RandomPasswordProvider.java

/* ====================================================================
 *
 * Copyright (C) 2014 GeoSolutions S.A.S.
 * http://www.geo-solutions.it
 *
 * GPLv3 + Classpath exception
 * 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. 
 *
 * ====================================================================
 *
 * This software consists of voluntary contributions made by developers
 * of GeoSolutions.  For more information on GeoSolutions, please see
 * <http://www.geo-solutions.it/>.
 *
 */
package it.geosolutions.geostore.core.security.password;

import java.security.SecureRandom;

/**
 * This Class for generating random passwords using {@link SecureRandom}.
 * <p>
 * The password alphabet is {@link #PRINTABLE_ALPHABET}. Since the alphabet is
 * not really big, the length of the password is important.
 * This class is the same available in GeoServer.
 * </p>
 * 
 * @author Lorenzo Natali (lorenzo.natali at geo-solutions.it)
 */
public class RandomPasswordProvider {

	/** alphabet */
	public static final char[] PRINTABLE_ALPHABET = { '!', '\"', '#', '$', '%',
			'&', '\'', '(', ')', '*', '+', ',', '-', '.', '/', '0', '1', '2',
			'3', '4', '5', '6', '7', '8', '9', ':', ';', '<', '?', '@', 'A',
			'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N',
			'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '[',
			'\\', ']', '^', '_', '`', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h',
			'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u',
			'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~', };

	/**
	 * The default password length assures a key strength of 2 ^ 261
	 * {@link #PRINTABLE_ALPHABET} has 92 characters ln (92 ^ 40 ) / ln (2) =
	 * 260.942478242
	 */
	public static int DefaultPasswordLength = 40;

	/**
	 * Creates a random password of the specified length, if length <=0, return
	 * <code>null</code>
	 */
	public char[] getRandomPassword(int length) {
		if (length <= 0)
			return null;
		char[] buff = new char[length];
		getRandomPassword(buff);
		return buff;
	}

	public char[] getRandomPasswordWithDefaultLength() {
		char[] buff = new char[DefaultPasswordLength];
		getRandomPassword(buff);
		return buff;
	}

	/**
	 * Creates a random password filling the specified character array.
	 */
	public void getRandomPassword(char[] buff) {
		SecureRandom random = new SecureRandom();
		for (int i = 0; i < buff.length; i++) {
			int index = random.nextInt() % PRINTABLE_ALPHABET.length;
			if (index < 0)
				index += PRINTABLE_ALPHABET.length;
			buff[i] = PRINTABLE_ALPHABET[index];
		}
	}

	/**
	 * Creates a random password filling the specified byte array.
	 */
	public void getRandomPassword(byte[] buff) {
		SecureRandom random = new SecureRandom();
		for (int i = 0; i < buff.length; i++) {
			int index = random.nextInt() % PRINTABLE_ALPHABET.length;
			if (index < 0)
				index += PRINTABLE_ALPHABET.length;
			buff[i] = (byte) PRINTABLE_ALPHABET[index];
		}
	}
}