This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new fdb651d604 Refactor code using MD5Encoder to use HexUtils.toHexString()
fdb651d604 is described below
commit fdb651d604c1ce5507ee96998cbba612db66cf70
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Fri Mar 3 14:35:31 2023 +0000
Refactor code using MD5Encoder to use HexUtils.toHexString()
Removes duplicate functionality.
---
.../org/apache/catalina/authenticator/DigestAuthenticator.java | 8 ++++----
java/org/apache/catalina/realm/RealmBase.java | 5 ++---
java/org/apache/catalina/servlets/WebdavServlet.java | 4 ++--
java/org/apache/tomcat/util/security/MD5Encoder.java | 5 +++++
java/org/apache/tomcat/websocket/DigestAuthenticator.java | 4 ++--
.../apache/catalina/authenticator/TestDigestAuthenticator.java | 5 ++---
.../authenticator/TestSSOnonLoginAndDigestAuthenticator.java | 5 ++---
.../authenticator/TesterDigestAuthenticatorPerformance.java | 8 ++++----
test/org/apache/catalina/realm/TestJNDIRealm.java | 10 +++++-----
webapps/docs/changelog.xml | 4 ++++
10 files changed, 32 insertions(+), 26 deletions(-)
diff --git a/java/org/apache/catalina/authenticator/DigestAuthenticator.java
b/java/org/apache/catalina/authenticator/DigestAuthenticator.java
index 5588119787..bb2504a9df 100644
--- a/java/org/apache/catalina/authenticator/DigestAuthenticator.java
+++ b/java/org/apache/catalina/authenticator/DigestAuthenticator.java
@@ -31,10 +31,10 @@ import org.apache.catalina.Realm;
import org.apache.catalina.connector.Request;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.buf.MessageBytes;
import org.apache.tomcat.util.http.parser.Authorization;
import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
/**
@@ -296,7 +296,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
String ipTimeKey = request.getRemoteAddr() + ":" + currentTime + ":" +
getKey();
byte[] buffer =
ConcurrentMessageDigest.digestMD5(ipTimeKey.getBytes(StandardCharsets.ISO_8859_1));
- String nonce = currentTime + ":" + MD5Encoder.encode(buffer);
+ String nonce = currentTime + ":" + HexUtils.toHexString(buffer);
NonceInfo info = new NonceInfo(currentTime, getNonceCountWindowSize());
synchronized (nonces) {
@@ -539,7 +539,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
}
String serverIpTimeKey = request.getRemoteAddr() + ":" + nonceTime
+ ":" + key;
byte[] buffer =
ConcurrentMessageDigest.digestMD5(serverIpTimeKey.getBytes(StandardCharsets.ISO_8859_1));
- String md5ServerIpTimeKey = MD5Encoder.encode(buffer);
+ String md5ServerIpTimeKey = HexUtils.toHexString(buffer);
if (!md5ServerIpTimeKey.equals(md5clientIpTimeKey)) {
return false;
}
@@ -597,7 +597,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
String a2 = method + ":" + uri;
byte[] buffer =
ConcurrentMessageDigest.digestMD5(a2.getBytes(StandardCharsets.ISO_8859_1));
- String md5a2 = MD5Encoder.encode(buffer);
+ String md5a2 = HexUtils.toHexString(buffer);
return realm.authenticate(userName, response, nonce, nc, cnonce,
qop, realmName, md5a2);
}
diff --git a/java/org/apache/catalina/realm/RealmBase.java
b/java/org/apache/catalina/realm/RealmBase.java
index a0262be710..84d40c8143 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -56,7 +56,6 @@ import
org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
@@ -400,7 +399,7 @@ public abstract class RealmBase extends LifecycleMBeanBase
implements org.apache
throw new IllegalArgumentException(uee.getMessage());
}
- String serverDigest =
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(valueBytes));
+ String serverDigest =
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(valueBytes));
if (log.isDebugEnabled()) {
log.debug("Digest : " + clientDigest + " Username:" + username + "
ClientDigest:" + clientDigest +
@@ -1140,7 +1139,7 @@ public abstract class RealmBase extends
LifecycleMBeanBase implements org.apache
throw new IllegalArgumentException(uee.getMessage());
}
- return
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(valueBytes));
+ return
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(valueBytes));
}
diff --git a/java/org/apache/catalina/servlets/WebdavServlet.java
b/java/org/apache/catalina/servlets/WebdavServlet.java
index 9a365f6fba..55537be829 100644
--- a/java/org/apache/catalina/servlets/WebdavServlet.java
+++ b/java/org/apache/catalina/servlets/WebdavServlet.java
@@ -53,11 +53,11 @@ import org.apache.catalina.connector.RequestFacade;
import org.apache.catalina.util.DOMWriter;
import org.apache.catalina.util.URLEncoder;
import org.apache.catalina.util.XMLWriter;
+import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.http.ConcurrentDateFormat;
import org.apache.tomcat.util.http.FastHttpDateFormat;
import org.apache.tomcat.util.http.RequestUtil;
import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -1071,7 +1071,7 @@ public class WebdavServlet extends DefaultServlet {
lock.depth + "-" + lock.owner + "-" + lock.tokens + "-" +
lock.expiresAt + "-" + System.currentTimeMillis() + "-" +
secret;
- String lockToken =
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(
+ String lockToken =
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(
lockTokenStr.getBytes(StandardCharsets.ISO_8859_1)));
if (resource.isDirectory() && lock.depth == maxDepth) {
diff --git a/java/org/apache/tomcat/util/security/MD5Encoder.java
b/java/org/apache/tomcat/util/security/MD5Encoder.java
index 542dfd2010..c42f3e3403 100644
--- a/java/org/apache/tomcat/util/security/MD5Encoder.java
+++ b/java/org/apache/tomcat/util/security/MD5Encoder.java
@@ -16,6 +16,8 @@
*/
package org.apache.tomcat.util.security;
+import org.apache.tomcat.util.buf.HexUtils;
+
/**
* Encode an MD5 digest into a String.
* <p>
@@ -24,7 +26,10 @@ package org.apache.tomcat.util.security;
* of the digest.
*
* @author Remy Maucherat
+ *
+ * @deprecated Unused. Use {@link HexUtils} instead. Will be removed in Tomcat
11.
*/
+@Deprecated
public final class MD5Encoder {
diff --git a/java/org/apache/tomcat/websocket/DigestAuthenticator.java
b/java/org/apache/tomcat/websocket/DigestAuthenticator.java
index f9511537be..000f01e445 100644
--- a/java/org/apache/tomcat/websocket/DigestAuthenticator.java
+++ b/java/org/apache/tomcat/websocket/DigestAuthenticator.java
@@ -22,7 +22,7 @@ import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Map;
-import org.apache.tomcat.util.security.MD5Encoder;
+import org.apache.tomcat.util.buf.HexUtils;
/**
* Authenticator supporting the DIGEST authentication method.
@@ -141,7 +141,7 @@ public class DigestAuthenticator extends Authenticator {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] thedigest = md.digest(bytesOfMessage);
- return MD5Encoder.encode(thedigest);
+ return HexUtils.toHexString(thedigest);
}
@Override
diff --git
a/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java
b/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java
index acdfbe6755..79e1e59e09 100644
--- a/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java
+++ b/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java
@@ -36,11 +36,11 @@ import org.apache.catalina.startup.TomcatBaseTest;
import org.apache.tomcat.unittest.TesterContext;
import org.apache.tomcat.unittest.TesterServletContext;
import org.apache.tomcat.util.buf.ByteChunk;
+import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.descriptor.web.LoginConfig;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
public class TestDigestAuthenticator extends TomcatBaseTest {
@@ -382,8 +382,7 @@ public class TestDigestAuthenticator extends TomcatBaseTest
{
}
private static String digest(String input) {
- return MD5Encoder.encode(
- ConcurrentMessageDigest.digestMD5(input.getBytes()));
+ return
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(input.getBytes()));
}
diff --git
a/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
b/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
index bd32468f90..01ee1b457a 100644
---
a/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
+++
b/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
@@ -29,11 +29,11 @@ import org.apache.catalina.startup.TesterServlet;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.startup.TomcatBaseTest;
import org.apache.tomcat.util.buf.ByteChunk;
+import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.descriptor.web.LoginConfig;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
/**
* Test DigestAuthenticator and NonLoginAuthenticator when a
@@ -456,8 +456,7 @@ public class TestSSOnonLoginAndDigestAuthenticator extends
TomcatBaseTest {
}
private static String digest(String input) {
- return MD5Encoder.encode(
- ConcurrentMessageDigest.digestMD5(input.getBytes()));
+ return
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(input.getBytes()));
}
/*
diff --git
a/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java
b/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java
index b32949191b..78516ffc96 100644
---
a/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java
+++
b/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java
@@ -30,9 +30,9 @@ import org.apache.catalina.connector.Request;
import org.apache.catalina.core.StandardContext;
import org.apache.catalina.filters.TesterHttpServletResponse;
import org.apache.catalina.startup.TesterMapRealm;
+import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.descriptor.web.LoginConfig;
import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
public class TesterDigestAuthenticatorPerformance {
@@ -144,9 +144,9 @@ public class TesterDigestAuthenticatorPerformance {
private static final String A1 = USER + ":" + REALM + ":" + PWD;
private static final String A2 = METHOD + ":" + CONTEXT_PATH + URI;
- private static final String MD5A1 = MD5Encoder.encode(
+ private static final String MD5A1 = HexUtils.toHexString(
ConcurrentMessageDigest.digest("MD5", A1.getBytes()));
- private static final String MD5A2 = MD5Encoder.encode(
+ private static final String MD5A2 = HexUtils.toHexString(
ConcurrentMessageDigest.digest("MD5", A2.getBytes()));
@@ -199,7 +199,7 @@ public class TesterDigestAuthenticatorPerformance {
String response = MD5A1 + ":" + nonce + ":" + ncString + ":" +
cnonce + ":" + QOP + ":" + MD5A2;
- String md5response = MD5Encoder.encode(
+ String md5response = HexUtils.toHexString(
ConcurrentMessageDigest.digest("MD5",
response.getBytes()));
StringBuilder auth = new StringBuilder();
diff --git a/test/org/apache/catalina/realm/TestJNDIRealm.java
b/test/org/apache/catalina/realm/TestJNDIRealm.java
index 17bbae4ee7..cee5eb4c95 100644
--- a/test/org/apache/catalina/realm/TestJNDIRealm.java
+++ b/test/org/apache/catalina/realm/TestJNDIRealm.java
@@ -42,7 +42,7 @@ import org.apache.catalina.Context;
import org.apache.catalina.LifecycleException;
import org.apache.naming.NameParserImpl;
import org.apache.tomcat.unittest.TesterContext;
-import org.apache.tomcat.util.security.MD5Encoder;
+import org.apache.tomcat.util.buf.HexUtils;
import org.easymock.EasyMock;
public class TestJNDIRealm {
@@ -71,7 +71,7 @@ public class TestJNDIRealm {
// WHEN
String expectedResponse =
- MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":"
+ HA2).getBytes()));
+ HexUtils.toHexString(md5Helper.digest((ha1() + ":" + NONCE +
":" + HA2).getBytes()));
Principal principal =
realm.authenticate(USER, expectedResponse, NONCE, null, null,
null, REALM, HA2);
@@ -87,7 +87,7 @@ public class TestJNDIRealm {
// WHEN
String expectedResponse =
- MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":"
+ HA2).getBytes()));
+ HexUtils.toHexString(md5Helper.digest((ha1() + ":" + NONCE +
":" + HA2).getBytes()));
Principal principal =
realm.authenticate(USER, expectedResponse, NONCE, null, null,
null, REALM, HA2);
@@ -105,7 +105,7 @@ public class TestJNDIRealm {
// WHEN
String expectedResponse =
- MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":"
+ HA2).getBytes()));
+ HexUtils.toHexString(md5Helper.digest((ha1() + ":" + NONCE +
":" + HA2).getBytes()));
Principal principal =
realm.authenticate(USER, expectedResponse, NONCE, null, null,
null, REALM, HA2);
@@ -201,6 +201,6 @@ public class TestJNDIRealm {
private String ha1() {
String a1 = USER + ":" + REALM + ":" + PASSWORD;
- return MD5Encoder.encode(md5Helper.digest(a1.getBytes()));
+ return HexUtils.toHexString(md5Helper.digest(a1.getBytes()));
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f5441e15e6..d771f4a6a5 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -139,6 +139,10 @@
<add>
Improvements to Chinese translations. Contributed by totoo. (markt)
</add>
+ <scode>
+ Refactor code using <code>MD5Encoder</code> to use
+ <code>HexUtils.toHexString()</code>. (markt)
+ </scode>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
