org.apache.commons.codec.digest.Sha2Crypt java code examples

Add the Codota plugin to your IDE and get smart completions

private void myMethod () {
 Gson g =new Gson()
GsonBuilder gsonBuilder;gsonBuilder.create()
new GsonBuilder().create()
Smart code suggestions by Tabnine
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

/**
 * Generates a libc6 crypt() compatible "$5$" hash value.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext to hash
 * @param salt
 *            real salt value without prefix or "rounds="
 * @return complete hash value including salt
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha256Crypt(final byte[] keyBytes, String salt) {
  if (salt == null) {
    salt = SHA256_PREFIX + B64.getRandomSalt(8);
  }
  return sha2Crypt(keyBytes, salt, SHA256_PREFIX, SHA256_BLOCKSIZE, MessageDigestAlgorithms.SHA_256);
}

@Test
public void testCtor() {
  assertNotNull(new Sha2Crypt());
}

/**
 * Generates a libc crypt() compatible "$6$" hash value with random salt.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext to hash
 * @return complete hash value
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha512Crypt(final byte[] keyBytes) {
  return sha512Crypt(keyBytes, null);
}

/**
 * Generates a libc crypt() compatible "$5$" hash value with random salt.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext to hash
 * @return complete hash value
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha256Crypt(final byte[] keyBytes) {
  return sha256Crypt(keyBytes, null);
}

@Test(expected = NullPointerException.class)
public void testSha512CryptNullData() {
  Sha2Crypt.sha512Crypt((byte[]) null);
}

@Test(expected = NullPointerException.class)
public void testSha256CryptNullData() {
  Sha2Crypt.sha256Crypt((byte[]) null);
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

@Test(expected = IllegalArgumentException.class)
public void testSha2CryptWrongSalt() {
  Sha2Crypt.sha512Crypt("secret".getBytes(Charsets.UTF_8), "xx");
}

@Test(expected = IllegalArgumentException.class)
public void testSha256CryptWithEmptySalt() {
  Sha2Crypt.sha256Crypt("secret".getBytes(), "");
}

  /**
   * Generates a libc6 crypt() compatible "$6$" hash value.
   * <p>
   * See {@link Crypt#crypt(String, String)} for details.
   *
   * @param keyBytes
   *            plaintext to hash
   * @param salt
   *            real salt value without prefix or "rounds="
   * @return complete hash value including salt
   * @throws IllegalArgumentException
   *             if the salt does not match the allowed pattern
   * @throws RuntimeException
   *             when a {@link java.security.NoSuchAlgorithmException} is caught.
   */
  public static String sha512Crypt(final byte[] keyBytes, String salt) {
    if (salt == null) {
      salt = SHA512_PREFIX + B64.getRandomSalt(8);
    }
    return sha2Crypt(keyBytes, salt, SHA512_PREFIX, SHA512_BLOCKSIZE, MessageDigestAlgorithms.SHA_512);
  }
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

@Test(expected = IllegalArgumentException.class)
public void testSha512CryptWithEmptySalt() {
  Sha2Crypt.sha512Crypt("secret".getBytes(), "");
}

@Test
public void testSha2CryptRounds() {
  // minimum rounds?
  assertEquals("$5$rounds=1000$abcd$b8MCU4GEeZIekOy5ahQ8EWfT330hvYGVeDYkBxXBva.", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=50$abcd$"));
  assertEquals("$5$rounds=1001$abcd$SQsJZs7KXKdd2DtklI3TY3tkD7UYA99RD0FBLm4Sk48", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=1001$abcd$"));
  assertEquals("$5$rounds=9999$abcd$Rh/8ngVh9oyuS6lL3.fsq.9xbvXJsfyKWxSjO2mPIa7", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=9999$abcd"));
}

/**
 * Generates a libc6 crypt() compatible "$5$" hash value.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 * 
 * @param keyBytes
 *            plaintext to hash
 * @param salt
 *            real salt value without prefix or "rounds="
 * @return complete hash value including salt
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha256Crypt(final byte[] keyBytes, String salt) {
  if (salt == null) {
    salt = SHA256_PREFIX + B64.getRandomSalt(8);
  }
  return sha2Crypt(keyBytes, salt, SHA256_PREFIX, SHA256_BLOCKSIZE, MessageDigestAlgorithms.SHA_256);
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

@Test
public void testSha512CryptExplicitCall() {
  assertTrue(Sha2Crypt.sha512Crypt("secret".getBytes()).matches("^\\$6\\$[a-zA-Z0-9./]{0,16}\\$.{1,}$"));
  assertTrue(Sha2Crypt.sha512Crypt("secret".getBytes(), null).matches("^\\$6\\$[a-zA-Z0-9./]{0,16}\\$.{1,}$"));
}

@Test
public void testSha2CryptRounds() {
  // minimum rounds?
  assertEquals("$5$rounds=1000$abcd$b8MCU4GEeZIekOy5ahQ8EWfT330hvYGVeDYkBxXBva.", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=50$abcd$"));
  assertEquals("$5$rounds=1001$abcd$SQsJZs7KXKdd2DtklI3TY3tkD7UYA99RD0FBLm4Sk48", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=1001$abcd$"));
  assertEquals("$5$rounds=9999$abcd$Rh/8ngVh9oyuS6lL3.fsq.9xbvXJsfyKWxSjO2mPIa7", Sha2Crypt.sha256Crypt("secret".getBytes(Charsets.UTF_8), "$5$rounds=9999$abcd"));
}

/**
 * Generates a libc6 crypt() compatible "$5$" hash value.
 * <p>
 * See {@link Crypt#crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext to hash
 * @param salt
 *            real salt value without prefix or "rounds="
 * @return complete hash value including salt
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String sha256Crypt(final byte[] keyBytes, String salt) {
  if (salt == null) {
    salt = SHA256_PREFIX + B64.getRandomSalt(8);
  }
  return sha2Crypt(keyBytes, salt, SHA256_PREFIX, SHA256_BLOCKSIZE, MessageDigestAlgorithms.SHA_256);
}

/**
 * Encrypts a password in a crypt(3) compatible way.
 * <p>
 * If no salt is provided, a random salt and the default algorithm (currently SHA-512) will be used. See
 * {@link #crypt(String, String)} for details.
 *
 * @param keyBytes
 *            plaintext password
 * @param salt
 *            salt value
 * @return hash value
 * @throws IllegalArgumentException
 *             if the salt does not match the allowed pattern
 * @throws RuntimeException
 *             when a {@link java.security.NoSuchAlgorithmException} is caught.
 */
public static String crypt(final byte[] keyBytes, final String salt) {
  if (salt == null) {
    return Sha2Crypt.sha512Crypt(keyBytes);
  } else if (salt.startsWith(Sha2Crypt.SHA512_PREFIX)) {
    return Sha2Crypt.sha512Crypt(keyBytes, salt);
  } else if (salt.startsWith(Sha2Crypt.SHA256_PREFIX)) {
    return Sha2Crypt.sha256Crypt(keyBytes, salt);
  } else if (salt.startsWith(Md5Crypt.MD5_PREFIX)) {
    return Md5Crypt.md5Crypt(keyBytes, salt);
  } else {
    return UnixCrypt.crypt(keyBytes, salt);
  }
}

Javadoc

SHA2-based Unix crypt implementation.

Based on the C implementation released into the Public Domain by Ulrich Drepper <drepper@redhat.com> http://www.akkadia.org/drepper/SHA-crypt.txt

Conversion to Kotlin and from there to Java in 2012 by Christian Hammers <ch@lathspell.de> and likewise put into the Public Domain.

This class is immutable and thread-safe.

Most used methods

sha512Crypt
Generates a libc6 crypt() compatible "$6$" hash value. See Crypt#crypt(String,String) for details.
sha256Crypt
Generates a libc6 crypt() compatible "$5$" hash value. See Crypt#crypt(String,String) for details.
sha2Crypt
Generates a libc6 crypt() compatible "$5$" or "$6$" SHA2 based hash value. This is a nearly line by
<init>

Popular in Java

Start an intent from android
requestLocationUpdates (LocationManager)
runOnUiThread (Activity)
setContentView (Activity)
BufferedReader (java.io)
Wraps an existing Reader and buffers the input. Expensive interaction with the underlying reader is
URLConnection (java.net)
A connection to a URL for reading or writing. For HTTP connections, see HttpURLConnection for docume
Time (java.sql)
Java representation of an SQL TIME value. Provides utilities to format and parse the time's represen
Handler (java.util.logging)
A Handler object accepts a logging request and exports the desired messages to a target, for example
Stream (java.util.stream)
A sequence of elements supporting sequential and parallel aggregate operations. The following exampl
HttpServletRequest (javax.servlet.http)
Extends the javax.servlet.ServletRequest interface to provide request information for HTTP servlets.
Top 17 Free Sublime Text Plugins

How to useSha2Crypt in org.apache.commons.codec.digest

Best Java code snippets using org.apache.commons.codec.digest.Sha2Crypt (Showing top 20 results out of 315)

How to use
Sha2Crypt
in
org.apache.commons.codec.digest