Package net.i2p.util
Class PasswordManager
java.lang.Object
net.i2p.util.PasswordManager
- Direct Known Subclasses:
RouterPasswordManager
Manage both plaintext and salted/hashed password storage in
router.config.
There's no state here, so instantiate at will.
- Since:
- 0.9.4
-
Field Summary
Modifier and TypeFieldDescriptionprotected static final String
stored obfuscated as b64 of the UTF-8 bytesprotected static final String
stored as a Unix crypt stringprotected static final String
stored as the hex of the MD5 hash of the UTF-8 bytes.protected static final String
stored as plain textprotected static final String
stored as the b64 of the 16 byte salt + the 32 byte hash of the UTF-8 bytesprotected static final int
protected static final int
48 -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionboolean
Checks both plaintext and hashboolean
boolean
Check pw against b64 salt+hash, as generated by createHash()boolean
With random saltboolean
checkPlain
(String realm, String user, String pw) createHash
(String pw) Create a salt+hash, to be saved and verified later by verifyHash().Either plain or b64static String
Straight MD5, no salt Will return the MD5 sum of the data, compatible with Jetty and RFC 2617.static String
Straight MD5, no salt Will return the MD5 sum of "user:subrealm:pw", compatible with Jetty and RFC 2617.static byte[]
md5Sum
(byte[] data) Standard MD5 checksumstatic String
Return the SHA256 sum of the data, compatible with RFC 7616.static String
Straight SHA256, no salt Will return the SHA256 sum of "user:subrealm:pw", compatible with RFC 7616.
-
Field Details
-
SALT_LENGTH
protected static final int SALT_LENGTH- See Also:
-
SHASH_LENGTH
protected static final int SHASH_LENGTH48- See Also:
-
PROP_PW
stored as plain text- See Also:
-
PROP_B64
stored obfuscated as b64 of the UTF-8 bytes- See Also:
-
PROP_MD5
stored as the hex of the MD5 hash of the UTF-8 bytes. Compatible with Jetty.- See Also:
-
PROP_CRYPT
stored as a Unix crypt string- See Also:
-
PROP_SHASH
stored as the b64 of the 16 byte salt + the 32 byte hash of the UTF-8 bytes- See Also:
-
-
Constructor Details
-
PasswordManager
-
-
Method Details
-
check
Checks both plaintext and hash- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmedpw
- plain text, already trimmed- Returns:
- if pw verified
-
checkPlain
- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmedpw
- plain text, already trimmed- Returns:
- if pw verified
-
checkB64
- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmedpw
- plain text, already trimmed- Returns:
- if pw verified
-
checkHash
With random salt- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmedpw
- plain text, already trimmed- Returns:
- if pw verified
-
checkHash
Check pw against b64 salt+hash, as generated by createHash()- Parameters:
shash
- b64 stringpw
- plain text non-null, already trimmed- Returns:
- if pw verified
- Since:
- 0.9.24
-
createHash
Create a salt+hash, to be saved and verified later by verifyHash().- Parameters:
pw
- plain text non-null, already trimmed- Returns:
- salted+hash b64 string
- Since:
- 0.9.24
-
get
Either plain or b64- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmed- Returns:
- the pw or null
-
getPlain
- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmed- Returns:
- the pw or null
-
getB64
- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmed- Returns:
- the decoded pw or null
-
md5Hex
Straight MD5, no salt Will return the MD5 sum of "user:subrealm:pw", compatible with Jetty and RFC 2617. Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617 See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication http://stackoverflow.com/questions/702629/utf-8-characters-mangled-in-http-basic-auth-username- Parameters:
subrealm
- to be used in creating the checksumuser
- non-null, non-empty, already trimmedpw
- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 32 chars, or null on error
-
md5Hex
Straight MD5, no salt Will return the MD5 sum of the data, compatible with Jetty and RFC 2617. Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617 See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication- Parameters:
fullpw
- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 32 chars, or null on error
-
md5Sum
public static byte[] md5Sum(byte[] data) Standard MD5 checksum- Parameters:
data
- non-null- Returns:
- 16 bytes, or null on error
-
sha256Hex
Straight SHA256, no salt Will return the SHA256 sum of "user:subrealm:pw", compatible with RFC 7616. NOT currently supported by Jetty.- Parameters:
subrealm
- to be used in creating the checksumuser
- non-null, non-empty, already trimmedpw
- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 32 chars, or null on error
- Since:
- 0.9.56
-
sha256Hex
Return the SHA256 sum of the data, compatible with RFC 7616. NOT currently supported by Jetty.- Parameters:
fullpw
- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 64 chars, or null on error
- Since:
- 0.9.56
-