Search in sources :

Example 1 with IteratedHashPasswordSpec

use of org.wildfly.security.password.spec.IteratedHashPasswordSpec in project wildfly-elytron by wildfly-security.

the class PasswordKeyMapper method map.

@Override
public Credential map(ResultSet resultSet, Supplier<Provider[]> providers) throws SQLException {
    byte[] hash = null;
    char[] clear = null;
    byte[] salt = null;
    int iterationCount;
    String algorithmName = getDefaultAlgorithm();
    final ResultSetMetaData metaData = resultSet.getMetaData();
    if (algorithmColumn > 0) {
        algorithmName = resultSet.getString(algorithmColumn);
        if (algorithmName == null) {
            algorithmName = getDefaultAlgorithm();
        }
    }
    if (ClearPassword.ALGORITHM_CLEAR.equals(algorithmName)) {
        final String s = getStringColumn(metaData, resultSet, hashColumn);
        if (s != null) {
            clear = s.toCharArray();
        } else {
            hash = getBinaryColumn(metaData, resultSet, hashColumn, hashEncoding);
        }
    } else {
        if (saltColumn == -1 && iterationCountColumn == -1) {
            // try modular crypt
            final String s = getStringColumn(metaData, resultSet, hashColumn);
            if (s != null) {
                final char[] chars = s.toCharArray();
                final String identified = ModularCrypt.identifyAlgorithm(chars);
                if (identified != null) {
                    try {
                        Password modularCryptPassword = ModularCrypt.decode(chars);
                        if (log.isTraceEnabled()) {
                            log.tracef("Key Mapper: Password credential created using Modular Crypt algorithm [%s]", identified);
                        }
                        return new PasswordCredential(modularCryptPassword);
                    } catch (InvalidKeySpecException e) {
                        log.tracef(e, "Key Mapper: Unable to identify Modular Crypt algorithm [%s]", identified);
                    }
                }
            }
        }
        hash = getBinaryColumn(metaData, resultSet, hashColumn, hashEncoding);
    }
    if (saltColumn > 0) {
        salt = getBinaryColumn(metaData, resultSet, saltColumn, saltEncoding);
    }
    if (iterationCountColumn > 0) {
        iterationCount = resultSet.getInt(iterationCountColumn);
    } else {
        iterationCount = defaultIterationCount;
    }
    final PasswordFactory passwordFactory;
    try {
        passwordFactory = PasswordFactory.getInstance(algorithmName, providers);
    } catch (NoSuchAlgorithmException e) {
        throw log.couldNotObtainPasswordFactoryForAlgorithm(algorithmName, e);
    }
    PasswordSpec passwordSpec;
    if (hash != null) {
        if (salt != null) {
            if (iterationCount > 0) {
                passwordSpec = new IteratedSaltedHashPasswordSpec(hash, salt, iterationCount);
            } else {
                passwordSpec = new SaltedHashPasswordSpec(hash, salt);
            }
        } else {
            if (iterationCount > 0) {
                passwordSpec = new IteratedHashPasswordSpec(hash, iterationCount);
            } else {
                passwordSpec = new HashPasswordSpec(hash);
            }
        }
    } else if (clear != null) {
        passwordSpec = new ClearPasswordSpec(clear);
    } else {
        return null;
    }
    try {
        Password password = passwordFactory.generatePassword(passwordSpec);
        if (log.isTraceEnabled()) {
            log.tracef("Key Mapper: Password credential created using algorithm column value [%s]", algorithmName);
        }
        return new PasswordCredential(password);
    } catch (InvalidKeySpecException e) {
        throw log.invalidPasswordKeySpecificationForAlgorithm(algorithmName, e);
    }
}
Also used : IteratedSaltedHashPasswordSpec(org.wildfly.security.password.spec.IteratedSaltedHashPasswordSpec) ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec) IteratedHashPasswordSpec(org.wildfly.security.password.spec.IteratedHashPasswordSpec) PasswordSpec(org.wildfly.security.password.spec.PasswordSpec) HashPasswordSpec(org.wildfly.security.password.spec.HashPasswordSpec) SaltedHashPasswordSpec(org.wildfly.security.password.spec.SaltedHashPasswordSpec) PasswordCredential(org.wildfly.security.credential.PasswordCredential) IteratedSaltedHashPasswordSpec(org.wildfly.security.password.spec.IteratedSaltedHashPasswordSpec) SaltedHashPasswordSpec(org.wildfly.security.password.spec.SaltedHashPasswordSpec) ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IteratedSaltedHashPasswordSpec(org.wildfly.security.password.spec.IteratedSaltedHashPasswordSpec) ResultSetMetaData(java.sql.ResultSetMetaData) PasswordFactory(org.wildfly.security.password.PasswordFactory) IteratedHashPasswordSpec(org.wildfly.security.password.spec.IteratedHashPasswordSpec) IteratedSaltedHashPasswordSpec(org.wildfly.security.password.spec.IteratedSaltedHashPasswordSpec) IteratedHashPasswordSpec(org.wildfly.security.password.spec.IteratedHashPasswordSpec) HashPasswordSpec(org.wildfly.security.password.spec.HashPasswordSpec) SaltedHashPasswordSpec(org.wildfly.security.password.spec.SaltedHashPasswordSpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) Password(org.wildfly.security.password.Password) ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)

Aggregations

NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1 ResultSetMetaData (java.sql.ResultSetMetaData)1 PasswordCredential (org.wildfly.security.credential.PasswordCredential)1 Password (org.wildfly.security.password.Password)1 PasswordFactory (org.wildfly.security.password.PasswordFactory)1 ClearPassword (org.wildfly.security.password.interfaces.ClearPassword)1 ClearPasswordSpec (org.wildfly.security.password.spec.ClearPasswordSpec)1 HashPasswordSpec (org.wildfly.security.password.spec.HashPasswordSpec)1 IteratedHashPasswordSpec (org.wildfly.security.password.spec.IteratedHashPasswordSpec)1 IteratedSaltedHashPasswordSpec (org.wildfly.security.password.spec.IteratedSaltedHashPasswordSpec)1 PasswordSpec (org.wildfly.security.password.spec.PasswordSpec)1 SaltedHashPasswordSpec (org.wildfly.security.password.spec.SaltedHashPasswordSpec)1