private byte[] generateOtpHash(final String algorithm, final String passPhrase, final String seed, final int newSequenceNumber) throws NoSuchAlgorithmException, InvalidKeySpecException { PasswordFactory otpFactory = PasswordFactory.getInstance(algorithm, providers); OneTimePasswordAlgorithmSpec otpSpec = new OneTimePasswordAlgorithmSpec(algorithm, seed, newSequenceNumber); EncryptablePasswordSpec passwordSpec = new EncryptablePasswordSpec(passPhrase.toCharArray(), otpSpec); OneTimePassword otPassword = (OneTimePassword) otpFactory.generatePassword(passwordSpec); return otPassword.getHash(); } }
Password password = passwordFactory.generatePassword(new OneTimePasswordSpec(hash, seed, sequenceNumber)); credentials.add(new PasswordCredential(password)); } catch (InvalidKeySpecException e) {
private void parsePassword(final List<Credential> credentials, final XMLStreamReader streamReader) throws XMLStreamException, RealmUnavailableException { parseCredential(streamReader, (algorithm, format, text) -> { try { if (BASE64_FORMAT.equals(format)) { if (algorithm == null) { throw ElytronMessages.log.fileSystemRealmMissingAttribute("algorithm", path, streamReader.getLocation().getLineNumber(), name); } byte[] passwordBytes = CodePointIterator.ofChars(text.toCharArray()).base64Decode().drain(); PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm); PasswordSpec passwordSpec = BasicPasswordSpecEncoding.decode(passwordBytes); if (passwordSpec != null) { credentials.add(new PasswordCredential(passwordFactory.generatePassword(passwordSpec))); } else { throw ElytronMessages.log.fileSystemRealmInvalidPasswordAlgorithm(algorithm, path, streamReader.getLocation().getLineNumber(), name); } } else if (MCF_FORMAT.equals(format)) { credentials.add(new PasswordCredential(ModularCrypt.decode(text))); } else { throw ElytronMessages.log.fileSystemRealmInvalidPasswordFormat(format, path, streamReader.getLocation().getLineNumber(), name); } } catch (InvalidKeySpecException | NoSuchAlgorithmException e) { throw ElytronMessages.log.fileSystemRealmInvalidContent(path, streamReader.getLocation().getLineNumber(), name); } }); }
Password password = passwordFactory.generatePassword(new OneTimePasswordSpec( CodePointIterator.ofString((String) hash) .base64Decode(Base64Alphabet.STANDARD, false).drain(),
private void updateCredential(final String newAlgorithm, final OneTimePasswordSpec newPasswordSpec) throws SaslException { try { final PasswordFactory passwordFactory = PasswordFactory.getInstance(newAlgorithm, providers); final OneTimePassword newPassword = (OneTimePassword) passwordFactory.generatePassword(newPasswordSpec); final CredentialUpdateCallback credentialUpdateCallback = new CredentialUpdateCallback(new PasswordCredential(newPassword)); handleCallbacks(exclusiveNameCallback, credentialUpdateCallback); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw saslOTP.mechUnableToUpdatePassword(userName).toSaslException(); } }
final ClearPasswordSpec spec = clearFactory.getKeySpec(clearFactory.translate(twoWayPassword), ClearPasswordSpec.class); if (matchParameters != null) { return passwordType.cast(passwordFactory.generatePassword(new EncryptablePasswordSpec(spec.getEncodedPassword(), generateParameters))); } else { return passwordType.cast(passwordFactory.generatePassword(spec)); if (password != null) { if (matchParameters != null) { return passwordType.cast(passwordFactory.generatePassword(new EncryptablePasswordSpec(password, generateParameters))); } else { return passwordType.cast(passwordFactory.generatePassword(new ClearPasswordSpec(password)));
return credentialType.cast(new PasswordCredential(passwordFactory.generatePassword(passwordSpec))); } catch (InvalidKeySpecException e) { throw new IllegalStateException(e);
accountEntry.getName()); actualPassword = passwordFactory.generatePassword(passwordSpec);
final Password password = passwordFactory.generatePassword(passwordSpec); return credentialType.cast(new PasswordCredential(password)); } catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
Password password = passwordFactory.generatePassword(passwordSpec); if (log.isTraceEnabled()) { log.tracef("Key Mapper: Password credential created using algorithm column value [%s]", algorithmName);
try { PasswordFactory factory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, providers); return Assert.assertNotNull(factory.generatePassword(new ClearPasswordSpec(finalPassword)).castAs(ClearPassword.class)); } catch (InvalidKeySpecException | NoSuchAlgorithmException cause) { throw xmlLog.xmlFailedToCreateCredential(location, cause);
@Override public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException { if (user == null || evidence instanceof PasswordGuessEvidence == false) { return false; } final char[] guess = ((PasswordGuessEvidence) evidence).getGuess(); String password = user.require(PASSWORD).asString(); final PasswordFactory passwordFactory = getPasswordFactory(ALGORITHM_CLEAR); final PasswordSpec passwordSpec = new ClearPasswordSpec(password.toCharArray()); final Password actualPassword; try { actualPassword = passwordFactory.generatePassword(passwordSpec); return passwordFactory.verify(actualPassword, guess); } catch (InvalidKeySpecException | InvalidKeyException | IllegalStateException e) { throw new IllegalStateException(e); } }
@Override public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException { if (user == null || evidence instanceof PasswordGuessEvidence == false) { return false; } final char[] guess = ((PasswordGuessEvidence) evidence).getGuess(); String password = user.require(PASSWORD).asString(); final PasswordFactory passwordFactory = getPasswordFactory(ALGORITHM_CLEAR); final PasswordSpec passwordSpec = new ClearPasswordSpec(password.toCharArray()); final Password actualPassword; try { actualPassword = passwordFactory.generatePassword(passwordSpec); return passwordFactory.verify(actualPassword, guess); } catch (InvalidKeySpecException | InvalidKeyException | IllegalStateException e) { throw new IllegalStateException(e); } }
private byte[] generateOtpHash(final String algorithm, final String passPhrase, final String seed, final int newSequenceNumber) throws NoSuchAlgorithmException, InvalidKeySpecException { PasswordFactory otpFactory = PasswordFactory.getInstance(algorithm, providers); OneTimePasswordAlgorithmSpec otpSpec = new OneTimePasswordAlgorithmSpec(algorithm, seed, newSequenceNumber); EncryptablePasswordSpec passwordSpec = new EncryptablePasswordSpec(passPhrase.toCharArray(), otpSpec); OneTimePassword otPassword = (OneTimePassword) otpFactory.generatePassword(passwordSpec); return otPassword.getHash(); } }
private byte[] generateOtpHash(final String algorithm, final String passPhrase, final String seed, final int newSequenceNumber) throws NoSuchAlgorithmException, InvalidKeySpecException { PasswordFactory otpFactory = PasswordFactory.getInstance(algorithm, providers); OneTimePasswordAlgorithmSpec otpSpec = new OneTimePasswordAlgorithmSpec(algorithm, seed, newSequenceNumber); EncryptablePasswordSpec passwordSpec = new EncryptablePasswordSpec(passPhrase.toCharArray(), otpSpec); OneTimePassword otPassword = (OneTimePassword) otpFactory.generatePassword(passwordSpec); return otPassword.getHash(); } }
private byte[] generateOtpHash(final String algorithm, final String passPhrase, final String seed, final int newSequenceNumber) throws NoSuchAlgorithmException, InvalidKeySpecException { PasswordFactory otpFactory = PasswordFactory.getInstance(algorithm, providers); OneTimePasswordAlgorithmSpec otpSpec = new OneTimePasswordAlgorithmSpec(algorithm, seed, newSequenceNumber); EncryptablePasswordSpec passwordSpec = new EncryptablePasswordSpec(passPhrase.toCharArray(), otpSpec); OneTimePassword otPassword = (OneTimePassword) otpFactory.generatePassword(passwordSpec); return otPassword.getHash(); } }
/** * Convert {@code char[]} password to {@code PasswordCredential} * @param password to convert * @return new {@code PasswordCredential} * @throws UnsupportedCredentialTypeException should never happen as we have only supported types and algorithms */ private static PasswordCredential createCredentialFromPassword(char[] password) throws UnsupportedCredentialTypeException { try { PasswordFactory passwordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR); return new PasswordCredential(passwordFactory.generatePassword(new ClearPasswordSpec(password))); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw new UnsupportedCredentialTypeException(e); } }
private void updateCredential(final String newAlgorithm, final OneTimePasswordSpec newPasswordSpec) throws SaslException { try { final PasswordFactory passwordFactory = PasswordFactory.getInstance(newAlgorithm, providers); final OneTimePassword newPassword = (OneTimePassword) passwordFactory.generatePassword(newPasswordSpec); final CredentialUpdateCallback credentialUpdateCallback = new CredentialUpdateCallback(new PasswordCredential(newPassword)); handleCallbacks(exclusiveNameCallback, credentialUpdateCallback); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw saslOTP.mechUnableToUpdatePassword(userName).toSaslException(); } }
private void updateCredential(final String newAlgorithm, final OneTimePasswordSpec newPasswordSpec) throws SaslException { try { final PasswordFactory passwordFactory = PasswordFactory.getInstance(newAlgorithm, providers); final OneTimePassword newPassword = (OneTimePassword) passwordFactory.generatePassword(newPasswordSpec); final CredentialUpdateCallback credentialUpdateCallback = new CredentialUpdateCallback(new PasswordCredential(newPassword)); handleCallbacks(exclusiveNameCallback, credentialUpdateCallback); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw saslOTP.mechUnableToUpdatePassword(userName).toSaslException(); } }
private void updateCredential(final String newAlgorithm, final OneTimePasswordSpec newPasswordSpec) throws SaslException { try { final PasswordFactory passwordFactory = PasswordFactory.getInstance(newAlgorithm, providers); final OneTimePassword newPassword = (OneTimePassword) passwordFactory.generatePassword(newPasswordSpec); final CredentialUpdateCallback credentialUpdateCallback = new CredentialUpdateCallback(new PasswordCredential(newPassword)); handleCallbacks(exclusiveNameCallback, credentialUpdateCallback); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw saslOTP.mechUnableToUpdatePassword(userName).toSaslException(); } }