1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 * 19 */ 20 21 package org.apache.directory.api.ldap.model.password; 22 23 24 import org.apache.directory.api.ldap.model.constants.LdapSecurityConstants; 25 import org.apache.directory.api.util.Strings; 26 27 28 /** 29 * A class to store all informations about the existing 30 * password found in the cache or get from the backend. 31 * 32 * This is necessary as we have to compute : 33 * - the used algorithm 34 * - the salt if any 35 * - the password itself. 36 * 37 * If we have a on-way encrypted password, it is stored using this 38 * format : 39 * {<algorithm>}<encrypted password> 40 * where the encrypted password format can be : 41 * - MD5/SHA : base64(<password>) 42 * - SMD5/SSH/PKCS5S2 : base64(<salted-password-digest><salt (4 or 8 bytes)>) 43 * - crypt : <salt (2 btytes)><password> 44 * 45 * Algorithm are currently MD5, SMD5, SHA, SSHA, SHA2, SSHA-2 (except SHA-224), PKCS5S2, CRYPT and empty 46 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 47 */ 48 public class EncryptionMethod 49 { 50 private byte[] salt; 51 private LdapSecurityConstants algorithm; 52 53 54 public EncryptionMethod( LdapSecurityConstants algorithm, byte[] salt ) 55 { 56 this.algorithm = algorithm; 57 this.salt = salt; 58 } 59 60 61 public LdapSecurityConstants getAlgorithm() 62 { 63 return algorithm; 64 } 65 66 67 public byte[] getSalt() 68 { 69 return salt; 70 } 71 72 73 public void setSalt( byte[] salt ) 74 { 75 // just to make this class immutable, though we have a setter 76 if ( this.salt != null ) 77 { 78 throw new IllegalStateException( "salt will only be allowed to set once" ); 79 } 80 81 this.salt = salt; 82 } 83 84 85 @Override 86 public String toString() 87 { 88 return "EncryptionMethod [algorithm=" + algorithm.getName().toUpperCase() + ", salt=" 89 + Strings.dumpBytes( salt ) + "]"; 90 } 91 92 }