public class RouterPasswordManager extends PasswordManager
Manages both plaintext and salted/hashed password storage in router configuration. Provides migration utilities for transitioning from legacy plaintext passwords to modern hashed authentication.
Supports multiple authentication realms including i2cp, routerconsole, and keystore-based authentication. Includes validation, migration, and obfuscation utilities for secure password handling.
Handles password migration between different storage formats while maintaining backward compatibility and security best practices. Includes comprehensive logging and error handling for authentication operations.
| Modifier and Type | Field and Description |
|---|---|
protected RouterContext |
_context |
PROP_B64, PROP_CRYPT, PROP_MD5, PROP_PW, PROP_SHASH, SALT_LENGTH, SHASH_LENGTH| Constructor and Description |
|---|
RouterPasswordManager(RouterContext ctx)
// migrate these to b64
private static final String[] MIGRATE_FROM = {
// This has a separate router.reseedProxy.username prop,
// so let's not mess with it
"router.reseedProxy.password",
// Don't migrate these until we have a console form for them,
// which we aren't likely to ever bother with
"routerconsole.keyPassword",
"routerconsole.keystorePassword",
"i2cp.keyPassword",
"i2cp.keystorePassword"
};
private static final String[] MIGRATE_TO = {
"router.reseedProxy.auth",
"routerconsole.ssl.key.auth",
"routerconsole.ssl.keystore.auth",
"i2cp.ssl.key.auth",
"i2cp.ssl.keystore.auth"
};
|
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
migrate()
Migrate from plaintext to salt/hash
|
boolean |
remove(String realm,
String user)
Remove password, any kind.
|
boolean |
save(String realm,
String user,
String pw)
Same as saveHash()
|
boolean |
saveB64(String realm,
String user,
String pw)
This will fail if
if user contains '#' or '=' or starts with '!'
|
boolean |
saveHash(String realm,
String user,
String pw)
This will fail if
user contains '#' or '=' or starts with '!'
|
boolean |
savePlain(String realm,
String user,
String pw)
This will fail if pw contains a '#'
or if user contains '#' or '=' or starts with '!'
|
check, checkB64, checkHash, checkHash, checkPlain, createHash, get, getB64, getPlain, md5Hex, md5Hex, md5Sum, sha256Hex, sha256Hexprotected final RouterContext _context
public RouterPasswordManager(RouterContext ctx)
protected boolean migrate()
public boolean remove(String realm, String user)
realm - e.g. i2cp, routerconsole, etc.user - null or "" for no user, already trimmedpublic boolean save(String realm, String user, String pw)
realm - e.g. i2cp, routerconsole, etc.user - null or "" for no user, already trimmedpw - plain text, already trimmedpublic boolean saveB64(String realm, String user, String pw)
realm - e.g. i2cp, routerconsole, etc.user - null or "" for no user, already trimmedpw - plain text, already trimmedpublic boolean saveHash(String realm, String user, String pw)
realm - e.g. i2cp, routerconsole, etc.user - null or "" for no user, already trimmedpw - plain text, already trimmedpublic boolean savePlain(String realm, String user, String pw)
realm - e.g. i2cp, routerconsole, etc.user - null or "" for no user, already trimmedpw - plain text, already trimmed