integrate-sha512-password-hashing #68
@ -9,7 +9,7 @@ import java.util.random.RandomGenerator;
|
|||||||
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
|
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
|
||||||
|
|
||||||
|
|
||||||
public class EtcShadowHashGenerator {
|
public class LinuxEtcShadowHashGenerator {
|
||||||
|
|
||||||
private static final RandomGenerator random = new SecureRandom();
|
private static final RandomGenerator random = new SecureRandom();
|
||||||
private static final Queue<String> predefinedSalts = new PriorityQueue<>();
|
private static final Queue<String> predefinedSalts = new PriorityQueue<>();
|
||||||
@ -42,15 +42,15 @@ public class EtcShadowHashGenerator {
|
|||||||
|
|
||||||
private String salt;
|
private String salt;
|
||||||
|
|
||||||
public static EtcShadowHashGenerator hash(final String plaintextPassword) {
|
public static LinuxEtcShadowHashGenerator hash(final String plaintextPassword) {
|
||||||
return new EtcShadowHashGenerator(plaintextPassword);
|
return new LinuxEtcShadowHashGenerator(plaintextPassword);
|
||||||
}
|
}
|
||||||
|
|
||||||
private EtcShadowHashGenerator(final String plaintextPassword) {
|
private LinuxEtcShadowHashGenerator(final String plaintextPassword) {
|
||||||
this.plaintextPassword = plaintextPassword;
|
this.plaintextPassword = plaintextPassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
public EtcShadowHashGenerator using(final Algorithm algorithm) {
|
public LinuxEtcShadowHashGenerator using(final Algorithm algorithm) {
|
||||||
this.algorithm = algorithm;
|
this.algorithm = algorithm;
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
@ -85,12 +85,12 @@ public class EtcShadowHashGenerator {
|
|||||||
predefinedSalts.add(salt);
|
predefinedSalts.add(salt);
|
||||||
}
|
}
|
||||||
|
|
||||||
public EtcShadowHashGenerator withSalt(final String salt) {
|
public LinuxEtcShadowHashGenerator withSalt(final String salt) {
|
||||||
this.salt = salt;
|
this.salt = salt;
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public EtcShadowHashGenerator withRandomSalt() {
|
public LinuxEtcShadowHashGenerator withRandomSalt() {
|
||||||
if (!predefinedSalts.isEmpty()) {
|
if (!predefinedSalts.isEmpty()) {
|
||||||
return withSalt(predefinedSalts.poll());
|
return withSalt(predefinedSalts.poll());
|
||||||
}
|
}
|
@ -1,6 +1,6 @@
|
|||||||
package net.hostsharing.hsadminng.hs.hosting.asset.validators;
|
package net.hostsharing.hsadminng.hs.hosting.asset.validators;
|
||||||
|
|
||||||
import net.hostsharing.hsadminng.hash.EtcShadowHashGenerator;
|
import net.hostsharing.hsadminng.hash.LinuxEtcShadowHashGenerator;
|
||||||
import net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetEntity;
|
import net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetEntity;
|
||||||
import net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType;
|
import net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType;
|
||||||
import net.hostsharing.hsadminng.hs.validation.PropertiesProvider;
|
import net.hostsharing.hsadminng.hs.validation.PropertiesProvider;
|
||||||
@ -31,7 +31,7 @@ class HsUnixUserHostingAssetValidator extends HsHostingAssetEntityValidator {
|
|||||||
.withDefault("/bin/false"),
|
.withDefault("/bin/false"),
|
||||||
stringProperty("homedir").readOnly().computedBy(HsUnixUserHostingAssetValidator::computeHomedir),
|
stringProperty("homedir").readOnly().computedBy(HsUnixUserHostingAssetValidator::computeHomedir),
|
||||||
stringProperty("totpKey").matchesRegEx("^0x([0-9A-Fa-f]{2})+$").minLength(20).maxLength(256).undisclosed().writeOnly().optional(),
|
stringProperty("totpKey").matchesRegEx("^0x([0-9A-Fa-f]{2})+$").minLength(20).maxLength(256).undisclosed().writeOnly().optional(),
|
||||||
passwordProperty("password").minLength(8).maxLength(40).hashedUsing(EtcShadowHashGenerator.Algorithm.SHA512).writeOnly());
|
passwordProperty("password").minLength(8).maxLength(40).hashedUsing(LinuxEtcShadowHashGenerator.Algorithm.SHA512).writeOnly());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -1,13 +1,13 @@
|
|||||||
package net.hostsharing.hsadminng.hs.validation;
|
package net.hostsharing.hsadminng.hs.validation;
|
||||||
|
|
||||||
import net.hostsharing.hsadminng.hash.EtcShadowHashGenerator.Algorithm;
|
import net.hostsharing.hsadminng.hash.LinuxEtcShadowHashGenerator.Algorithm;
|
||||||
import lombok.Setter;
|
import lombok.Setter;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.stream.Stream;
|
import java.util.stream.Stream;
|
||||||
|
|
||||||
import static java.util.Optional.ofNullable;
|
import static java.util.Optional.ofNullable;
|
||||||
import static net.hostsharing.hsadminng.hash.EtcShadowHashGenerator.hash;
|
import static net.hostsharing.hsadminng.hash.LinuxEtcShadowHashGenerator.hash;
|
||||||
import static net.hostsharing.hsadminng.mapper.Array.insertAfterEntry;
|
import static net.hostsharing.hsadminng.mapper.Array.insertAfterEntry;
|
||||||
|
|
||||||
@Setter
|
@Setter
|
||||||
|
@ -2,12 +2,12 @@ package net.hostsharing.hsadminng.hash;
|
|||||||
|
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
import static net.hostsharing.hsadminng.hash.EtcShadowHashGenerator.Algorithm.SHA512;
|
import static net.hostsharing.hsadminng.hash.LinuxEtcShadowHashGenerator.Algorithm.SHA512;
|
||||||
import static net.hostsharing.hsadminng.hash.EtcShadowHashGenerator.hash;
|
import static net.hostsharing.hsadminng.hash.LinuxEtcShadowHashGenerator.hash;
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.catchThrowable;
|
import static org.assertj.core.api.Assertions.catchThrowable;
|
||||||
|
|
||||||
class EtcShadowHashGeneratorUnitTest {
|
class LinuxEtcShadowHashGeneratorUnitTest {
|
||||||
|
|
||||||
final String GIVEN_PASSWORD = "given password";
|
final String GIVEN_PASSWORD = "given password";
|
||||||
final String WRONG_PASSWORD = "wrong password";
|
final String WRONG_PASSWORD = "wrong password";
|
@ -3,7 +3,7 @@ package net.hostsharing.hsadminng.hs.hosting.asset;
|
|||||||
import io.restassured.RestAssured;
|
import io.restassured.RestAssured;
|
||||||
import io.restassured.http.ContentType;
|
import io.restassured.http.ContentType;
|
||||||
import net.hostsharing.hsadminng.HsadminNgApplication;
|
import net.hostsharing.hsadminng.HsadminNgApplication;
|
||||||
import net.hostsharing.hsadminng.hash.EtcShadowHashGenerator;
|
import net.hostsharing.hsadminng.hash.LinuxEtcShadowHashGenerator;
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemEntity;
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRepository;
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemRepository;
|
||||||
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemType;
|
import net.hostsharing.hsadminng.hs.booking.item.HsBookingItemType;
|
||||||
@ -524,7 +524,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
|
|||||||
.identifier("fir01-temp")
|
.identifier("fir01-temp")
|
||||||
.caption("some test-unix-user")
|
.caption("some test-unix-user")
|
||||||
.build());
|
.build());
|
||||||
EtcShadowHashGenerator.nextSalt("Jr5w/Y8zo8pCkqg7");
|
LinuxEtcShadowHashGenerator.nextSalt("Jr5w/Y8zo8pCkqg7");
|
||||||
|
|
||||||
RestAssured // @formatter:off
|
RestAssured // @formatter:off
|
||||||
.given()
|
.given()
|
||||||
|
@ -8,8 +8,8 @@ import java.util.ArrayList;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import static net.hostsharing.hsadminng.hash.EtcShadowHashGenerator.Algorithm.SHA512;
|
import static net.hostsharing.hsadminng.hash.LinuxEtcShadowHashGenerator.Algorithm.SHA512;
|
||||||
import static net.hostsharing.hsadminng.hash.EtcShadowHashGenerator.hash;
|
import static net.hostsharing.hsadminng.hash.LinuxEtcShadowHashGenerator.hash;
|
||||||
import static net.hostsharing.hsadminng.hs.validation.PasswordProperty.passwordProperty;
|
import static net.hostsharing.hsadminng.hs.validation.PasswordProperty.passwordProperty;
|
||||||
import static net.hostsharing.hsadminng.mapper.PatchableMapWrapper.entry;
|
import static net.hostsharing.hsadminng.mapper.PatchableMapWrapper.entry;
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
|
Loading…
Reference in New Issue
Block a user