Package net.i2p.util
Class PasswordManager
java.lang.Object
net.i2p.util.PasswordManager
- Direct Known Subclasses:
RouterPasswordManager
Manage both plaintext and salted/hashed password storage in
router.config.
There's no state here, so instantiate at will.
- Since:
- 0.9.4
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected static final Stringstored obfuscated as b64 of the UTF-8 bytesprotected static final Stringstored as a Unix crypt stringprotected static final Stringstored as the hex of the MD5 hash of the UTF-8 bytes.protected static final Stringstored as plain textprotected static final Stringstored as the b64 of the 16 byte salt + the 32 byte hash of the UTF-8 bytesprotected static final intprotected static final int48 -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleanChecks both plaintext and hashbooleanbooleanCheck pw against b64 salt+hash, as generated by createHash()booleanWith random saltbooleancheckPlain(String realm, String user, String pw) createHash(String pw) Create a salt+hash, to be saved and verified later by verifyHash().Either plain or b64static StringStraight MD5, no salt Will return the MD5 sum of the data, compatible with Jetty and RFC 2617.static StringStraight MD5, no salt Will return the MD5 sum of "user:subrealm:pw", compatible with Jetty and RFC 2617.static byte[]md5Sum(byte[] data) Standard MD5 checksumstatic StringReturn the SHA256 sum of the data, compatible with RFC 7616.static StringStraight SHA256, no salt Will return the SHA256 sum of "user:subrealm:pw", compatible with RFC 7616.
-
Field Details
-
SALT_LENGTH
protected static final int SALT_LENGTH- See Also:
-
SHASH_LENGTH
protected static final int SHASH_LENGTH48- See Also:
-
PROP_PW
stored as plain text- See Also:
-
PROP_B64
stored obfuscated as b64 of the UTF-8 bytes- See Also:
-
PROP_MD5
stored as the hex of the MD5 hash of the UTF-8 bytes. Compatible with Jetty.- See Also:
-
PROP_CRYPT
stored as a Unix crypt string- See Also:
-
PROP_SHASH
stored as the b64 of the 16 byte salt + the 32 byte hash of the UTF-8 bytes- See Also:
-
-
Constructor Details
-
PasswordManager
-
-
Method Details
-
check
Checks both plaintext and hash- Parameters:
realm- e.g. i2cp, routerconsole, etc.user- null or "" for no user, already trimmedpw- plain text, already trimmed- Returns:
- if pw verified
-
checkPlain
- Parameters:
realm- e.g. i2cp, routerconsole, etc.user- null or "" for no user, already trimmedpw- plain text, already trimmed- Returns:
- if pw verified
-
checkB64
- Parameters:
realm- e.g. i2cp, routerconsole, etc.user- null or "" for no user, already trimmedpw- plain text, already trimmed- Returns:
- if pw verified
-
checkHash
With random salt- Parameters:
realm- e.g. i2cp, routerconsole, etc.user- null or "" for no user, already trimmedpw- plain text, already trimmed- Returns:
- if pw verified
-
checkHash
Check pw against b64 salt+hash, as generated by createHash()- Parameters:
shash- b64 stringpw- plain text non-null, already trimmed- Returns:
- if pw verified
- Since:
- 0.9.24
-
createHash
Create a salt+hash, to be saved and verified later by verifyHash().- Parameters:
pw- plain text non-null, already trimmed- Returns:
- salted+hash b64 string
- Since:
- 0.9.24
-
get
Either plain or b64- Parameters:
realm- e.g. i2cp, routerconsole, etc.user- null or "" for no user, already trimmed- Returns:
- the pw or null
-
getPlain
- Parameters:
realm- e.g. i2cp, routerconsole, etc.user- null or "" for no user, already trimmed- Returns:
- the pw or null
-
getB64
- Parameters:
realm- e.g. i2cp, routerconsole, etc.user- null or "" for no user, already trimmed- Returns:
- the decoded pw or null
-
md5Hex
Straight MD5, no salt Will return the MD5 sum of "user:subrealm:pw", compatible with Jetty and RFC 2617. Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617 See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication http://stackoverflow.com/questions/702629/utf-8-characters-mangled-in-http-basic-auth-username- Parameters:
subrealm- to be used in creating the checksumuser- non-null, non-empty, already trimmedpw- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 32 chars, or null on error
-
md5Hex
Straight MD5, no salt Will return the MD5 sum of the data, compatible with Jetty and RFC 2617. Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617 See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication- Parameters:
fullpw- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 32 chars, or null on error
-
md5Sum
public static byte[] md5Sum(byte[] data) Standard MD5 checksum- Parameters:
data- non-null- Returns:
- 16 bytes, or null on error
-
sha256Hex
Straight SHA256, no salt Will return the SHA256 sum of "user:subrealm:pw", compatible with RFC 7616. NOT currently supported by Jetty.- Parameters:
subrealm- to be used in creating the checksumuser- non-null, non-empty, already trimmedpw- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 32 chars, or null on error
- Since:
- 0.9.56
-
sha256Hex
Return the SHA256 sum of the data, compatible with RFC 7616. NOT currently supported by Jetty.- Parameters:
fullpw- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 64 chars, or null on error
- Since:
- 0.9.56
-