How to use

org.wildfly.security.password.spec.ClearPasswordSpec

constructor

  private static PasswordSpec decodeClearPasswordSpec(ByteIterator iterator) {
    return new ClearPasswordSpec(iterator.asUtf8String().drainToString().toCharArray());
  }
}

<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException {
  if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) {
    final char[] password = getPassword();
    return keySpecType.cast(new ClearPasswordSpec(password.clone()));
  }
  throw new InvalidKeySpecException();
}

<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException {
  if (keySpecType.isAssignableFrom(MaskedPasswordSpec.class)) {
    return keySpecType.cast(new MaskedPasswordSpec(initialKeyMaterial.clone(), iterationCount, salt.clone(), maskedPasswordBytes.clone()));
  } else if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) {
    return keySpecType.cast(new ClearPasswordSpec(unmask(algorithm, initialKeyMaterial, iterationCount, salt, maskedPasswordBytes)));
  } else {
    throw new InvalidKeySpecException();
  }
}

  passwordSpec = new ClearPasswordSpec(accountEntry.getPasswordRepresentation().toCharArray());
} else {
  passwordFactory = getPasswordFactory(ALGORITHM_DIGEST_MD5);

if (plainText) {
  passwordFactory = getPasswordFactory(ALGORITHM_CLEAR);
  passwordSpec = new ClearPasswordSpec(accountEntry.getPasswordRepresentation().toCharArray());
} else {
  passwordFactory = getPasswordFactory(ALGORITHM_DIGEST_MD5);

passwordSpec = new ClearPasswordSpec(decoder.decodeOctetStringAsString().toCharArray());
break;

  passwordSpec = new ClearPasswordSpec(clear);
} else {
  return null;

try {
  PasswordFactory factory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, providers);
  return Assert.assertNotNull(factory.generatePassword(new ClearPasswordSpec(finalPassword)).castAs(ClearPassword.class));
} catch (InvalidKeySpecException | NoSuchAlgorithmException cause) {
  throw xmlLog.xmlFailedToCreateCredential(location, cause);

  return passwordType.cast(passwordFactory.generatePassword(new EncryptablePasswordSpec(password, generateParameters)));
} else {
  return passwordType.cast(passwordFactory.generatePassword(new ClearPasswordSpec(password)));

  private static PasswordSpec decodeClearPasswordSpec(ByteIterator iterator) {
    return new ClearPasswordSpec(iterator.asUtf8String().drainToString().toCharArray());
  }
}

  private static PasswordSpec decodeClearPasswordSpec(ByteIterator iterator) {
    return new ClearPasswordSpec(iterator.asUtf8String().drainToString().toCharArray());
  }
}

  private static PasswordSpec decodeClearPasswordSpec(ByteIterator iterator) {
    return new ClearPasswordSpec(iterator.asUtf8String().drainToString().toCharArray());
  }
}

<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException {
  if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) {
    final char[] password = getPassword();
    return keySpecType.cast(new ClearPasswordSpec(password.clone()));
  }
  throw new InvalidKeySpecException();
}

<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException {
  if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) {
    final char[] password = getPassword();
    return keySpecType.cast(new ClearPasswordSpec(password.clone()));
  }
  throw new InvalidKeySpecException();
}

<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException {
  if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) {
    final char[] password = getPassword();
    return keySpecType.cast(new ClearPasswordSpec(password.clone()));
  }
  throw new InvalidKeySpecException();
}

/**
 * Convert {@code char[]} password to {@code PasswordCredential}
 * @param password to convert
 * @return new {@code PasswordCredential}
 * @throws UnsupportedCredentialTypeException should never happen as we have only supported types and algorithms
 */
private static PasswordCredential createCredentialFromPassword(char[] password) throws UnsupportedCredentialTypeException {
  try {
    PasswordFactory passwordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR);
    return new PasswordCredential(passwordFactory.generatePassword(new ClearPasswordSpec(password)));
  } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
    throw new UnsupportedCredentialTypeException(e);
  }
}

<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException {
  if (keySpecType.isAssignableFrom(MaskedPasswordSpec.class)) {
    return keySpecType.cast(new MaskedPasswordSpec(initialKeyMaterial.clone(), iterationCount, salt.clone(), maskedPasswordBytes.clone()));
  } else if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) {
    return keySpecType.cast(new ClearPasswordSpec(unmask(algorithm, initialKeyMaterial, iterationCount, salt, maskedPasswordBytes)));
  } else {
    throw new InvalidKeySpecException();
  }
}

@Override
public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
  if (user == null || evidence instanceof PasswordGuessEvidence == false) {
    return false;
  }
  final char[] guess = ((PasswordGuessEvidence) evidence).getGuess();
  String password = user.require(PASSWORD).asString();
  final PasswordFactory passwordFactory = getPasswordFactory(ALGORITHM_CLEAR);
  final PasswordSpec passwordSpec = new ClearPasswordSpec(password.toCharArray());
  final Password actualPassword;
  try {
    actualPassword = passwordFactory.generatePassword(passwordSpec);
    return passwordFactory.verify(actualPassword, guess);
  } catch (InvalidKeySpecException | InvalidKeyException | IllegalStateException e) {
    throw new IllegalStateException(e);
  }
}

<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException {
  if (keySpecType.isAssignableFrom(MaskedPasswordSpec.class)) {
    return keySpecType.cast(new MaskedPasswordSpec(initialKeyMaterial.clone(), iterationCount, salt.clone(), maskedPasswordBytes.clone()));
  } else if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) {
    return keySpecType.cast(new ClearPasswordSpec(unmask(algorithm, initialKeyMaterial, iterationCount, salt, maskedPasswordBytes)));
  } else {
    throw new InvalidKeySpecException();
  }
}

<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException {
  if (keySpecType.isAssignableFrom(MaskedPasswordSpec.class)) {
    return keySpecType.cast(new MaskedPasswordSpec(initialKeyMaterial.clone(), iterationCount, salt.clone(), maskedPasswordBytes.clone()));
  } else if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) {
    return keySpecType.cast(new ClearPasswordSpec(unmask(algorithm, initialKeyMaterial, iterationCount, salt, maskedPasswordBytes)));
  } else {
    throw new InvalidKeySpecException();
  }
}