1 package org.apache.tomcat.maven.runner;
2
3 /*
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
19 * under the License.
20 */
21
22 import java.util.Properties;
23
24
25 /**
26 * Password obfuscate utility class. Lifted from Jetty org.mortbay.jetty.security.Password
27 * <p/>
28 * <p/>
29 * Passwords that begin with OBF: are de obfuscated.
30 * <p/>
31 * Passwords can be obfuscated by running Obfuscate as a main class. Obfuscated password are required if a system needs
32 * to recover the full password (eg. so that it may be passed to another system).
33 * <p/>
34 * They are not secure, but prevent casual observation.
35 *
36 * @see <a
37 * href="http://grepcode.com/file_/repo1.maven.org/maven2/org.mortbay.jetty/jetty/6.1.11/org/mortbay/jetty/security/Password.java/?v=source"
38 * >Jetty Source org.mortbay.jetty.security.Password</a>
39 * @since 2.0
40 */
41 public class PasswordUtil
42 {
43 public static final String __OBFUSCATE = "OBF:";
44
45 /* ------------------------------------------------------------ */
46 public static String obfuscate( String s )
47 {
48 StringBuilder buf = new StringBuilder();
49 byte[] b = s.getBytes();
50
51 buf.append( __OBFUSCATE );
52 for ( int i = 0; i < b.length; i++ )
53 {
54 byte b1 = b[i];
55 byte b2 = b[s.length() - ( i + 1 )];
56 int i1 = 127 + b1 + b2;
57 int i2 = 127 + b1 - b2;
58 int i0 = i1 * 256 + i2;
59 String x = Integer.toString( i0, 36 );
60
61 switch ( x.length() )
62 {
63 case 1:
64 buf.append( '0' );
65 case 2:
66 buf.append( '0' );
67 case 3:
68 buf.append( '0' );
69 default:
70 buf.append( x );
71 }
72 }
73 return buf.toString();
74
75 }
76
77 /* ------------------------------------------------------------ */
78 public static String deobfuscate( String s )
79 {
80 if ( s.startsWith( __OBFUSCATE ) )
81 {
82 s = s.substring( __OBFUSCATE.length() );
83
84 byte[] b = new byte[s.length() / 2];
85 int l = 0;
86 for ( int i = 0; i < s.length(); i += 4 )
87 {
88 String x = s.substring( i, i + 4 );
89 int i0 = Integer.parseInt( x, 36 );
90 int i1 = ( i0 / 256 );
91 int i2 = ( i0 % 256 );
92 b[l++] = (byte) ( ( i1 + i2 - 254 ) / 2 );
93 }
94 return new String( b, 0, l );
95 }
96 else
97 {
98 return s;
99 }
100
101 }
102
103 public static void deobfuscateSystemProps()
104 {
105 Properties props = System.getProperties();
106 for ( Object obj : props.keySet() )
107 {
108 if ( obj instanceof String )
109 {
110 String key = (String) obj;
111 String value = (String) props.getProperty( key );
112 if ( value != null && value.startsWith( __OBFUSCATE ) )
113 {
114 System.setProperty( key, deobfuscate( value ) );
115 }
116 }
117 }
118 }
119
120 public static void main( String[] args )
121 {
122 if ( args[0].startsWith( __OBFUSCATE ) )
123 {
124 System.out.println( PasswordUtil.deobfuscate( args[1] ) );
125 }
126 else
127 {
128 System.out.println( PasswordUtil.obfuscate( args[1] ) );
129 }
130 }
131 }