|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.silverpeas.authentication.encryption.UnixMD5Encryption
public class UnixMD5Encryption
A variation of the MD5 algorithm (Message Digest 5) as used in modern Unix systems for hashing the passwords.
This version uses salting to perturb the algorithm in different ways, and hence to be less vulnerable to attacks. Since the discovery of the vulnerability of the MD5 algorithm, it is now replaced in the current Unix systems by one of the SHA-2 algorithm (SHA-256 or SHA-512). OpenBSD, an operating system notorious for being "obsessed with security", uses as its default password authentication mechanism the bcrypt cryptographic algorithm (a modified version of Blowfish). This class implements the popular MD5Crypt function as used by BSD and most modern Un*x systems. It was basically converted from the C code write by Poul-Henning Kamp.
Field Summary |
---|
Fields inherited from interface org.silverpeas.authentication.encryption.PasswordEncryption |
---|
BAD_PASSWORD_MESSAGE |
Constructor Summary | |
---|---|
UnixMD5Encryption()
|
Method Summary | |
---|---|
void |
check(String password,
String digest)
Checks the specified password matches the specified digest. |
boolean |
doUnderstandDigest(String digest)
Does this encryption understand the specified digest? |
String |
encrypt(String password)
Encrypts the specified password by using a random salt (or no salt for some weakness algorithms). |
String |
encrypt(String password,
byte[] salt)
Encrypts the specified password by using the specified salt. |
byte[] |
getSaltUsedInDigest(String digest)
Gets the salt that was used to compute the specified digest. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public UnixMD5Encryption()
Method Detail |
---|
public String encrypt(String password)
encrypt
in interface PasswordEncryption
password
- the password to encrypt.
public String encrypt(String password, byte[] salt)
encrypt
in interface PasswordEncryption
password
- the password to encrypt.salt
- the salt to use to generate more entropy in the encryption of the password.
public void check(String password, String digest) throws AssertionError
check
in interface PasswordEncryption
password
- an unencrypted password.digest
- a digest of a password with which the specified password has to be matched.
AssertionError
- if the digest wasn't computed from the specified password.public byte[] getSaltUsedInDigest(String digest)
getSaltUsedInDigest
in interface PasswordEncryption
digest
- the digest from which the salt has to be get.
public boolean doUnderstandDigest(String digest)
doUnderstandDigest
in interface PasswordEncryption
digest
- the digest to analyse.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |