org.keycloak.credential.hash.Pbkdf2PasswordHashProvider の継承関係図

org.keycloak.credential.hash.Pbkdf2PasswordHashProvider 連携図

公開メンバ関数
	Pbkdf2PasswordHashProvider (String providerId, String pbkdf2Algorithm, int defaultIterations)

	Pbkdf2PasswordHashProvider (String providerId, String pbkdf2Algorithm, int defaultIterations, int derivedKeySize)

boolean	policyCheck (PasswordPolicy policy, CredentialModel credential)

void	encode (String rawPassword, int iterations, CredentialModel credential)

String	encode (String rawPassword, int iterations)

boolean	verify (String rawPassword, CredentialModel credential)

void	close ()

静的公開変数類
static final int	DEFAULT_DERIVED_KEY_SIZE = 512

非公開メンバ関数
int	keySize (CredentialModel credential)

String	encode (String rawPassword, int iterations, byte[] salt, int derivedKeySize)

byte []	getSalt ()

SecretKeyFactory	getSecretKeyFactory ()

非公開変数類
final String	providerId

final String	pbkdf2Algorithm

final int	defaultIterations

final int	derivedKeySize

詳解

著者: Kunal Kerkar

構築子と解体子

◆ Pbkdf2PasswordHashProvider() [1/2]

org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.Pbkdf2PasswordHashProvider	(	String	providerId,
		String	pbkdf2Algorithm,
		int	defaultIterations
	)

inline

                                                                                                         {
         this(providerId, pbkdf2Algorithm, defaultIterations, DEFAULT_DERIVED_KEY_SIZE);
     }

◆ Pbkdf2PasswordHashProvider() [2/2]

org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.Pbkdf2PasswordHashProvider	(	String	providerId,
		String	pbkdf2Algorithm,
		int	defaultIterations,
		int	derivedKeySize
	)

inline

                                                                                                                             {
         this.providerId = providerId;
         this.pbkdf2Algorithm = pbkdf2Algorithm;
         this.defaultIterations = defaultIterations;
         this.derivedKeySize = derivedKeySize;
     }

関数詳解

◆ close()

void org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.close ( )

inline

org.keycloak.provider.Providerを実装しています。

107 {

108 }

◆ encode() [1/3]

void org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.encode	(	String	rawPassword,
		int	iterations,
		CredentialModel	credential
	)

inline

org.keycloak.credential.hash.PasswordHashProviderを実装しています。

                                                                                        {
         if (iterations == -1) {
             iterations = defaultIterations;
         }
 
         byte[] salt = getSalt();
         String encodedPassword = encode(rawPassword, iterations, salt, derivedKeySize);
 
         credential.setAlgorithm(providerId);
         credential.setType(UserCredentialModel.PASSWORD);
         credential.setSalt(salt);
         credential.setHashIterations(iterations);
         credential.setValue(encodedPassword);
     }

◆ encode() [2/3]

String org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.encode	(	String	rawPassword,
		int	iterations
	)

inline

org.keycloak.credential.hash.PasswordHashProviderを実装しています。

                                                              {
         if (iterations == -1) {
             iterations = defaultIterations;
         }
 
         byte[] salt = getSalt();
         return encode(rawPassword, iterations, salt, derivedKeySize);
     }

◆ encode() [3/3]

String org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.encode	(	String	rawPassword,
		int	iterations,
		byte []	salt,
		int	derivedKeySize
	)

inlineprivate

                                                                                                {
         KeySpec spec = new PBEKeySpec(rawPassword.toCharArray(), salt, iterations, derivedKeySize);
 
         try {
             byte[] key = getSecretKeyFactory().generateSecret(spec).getEncoded();
             return Base64.encodeBytes(key);
         } catch (InvalidKeySpecException e) {
             throw new RuntimeException("Credential could not be encoded", e);
         } catch (Exception e) {
             throw new RuntimeException(e);
         }
     }

◆ getSalt()

byte [] org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.getSalt ( )

inlineprivate

                              {
         byte[] buffer = new byte[16];
         SecureRandom secureRandom = new SecureRandom();
         secureRandom.nextBytes(buffer);
         return buffer;
     }

◆ getSecretKeyFactory()

SecretKeyFactory org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.getSecretKeyFactory ( )

inlineprivate

                                                    {
         try {
             return SecretKeyFactory.getInstance(pbkdf2Algorithm);
         } catch (NoSuchAlgorithmException e) {
             throw new RuntimeException("PBKDF2 algorithm not found", e);
         }
     }

◆ keySize()

int org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.keySize ( CredentialModel credential )

inlineprivate

                                                     {
         try {
             byte[] bytes = Base64.decode(credential.getValue());
             return bytes.length * 8;
         } catch (IOException e) {
             throw new RuntimeException("Credential could not be decoded", e);
         }
     }

◆ policyCheck()

boolean org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.policyCheck	(	PasswordPolicy	policy,
		CredentialModel	credential
	)

inline

org.keycloak.credential.hash.PasswordHashProviderを実装しています。

                                                                                   {
         int policyHashIterations = policy.getHashIterations();
         if (policyHashIterations == -1) {
             policyHashIterations = defaultIterations;
         }
 
         return credential.getHashIterations() == policyHashIterations
                 && providerId.equals(credential.getAlgorithm())
                 && derivedKeySize == keySize(credential);
     }

◆ verify()

boolean org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.verify	(	String	rawPassword,
		CredentialModel	credential
	)

inline

org.keycloak.credential.hash.PasswordHashProviderを実装しています。

                                                                           {
         return encode(rawPassword, credential.getHashIterations(), credential.getSalt(), keySize(credential)).equals(credential.getValue());
     }

メンバ詳解

◆ DEFAULT_DERIVED_KEY_SIZE

final int org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.DEFAULT_DERIVED_KEY_SIZE = 512

static

◆ defaultIterations

final int org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.defaultIterations

private

◆ derivedKeySize

final int org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.derivedKeySize

private

◆ pbkdf2Algorithm

final String org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.pbkdf2Algorithm

private

◆ providerId

final String org.keycloak.credential.hash.Pbkdf2PasswordHashProvider.providerId

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/src/keycloak/src/main/java/org/keycloak/credential/hash/Pbkdf2PasswordHashProvider.java

公開メンバ関数

静的公開変数類

非公開メンバ関数

非公開変数類

詳解

構築子と解体子

◆ Pbkdf2PasswordHashProvider() [1/2]

◆ Pbkdf2PasswordHashProvider() [2/2]

関数詳解

◆ close()

◆ encode() [1/3]

◆ encode() [2/3]

◆ encode() [3/3]

◆ getSalt()

◆ getSecretKeyFactory()

◆ keySize()

◆ policyCheck()

◆ verify()

メンバ詳解

◆ DEFAULT_DERIVED_KEY_SIZE

◆ defaultIterations

◆ derivedKeySize

◆ pbkdf2Algorithm

◆ providerId