Moved password functions from User to PasswordFunctions class

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/tools/PasswordFunctions.java

+package fi.insomnia.bortal.tools;
+
+import java.io.IOException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Random;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import sun.misc.BASE64Decoder;
+import sun.misc.BASE64Encoder;
+
+public class PasswordFunctions {
+
+    private static BASE64Decoder decoder = new BASE64Decoder();
+    private static BASE64Encoder encoder = new BASE64Encoder();
+
+    private static final Logger logger = LoggerFactory.getLogger(PasswordFunctions.class);
+
+    public static String getEncryptedPassword(String password) {
+        String salt = generateSalt();
+        String base64Str = shaWithSaltToBase64(password, salt);
+        String ssha = "{SSHA}" + base64Str;
+        return ssha;
+    }
+
+    private static String shaWithSaltToBase64(String password, String salt) {
+        MessageDigest algo = null;
+        try {
+            algo = MessageDigest.getInstance("SHA");
+        } catch (NoSuchAlgorithmException e) {
+            logger.error("WTF!! digest function not found!!", e);
+            return null;
+        }
+
+        String hashed = new String(algo.digest((password + salt).getBytes()));
+        String both = hashed + salt;
+        String base64Str = encoder.encode(both.getBytes());
+        return base64Str;
+    }
+
+    public static boolean checkPlainPassword(String plainPassword, String saltedPassword) {
+
+        String oldBase64 = saltedPassword.substring("{SSHA}".length());
+        String decodedHashedAndSalt;
+        try {
+            decodedHashedAndSalt = new String(decoder.decodeBuffer(oldBase64));
+        } catch (IOException e) {
+            logger.error("Something awful happened...", e);
+            return false;
+        }
+
+        String salt = decodedHashedAndSalt.substring(
+                decodedHashedAndSalt.length() - getSaltLenght(),
+                decodedHashedAndSalt.length());
+
+        String newBase64 = shaWithSaltToBase64(plainPassword, salt);
+
+        boolean theSame = oldBase64.equals(newBase64);
+        return theSame;
+    }
+
+    private static int getSaltLenght() {
+        return 8;
+    }
+
+    private static String generateSalt() {
+        Random random = new Random();
+        String lettahs = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+        StringBuilder sb = new StringBuilder();
+        for (int i = 0; i < getSaltLenght(); i++) {
+            int index = random.nextInt(lettahs.length());
+            sb.append(lettahs.charAt(index));
+        }
+        return sb.toString();
+    }
+}

code/LanBortalDatabase/src/fi/insomnia/bortal/model/User.java

@@ -4,12 +4,8 @@
  */
 package fi.insomnia.bortal.model;
 
-import java.io.UnsupportedEncodingException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
 import java.util.Calendar;
 import java.util.List;
-import java.util.Random;
 
 import javax.persistence.CascadeType;
 import javax.persistence.Column;
@@ -26,11 +22,6 @@ import javax.persistence.Temporal;
 import javax.persistence.TemporalType;
 import javax.persistence.Version;
 
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.codec.digest.DigestUtils;
-
-import sun.misc.BASE64Decoder;
-
 /**
  * 
  */
@@ -531,49 +522,5 @@ public class User implements ModelInterface<Integer> {
         this.eventSettings = eventSettings;
     }
 
-    public static String hashPassword(String plainPassword) throws NoSuchAlgorithmException {
-        return null;
-    }
-
-    public void setPlainPassword(String password) {
-        String salt = generateSalt();
-        String base64Str = shaWithSaltToBase64(password, salt);
-        String ssha = "{SSHA}" + base64Str;
-        setPassword(ssha);
-    }
-
-    private String shaWithSaltToBase64(String password, String salt) {
-        String hashed = new String(DigestUtils.sha(password + salt));
-        String both = hashed + salt;
-        String base64Str = Base64.encodeBase64String(both.getBytes());
-        return base64Str;
-    }
-
-    public boolean checkPlainPassword(String password) {
-        String oldEncryptedPassword = getPassword();
-        String oldBase64 = oldEncryptedPassword.substring("{SSHA}".length());
-        String oldHashedAndSalt = new String(Base64.decodeBase64(oldBase64));
-        String salt = oldHashedAndSalt.substring(
-                oldHashedAndSalt.length() - getSaltLenght(),
-                oldHashedAndSalt.length());
-        String newBase64 = shaWithSaltToBase64(password, salt);
-
-        boolean theSame = oldBase64.equals(newBase64);
-        return theSame;
-    }
-
-    private int getSaltLenght() {
-        return 8;
-    }
-
-    private String generateSalt() {
-        Random random = new Random();
-        String lettahs = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-        StringBuilder sb = new StringBuilder();
-        for (int i = 0; i < getSaltLenght(); i++) {
-            int index = random.nextInt(lettahs.length());
-            sb.append(lettahs.charAt(index));
-        }
-        return sb.toString();
-    }
+   
 }