org.apache.commons.codec.digest

Class Md5Crypt

java.lang.Object

org.apache.commons.codec.digest.Md5Crypt

public class Md5Crypt
extends Object

The libc crypt() "$1$" and Apache "$apr1$" MD5-based hash algorithm.

Based on the public domain ("beer-ware") C implementation from Poul-Henning Kamp which was found at: crypt-md5.c @ freebsd.org

Source:

 $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.1 1999/01/21 13:50:09 brandon Exp $
 

Conversion to Kotlin and from there to Java in 2012.

The C style comments are from the original C code, the ones with "//" from the port.

This class is immutable and thread-safe.

Since:

1.7

Constructor Summary

Constructors

Constructor and Description
Md5Crypt()

Method Summary

Modifier and Type	Method and Description
static String	apr1Crypt(byte[] keyBytes) See apr1Crypt(byte[], String) for details.
static String	apr1Crypt(byte[] keyBytes, Random random) See apr1Crypt(byte[], String) for details.
static String	apr1Crypt(byte[] keyBytes, String salt) See apr1Crypt(String, String) for details.
static String	apr1Crypt(String keyBytes) See apr1Crypt(String, String) for details.
static String	apr1Crypt(String keyBytes, String salt) Generates an Apache htpasswd compatible "$apr1$" MD5 based hash value.
static String	md5Crypt(byte[] keyBytes) Generates a libc6 crypt() compatible "$1$" hash value.
static String	md5Crypt(byte[] keyBytes, Random random) Generates a libc6 crypt() compatible "$1$" hash value.
static String	md5Crypt(byte[] keyBytes, String salt) Generates a libc crypt() compatible "$1$" MD5 based hash value.
static String	md5Crypt(byte[] keyBytes, String salt, String prefix) Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
static String	md5Crypt(byte[] keyBytes, String salt, String prefix, Random random) Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

Methods inherited from class java.lang.Object

clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Md5Crypt

public Md5Crypt()

Method Detail

apr1Crypt

public static String apr1Crypt(byte[] keyBytes)

See apr1Crypt(byte[], String) for details.

A salt is generated for you using SecureRandom; your own Random in apr1Crypt(byte[], Random).

Parameters:

keyBytes - plaintext string to hash.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught. *

See Also:

apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(byte[] keyBytes,
                               Random random)

See apr1Crypt(byte[], String) for details.

A salt is generated for you using the user provided Random.

Parameters:

keyBytes - plaintext string to hash.

random - the instance of Random to use for generating the salt. Consider using SecureRandom or ThreadLocalRandom.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught. *

Since:

1.12

See Also:

apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(byte[] keyBytes,
                               String salt)

See apr1Crypt(String, String) for details.

A salt is generated for you using SecureRandom

Parameters:

keyBytes - plaintext string to hash.

salt - An APR1 salt. The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

apr1Crypt

public static String apr1Crypt(String keyBytes)

See apr1Crypt(String, String) for details.

A salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts and calling apr1Crypt(byte[], String).

Parameters:

keyBytes - plaintext string to hash.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

See Also:

apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(String keyBytes,
                               String salt)

Generates an Apache htpasswd compatible "$apr1$" MD5 based hash value.

The algorithm is identical to the crypt(3) "$1$" one but produces different outputs due to the different salt prefix.

Parameters:

keyBytes - plaintext string to hash.

salt - salt string including the prefix and optionally garbage at the end. The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes)

Generates a libc6 crypt() compatible "$1$" hash value.

See md5Crypt(byte[], String) for details.

A salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts and calling md5Crypt(byte[], String).

Parameters:

keyBytes - plaintext string to hash.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

See Also:

md5Crypt(byte[], String)

md5Crypt

public static String md5Crypt(byte[] keyBytes,
                              Random random)

Generates a libc6 crypt() compatible "$1$" hash value.

See md5Crypt(byte[], String) for details.

A salt is generated for you using the instance of Random you supply.

Parameters:

keyBytes - plaintext string to hash.

random - the instance of Random to use for generating the salt. Consider using SecureRandom or ThreadLocalRandom.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

Since:

1.12

See Also:

md5Crypt(byte[], String)

md5Crypt

public static String md5Crypt(byte[] keyBytes,
                              String salt)

Generates a libc crypt() compatible "$1$" MD5 based hash value.

See Crypt.crypt(String, String) for details. We use SecureRandom for seed generation by default.

Parameters:

keyBytes - plaintext string to hash.

salt - salt string including the prefix and optionally garbage at the end. The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes,
                              String salt,
                              String prefix)

Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

See Crypt.crypt(String, String) or apr1Crypt(String, String) for details. We use by default.

Parameters:

keyBytes - plaintext string to hash.

salt - real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.

prefix - salt prefix

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes,
                              String salt,
                              String prefix,
                              Random random)

Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

See Crypt.crypt(String, String) or apr1Crypt(String, String) for details.

Parameters:

keyBytes - plaintext string to hash.

salt - real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.

prefix - salt prefix

random - the instance of Random to use for generating the salt. Consider using SecureRandom or ThreadLocalRandom.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

Since:

1.12