📄 passwordfile.java
字号:
final String index = (String) fields.get(CONFIG_FIELD); fields.put(VERIFIERS_FIELD, newVerifiers(user, salt, passwd, index)); entries.put(user, fields); savePasswd(); } public synchronized void savePasswd() throws IOException { final FileOutputStream f1 = new FileOutputStream(passwdFile); final FileOutputStream f2 = new FileOutputStream(passwd2File); PrintWriter pw1 = null; PrintWriter pw2 = null; try { pw1 = new PrintWriter(f1, true); pw2 = new PrintWriter(f2, true); this.writePasswd(pw1, pw2); } finally { if (pw1 != null) { try { pw1.flush(); } finally { pw1.close(); } } if (pw2 != null) { try { pw2.flush(); } finally { pw2.close(); } } try { f1.close(); } catch (IOException ignored) { } try { f2.close(); } catch (IOException ignored) { } } lastmodPasswdFile = passwdFile.lastModified(); lastmodPasswd2File = passwd2File.lastModified(); } /** * <p>Returns the triplet: verifier, salt and configuration file index, of a * designated user, and a designated message digest algorithm name, as an * array of strings.</p> * * @param user the username. * @param mdName the canonical name of the SRP's message digest algorithm. * @return a string array containing, in this order, the BASE-64 encodings of * the verifier, the salt and the index in the password configuration file of * the MPIs N and g of the designated user. */ public synchronized String[] lookup(final String user, final String mdName) throws IOException { checkCurrent(); if (!entries.containsKey(user)) { throw new NoSuchUserException(user); } final HashMap fields = (HashMap) entries.get(user); final HashMap verifiers = (HashMap) fields.get(VERIFIERS_FIELD); final String salt = (String) fields.get(SALT_FIELD); final String index = (String) fields.get(CONFIG_FIELD); final String verifier = (String) verifiers.get(nameToID(mdName)); return new String[] { verifier, salt, index }; } // Other instance methods -------------------------------------------------- private synchronized void readOrCreateConf() throws IOException { configurations.clear(); final FileInputStream fis; configFile = new File(confName); try { fis = new FileInputStream(configFile); readConf(fis); } catch (FileNotFoundException x) { // create a default one final String g = Util.toBase64(Util.trim(new BigInteger("2"))); String index, N; for (int i = 0; i < Nsrp.length; i++) { index = String.valueOf(i + 1); N = Util.toBase64(Util.trim(Nsrp[i])); configurations.put(index, new String[] { N, g }); } FileOutputStream f0 = null; PrintWriter pw0 = null; try { f0 = new FileOutputStream(configFile); pw0 = new PrintWriter(f0, true); this.writeConf(pw0); } finally { if (pw0 != null) { pw0.close(); } else if (f0 != null) { f0.close(); } } } } private void readConf(final InputStream in) throws IOException { final BufferedReader din = new BufferedReader(new InputStreamReader(in)); String line, index, N, g; StringTokenizer st; while ((line = din.readLine()) != null) { st = new StringTokenizer(line, ":"); try { index = st.nextToken(); N = st.nextToken(); g = st.nextToken(); } catch (NoSuchElementException x) { throw new IOException("SRP password configuration file corrupt"); } configurations.put(index, new String[] { N, g }); } } private void writeConf(final PrintWriter pw) { String ndx; String[] mpi; StringBuffer sb; for (Iterator it = configurations.keySet().iterator(); it.hasNext();) { ndx = (String) it.next(); mpi = (String[]) configurations.get(ndx); sb = new StringBuffer(ndx).append(":").append(mpi[0]).append(":").append( mpi[1]); pw.println(sb.toString()); } } /** * <p>Compute the new verifiers for the designated username and password.</p> * * <p><b>IMPORTANT:</b> This method computes the verifiers as described in * RFC-2945, which differs from the description given on the web page for * SRP-6.</p> * * @param user the user's name. * @param s the user's salt. * @param password the user's password * @param index the index of the <N, g> pair to use for this user. * @return a {@link java.util.Map} of user verifiers. * @throws UnsupportedEncodingException if the US-ASCII decoder is not * available on this platform. */ private HashMap newVerifiers(final String user, final byte[] s, final String password, final String index) throws UnsupportedEncodingException { // to ensure inter-operability with non-java tools final String[] mpi = (String[]) configurations.get(index); final BigInteger N = new BigInteger(1, Util.fromBase64(mpi[0])); final BigInteger g = new BigInteger(1, Util.fromBase64(mpi[1])); final HashMap result = new HashMap(srps.size()); BigInteger x, v; SRP srp; for (int i = 0; i < srps.size(); i++) { final String digestID = String.valueOf(i); srp = (SRP) srps.get(digestID); x = new BigInteger(1, srp.computeX(s, user, password)); v = g.modPow(x, N); final String verifier = Util.toBase64(v.toByteArray()); result.put(digestID, verifier); } return result; } private synchronized void update() throws IOException { entries.clear(); FileInputStream fis; passwdFile = new File(pwName); lastmodPasswdFile = passwdFile.lastModified(); try { fis = new FileInputStream(passwdFile); readPasswd(fis); } catch (FileNotFoundException ignored) { } passwd2File = new File(pw2Name); lastmodPasswd2File = passwd2File.lastModified(); try { fis = new FileInputStream(passwd2File); readPasswd2(fis); } catch (FileNotFoundException ignored) { } } private void checkCurrent() throws IOException { if (passwdFile.lastModified() > lastmodPasswdFile || passwd2File.lastModified() > lastmodPasswd2File) { update(); } } private void readPasswd(final InputStream in) throws IOException { final BufferedReader din = new BufferedReader(new InputStreamReader(in)); String line, user, verifier, salt, index; StringTokenizer st; while ((line = din.readLine()) != null) { st = new StringTokenizer(line, ":"); try { user = st.nextToken(); verifier = st.nextToken(); salt = st.nextToken(); index = st.nextToken(); } catch (NoSuchElementException x) { throw new IOException("SRP base password file corrupt"); } final HashMap verifiers = new HashMap(6); verifiers.put("0", verifier); final HashMap fields = new HashMap(4); fields.put(USER_FIELD, user); fields.put(VERIFIERS_FIELD, verifiers); fields.put(SALT_FIELD, salt); fields.put(CONFIG_FIELD, index); entries.put(user, fields); } } private void readPasswd2(final InputStream in) throws IOException { final BufferedReader din = new BufferedReader(new InputStreamReader(in)); String line, digestID, user, verifier; StringTokenizer st; HashMap fields, verifiers; while ((line = din.readLine()) != null) { st = new StringTokenizer(line, ":"); try { digestID = st.nextToken(); user = st.nextToken(); verifier = st.nextToken(); } catch (NoSuchElementException x) { throw new IOException("SRP extended password file corrupt"); } fields = (HashMap) entries.get(user); if (fields != null) { verifiers = (HashMap) fields.get(VERIFIERS_FIELD); verifiers.put(digestID, verifier); } } } private void writePasswd(final PrintWriter pw1, final PrintWriter pw2) throws IOException { String user, digestID; HashMap fields, verifiers; StringBuffer sb1, sb2; Iterator j; final Iterator i = entries.keySet().iterator(); while (i.hasNext()) { user = (String) i.next(); fields = (HashMap) entries.get(user); if (!user.equals(fields.get(USER_FIELD))) { throw new IOException("Inconsistent SRP password data"); } verifiers = (HashMap) fields.get(VERIFIERS_FIELD); sb1 = new StringBuffer().append(user).append(":").append( (String) verifiers.get("0")).append( ":").append( (String) fields.get(SALT_FIELD)).append( ":").append( (String) fields.get(CONFIG_FIELD)); pw1.println(sb1.toString()); // write extended information j = verifiers.keySet().iterator(); while (j.hasNext()) { digestID = (String) j.next(); if (!"0".equals(digestID)) { // #0 is the default digest, already present in tpasswd! sb2 = new StringBuffer().append(digestID).append(":").append( user).append( ":").append( (String) verifiers.get(digestID)); pw2.println(sb2.toString()); } } } }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -