/** * Get a password factory instance. The returned password factory object will implement the given algorithm. * * @param algorithm the name of the algorithm * @return a password factory instance * @throws NoSuchAlgorithmException if the given algorithm has no available implementations */ public static PasswordFactory getInstance(String algorithm) throws NoSuchAlgorithmException { return getInstance(algorithm, INSTALLED_PROVIDERS); }
private PasswordFactory getPasswordFactory(final String algorithm) { try { return PasswordFactory.getInstance(algorithm, providers); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } }
/** * Set the provider to use to find the password factory. If this method is not called, the default is used. * * @param provider the provider to use (must not be {@code null}) * @return this builder */ public Builder setPasswordFactoryProvider(Provider provider) { checkNotNullParam("provider", provider); passwordFactoryFactory = () -> PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, provider); return this; }
/** * Get a password factory instance. The returned password factory object will implement the given algorithm. * * @param algorithm the name of the algorithm * @param providerName the name of the provider to use * @return a password factory instance * @throws NoSuchAlgorithmException if the given algorithm has no available implementations */ public static PasswordFactory getInstance(String algorithm, String providerName) throws NoSuchAlgorithmException, NoSuchProviderException { final Provider provider = Security.getProvider(providerName); if (provider == null) throw new NoSuchProviderException(providerName); return getInstance(algorithm, provider); }
private byte[] generateOtpHash(final String algorithm, final String passPhrase, final String seed, final int newSequenceNumber) throws NoSuchAlgorithmException, InvalidKeySpecException { PasswordFactory otpFactory = PasswordFactory.getInstance(algorithm, providers); OneTimePasswordAlgorithmSpec otpSpec = new OneTimePasswordAlgorithmSpec(algorithm, seed, newSequenceNumber); EncryptablePasswordSpec passwordSpec = new EncryptablePasswordSpec(passPhrase.toCharArray(), otpSpec); OneTimePassword otPassword = (OneTimePassword) otpFactory.generatePassword(passwordSpec); return otPassword.getHash(); } }
throw ElytronMessages.log.fileSystemRealmMissingAttribute("algorithm", path, streamReader.getLocation().getLineNumber(), name); PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm); Password password = passwordFactory.generatePassword(new OneTimePasswordSpec(hash, seed, sequenceNumber)); credentials.add(new PasswordCredential(password));
PasswordFactory passwordFactory = PasswordFactory.getInstance((String) algorithm, providers); Password password = passwordFactory.generatePassword(new OneTimePasswordSpec( CodePointIterator.ofString((String) hash)
private void parsePassword(final List<Credential> credentials, final XMLStreamReader streamReader) throws XMLStreamException, RealmUnavailableException { parseCredential(streamReader, (algorithm, format, text) -> { try { if (BASE64_FORMAT.equals(format)) { if (algorithm == null) { throw ElytronMessages.log.fileSystemRealmMissingAttribute("algorithm", path, streamReader.getLocation().getLineNumber(), name); } byte[] passwordBytes = CodePointIterator.ofChars(text.toCharArray()).base64Decode().drain(); PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm); PasswordSpec passwordSpec = BasicPasswordSpecEncoding.decode(passwordBytes); if (passwordSpec != null) { credentials.add(new PasswordCredential(passwordFactory.generatePassword(passwordSpec))); } else { throw ElytronMessages.log.fileSystemRealmInvalidPasswordAlgorithm(algorithm, path, streamReader.getLocation().getLineNumber(), name); } } else if (MCF_FORMAT.equals(format)) { credentials.add(new PasswordCredential(ModularCrypt.decode(text))); } else { throw ElytronMessages.log.fileSystemRealmInvalidPasswordFormat(format, path, streamReader.getLocation().getLineNumber(), name); } } catch (InvalidKeySpecException | NoSuchAlgorithmException e) { throw ElytronMessages.log.fileSystemRealmInvalidContent(path, streamReader.getLocation().getLineNumber(), name); } }); }
private static char[] keyStoreCredentialToPassword(ExceptionSupplier<KeyStore.Entry, ConfigXMLParseException> keyStoreCredential, Supplier<Provider[]> providers) throws GeneralSecurityException, ConfigXMLParseException { final KeyStore.Entry entry = keyStoreCredential == null ? null : keyStoreCredential.get(); if (entry instanceof PasswordEntry) { Password password = ((PasswordEntry) entry).getPassword(); final PasswordFactory passwordFactory = PasswordFactory.getInstance(password.getAlgorithm(), providers); password = passwordFactory.translate(password); final ClearPasswordSpec spec = passwordFactory.getKeySpec(password, ClearPasswordSpec.class); return spec.getEncodedPassword(); } else if (entry instanceof KeyStore.SecretKeyEntry) { final SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey(); final SecretKeyFactory instance = SecretKeyFactory.getInstance(secretKey.getAlgorithm()); final SecretKeySpec keySpec = (SecretKeySpec) instance.getKeySpec(secretKey, SecretKeySpec.class); final byte[] encoded = keySpec.getEncoded(); return encoded == null ? null : new String(encoded, StandardCharsets.UTF_8).toCharArray(); } else { return null; } }
public boolean verify(final Supplier<Provider[]> providerSupplier, final Evidence evidence) { Assert.checkNotNullParam("providerSupplier", providerSupplier); Assert.checkNotNullParam("evidence", evidence); if (evidence instanceof PasswordGuessEvidence) try { final PasswordFactory factory = PasswordFactory.getInstance(password.getAlgorithm(), providerSupplier); return factory.verify(factory.translate(password), ((PasswordGuessEvidence) evidence).getGuess()); } catch (NoSuchAlgorithmException | InvalidKeyException ignored) { } return false; }
private void updateCredential(final String newAlgorithm, final OneTimePasswordSpec newPasswordSpec) throws SaslException { try { final PasswordFactory passwordFactory = PasswordFactory.getInstance(newAlgorithm, providers); final OneTimePassword newPassword = (OneTimePassword) passwordFactory.generatePassword(newPasswordSpec); final CredentialUpdateCallback credentialUpdateCallback = new CredentialUpdateCallback(new PasswordCredential(newPassword)); handleCallbacks(exclusiveNameCallback, credentialUpdateCallback); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw saslOTP.mechUnableToUpdatePassword(userName).toSaslException(); } }
/** * Get array of password chars from TwoWayPassword * * @return * @throws SaslException */ public static char[] getTwoWayPasswordChars(TwoWayPassword password, Supplier<Provider[]> providers, ElytronMessages log) throws AuthenticationMechanismException { if (password == null) { throw log.mechNoPasswordGiven(); } try { PasswordFactory pf = PasswordFactory.getInstance(password.getAlgorithm(), providers); return pf.getKeySpec(pf.translate(password), ClearPasswordSpec.class).getEncodedPassword(); } catch (NoSuchAlgorithmException | InvalidKeySpecException | InvalidKeyException e) { throw log.mechCannotGetTwoWayPasswordChars(e); } } }
return null; final PasswordFactory factory = PasswordFactory.getInstance(twoWayPassword.getAlgorithm(), client.getProviderSupplier(authenticationConfiguration)); password = factory.getKeySpec(factory.translate(twoWayPassword), ClearPasswordSpec.class).getEncodedPassword(); } catch (UnsupportedCallbackException e) {
PasswordFactory passwordFactory = PasswordFactory.getInstance(matchedAlgorithm); final Password password = passwordFactory.generatePassword(passwordSpec); return credentialType.cast(new PasswordCredential(password));
Assert.checkNotNullParam("providers", providers); try { final PasswordFactory passwordFactory = PasswordFactory.getInstance(passwordAlgorithm, providers); final TwoWayPassword twoWayPassword = credentialCallback.applyToCredential(PasswordCredential.class, c -> c.getPassword(TwoWayPassword.class)); if (twoWayPassword != null) { final PasswordFactory clearFactory = PasswordFactory.getInstance(twoWayPassword.getAlgorithm(), providers); final ClearPasswordSpec spec = clearFactory.getKeySpec(clearFactory.translate(twoWayPassword), ClearPasswordSpec.class); if (matchParameters != null) {
passwordFactory = PasswordFactory.getInstance(algorithmName, providers); } catch (NoSuchAlgorithmException e) { throw log.couldNotObtainPasswordFactoryForAlgorithm(algorithmName, e);
return () -> { try { PasswordFactory factory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, providers); return Assert.assertNotNull(factory.generatePassword(new ClearPasswordSpec(finalPassword)).castAs(ClearPassword.class)); } catch (InvalidKeySpecException | NoSuchAlgorithmException cause) {
/** * Encode the given {@link Password} to a byte array. * * @param password the password to encode * @param providers providers to use with the underlying {@link PasswordFactory} * @return a byte array representing the encoded password or null if no encoder was capable to encode the given password */ public static byte[] encode(Password password, Supplier<Provider[]> providers) throws NoSuchAlgorithmException, InvalidKeySpecException { PasswordFactory passwordFactory = PasswordFactory.getInstance(password.getAlgorithm(), providers); if (passwordFactory.convertibleToKeySpec(password, ClearPasswordSpec.class)) { return encodeClearPasswordSpec(passwordFactory.getKeySpec(password, ClearPasswordSpec.class)); } else if (passwordFactory.convertibleToKeySpec(password, DigestPasswordSpec.class)) { return encodeDigestPasswordSpec(passwordFactory.getKeySpec(password, DigestPasswordSpec.class)); } else if (passwordFactory.convertibleToKeySpec(password, SaltedHashPasswordSpec.class)) { return encodeSaltedHashPasswordSpec(passwordFactory.getKeySpec(password, SaltedHashPasswordSpec.class)); } else if (passwordFactory.convertibleToKeySpec(password, IteratedSaltedHashPasswordSpec.class)) { return encodeIteratedSaltedHashSpec(passwordFactory.getKeySpec(password, IteratedSaltedHashPasswordSpec.class)); } else if (passwordFactory.convertibleToKeySpec(password, HashPasswordSpec.class)) { return encodeHashPasswordSpec(passwordFactory.getKeySpec(password, HashPasswordSpec.class)); } return null; }
final String algorithm = password.getAlgorithm(); final DEREncoder encoder = new DEREncoder(); final PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm); switch (algorithm) { case BCryptPassword.ALGORITHM_BCRYPT:
if (entry instanceof PasswordEntry) try { final Password password = ((PasswordEntry) entry).getPassword(); final PasswordFactory passwordFactory1 = PasswordFactory.getInstance(password.getAlgorithm(), providersSupplier); final ClearPasswordSpec passwordSpec = passwordFactory1.getKeySpec(password, ClearPasswordSpec.class); return passwordSpec.getEncodedPassword();