public String getAlgorithm() { return password.getAlgorithm(); }
/** * Cast this password type and apply a function if the type matches. * * @param passwordType the password type class to check * @param algorithmName the name of the algorithm or {@code null} if any algorithm is acceptable * @param function the function to apply * @param <P> the password type * @param <R> the return type * @return the result of the function, or {@code null} if the password is not of the given type */ default <P extends Password, R> R castAndApply(Class<P> passwordType, String algorithmName, Function<P, R> function) { return passwordType.isInstance(this) && (algorithmName == null || algorithmName.equals(getAlgorithm())) ? function.apply(passwordType.cast(this)) : null; }
return (password instanceof SunUnixMD5CryptPassword && algorithm.equals(password.getAlgorithm())); return (password instanceof UnixSHACryptPassword && algorithm.equals(password.getAlgorithm())); case ALGORITHM_DIGEST_SHA_384: case ALGORITHM_DIGEST_SHA_512:{ return (password instanceof DigestPassword && algorithm.equals(password.getAlgorithm())); case ALGORITHM_SIMPLE_DIGEST_SHA_384: case ALGORITHM_SIMPLE_DIGEST_SHA_512: { return (password instanceof SimpleDigestPassword && algorithm.equals(password.getAlgorithm())); case ALGORITHM_SALT_PASSWORD_DIGEST_SHA_384: case ALGORITHM_SALT_PASSWORD_DIGEST_SHA_512: { return (password instanceof SaltedSimpleDigestPassword && algorithm.equals(password.getAlgorithm())); return (password instanceof ScramDigestPassword && algorithm.equals(password.getAlgorithm())); case ALGORITHM_OTP_SHA_384: case ALGORITHM_OTP_SHA_512: { return (password instanceof OneTimePassword && algorithm.equals(password.getAlgorithm())); return MaskedPassword.isMaskedAlgorithm(algorithm) && password instanceof MaskedPassword && algorithm.equals(password.getAlgorithm());
if (password instanceof SunUnixMD5CryptPasswordImpl && algorithm.equals(password.getAlgorithm())) { return password; } else if (password instanceof SunUnixMD5CryptPassword && algorithm.equals(password.getAlgorithm())) { return new SunUnixMD5CryptPasswordImpl((SunUnixMD5CryptPassword) password); } else { if (password instanceof UnixSHACryptPasswordImpl && algorithm.equals(password.getAlgorithm())) { return password; } else if (password instanceof UnixSHACryptPassword && algorithm.equals(password.getAlgorithm())) { return new UnixSHACryptPasswordImpl((UnixSHACryptPassword) password); case ALGORITHM_DIGEST_SHA_512: case ALGORITHM_DIGEST_SHA_512_256: { if (password instanceof DigestPasswordImpl && algorithm.equals(password.getAlgorithm())) { return password; } else if (password instanceof DigestPassword && algorithm.equals(password.getAlgorithm())) { return new SimpleDigestPasswordImpl((SimpleDigestPassword) password); case ALGORITHM_SIMPLE_DIGEST_SHA_384: case ALGORITHM_SIMPLE_DIGEST_SHA_512: { if (password instanceof SimpleDigestPasswordImpl && algorithm.equals(password.getAlgorithm())) { return password; } else if (password instanceof SimpleDigestPassword && algorithm.equals(password.getAlgorithm())) { return new SimpleDigestPasswordImpl((SimpleDigestPassword) password); case ALGORITHM_SALT_PASSWORD_DIGEST_SHA_384: case ALGORITHM_SALT_PASSWORD_DIGEST_SHA_512: { if (password instanceof SaltedSimpleDigestPasswordImpl && algorithm.equals(password.getAlgorithm())) { return password;
@Override public <C extends Credential> C getCredential(final Class<C> credentialType, final String credentialAlgorithm, final AlgorithmParameterSpec parameterSpec, Supplier<Provider[]> providers) { if (credentialType != PasswordCredential.class) { return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, userPasswordAttributeName); if (attribute != null) { final int size = attribute.size(); for (int i = 0; i < size; i++) { byte[] value = (byte[]) attribute.get(i); Password password = parseUserPassword(value); if (credentialType.isAssignableFrom(PasswordCredential.class) && (credentialAlgorithm == null || credentialAlgorithm.equals(password.getAlgorithm()))) { return credentialType.cast(new PasswordCredential(password)); } } } } catch (NamingException | InvalidKeySpecException e) { if (log.isTraceEnabled()) { log.trace("Getting user-password credential " + credentialType.getName() + " failed. dn=" + distinguishedName, e); } } return null; }
streamWriter.writeStartElement("password"); String format; String algorithm = password.getAlgorithm(); String passwordString; byte[] encoded = BasicPasswordSpecEncoding.encode(password);
public static byte[] composeUserPassword(Password password) throws IOException { String algorithm = password.getAlgorithm(); ByteArrayOutputStream out = new ByteArrayOutputStream(); if (ALGORITHM_SIMPLE_DIGEST_MD5.equals(algorithm)) {
private static char[] keyStoreCredentialToPassword(ExceptionSupplier<KeyStore.Entry, ConfigXMLParseException> keyStoreCredential, Supplier<Provider[]> providers) throws GeneralSecurityException, ConfigXMLParseException { final KeyStore.Entry entry = keyStoreCredential == null ? null : keyStoreCredential.get(); if (entry instanceof PasswordEntry) { Password password = ((PasswordEntry) entry).getPassword(); final PasswordFactory passwordFactory = PasswordFactory.getInstance(password.getAlgorithm(), providers); password = passwordFactory.translate(password); final ClearPasswordSpec spec = passwordFactory.getKeySpec(password, ClearPasswordSpec.class); return spec.getEncodedPassword(); } else if (entry instanceof KeyStore.SecretKeyEntry) { final SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey(); final SecretKeyFactory instance = SecretKeyFactory.getInstance(secretKey.getAlgorithm()); final SecretKeySpec keySpec = (SecretKeySpec) instance.getKeySpec(secretKey, SecretKeySpec.class); final byte[] encoded = keySpec.getEncoded(); return encoded == null ? null : new String(encoded, StandardCharsets.UTF_8).toCharArray(); } else { return null; } }
public boolean verify(final Supplier<Provider[]> providerSupplier, final Evidence evidence) { Assert.checkNotNullParam("providerSupplier", providerSupplier); Assert.checkNotNullParam("evidence", evidence); if (evidence instanceof PasswordGuessEvidence) try { final PasswordFactory factory = PasswordFactory.getInstance(password.getAlgorithm(), providerSupplier); return factory.verify(factory.translate(password), ((PasswordGuessEvidence) evidence).getGuess()); } catch (NoSuchAlgorithmException | InvalidKeyException ignored) { } return false; }
/** * Encode the given {@link Password} to a byte array. * * @param password the password to encode * @param providers providers to use with the underlying {@link PasswordFactory} * @return a byte array representing the encoded password or null if no encoder was capable to encode the given password */ public static byte[] encode(Password password, Supplier<Provider[]> providers) throws NoSuchAlgorithmException, InvalidKeySpecException { PasswordFactory passwordFactory = PasswordFactory.getInstance(password.getAlgorithm(), providers); if (passwordFactory.convertibleToKeySpec(password, ClearPasswordSpec.class)) { return encodeClearPasswordSpec(passwordFactory.getKeySpec(password, ClearPasswordSpec.class)); } else if (passwordFactory.convertibleToKeySpec(password, DigestPasswordSpec.class)) { return encodeDigestPasswordSpec(passwordFactory.getKeySpec(password, DigestPasswordSpec.class)); } else if (passwordFactory.convertibleToKeySpec(password, SaltedHashPasswordSpec.class)) { return encodeSaltedHashPasswordSpec(passwordFactory.getKeySpec(password, SaltedHashPasswordSpec.class)); } else if (passwordFactory.convertibleToKeySpec(password, IteratedSaltedHashPasswordSpec.class)) { return encodeIteratedSaltedHashSpec(passwordFactory.getKeySpec(password, IteratedSaltedHashPasswordSpec.class)); } else if (passwordFactory.convertibleToKeySpec(password, HashPasswordSpec.class)) { return encodeHashPasswordSpec(passwordFactory.getKeySpec(password, HashPasswordSpec.class)); } return null; }
} else if (credentialClass == PasswordCredential.class) { final Password password = credential.castAndApply(PasswordCredential.class, PasswordCredential::getPassword); final String algorithm = password.getAlgorithm(); final DEREncoder encoder = new DEREncoder(); final PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm);
if (entry instanceof PasswordEntry) try { final Password password = ((PasswordEntry) entry).getPassword(); final PasswordFactory passwordFactory1 = PasswordFactory.getInstance(password.getAlgorithm(), providersSupplier); final ClearPasswordSpec passwordSpec = passwordFactory1.getKeySpec(password, ClearPasswordSpec.class); return passwordSpec.getEncodedPassword();
public String getAlgorithm() { return password.getAlgorithm(); }
public String getAlgorithm() { return password.getAlgorithm(); }
/** * Cast this password type and apply a function if the type matches. * * @param passwordType the password type class to check * @param algorithmName the name of the algorithm or {@code null} if any algorithm is acceptable * @param function the function to apply * @param <P> the password type * @param <R> the return type * @return the result of the function, or {@code null} if the password is not of the given type */ default <P extends Password, R> R castAndApply(Class<P> passwordType, String algorithmName, Function<P, R> function) { return passwordType.isInstance(this) && (algorithmName == null || algorithmName.equals(getAlgorithm())) ? function.apply(passwordType.cast(this)) : null; }
/** * Cast this password type and apply a function if the type matches. * * @param passwordType the password type class to check * @param algorithmName the name of the algorithm or {@code null} if any algorithm is acceptable * @param function the function to apply * @param <P> the password type * @param <R> the return type * @return the result of the function, or {@code null} if the password is not of the given type */ default <P extends Password, R> R castAndApply(Class<P> passwordType, String algorithmName, Function<P, R> function) { return passwordType.isInstance(this) && (algorithmName == null || algorithmName.equals(getAlgorithm())) ? function.apply(passwordType.cast(this)) : null; }
/** * Cast this password type and apply a function if the type matches. * * @param passwordType the password type class to check * @param algorithmName the name of the algorithm or {@code null} if any algorithm is acceptable * @param function the function to apply * @param <P> the password type * @param <R> the return type * @return the result of the function, or {@code null} if the password is not of the given type */ default <P extends Password, R> R castAndApply(Class<P> passwordType, String algorithmName, Function<P, R> function) { return passwordType.isInstance(this) && (algorithmName == null || algorithmName.equals(getAlgorithm())) ? function.apply(passwordType.cast(this)) : null; }
public boolean verify(final Supplier<Provider[]> providerSupplier, final Evidence evidence) { Assert.checkNotNullParam("providerSupplier", providerSupplier); Assert.checkNotNullParam("evidence", evidence); if (evidence instanceof PasswordGuessEvidence) try { final PasswordFactory factory = PasswordFactory.getInstance(password.getAlgorithm(), providerSupplier); return factory.verify(factory.translate(password), ((PasswordGuessEvidence) evidence).getGuess()); } catch (NoSuchAlgorithmException | InvalidKeyException ignored) { } return false; }
public boolean verify(final Supplier<Provider[]> providerSupplier, final Evidence evidence) { Assert.checkNotNullParam("providerSupplier", providerSupplier); Assert.checkNotNullParam("evidence", evidence); if (evidence instanceof PasswordGuessEvidence) try { final PasswordFactory factory = PasswordFactory.getInstance(password.getAlgorithm(), providerSupplier); return factory.verify(factory.translate(password), ((PasswordGuessEvidence) evidence).getGuess()); } catch (NoSuchAlgorithmException | InvalidKeyException ignored) { } return false; }
public boolean verify(final Supplier<Provider[]> providerSupplier, final Evidence evidence) { Assert.checkNotNullParam("providerSupplier", providerSupplier); Assert.checkNotNullParam("evidence", evidence); if (evidence instanceof PasswordGuessEvidence) try { final PasswordFactory factory = PasswordFactory.getInstance(password.getAlgorithm(), providerSupplier); return factory.verify(factory.translate(password), ((PasswordGuessEvidence) evidence).getGuess()); } catch (NoSuchAlgorithmException | InvalidKeyException ignored) { } return false; }