Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.xwiki.crypto.passwd
Interface KeyDerivationFunction

All Superinterfaces:
Serializable
All Known Subinterfaces:
MemoryHardKeyDerivationFunction
@Role
public interface KeyDerivationFunction
extends Serializable

A key derivation function. Each function must produce the same hash from the same password repeatable but there is no guarantee that a new function of the same class will produce the same hash from the password. In order to make a password able to be validated, you must call getSerialized() and initialize the next function with that output. Each time a password is to be hashed, it should be done so with a new instance.

Since:
2.5M1
Version:
$Id: e8715bc3e7234dd422bdac27d39eb0952ed1225c $

Method Summary
 byte[] deriveKey(byte[] password)
          Convert the given password to a byte array similar to the output from a message digest except specially tuned for the unique requirements of protecting passwords.
 void init()
          Initialize with default values.
 void init(int millisecondsOfProcessorTimeToSpend, int derivedKeyLength)
          Initialize this function with the desired key length and processor cost.
 void init(Properties parameters)
          Initialize this function with the desired key length and processor cost as a Properties The properties which will be looked for are millisecondsOfProcessorTimeToSpend and derivedKeyLength.
 byte[] serialize()
          Store this function as a byte array so another function of the same class can be initialized with the same array and will then produce the same key for the given password.
 

Method Detail

init

void init()
Initialize with default values.

init

void init(Properties parameters)
Initialize this function with the desired key length and processor cost as a Properties The properties which will be looked for are millisecondsOfProcessorTimeToSpend and derivedKeyLength. Both will be parsed as Integers. If either or both are missing then default values will be used. If values are not integers or are invalid, an IllegalArgumentException will throw.

Parameters:
parameters - A properties expected to contain millisecondsOfProcessorTimeToSpend and derivedKeyLength which are both expected to parse as integers.

init

void init(int millisecondsOfProcessorTimeToSpend,
          int derivedKeyLength)
Initialize this function with the desired key length and processor cost.

Parameters:
millisecondsOfProcessorTimeToSpend - number of milliseconds to spend hashing the password. Based on this number and the power of the processor this is running on a number of iterations will be derived. This number will dictate how difficult hashing will be and also how difficult it will be to guess the password using cracking technology.
derivedKeyLength - the desired length of the hash output.

serialize

byte[] serialize()
                 throws IOException
Store this function as a byte array so another function of the same class can be initialized with the same array and will then produce the same key for the given password.

Returns:
a byte array which can be used to recreate the same function again using init.
Throws:
IOException - if something fails within the serialization framework.

deriveKey

byte[] deriveKey(byte[] password)
Convert the given password to a byte array similar to the output from a message digest except specially tuned for the unique requirements of protecting passwords.

Parameters:
password - the user supplied password.
Returns:
a byte array derived from the password.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2013 XWiki. All Rights Reserved.