[tomcat] branch 10.1.x updated: Refactor code using MD5Encoder to use HexUtils.toHexString()

markt Fri, 03 Mar 2023 06:36:49 -0800

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git



The following commit(s) were added to refs/heads/10.1.x by this push:
     new f3997773d3 Refactor code using MD5Encoder to use HexUtils.toHexString()
f3997773d3 is described below

commit f3997773d34df4150b0991c04c2f473d69ccbbca
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Fri Mar 3 14:35:31 2023 +0000

    Refactor code using MD5Encoder to use HexUtils.toHexString()
    
    Removes duplicate functionality.
---
 .../org/apache/catalina/authenticator/DigestAuthenticator.java |  8 ++++----
 java/org/apache/catalina/realm/RealmBase.java                  |  6 +++---
 java/org/apache/catalina/servlets/WebdavServlet.java           |  4 ++--
 java/org/apache/tomcat/util/security/MD5Encoder.java           |  5 +++++
 java/org/apache/tomcat/websocket/DigestAuthenticator.java      |  4 ++--
 .../apache/catalina/authenticator/TestDigestAuthenticator.java |  4 ++--
 .../authenticator/TestSSOnonLoginAndDigestAuthenticator.java   |  4 ++--
 .../authenticator/TesterDigestAuthenticatorPerformance.java    |  8 ++++----
 test/org/apache/catalina/realm/TestJNDIRealm.java              | 10 +++++-----
 webapps/docs/changelog.xml                                     |  4 ++++
 10 files changed, 33 insertions(+), 24 deletions(-)

diff --git a/java/org/apache/catalina/authenticator/DigestAuthenticator.java 
b/java/org/apache/catalina/authenticator/DigestAuthenticator.java
index 9ef3dd8b40..247ea05d8c 100644
--- a/java/org/apache/catalina/authenticator/DigestAuthenticator.java
+++ b/java/org/apache/catalina/authenticator/DigestAuthenticator.java
@@ -31,10 +31,10 @@ import org.apache.catalina.Realm;
 import org.apache.catalina.connector.Request;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.apache.tomcat.util.http.parser.Authorization;
 import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
 
 
 /**
@@ -296,7 +296,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
         String ipTimeKey = request.getRemoteAddr() + ":" + currentTime + ":" + 
getKey();
 
         byte[] buffer = 
ConcurrentMessageDigest.digestMD5(ipTimeKey.getBytes(StandardCharsets.ISO_8859_1));
-        String nonce = currentTime + ":" + MD5Encoder.encode(buffer);
+        String nonce = currentTime + ":" + HexUtils.toHexString(buffer);
 
         NonceInfo info = new NonceInfo(currentTime, getNonceCountWindowSize());
         synchronized (nonces) {
@@ -539,7 +539,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
             }
             String serverIpTimeKey = request.getRemoteAddr() + ":" + nonceTime 
+ ":" + key;
             byte[] buffer = 
ConcurrentMessageDigest.digestMD5(serverIpTimeKey.getBytes(StandardCharsets.ISO_8859_1));
-            String md5ServerIpTimeKey = MD5Encoder.encode(buffer);
+            String md5ServerIpTimeKey = HexUtils.toHexString(buffer);
             if (!md5ServerIpTimeKey.equals(md5clientIpTimeKey)) {
                 return false;
             }
@@ -597,7 +597,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
             String a2 = method + ":" + uri;
 
             byte[] buffer = 
ConcurrentMessageDigest.digestMD5(a2.getBytes(StandardCharsets.ISO_8859_1));
-            String md5a2 = MD5Encoder.encode(buffer);
+            String md5a2 = HexUtils.toHexString(buffer);
 
             return realm.authenticate(userName, response, nonce, nc, cnonce, 
qop, realmName, md5a2);
         }
diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index 25149713ef..c55a64bc7c 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -52,11 +52,11 @@ import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.util.IntrospectionUtils;
 import org.apache.tomcat.util.buf.B2CConverter;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.descriptor.web.SecurityCollection;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 import org.apache.tomcat.util.res.StringManager;
 import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
 import org.ietf.jgss.GSSContext;
 import org.ietf.jgss.GSSCredential;
 import org.ietf.jgss.GSSException;
@@ -399,7 +399,7 @@ public abstract class RealmBase extends LifecycleMBeanBase 
implements Realm {
                     uee);
         }
 
-        String serverDigest = 
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(valueBytes));
+        String serverDigest = 
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(valueBytes));
 
         if (log.isDebugEnabled()) {
             log.debug("Digest : " + clientDigest + " Username:" + username + " 
ClientDigest:" + clientDigest +
@@ -1131,7 +1131,7 @@ public abstract class RealmBase extends 
LifecycleMBeanBase implements Realm {
                     uee);
         }
 
-        return 
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(valueBytes));
+        return 
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(valueBytes));
     }
 
 
diff --git a/java/org/apache/catalina/servlets/WebdavServlet.java 
b/java/org/apache/catalina/servlets/WebdavServlet.java
index 876d804f41..096ed5a84f 100644
--- a/java/org/apache/catalina/servlets/WebdavServlet.java
+++ b/java/org/apache/catalina/servlets/WebdavServlet.java
@@ -54,11 +54,11 @@ import org.apache.catalina.connector.RequestFacade;
 import org.apache.catalina.util.DOMWriter;
 import org.apache.catalina.util.URLEncoder;
 import org.apache.catalina.util.XMLWriter;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.http.ConcurrentDateFormat;
 import org.apache.tomcat.util.http.FastHttpDateFormat;
 import org.apache.tomcat.util.http.RequestUtil;
 import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
@@ -1070,7 +1070,7 @@ public class WebdavServlet extends DefaultServlet {
                     lock.depth + "-" + lock.owner + "-" + lock.tokens + "-" +
                     lock.expiresAt + "-" + System.currentTimeMillis() + "-" +
                     secret;
-            String lockToken = 
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(
+            String lockToken = 
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(
                     lockTokenStr.getBytes(StandardCharsets.ISO_8859_1)));
 
             if (resource.isDirectory() && lock.depth == maxDepth) {
diff --git a/java/org/apache/tomcat/util/security/MD5Encoder.java 
b/java/org/apache/tomcat/util/security/MD5Encoder.java
index 542dfd2010..c42f3e3403 100644
--- a/java/org/apache/tomcat/util/security/MD5Encoder.java
+++ b/java/org/apache/tomcat/util/security/MD5Encoder.java
@@ -16,6 +16,8 @@
  */
 package org.apache.tomcat.util.security;
 
+import org.apache.tomcat.util.buf.HexUtils;
+
 /**
  * Encode an MD5 digest into a String.
  * <p>
@@ -24,7 +26,10 @@ package org.apache.tomcat.util.security;
  * of the digest.
  *
  * @author Remy Maucherat
+ *
+ * @deprecated Unused. Use {@link HexUtils} instead. Will be removed in Tomcat 
11.
  */
+@Deprecated
 public final class MD5Encoder {
 
 
diff --git a/java/org/apache/tomcat/websocket/DigestAuthenticator.java 
b/java/org/apache/tomcat/websocket/DigestAuthenticator.java
index f9511537be..000f01e445 100644
--- a/java/org/apache/tomcat/websocket/DigestAuthenticator.java
+++ b/java/org/apache/tomcat/websocket/DigestAuthenticator.java
@@ -22,7 +22,7 @@ import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.util.Map;
 
-import org.apache.tomcat.util.security.MD5Encoder;
+import org.apache.tomcat.util.buf.HexUtils;
 
 /**
  * Authenticator supporting the DIGEST authentication method.
@@ -141,7 +141,7 @@ public class DigestAuthenticator extends Authenticator {
         MessageDigest md = MessageDigest.getInstance("MD5");
         byte[] thedigest = md.digest(bytesOfMessage);
 
-        return MD5Encoder.encode(thedigest);
+        return HexUtils.toHexString(thedigest);
     }
 
     @Override
diff --git 
a/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java 
b/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java
index b119b443d3..1e01229f9f 100644
--- a/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java
+++ b/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java
@@ -37,11 +37,11 @@ import org.apache.tomcat.unittest.TesterContext;
 import org.apache.tomcat.unittest.TesterRequest;
 import org.apache.tomcat.unittest.TesterServletContext;
 import org.apache.tomcat.util.buf.ByteChunk;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.descriptor.web.LoginConfig;
 import org.apache.tomcat.util.descriptor.web.SecurityCollection;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
 
 public class TestDigestAuthenticator extends TomcatBaseTest {
 
@@ -383,6 +383,6 @@ public class TestDigestAuthenticator extends TomcatBaseTest 
{
     }
 
     private static String digest(String input) {
-        return 
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(input.getBytes()));
+        return 
HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(input.getBytes()));
     }
 }
diff --git 
a/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
 
b/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
index fbf14fe209..539d7f12a3 100644
--- 
a/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
+++ 
b/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
@@ -30,11 +30,11 @@ import org.apache.catalina.startup.TesterServlet;
 import org.apache.catalina.startup.Tomcat;
 import org.apache.catalina.startup.TomcatBaseTest;
 import org.apache.tomcat.util.buf.ByteChunk;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.descriptor.web.LoginConfig;
 import org.apache.tomcat.util.descriptor.web.SecurityCollection;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
 
 /**
  * Test DigestAuthenticator and NonLoginAuthenticator when a
@@ -457,7 +457,7 @@ public class TestSSOnonLoginAndDigestAuthenticator extends 
TomcatBaseTest {
     }
 
     private static String digest(String input) {
-        return MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(
+        return HexUtils.toHexString(ConcurrentMessageDigest.digestMD5(
                 input.getBytes(StandardCharsets.UTF_8)));
     }
 
diff --git 
a/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java
 
b/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java
index 7039263467..ce404a1f79 100644
--- 
a/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java
+++ 
b/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java
@@ -37,9 +37,9 @@ import org.apache.catalina.core.StandardHost;
 import org.apache.catalina.core.StandardService;
 import org.apache.catalina.filters.TesterHttpServletResponse;
 import org.apache.catalina.startup.TesterMapRealm;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.descriptor.web.LoginConfig;
 import org.apache.tomcat.util.security.ConcurrentMessageDigest;
-import org.apache.tomcat.util.security.MD5Encoder;
 
 public class TesterDigestAuthenticatorPerformance {
 
@@ -160,9 +160,9 @@ public class TesterDigestAuthenticatorPerformance {
         private static final String A1 = USER + ":" + REALM + ":" + PWD;
         private static final String A2 = METHOD + ":" + CONTEXT_PATH + URI;
 
-        private static final String MD5A1 = MD5Encoder.encode(
+        private static final String MD5A1 = HexUtils.toHexString(
                 ConcurrentMessageDigest.digest("MD5", 
A1.getBytes(StandardCharsets.UTF_8)));
-        private static final String MD5A2 = MD5Encoder.encode(
+        private static final String MD5A2 = HexUtils.toHexString(
                 ConcurrentMessageDigest.digest("MD5", 
A2.getBytes(StandardCharsets.UTF_8)));
 
 
@@ -215,7 +215,7 @@ public class TesterDigestAuthenticatorPerformance {
             String response = MD5A1 + ":" + nonce + ":" + ncString + ":" +
                     cnonce + ":" + QOP + ":" + MD5A2;
 
-            String md5response = 
MD5Encoder.encode(ConcurrentMessageDigest.digest(
+            String md5response = 
HexUtils.toHexString(ConcurrentMessageDigest.digest(
                     "MD5", response.getBytes(StandardCharsets.UTF_8)));
 
             StringBuilder auth = new StringBuilder();
diff --git a/test/org/apache/catalina/realm/TestJNDIRealm.java 
b/test/org/apache/catalina/realm/TestJNDIRealm.java
index 78412fac06..6b792fe2f0 100644
--- a/test/org/apache/catalina/realm/TestJNDIRealm.java
+++ b/test/org/apache/catalina/realm/TestJNDIRealm.java
@@ -42,7 +42,7 @@ import org.apache.catalina.Context;
 import org.apache.catalina.LifecycleException;
 import org.apache.naming.NameParserImpl;
 import org.apache.tomcat.unittest.TesterContext;
-import org.apache.tomcat.util.security.MD5Encoder;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.easymock.EasyMock;
 
 public class TestJNDIRealm {
@@ -71,7 +71,7 @@ public class TestJNDIRealm {
 
         // WHEN
         String expectedResponse =
-                MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" 
+ HA2).getBytes()));
+                HexUtils.toHexString(md5Helper.digest((ha1() + ":" + NONCE + 
":" + HA2).getBytes()));
         Principal principal =
                 realm.authenticate(USER, expectedResponse, NONCE, null, null, 
null, REALM, HA2);
 
@@ -87,7 +87,7 @@ public class TestJNDIRealm {
 
         // WHEN
         String expectedResponse =
-                MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" 
+ HA2).getBytes()));
+                HexUtils.toHexString(md5Helper.digest((ha1() + ":" + NONCE + 
":" + HA2).getBytes()));
         Principal principal =
                 realm.authenticate(USER, expectedResponse, NONCE, null, null, 
null, REALM, HA2);
 
@@ -105,7 +105,7 @@ public class TestJNDIRealm {
 
         // WHEN
         String expectedResponse =
-                MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" 
+ HA2).getBytes()));
+                HexUtils.toHexString(md5Helper.digest((ha1() + ":" + NONCE + 
":" + HA2).getBytes()));
         Principal principal =
                 realm.authenticate(USER, expectedResponse, NONCE, null, null, 
null, REALM, HA2);
 
@@ -194,6 +194,6 @@ public class TestJNDIRealm {
 
     private String ha1() {
         String a1 = USER + ":" + REALM + ":" + PASSWORD;
-        return MD5Encoder.encode(md5Helper.digest(a1.getBytes()));
+        return HexUtils.toHexString(md5Helper.digest(a1.getBytes()));
     }
 }
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 146830d8d8..22a29ca59f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -139,6 +139,10 @@
       <add>
         Improvements to Chinese translations. Contributed by totoo. (markt)
       </add>
+      <scode>
+        Refactor code using <code>MD5Encoder</code> to use
+        <code>HexUtils.toHexString()</code>. (markt)
+      </scode>
     </changelog>
   </subsection>
 </section>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Refactor code using MD5Encoder to use HexUtils.toHexString()

Reply via email to