1 | package jp.co.orkney.restlet.security; |
---|
2 | |
---|
3 | import java.io.BufferedReader; |
---|
4 | import java.io.ByteArrayOutputStream; |
---|
5 | import java.io.FileInputStream; |
---|
6 | import java.io.FileNotFoundException; |
---|
7 | import java.io.IOException; |
---|
8 | import java.security.MessageDigest; |
---|
9 | import java.security.NoSuchAlgorithmException; |
---|
10 | |
---|
11 | import jp.co.orkney.restlet.util.Log; |
---|
12 | |
---|
13 | public class MD5SecurityHelper { |
---|
14 | public static boolean checkAPIKey(String clientId, String signature, |
---|
15 | String apiKey, String secretKey, Log log) |
---|
16 | throws NoSuchAlgorithmException { |
---|
17 | boolean isValid = false; |
---|
18 | boolean verifies = false; |
---|
19 | |
---|
20 | MessageDigest algorithm = MessageDigest.getInstance("MD5"); |
---|
21 | |
---|
22 | log.write("clientId = " + clientId + ", apiKey = "+apiKey + ", secretKey = " +secretKey, 2); |
---|
23 | |
---|
24 | log.write(signature +" == " + getHash(clientId, algorithm), 2); |
---|
25 | log.write(apiKey +" == " + getHash(clientId+secretKey, algorithm), 2); |
---|
26 | |
---|
27 | verifies = signature.equals(getHash(clientId, algorithm)); |
---|
28 | isValid = apiKey.equals(getHash(clientId+secretKey, algorithm)); |
---|
29 | |
---|
30 | return isValid && verifies; |
---|
31 | } |
---|
32 | |
---|
33 | private static String getHash(String input, MessageDigest algorithm) { |
---|
34 | |
---|
35 | algorithm.reset(); |
---|
36 | |
---|
37 | algorithm.update(input.getBytes()); |
---|
38 | byte[] messageDigest = algorithm.digest(); |
---|
39 | StringBuffer hexString = new StringBuffer(); |
---|
40 | |
---|
41 | for (int i = 0; i < messageDigest.length; i++) { |
---|
42 | String hex = Integer.toHexString(0xFF & messageDigest[i]); |
---|
43 | if (hex.length() == 1) { |
---|
44 | hexString.append('0'); |
---|
45 | } |
---|
46 | hexString.append(hex); |
---|
47 | } |
---|
48 | return hexString.toString(); |
---|
49 | } |
---|
50 | |
---|
51 | } |
---|