mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/src/server/org/opends/server/extensions/SaltedMD5PasswordStorageScheme.java
@@ -22,7 +22,7 @@ * * * Copyright 2006-2008 Sun Microsystems, Inc. * Portions Copyright 2013 ForgeRock AS * Portions Copyright 2013-2014 ForgeRock AS */ package org.opends.server.extensions; @@ -82,6 +82,8 @@ */ private static final int NUM_SALT_BYTES = 8; // The number of bytes MD5 algorithm produces private static final int MD5_LENGTH = 16; // The message digest that will actually be used to generate the MD5 hashes. @@ -279,16 +281,25 @@ { // Base64-decode the stored value and take the last 8 bytes as the salt. byte[] saltBytes = new byte[NUM_SALT_BYTES]; byte[] digestBytes; byte[] digestBytes = new byte[MD5_LENGTH]; int saltLength = 0; try { byte[] decodedBytes = Base64.decode(storedPassword.toString()); int digestLength = decodedBytes.length - NUM_SALT_BYTES; digestBytes = new byte[digestLength]; System.arraycopy(decodedBytes, 0, digestBytes, 0, digestLength); System.arraycopy(decodedBytes, digestLength, saltBytes, 0, NUM_SALT_BYTES); saltLength = decodedBytes.length - MD5_LENGTH; if (saltLength <= 0) { Message message = ERR_PWSCHEME_INVALID_BASE64_DECODED_STORED_PASSWORD.get( storedPassword.toString()); ErrorLogger.logError(message); return false; } saltBytes = new byte[saltLength]; System.arraycopy(decodedBytes, 0, digestBytes, 0, MD5_LENGTH); System.arraycopy(decodedBytes, MD5_LENGTH, saltBytes, 0, saltLength); } catch (Exception e) { @@ -306,10 +317,10 @@ // Use the salt to generate a digest based on the provided plain-text value. int plainBytesLength = plaintextPassword.length(); byte[] plainPlusSalt = new byte[plainBytesLength + NUM_SALT_BYTES]; byte[] plainPlusSalt = new byte[plainBytesLength + saltLength]; plaintextPassword.copyTo(plainPlusSalt); System.arraycopy(saltBytes, 0,plainPlusSalt, plainBytesLength, NUM_SALT_BYTES); System.arraycopy(saltBytes, 0, plainPlusSalt, plainBytesLength, saltLength); byte[] userDigestBytes;
