Package org.apache.commons.codec.digest

Class UnixCrypt

  • public class UnixCrypt
extends Object
    Unix crypt(3) algorithm implementation.

    This class only implements the traditional 56 bit DES based algorithm. Please use DigestUtils.crypt() for a method that distinguishes between all the algorithms supported in the current glibc's crypt().

    The Java implementation was taken from the JetSpeed Portal project (see org.apache.jetspeed.services.security.ldap.UnixCrypt).

    This class is slightly incompatible if the given salt contains characters that are not part of the allowed range [a-zA-Z0-9./].

    This class is immutable and thread-safe.

    Since:
    1.7

    • Constructor Detail

      • UnixCrypt

        public UnixCrypt()

    • Method Detail

      • crypt

        public static String crypt​(byte[] original)
        Generates a crypt(3) compatible hash using the DES algorithm.

        A salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts and calling crypt(byte[], String).

        Parameters:
        original - plaintext password
        Returns:
        a 13 character string starting with the salt string

      • crypt

        public static String crypt​(byte[] original,
                           String salt)
        Generates a crypt(3) compatible hash using the DES algorithm.

        Using unspecified characters as salt results incompatible hash values.

        Parameters:
        original - plaintext password
        salt - a two character string drawn from [a-zA-Z0-9./]. The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.
        Returns:
        a 13 character string starting with the salt string
        Throws:
        IllegalArgumentException - if the salt does not match the allowed pattern

      • crypt

        public static String crypt​(String original)
        Generates a crypt(3) compatible hash using the DES algorithm.

        A salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts and calling crypt(String, String).

        Parameters:
        original - plaintext password
        Returns:
        a 13 character string starting with the salt string

      • crypt

        public static String crypt​(String original,
                           String salt)
        Generates a crypt(3) compatible hash using the DES algorithm.
        Parameters:
        original - plaintext password
        salt - a two character string drawn from [a-zA-Z0-9./]. The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.
        Returns:
        a 13 character string starting with the salt string
        Throws:
        IllegalArgumentException - if the salt does not match the allowed pattern