java.lang.Object

org.keycloak.credential.hash.Pbkdf2PasswordHashProvider

All Implemented Interfaces:: PasswordHashProvider, Provider

public class Pbkdf2PasswordHashProvider extends Object implements PasswordHashProvider

Implementation PBKDF2 password hash algorithm.

Author:: Kunal Kerkar

Field Summary

Fields

Modifier and Type

Field

Description

static final int

DEFAULT_DERIVED_KEY_SIZE
Constructor Summary

Constructors

Constructor

Description

Pbkdf2PasswordHashProvider(String providerId, String pbkdf2Algorithm, int defaultIterations, int minPbkdf2PasswordLengthForPadding)

Pbkdf2PasswordHashProvider(String providerId, String pbkdf2Algorithm, int defaultIterations, int maxPaddingLength, int derivedKeySize)
Method Summary

Modifier and Type

Method

Description

void

close()

String

encode(String rawPassword, int iterations)

Exists due the backwards compatibility.

PasswordCredentialModel

encodedCredential(String rawPassword, int iterations)

String

getPbkdf2Algorithm()

boolean

policyCheck(PasswordPolicy policy, PasswordCredentialModel credential)

boolean

verify(String rawPassword, PasswordCredentialModel credential)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.credential.hash.PasswordHashProvider
encode, policyCheck, verify

Field Details
- DEFAULT_DERIVED_KEY_SIZE
  
  public static final int DEFAULT_DERIVED_KEY_SIZE
  See Also:
  
  Constant Field Values
Constructor Details
- Pbkdf2PasswordHashProvider
  
  public Pbkdf2PasswordHashProvider(String providerId, String pbkdf2Algorithm, int defaultIterations, int minPbkdf2PasswordLengthForPadding)
- Pbkdf2PasswordHashProvider
  
  public Pbkdf2PasswordHashProvider(String providerId, String pbkdf2Algorithm, int defaultIterations, int maxPaddingLength, int derivedKeySize)
Method Details
- policyCheck
  
  public boolean policyCheck(PasswordPolicy policy, PasswordCredentialModel credential)
  
  Specified by:
  
  policyCheck in interface PasswordHashProvider
- encodedCredential
  
  public PasswordCredentialModel encodedCredential(String rawPassword, int iterations)
  
  Specified by:
  
  encodedCredential in interface PasswordHashProvider
- encode
  
  public String encode(String rawPassword, int iterations)
  
  Description copied from interface: PasswordHashProvider
  
  Exists due the backwards compatibility. It is recommended to use PasswordHashProvider.encodedCredential(String, int)
  
  Specified by:
  
  encode in interface PasswordHashProvider
- verify
  
  public boolean verify(String rawPassword, PasswordCredentialModel credential)
  
  Specified by:
  
  verify in interface PasswordHashProvider
- close
  
  public void close()
  
  Specified by:
  
  close in interface Provider
- getPbkdf2Algorithm
  
  public String getPbkdf2Algorithm()

Class Pbkdf2PasswordHashProvider

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.keycloak.credential.hash.PasswordHashProvider

Field Details

DEFAULT_DERIVED_KEY_SIZE

Constructor Details

Pbkdf2PasswordHashProvider

Pbkdf2PasswordHashProvider

Method Details

policyCheck

encodedCredential

encode

verify

close

getPbkdf2Algorithm