Package com.identity4j.util.unix

Class Sha512Crypt

java.lang.Object

com.identity4j.util.unix.Sha512Crypt

public final class Sha512Crypt
extends Object

This class defines a method, Sha512_crypt(), which takes a password and a salt string and generates a Sha512 encrypted password entry.

This class implements the new generation, scalable, SHA512-based Unix 'crypt' algorithm developed by a group of engineers from Red Hat, Sun, IBM, and HP for common use in the Unix and Linux /etc/shadow files.

The Linux glibc library (starting at version 2.7) includes support for validating passwords hashed using this algorithm.

The algorithm itself was released into the Public Domain by Ulrich Drepper <drepper@redhat.com>. A discussion of the rationale and development of this algorithm is at

http://people.redhat.com/drepper/sha-crypt.html

and the specification and a sample C language implementation is at

http://people.redhat.com/drepper/SHA-crypt.txt

Constructor Summary

Constructors

Constructor	Description
Sha512Crypt()

Method Summary

Modifier and Type	Method	Description
static void	main(String[] arg)	Test rig
static String	Sha512_crypt(String keyStr, String saltStr, int roundsCount)	This method actually generates an Sha512 crypted password hash from a plaintext password and a salt.
static boolean	verifyHashTextFormat(String sha512CryptText)	Returns true if sha512CryptText is a valid Sha512Crypt hashtext, false if not.
static boolean	verifyPassword(String plaintextPass, String sha512CryptText)	This method tests a plaintext password against a SHA512 Unix Crypt'ed hash and returns true if the password matches the hash.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Sha512Crypt

public Sha512Crypt()

Method Detail

Sha512_crypt

public static final String Sha512_crypt(String keyStr,
                                        String saltStr,
                                        int roundsCount)

This method actually generates an Sha512 crypted password hash from a plaintext password and a salt.

The resulting string will be in the form '$6$<rounds=n>$<salt>$<hashed mess>

Parameters:

keyStr - Plaintext password

saltStr - An encoded salt/roundes which will be consulted to determine the salt and round count, if not null

roundsCount - If this value is not 0, this many rounds will used to generate the hash text.

Returns:

The Sha512 Unix Crypt hash text for the keyStr

verifyPassword

public static final boolean verifyPassword(String plaintextPass,
                                           String sha512CryptText)

This method tests a plaintext password against a SHA512 Unix Crypt'ed hash and returns true if the password matches the hash.

Parameters:

plaintextPass - The plaintext password text to test.

sha512CryptText - The hash text we're testing against. We'll extract the salt and the round count from this String.

verifyHashTextFormat

public static final boolean verifyHashTextFormat(String sha512CryptText)

Returns true if sha512CryptText is a valid Sha512Crypt hashtext, false if not.

main

public static void main(String[] arg)

Test rig