org.apache.jackrabbit.oak.spi.security.user.util

Class PasswordUtil

java.lang.Object

org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil

public final class PasswordUtil
extends Object

Utility to generate and compare password hashes.

Field Summary

Fields

Modifier and Type	Field and Description
static String	DEFAULT_ALGORITHM
static int	DEFAULT_ITERATIONS
static int	DEFAULT_SALT_SIZE

Method Summary

Modifier and Type	Method and Description
static String	buildPasswordHash(@NotNull String password) Generates a hash of the specified password with the default values for algorithm, salt-size and number of iterations.
static String	buildPasswordHash(@NotNull String password, @NotNull ConfigurationParameters config) Same as buildPasswordHash(String, String, int, int) but retrieving the parameters for hash generation from the specified configuration.
static String	buildPasswordHash(@NotNull String password, @Nullable String algorithm, int saltSize, int iterations) Generates a hash of the specified password using the specified algorithm, salt size and number of iterations into account.
static boolean	isPlainTextPassword(@Nullable String password) Returns true if the specified string doesn't start with a valid algorithm name in curly brackets.
static boolean	isSame(@Nullable String hashedPassword, @NotNull char[] password) Returns true if hash of the specified password equals the given hashed password.
static boolean	isSame(@Nullable String hashedPassword, @NotNull String password) Returns true if hash of the specified password equals the given hashed password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_ALGORITHM

public static final String DEFAULT_ALGORITHM

See Also:

Constant Field Values

DEFAULT_SALT_SIZE

public static final int DEFAULT_SALT_SIZE

See Also:

Constant Field Values

DEFAULT_ITERATIONS

public static final int DEFAULT_ITERATIONS

See Also:

Constant Field Values

Method Detail

buildPasswordHash

public static String buildPasswordHash(@NotNull
                                       @NotNull String password)
                                throws NoSuchAlgorithmException,
                                       UnsupportedEncodingException

Generates a hash of the specified password with the default values for algorithm, salt-size and number of iterations.

Parameters:

password - The password to be hashed.

Returns:

The password hash.

Throws:

NoSuchAlgorithmException - If DEFAULT_ALGORITHM is not supported.

UnsupportedEncodingException - If utf-8 is not supported.

buildPasswordHash

public static String buildPasswordHash(@NotNull
                                       @NotNull String password,
                                       @Nullable
                                       @Nullable String algorithm,
                                       int saltSize,
                                       int iterations)
                                throws NoSuchAlgorithmException,
                                       UnsupportedEncodingException

Generates a hash of the specified password using the specified algorithm, salt size and number of iterations into account.

Parameters:

password - The password to be hashed.

algorithm - The desired hash algorithm. If the algorith is null the DEFAULT_ALGORITHM will be used.

saltSize - The desired salt size. If the specified integer is lower that DEFAULT_SALT_SIZE the default is used.

iterations - The desired number of iterations. If the specified integer is lower than 1 the default value is used.

Returns:

The password hash.

Throws:

NoSuchAlgorithmException - If the specified algorithm is not supported.

UnsupportedEncodingException - If utf-8 is not supported.

buildPasswordHash

public static String buildPasswordHash(@NotNull
                                       @NotNull String password,
                                       @NotNull
                                       @NotNull ConfigurationParameters config)
                                throws NoSuchAlgorithmException,
                                       UnsupportedEncodingException

Same as buildPasswordHash(String, String, int, int) but retrieving the parameters for hash generation from the specified configuration.

Parameters:

password - The password to be hashed.

config - The configuration defining the details of the hash generation.

Returns:

The password hash.

Throws:

NoSuchAlgorithmException - If the specified algorithm is not supported.

UnsupportedEncodingException - If utf-8 is not supported.

isPlainTextPassword

public static boolean isPlainTextPassword(@Nullable
                                          @Nullable String password)

Returns true if the specified string doesn't start with a valid algorithm name in curly brackets.

Parameters:

password - The string to be tested.

Returns:

true if the specified string doesn't start with a valid algorithm name in curly brackets.

isSame

public static boolean isSame(@Nullable
                             @Nullable String hashedPassword,
                             @NotNull
                             @NotNull char[] password)

Returns true if hash of the specified password equals the given hashed password.

Parameters:

hashedPassword - Password hash.

password - The password to compare.

Returns:

If the hash created from the specified password equals the given hashedPassword string.

isSame

public static boolean isSame(@Nullable
                             @Nullable String hashedPassword,
                             @NotNull
                             @NotNull String password)

Returns true if hash of the specified password equals the given hashed password.

Parameters:

hashedPassword - Password hash.

password - The password to compare.

Returns:

If the hash created from the specified password equals the given hashedPassword string.