PasswordServlet.java Source code

Java tutorial

  1. HOME
  2. Java
  3. PasswordServlet.java

Introduction

Here is the source code for PasswordServlet.java

Source

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;

public class PasswordServlet extends HttpServlet {
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        System.out.println("user = " + request.getParameter("user"));
        System.out.println("timestamp = " + request.getParameter("timestamp"));
        System.out.println("random = " + request.getParameter("random"));
        System.out.println("digest = " + request.getParameter("digest"));
        String user = request.getParameter("user");
        String password = lookupPassword(user);
        String timestamp = request.getParameter("timestamp");
        String randomNumber = request.getParameter("random");

        byte[] userBytes = user.getBytes();
        byte[] timestampBytes = HexCodec.hexToBytes(timestamp);
        byte[] randomBytes = HexCodec.hexToBytes(randomNumber);
        byte[] passwordBytes = password.getBytes();
        Digest digest = new SHA1Digest();
        digest.update(userBytes, 0, userBytes.length);
        digest.update(timestampBytes, 0, timestampBytes.length);
        digest.update(randomBytes, 0, randomBytes.length);
        digest.update(passwordBytes, 0, passwordBytes.length);
        byte[] digestValue = new byte[digest.getDigestSize()];
        digest.doFinal(digestValue, 0);

        String message = "";
        String clientDigest = request.getParameter("digest");
        if (isEqual(digestValue, HexCodec.hexToBytes(clientDigest)))
            message = "User " + user + " logged in.";
        else
            message = "Login was unsuccessful.";

        response.setContentType("text/plain");
        response.setContentLength(message.length());
        PrintWriter out = response.getWriter();
        out.println(message);
    }

    private String lookupPassword(String user) {
        return "happy8";
    }

    private boolean isEqual(byte[] one, byte[] two) {
        if (one.length != two.length)
            return false;
        for (int i = 0; i < one.length; i++)
            if (one[i] != two[i])
                return false;
        return true;
    }
}

class HexCodec {
    private static final char[] kDigits = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd',
            'e', 'f' };

    public static char[] bytesToHex(byte[] raw) {
        int length = raw.length;
        char[] hex = new char[length * 2];
        for (int i = 0; i < length; i++) {
            int value = (raw[i] + 256) % 256;
            int highIndex = value >> 4;
            int lowIndex = value & 0x0f;
            hex[i * 2 + 0] = kDigits[highIndex];
            hex[i * 2 + 1] = kDigits[lowIndex];
        }
        return hex;
    }

    public static byte[] hexToBytes(char[] hex) {
        int length = hex.length / 2;
        byte[] raw = new byte[length];
        for (int i = 0; i < length; i++) {
            int high = Character.digit(hex[i * 2], 16);
            int low = Character.digit(hex[i * 2 + 1], 16);
            int value = (high << 4) | low;
            if (value > 127)
                value -= 256;
            raw[i] = (byte) value;
        }
        return raw;
    }

    public static byte[] hexToBytes(String hex) {
        return hexToBytes(hex.toCharArray());
    }
}