View Javadoc
1   /*
2    *   Licensed to the Apache Software Foundation (ASF) under one
3    *   or more contributor license agreements.  See the NOTICE file
4    *   distributed with this work for additional information
5    *   regarding copyright ownership.  The ASF licenses this file
6    *   to you under the Apache License, Version 2.0 (the
7    *   "License"); you may not use this file except in compliance
8    *   with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *   Unless required by applicable law or agreed to in writing,
13   *   software distributed under the License is distributed on an
14   *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *   KIND, either express or implied.  See the License for the
16   *   specific language governing permissions and limitations
17   *   under the License.
18   *
19   */
20  
21  package org.apache.directory.api.ldap.model.password;
22  
23  
24  import org.apache.directory.api.ldap.model.constants.LdapSecurityConstants;
25  import org.apache.directory.api.util.Strings;
26  
27  
28  /**
29   * A class to store all informations about the existing
30   * password found in the cache or get from the backend.
31   *
32   * This is necessary as we have to compute :
33   * - the used algorithm
34   * - the salt if any
35   * - the password itself.
36   *
37   * If we have a on-way encrypted password, it is stored using this
38   * format :
39   * {<algorithm>}<encrypted password>
40   * where the encrypted password format can be :
41   * - MD5/SHA : base64(<password>)
42   * - SMD5/SSH/PKCS5S2 : base64(<salted-password-digest><salt (4 or 8 bytes)>)
43   * - crypt : <salt (2 btytes)><password>
44   *
45   * Algorithm are currently MD5, SMD5, SHA, SSHA, SHA2, SSHA-2 (except SHA-224), PKCS5S2, CRYPT and empty
46   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
47   */
48  public class EncryptionMethod
49  {
50      private byte[] salt;
51      private LdapSecurityConstants algorithm;
52  
53  
54      public EncryptionMethod( LdapSecurityConstants algorithm, byte[] salt )
55      {
56          this.algorithm = algorithm;
57          this.salt = salt;
58      }
59  
60  
61      public LdapSecurityConstants getAlgorithm()
62      {
63          return algorithm;
64      }
65  
66  
67      public byte[] getSalt()
68      {
69          return salt;
70      }
71  
72  
73      public void setSalt( byte[] salt )
74      {
75          // just to make this class immutable, though we have a setter
76          if ( this.salt != null )
77          {
78              throw new IllegalStateException( "salt will only be allowed to set once" );
79          }
80  
81          this.salt = salt;
82      }
83  
84  
85      @Override
86      public String toString()
87      {
88          return "EncryptionMethod [algorithm=" + algorithm.getName().toUpperCase() + ", salt="
89              + Strings.dumpBytes( salt ) + "]";
90      }
91  
92  }