Package org.eclipse.hono.auth
Class MessageDigestPasswordEncoder
- java.lang.Object
-
- org.eclipse.hono.auth.MessageDigestPasswordEncoder
-
- All Implemented Interfaces:
org.springframework.security.crypto.password.PasswordEncoder
public class MessageDigestPasswordEncoder extends Object implements org.springframework.security.crypto.password.PasswordEncoder
A Hono specificPasswordEncoder
that uses aMessageDigest
to encode passwords.Passwords will be hashed using a random salt of 8 bytes.
-
-
Constructor Summary
Constructors Constructor Description MessageDigestPasswordEncoder(String hashFunction)
Creates message digest password encoder with specified hash function.MessageDigestPasswordEncoder(String hashFunction, SecureRandom rng)
Creates message digest password encoder with specified hash function.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description String
encode(CharSequence rawPassword)
Creates a hash for a clear text password.boolean
matches(CharSequence rawPassword, String encodedPassword)
Verifies that a clear text password matches a given encoded password hash.
-
-
-
Constructor Detail
-
MessageDigestPasswordEncoder
public MessageDigestPasswordEncoder(String hashFunction)
Creates message digest password encoder with specified hash function.This constructor invokes
MessageDigestPasswordEncoder(String, SecureRandom)
with a newly createdSecureRandom
.- Parameters:
hashFunction
- The hash function to use.- Throws:
IllegalArgumentException
- if the JVM does not support the hash function.
-
MessageDigestPasswordEncoder
public MessageDigestPasswordEncoder(String hashFunction, SecureRandom rng)
Creates message digest password encoder with specified hash function.- Parameters:
hashFunction
- - hash function to be usedrng
- The random number generator to use for creating salt.- Throws:
IllegalArgumentException
- if hash function is not validNullPointerException
- if any of the parameters arenull
-
-
Method Detail
-
encode
public String encode(CharSequence rawPassword)
Creates a hash for a clear text password.- Specified by:
encode
in interfaceorg.springframework.security.crypto.password.PasswordEncoder
- Parameters:
rawPassword
- The password to hash. A randomly generated salt will be used for hashing the password.- Returns:
- The encoded password hash. The value will be of the form
"{" Base64(salt) "}" passwordHash
Where passwordHash is the Base64 encoding of the bytes resulting from applying the hash function to the byte array consisting of the salt bytes and the UTF-8 encoding of the clear text password.
-
matches
public boolean matches(CharSequence rawPassword, String encodedPassword)
Verifies that a clear text password matches a given encoded password hash.The password hash is expected to be of the form
"{" Base64(salt) "}" passwordHash
Where passwordHash is the Base64 encoding of the bytes resulting from applying the hash function to the byte array consisting of the salt bytes and the UTF-8 encoding of the clear text password.- Specified by:
matches
in interfaceorg.springframework.security.crypto.password.PasswordEncoder
- Parameters:
rawPassword
- Password to verify in plain textencodedPassword
- Encoded password on the record in {Base64(salt)}passwordHash format- Returns:
true
if encoded password hash matches the one on record,false
otherwise- Throws:
IllegalArgumentException
- if the encodedPassword does not contain valid Base64 schema.
-
-