Class RFC2307SMD5PasswordEncryptor

java.lang.Object
org.jasypt.util.password.rfc2307.RFC2307SMD5PasswordEncryptor
All Implemented Interfaces:
PasswordEncryptor

public final class RFC2307SMD5PasswordEncryptor extends Object implements PasswordEncryptor

Utility class for easily performing password digesting and checking according to {SMD5}, a password encryption scheme defined in RFC2307 and commonly found in LDAP systems.

This class internally holds a StandardStringDigester configured this way:

  • Algorithm: MD5.
  • Salt size: 8 bytes (configurable with setSaltSizeBytes(int)).
  • Iterations: 1 (no hash iteration).
  • Prefix: {SMD5}.
  • Invert position of salt in message before digesting: true.
  • Invert position of plain salt in encryption results: true.
  • Use lenient salt size check: true.
  • .

This class is thread-safe

Since:
1.7
  • Field Details

  • Constructor Details

    • RFC2307SMD5PasswordEncryptor

      public RFC2307SMD5PasswordEncryptor()
      Creates a new instance of RFC2307OpenLDAPSSHAPasswordEncryptor
  • Method Details

    • setSaltSizeBytes

      public void setSaltSizeBytes(int saltSizeBytes)

      Sets the size (in bytes) of the salt to be used.

      Default is 8.

      Parameters:
      saltSizeBytes - the salt size in bytes
    • setStringOutputType

      public void setStringOutputType(String stringOutputType)

      Sets the the form in which String output will be encoded. Available encoding types are:

      • base64 (default)
      • hexadecimal
      Parameters:
      stringOutputType - the string output type.
    • encryptPassword

      public String encryptPassword(String password)
      Encrypts (digests) a password.
      Specified by:
      encryptPassword in interface PasswordEncryptor
      Parameters:
      password - the password to be encrypted.
      Returns:
      the resulting digest.
      See Also:
    • checkPassword

      public boolean checkPassword(String plainPassword, String encryptedPassword)

      Checks an unencrypted (plain) password against an encrypted one (a digest) to see if they match.

      This password encryptor expects encrypted passwords being matched to include the "{SMD5}" prefix, and will fail if not.

      Specified by:
      checkPassword in interface PasswordEncryptor
      Parameters:
      plainPassword - the plain password to check.
      encryptedPassword - the digest against which to check the password.
      Returns:
      true if passwords match, false if not.
      See Also: