remove unused C/R libraries

pom.xml

@@ -43,7 +43,6 @@
     </properties>
 
     <modules>
-        <module>pwm-cr</module>
         <module>server</module>
         <module>client</module>
         <module>webapp</module>

pwm-cr/pom.xml

@@ -1,115 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-    <parent>
-        <groupId>org.pwm-project</groupId>
-        <artifactId>pwm-parent</artifactId>
-        <version>2.0.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
-    </parent>
-
-    <modelVersion>4.0.0</modelVersion>
-
-    <artifactId>pwm-cr</artifactId>
-    <packaging>jar</packaging>
-
-    <name>PWM Password Self Service: Challenge/Response JAR</name>
-
-    <description>Library for managing challenge/response security policies, stored data, and validation</description>
-
-    <dependencies>
-        <dependency>
-            <groupId>com.google.code.gson</groupId>
-            <artifactId>gson</artifactId>
-            <version>2.8.6</version>
-        </dependency>
-        <dependency>
-            <groupId>org.jdom</groupId>
-            <artifactId>jdom2</artifactId>
-            <version>2.0.6</version>
-        </dependency>
-        <dependency>
-            <groupId>log4j</groupId>
-            <artifactId>log4j</artifactId>
-            <version>1.2.17</version>
-        </dependency>
-        <dependency>
-            <groupId>net.iharder</groupId>
-            <artifactId>base64</artifactId>
-            <version>2.3.9</version>
-        </dependency>
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcpkix-jdk15on</artifactId>
-            <version>1.66</version>
-        </dependency>
-    </dependencies>
-
-    <build>
-        <resources>
-            <resource>
-                <directory>src/main/resources</directory>
-                <filtering>true</filtering>
-            </resource>
-            <resource>
-                <directory>src/main/java</directory> <!-- include the src in the main output jar -->
-                <targetPath>src</targetPath>
-            </resource>
-        </resources>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-jar-plugin</artifactId>
-                <version>3.2.0</version>
-                <configuration>
-                    <archive>
-                        <manifestEntries>
-                            <Implementation-Archive-Name>pwm.jar</Implementation-Archive-Name>
-                            <Implementation-Title>${project.name}</Implementation-Title>
-                            <Implementation-Version>${project.version}</Implementation-Version>
-                            <Implementation-Vendor>${project.organization.name}</Implementation-Vendor>
-                            <Implementation-URL>${project.organization.url}</Implementation-URL>
-                            <Implementation-Build-Java-Vendor>${java.vendor}</Implementation-Build-Java-Vendor>
-                            <Implementation-Build-Java-Version>${java.version}</Implementation-Build-Java-Version>
-                            <Implementation-Build>${build.number}</Implementation-Build>
-                            <Implementation-Revision>${build.revision}</Implementation-Revision>
-                            <Implementation-Version-Display>v${project.version} b${build.number} r${build.revision}</Implementation-Version-Display>
-                            <SCM-Git-Branch>${git.branch}</SCM-Git-Branch>
-                            <SCM-Git-Commit-ID>${git.commit.id}</SCM-Git-Commit-ID>
-                            <SCM-Git-Commit-ID-Abbrev>${git.commit.id.abbrev}</SCM-Git-Commit-ID-Abbrev>
-                            <SCM-Git-Commit-ID-Description>${git.commit.id.describe}</SCM-Git-Commit-ID-Description>
-                            <SCM-Git-Commit-Timestamp>${git.commit.time}</SCM-Git-Commit-Timestamp>
-                            <SCM-Git-Commit-Dirty>${git.dirty}</SCM-Git-Commit-Dirty>
-                        </manifestEntries>
-                    </archive>
-                </configuration>
-            </plugin>
-        </plugins>
-    </build>
-
-    <profiles>
-    </profiles>
-
-    <distributionManagement>
-        <snapshotRepository>
-            <id>ossrh</id>
-            <url>https://oss.sonatype.org/content/repositories/snapshots</url>
-        </snapshotRepository>
-    </distributionManagement>
-
-    <developers>
-        <developer>
-            <name>Jason Rivard</name>
-            <email>https://github.com/jrivard</email>
-            <organization>LDAP Chai</organization>
-            <organizationUrl>https://github.com/ldapchai/</organizationUrl>
-        </developer>
-    </developers>
-
-    <scm>
-        <connection>scm:git:git@github.com:ldapchai/chaiCR.git</connection>
-        <developerConnection>scm:git:git@github.com:ldapchai/chaiCR.git</developerConnection>
-        <url>git@github.com:ldapchai/chaiCR.git</url>
-    </scm>
-
-</project>

pwm-cr/src/main/java/password/pwm/cr/ChaiXmlResponseSetSerializer.java

@@ -1,413 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-import net.iharder.Base64;
-import org.jdom2.Attribute;
-import org.jdom2.DataConversionException;
-import org.jdom2.Document;
-import org.jdom2.Element;
-import org.jdom2.JDOMException;
-import org.jdom2.Text;
-import org.jdom2.input.SAXBuilder;
-import org.jdom2.output.Format;
-import org.jdom2.output.XMLOutputter;
-import password.pwm.cr.api.StoredChallengeItem;
-import password.pwm.cr.api.StoredResponseItem;
-import password.pwm.cr.api.StoredResponseSet;
-import password.pwm.cr.api.ResponseLevel;
-
-import java.io.IOException;
-import java.io.Reader;
-import java.io.Writer;
-import java.nio.charset.StandardCharsets;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.text.ParseException;
-import java.time.Instant;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-
-public class ChaiXmlResponseSetSerializer
-{
-
-    public enum Type
-    {
-        USER,
-        HELPDESK,
-    }
-
-    static final String SALT_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-
-    static final String XML_NODE_ROOT = "ResponseSet";
-    static final String XML_ATTRIBUTE_MIN_RANDOM_REQUIRED = "minRandomRequired";
-    static final String XML_ATTRIBUTE_LOCALE = "locale";
-
-
-    static final String XML_NODE_RESPONSE = "response";
-    static final String XML_NODE_HELPDESK_RESPONSE = "helpdesk-response";
-    static final String XML_NODE_CHALLENGE = "challenge";
-    static final String XML_NODE_ANSWER_VALUE = "answer";
-
-    static final String XML_ATTRIBUTE_VERSION = "version";
-    static final String XML_ATTRIBUTE_CHAI_VERSION = "chaiVersion";
-    static final String XML_ATTRIBUTE_ADMIN_DEFINED = "adminDefined";
-    static final String XML_ATTRIBUTE_REQUIRED = "required";
-    static final String XML_ATTRIBUTE_HASH_COUNT = "hashcount";
-    static final String XML_ATTRIBUTE_CONTENT_FORMAT = "format";
-    static final String XML_ATTRIBUTE_SALT = "salt";
-    static final String XNL_ATTRIBUTE_MIN_LENGTH = "minLength";
-    static final String XNL_ATTRIBUTE_MAX_LENGTH = "maxLength";
-    static final String XML_ATTRIBUTE_CASE_INSENSITIVE = "caseInsensitive";
-
-    // identifier from challenge set.
-    static final String XML_ATTRIBUTE_CHALLENGE_SET_IDENTIFER = "challengeSetID";
-    static final String XML_ATTRIBUTE_TIMESTAMP = "time";
-
-    static final String VALUE_VERSION = "pwmCR-1";
-
-
-    public StoredResponseSet read( final Reader input, final Type type )
-    {
-        final Map<Type, StoredResponseSet> values = read( input );
-        return values.get( type );
-    }
-
-    public Map<Type, StoredResponseSet> read( final Reader input )
-    {
-        if ( input == null )
-        {
-            throw new NullPointerException( "input can not be null" );
-        }
-        final List<StoredChallengeItem> crMap = new ArrayList<>();
-        final List<StoredChallengeItem> helpdeskCrMap = new ArrayList<>();
-        final int minRandRequired;
-        final Attribute localeAttr;
-        boolean caseInsensitive = false;
-        String csIdentifier = null;
-        Instant timestamp = null;
-
-        try
-        {
-            final SAXBuilder builder = new SAXBuilder();
-            final Document doc = builder.build( input );
-            final Element rootElement = doc.getRootElement();
-            minRandRequired = rootElement.getAttribute( XML_ATTRIBUTE_MIN_RANDOM_REQUIRED ).getIntValue();
-            localeAttr = rootElement.getAttribute( XML_ATTRIBUTE_LOCALE );
-
-            {
-                final Attribute caseAttr = rootElement.getAttribute( XML_ATTRIBUTE_CASE_INSENSITIVE );
-                if ( caseAttr != null && caseAttr.getBooleanValue() )
-                {
-                    caseInsensitive = true;
-                }
-            }
-
-            {
-                final Attribute csIdentiferAttr = rootElement.getAttribute( XML_ATTRIBUTE_CHALLENGE_SET_IDENTIFER );
-                if ( csIdentiferAttr != null )
-                {
-                    csIdentifier = csIdentiferAttr.getValue();
-                }
-            }
-
-            {
-                final Attribute timeAttr = rootElement.getAttribute( XML_ATTRIBUTE_TIMESTAMP );
-                if ( timeAttr != null )
-                {
-                    final String timeStr = timeAttr.getValue();
-                    try
-                    {
-                        timestamp = CrUtils.parseDateString( timeStr );
-                    }
-                    catch ( final ParseException e )
-                    {
-                        throw new IllegalArgumentException( "unexpected error attempting to parse timestamp: " + e.getMessage() );
-                    }
-                }
-            }
-
-            for ( final Element loopResponseElement : rootElement.getChildren() )
-            {
-                final Type type = XML_NODE_HELPDESK_RESPONSE.equals( loopResponseElement.getName() )
-                        ? Type.HELPDESK
-                        : XML_NODE_RESPONSE.equals( loopResponseElement.getName() )
-                        ? Type.USER
-                        : null;
-                if ( type != null )
-                {
-                    final StoredResponseItem storedResponseItem = parseAnswerElement( loopResponseElement.getChild( XML_NODE_ANSWER_VALUE ) );
-                    if ( storedResponseItem != null )
-                    {
-                        final StoredChallengeItem storedChallengeItem = parseResponseElement( loopResponseElement, storedResponseItem );
-                        switch ( type )
-                        {
-                            case USER:
-                                crMap.add( storedChallengeItem );
-                                break;
-
-                            case HELPDESK:
-                                helpdeskCrMap.add( storedChallengeItem );
-                                break;
-
-                            default:
-                                throw new IllegalStateException( "unknown response type '" + type + '\'' );
-
-                        }
-                    }
-                }
-            }
-        }
-        catch ( final JDOMException | IOException | NullPointerException e )
-        {
-            throw new IllegalArgumentException( "error parsing stored response record: " + e.getMessage() );
-        }
-
-        final String strLocale = localeAttr != null ? localeAttr.getValue() : null;
-
-
-        final Map<Type, StoredResponseSet> returnMap = new HashMap<>();
-        {
-            final StoredResponseSet userResponseSet = StoredResponseSet.builder()
-                    .id( csIdentifier )
-                    .caseSensitive( !caseInsensitive )
-                    .minRandomsDuringResponse( minRandRequired )
-                    .storedChallengeItems( Collections.unmodifiableList( crMap ) )
-                    .locale( strLocale )
-                    .timestamp( timestamp )
-                    .build();
-            returnMap.put( Type.USER, userResponseSet );
-        }
-
-        {
-            final StoredResponseSet helpdeskStoredResponseSet = StoredResponseSet.builder()
-                    .id( csIdentifier )
-                    .caseSensitive( !caseInsensitive )
-                    .minRandomsDuringResponse( minRandRequired )
-                    .storedChallengeItems( Collections.unmodifiableList( helpdeskCrMap ) )
-                    .locale( strLocale )
-                    .timestamp( timestamp )
-                    .build();
-            returnMap.put( Type.HELPDESK, helpdeskStoredResponseSet );
-        }
-
-
-        return Collections.unmodifiableMap( returnMap );
-    }
-
-    private static String elementNameForType( final Type type )
-    {
-        switch ( type )
-        {
-            case USER:
-                return XML_NODE_RESPONSE;
-
-            case HELPDESK:
-                return XML_NODE_HELPDESK_RESPONSE;
-
-            default:
-                throw new IllegalArgumentException( "unknown type '" + type + '\'' );
-        }
-    }
-
-    private static StoredChallengeItem parseResponseElement(
-            final Element responseElement,
-            final StoredResponseItem storedResponseItem
-    )
-
-            throws DataConversionException
-    {
-        /*
-        final boolean adminDefined = responseElement.getAttribute( XML_ATTRIBUTE_ADMIN_DEFINED ) != null
-                && responseElement.getAttribute( XML_ATTRIBUTE_ADMIN_DEFINED ).getBooleanValue();
-
-        final int minLength = responseElement.getAttribute( XNL_ATTRIBUTE_MIN_LENGTH ) == null
-                ? 0
-                : responseElement.getAttribute( XNL_ATTRIBUTE_MIN_LENGTH ).getIntValue();
-
-        final int maxLength = responseElement.getAttribute( XNL_ATTRIBUTE_MAX_LENGTH ) == null
-                ? 0
-                : responseElement.getAttribute( XNL_ATTRIBUTE_MAX_LENGTH ).getIntValue();
-
-                */
-
-        final boolean required = responseElement.getAttribute( XML_ATTRIBUTE_REQUIRED ) != null
-                && responseElement.getAttribute( XML_ATTRIBUTE_REQUIRED ).getBooleanValue();
-
-        final String challengeText = responseElement.getChild( XML_NODE_CHALLENGE ) == null
-                ? ""
-                : responseElement.getChild( XML_NODE_CHALLENGE ).getText();
-
-        return StoredChallengeItem.builder()
-                .responseLevel( required ? ResponseLevel.REQUIRED : ResponseLevel.RANDOM )
-                .questionText( challengeText )
-                .id( makeId( challengeText ) )
-                .answer( storedResponseItem )
-                .build();
-    }
-
-    private static StoredResponseItem parseAnswerElement( final Element element )
-    {
-        final String answerValue = element.getText();
-        final String salt = element.getAttribute( XML_ATTRIBUTE_SALT ) == null ? "" : element.getAttribute( XML_ATTRIBUTE_SALT ).getValue();
-        final String hashCount = element.getAttribute( XML_ATTRIBUTE_HASH_COUNT ) == null ? "1" : element.getAttribute( XML_ATTRIBUTE_HASH_COUNT ).getValue();
-        int saltCount = 1;
-
-        try
-        {
-            saltCount = Integer.parseInt( hashCount );
-        }
-        catch ( final NumberFormatException e )
-        {
-            /* noop */
-        }
-
-        final String formatStr = element.getAttributeValue( XML_ATTRIBUTE_CONTENT_FORMAT ) == null ? "" : element.getAttributeValue( XML_ATTRIBUTE_CONTENT_FORMAT );
-
-        return StoredResponseItem.builder()
-                .format( formatStr )
-                .salt( salt )
-                .hash( answerValue )
-                .iterations( saltCount )
-                .build();
-    }
-
-    private static String makeId(
-            final String questionText
-    )
-            throws IllegalStateException
-    {
-        final MessageDigest md;
-        try
-        {
-            md = MessageDigest.getInstance( "SHA1" );
-            final byte[] hashedBytes = md.digest( questionText.getBytes( StandardCharsets.UTF_8 ) );
-            return net.iharder.Base64.encodeBytes( hashedBytes, Base64.URL_SAFE );
-        }
-        catch ( final NoSuchAlgorithmException | IOException e )
-        {
-            throw new IllegalStateException( "unable to load SHA1 message digest algorithm: " + e.getMessage() );
-        }
-    }
-
-
-    public void write( final Writer writer, final Map<Type, StoredResponseSet> responseSets ) throws IOException
-    {
-        final StoredResponseSet rs = responseSets.get( Type.USER );
-        if ( rs == null )
-        {
-            throw new IllegalArgumentException( "responseSet must contain user type responses" );
-        }
-
-        final Element rootElement = new Element( XML_NODE_ROOT );
-        rootElement.setAttribute( XML_ATTRIBUTE_MIN_RANDOM_REQUIRED, String.valueOf( rs.getMinRandomsDuringResponse() ) );
-        rootElement.setAttribute( XML_ATTRIBUTE_LOCALE, rs.getLocale().toString() );
-        rootElement.setAttribute( XML_ATTRIBUTE_VERSION, VALUE_VERSION );
-        rootElement.setAttribute( XML_ATTRIBUTE_CHAI_VERSION, VALUE_VERSION );
-
-        if ( !rs.isCaseSensitive() )
-        {
-            rootElement.setAttribute( XML_ATTRIBUTE_CASE_INSENSITIVE, "true" );
-        }
-
-        if ( rs.getId() != null )
-        {
-            rootElement.setAttribute( XML_ATTRIBUTE_CHALLENGE_SET_IDENTIFER, rs.getId() );
-        }
-
-        if ( rs.getTimestamp() != null )
-        {
-            rootElement.setAttribute( XML_ATTRIBUTE_TIMESTAMP, CrUtils.formatDateString( rs.getTimestamp() ) );
-        }
-
-        attachChallenges( rootElement, rs.getStoredChallengeItems(), Type.USER );
-        if ( responseSets.containsKey( Type.HELPDESK ) )
-        {
-            final List<StoredChallengeItem> helpdeskChallengeItems = responseSets.get( Type.HELPDESK ).getStoredChallengeItems();
-            attachChallenges( rootElement, helpdeskChallengeItems, Type.HELPDESK );
-        }
-
-
-        final Document doc = new Document( rootElement );
-        final XMLOutputter outputter = new XMLOutputter();
-        final Format format = Format.getRawFormat();
-        format.setTextMode( Format.TextMode.PRESERVE );
-        format.setLineSeparator( "" );
-        outputter.setFormat( format );
-        outputter.output( doc, writer );
-    }
-
-    private static void attachChallenges(
-            final Element parentElement,
-            final List<StoredChallengeItem> storedChallengeItems,
-            final Type type
-    )
-    {
-        if ( storedChallengeItems == null )
-        {
-            return;
-        }
-
-        for ( final StoredChallengeItem storedChallengeItem : storedChallengeItems )
-        {
-            final StoredResponseItem storedResponseItem = storedChallengeItem.getAnswer();
-            final String responseElementName = elementNameForType( type );
-            final Element responseElement = challengeToXml( storedChallengeItem, storedResponseItem, responseElementName );
-            parentElement.addContent( responseElement );
-        }
-    }
-
-    private static Element challengeToXml(
-            final StoredChallengeItem loopChallenge,
-            final StoredResponseItem answer,
-            final String elementName
-    )
-    {
-        final Element responseElement = new Element( elementName );
-        responseElement.addContent( new Element( XML_NODE_CHALLENGE ).addContent( new Text( loopChallenge.getQuestionText() ) ) );
-        final Element answerElement = answerToXml( loopChallenge.getAnswer() );
-        responseElement.addContent( answerElement );
-        responseElement.setAttribute( XML_ATTRIBUTE_REQUIRED, Boolean.toString( loopChallenge.getResponseLevel() == ResponseLevel.REQUIRED ) );
-        return responseElement;
-    }
-
-    private static Element answerToXml( final StoredResponseItem storedResponseItem )
-    {
-        final Element answerElement = new Element( XML_NODE_ANSWER_VALUE );
-        answerElement.setText( storedResponseItem.getHash() );
-        if ( storedResponseItem.getSalt() != null && !storedResponseItem.getSalt().isEmpty() )
-        {
-            answerElement.setAttribute( XML_ATTRIBUTE_SALT, storedResponseItem.getSalt() );
-        }
-        answerElement.setAttribute( XML_ATTRIBUTE_CONTENT_FORMAT, storedResponseItem.getFormat() );
-        if ( storedResponseItem.getIterations() > 1 )
-        {
-            answerElement.setAttribute( XML_ATTRIBUTE_HASH_COUNT, String.valueOf( storedResponseItem.getIterations() ) );
-        }
-        return answerElement;
-    }
-
-
-}

pwm-cr/src/main/java/password/pwm/cr/CrUtils.java

@@ -1,47 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-
-package password.pwm.cr;
-
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.time.Instant;
-import java.util.TimeZone;
-
-@SuppressWarnings( "checkstyle:MultipleStringLiterals" )
-public class CrUtils
-{
-    static final String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss Z";
-
-    static Instant parseDateString( final String input ) throws ParseException
-    {
-        final SimpleDateFormat dateFormatter = new SimpleDateFormat( DATE_FORMAT );
-        dateFormatter.setTimeZone( TimeZone.getTimeZone( "Zulu" ) );
-        return dateFormatter.parse( input ).toInstant();
-    }
-
-    static String formatDateString( final Instant input )
-    {
-        final SimpleDateFormat dateFormatter = new SimpleDateFormat( DATE_FORMAT );
-        dateFormatter.setTimeZone( TimeZone.getTimeZone( "Zulu" ) );
-        return dateFormatter.format( input );
-    }
-}

pwm-cr/src/main/java/password/pwm/cr/JsonStoredResponseSerializer.java

@@ -1,25 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-public class JsonStoredResponseSerializer
-{
-}

pwm-cr/src/main/java/password/pwm/cr/StoredItemUtils.java

@@ -1,54 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-import password.pwm.cr.api.ResponseLevel;
-import password.pwm.cr.api.StoredChallengeItem;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-public final class StoredItemUtils
-{
-
-    private StoredItemUtils( )
-    {
-    }
-
-    public static List<StoredChallengeItem> filterStoredChallenges(
-            final List<StoredChallengeItem> input,
-            final ResponseLevel responseLevel )
-    {
-        final List<StoredChallengeItem> returnList = new ArrayList<>();
-        if ( input != null )
-        {
-            for ( final StoredChallengeItem storedChallengeItem : input )
-            {
-                if ( storedChallengeItem.getResponseLevel() == responseLevel )
-                {
-                    returnList.add( storedChallengeItem );
-                }
-            }
-        }
-        return Collections.unmodifiableList( returnList );
-    }
-}

pwm-cr/src/main/java/password/pwm/cr/api/ChallengeItemPolicy.java

@@ -1,89 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.api;
-
-import lombok.Builder;
-import lombok.Value;
-
-import java.io.Serializable;
-
-@Builder
-@Value
-public class ChallengeItemPolicy implements Serializable
-{
-    @Builder.Default
-    private final String questionText = "";
-
-    @Builder.Default
-    private int minLength = 1;
-
-    @Builder.Default
-    private int maxLength = 255;
-
-    @Builder.Default
-    private int maxQuestionCharsInAnswer = 0;
-
-    @Builder.Default
-    private boolean enforceWordList = false;
-
-    @Builder.Default
-    private QuestionSource questionSource = QuestionSource.ADMIN_DEFINED;
-
-    @Builder.Default
-    private ResponseLevel responseLevel = ResponseLevel.REQUIRED;
-
-    public void validate( ) throws IllegalArgumentException
-    {
-        if ( questionSource == null )
-        {
-            throw new IllegalArgumentException( "questionSource can not be null" );
-        }
-
-        if ( responseLevel == null )
-        {
-            throw new IllegalArgumentException( "responseLevel can not be null" );
-        }
-
-        if ( questionText == null || questionText.isEmpty() )
-        {
-            if ( questionSource == QuestionSource.ADMIN_DEFINED )
-            {
-                throw new IllegalArgumentException( "questionText is required when questionSource is "
-                        + QuestionSource.ADMIN_DEFINED.toString() );
-            }
-        }
-
-        if ( minLength < 1 )
-        {
-            throw new IllegalArgumentException( "minLength must be greater than zero" );
-        }
-
-        if ( maxLength < 1 )
-        {
-            throw new IllegalArgumentException( "maxLength must be greater than zero" );
-        }
-
-        if ( maxQuestionCharsInAnswer < 0 )
-        {
-            throw new IllegalArgumentException( "maxQuestionCharsInAnswer must be zero or greater" );
-        }
-    }
-}

pwm-cr/src/main/java/password/pwm/cr/api/ChallengeSetPolicy.java

@@ -1,44 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.api;
-
-import lombok.Builder;
-import lombok.Value;
-
-import java.io.Serializable;
-import java.util.List;
-
-@Value
-@Builder
-public class ChallengeSetPolicy implements Serializable
-{
-    private String id;
-
-    private String locale;
-
-    private List<ChallengeItemPolicy> challengeItemPolicies;
-
-    private int minRandomsDuringResponse;
-
-    private int minRandomsDuringSetup;
-
-    private boolean caseSensitive;
-}

pwm-cr/src/main/java/password/pwm/cr/api/QuestionSource.java

@@ -1,27 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.api;
-
-public enum QuestionSource
-{
-    ADMIN_DEFINED,
-    USER_DEFINED,
-}

pwm-cr/src/main/java/password/pwm/cr/api/ResponseLevel.java

@@ -1,27 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.api;
-
-public enum ResponseLevel
-{
-    REQUIRED,
-    RANDOM,
-}

pwm-cr/src/main/java/password/pwm/cr/api/StoredChallengeItem.java

@@ -1,36 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.api;
-
-import lombok.Builder;
-import lombok.Value;
-
-import java.io.Serializable;
-
-@Value
-@Builder
-public class StoredChallengeItem implements Serializable
-{
-    private String id;
-    private String questionText;
-    private ResponseLevel responseLevel;
-    private StoredResponseItem answer;
-}

pwm-cr/src/main/java/password/pwm/cr/api/StoredResponseItem.java

@@ -1,38 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.api;
-
-import lombok.Builder;
-import lombok.Value;
-
-import java.io.Serializable;
-
-@Value
-@Builder
-public class StoredResponseItem implements Serializable
-{
-    private String format;
-    private String hash;
-    private String salt;
-
-    /** Number of hash iterations. */
-    private final int iterations;
-}

pwm-cr/src/main/java/password/pwm/cr/api/StoredResponseSet.java

@@ -1,40 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.api;
-
-import lombok.Builder;
-import lombok.Value;
-
-import java.io.Serializable;
-import java.time.Instant;
-import java.util.List;
-
-@Value
-@Builder
-public class StoredResponseSet implements Serializable
-{
-    private String id;
-    private String locale;
-    private List<StoredChallengeItem> storedChallengeItems;
-    private int minRandomsDuringResponse;
-    private boolean caseSensitive;
-    private Instant timestamp;
-}

pwm-cr/src/main/java/password/pwm/cr/hash/AbstractHashMachine.java

@@ -1,51 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-public abstract class AbstractHashMachine implements ResponseHashMachineSpi
-{
-    private final Map<String, String> parameters = new HashMap<>();
-
-    public void init( final Map<String, String> parameters )
-    {
-
-    }
-
-    public Map<String, String> defaultParameters( )
-    {
-        return null;
-    }
-
-    Map<String, String> effectiveParameters( )
-    {
-        return Collections.unmodifiableMap( parameters );
-    }
-
-    protected boolean isCaseSensative( )
-    {
-        return effectiveParameters().containsKey( HashParameter.caseSensitive.toString() )
-                && Boolean.parseBoolean( effectiveParameters().get( HashParameter.caseSensitive.toString() ) );
-    }
-}

pwm-cr/src/main/java/password/pwm/cr/hash/HashFactory.java

@@ -1,74 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-import password.pwm.cr.api.StoredResponseItem;
-
-import java.util.Map;
-
-public class HashFactory
-{
-    StoredResponseItem responseItemForRawValue(
-            final String response,
-            final ResponseHashAlgorithm responseHashAlgorithm,
-            final Map<HashParameter, String> parameters
-
-    )
-    {
-        return null;
-    }
-
-    public static boolean testResponseItem(
-            final StoredResponseItem storedResponseItem,
-            final String answer
-    )
-    {
-        final ResponseHashMachine responseHashMachine = machineForStoredResponse( storedResponseItem );
-        return responseHashMachine.test( storedResponseItem, answer );
-    }
-
-
-    private static ResponseHashMachine machineForStoredResponse( final StoredResponseItem storedResponseItem )
-    {
-        final String algName = storedResponseItem.getFormat();
-        final ResponseHashAlgorithm alg;
-        try
-        {
-            alg = ResponseHashAlgorithm.valueOf( algName );
-        }
-        catch ( final IllegalArgumentException e )
-        {
-            throw new IllegalArgumentException( "unknown format type '" + algName + "'" );
-        }
-        final Class algClass = alg.getImplementingClass();
-        final ResponseHashMachineSpi responseHashMachine;
-        try
-        {
-            responseHashMachine = ( ResponseHashMachineSpi ) algClass.newInstance();
-        }
-        catch ( final Exception e )
-        {
-            throw new IllegalStateException( "unexpected error instantiating response hash machine spi class: " + e.getMessage() );
-        }
-        responseHashMachine.init( alg );
-        return responseHashMachine;
-    }
-}

pwm-cr/src/main/java/password/pwm/cr/hash/HashParameter.java

@@ -1,44 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public enum HashParameter
-{
-    iterations,
-    outputLength,
-    saltLength,
-    caseSensitive,;
-
-    static Map<String, String> untypedParamMap( final Map<HashParameter, String> parameters )
-    {
-        final Map<String, String> returnMap = new HashMap<>();
-        for ( final Map.Entry<HashParameter, String> entry : parameters.entrySet() )
-        {
-            final HashParameter key = entry.getKey();
-            final String value = entry.getValue();
-            returnMap.put( key.toString(), value );
-        }
-        return returnMap;
-    }
-}

pwm-cr/src/main/java/password/pwm/cr/hash/PBKDF2HashMachine.java

@@ -1,126 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-import net.iharder.Base64;
-import password.pwm.cr.api.StoredResponseItem;
-
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-import java.nio.charset.StandardCharsets;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-class PBKDF2HashMachine extends AbstractHashMachine implements ResponseHashMachineSpi
-{
-
-    private ResponseHashAlgorithm responseHashAlgorithm;
-
-    PBKDF2HashMachine( )
-    {
-    }
-
-    @Override
-    public void init( final ResponseHashAlgorithm responseHashAlgorithm )
-    {
-        this.responseHashAlgorithm = responseHashAlgorithm;
-        switch ( responseHashAlgorithm )
-        {
-            case PBKDF2:
-            case PBKDF2_SHA256:
-            case PBKDF2_SHA512:
-                break;
-
-            default:
-                throw new IllegalArgumentException( "implementation does not support hash algorithm " + responseHashAlgorithm );
-        }
-    }
-
-    @Override
-    public Map<String, String> defaultParameters( )
-    {
-        final Map<String, String> map = new HashMap<>();
-        map.put( HashParameter.caseSensitive.toString(), String.valueOf( false ) );
-        return Collections.unmodifiableMap( map );
-    }
-
-    @Override
-    public StoredResponseItem generate( final String input )
-    {
-        //@todo
-        return null;
-    }
-
-    @Override
-    public boolean test( final StoredResponseItem hashedResponse, final String input )
-    {
-        final String newHash = hashValue( input, hashedResponse.getIterations(), hashedResponse.getSalt() );
-        return newHash.equals( hashedResponse.getHash() );
-    }
-
-    private String hashValue( final String input, final int iterations, final String salt )
-    {
-        try
-        {
-            final PBEKeySpec spec;
-            final SecretKeyFactory skf;
-            {
-                final String methodName;
-                final int keyLength;
-                switch ( responseHashAlgorithm )
-                {
-                    case PBKDF2:
-                        methodName = "PBKDF2WithHmacSHA1";
-                        keyLength = 64 * 8;
-                        break;
-
-                    case PBKDF2_SHA256:
-                        methodName = "PBKDF2WithHmacSHA256";
-                        keyLength = 128 * 8;
-                        break;
-
-                    case PBKDF2_SHA512:
-                        methodName = "PBKDF2WithHmacSHA512";
-                        keyLength = 192 * 8;
-                        break;
-
-                    default:
-                        throw new IllegalStateException( "formatType not supported: " + responseHashAlgorithm.toString() );
-
-                }
-
-                final char[] chars = input.toCharArray();
-                final byte[] saltBytes = salt.getBytes( StandardCharsets.UTF_8 );
-
-                spec = new PBEKeySpec( chars, saltBytes, iterations, keyLength );
-                skf = SecretKeyFactory.getInstance( methodName );
-            }
-            final byte[] hash = skf.generateSecret( spec ).getEncoded();
-            return Base64.encodeBytes( hash );
-        }
-        catch ( final Exception e )
-        {
-            throw new IllegalStateException( "unable to perform PBKDF2 hashing operation: " + e.getMessage() );
-        }
-    }
-
-}

pwm-cr/src/main/java/password/pwm/cr/hash/ResponseHashAlgorithm.java

@@ -1,48 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-public enum ResponseHashAlgorithm
-{
-    TEXT( TextHashMachine.class ),
-    MD5( TypicalHashMachine.class ),
-    SHA1( TypicalHashMachine.class ),
-    SHA1_SALT( TypicalHashMachine.class ),
-    SHA256_SALT( TypicalHashMachine.class ),
-    SHA512_SALT( TypicalHashMachine.class ),
-    //    BCRYPT(),
-//    SCRYPT(),
-    PBKDF2( PBKDF2HashMachine.class ),
-    PBKDF2_SHA256( PBKDF2HashMachine.class ),
-    PBKDF2_SHA512( PBKDF2HashMachine.class ),;
-
-    private final Class<? extends ResponseHashMachineSpi> implementingClass;
-
-    ResponseHashAlgorithm( final Class<? extends ResponseHashMachineSpi> responseHashMachineSpi )
-    {
-        this.implementingClass = responseHashMachineSpi;
-    }
-
-    public Class<? extends ResponseHashMachineSpi> getImplementingClass( )
-    {
-        return implementingClass;
-    }
-}

pwm-cr/src/main/java/password/pwm/cr/hash/ResponseHashMachine.java

@@ -1,30 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-import password.pwm.cr.api.StoredResponseItem;
-
-public interface ResponseHashMachine
-{
-    StoredResponseItem generate( String input );
-
-    boolean test( StoredResponseItem storedResponseItem, String input );
-}

pwm-cr/src/main/java/password/pwm/cr/hash/ResponseHashMachineSpi.java

@@ -1,26 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-public interface ResponseHashMachineSpi extends ResponseHashMachine
-{
-    void init( ResponseHashAlgorithm algorithm );
-}

pwm-cr/src/main/java/password/pwm/cr/hash/TextHashMachine.java

@@ -1,65 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-import password.pwm.cr.api.StoredResponseItem;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-class TextHashMachine extends AbstractHashMachine implements ResponseHashMachineSpi
-{
-
-    TextHashMachine( )
-    {
-    }
-
-    @Override
-    public void init( final ResponseHashAlgorithm algorithm )
-    {
-
-    }
-
-    @Override
-    public Map<String, String> defaultParameters( )
-    {
-        final Map<String, String> defaultParamMap = new HashMap<>();
-        defaultParamMap.put( HashParameter.caseSensitive.toString(), Boolean.toString( false ) );
-        return Collections.unmodifiableMap( defaultParamMap );
-    }
-
-    @Override
-    public StoredResponseItem generate( final String input )
-    {
-        return null;
-    }
-
-    @Override
-    public boolean test( final StoredResponseItem hash, final String input )
-    {
-        if ( input == null || hash == null )
-        {
-            return false;
-        }
-        return false;
-    }
-}

pwm-cr/src/main/java/password/pwm/cr/hash/TypicalHashMachine.java

@@ -1,137 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr.hash;
-
-import net.iharder.Base64;
-import password.pwm.cr.api.StoredResponseItem;
-
-import java.nio.charset.StandardCharsets;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-@SuppressWarnings( "checkstyle:MultipleStringLiterals" )
-public class TypicalHashMachine extends AbstractHashMachine implements ResponseHashMachineSpi
-{
-
-    private static final Map<ResponseHashAlgorithm, String> SUPPORTED_FORMATS;
-
-    enum VERSION
-    {
-        // original version had bug where only one iteration was ever actually performed regardless of hashCount value
-        A,
-
-        // nominal working version
-        B,
-    }
-
-    static
-    {
-        final Map<ResponseHashAlgorithm, String> map = new HashMap<>();
-        map.put( ResponseHashAlgorithm.MD5, "MD5" );
-        map.put( ResponseHashAlgorithm.SHA1, "SHA1" );
-        map.put( ResponseHashAlgorithm.SHA1_SALT, "SHA1" );
-        map.put( ResponseHashAlgorithm.SHA256_SALT, "SHA-256" );
-        map.put( ResponseHashAlgorithm.SHA512_SALT, "SHA-512" );
-        SUPPORTED_FORMATS = Collections.unmodifiableMap( map );
-    }
-
-    private ResponseHashAlgorithm responseHashAlgorithm;
-
-    public TypicalHashMachine( )
-    {
-    }
-
-    @Override
-    public void init( final ResponseHashAlgorithm responseHashAlgorithm )
-    {
-        this.responseHashAlgorithm = responseHashAlgorithm;
-        if ( !SUPPORTED_FORMATS.containsKey( responseHashAlgorithm ) )
-        {
-            throw new IllegalArgumentException( "implementation does not support hash algorithm " + responseHashAlgorithm );
-        }
-    }
-
-    @Override
-    public Map<String, String> defaultParameters( )
-    {
-        final Map<String, String> map = new HashMap<>();
-        map.put( HashParameter.caseSensitive.toString(), String.valueOf( false ) );
-        return Collections.unmodifiableMap( map );
-    }
-
-    @Override
-    public StoredResponseItem generate( final String input )
-    {
-        //@todo
-        return null;
-    }
-
-    @Override
-    public boolean test( final StoredResponseItem hashedResponse, final String input )
-    {
-        final String newHash = doHash( input, hashedResponse.getIterations(), ResponseHashAlgorithm.SHA1_SALT, VERSION.B );
-        return newHash.equals( hashedResponse.getHash() );
-    }
-
-    static String doHash(
-            final String input,
-            final int hashCount,
-            final ResponseHashAlgorithm formatType,
-            final VERSION version
-    )
-            throws IllegalStateException
-    {
-        final String algorithm = SUPPORTED_FORMATS.get( formatType );
-        final MessageDigest md;
-        try
-        {
-            md = MessageDigest.getInstance( algorithm );
-        }
-        catch ( final NoSuchAlgorithmException e )
-        {
-            throw new IllegalStateException( "unable to load " + algorithm + " message digest algorithm: " + e.getMessage() );
-        }
-
-
-        byte[] hashedBytes;
-        hashedBytes = input.getBytes( StandardCharsets.UTF_8 );
-
-        switch ( version )
-        {
-            case A:
-                hashedBytes = md.digest( hashedBytes );
-                return Base64.encodeBytes( hashedBytes );
-
-            case B:
-                for ( int i = 0; i < hashCount; i++ )
-                {
-                    hashedBytes = md.digest( hashedBytes );
-                }
-                return Base64.encodeBytes( hashedBytes );
-
-            default:
-                throw new IllegalStateException( "unexpected version enum in hash method" );
-        }
-    }
-}

pwm-cr/src/test/java/password/pwm/cr/ChaiXmlResponseSet1Test.java

@@ -1,153 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-import org.junit.Assert;
-import org.junit.Test;
-import password.pwm.cr.api.ResponseLevel;
-import password.pwm.cr.api.StoredChallengeItem;
-import password.pwm.cr.api.StoredResponseItem;
-import password.pwm.cr.api.StoredResponseSet;
-import password.pwm.cr.hash.HashFactory;
-
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.io.Reader;
-import java.nio.charset.StandardCharsets;
-
-@SuppressWarnings( "checkstyle:MultipleStringLiterals" )
-public class ChaiXmlResponseSet1Test
-{
-
-    @Test
-    public void testReadingStoredChaiXmlChallengeSet()
-            throws IOException
-    {
-        /*
-        final Reader reader = readInputXmlFile();
-        StoredResponseSet storedResponseSet = new ChaiXmlResponseSetSerializer().read(reader, ChaiXmlResponseSetSerializer.Type.USER);
-
-        testUserResponseSetValidity(storedResponseSet);
-        */
-    }
-
-
-    @Test
-    public void testReadingStoredChaiHelpdeskXmlChallengeSet() throws IOException
-    {
-        final Reader reader = readInputXmlFile();
-        final StoredResponseSet storedResponseSet = new ChaiXmlResponseSetSerializer().read( reader, ChaiXmlResponseSetSerializer.Type.HELPDESK );
-
-        testHelpdeskResponseSetValidity( storedResponseSet );
-    }
-
-    @Test
-    public void testReadWriteRead() throws IOException
-    {
-        /*
-        final ChaiXmlResponseSetSerializer chaiXmlResponseSetSerializer = new ChaiXmlResponseSetSerializer();
-
-
-        final Map<ChaiXmlResponseSetSerializer.Type,StoredResponseSet> firstResponsesRead;
-        {
-            final Reader reader = readInputXmlFile();
-            firstResponsesRead = chaiXmlResponseSetSerializer.read(reader);
-        }
-
-        final String firstResponsesWritten;
-        {
-            final StringWriter writer = new StringWriter();
-            new ChaiXmlResponseSetSerializer().write(writer, firstResponsesRead);
-            firstResponsesWritten = writer.toString();
-        }
-
-        final Map<ChaiXmlResponseSetSerializer.Type,StoredResponseSet> secondResponsesRead;
-        {
-            final Reader reader = new StringReader(firstResponsesWritten);
-            secondResponsesRead = chaiXmlResponseSetSerializer.read(reader);
-        }
-
-        testUserResponseSetValidity(secondResponsesRead.get(ChaiXmlResponseSetSerializer.Type.USER));
-        testHelpdeskResponseSetValidity(secondResponsesRead.get(ChaiXmlResponseSetSerializer.Type.HELPDESK));
-        */
-    }
-
-    private static Reader readInputXmlFile()
-    {
-        return new InputStreamReader( ChaiXmlResponseSet1Test.class.getResourceAsStream( "ChaiXmlResponseSet1.xml" ), StandardCharsets.UTF_8 );
-    }
-
-
-    private void testUserResponseSetValidity( final StoredResponseSet storedResponseSet )
-    {
-        Assert.assertEquals( 4, storedResponseSet.getStoredChallengeItems().size() );
-        Assert.assertEquals( 4, StoredItemUtils.filterStoredChallenges( storedResponseSet.getStoredChallengeItems(), ResponseLevel.RANDOM ).size() );
-
-        for ( final StoredChallengeItem storedChallengeItem : storedResponseSet.getStoredChallengeItems() )
-        {
-            final String questionText = storedChallengeItem.getQuestionText();
-            if ( "What is the name of the main character in your favorite book?".equals( questionText ) )
-            {
-                final StoredResponseItem storedResponseItem = storedChallengeItem.getAnswer();
-                Assert.assertTrue( HashFactory.testResponseItem( storedResponseItem, "book" ) );
-                Assert.assertFalse( HashFactory.testResponseItem( storedResponseItem, "wrong answer" ) );
-            }
-
-            if ( "What is the name of your favorite teacher?".equals( questionText ) )
-            {
-                final StoredResponseItem storedResponseItem = storedChallengeItem.getAnswer();
-                Assert.assertTrue( HashFactory.testResponseItem( storedResponseItem, "teacher" ) );
-                Assert.assertFalse( HashFactory.testResponseItem( storedResponseItem, "wrong answer" ) );
-            }
-
-            if ( "What was the name of your childhood best friend?".equals( questionText ) )
-            {
-                final StoredResponseItem storedResponseItem = storedChallengeItem.getAnswer();
-                Assert.assertTrue( HashFactory.testResponseItem( storedResponseItem, "friend" ) );
-                Assert.assertFalse( HashFactory.testResponseItem( storedResponseItem, "wrong answer" ) );
-            }
-
-            if ( "What was your favorite show as a child?".equals( questionText ) )
-            {
-                final StoredResponseItem storedResponseItem = storedChallengeItem.getAnswer();
-                Assert.assertTrue( HashFactory.testResponseItem( storedResponseItem, "child" ) );
-                Assert.assertFalse( HashFactory.testResponseItem( storedResponseItem, "wrong answer" ) );
-            }
-        }
-
-    }
-
-    private void testHelpdeskResponseSetValidity( final StoredResponseSet storedResponseSet )
-    {
-        Assert.assertEquals( 2, storedResponseSet.getStoredChallengeItems().size() );
-
-        for ( final StoredChallengeItem storedChallengeItem : storedResponseSet.getStoredChallengeItems() )
-        {
-            final String questionText = storedChallengeItem.getQuestionText();
-            if ( "What is the name of the main character in your favorite book?".equals( questionText ) )
-            {
-                final StoredResponseItem storedResponseItem = storedChallengeItem.getAnswer();
-
-            }
-        }
-    }
-
-}

pwm-cr/src/test/java/password/pwm/cr/ChaiXmlResponseSetReaderTest.java

@@ -1,54 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-import org.junit.Test;
-import password.pwm.cr.api.ChallengeItemPolicy;
-import password.pwm.cr.api.QuestionSource;
-import password.pwm.cr.api.ResponseLevel;
-
-@SuppressWarnings( "checkstyle:MultipleStringLiterals" )
-public class ChaiXmlResponseSetReaderTest
-{
-
-    @Test( expected = IllegalArgumentException.class )
-    public void testBogusMaxLength() throws Exception
-    {
-
-        ChallengeItemPolicy.builder()
-                .questionText( "question 1!" )
-                .maxLength( -3 )
-                .build().validate();
-    }
-
-    @Test
-    public void testValidChallengeItemCreations()
-    {
-        ChallengeItemPolicy.builder()
-                .questionText( "question 1!" )
-                .minLength( 1 )
-                .maxLength( 10 )
-                .questionSource( QuestionSource.ADMIN_DEFINED )
-                .responseLevel( ResponseLevel.REQUIRED )
-                .build();
-
-    }
-}

pwm-cr/src/test/resources/password/pwm/cr/ChaiXmlResponseSet1.xml

@@ -1,47 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  ~ Password Management Servlets (PWM)
-  ~ http://www.pwm-project.org
-  ~
-  ~ Copyright (c) 2006-2009 Novell, Inc.
-  ~ Copyright (c) 2009-2020 The PWM Project
-  ~
-  ~ Licensed under the Apache License, Version 2.0 (the "License");
-  ~ you may not use this file except in compliance with the License.
-  ~ You may obtain a copy of the License at
-  ~
-  ~     http://www.apache.org/licenses/LICENSE-2.0
-  ~
-  ~ Unless required by applicable law or agreed to in writing, software
-  ~ distributed under the License is distributed on an "AS IS" BASIS,
-  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  ~ See the License for the specific language governing permissions and
-  ~ limitations under the License.
-  -->
-
-<ResponseSet minRandomRequired="2" locale="en" version="2" chaiVersion="0.6.9-SNAPSHOT" caseInsensitive="true" challengeSetID="SSPR-defined [Version Missing]" time="2016-08-23 08:48:15 +0000">
-    <response adminDefined="true" required="false" minLength="4" maxLength="200">
-        <challenge>What is the name of the main character in your favorite book?</challenge>
-        <answer salt="WHc5dJydH8xBHoqpS1fsnEhHtETdjblt" format="PBKDF2" hashcount="100000">OYfp1MdBrysBfaYHu+KSOhieagPilStxSMMVSuIz8DgtygXI2yHWdHEh42FMhdRUjHRUS0PbdPpGhuptgXCBXQ==</answer>
-    </response>
-    <response adminDefined="true" required="false" minLength="4" maxLength="200">
-        <challenge>What is the name of your favorite teacher?</challenge>
-        <answer salt="vA4aGz6KhNKRcnMj2nSLzWgHgXw0LcRr" format="SHA1_SALT" hashcount="100000">B:Hm9U8bh2oXzqFnPif8wChoVosss=</answer>
-    </response>
-    <response adminDefined="true" required="false" minLength="4" maxLength="200">
-        <challenge>What was the name of your childhood best friend?</challenge>
-        <answer salt="hUOJI16WDk1bCrVtAhuURmQl5NhIn7XV" format="PBKDF2" hashcount="100000">FhZELpheB9JSAju8vpxwmEik7dvlV38d/iXPpalSw1g3i2lqZAgGt2ntv24K7OklzcR3HfoKHNMqIhKlwljovg==</answer>
-    </response>
-    <response adminDefined="true" required="false" minLength="4" maxLength="200">
-        <challenge>What was your favorite show as a child?</challenge>
-        <answer salt="hd0vlgkhBOJZizCpAm4Ip1gNO5JvZTcO" format="PBKDF2" hashcount="100000">OYs6l6CH8E0fhyNlp8cfzO1YATgFygsimw37ah+LJevNdCRpDe9eKrDlCXQEFDgqumrTOwHGTa56/PTEwptXpQ==</answer>
-    </response>
-    <helpdesk-response adminDefined="true" required="false" minLength="4" maxLength="200">
-        <challenge>Question 1</challenge>
-        <answer format="HELPDESK">H4sIAAAAAAAAAIvx-82rNP_i_ouVZwNn50a-BwBCsGs2EAAAAA==</answer>
-    </helpdesk-response>
-    <helpdesk-response adminDefined="true" required="false" minLength="4" maxLength="200">
-        <challenge>Question 2</challenge>
-        <answer format="HELPDESK">H4sIAAAAAAAAAIuQYQ59M3HZ5VvFk6_dNZjsAAAQvpfpEAAAAA==</answer>
-    </helpdesk-response>
-</ResponseSet>

server/src/main/java/password/pwm/cr/CrChallengeItemBean.java

@@ -1,65 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-import com.novell.ldapchai.cr.Challenge;
-import com.novell.ldapchai.cr.bean.ChallengeBean;
-import lombok.Builder;
-import lombok.Value;
-
-import java.io.Serializable;
-
-@Value
-@Builder
-public class CrChallengeItemBean implements Serializable, Challenge
-{
-    private String challengeText;
-    private int minLength;
-    private int maxLength;
-    private boolean adminDefined;
-    private boolean required;
-    private int maxQuestionCharsInAnswer;
-    private boolean enforceWordlist;
-
-    @Override
-    public boolean isLocked()
-    {
-        return true;
-    }
-
-    @Override
-    public void lock()
-    {
-
-    }
-
-    @Override
-    public void setChallengeText( final String challengeText )
-    {
-        throw new IllegalStateException();
-    }
-
-    @Override
-    public ChallengeBean asChallengeBean()
-    {
-        throw new IllegalStateException();
-    }
-}

server/src/main/java/password/pwm/cr/CrChallengePolicyBean.java

@@ -1,127 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-import com.novell.ldapchai.cr.Challenge;
-import com.novell.ldapchai.cr.ChallengeSet;
-import com.novell.ldapchai.cr.bean.ChallengeSetBean;
-import lombok.Builder;
-import lombok.Value;
-
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.Locale;
-import java.util.stream.Collectors;
-
-@Value
-@Builder
-public class CrChallengePolicyBean implements Serializable, ChallengeSet
-{
-    private Locale locale;
-    private List<Challenge> challenges;
-    private List<Challenge> helpdeskChallenges;
-    private int minRandomRequired;
-    private int helpdeskMinRandomRequired;
-
-    @Override
-    public List<Challenge> getAdminDefinedChallenges()
-    {
-        return challenges.stream()
-                .filter( Challenge::isAdminDefined )
-                .collect( Collectors.toList() );
-    }
-
-    @Override
-    public List<String> getChallengeTexts()
-    {
-
-        final List<String> returnList = new ArrayList<>();
-        challenges.stream()
-                .forEach( challenge -> returnList.add( challenge.getChallengeText() ) );
-        return Collections.unmodifiableList( returnList );
-    }
-
-    @Override
-    public List<Challenge> getRandomChallenges()
-    {
-        return challenges.stream()
-                .filter( challenge -> !challenge.isRequired() )
-                .collect( Collectors.toList() );
-    }
-
-    @Override
-    public List<Challenge> getRequiredChallenges()
-    {
-        return challenges.stream()
-                .filter( Challenge::isRequired )
-                .collect( Collectors.toList() );
-    }
-
-    @Override
-    public List<Challenge> getUserDefinedChallenges()
-    {
-        return challenges.stream()
-                .filter( crChallengeItemBean -> !crChallengeItemBean.isAdminDefined() )
-                .collect( Collectors.toList() );
-    }
-
-    @Override
-    public int minimumResponses()
-    {
-        int mininimumResponses = 0;
-
-        mininimumResponses += getRequiredChallenges().size();
-        mininimumResponses += getMinRandomRequired();
-
-        return mininimumResponses;
-    }
-
-    @Override
-    public boolean isLocked()
-    {
-        return true;
-    }
-
-    @Override
-    public void lock()
-    {
-
-    }
-
-    @Override
-    public String getIdentifier()
-    {
-        return null;
-    }
-
-    public static CrChallengePolicyBean fromChallengeSet( final ChallengeSet challengeSet )
-    {
-        return null;
-    }
-
-    @Override
-    public ChallengeSetBean asChallengeSetBean()
-    {
-        return null;
-    }
-}

server/src/main/java/password/pwm/cr/StoredCrCollection.java

@@ -1,31 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-import java.util.List;
-
-public interface StoredCrCollection
-{
-
-    List<StoredCrItem> storedChallengeResponseItems( );
-
-    int getMinimumRandomRequired( );
-}

server/src/main/java/password/pwm/cr/StoredCrItem.java

@@ -1,28 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-public interface StoredCrItem
-{
-    String getChallengeText( );
-
-    String getIdentifier( );
-}

server/src/main/java/password/pwm/cr/StoredCrSet.java

@@ -1,32 +0,0 @@
-/*
- * Password Management Servlets (PWM)
- * http://www.pwm-project.org
- *
- * Copyright (c) 2006-2009 Novell, Inc.
- * Copyright (c) 2009-2020 The PWM Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package password.pwm.cr;
-
-import java.util.Date;
-
-public interface StoredCrSet
-{
-    String getLocale( );
-
-    Date getDate( );
-
-    String getChallengePolicyID( );
-}