Package org.apache.commons.codec.digest

Class Md5Crypt

java.lang.Object

org.apache.commons.codec.digest.Md5Crypt

public class Md5Crypt
extends Object

The libc crypt() "$1$" and Apache "$apr1$" MD5-based hash algorithm.

Based on the public domain ("beer-ware") C implementation from Poul-Henning Kamp which was found at: crypt-md5.c @ freebsd.org

Source:

 $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.1 1999/01/21 13:50:09 brandon Exp $
 

Conversion to Kotlin and from there to Java in 2012.

The C style comments are from the original C code, the ones with "//" from the port.

This class is immutable and thread-safe.

Since:

1.7

Field Summary

Fields

Modifier and Type	Field	Description
(package private) static final String	APR1_PREFIX	The Identifier of the Apache variant.
private static final int	BLOCKSIZE	The number of bytes of the final hash.
(package private) static final String	MD5_PREFIX	The Identifier of this crypt() variant.
private static final int	ROUNDS	The number of rounds of the big loop.

Constructor Summary

Constructors

Constructor	Description
Md5Crypt()	Deprecated. TODO Make private in 2.0.

Method Summary

Modifier and Type	Method	Description
static String	apr1Crypt(byte[] keyBytes)	See apr1Crypt(byte[], String) for details.
static String	apr1Crypt(byte[] keyBytes, String salt)	See apr1Crypt(String, String) for details.
static String	apr1Crypt(byte[] keyBytes, Random random)	See apr1Crypt(byte[], String) for details.
static String	apr1Crypt(String keyBytes)	See apr1Crypt(String, String) for details.
static String	apr1Crypt(String keyBytes, String salt)	Generates an Apache htpasswd compatible "$apr1$" MD5 based hash value.
static String	md5Crypt(byte[] keyBytes)	Generates a libc6 crypt() compatible "$1$" hash value.
static String	md5Crypt(byte[] keyBytes, String salt)	Generates a libc crypt() compatible "$1$" MD5 based hash value.
static String	md5Crypt(byte[] keyBytes, String salt, String prefix)	Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
static String	md5Crypt(byte[] keyBytes, String salt, String prefix, Random random)	Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
static String	md5Crypt(byte[] keyBytes, Random random)	Generates a libc6 crypt() compatible "$1$" hash value.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

APR1_PREFIX

static final String APR1_PREFIX

The Identifier of the Apache variant.

See Also:

• Constant Field Values

BLOCKSIZE

private static final int BLOCKSIZE

The number of bytes of the final hash.

See Also:

• Constant Field Values

MD5_PREFIX

static final String MD5_PREFIX

The Identifier of this crypt() variant.

See Also:

• Constant Field Values

ROUNDS

private static final int ROUNDS

The number of rounds of the big loop.

See Also:

• Constant Field Values

Constructor Details

Md5Crypt

@Deprecated
public Md5Crypt()

Deprecated.

TODO Make private in 2.0.

TODO Make private in 2.0.

Method Details

apr1Crypt

public static String apr1Crypt(byte[] keyBytes)

See apr1Crypt(byte[], String) for details.

A salt is generated for you using SecureRandom; your own Random in apr1Crypt(byte[], Random).

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught. *

See Also:

• apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(byte[] keyBytes,
 Random random)

See apr1Crypt(byte[], String) for details.

A salt is generated for you using the user provided Random.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

random - the instance of Random to use for generating the salt. Consider using SecureRandom for more secure salts.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught. *

Since:

1.12

See Also:

• apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(byte[] keyBytes,
 String salt)

See apr1Crypt(String, String) for details.

A salt is generated for you using SecureRandom

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - An APR1 salt. The salt may be null, in which case a salt is generated for you using SecureRandom

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

apr1Crypt

public static String apr1Crypt(String keyBytes)

See apr1Crypt(String, String) for details.

A salt is generated for you using SecureRandom.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

See Also:

• apr1Crypt(byte[], String)

apr1Crypt

public static String apr1Crypt(String keyBytes,
 String salt)

Generates an Apache htpasswd compatible "$apr1$" MD5 based hash value.

The algorithm is identical to the crypt(3) "$1$" one but produces different outputs due to the different salt prefix.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - salt string including the prefix and optionally garbage at the end. The salt may be null, in which case a salt is generated for you using SecureRandom.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes)

Generates a libc6 crypt() compatible "$1$" hash value.

See md5Crypt(byte[], String) for details.

A salt is generated for you using SecureRandom.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

See Also:

• md5Crypt(byte[], String)

md5Crypt

public static String md5Crypt(byte[] keyBytes,
 Random random)

Generates a libc6 crypt() compatible "$1$" hash value.

See md5Crypt(byte[], String) for details.

A salt is generated for you using the instance of Random you supply.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

random - the instance of Random to use for generating the salt. Consider using SecureRandom for more secure salts.

Returns:

the hash value

Throws:

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

Since:

1.12

See Also:

• md5Crypt(byte[], String)

md5Crypt

public static String md5Crypt(byte[] keyBytes,
 String salt)

Generates a libc crypt() compatible "$1$" MD5 based hash value.

See Crypt.crypt(String, String) for details. We use SecureRandom for seed generation by default.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - salt string including the prefix and optionally garbage at the end. The salt may be null, in which case a salt is generated for you using SecureRandom.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes,
 String salt,
 String prefix)

Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

See Crypt.crypt(String, String) or apr1Crypt(String, String) for details. We use by default.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for you using SecureRandom.

prefix - The salt prefix "$apr1$", "$1$".

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

md5Crypt

public static String md5Crypt(byte[] keyBytes,
 String salt,
 String prefix,
 Random random)

Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.

See Crypt.crypt(String, String) or apr1Crypt(String, String) for details.

Parameters:

keyBytes - plaintext string to hash. Each array element is set to 0 before returning.

salt - real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for you using SecureRandom.

prefix - The salt prefix "$apr1$", "$1$".

random - the instance of Random to use for generating the salt. Consider using SecureRandom for more secure salts.

Returns:

the hash value

Throws:

IllegalArgumentException - if the salt or prefix does not match the allowed pattern

IllegalArgumentException - when a NoSuchAlgorithmException is caught.

Since:

1.12