package util;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Random;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import dao.Dao;
import modele.ActionStatus;
import modele.PasswordSetting;
public class PasswordUtil {
private static PasswordSetting ps;
private static String password;
public PasswordUtil() {
}
private static boolean lenghtCheck() {
return (password.length() >= ps.getPasswordLenght());
}
private static boolean upperCaseCheck() {
return find(Pattern.compile("[A-Z]"));
}
private static boolean lowerCaseCheck() {
return find(Pattern.compile("[a-z]"));
}
private static boolean numberCheck() {
return find(Pattern.compile("[0-9]"));
}
private static boolean specialCharCheck() {
return find(Pattern.compile("[" + ps.getSpecialChars() + "]"));
}
private static boolean find(Pattern p) {
Matcher m = p.matcher(password);
int count = 0;
while (m.find()) {
count++;
}
return (count > 0);
}
public static ActionStatus complexityCheck(PasswordSetting passSetting,
String pass) {
PasswordUtil.password = pass;
PasswordUtil.ps = passSetting;
if (!lenghtCheck())
return new ActionStatus(false,
"Le mot de passe doit avoir aumoins "
+ ps.getPasswordLenght() + " caract�res");
if (ps.isLowercaseContain()) {
if (!lowerCaseCheck())
return new ActionStatus(false,
"Le mot de passe doit contenir aumoins un caract�re minuscule.");
}
if (ps.isNumberContain()) {
if (!numberCheck())
return new ActionStatus(false,
"Le mot de passe doit contenir aumoins un chiffre.");
}
if (ps.isSpecialCharContain()) {
if (!specialCharCheck())
return new ActionStatus(false,
"Le mot de passe doit avoir aumoins un cart�re parmi les caracteres "
+ ps.getSpecialChars());
}
if (ps.isUppercaseContain()) {
if (!upperCaseCheck())
return new ActionStatus(false,
"Le mot de passe doit contenir aumoins un caract�re majuscule.");
}
return new ActionStatus(true,
"La politique de complexit� est respect�e.");
}
/*
* return the hash based on a string key. The function returns the hash
* pass.
*
* @password: password to hash.
*
* @algorithm: hashing algorithm to use //MD2, MD5, SHA-1, SHA-256, SHA-384,
* SHA-512
*
* hash = stringToHash("password","MD5")
*/
private static String stringToHash(String password, String algorithm) {
if (password == null)
password = "";
byte[] uniqueKey = password.getBytes();
byte[] hash = null;
try {
hash = MessageDigest.getInstance(algorithm).digest(uniqueKey);
} catch (NoSuchAlgorithmException e) {
throw new Error("no SHA-512 support in this VM");
} catch (Exception e) {
e.printStackTrace();
}
StringBuffer hashString = new StringBuffer();
for (int i = 0; i < hash.length; ++i) {
String hex = Integer.toHexString(hash[i]);
if (hex.length() == 1) {
hashString.append('0');
hashString.append(hex.charAt(hex.length() - 1));
} else {
hashString.append(hex.substring(hex.length() - 2));
}
}
return hashString.toString();
}
/*
* Hache le mot de passe de maniere recursive. l'entr�e du prochain hash
* correspond au resultat du dernier hash.
*/
public static String hasher(String password, int salt, String algorithm) {
int count = salt;
String h = stringToHash(password, algorithm);
count--;
if (count == 0) {
return h;
} else {
return hasher(h, count, algorithm);
}
}
public static String randomPass() {
String alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_-@#&'(!?)$%?:;/.?,";
Random rand = new Random();
String pass="";
for (int i = 0; i < Dao.getpasswordSetting().getPasswordLenght(); i++) {
pass=pass+alphabet.charAt(rand.nextInt(alphabet.length()));
}
return pass;
}
}