use of org.wildfly.security.password.spec.IteratedHashPasswordSpec in project wildfly-elytron by wildfly-security.
the class PasswordKeyMapper method map.
@Override
public Credential map(ResultSet resultSet, Supplier<Provider[]> providers) throws SQLException {
byte[] hash = null;
char[] clear = null;
byte[] salt = null;
int iterationCount;
String algorithmName = getDefaultAlgorithm();
final ResultSetMetaData metaData = resultSet.getMetaData();
if (algorithmColumn > 0) {
algorithmName = resultSet.getString(algorithmColumn);
if (algorithmName == null) {
algorithmName = getDefaultAlgorithm();
}
}
if (ClearPassword.ALGORITHM_CLEAR.equals(algorithmName)) {
final String s = getStringColumn(metaData, resultSet, hashColumn);
if (s != null) {
clear = s.toCharArray();
} else {
hash = getBinaryColumn(metaData, resultSet, hashColumn, hashEncoding);
}
} else {
if (saltColumn == -1 && iterationCountColumn == -1) {
// try modular crypt
final String s = getStringColumn(metaData, resultSet, hashColumn);
if (s != null) {
final char[] chars = s.toCharArray();
final String identified = ModularCrypt.identifyAlgorithm(chars);
if (identified != null) {
try {
Password modularCryptPassword = ModularCrypt.decode(chars);
if (log.isTraceEnabled()) {
log.tracef("Key Mapper: Password credential created using Modular Crypt algorithm [%s]", identified);
}
return new PasswordCredential(modularCryptPassword);
} catch (InvalidKeySpecException e) {
log.tracef(e, "Key Mapper: Unable to identify Modular Crypt algorithm [%s]", identified);
}
}
}
}
hash = getBinaryColumn(metaData, resultSet, hashColumn, hashEncoding);
}
if (saltColumn > 0) {
salt = getBinaryColumn(metaData, resultSet, saltColumn, saltEncoding);
}
if (iterationCountColumn > 0) {
iterationCount = resultSet.getInt(iterationCountColumn);
} else {
iterationCount = defaultIterationCount;
}
final PasswordFactory passwordFactory;
try {
passwordFactory = PasswordFactory.getInstance(algorithmName, providers);
} catch (NoSuchAlgorithmException e) {
throw log.couldNotObtainPasswordFactoryForAlgorithm(algorithmName, e);
}
PasswordSpec passwordSpec;
if (hash != null) {
if (salt != null) {
if (iterationCount > 0) {
passwordSpec = new IteratedSaltedHashPasswordSpec(hash, salt, iterationCount);
} else {
passwordSpec = new SaltedHashPasswordSpec(hash, salt);
}
} else {
if (iterationCount > 0) {
passwordSpec = new IteratedHashPasswordSpec(hash, iterationCount);
} else {
passwordSpec = new HashPasswordSpec(hash);
}
}
} else if (clear != null) {
passwordSpec = new ClearPasswordSpec(clear);
} else {
return null;
}
try {
Password password = passwordFactory.generatePassword(passwordSpec);
if (log.isTraceEnabled()) {
log.tracef("Key Mapper: Password credential created using algorithm column value [%s]", algorithmName);
}
return new PasswordCredential(password);
} catch (InvalidKeySpecException e) {
throw log.invalidPasswordKeySpecificationForAlgorithm(algorithmName, e);
}
}
Aggregations