org.apache.commons.codec.digest.Sha2Crypt java code examples

Add the Codota plugin to your IDE and get smart completions

private void myMethod () {
 Gson g =new Gson()
GsonBuilder gsonBuilder;gsonBuilder.create()
new GsonBuilder().create()
Smart code suggestions by Codota
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

/**
 * Generates a libc6 crypt() compatible "$5$" hash value.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext to hash
 * @param salt
 *            real salt value without prefix or "rounds="
 * @return complete hash value including salt
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha256Crypt(final byte[] keyBytes, String salt) {
  if (salt == null) {
    salt = SHA256_PREFIX + B64.getRandomSalt(8);
  }
  return sha2Crypt(keyBytes, salt, SHA256_PREFIX, SHA256_BLOCKSIZE, MessageDigestAlgorithms.SHA_256);
}

@Test
public void testCtor() {
  assertNotNull(new Sha2Crypt());
}

/**
 * Generates a libc crypt() compatible "$6$" hash value with random salt.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext to hash
 * @return complete hash value
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha512Crypt(final byte[] keyBytes) {
  return sha512Crypt(keyBytes, null);
}

/**
 * Generates a libc crypt() compatible "$5$" hash value with random salt.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext to hash
 * @return complete hash value
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha256Crypt(final byte[] keyBytes) {
  return sha256Crypt(keyBytes, null);
}

@Test(expected = NullPointerException.class)
public void testSha512CryptNullData() {
  Sha2Crypt.sha512Crypt((byte[]) null);
}

@Test(expected = NullPointerException.class)
public void testSha256CryptNullData() {
  Sha2Crypt.sha256Crypt((byte[]) null);
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

@Test(expected = IllegalArgumentException.class)
public void testSha512CryptWithEmptySalt() {
  Sha2Crypt.sha512Crypt("secret".getBytes(), "");
}

@Test(expected = IllegalArgumentException.class)
public void testSha256CryptWithEmptySalt() {
  Sha2Crypt.sha256Crypt("secret".getBytes(), "");
}

  /**
   * Generates a libc6 crypt() compatible "$6$" hash value.
   * <p>
   * See {@link Crypt#crypt(String, String)} for details.
   *
   * @param keyBytes
   *            plaintext to hash
   * @param salt
   *            real salt value without prefix or "rounds="
   * @return complete hash value including salt
   * @throws IllegalArgumentException
   *             if the salt does not match the allowed pattern
   * @throws RuntimeException
   *             when a {@link java.security.NoSuchAlgorithmException} is caught.
   */
  public static String sha512Crypt(final byte[] keyBytes, String salt) {
    if (salt == null) {
      salt = SHA512_PREFIX + B64.getRandomSalt(8);
    }
    return sha2Crypt(keyBytes, salt, SHA512_PREFIX, SHA512_BLOCKSIZE, MessageDigestAlgorithms.SHA_512);
  }
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

@Test(expected = IllegalArgumentException.class)
public void testSha2CryptWrongSalt() {
  Sha2Crypt.sha512Crypt("secret".getBytes(Charsets.UTF_8), "xx");
}

@Test
public void testSha2CryptRounds() {
  // minimum rounds?
  assertEquals("$5$rounds=1000$abcd$b8MCU4GEeZIekOy5ahQ8EWfT330hvYGVeDYkBxXBva.", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=50$abcd$"));
  assertEquals("$5$rounds=1001$abcd$SQsJZs7KXKdd2DtklI3TY3tkD7UYA99RD0FBLm4Sk48", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=1001$abcd$"));
  assertEquals("$5$rounds=9999$abcd$Rh/8ngVh9oyuS6lL3.fsq.9xbvXJsfyKWxSjO2mPIa7", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=9999$abcd"));
}

/**
 * Generates a libc6 crypt() compatible "$5$" hash value.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 * 
 * @param keyBytes
 *            plaintext to hash
 * @param salt
 *            real salt value without prefix or "rounds="
 * @return complete hash value including salt
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha256Crypt(final byte[] keyBytes, String salt) {
  if (salt == null) {
    salt = SHA256_PREFIX + B64.getRandomSalt(8);
  }
  return sha2Crypt(keyBytes, salt, SHA256_PREFIX, SHA256_BLOCKSIZE, MessageDigestAlgorithms.SHA_256);
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

@Test
public void testSha512CryptExplicitCall() {
  assertTrue(Sha2Crypt.sha512Crypt("secret".getBytes()).matches("^\\$6\\$[a-zA-Z0-9./]{0,16}\\$.{1,}$"));
  assertTrue(Sha2Crypt.sha512Crypt("secret".getBytes(), null).matches("^\\$6\\$[a-zA-Z0-9./]{0,16}\\$.{1,}$"));
}

@Test
public void testSha2CryptRounds() {
  // minimum rounds?
  assertEquals("$5$rounds=1000$abcd$b8MCU4GEeZIekOy5ahQ8EWfT330hvYGVeDYkBxXBva.", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=50$abcd$"));
  assertEquals("$5$rounds=1001$abcd$SQsJZs7KXKdd2DtklI3TY3tkD7UYA99RD0FBLm4Sk48", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=1001$abcd$"));
  assertEquals("$5$rounds=9999$abcd$Rh/8ngVh9oyuS6lL3.fsq.9xbvXJsfyKWxSjO2mPIa7", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=9999$abcd"));
}

/**
 * Generates a libc6 crypt() compatible "$5$" hash value.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext to hash
 * @param salt
 *            real salt value without prefix or "rounds="
 * @return complete hash value including salt
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha256Crypt(final byte[] keyBytes, String salt) {
  if (salt == null) {
    salt = SHA256_PREFIX + B64.getRandomSalt(8);
  }
  return sha2Crypt(keyBytes, salt, SHA256_PREFIX, SHA256_BLOCKSIZE, MessageDigestAlgorithms.SHA_256);
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

Javadoc

SHA2-based Unix crypt implementation.

Based on the C implementation released into the Public Domain by Ulrich Drepper <drepper@redhat.com> http://www.akkadia.org/drepper/SHA-crypt.txt

Conversion to Kotlin and from there to Java in 2012 by Christian Hammers <ch@lathspell.de> and likewise put into the Public Domain.

This class is immutable and thread-safe.

Most used methods

sha512Crypt
Generates a libc6 crypt() compatible "$6$" hash value. See Crypt#crypt(String,String) for details.
sha256Crypt
Generates a libc6 crypt() compatible "$5$" hash value. See Crypt#crypt(String,String) for details.
sha2Crypt
Generates a libc6 crypt() compatible "$5$" or "$6$" SHA2 based hash value. This is a nearly line by
<init>

Popular in Java

Start an intent from android
getExternalFilesDir (Context)
getResourceAsStream (ClassLoader)
Returns a stream for the resource with the specified name. See #getResource(String) for a descriptio
onCreateOptionsMenu (Activity)
GridLayout (java.awt)
The GridLayout class is a layout manager that lays out a container's components in a rectangular gri
Kernel (java.awt.image)
PrintStream (java.io)
A PrintStream adds functionality to another output stream, namely the ability to print representatio
PrintWriter (java.io)
Prints formatted representations of objects to a text-output stream. This class implements all of th
Runnable (java.lang)
Represents a command that can be executed. Often used to run code in a different Thread.
URL (java.net)
A Uniform Resource Locator that identifies the location of an Internet resource as specified by RFC

How to useSha2Crypt in org.apache.commons.codec.digest

Best Java code snippets using org.apache.commons.codec.digest.Sha2Crypt (Showing top 20 results out of 315)

How to use
Sha2Crypt
in
org.apache.commons.codec.digest