Package marauroa.common.crypto

Class Sha512Crypt

java.lang.Object

marauroa.common.crypto.Sha512Crypt

public final class Sha512Crypt
extends Object

This class defines a method, Sha512_crypt(), which takes a password and a salt string and generates a Sha512 encrypted password entry. This class implements the new generation, scalable, SHA512-based Unix 'crypt' algorithm developed by a group of engineers from Red Hat, Sun, IBM, and HP for common use in the Unix and Linux /etc/shadow files. The Linux glibc library (starting at version 2.7) includes support for validating passwords hashed using this algorithm. The algorithm itself was released into the Public Domain by Ulrich Drepper <drepper@redhat.com>. A discussion of the rationale and development of this algorithm is at http://people.redhat.com/drepper/sha-crypt.html and the specification and a sample C language implementation is at http://people.redhat.com/drepper/SHA-crypt.txt

Constructor Summary

Constructors

Constructor	Description
Sha512Crypt()

Method Summary

Modifier and Type	Method	Description
static void	main(String[] arg)	Test rig
static String	Sha512_crypt(String keyStr, String saltStr, int roundsCount)	This method actually generates an Sha512 crypted password hash from a plaintext password and a salt.
static boolean	verifyHashTextFormat(String sha512CryptText)
static boolean	verifyPassword(String plaintextPass, String sha512CryptText)	This method tests a plaintext password against a SHA512 Unix Crypt'ed hash and returns true if the password matches the hash.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Sha512Crypt

public Sha512Crypt()

Method Details

Sha512_crypt

public static final String Sha512_crypt(String keyStr,
 String saltStr,
 int roundsCount)

This method actually generates an Sha512 crypted password hash from a plaintext password and a salt.

The resulting string will be in the form '$6$<rounds=n>$<salt>$<hashed mess>

Parameters:

keyStr - Plaintext password

saltStr - An encoded salt/roundes which will be consulted to determine the salt and round count, if not null

roundsCount - If this value is not 0, this many rounds will used to generate the hash text.

Returns:

The Sha512 Unix Crypt hash text for the keyStr

verifyPassword

public static final boolean verifyPassword(String plaintextPass,
 String sha512CryptText)

This method tests a plaintext password against a SHA512 Unix Crypt'ed hash and returns true if the password matches the hash.

Parameters:

plaintextPass - The plaintext password text to test.

sha512CryptText - The hash text we're testing against. We'll extract the salt and the round count from this String.

verifyHashTextFormat

public static final boolean verifyHashTextFormat(String sha512CryptText)

main

public static void main(String[] arg)

Test rig