public interface Pbkdf2PasswordHash extends PasswordHash
Pbkdf2PasswordHash implementation.
 
 To use Pbkdf2PasswordHash with the built-in Database IdentityStore,
 configure this interface type as the hashAlgorithm value
 on the DatabaseIdentityStoreDefinition annotation.
 
 To configure parameters for Pbkdf2PasswordHash, specify them as the
 hashAlgorithmParameters value on the DatabaseIdentityStoreDefinition annotation.
 
The built-in implementation must support the following configurable parameters:
Pbkdf2PasswordHash.Algorithm // default "PBKDF2WithHmacSHA256" Pbkdf2PasswordHash.Iterations // default 2048, minimum 1024 Pbkdf2PasswordHash.SaltSizeBytes // default 32, minimum 16 Pbkdf2PasswordHash.KeySizeBytes // default 32, minimum 16
And the following PBKDF2 algorithms:
Algorithm names are the string literal names documented for the corresponding algorithms by the Java Cryptography Architecture Standard Algorithm Name Documentation.PBKDF2WithHmacSHA224 PBKDF2WithHmacSHA256 PBKDF2WithHmacSHA384 PBKDF2WithHmacSHA512
 The encoded format produced by PasswordHash.generate(char[]), and consumed by PasswordHash.verify(char[], String),
 is as follows:
 
Where:<algorithm>:<iterations>:<base64(salt)>:<base64(hash)>
 Because the algorithm and the parameters used to generate the hash are stored with the hash,
 the built-in Pbkdf2PasswordHash implementation can verify hashes generated using algorithm
 and parameter values that differ from the currently configured values. This means the configuration
 parameters can be changed without impacting the ability to verify existing password hashes.
 
 (Password hashes generated using algorithms/parameters outside the range supported by
 Pbkdf2PasswordHash cannot be verified.)
generate, initialize, verifyCopyright © 2019 JBoss by Red Hat. All rights reserved.