
050                    throws PwdEncryptorException {
051    
052                    byte[] saltBytes = getSalt(encryptedPassword);
053    
054                    try {
055                            return Crypt.crypt(
056                                    saltBytes, plainTextPassword.getBytes(Digester.ENCODING));
057                    }
058                    catch (UnsupportedEncodingException uee) {
059                            throw new PwdEncryptorException(uee.getMessage(), uee);
060                    }
061            }
062    
063            protected byte[] getSalt(String encryptedPassword)
064                    throws PwdEncryptorException {
065    
066                    byte[] saltBytes = null;
067    
068                    try {
069                            if (Validator.isNull(encryptedPassword)) {
070                                    Random random = new Random();
071    
072                                    int x = random.nextInt(Integer.MAX_VALUE) % _SALT.length;
073                                    int y = random.nextInt(Integer.MAX_VALUE) % _SALT.length;
074    
075                                    String salt = _SALT[x].concat(_SALT[y]);
076    
077                                    saltBytes = salt.getBytes(Digester.ENCODING);
078                            }
079                            else {
080                                    String salt = encryptedPassword.substring(0, 2);
081    
082                                    saltBytes = salt.getBytes(Digester.ENCODING);
083                            }
084                    }
085                    catch (UnsupportedEncodingException uee) {
086                            throw new PwdEncryptorException(
087                                    "Unable to extract salt from encrypted password " +
088                                            uee.getMessage(),
089                                    uee);
090                    }
091    
092                    return saltBytes;
093            }
094    
095            private static final String[] _SALT = ArrayUtil.toStringArray(
096                    "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./".
097                            toCharArray());
098    
099    }