Examples of com.twmacinta.util.MD5

• com.twmacinta.util.MD5
  wmacinta.com/myjava/fast_md5.php for more information on this file and the related files.

  This was originally a rather straight re-implementation of the reference implementation given in RFC1321 by RSA. It passes the MD5 test suite as defined in RFC1321.

  Many optimizations made by Timothy W Macinta. Reduced time to checksum a test file in Java alone to roughly half the time taken compared with java.security.MessageDigest (within an intepretter). Also added an optional native method to reduce the time even further. See http://www.twmacinta.com/myjava/fast_md5.php for further information on the time improvements achieved.

  Some bug fixes also made by Timothy W Macinta.

  Please note: I (Timothy Macinta) have put this code in the com.twmacinta.util package only because it came without a package. I was not the the original author of the code, although I did optimize it (substantially) and fix some bugs.

  This Java class has been derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm and its reference implementation.

  This class will attempt to use a native method to quickly compute checksums when the appropriate native library is available. On Linux, this library should be named "MD5.so" and on Windows it should be named "MD5.dll". The code will attempt to locate the library in the following locations in the order given:

  1. The path specified by the system property "com.twmacinta.util.MD5.NATIVE_LIB_FILE" (be sure to include "MD5.so" or "MD5.dll" as appropriate at the end of the path).
  2. A platform specific directory beneath the "lib/arch/" directory. On Linux for x86, this is "lib/arch/linux_x86/". On Windows for x86, this is "lib/arch/win32_x86/".
  3. Within the "lib/" directory.
  4. Within the current directory.

  If the library is not found, the code will fall back to the default (slower) Java code.

  As a side effect of having the code search for the native library, SecurityExceptions might be thrown on JVMs that have a restrictive SecurityManager. The initialization code attempts to silently discard these exceptions and continue, but many SecurityManagers will attempt to notify the user directly of all SecurityExceptions thrown. Consequently, the code has provisions for skipping the search for the native library. Any of these provisions may be used to skip the search as long as they are performed before the first instance of a com.twmacinta.util.MD5 object is constructed (note that the convenience stream objects will implicitly create an MD5 object).

  The first option is to set the system property "com.twmacinta.util.MD5.NO_NATIVE_LIB" to "true" or "1". Unfortunately, SecurityManagers may also choose to disallow system property setting, so this won't be of use in all cases.

  The second option is to call com.twmacinta.util.MD5.initNativeLibrary(false) before any MD5 objects are constructed. @author Santeri Paavolainen @author Timothy W Macinta (twm@alum.mit.edu) (optimizations and bug fixes)

  private Random random = new Random();

  public String getCacheKey(CacheContext context) {
    try {
      MD5 md5 = new MD5();
      StringBuilder toHash = new StringBuilder(BASE_KEY_LENGTH);
      if (context instanceof CacheContextImpl) {
        CacheContextImpl cci = (CacheContextImpl) context;
        for (Map.Entry<String, Object> entry : cci.entries()) {
          md5.Update(entry.getKey(), ENCODING);
          md5.Update(":");
          if (log.isDebugEnabled()) {
            toHash.append(entry.getKey());
            toHash.append(":");
          }
          Object value = entry.getValue();
          if (null != value) {
            String cid = getCacheId(value);
            md5.Update(cid, ENCODING);
            if (log.isDebugEnabled()) {
              toHash.append(cid);
            }
          }
          md5.Update("-");
          if (log.isDebugEnabled()) {
            toHash.append("-");
          }
        }
      } else {
        String cid = getCacheId(context);
        md5.Update(cid, ENCODING);
        if (log.isDebugEnabled()) {
          toHash.append(cid);
        }
      }
      String key = md5.asHex();
      if (log.isDebugEnabled()) {
        log.debug("key for context {} which is a hash for {}", key, forceAscii(toHash));
      }
      return key;
    } catch (UnsupportedEncodingException uee) {

     * @return
     */
    public byte[] md5It(String s) {
        byte bb[] = new byte[16];
        try {
            MD5 md2 = new MD5(s.getBytes());
            return md2.doFinal();
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        return bb;

        try {
            byte tmp[] = new byte[l];
            for(int i=0; i<l;i++) {
                tmp[i] = s[i];
            }
            MD5 md2 = new MD5(tmp);
            return md2.doFinal();
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        return bb;

        String s1 = "";
        try
        {
      // Fast MD5 by Timothy W Macinta
      // http://www.twmacinta.com/myjava/fast_md5.php
            MD5 md5 = new MD5();
            md5.Update(s);
            s1 = md5.asHex();
        }
        catch(Exception exception)
        {
            System.out.println(exception);
        }

    /**
     * Get hash of the given String in hex.
     */
    public static String getBase16Hash(String in) {
        return MD5.asHex(new MD5(in).Final());
    }

  public void create(Session session) {
    User admin = UserHelper.getUser(session, "admin");
    if (admin == null) {
      admin = new User();
      admin.setUsername("admin");
      MD5 md5 = new MD5();
      md5.Update("p@$$w0rd");
      admin.setPasswordHash(md5.asHex());
      admin.setFirstname("Admin");
      admin.setLastname("Istrator");
      admin.setPasswordHint("default");
      admin.setEmail("admin@domain.com");
      admin.setSignupDate(System.currentTimeMillis());
      admin.setAdministrator(true);
      admin.setValidated(true);
      session.save(admin);

      UserGroup group = new UserGroup();
      group.setName("admin-group");
      group.setOwner(admin);
      session.save(group);

      GroupMembership membership = new GroupMembership();
      membership.setUser(admin);
      membership.setUserGroup(group);
      session.save(membership);

      File f = new File();
      f.setName("Test File");
      f.setOwner(admin);
      session.save(f);
    }
    User anonymous = UserHelper.getUser(session, "anonymous");
    if (anonymous == null) {
      anonymous = new User();
      anonymous.setUsername("anonymous");
      MD5 md5 = new MD5();
      md5.Update("s,!5C6xAwM");
      anonymous.setPasswordHash(md5.asHex());
      anonymous.setFirstname("anonymous");
      anonymous.setLastname("anonymous");
      anonymous.setPasswordHint("default");
      anonymous.setSignupDate(System.currentTimeMillis());
      anonymous.setAdministrator(false);

  }

  @Test
  public void passwordHashTest() {
    String password = "t@k30ff";
    MD5 md5 = new MD5();
    md5.Update(password);
    String hash1 = md5.asHex();
    md5 = new MD5();
    md5.Update(password);
    String hash2 = md5.asHex();
    assertEquals(hash1, hash2);
    System.out.println(hash1);
  }

  private User login(org.hibernate.Session session, HttpServletRequest request, HttpServletResponse response, String username, String password, boolean internal)
      throws SimpleMessageException {
    username = username.toLowerCase();
    User user = UserHelper.getUser(session, username);
    MD5 md5 = new MD5();
    md5.Update(password);
    String passwordHash = md5.asHex();
    if (user != null && isAccountValidated(user) && ((internal && password.equals(user.getPasswordHash())) || user.getPasswordHash().equals(passwordHash))) {
      Cookie userCookie = new Cookie("user", user.getUsername());
      userCookie.setPath("/");
      userCookie.setMaxAge(COOKIE_TIMEOUT);
      Cookie userAuthCookie = new Cookie("auth", internal ? password : passwordHash);

        }

        User newUser = new User();
        newUser.setUsername(inUser.getUsername().toLowerCase());
        if (password != null && !"".equals(password)) {
          MD5 md5 = new MD5();
          md5.Update(password);
          newUser.setPasswordHash(md5.asHex());
        }
        if (authUser != null && authUser.isAdministrator()) {
          newUser.setAdministrator(inUser.isAdministrator());
        }
        newUser.setFirstname(inUser.getFirstname());
        newUser.setLastname(inUser.getLastname());
        newUser.setEmail(inUser.getEmail());
        newUser.setBirthday(inUser.getBirthday());
        newUser.setPasswordHint(inUser.getPasswordHint());

        newUser.setValidated(!BaseSystem.requireAccountValidation());
        if (authUser != null && authUser.isAdministrator()) {
          // admin can automatically create/validate accounts
          newUser.setValidated(true);
        }

        session.get().save(newUser);

        UserGroup userGroup = new UserGroup();
        userGroup.setName(newUser.getUsername());
        userGroup.setVisible(true);
        userGroup.setAutoJoin(false);
        userGroup.setLocked(false);
        userGroup.setOwner(newUser);

        session.get().save(userGroup);

        GroupMembership groupMembership = new GroupMembership();
        groupMembership.setUser(newUser);
        groupMembership.setUserGroup(userGroup);
        session.get().save(groupMembership);

        tx.commit();

        // if a new user is creating a new account, login if new user account is validated
        if (authUser == null && isAccountValidated(newUser)) {
          destroyAuthCookies(getThreadLocalRequest(), getThreadLocalResponse());
          if (login(session.get(), getThreadLocalRequest(), getThreadLocalResponse(), newUser.getUsername(), newUser.getPasswordHash(), true) != null) {
            return newUser;
          }
        } else if (authUser == null && !isAccountValidated(newUser)) {
          // send user a validation email, where, upon clicking the link, their account will be validated
          // the validation code in the URL will simply be a hash of their email address
          MD5 md5 = new MD5();
          md5.Update(newUser.getEmail());
          md5.Update(newUser.getPasswordHash());

          String portStr = "";
          if (getThreadLocalRequest().getLocalPort() != 80) {
            portStr = ":" + getThreadLocalRequest().getLocalPort();
          }
          String url = getThreadLocalRequest().getScheme() + "://" + getThreadLocalRequest().getServerName() + portStr + "/?u=" + newUser.getUsername() + "&v="
              + md5.asHex();

          String text = "Thank you for signing up with " + BaseSystem.getDomainName()
              + ".<BR><BR>Please confirm your account by clicking the following link:<BR><BR>";
          text += "<A HREF=\"";
          text += url;
          text += "\">" + url + "</A>";
          BaseSystem.getEmailService().sendMessage(BaseSystem.getSmtpHost(), BaseSystem.getAdminEmailAddress(), BaseSystem.getDomainName() + " validator",
              newUser.getEmail(), BaseSystem.getDomainName() + " account validation", text);
        }
        return newUser;
      } else if (authUser != null && (authUser.isAdministrator() || authUser.getId().equals(dbUser.getId()))) {
        // edit an existing account
        // the following conditions must be met to be here:
        // -authentication
        // -we are the administrator
        // -we are editing our own account
        if (password != null && !"".equals(password)) {
          MD5 md5 = new MD5();
          md5.Update(password);
          dbUser.setPasswordHash(md5.asHex());
        }
        if (authUser.isAdministrator()) {
          dbUser.setAdministrator(inUser.isAdministrator());
        }
        dbUser.setUsername(inUser.getUsername());

  public User submitAccountValidation(String username, String validationCode) throws SimpleMessageException {
    Transaction tx = session.get().beginTransaction();
    try {
      User user = UserHelper.getUser(session.get(), username);
      if (user != null && !user.isValidated()) {
        MD5 md5 = new MD5();
        md5.Update(user.getEmail());
        md5.Update(user.getPasswordHash());
        if (validationCode.equals(md5.asHex())) {
          // validation successful
          user.setValidated(true);
          login(session.get(), getThreadLocalRequest(), getThreadLocalResponse(), username, user.getPasswordHash(), true);
          tx.commit();
        } else {