|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.silverpeas.authentication.encryption.UnixSHA512Encryption
public class UnixSHA512Encryption
A variation of the SHA-512 algorithm (Secure Hash Algorithm) as used in current Unix systems for hashing the passwords.
This version uses salting and stretching to perturb the algorithm in different ways, and hence to be less vulnerable to attacks. It computes a base64-encoded digest of 123 characters at maximum from a salt and an unencrypted password; the SHA-512 encrypted password in the digest is fixed at 86 characters. The UnixSHA512Encryption class is based upon the the new generation, scalable, SHA-512-based Unix 'crypt' algorithm developed by a group of engineers from Red Hat, Sun, IBM, and HP for common use in Unix and Linux. The Linux glibc library (starting at version 2.7) includes support for validating passwords hashed using this algorithm. The algorithm itself was released into the Public Domain by Ulrich Drepper <drepper@redhat.com>. A discussion of the rationale and development of this algorithm is at http://people.redhat.com/drepper/sha-crypt.html and the specification and a sample C language implementation is at http://people.redhat.com/drepper/SHA-crypt.txt
Field Summary |
---|
Fields inherited from interface org.silverpeas.authentication.encryption.PasswordEncryption |
---|
BAD_PASSWORD_MESSAGE |
Constructor Summary | |
---|---|
UnixSHA512Encryption()
|
Method Summary | |
---|---|
void |
check(String password,
String digest)
Checks the specified password matches the specified digest. |
boolean |
doUnderstandDigest(String digest)
Does this encryption understand the specified digest? |
String |
encrypt(String password)
Encrypts the specified password by using a random salt (or no salt for some weakness algorithms). |
String |
encrypt(String password,
byte[] salt)
Encrypts the specified password by using the specified salt. |
byte[] |
getSaltUsedInDigest(String digest)
Gets the salt that was used to compute the specified digest. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public UnixSHA512Encryption()
Method Detail |
---|
public String encrypt(String password)
encrypt
in interface PasswordEncryption
password
- the password to encrypt.
public String encrypt(String password, byte[] salt)
encrypt
in interface PasswordEncryption
password
- the password to encrypt.salt
- the salt to use to generate more entropy in the encryption of the password.
public void check(String password, String digest) throws AssertionError
check
in interface PasswordEncryption
password
- an unencrypted password.digest
- a digest of a password with which the specified password has to be matched.
AssertionError
- if the digest wasn't computed from the specified password.public byte[] getSaltUsedInDigest(String digest)
getSaltUsedInDigest
in interface PasswordEncryption
digest
- the digest from which the salt has to be get.
public boolean doUnderstandDigest(String digest)
doUnderstandDigest
in interface PasswordEncryption
digest
- the digest to analyse.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |