Examples of org.apache.shiro.util.ByteSource

• org.apache.shiro.util.ByteSource
  A {@code ByteSource} wraps a byte array and provides additional encoding operations. @author Les Hazlewood @since 1.0

        HashRequest request = createHashRequest(plaintextBytes);
        return hashService.computeHash(request);
    }

    public boolean passwordsMatch(Object plaintext, Hash saved) {
        ByteSource plaintextBytes = createByteSource(plaintext);

        if (saved == null || saved.isEmpty()) {
            return plaintextBytes == null || plaintextBytes.isEmpty();
        } else {
            if (plaintextBytes == null || plaintextBytes.isEmpty()) {
                return false;
            }
        }

        HashRequest request = buildHashRequest(plaintextBytes, saved);

    protected ByteSource createByteSource(Object o) {
        return ByteSource.Util.bytes(o);
    }

    public boolean passwordsMatch(Object submittedPlaintext, String saved) {
        ByteSource plaintextBytes = createByteSource(submittedPlaintext);

        if (saved == null || saved.length() == 0) {
            return plaintextBytes == null || plaintextBytes.isEmpty();
        } else {
            if (plaintextBytes == null || plaintextBytes.isEmpty()) {
                return false;
            }
        }

        //First check to see if we can reconstitute the original hash - this allows us to

        if (request == null || request.getSource() == null || request.getSource().isEmpty()) {
            return null;
        }

        String algorithmName = getAlgorithmName(request);
        ByteSource source = request.getSource();
        int iterations = getIterations(request);

        ByteSource publicSalt = getPublicSalt(request);
        ByteSource privateSalt = getPrivateSalt();
        ByteSource salt = combine(privateSalt, publicSalt);

        Hash computed = new SimpleHash(algorithmName, source, salt, iterations);

        SimpleHash result = new SimpleHash(algorithmName);
        result.setBytes(computed.getBytes());

     * @return the public salt that should be used to compute a hash based on the specified request or
     *         {@code null} if no public salt should be used.
     */
    protected ByteSource getPublicSalt(HashRequest request) {

        ByteSource publicSalt = request.getSalt();

        if (publicSalt != null && !publicSalt.isEmpty()) {
            //a public salt was explicitly requested to be used - go ahead and use it:
            return publicSalt;
        }

        publicSalt = null;

        //check to see if we need to generate one:
        ByteSource privateSalt = getPrivateSalt();
        boolean privateSaltExists = privateSalt != null && !privateSalt.isEmpty();

        //If a private salt exists, we must generate a public salt to protect the integrity of the private salt.
        //Or generate it if the instance is explicitly configured to do so:
        if (privateSaltExists || isGeneratePublicSalt()) {
            publicSalt = getRandomNumberGenerator().nextBytes();

        if (!StringUtils.hasText(algorithmName)) {
            throw new NullPointerException("algorithmName argument cannot be null or empty.");
        }
        this.algorithmName = algorithmName;
        this.iterations = Math.max(DEFAULT_ITERATIONS, hashIterations);
        ByteSource saltBytes = null;
        if (salt != null) {
            saltBytes = convertSaltToBytes(salt);
            this.salt = saltBytes;
        }
        ByteSource sourceBytes = convertSourceToBytes(source);
        hash(sourceBytes, saltBytes, hashIterations);
    }

        byte[] key = blowfish.generateNewKey().getEncoded();

        for (String plain : PLAINTEXTS) {
            byte[] plaintext = CodecSupport.toBytes(plain);
            ByteSource ciphertext = blowfish.encrypt(plaintext, key);
            ByteSource decrypted = blowfish.decrypt(ciphertext.getBytes(), key);
            assertTrue(Arrays.equals(plaintext, decrypted.getBytes()));
        }
    }

        }

        assertTrue(negativeThrown);
        assertTrue(zeroThrown);

        ByteSource bs = rng.nextBytes();
        assertNotNull(bs);
        assertNotNull(bs.getBytes());
        assertEquals(SecureRandomNumberGenerator.DEFAULT_NEXT_BYTES_SIZE, bs.getBytes().length);

        rng.setDefaultNextBytesSize(64);
        assertNotNull(bs);
        bs = rng.nextBytes();
        assertNotNull(bs.getBytes());
        assertEquals(64, bs.getBytes().length);
    }

        }

        assertTrue(negativeThrown);
        assertTrue(zeroThrown);

        ByteSource bs = rng.nextBytes(8);
        assertNotNull(bs);
        assertNotNull(bs.getBytes());
        assertEquals(8, bs.getBytes().length);
    }

        byte[] key = aes.generateNewKey().getEncoded();

        for (String plain : PLAINTEXTS) {
            byte[] plaintext = CodecSupport.toBytes(plain);
            ByteSource ciphertext = aes.encrypt(plaintext, key);
            ByteSource decrypted = aes.decrypt(ciphertext.getBytes(), key);
            assertTrue(Arrays.equals(plaintext, decrypted.getBytes()));
        }
    }

    public void testSaltedAuthenticationInfo() {
        //use SHA-1 hashing in this test:
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME);

        //simulate a user account with a SHA-1 hashed and salted password:
        ByteSource salt = new SecureRandomNumberGenerator().nextBytes();
        Object hashedPassword = new Sha1Hash("password", salt);
        SimpleAuthenticationInfo account = new SimpleAuthenticationInfo("username", hashedPassword, salt, "realmName");

        //simulate a username/password (plaintext) token created in response to a login attempt:
        AuthenticationToken token = new UsernamePasswordToken("username", "password");