Package org.apache.commons.codec.digest

Class Md5Crypt

java.lang.Object

org.apache.commons.codec.digest.Md5Crypt

public class Md5Crypt
extends Object

The libc crypt() "$1$" and Apache "$apr1$" MD5-based hash algorithm.

Based on the public domain ("beer-ware") C implementation from Poul-Henning Kamp which was found at: crypt-md5.c @ freebsd.org

Source:

 $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.1 1999/01/21 13:50:09 brandon Exp $
 

Conversion to Kotlin and from there to Java in 2012.

The C style comments are from the original C code, the ones with "//" from the port.

This class is immutable and thread-safe.

Since:

1.7

Constructor Summary

Constructors

Constructor	Description
Md5Crypt()	Deprecated. TODO Make private in 2.0.

Method Summary

Modifier and Type	Method	Description
static String	apr1Crypt(byte[] keyBytes)	See apr1Crypt(byte[], String) for details.
static String	apr1Crypt(byte[] keyBytes, String salt)	See apr1Crypt(String, String) for details.
static String	apr1Crypt(byte[] keyBytes, Random random)	See apr1Crypt(byte[], String) for details.
static String	apr1Crypt(String keyBytes)	See apr1Crypt(String, String) for details.
static String	apr1Crypt(String keyBytes, String salt)	Generates an Apache htpasswd compatible "$apr1$" MD5 based hash value.
static String	md5Crypt(byte[] keyBytes)	Generates a libc6 crypt() compatible "$1$" hash value.
static String	md5Crypt(byte[] keyBytes, String salt)	Generates a libc crypt() compatible "$1$" MD5 based hash value.
static String	md5Crypt(byte[] keyBytes, String salt, String prefix)	Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
static String	md5Crypt(byte[] keyBytes, String salt, String prefix, Random random)	Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
static String	md5Crypt(byte[] keyBytes, Random random)	Generates a libc6 crypt() compatible "$1$" hash value.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Md5Crypt

@Deprecated
public Md5Crypt()

Deprecated.

TODO Make private in 2.0.

TODO Make private in 2.0.

Method Details

apr1Crypt

public static String apr1Crypt(byte[] keyBytes)

See apr1Crypt(byte[], String) for details.

A salt is generated for you using SecureRandom; your own Random in apr1Crypt(byte[], Random).

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught. *

See Also:

• apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(byte[] keyBytes,
 Random random)

See apr1Crypt(byte[], String) for details.

A salt is generated for you using the user provided Random.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

random - the instance of Random to use for generating the salt. Consider using SecureRandom for more secure salts.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught. *

Since:

1.12

See Also:

• apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(byte[] keyBytes,
 String salt)

See apr1Crypt(String, String) for details.

A salt is generated for you using SecureRandom

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - An APR1 salt. The salt may be null, in which case a salt is generated for you using SecureRandom

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

apr1Crypt

public static String apr1Crypt(String keyBytes)

See apr1Crypt(String, String) for details.

A salt is generated for you using SecureRandom.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

See Also:

• apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(String keyBytes,
 String salt)

Generates an Apache htpasswd compatible "$apr1$" MD5 based hash value.

The algorithm is identical to the crypt(3) "$1$" one but produces different outputs due to the different salt prefix.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - salt string including the prefix and optionally garbage at the end. The salt may be null, in which case a salt is generated for you using SecureRandom.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes)

Generates a libc6 crypt() compatible "$1$" hash value.

See md5Crypt(byte[], String) for details.

A salt is generated for you using SecureRandom.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

See Also:

• md5Crypt(byte[], String)

md5Crypt

public static String md5Crypt(byte[] keyBytes,
 Random random)

Generates a libc6 crypt() compatible "$1$" hash value.

See md5Crypt(byte[], String) for details.

A salt is generated for you using the instance of Random you supply.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

random - the instance of Random to use for generating the salt. Consider using SecureRandom for more secure salts.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

Since:

1.12

See Also:

• md5Crypt(byte[], String)

md5Crypt

public static String md5Crypt(byte[] keyBytes,
 String salt)

Generates a libc crypt() compatible "$1$" MD5 based hash value.

See Crypt.crypt(String, String) for details. We use SecureRandom for seed generation by default.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - salt string including the prefix and optionally garbage at the end. The salt may be null, in which case a salt is generated for you using SecureRandom.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes,
 String salt,
 String prefix)

Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

See Crypt.crypt(String, String) or apr1Crypt(String, String) for details. We use by default.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for you using SecureRandom.

prefix - The salt prefix "$apr1$", "$1$".

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes,
 String salt,
 String prefix,
 Random random)

Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

See Crypt.crypt(String, String) or apr1Crypt(String, String) for details.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for you using SecureRandom.

prefix - The salt prefix "$apr1$", "$1$".

random - the instance of Random to use for generating the salt. Consider using SecureRandom for more secure salts.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt or prefix does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

Since:

1.12