How to use
compareCredentials
method
in
org.apache.directory.api.ldap.model.password.PasswordUtil

Best Java code snippets using org.apache.directory.api.ldap.model.password.PasswordUtil.compareCredentials (Showing top 5 results out of 315)

public boolean comparePasswords(byte[] received, byte[] stored) {
  return PasswordUtil.compareCredentials(received, stored);
}

if ( PasswordUtil.compareCredentials( credentials, storedPassword ) )

if (PasswordUtil.compareCredentials(pwd.getBytes(), entry.get("userpassword").getBytes())) {
  return true;
} else {

boolean equal = PasswordUtil.compareCredentials( oldPassword, bytes );

if (PasswordUtil.compareCredentials(pwd.getBytes(), entry.get("userpassword").getBytes())) {
  return true;
} else {

Javadoc

Compare the credentials. We have at least 6 algorithms to encrypt the password :

- SHA
- SSHA (salted SHA)
- SHA-2(256, 384 and 512 and their salted versions)
- MD5
- SMD5 (slated MD5)
- PKCS5S2 (PBKDF2)
- crypt (unix crypt)
- plain text, ie no encryption.

If we get an encrypted password, it is prefixed by the used algorithm, between brackets : {SSHA}password ...

If the password is using SSHA, SMD5 or crypt, some 'salt' is added to the password :

- length(password) - 20, starting at 21st position for SSHA
- length(password) - 16, starting at 16th position for SMD5
- length(password) - 2, starting at 3rd position for crypt

For (S)SHA, SHA-256 and (S)MD5, we have to transform the password from Base64 encoded text to a byte[] before comparing the password with the stored one.

For PKCS5S2 the salt is stored in the beginning of the password

For crypt, we only have to remove the salt.

At the end, we use the digest() method for (S)SHA and (S)MD5, the crypt() method for the CRYPT algorithm and a straight comparison for PLAIN TEXT passwords.

The stored password is always using the unsalted form, and is stored as a bytes array.

Popular methods of PasswordUtil

createStoragePassword
create a hashed password in a format that can be stored in the server. If the specified algorithm re
findAlgorithm
Get the algorithm from the stored password. It can be found on the beginning of the stored password,
compareBytes
Compare two byte[] in a constant time. This is necessary because using an Array.equals() is not Timi
digest
Compute the hashed password given an algorithm, the credentials and an optional salt.
encryptPassword
encrypts the given credentials based on the algorithm name and optional salt
generateCryptSalt
generatePbkdf2Hash
generates a hash based on the PKCS5S2 spec [http://en.wikipedia.org/wiki/PBKDF2] Note: this has bee
getCredentials
Compute the credentials
getCryptCredentials
getPbkdf2Credentials
Gets the credentials from a PKCS5S2 hash. The salt for PKCS5S2 hash is prepended to the password
merge
split

Popular in Java

Making http post requests using okhttp
setContentView (Activity)
scheduleAtFixedRate (ScheduledExecutorService)
onCreateOptionsMenu (Activity)
VirtualMachine (com.sun.tools.attach)
A Java virtual machine. A VirtualMachine represents a Java virtual machine to which this Java vir
InputStream (java.io)
A readable source of bytes.Most clients will use input streams that read data from the file system (
NumberFormat (java.text)
The abstract base class for all number formats. This class provides the interface for formatting and
BlockingQueue (java.util.concurrent)
A java.util.Queue that additionally supports operations that wait for the queue to become non-empty
Callable (java.util.concurrent)
A task that returns a result and may throw an exception. Implementors define a single method with no
JLabel (javax.swing)
Best IntelliJ plugins

How to use compareCredentialsmethodin org.apache.directory.api.ldap.model.password.PasswordUtil

Best Java code snippets using org.apache.directory.api.ldap.model.password.PasswordUtil.compareCredentials (Showing top 5 results out of 315)

How to use
compareCredentials
method
in
org.apache.directory.api.ldap.model.password.PasswordUtil