/**
* Calculate a password hash using a MessageDigest.
*
* @param hashAlgorithm - the MessageDigest algorithm name
* @param hashEncoding - either base64 or hex to specify the type of encoding the MessageDigest as
* a string.
* @param hashCharset - the charset used to create the byte[] passed to the MessageDigestfrom the
* password String. If null the platform default is used.
* @param username - ignored in default version
* @param password - the password string to be hashed
* @param callback - the callback used to allow customization of the hash to occur. The preDigest
* method is called before the password is added and the postDigest method is called after the
* password has been added.
* @return the hashed string if successful, null if there is a digest exception
*/
public static String createPasswordHash(
String hashAlgorithm,
String hashEncoding,
String hashCharset,
String username,
String password,
DigestCallback callback) {
byte[] passBytes;
String passwordHash = null;
// convert password to byte data
try {
if (hashCharset == null) passBytes = password.getBytes();
else passBytes = password.getBytes(hashCharset);
} catch (UnsupportedEncodingException uee) {
PicketBoxLogger.LOGGER.errorFindingCharset(hashCharset, uee);
passBytes = password.getBytes();
}
// calculate the hash and apply the encoding.
try {
MessageDigest md = MessageDigest.getInstance(hashAlgorithm);
if (callback != null) callback.preDigest(md);
md.update(passBytes);
if (callback != null) callback.postDigest(md);
byte[] hash = md.digest();
if (hashEncoding.equalsIgnoreCase(BASE64_ENCODING)) {
passwordHash = Util.encodeBase64(hash);
} else if (hashEncoding.equalsIgnoreCase(BASE16_ENCODING)) {
passwordHash = Util.encodeBase16(hash);
} else if (hashEncoding.equalsIgnoreCase(RFC2617_ENCODING)) {
passwordHash = Util.encodeRFC2617(hash);
} else {
PicketBoxLogger.LOGGER.unsupportedHashEncodingFormat(hashEncoding);
}
} catch (Exception e) {
PicketBoxLogger.LOGGER.errorCalculatingPasswordHash(e);
}
return passwordHash;
}
