public class Sha2Crypt extends Object
Based on the C implementation released into the Public Domain by Ulrich Drepper <drepper@redhat.com> http://www.akkadia.org/drepper/SHA-crypt.txt
Conversion to Kotlin and from there to Java in 2012 by Christian Hammers <ch@lathspell.de> and likewise put into the Public Domain.
This class is immutable and thread-safe.
Constructor and Description |
---|
Sha2Crypt() |
Modifier and Type | Method and Description |
---|---|
static String |
sha256Crypt(byte[] keyBytes)
Generates a libc crypt() compatible "$5$" hash value with random salt.
|
static String |
sha256Crypt(byte[] keyBytes,
String salt)
Generates a libc6 crypt() compatible "$5$" hash value.
|
static String |
sha256Crypt(byte[] keyBytes,
String salt,
Random random)
Generates a libc6 crypt() compatible "$5$" hash value.
|
static String |
sha512Crypt(byte[] keyBytes)
Generates a libc crypt() compatible "$6$" hash value with random salt.
|
static String |
sha512Crypt(byte[] keyBytes,
String salt)
Generates a libc6 crypt() compatible "$6$" hash value.
|
static String |
sha512Crypt(byte[] keyBytes,
String salt,
Random random)
Generates a libc6 crypt() compatible "$6$" hash value.
|
public static String sha256Crypt(byte[] keyBytes)
See Crypt.crypt(String, String)
for details.
A salt is generated for you using ThreadLocalRandom
; for more secure salts consider using
SecureRandom
to generate your own salts and calling sha256Crypt(byte[], String)
.
keyBytes
- plaintext to hashIllegalArgumentException
- when a NoSuchAlgorithmException
is caught.public static String sha256Crypt(byte[] keyBytes, String salt)
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashsalt
- real salt value without prefix or "rounds=". The salt may be null, in which case a salt
is generated for you using SecureRandom
. If one does not want to use SecureRandom
,
you can pass your own Random
in sha256Crypt(byte[], String, Random)
.IllegalArgumentException
- if the salt does not match the allowed patternIllegalArgumentException
- when a NoSuchAlgorithmException
is caught.public static String sha256Crypt(byte[] keyBytes, String salt, Random random)
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashsalt
- real salt value without prefix or "rounds=".random
- the instance of Random
to use for generating the salt. Consider using SecureRandom
or ThreadLocalRandom
.IllegalArgumentException
- if the salt does not match the allowed patternIllegalArgumentException
- when a NoSuchAlgorithmException
is caught.public static String sha512Crypt(byte[] keyBytes)
See Crypt.crypt(String, String)
for details.
A salt is generated for you using ThreadLocalRandom
; for more secure salts consider using
SecureRandom
to generate your own salts and calling sha512Crypt(byte[], String)
.
keyBytes
- plaintext to hashIllegalArgumentException
- when a NoSuchAlgorithmException
is caught.public static String sha512Crypt(byte[] keyBytes, String salt)
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashsalt
- real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated
for you using SecureRandom
; if you want to use a Random
object other than
SecureRandom
then we suggest you provide it using
sha512Crypt(byte[], String, Random)
.IllegalArgumentException
- if the salt does not match the allowed patternIllegalArgumentException
- when a NoSuchAlgorithmException
is caught.public static String sha512Crypt(byte[] keyBytes, String salt, Random random)
See Crypt.crypt(String, String)
for details.
keyBytes
- plaintext to hashsalt
- real salt value without prefix or "rounds=". The salt may be null, in which case a salt
is generated for you using ThreadLocalRandom
; for more secure salts consider using
SecureRandom
to generate your own salts.random
- the instance of Random
to use for generating the salt. Consider using SecureRandom
or ThreadLocalRandom
.IllegalArgumentException
- if the salt does not match the allowed patternIllegalArgumentException
- when a NoSuchAlgorithmException
is caught.