Package org.wildfly.security.password

Class PasswordFactory

  • public final class PasswordFactory
extends Object
    A factory for passwords.

    Password factories are used to handle and manipulate password objects and their corresponding password specifications. Passwords are a kind of key which are used to store and compare against a string of text entered by a human. Passwords can be one-way (OneWayPassword) or two-way (TwoWayPassword).

    Author:
    David M. Lloyd

    • Constructor Detail

      • PasswordFactory

        public PasswordFactory​(PasswordFactorySpi spi,
                       Provider provider,
                       String algorithm)
        Construct a new instance.
        Parameters:
        spi - the password factory SPI (not null)
        provider - the provider (not null)
        algorithm - the algorithm name (not null)

    • Method Detail

      • getInstance

        public static PasswordFactory getInstance​(String algorithm)
                                   throws NoSuchAlgorithmException
        Get a password factory instance. The returned password factory object will implement the given algorithm.
        Parameters:
        algorithm - the name of the algorithm
        Returns:
        a password factory instance
        Throws:
        NoSuchAlgorithmException - if the given algorithm has no available implementations

      • getInstance

        public static PasswordFactory getInstance​(String algorithm,
                                          Provider provider)
                                   throws NoSuchAlgorithmException
        Get a password factory instance. The returned password factory object will implement the given algorithm.
        Parameters:
        algorithm - the name of the algorithm
        provider - the provider to use
        Returns:
        a password factory instance
        Throws:
        NoSuchAlgorithmException - if the given algorithm has no available implementations

      • getInstance

        public static PasswordFactory getInstance​(String algorithm,
                                          Supplier<Provider[]> providerSupplier)
                                   throws NoSuchAlgorithmException
        Get a password factory instance. The returned password factory object will implement the given algorithm.
        Parameters:
        algorithm - the name of the algorithm
        providerSupplier - the provider supplier to search
        Returns:
        a password factory instance
        Throws:
        NoSuchAlgorithmException - if the given algorithm has no available implementations

      • getProvider

        public Provider getProvider()
        Get the provider of this password factory.
        Returns:
        the provider

      • getAlgorithm

        public String getAlgorithm()
        Get the algorithm of this password factory.
        Returns:
        the algorithm

      • getKeySpec

        public <T extends KeySpec> T getKeySpec​(Password password,
                                        Class<T> specType)
                                 throws InvalidKeySpecException
        Generate a key specification of the given type from the given password object.
        Type Parameters:
        T - the specification type
        Parameters:
        password - the password object
        specType - the specification class
        Returns:
        the key specification
        Throws:
        InvalidKeySpecException - if the password cannot be translated to the given key specification type

      • convertibleToKeySpec

        public <T extends KeySpec> boolean convertibleToKeySpec​(Password password,
                                                        Class<T> specType)
        Determine whether the given password can be converted to the given key specification type by this factory.
        Type Parameters:
        T - the specification type
        Parameters:
        password - the password object
        specType - the specification class
        Returns:
        true if the password can be converted, false otherwise

      • isTranslatable

        public boolean isTranslatable​(Password password)
        Determine whether the given password can be translated into one which is consumable by this factory. If this method returns true, then translate(Password) will succeed.
        Parameters:
        password - the password object
        Returns:
        true if the given password is supported by this algorithm, false otherwise

      • translate

        public Password translate​(Password password)
                   throws InvalidKeyException
        Translate the given password object to one which is consumable by this factory.
        Parameters:
        password - the password object
        Returns:
        the equivalent password object that this factory can work with
        Throws:
        InvalidKeyException - if the given password is not supported by this algorithm

      • verify

        public boolean verify​(Password password,
                      char[] guess)
               throws InvalidKeyException
        Verify a password guess.
        Parameters:
        password - the password object
        guess - the guessed password characters
        Returns:
        true if the guess matches the password, false otherwise
        Throws:
        InvalidKeyException - if the given password is not supported by this factory

      • verify

        public boolean verify​(Password password,
                      char[] guess,
                      Charset hashCharset)
               throws InvalidKeyException
        Verify a password guess.
        Parameters:
        password - the password object
        guess - the guessed password characters
        hashCharset - the character set to use when converting the password string to a byte array (must not be null)
        Returns:
        true if the guess matches the password, false otherwise
        Throws:
        InvalidKeyException - if the given password is not supported by this factory