Class Md5Crypt


  • public class Md5Crypt
    extends java.lang.Object
    The libc crypt() "$1$" and Apache "$apr1$" MD5-based hash algorithm.

    Based on the public domain ("beer-ware") C implementation from Poul-Henning Kamp which was found at: crypt-md5.c @ freebsd.org

    Source:

     $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.1 1999/01/21 13:50:09 brandon Exp $
     

    Conversion to Kotlin and from there to Java in 2012.

    The C style comments are from the original C code, the ones with "//" from the port.

    This class is immutable and thread-safe.

    Since:
    1.7
    • Constructor Summary

      Constructors 
      Constructor Description
      Md5Crypt()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.lang.String apr1Crypt​(byte[] keyBytes)
      See apr1Crypt(byte[], String) for details.
      static java.lang.String apr1Crypt​(byte[] keyBytes, java.lang.String salt)
      See apr1Crypt(String, String) for details.
      static java.lang.String apr1Crypt​(byte[] keyBytes, java.util.Random random)
      See apr1Crypt(byte[], String) for details.
      static java.lang.String apr1Crypt​(java.lang.String keyBytes)
      See apr1Crypt(String, String) for details.
      static java.lang.String apr1Crypt​(java.lang.String keyBytes, java.lang.String salt)
      Generates an Apache htpasswd compatible "$apr1$" MD5 based hash value.
      static java.lang.String md5Crypt​(byte[] keyBytes)
      Generates a libc6 crypt() compatible "$1$" hash value.
      static java.lang.String md5Crypt​(byte[] keyBytes, java.lang.String salt)
      Generates a libc crypt() compatible "$1$" MD5 based hash value.
      static java.lang.String md5Crypt​(byte[] keyBytes, java.lang.String salt, java.lang.String prefix)
      Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
      static java.lang.String md5Crypt​(byte[] keyBytes, java.lang.String salt, java.lang.String prefix, java.util.Random random)
      Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
      static java.lang.String md5Crypt​(byte[] keyBytes, java.util.Random random)
      Generates a libc6 crypt() compatible "$1$" hash value.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • Md5Crypt

        public Md5Crypt()
    • Method Detail

      • apr1Crypt

        public static java.lang.String apr1Crypt​(byte[] keyBytes)
        See apr1Crypt(byte[], String) for details.

        A salt is generated for you using SecureRandom; your own Random in apr1Crypt(byte[], Random).

        Parameters:
        keyBytes - plaintext string to hash.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught. *
        See Also:
        apr1Crypt(byte[], String)
      • apr1Crypt

        public static java.lang.String apr1Crypt​(byte[] keyBytes,
                                                 java.util.Random random)
        See apr1Crypt(byte[], String) for details.

        A salt is generated for you using the user provided Random.

        Parameters:
        keyBytes - plaintext string to hash.
        random - the instance of Random to use for generating the salt. Consider using SecureRandom or ThreadLocalRandom.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught. *
        Since:
        1.12
        See Also:
        apr1Crypt(byte[], String)
      • apr1Crypt

        public static java.lang.String apr1Crypt​(byte[] keyBytes,
                                                 java.lang.String salt)
        See apr1Crypt(String, String) for details.

        A salt is generated for you using SecureRandom

        Parameters:
        keyBytes - plaintext string to hash.
        salt - An APR1 salt. The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - if the salt does not match the allowed pattern
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught.
      • apr1Crypt

        public static java.lang.String apr1Crypt​(java.lang.String keyBytes)
        See apr1Crypt(String, String) for details.

        A salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts and calling apr1Crypt(byte[], String).

        Parameters:
        keyBytes - plaintext string to hash.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught.
        See Also:
        apr1Crypt(byte[], String)
      • apr1Crypt

        public static java.lang.String apr1Crypt​(java.lang.String keyBytes,
                                                 java.lang.String salt)
        Generates an Apache htpasswd compatible "$apr1$" MD5 based hash value.

        The algorithm is identical to the crypt(3) "$1$" one but produces different outputs due to the different salt prefix.

        Parameters:
        keyBytes - plaintext string to hash.
        salt - salt string including the prefix and optionally garbage at the end. The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - if the salt does not match the allowed pattern
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught.
      • md5Crypt

        public static java.lang.String md5Crypt​(byte[] keyBytes)
        Generates a libc6 crypt() compatible "$1$" hash value.

        See md5Crypt(byte[], String) for details.

        A salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts and calling md5Crypt(byte[], String).

        Parameters:
        keyBytes - plaintext string to hash.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught.
        See Also:
        md5Crypt(byte[], String)
      • md5Crypt

        public static java.lang.String md5Crypt​(byte[] keyBytes,
                                                java.util.Random random)
        Generates a libc6 crypt() compatible "$1$" hash value.

        See md5Crypt(byte[], String) for details.

        A salt is generated for you using the instance of Random you supply.

        Parameters:
        keyBytes - plaintext string to hash.
        random - the instance of Random to use for generating the salt. Consider using SecureRandom or ThreadLocalRandom.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught.
        Since:
        1.12
        See Also:
        md5Crypt(byte[], String)
      • md5Crypt

        public static java.lang.String md5Crypt​(byte[] keyBytes,
                                                java.lang.String salt)
        Generates a libc crypt() compatible "$1$" MD5 based hash value.

        See Crypt.crypt(String, String) for details. We use SecureRandom for seed generation by default.

        Parameters:
        keyBytes - plaintext string to hash.
        salt - salt string including the prefix and optionally garbage at the end. The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - if the salt does not match the allowed pattern
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught.
      • md5Crypt

        public static java.lang.String md5Crypt​(byte[] keyBytes,
                                                java.lang.String salt,
                                                java.lang.String prefix)
        Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

        See Crypt.crypt(String, String) or apr1Crypt(String, String) for details. We use by default.

        Parameters:
        keyBytes - plaintext string to hash.
        salt - real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.
        prefix - salt prefix
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - if the salt does not match the allowed pattern
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught.
      • md5Crypt

        public static java.lang.String md5Crypt​(byte[] keyBytes,
                                                java.lang.String salt,
                                                java.lang.String prefix,
                                                java.util.Random random)
        Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

        See Crypt.crypt(String, String) or apr1Crypt(String, String) for details.

        Parameters:
        keyBytes - plaintext string to hash.
        salt - real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for you using ThreadLocalRandom; for more secure salts consider using SecureRandom to generate your own salts.
        prefix - salt prefix
        random - the instance of Random to use for generating the salt. Consider using SecureRandom or ThreadLocalRandom.
        Returns:
        the hash value
        Throws:
        java.lang.IllegalArgumentException - if the salt does not match the allowed pattern
        java.lang.IllegalArgumentException - when a NoSuchAlgorithmException is caught.
        Since:
        1.12