public class UnixCrypt extends Object
This class only implements the traditional 56 bit DES based algorithm. Please use DigestUtils.crypt() for a method that distinguishes between all the algorithms supported in the current glibc's crypt().
The Java implementation was taken from the JetSpeed Portal project (see org.apache.jetspeed.services.security.ldap.UnixCrypt).
This class is slightly incompatible if the given salt contains characters that are not part of the allowed range [a-zA-Z0-9./].
This class is immutable and thread-safe.
Constructor and Description |
---|
UnixCrypt() |
Modifier and Type | Method and Description |
---|---|
static String |
crypt(byte[] original)
Generates a crypt(3) compatible hash using the DES algorithm.
|
static String |
crypt(byte[] original,
String salt)
Generates a crypt(3) compatible hash using the DES algorithm.
|
static String |
crypt(String original)
Generates a crypt(3) compatible hash using the DES algorithm.
|
static String |
crypt(String original,
String salt)
Generates a crypt(3) compatible hash using the DES algorithm.
|
public static String crypt(byte[] original)
A salt is generated for you using ThreadLocalRandom
; for more secure salts consider using
SecureRandom
to generate your own salts and calling crypt(byte[], String)
.
original
- plaintext passwordpublic static String crypt(byte[] original, String salt)
Using unspecified characters as salt results incompatible hash values.
original
- plaintext passwordsalt
- a two character string drawn from [a-zA-Z0-9./]. The salt may be null, in which case a salt is
generated for you using ThreadLocalRandom
; for more secure salts consider using
SecureRandom
to generate your own salts.IllegalArgumentException
- if the salt does not match the allowed patternpublic static String crypt(String original)
A salt is generated for you using ThreadLocalRandom
; for more secure salts consider using
SecureRandom
to generate your own salts and calling crypt(String, String)
.
original
- plaintext passwordpublic static String crypt(String original, String salt)
original
- plaintext passwordsalt
- a two character string drawn from [a-zA-Z0-9./]. The salt may be null, in which case a salt is
generated for you using ThreadLocalRandom
; for more secure salts consider using
SecureRandom
to generate your own salts.IllegalArgumentException
- if the salt does not match the allowed pattern