Package org.wildfly.security.password

Class PasswordFactory

java.lang.Object
org.wildfly.security.password.PasswordFactory
public final class PasswordFactory extends Object
A factory for passwords.

Password factories are used to handle and manipulate password objects and their corresponding password specifications. Passwords are a kind of key which are used to store and compare against a string of text entered by a human. Passwords can be one-way (OneWayPassword) or two-way (TwoWayPassword).

Author:
David M. Lloyd

  • Constructor Details

    • PasswordFactory

      public PasswordFactory(PasswordFactorySpi spi, Provider provider, String algorithm)
      Construct a new instance.
      Parameters:
      spi - the password factory SPI (not null)
      provider - the provider (not null)
      algorithm - the algorithm name (not null)

  • Method Details

    • getInstance

      public static PasswordFactory getInstance(String algorithm) throws NoSuchAlgorithmException
      Get a password factory instance. The returned password factory object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      Returns:
      a password factory instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations

    • getInstance

      public static PasswordFactory getInstance(String algorithm, String providerName) throws NoSuchAlgorithmException, NoSuchProviderException
      Get a password factory instance. The returned password factory object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      providerName - the name of the provider to use
      Returns:
      a password factory instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations
      NoSuchProviderException

    • getInstance

      public static PasswordFactory getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException
      Get a password factory instance. The returned password factory object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      provider - the provider to use
      Returns:
      a password factory instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations

    • getInstance

      public static PasswordFactory getInstance(String algorithm, Supplier<Provider[]> providerSupplier) throws NoSuchAlgorithmException
      Get a password factory instance. The returned password factory object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      providerSupplier - the provider supplier to search
      Returns:
      a password factory instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations

    • getProvider

      public Provider getProvider()
      Get the provider of this password factory.
      Returns:
      the provider

    • getAlgorithm

      public String getAlgorithm()
      Get the algorithm of this password factory.
      Returns:
      the algorithm

    • generatePassword

      public Password generatePassword(KeySpec keySpec) throws InvalidKeySpecException
      Generate a new Password object for the given specification.
      Parameters:
      keySpec - the specification
      Returns:
      the password object
      Throws:
      InvalidKeySpecException - if the key specification is not valid for this algorithm

    • getKeySpec

      public <T extends KeySpec> T getKeySpec(Password password, Class<T> specType) throws InvalidKeySpecException
      Generate a key specification of the given type from the given password object.
      Type Parameters:
      T - the specification type
      Parameters:
      password - the password object
      specType - the specification class
      Returns:
      the key specification
      Throws:
      InvalidKeySpecException - if the password cannot be translated to the given key specification type

    • convertibleToKeySpec

      public <T extends KeySpec> boolean convertibleToKeySpec(Password password, Class<T> specType)
      Determine whether the given password can be converted to the given key specification type by this factory.
      Type Parameters:
      T - the specification type
      Parameters:
      password - the password object
      specType - the specification class
      Returns:
      true if the password can be converted, false otherwise

    • isTranslatable

      public boolean isTranslatable(Password password)
      Determine whether the given password can be translated into one which is consumable by this factory. If this method returns true, then translate(Password) will succeed.
      Parameters:
      password - the password object
      Returns:
      true if the given password is supported by this algorithm, false otherwise

    • translate

      public Password translate(Password password) throws InvalidKeyException
      Translate the given password object to one which is consumable by this factory.
      Parameters:
      password - the password object
      Returns:
      the equivalent password object that this factory can work with
      Throws:
      InvalidKeyException - if the given password is not supported by this algorithm

    • verify

      public boolean verify(Password password, char[] guess) throws InvalidKeyException
      Verify a password guess.
      Parameters:
      password - the password object
      guess - the guessed password characters
      Returns:
      true if the guess matches the password, false otherwise
      Throws:
      InvalidKeyException - if the given password is not supported by this factory

    • verify

      public boolean verify(Password password, char[] guess, Charset hashCharset) throws InvalidKeyException
      Verify a password guess.
      Parameters:
      password - the password object
      guess - the guessed password characters
      hashCharset - the character set to use when converting the password string to a byte array (must not be null)
      Returns:
      true if the guess matches the password, false otherwise
      Throws:
      InvalidKeyException - if the given password is not supported by this factory

    • transform

      public Password transform(Password password, AlgorithmParameterSpec parameterSpec) throws InvalidKeyException, InvalidAlgorithmParameterException
      Transform a password with new parameters. Not every transformation is allowed, but iterative password types generally should allow increasing the number of iterations.
      Parameters:
      password - the password
      parameterSpec - the new parameters
      Returns:
      the transformed password
      Throws:
      InvalidKeyException - if the given password is invalid
      InvalidAlgorithmParameterException - if the transformation cannot be applied to the given parameters