01: /*
02: * JBoss, Home of Professional Open Source.
03: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
04: * as indicated by the @author tags. See the copyright.txt file in the
05: * distribution for a full listing of individual contributors.
06: *
07: * This is free software; you can redistribute it and/or modify it
08: * under the terms of the GNU Lesser General Public License as
09: * published by the Free Software Foundation; either version 2.1 of
10: * the License, or (at your option) any later version.
11: *
12: * This software is distributed in the hope that it will be useful,
13: * but WITHOUT ANY WARRANTY; without even the implied warranty of
14: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15: * Lesser General Public License for more details.
16: *
17: * You should have received a copy of the GNU Lesser General Public
18: * License along with this software; if not, write to the Free
19: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21: */
22: package org.jboss.mq.security;
23:
24: import java.util.Random;
25: import java.security.MessageDigest;
26: import java.security.NoSuchAlgorithmException;
27:
28: /**
29: * Generator of session id for ConnecttionToken.
30: *
31: * There should be nonguessabe and none repeting as long as the server is
32: * alive.
33: *
34: * This could by all mean be made much more secure!
35: *
36: * @author <a href="pra@tim.se">Peter Antman</a>
37: * @author <a href="hiram.chirino@jboss.org">Hiram Chirino</a>
38: * @version $Revision: 57198 $
39: */
40:
41: public class SessionIDGenerator {
42: int id = 0;
43:
44: public SessionIDGenerator() {
45:
46: }
47:
48: public String nextSessionId() throws NoSuchAlgorithmException {
49: int myid = -1;
50: synchronized (this ) {
51: myid = id;
52: id++;
53: }
54: String key = randString();
55: String data = randString();
56: MessageDigest md5 = java.security.MessageDigest
57: .getInstance("MD5");
58: md5.update(String.valueOf(myid).getBytes());
59: md5.update(data.getBytes());
60: md5.update(data.getBytes());
61: byte[] byteHash = md5.digest(key.getBytes());
62: return byteArrayToHexString(byteHash);
63: }
64:
65: String randString() {
66: Random r = new Random(System.currentTimeMillis());
67: return "" + r.nextLong();
68: }
69:
70: private final String byteArrayToHexString(byte[] byteArray) {
71: String res = "";
72: for (int i = 0; i < byteArray.length; i++) {
73: int x = byteArray[i];
74: if (x < 0)
75: x += 256;
76: String xs = Integer.toHexString(x);
77: while (xs.length() < 2)
78: xs = "0" + xs;
79: res += xs;
80: }
81: return res;
82: }
83:
84: public static void main(String[] args) throws Exception {
85: int rounds = 1000;
86: if (args.length == 1)
87: rounds = Integer.parseInt(args[0]);
88:
89: SessionIDGenerator gen = new SessionIDGenerator();
90: for (int i = 0; i < rounds; i++) {
91: System.out.println(gen.nextSessionId());
92: }
93: }
94:
95: } // SessionIDGenerator
|