pwd enc changes

src/main/java/com/iemr/common/config/encryption/SecurePassword.java

@@ -27,7 +27,6 @@
 import java.security.SecureRandom;
 import java.security.spec.InvalidKeySpecException;
 
-
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
 
@@ -36,7 +35,7 @@
 @Service
 public class SecurePassword {
 	public String generateStrongPassword(String password) throws NoSuchAlgorithmException, InvalidKeySpecException {
-		int iterations = 1000;
+		int iterations = 1001;
 		char[] chars = password.toCharArray();
 		byte[] salt = getSalt();
 
@@ -64,17 +63,76 @@ private String toHex(byte[] array) {
 		return hex;
 	}
 
-
+	public int validatePassword(String originalPassword, String storedPassword)
+			throws NoSuchAlgorithmException, InvalidKeySpecException {
+		int validCount = 0;
+		String[] parts = storedPassword.split(":");
+		int iterations = Integer.parseInt(parts[0]);
+		byte[] salt = fromHex(parts[1]);
+		byte[] hash = fromHex(parts[2]);
+		if (iterations == 1000) {
+			PBEKeySpec spec = new PBEKeySpec(originalPassword.toCharArray(), salt, 1000, hash.length * 8);
+			SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+			byte[] testHash = skf.generateSecret(spec).getEncoded();
+			int diff = hash.length ^ testHash.length;
+			for (int i = 0; (i < hash.length) && (i < testHash.length); i++) {
+				diff |= hash[i] ^ testHash[i];
+			}
+			if (diff == 0) {
+				// return 1 if using SHA1 algorithm to execute save and login Operation
+				validCount = 1;
+				return validCount;
+			} else {
+				PBEKeySpec spec1 = new PBEKeySpec(originalPassword.toCharArray(), salt, iterations, hash.length * 8);
+				SecretKeyFactory skf1 = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");
+				byte[] testHash1 = skf1.generateSecret(spec1).getEncoded();
 
-	public boolean validatePassword(String originalPassword, String storedPassword)
+				int diff1 = hash.length ^ testHash1.length;
+				for (int i = 0; (i < hash.length) && (i < testHash1.length); i++) {
+					diff1 |= hash[i] ^ testHash1[i];
+				}
+				if (diff1 == 0) {
+					// return 2 if using SHA512 algorithm to execute login Operation
+					validCount = 2;
+					return validCount;
+				} else {
+					// return 0 if wrong password
+					validCount = 0;
+					return validCount;
+				}
+			}
+		}
+		if (iterations == 1001) {
+
+			PBEKeySpec spec = new PBEKeySpec(originalPassword.toCharArray(), salt, iterations, hash.length * 8);
+			SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");
+			byte[] testHash = skf.generateSecret(spec).getEncoded();
+
+			int diff = hash.length ^ testHash.length;
+			for (int i = 0; (i < hash.length) && (i < testHash.length); i++) {
+				diff |= hash[i] ^ testHash[i];
+			}
+			if (diff == 0) {
+				// return 3 if using SHA512 algorithm to execute login Operation
+				validCount = 3;
+				return validCount;
+			} else {
+				validCount = 0;
+				return validCount;
+			}
+		}
+		return validCount;
+	}
+
+	public boolean validatePasswordExisting(String originalPassword, String storedPassword)
 			throws NoSuchAlgorithmException, InvalidKeySpecException {
 		String[] parts = storedPassword.split(":");
 		int iterations = Integer.parseInt(parts[0]);
 		byte[] salt = fromHex(parts[1]);
 		byte[] hash = fromHex(parts[2]);
 
 		PBEKeySpec spec = new PBEKeySpec(originalPassword.toCharArray(), salt, iterations, hash.length * 8);
-		SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");
+		SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
 		byte[] testHash = skf.generateSecret(spec).getEncoded();
 
 		int diff = hash.length ^ testHash.length;

src/main/java/com/iemr/common/controller/users/IEMRAdminController.java

@@ -21,6 +21,8 @@
 */
 package com.iemr.common.controller.users;
 
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.Iterator;
@@ -36,6 +38,7 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -334,33 +337,33 @@ public String superUserAuthenticate(
 		return response.toString();
 	}
 
-	@CrossOrigin()
-	@ApiOperation(value = "User authentication V1")
-	@RequestMapping(value = "/userAuthenticateV1", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON)
-	public String userAuthenticateV1(
-			@ApiParam(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"password\\\":\\\"String\\\"}\"") @RequestBody LoginRequestModel loginRequest,
-			HttpServletRequest request) {
-		OutputResponse response = new OutputResponse();
-		logger.info("userAuthenticate request ");
-		try {
-
-			String remoteAddress = request.getHeader("X-FORWARDED-FOR");
-			if (remoteAddress == null || remoteAddress.trim().length() == 0) {
-				remoteAddress = request.getRemoteAddr();
-			}
-			LoginResponseModel resp = iemrAdminUserServiceImpl.userAuthenticateV1(loginRequest, remoteAddress,
-					request.getRemoteHost());
-			JSONObject responseObj = new JSONObject(OutputMapper.gsonWithoutExposeRestriction().toJson(resp));
-			responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress,
-					request.getRemoteHost());
-			response.setResponse(responseObj.toString());
-		} catch (Exception e) {
-			logger.error("userAuthenticate failed with error " + e.getMessage(), e);
-			response.setError(e);
-		}
-		logger.info("userAuthenticate response " + response.toString());
-		return response.toString();
-	}
+//	@CrossOrigin()
+//	@ApiOperation(value = "User authentication V1")
+//	@RequestMapping(value = "/userAuthenticateV1", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON)
+//	public String userAuthenticateV1(
+//			@ApiParam(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"password\\\":\\\"String\\\"}\"") @RequestBody LoginRequestModel loginRequest,
+//			HttpServletRequest request) {
+//		OutputResponse response = new OutputResponse();
+//		logger.info("userAuthenticate request ");
+//		try {
+//
+//			String remoteAddress = request.getHeader("X-FORWARDED-FOR");
+//			if (remoteAddress == null || remoteAddress.trim().length() == 0) {
+//				remoteAddress = request.getRemoteAddr();
+//			}
+//			LoginResponseModel resp = iemrAdminUserServiceImpl.userAuthenticateV1(loginRequest, remoteAddress,
+//					request.getRemoteHost());
+//			JSONObject responseObj = new JSONObject(OutputMapper.gsonWithoutExposeRestriction().toJson(resp));
+//			responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress,
+//					request.getRemoteHost());
+//			response.setResponse(responseObj.toString());
+//		} catch (Exception e) {
+//			logger.error("userAuthenticate failed with error " + e.getMessage(), e);
+//			response.setError(e);
+//		}
+//		logger.info("userAuthenticate response " + response.toString());
+//		return response.toString();
+//	}
 
 	@CrossOrigin()
 	@ApiOperation(value = "Get login response")
@@ -472,15 +475,24 @@ public String changePassword(
 				throw new IEMRException("Change password failed with error as user is not available");
 			}
 			try {
-				if (!securePassword.validatePassword(changePassword.getPassword(), mUsers.get(0).getPassword())) {
-					throw new IEMRException("Change password failed with error as old password is incorrect");
+				int validatePassword;
+				validatePassword = securePassword.validatePassword(changePassword.getPassword(),
+						mUsers.get(0).getPassword());
+				if (validatePassword == 1) {
+					User mUser = mUsers.get(0);
+					noOfRowUpdated = iemrAdminUserServiceImpl.setForgetPassword(mUser, changePassword.getNewPassword(),
+							changePassword.getTransactionId(), changePassword.getIsAdmin());
+
+				} else if (validatePassword == 2) {
+					User mUser = mUsers.get(0);
+					noOfRowUpdated = iemrAdminUserServiceImpl.setForgetPassword(mUser, changePassword.getNewPassword(),
+							changePassword.getTransactionId(), changePassword.getIsAdmin());
+
 				}
 			} catch (Exception e) {
-				throw new IEMRException("Change password failed with error as old password is incorrect");
+				throw new IEMRException(e.getMessage());
 			}
-			User mUser = mUsers.get(0);
-			noOfRowUpdated = iemrAdminUserServiceImpl.setForgetPassword(mUser, changePassword.getNewPassword(),
-					changePassword.getTransactionId(), changePassword.getIsAdmin());
+
 			if (noOfRowUpdated > 0) {
 				changeReqResult = "Password SuccessFully Change";
 			} else {
@@ -859,4 +871,6 @@ public String validateSecurityQuestionAndAnswer(
 		return response.toString();
 	}
 
+
+
 }

src/main/java/com/iemr/common/repository/users/IEMRUserRepositoryCustom.java

@@ -74,5 +74,8 @@ public interface IEMRUserRepositoryCustom extends CrudRepository<User, Long> {
 	@Query("SELECT u FROM UserSecurityQMapping u WHERE u.UserID=:UserID AND u.QuestionID=:QuestionID AND u.Answers=:Answers")
 	UserSecurityQMapping verifySecurityQuestionAnswers(@Param("UserID") Long UserID,
 			@Param("QuestionID") String QuestionID, @Param("Answers") String Answers);
+
+	@Query("SELECT u FROM User u WHERE u.userID=5718")
+	User getAllExistingUsers();
 
 }

src/main/java/com/iemr/common/service/users/IEMRAdminUserService.java

@@ -114,6 +114,8 @@ public List<ServiceRoleScreenMapping> getUserServiceRoleMappingForProvider(Integ
 
 	String generateTransactionIdForPasswordChange(User user) throws Exception;
 
+
+
 
 
 }