java.lang.Object
- net.i2p.util.PasswordManager

Direct Known Subclasses:

RouterPasswordManager
```
public class PasswordManager
extends Object
```
Manage both plaintext and salted/hashed password storage in router.config. There's no state here, so instantiate at will.

Since:

0.9.4

Field Summary

Fields
Modifier and Type	Field	Description
`protected static String`	`PROP_B64`	stored obfuscated as b64 of the UTF-8 bytes
`protected static String`	`PROP_CRYPT`	stored as a Unix crypt string
`protected static String`	`PROP_MD5`	stored as the hex of the MD5 hash of the UTF-8 bytes.
`protected static String`	`PROP_PW`	stored as plain text
`protected static String`	`PROP_SHASH`	stored as the b64 of the 16 byte salt + the 32 byte hash of the UTF-8 bytes
`protected static int`	`SALT_LENGTH`
`protected static int`	`SHASH_LENGTH`	48

Constructor Summary

Constructors
Constructor Description

PasswordManager(I2PAppContext ctx)

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`check(String realm, String user, String pw)`	Checks both plaintext and hash
`boolean`	`checkB64(String realm, String user, String pw)`
`boolean`	`checkHash(String shash, String pw)`	Check pw against b64 salt+hash, as generated by createHash()
`boolean`	`checkHash(String realm, String user, String pw)`	With random salt
`boolean`	`checkPlain(String realm, String user, String pw)`
`String`	`createHash(String pw)`	Create a salt+hash, to be saved and verified later by verifyHash().
`String`	`get(String realm, String user)`	Either plain or b64
`String`	`getB64(String realm, String user)`
`String`	`getPlain(String realm, String user)`
`static String`	`md5Hex(String fullpw)`	Straight MD5, no salt Will return the MD5 sum of the data, compatible with Jetty and RFC 2617.
`static String`	`md5Hex(String subrealm, String user, String pw)`	Straight MD5, no salt Will return the MD5 sum of "user:subrealm:pw", compatible with Jetty and RFC 2617.
`static byte[]`	`md5Sum(byte[] data)`	Standard MD5 checksum

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - SALT_LENGTH
```
protected static final int SALT_LENGTH
```
    See Also:
    
    Constant Field Values
  - SHASH_LENGTH
```
protected static final int SHASH_LENGTH
```
    48
    
    See Also:
    
    Constant Field Values
  - PROP_PW
```
protected static final String PROP_PW
```
    stored as plain text
    
    See Also:
    
    Constant Field Values
  - PROP_B64
```
protected static final String PROP_B64
```
    stored obfuscated as b64 of the UTF-8 bytes
    
    See Also:
    
    Constant Field Values
  - PROP_MD5
```
protected static final String PROP_MD5
```
    stored as the hex of the MD5 hash of the UTF-8 bytes. Compatible with Jetty.
    
    See Also:
    
    Constant Field Values
  - PROP_CRYPT
```
protected static final String PROP_CRYPT
```
    stored as a Unix crypt string
    
    See Also:
    
    Constant Field Values
  - PROP_SHASH
```
protected static final String PROP_SHASH
```
    stored as the b64 of the 16 byte salt + the 32 byte hash of the UTF-8 bytes
    
    See Also:
    
    Constant Field Values
- Constructor Detail
  - PasswordManager
```
public PasswordManager(I2PAppContext ctx)
```
- Method Detail
  - check
```
public boolean check(String realm,
                     String user,
                     String pw)
```
    Checks both plaintext and hash
    
    Parameters:
    
    realm - e.g. i2cp, routerconsole, etc.
    
    user - null or "" for no user, already trimmed
    
    pw - plain text, already trimmed
    
    Returns:
    
    if pw verified
  - checkPlain
```
public boolean checkPlain(String realm,
                          String user,
                          String pw)
```
    Parameters:
    
    realm - e.g. i2cp, routerconsole, etc.
    
    user - null or "" for no user, already trimmed
    
    pw - plain text, already trimmed
    
    Returns:
    
    if pw verified
  - checkB64
```
public boolean checkB64(String realm,
                        String user,
                        String pw)
```
    Parameters:
    
    realm - e.g. i2cp, routerconsole, etc.
    
    user - null or "" for no user, already trimmed
    
    pw - plain text, already trimmed
    
    Returns:
    
    if pw verified
  - checkHash
```
public boolean checkHash(String realm,
                         String user,
                         String pw)
```
    With random salt
    
    Parameters:
    
    realm - e.g. i2cp, routerconsole, etc.
    
    user - null or "" for no user, already trimmed
    
    pw - plain text, already trimmed
    
    Returns:
    
    if pw verified
  - checkHash
```
public boolean checkHash(String shash,
                         String pw)
```
    Check pw against b64 salt+hash, as generated by createHash()
    
    Parameters:
    
    shash - b64 string
    
    pw - plain text non-null, already trimmed
    
    Returns:
    
    if pw verified
    
    Since:
    
    0.9.24
  - createHash
```
public String createHash(String pw)
```
    Create a salt+hash, to be saved and verified later by verifyHash().
    
    Parameters:
    
    pw - plain text non-null, already trimmed
    
    Returns:
    
    salted+hash b64 string
    
    Since:
    
    0.9.24
  - get
```
public String get(String realm,
                  String user)
```
    Either plain or b64
    
    Parameters:
    
    realm - e.g. i2cp, routerconsole, etc.
    
    user - null or "" for no user, already trimmed
    
    Returns:
    
    the pw or null
  - getPlain
```
public String getPlain(String realm,
                       String user)
```
    Parameters:
    
    realm - e.g. i2cp, routerconsole, etc.
    
    user - null or "" for no user, already trimmed
    
    Returns:
    
    the pw or null
  - getB64
```
public String getB64(String realm,
                     String user)
```
    Parameters:
    
    realm - e.g. i2cp, routerconsole, etc.
    
    user - null or "" for no user, already trimmed
    
    Returns:
    
    the decoded pw or null
  - md5Hex
```
public static String md5Hex(String subrealm,
                            String user,
                            String pw)
```
    Straight MD5, no salt Will return the MD5 sum of "user:subrealm:pw", compatible with Jetty and RFC 2617. Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617 See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication http://stackoverflow.com/questions/702629/utf-8-characters-mangled-in-http-basic-auth-username
    
    Parameters:
    
    subrealm - to be used in creating the checksum
    
    user - non-null, non-empty, already trimmed
    
    pw - non-null, plain text, already trimmed
    
    Returns:
    
    lower-case hex with leading zeros, 32 chars, or null on error
  - md5Hex
```
public static String md5Hex(String fullpw)
```
    Straight MD5, no salt Will return the MD5 sum of the data, compatible with Jetty and RFC 2617. Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617 See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication
    
    Parameters:
    
    fullpw - non-null, plain text, already trimmed
    
    Returns:
    
    lower-case hex with leading zeros, 32 chars, or null on error
  - md5Sum
```
public static byte[] md5Sum(byte[] data)
```
    Standard MD5 checksum
    
    Parameters:
    
    data - non-null
    
    Returns:
    
    16 bytes, or null on error

Class PasswordManager

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

SALT_LENGTH

SHASH_LENGTH

PROP_PW

PROP_B64

PROP_MD5

PROP_CRYPT

PROP_SHASH

Constructor Detail

PasswordManager

Method Detail

check

checkPlain

checkB64

checkHash

checkHash

createHash

get

getPlain

getB64

md5Hex

md5Hex

md5Sum