public class Sha2Crypt extends Object
Based on the C implementation released into the Public Domain by Ulrich Drepper <drepper@redhat.com> http://www.akkadia.org/drepper/SHA-crypt.txt
Conversion to Kotlin and from there to Java in 2012 by Christian Hammers <ch@lathspell.de> and likewise put into the Public Domain.
This class is immutable and thread-safe.
Modifier and Type | Field and Description |
---|---|
private static int |
ROUNDS_DEFAULT
Default number of rounds if not explicitly specified.
|
private static int |
ROUNDS_MAX
Maximum number of rounds.
|
private static int |
ROUNDS_MIN
Minimum number of rounds.
|
private static String |
ROUNDS_PREFIX
Prefix for optional rounds specification.
|
private static Pattern |
SALT_PATTERN
The pattern to match valid salt values.
|
private static int |
SHA256_BLOCKSIZE
The number of bytes the final hash value will have (SHA-256 variant).
|
(package private) static String |
SHA256_PREFIX
The prefixes that can be used to identify this crypt() variant (SHA-256).
|
private static int |
SHA512_BLOCKSIZE
The number of bytes the final hash value will have (SHA-512 variant).
|
(package private) static String |
SHA512_PREFIX
The prefixes that can be used to identify this crypt() variant (SHA-512).
|
Constructor and Description |
---|
Sha2Crypt() |
Modifier and Type | Method and Description |
---|---|
static String |
sha256Crypt(byte[] keyBytes)
Generates a libc crypt() compatible "$5$" hash value with random salt.
|
static String |
sha256Crypt(byte[] keyBytes,
String salt)
Generates a libc6 crypt() compatible "$5$" hash value.
|
private static String |
sha2Crypt(byte[] keyBytes,
String salt,
String saltPrefix,
int blocksize,
String algorithm)
Generates a libc6 crypt() compatible "$5$" or "$6$" SHA2 based hash value.
|
static String |
sha512Crypt(byte[] keyBytes)
Generates a libc crypt() compatible "$6$" hash value with random salt.
|
static String |
sha512Crypt(byte[] keyBytes,
String salt)
Generates a libc6 crypt() compatible "$6$" hash value.
|
private static final int ROUNDS_DEFAULT
private static final int ROUNDS_MAX
private static final int ROUNDS_MIN
private static final String ROUNDS_PREFIX
private static final int SHA256_BLOCKSIZE
static final String SHA256_PREFIX
private static final int SHA512_BLOCKSIZE
static final String SHA512_PREFIX
private static final Pattern SALT_PATTERN
public Sha2Crypt()
public static String sha256Crypt(byte[] keyBytes)
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashRuntimeException
- when a NoSuchAlgorithmException
is caught.public static String sha256Crypt(byte[] keyBytes, String salt)
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashsalt
- real salt value without prefix or "rounds="IllegalArgumentException
- if the salt does not match the allowed patternRuntimeException
- when a NoSuchAlgorithmException
is caught.private static String sha2Crypt(byte[] keyBytes, String salt, String saltPrefix, int blocksize, String algorithm)
This is a nearly line by line conversion of the original C function. The numbered comments are from the algorithm description, the short C-style ones from the original C code and the ones with "Remark" from me.
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashsalt
- real salt value without prefix or "rounds="saltPrefix
- either $5$ or $6$blocksize
- a value that differs between $5$ and $6$algorithm
- MessageDigest
algorithm identifier stringIllegalArgumentException
- if the given salt is null
or does not match the allowed patternIllegalArgumentException
- when a NoSuchAlgorithmException
is caughtMessageDigestAlgorithms
public static String sha512Crypt(byte[] keyBytes)
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashRuntimeException
- when a NoSuchAlgorithmException
is caught.public static String sha512Crypt(byte[] keyBytes, String salt)
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashsalt
- real salt value without prefix or "rounds="IllegalArgumentException
- if the salt does not match the allowed patternRuntimeException
- when a NoSuchAlgorithmException
is caught.WebARTS Library Licensed Under the GNU - General Public License. Other Libraries licensed under their respective Open Source Licenses