Lutece – CPD Results

CPD Results

The following document contains the results of PMD's CPD 6.13.0.

Duplications

File	Line
fr/paris/lutece/util/signrequest/HeaderHashAuthenticator.java	57
fr/paris/lutece/util/signrequest/RequestHashAuthenticator.java	58
String strTimestamp = request.getHeader( HEADER_TIMESTAMP ); // no signature or timestamp if ( ( strHash1 == null ) \|\| ( strTimestamp == null ) ) { LOGGER.info( "SignRequest - Invalid signature" ); return false; } if ( !isValidTimestamp( strTimestamp ) ) { LOGGER.info( "SignRequest - Invalid timestamp : " + strTimestamp ); return false; } List<String> listElements = new ArrayList<String>( ); for ( String strParameter : getSignatureElements( ) ) { String strValue = request.getParameter( strParameter ); if ( strValue != null ) { listElements.add( strValue ); } } String strHash2 = buildSignature( listElements, strTimestamp, getPrivateKey( ) ); return strHash1.equals( strHash2 ); } /** * {@inheritDoc } */ @Override public AuthenticateRequestInformations getSecurityInformations( List<String> elements ) { String strTimestamp = String.valueOf( new Date( ).getTime( ) ); String strSignature = buildSignature( elements, strTimestamp, getPrivateKey( ) ); return new AuthenticateRequestInformations().addSecurityHeader(HEADER_TIMESTAMP,strTimestamp).addSecurityHeader(HEADER_SIGNATURE, strSignature);

File

Line

fr/paris/lutece/util/signrequest/HeaderHashAuthenticator.java

fr/paris/lutece/util/signrequest/RequestHashAuthenticator.java

        String strTimestamp = request.getHeader( HEADER_TIMESTAMP );

        // no signature or timestamp
        if ( ( strHash1 == null ) || ( strTimestamp == null ) )
        {
            LOGGER.info( "SignRequest - Invalid signature" );

            return false;
        }

        if ( !isValidTimestamp( strTimestamp ) )
        {
            LOGGER.info( "SignRequest - Invalid timestamp : " + strTimestamp );

            return false;
        }

        List<String> listElements = new ArrayList<String>( );

        for ( String strParameter : getSignatureElements( ) )
        {
            String strValue = request.getParameter( strParameter );

            if ( strValue != null )
            {
                listElements.add( strValue );
            }
        }

        String strHash2 = buildSignature( listElements, strTimestamp, getPrivateKey( ) );

        return strHash1.equals( strHash2 );
    }

    /**
     * {@inheritDoc }
     */
    @Override
    public AuthenticateRequestInformations  getSecurityInformations( List<String> elements )
    {
        String strTimestamp = String.valueOf( new Date( ).getTime( ) );
        String strSignature = buildSignature( elements, strTimestamp, getPrivateKey( ) );

        return new AuthenticateRequestInformations().addSecurityHeader(HEADER_TIMESTAMP,strTimestamp).addSecurityHeader(HEADER_SIGNATURE, strSignature);

File	Line
fr/paris/lutece/util/signrequest/security/Sha1HashService.java	61
fr/paris/lutece/util/signrequest/security/Sha512HashService.java	61
md1 = MessageDigest.getInstance( "SHA-1" ); } catch( NoSuchAlgorithmException e ) { _logger.error( "Error creating hash " + e.getMessage( ), e ); } try { md1.update( strSource.getBytes( "UTF-8" ) ); } catch( UnsupportedEncodingException e ) { _logger.error( "Error creating hash " + e.getMessage( ), e ); } return hex( md1.digest( ) ); } /** * Convert bytes into an hexadecimal string * * @param bytes * Array of bytes * @return An Hexadecimal string / private static String hex( byte [ ] bytes ) { StringBuilder sb = new StringBuilder( bytes.length 2 ); for ( int i = 0; i < bytes.length; i++ ) { int b = bytes [i] & 0xFF; sb.append( HEX_DIGITS.charAt( b >>> 4 ) ).append( HEX_DIGITS.charAt( b & 0xF ) ); } return sb.toString( ); } }

File

Line

fr/paris/lutece/util/signrequest/security/Sha1HashService.java

fr/paris/lutece/util/signrequest/security/Sha512HashService.java

            md1 = MessageDigest.getInstance( "SHA-1" );
        }
        catch( NoSuchAlgorithmException e )
        {
            _logger.error( "Error creating hash " + e.getMessage( ), e );
        }

        try
        {
            md1.update( strSource.getBytes( "UTF-8" ) );
        }
        catch( UnsupportedEncodingException e )
        {
            _logger.error( "Error creating hash " + e.getMessage( ), e );
        }

        return hex( md1.digest( ) );
    }

    /**
     * Convert bytes into an hexadecimal string
     * 
     * @param bytes
     *            Array of bytes
     * @return An Hexadecimal string
     */
    private static String hex( byte [ ] bytes )
    {
        StringBuilder sb = new StringBuilder( bytes.length * 2 );

        for ( int i = 0; i < bytes.length; i++ )
        {
            int b = bytes [i] & 0xFF;
            sb.append( HEX_DIGITS.charAt( b >>> 4 ) ).append( HEX_DIGITS.charAt( b & 0xF ) );
        }

        return sb.toString( );
    }
}