| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!-- NewPage --> |
| <html lang="en"> |
| <head> |
| <title>Pbkdf2PasswordHash</title> |
| <link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style"> |
| <script type="text/javascript" src="../../../../script.js"></script> |
| |
| <link rel="shortcut icon" href="/img/jakarta-favicon.ico"> |
| </head> |
| <body> |
| <script type="text/javascript"><!-- |
| try { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="Pbkdf2PasswordHash"; |
| } |
| } |
| catch(err) { |
| } |
| //--> |
| </script> |
| <noscript> |
| <div>JavaScript is disabled on your browser.</div> |
| </noscript> |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <div class="topNav"><a name="navbar.top"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.top.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li><a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html" title="interface in javax.security.enterprise.identitystore"><span class="typeNameLink">Prev Class</span></a></li> |
| <li><a href="../../../../javax/security/enterprise/identitystore/RememberMeIdentityStore.html" title="interface in javax.security.enterprise.identitystore"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../index.html?javax/security/enterprise/identitystore/Pbkdf2PasswordHash.html" target="_top">Frames</a></li> |
| <li><a href="Pbkdf2PasswordHash.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_top"> |
| <li><a href="../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_top"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li>Method</li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li>Method</li> |
| </ul> |
| </div> |
| <a name="skip.navbar.top"> |
| <!-- --> |
| </a></div> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <div class="header"> |
| <div class="subTitle">javax.security.enterprise.identitystore</div> |
| <h2 title="Interface Pbkdf2PasswordHash" class="title">Interface Pbkdf2PasswordHash</h2> |
| </div> |
| <div class="contentContainer"> |
| <div class="description"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <dl> |
| <dt>All Superinterfaces:</dt> |
| <dd><a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html" title="interface in javax.security.enterprise.identitystore">PasswordHash</a></dd> |
| </dl> |
| <hr> |
| <br> |
| <pre>public interface <span class="typeNameLabel">Pbkdf2PasswordHash</span> |
| extends <a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html" title="interface in javax.security.enterprise.identitystore">PasswordHash</a></pre> |
| <div class="block">This interface represents the built-in <code>Pbkdf2PasswordHash</code> implementation. |
| <p> |
| To use <code>Pbkdf2PasswordHash</code> with the built-in Database <a href="../../../../javax/security/enterprise/identitystore/IdentityStore.html" title="interface in javax.security.enterprise.identitystore"><code>IdentityStore</code></a>, |
| configure this interface type as the <code>hashAlgorithm</code> value |
| on the <a href="../../../../javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.html" title="annotation in javax.security.enterprise.identitystore"><code>DatabaseIdentityStoreDefinition</code></a> annotation. |
| <p> |
| To configure parameters for <code>Pbkdf2PasswordHash</code>, specify them as the |
| <code>hashAlgorithmParameters</code> value on the <a href="../../../../javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.html" title="annotation in javax.security.enterprise.identitystore"><code>DatabaseIdentityStoreDefinition</code></a> annotation. |
| <p> |
| The built-in implementation must support the following configurable parameters: |
| <blockquote><pre> |
| Pbkdf2PasswordHash.Algorithm // default "PBKDF2WithHmacSHA256" |
| Pbkdf2PasswordHash.Iterations // default 2048, minimum 1024 |
| Pbkdf2PasswordHash.SaltSizeBytes // default 32, minimum 16 |
| Pbkdf2PasswordHash.KeySizeBytes // default 32, minimum 16 |
| </pre></blockquote> |
| <p> |
| And the following PBKDF2 algorithms: |
| <blockquote><pre> |
| PBKDF2WithHmacSHA224 |
| PBKDF2WithHmacSHA256 |
| PBKDF2WithHmacSHA384 |
| PBKDF2WithHmacSHA512 |
| </pre></blockquote> |
| Algorithm names are the string literal names documented for the corresponding algorithms by the |
| <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html" target="_top"> |
| Java Cryptography Architecture Standard Algorithm Name Documentation</a>. |
| <p> |
| The encoded format produced by <a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html#generate-char:A-"><code>PasswordHash.generate(char[])</code></a>, and consumed by <a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html#verify-char:A-java.lang.String-"><code>PasswordHash.verify(char[], String)</code></a>, |
| is as follows: |
| <blockquote><pre> |
| <code> <algorithm>:<iterations>:<base64(salt)>:<base64(hash)></code> |
| </pre></blockquote> |
| Where: |
| <ul> |
| <li><i>algorithm</i> -- the algorithm used to generate the hash |
| <li><i>iterations</i> -- the number of iterations used to generate the hash |
| <li><i>base64(salt)</i> -- the salt used to generate the hash, base64-encoded |
| <li><i>base64(hash)</i> -- the hash value, base64-encoded |
| </ul> |
| <p> |
| Because the algorithm and the parameters used to generate the hash are stored with the hash, |
| the built-in <code>Pbkdf2PasswordHash</code> implementation can verify hashes generated using algorithm |
| and parameter values that differ from the currently configured values. This means the configuration |
| parameters can be changed without impacting the ability to verify existing password hashes. |
| <p> |
| (Password hashes generated using algorithms/parameters outside the range supported by |
| <code>Pbkdf2PasswordHash</code> cannot be verified.)</div> |
| <dl> |
| <dt><span class="seeLabel">See Also:</span></dt> |
| <dd><a href="../../../../javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.html#hashAlgorithm--"><code>DatabaseIdentityStoreDefinition.hashAlgorithm()</code></a>, |
| <a href="../../../../javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.html#hashAlgorithmParameters--"><code>DatabaseIdentityStoreDefinition.hashAlgorithmParameters()</code></a></dd> |
| </dl> |
| </li> |
| </ul> |
| </div> |
| <div class="summary"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ========== METHOD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.summary"> |
| <!-- --> |
| </a> |
| <h3>Method Summary</h3> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.javax.security.enterprise.identitystore.PasswordHash"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from interface javax.security.enterprise.identitystore.<a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html" title="interface in javax.security.enterprise.identitystore">PasswordHash</a></h3> |
| <code><a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html#generate-char:A-">generate</a>, <a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html#initialize-java.util.Map-">initialize</a>, <a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html#verify-char:A-java.lang.String-">verify</a></code></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <div class="bottomNav"><a name="navbar.bottom"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.bottom.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li><a href="../../../../javax/security/enterprise/identitystore/PasswordHash.html" title="interface in javax.security.enterprise.identitystore"><span class="typeNameLink">Prev Class</span></a></li> |
| <li><a href="../../../../javax/security/enterprise/identitystore/RememberMeIdentityStore.html" title="interface in javax.security.enterprise.identitystore"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../index.html?javax/security/enterprise/identitystore/Pbkdf2PasswordHash.html" target="_top">Frames</a></li> |
| <li><a href="Pbkdf2PasswordHash.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_bottom"> |
| <li><a href="../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_bottom"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li>Method</li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li>Method</li> |
| </ul> |
| </div> |
| <a name="skip.navbar.bottom"> |
| <!-- --> |
| </a></div> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| </body> |
| </html> |