Class PasswordHasher


  • public class PasswordHasher
    extends java.lang.Object

    This machine performs the hashing of Derby passwords.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private int _iterations  
      private java.lang.String _messageDigestAlgorithm  
      private byte[] _salt  
      private static java.lang.String ENCODING
      The encoding to use when converting the credentials to a byte array that can be passed to the hash function in the configurable hash scheme.
      static java.lang.String ID_PATTERN_CONFIGURABLE_HASH_SCHEME
      Pattern that is prefixed to the stored password in the configurable hash authentication scheme.
      static java.lang.String ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME
      Pattern that is prefixed to the stored password in the configurable hash authentication scheme if key stretching has been applied.
      static java.lang.String ID_PATTERN_SHA1_SCHEME
      Pattern that is prefixed to the stored password in the SHA-1 authentication scheme.
      private static char SEPARATOR_CHAR
      Character that separates the hash value from the name of the hash algorithm in the stored password generated by the configurable hash authentication scheme.
    • Constructor Summary

      Constructors 
      Constructor Description
      PasswordHasher​(java.lang.String hashingScheme)
      Construct from a hashed BUILTIN password stored in the PropertyConglomerate or from a SYSUSERS.HASHINGSCHEME column.
      PasswordHasher​(java.lang.String messageDigestAlgorithm, byte[] salt, int iterations)
      Construct from pieces.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private StandardException badMessageDigest​(java.lang.Throwable t)  
      java.lang.String encodeHashingScheme()
      Encodes the hashing algorithm in a string suitable for storing in SYSUSERS.HASHINGSCHEME.
      private java.security.MessageDigest getEmptyMessageDigest()  
      private java.lang.String hashAndEncode​(java.lang.String stringDigest)  
      java.lang.String hashAndEncode​(java.lang.String userName, java.lang.String password)
      Hash a username/password pair and return an encoded representation suitable for storing as a BUILTIN password value in the PropertyConglomerate.
      java.lang.String hashPasswordIntoString​(java.lang.String userName, java.lang.String password)
      Produce a hashed password using a plaintext username and password.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • ENCODING

        private static final java.lang.String ENCODING
        The encoding to use when converting the credentials to a byte array that can be passed to the hash function in the configurable hash scheme.
        See Also:
        Constant Field Values
      • ID_PATTERN_SHA1_SCHEME

        public static final java.lang.String ID_PATTERN_SHA1_SCHEME
        Pattern that is prefixed to the stored password in the SHA-1 authentication scheme.
        See Also:
        Constant Field Values
      • ID_PATTERN_CONFIGURABLE_HASH_SCHEME

        public static final java.lang.String ID_PATTERN_CONFIGURABLE_HASH_SCHEME
        Pattern that is prefixed to the stored password in the configurable hash authentication scheme.
        See Also:
        Constant Field Values
      • ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME

        public static final java.lang.String ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME
        Pattern that is prefixed to the stored password in the configurable hash authentication scheme if key stretching has been applied. This scheme extends the configurable hash scheme by adding a random salt and applying the hash function multiple times when generating the hashed token.
        See Also:
        Constant Field Values
      • SEPARATOR_CHAR

        private static final char SEPARATOR_CHAR
        Character that separates the hash value from the name of the hash algorithm in the stored password generated by the configurable hash authentication scheme.
        See Also:
        Constant Field Values
      • _messageDigestAlgorithm

        private java.lang.String _messageDigestAlgorithm
      • _salt

        private byte[] _salt
      • _iterations

        private int _iterations
    • Constructor Detail

      • PasswordHasher

        public PasswordHasher​(java.lang.String messageDigestAlgorithm,
                              byte[] salt,
                              int iterations)

        Construct from pieces. Used for databases at rev level 10.6 or later.

      • PasswordHasher

        public PasswordHasher​(java.lang.String hashingScheme)

        Construct from a hashed BUILTIN password stored in the PropertyConglomerate or from a SYSUSERS.HASHINGSCHEME column.

    • Method Detail

      • hashPasswordIntoString

        public java.lang.String hashPasswordIntoString​(java.lang.String userName,
                                                       java.lang.String password)
                                                throws StandardException

        Produce a hashed password using a plaintext username and password. Turn it into a printable string.

        Throws:
        StandardException
      • badMessageDigest

        private StandardException badMessageDigest​(java.lang.Throwable t)
      • encodeHashingScheme

        public java.lang.String encodeHashingScheme()

        Encodes the hashing algorithm in a string suitable for storing in SYSUSERS.HASHINGSCHEME.

      • hashAndEncode

        public java.lang.String hashAndEncode​(java.lang.String userName,
                                              java.lang.String password)
                                       throws StandardException

        Hash a username/password pair and return an encoded representation suitable for storing as a BUILTIN password value in the PropertyConglomerate.

        Throws:
        StandardException
      • hashAndEncode

        private java.lang.String hashAndEncode​(java.lang.String stringDigest)