JIRA user password encryption code

Source: Internet
Author: User

The Jira 4.0 version is available online. Because the project needs to find Jira to transform the user-encrypted code. I google it n times online, but I didn't find the code.

 

But after two days of exploration, hey. Still done... Share with you now ~!

 

First talk about the encryption code location: (starting from the installation directory) Atlassian-Jira/WEB-INF/lib/atlassian-osuser-1.1.1.jar

 

Many files are class files. I opened them directly with JD. Decompilation.

Open the atlassian-osuser-1.1.1.jar, Open Com. opensymphony. User. provider. EJB. util in turn.

Base64.java and passworddigester. Java are the codes used to encrypt user passwords.

However, there is a problem with passworddigester. Java compiled by JD. Later, I checked the information on the Internet and replaced the original code. I pasted it below...

 

 Package COM. JIRA. encrypt; <br/>/** <br/> * password digester Based on bouncycastle's SHA1-512 implementation <br/> * @ author Victor salaman (salaman@qoretech.com) <br/> */<br/> public class passworddigesterfrominternet {<br/> //~ Static fields/initializers //////////////////////////////////// //////// <br/> Private Static final int digest_length = 64; <br/> static final long [] K = {<br/> average, 0x7137449123ef65cdl, 0xb5c0fbcfec4d3b2fl, <br/> average, minimum, minimum, <br/> average, minimum, 0xd807aa98a3030242l, <br/> 0x12835b0145706fbel, 0x243185be 4ee4b28cl, large, <br/> large, small, large, <br/> 0xc19bf174cf692694l, large, small, <br/> large, 0x240ca1cc77ac9c65l, large, <br/> large, listen, 0x76f988da831153b5l, <br/> 0x983e5152ee66dfabl, 0xa831c66d2db43210l, 0xb00327c898fb1_fl, <br/> 0xbf597fc7beef0ee 4l, 0xc6e00bf33da88fc2l, clerk, <br/> clerk, <br/> clerk, 0x4d2c6dfc5ac42aedl, clerk, <br/> 0x0000a73548baf63del, clerk, <br/> 0x92722c851482108bl, 0xa2bfe8a14cf10364l, 0xa81a664bbc423001l, <br/> values, 0xc76c51a30654be30l, expires, <br/> 0xd Hour, 0xf40e35855771202al, hour, <br/> Hour, hour, 0x2748774cdf8eeb99l, <br/> Hour, hour, 0x4ed8aa4ae3418acbl, <br/> Hour, hour, <br/> 0x78a5636f43172f60l, 0x84c87814a1f0ab72l, 0x8cc702081a6439ecl, <br/> 0x90befffa23631e28l, expires, 0xbef9a3f7b2c679 15l, <br/> numbers, <br/> numbers, numbers, 0x06f067aa72176fbal, <br/> numbers, 0x113f9804bef90dael, numbers, <br/> 0x28db77f523047d84l, expires, 0x3c9ebe0a15c9bebcl, <br/> 0x431d67c49c100d4cl, primary, 0x597f299cfc657e2al, <br/> Primary, 0x6c44198c4a475817l <br />}; <Br/> //~ Instance fields ////////////////////////////////////// //////////////// <br/> protected long H1; <br/> protected long H2; <br/> protected long H3; <br/> protected long H4; <br/> protected long H5; <br/> protected long H6; <br/> protected long H7; <br/> protected long H8; <br/> private long [] W = new long [80]; <br/> private byte [] xbuf; <br/> private int woff; <br/> private int xbufoff; <br/> priv Ate long bytecount1; <br/> private long bytecount2; <br/> //~ Constructors /////////////////////////////////////// ///////////////// <br/> protected passworddigesterfrominternet () {<br/> xbuf = new byte [8]; <br/> xbufoff = 0; <br/> Reset (); <br/>}< br/> protected passworddigesterfrominternet (passworddigesterfrominternet t) {<br/> xbuf = new byte [T. xbuf. length]; <br/> system. arraycopy (T. xbuf, 0, xbuf, 0, T. xbuf. length); <br/> xbufoff = T. xbufoff; <br/> B Ytecount1 = T. bytecount1; <br/> bytecount2 = T. bytecount2; <br/> H1 = T. h1; <br/> H2 = T. h2; <br/> h3 = T. h3; <br/> h4 = T. h4; <br/> h5 = T. h5; <br/> h6 = T. h6; <br/> H7 = T. h7; <br/> h8 = T. h8; <br/> system. arraycopy (T. w, 0, W, 0, T. w. length); <br/> woff = T. woff; <br/>}< br/> //~ Methods /////////////////////////////////////// /// // <br/> Public static byte [] Digest (byte [] Input) {<br/> passworddigesterfrominternet digester = new passworddigesterfrominternet (); <br/> byte [] Output = new byte [digester. getdigestsize ()]; <br/> digester. update (input, 0, input. length); <br/> digester. dofinal (output, 0); <br/> return output; <br/>}< br/> Public int getdigest Size () {<br/> return digest_length; <br/>}< br/> Public int dofinal (byte [] Out, int outoff) {<br/> finish (); <br/> unpackword (H1, out, outoff); <br/> unpackword (H2, out, outoff + 8 ); <br/> unpackword (H3, out, outoff + 16); <br/> unpackword (H4, out, outoff + 24); <br/> unpackword (H5, out, outoff + 32); <br/> unpackword (h6, out, outoff + 40); <br/> unpackword (H7, out, outoff + 48); <br/> unpackwo Rd (H8, out, outoff + 56); <br/> Reset (); <br/> return digest_length; <br/>}< br/> Public void finish () {<br/> adjustbytecounts (); <br/> long lowbitlength = bytecount1 <3; <br/> long hibitlength = bytecount2; <br/> // Add the pad bytes. <br/> // <br/> Update (byte) 128); <br/> while (xbufoff! = 0) {<br/> Update (byte) 0); <br/>}< br/> processlength (lowbitlength, hibitlength); <br/> processblock (); <br/>}< br/> Public void reset () {<br/> bytecount1 = 0; <br/> bytecount2 = 0; <br/> xbufoff = 0; <br/> for (INT I = 0; I <xbuf. length; I ++) {<br/> xbuf [I] = 0; <br/>}< br/> woff = 0; <br/> for (INT I = 0; I! = W. length; I ++) {<br/> W [I] = 0; <br/>}< br/> H1 = 0x6a09e667f3bcc908l; <br/> H2 = 0xbb67ae8584caa73bl; <br/> h3 = 0x3c6ef372fe94f82bl; <br/> h4 = Beijing; <br/> h5 = Beijing; <br/> h6 = Beijing; <br/> H7 = 0x1f83d9abfb41bd6bl; <br/> h8 = 0x5be0cd19137e2179l; <br/>}< br/> Public void Update (byte in) {<br/> xbuf [xbufoff ++] = in; <br/> If (xbufoff = xbuf. leng Th) {<br/> processword (xbuf, 0); <br/> xbufoff = 0; <br/>}< br/> bytecount1 ++; <br/>}< br/> Public void Update (byte [] In, int inoff, int Len) {<br/> // fill the current word <br/> // <br/> while (xbufoff! = 0) & (LEN> 0) {<br/> Update (in [inoff]); <br/> inoff ++; <br/> Len --; <br/>}< br/> // <br/> // process whole words. <br/> // <br/> while (LEN> xbuf. length) {<br/> processword (in, inoff); <br/> inoff + = xbuf. length; <br/> len-= xbuf. length; <br/> bytecount1 + = xbuf. length; <br/>}< br/> // <br/> // load in the remainder. <br/> // <br/> while (LEN> 0) {<br/> Update (in [inoff]); <br/> inoff ++; <Br/> Len --; <br/>}< br/> protected void processblock () {<br/> adjustbytecounts (); <br/> // expand 16 word block into 80 word blocks. <br/> // <br/> for (int t = 16; t <= 79; t ++) {<br/> W [T] = sigma1 (W [T-2]) + W [T-7] + sigma0 (W [T-15]) + W [T-16]; <br/>}< br/> // <br/> // set up working variables. <br/> // <br/> long a = h1; <br/> long B = h2; <br/> long c = H3; <br/> Long d = H4; <br/> long e = H5; <br/> long F = H6; <br/> long G = H7; <br/> long H = H8; <br/> for (int t = 0; t <= 79; t ++) {<br/> long T1; <br/> long T2; <br/> T1 = H + sum1 (e) + CH (E, F, G) + K [T] + W [T]; <br/> T2 = sum0 (A) + maj (A, B, C); <br/> H = g; <br/> G = F; <br/> F = E; <br/> E = d + T1; <br/> d = C; <br/> C = B; <br/> B = A; <br/> A = t1 + T2; <br/>}< br/> H1 + =; <br/> H2 + = B; <br /> H3 + = C; <br/> H4 + = D; <br/> H5 + = E; <br/> h6 + = F; <br/> H7 + = g; <br/> H8 + = H; <br/> // reset the offset and clean out the word buffer. <br/> // <br/> woff = 0; <br/> for (INT I = 0; I! = W. length; I ++) {<br/> W [I] = 0; <br/>}< br/> protected void processlength (long loww, long hiw) {<br/> If (woff> 14) {<br/> processblock (); <br/>}< br/> W [14] = hiw; <br/> W [15] = loww; <br/>}< br/> protected void processword (byte [] In, int inoff) {<br/> W [woff ++] = (long) (in [inoff] & 0xff) <56) | (long) (In [inoff + 1] & 0xff) <48) | (long) (in [inoff + 2] & 0xff) <40) | ((Long) (in [inoff + 3] & 0xff) <32) | (long) (in [inoff + 4] & 0xff) <24) | (long) (in [inoff + 5] & 0xff) <16) | (long) (in [inoff + 6] & 0xff) <8) | (long) (in [inoff + 7] & 0xff); <br/> If (woff = 16) {<br/> processblock (); <br/>}< br/> protected void unpackword (long word, byte [] Out, int outoff) {<br/> out [outoff] = (byte) (word >>> 56); <br/> out [outoff + 1] = (byte) (Word >>> 48); <br/> out [outoff + 2] = (byte) (word >>> 40 ); <br/> out [outoff + 3] = (byte) (word >>> 32); <br/> out [outoff + 4] = (byte) (Word >>> 24); <br/> out [outoff + 5] = (byte) (word >>> 16 ); <br/> out [outoff + 6] = (byte) (word >>> 8); <br/> out [outoff + 7] = (byte) word; <br/>}< br/> private long CH (long X, long y, long Z) {<br/> return (X & Y) ^ ((~ X) & Z); <br/>}< br/> private long maj (long X, long y, long Z) {<br/> return (X & Y) ^ (X & Z) ^ (Y & Z )); <br/>}< br/> private long sigma0 (long x) {<br/> return rotateright (x, 1) ^ rotateright (x, 8) ^ (x >>> 7); <br/>}< br/> private long sigma1 (long x) {<br/> return rotateright (x, 19) ^ rotateright (x, 61) ^ (x >>> 6); <br/>}< br/> private long sum0 (long X) {<br/> return rotateright (x, 28) ^ rotateright (x, 34) ^ rotateright (x, 39 ); <br/>}< br/> private long sum1 (long x) {<br/> return rotateright (x, 14) ^ rotateright (x, 18) ^ rotateright (X, 41 ); <br/>}< br/>/** <br/> * adjust the byte counts so that bytecount2 represents the <br/> * upper long (less 3 bits) word of the byte count. <br/> */<br/> private void adjustbytecounts () {<br/> If (bytecount1> 0x1fffffffffffffffl) {<br/> bytecount2 + = (bytecount1> 61); <br/> bytecount1 & = 0x1fffffffffffffffl; <br/>}< br/> private long rotateright (long X, int N) {<br/> return (x> N) | (x <(64-N); <br/>}< br/> 

 

The following is the portal to encrypt passwords:

Open the package: COM. opensymphony. User. provider. hibernate. impl, hibernateuserimpl. Java is the encryption method entry. Paste some code:

Public Boolean authenticate (string password) <br/>{< br/> If (Password = NULL) | (getpasswordhash () = NULL) | (password. length () = 0) {<br/> return false; <br/>}< br/> return comparehash (getpasswordhash (), password ); <br/>}< br/> Public void removegroup (hibernategroup group) <br/>{< br/> If (this. groups! = NULL) & (this. groups. contains (Group) <br/> This. groups. remove (Group); <br/>}< br/> private Boolean comparehash (string hashedvalue, string unhashedvalue) <br/>{< br/> return hashedvalue. equals (createhash (unhashedvalue); <br/>}< br/> private string createhash (string original) {<br/> byte [] digested = passworddigester. digest (original. getbytes (); <br/> byte [] encoded = base64.encode (digested); <br/> return new string (encoded); <br/>} 

 

 

If you want to test the encrypted code, you only need to create a Java project in myeclipse and import base64.java and passwordigester. java.

Create test. Java, and write the createhash () method shown above...

 

// The userutils class is called in many places. This is under Atlassian-Jira/WEB-INF/lib/atlassian-core-4.5.2.jar, Com. Atlassian. Core. User.

 

 

Remarks: This article Reprinted from: http://blog.csdn.net/laolu90/archive/2010/03/05/5349444.aspx

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.