Package org.jasypt.util.password.rfc2307
Class RFC2307SSHAPasswordEncryptor
- Object
-
- org.jasypt.util.password.rfc2307.RFC2307SSHAPasswordEncryptor
-
- All Implemented Interfaces:
PasswordEncryptor
public final class RFC2307SSHAPasswordEncryptor extends Object implements PasswordEncryptor
Utility class for easily performing password digesting and checking according to {SSHA}, a password encryption scheme defined in RFC2307 and commonly found in LDAP systems.
This class internally holds a
StandardStringDigester
configured this way:- Algorithm: SHA-1.
- Salt size: 8 bytes (configurable with
setSaltSizeBytes(int)
). - Iterations: 1 (no hash iteration).
- Prefix: {SSHA}.
- Invert position of salt in message before digesting: true.
- Invert position of plain salt in encryption results: true.
- Use lenient salt size check: true. .
This class is thread-safe
- Since:
- 1.7
- Author:
- Daniel Fernández
-
-
Constructor Summary
Constructors Constructor Description RFC2307SSHAPasswordEncryptor()
Creates a new instance of RFC2307OpenLDAPSSHAPasswordEncryptor
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
checkPassword(String plainPassword, String encryptedPassword)
Checks an unencrypted (plain) password against an encrypted one (a digest) to see if they match.String
encryptPassword(String password)
Encrypts (digests) a password.void
setSaltSizeBytes(int saltSizeBytes)
Sets the size (in bytes) of the salt to be used.void
setStringOutputType(String stringOutputType)
Sets the the form in which String output will be encoded.
-
-
-
Method Detail
-
setSaltSizeBytes
public void setSaltSizeBytes(int saltSizeBytes)
Sets the size (in bytes) of the salt to be used.
Default is 8.
- Parameters:
saltSizeBytes
- the salt size in bytes
-
setStringOutputType
public void setStringOutputType(String stringOutputType)
Sets the the form in which String output will be encoded. Available encoding types are:
- base64 (default)
- hexadecimal
- Parameters:
stringOutputType
- the string output type.
-
encryptPassword
public String encryptPassword(String password)
Encrypts (digests) a password.- Specified by:
encryptPassword
in interfacePasswordEncryptor
- Parameters:
password
- the password to be encrypted.- Returns:
- the resulting digest.
- See Also:
StandardStringDigester.digest(String)
-
checkPassword
public boolean checkPassword(String plainPassword, String encryptedPassword)
Checks an unencrypted (plain) password against an encrypted one (a digest) to see if they match.
This password encryptor expects encrypted passwords being matched to include the "{SSHA}" prefix, and will fail if not.
- Specified by:
checkPassword
in interfacePasswordEncryptor
- Parameters:
plainPassword
- the plain password to check.encryptedPassword
- the digest against which to check the password.- Returns:
- true if passwords match, false if not.
- See Also:
StandardStringDigester.matches(String, String)
-
-