001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.pwd;
016    
017    import com.liferay.portal.PwdEncryptorException;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.kernel.util.GetterUtil;
021    import com.liferay.portal.kernel.util.PropsKeys;
022    import com.liferay.portal.kernel.util.StringUtil;
023    import com.liferay.portal.util.PropsUtil;
024    
025    /**
026     * @author Brian Wing Shun Chan
027     * @author Scott Lee
028     * @author Tomas Polesovsky
029     * @author Michael C. Han
030     */
031    public class PasswordEncryptorUtil {
032    
033            public static final String PASSWORDS_ENCRYPTION_ALGORITHM =
034                    StringUtil.toUpperCase(
035                            GetterUtil.getString(
036                                    PropsUtil.get(PropsKeys.PASSWORDS_ENCRYPTION_ALGORITHM)));
037    
038            public static final String TYPE_BCRYPT = "BCRYPT";
039    
040            /**
041             * @deprecated As of 6.1.0, replaced by {@link #TYPE_UFC_CRYPT}
042             */
043            @Deprecated
044            public static final String TYPE_CRYPT = "CRYPT";
045    
046            public static final String TYPE_MD2 = "MD2";
047    
048            public static final String TYPE_MD5 = "MD5";
049    
050            public static final String TYPE_NONE = "NONE";
051    
052            public static final String TYPE_PBKDF2 = "PBKDF2";
053    
054            public static final String TYPE_SHA = "SHA";
055    
056            public static final String TYPE_SHA_256 = "SHA-256";
057    
058            public static final String TYPE_SHA_384 = "SHA-384";
059    
060            public static final String TYPE_SSHA = "SSHA";
061    
062            public static final String TYPE_UFC_CRYPT = "UFC-CRYPT";
063    
064            public static String encrypt(String plainTextPassword)
065                    throws PwdEncryptorException {
066    
067                    return encrypt(plainTextPassword, null);
068            }
069    
070            public static String encrypt(
071                            String plainTextPassword, String encryptedPassword)
072                    throws PwdEncryptorException {
073    
074                    long startTime = 0;
075    
076                    if (_log.isDebugEnabled()) {
077                            startTime = System.currentTimeMillis();
078                    }
079    
080                    try {
081                            return encrypt(
082                                    PASSWORDS_ENCRYPTION_ALGORITHM, plainTextPassword,
083                                    encryptedPassword);
084                    }
085                    finally {
086                            if (_log.isDebugEnabled()) {
087                                    _log.debug(
088                                            "Password encrypted in " +
089                                                    (System.currentTimeMillis() - startTime) + "ms");
090                            }
091                    }
092            }
093    
094            public static String encrypt(
095                            String algorithm, String plainTextPassword,
096                            String encryptedPassword)
097                    throws PwdEncryptorException {
098    
099                    return _passwordEncryptor.encrypt(
100                            algorithm, plainTextPassword, encryptedPassword);
101            }
102    
103            public PasswordEncryptor getPasswordEncryptor() {
104                    return _passwordEncryptor;
105            }
106    
107            public void setPasswordEncryptor(PasswordEncryptor passwordEncryptor) {
108                    _passwordEncryptor = passwordEncryptor;
109            }
110    
111            private static final Log _log = LogFactoryUtil.getLog(
112                    PasswordEncryptorUtil.class);
113    
114            private static PasswordEncryptor _passwordEncryptor;
115    
116    }