Package net.i2p.util
Class PasswordManager
- java.lang.Object
-
- net.i2p.util.PasswordManager
-
- Direct Known Subclasses:
RouterPasswordManager
public class PasswordManager extends Object
Manage both plaintext and salted/hashed password storage in router.config. There's no state here, so instantiate at will.- Since:
- 0.9.4
-
-
Field Summary
Fields Modifier and Type Field Description protected static String
PROP_B64
stored obfuscated as b64 of the UTF-8 bytesprotected static String
PROP_CRYPT
stored as a Unix crypt stringprotected static String
PROP_MD5
stored as the hex of the MD5 hash of the UTF-8 bytes.protected static String
PROP_PW
stored as plain textprotected static String
PROP_SHASH
stored as the b64 of the 16 byte salt + the 32 byte hash of the UTF-8 bytesprotected static int
SALT_LENGTH
protected static int
SHASH_LENGTH
48
-
Constructor Summary
Constructors Constructor Description PasswordManager(I2PAppContext ctx)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
check(String realm, String user, String pw)
Checks both plaintext and hashboolean
checkB64(String realm, String user, String pw)
boolean
checkHash(String shash, String pw)
Check pw against b64 salt+hash, as generated by createHash()boolean
checkHash(String realm, String user, String pw)
With random saltboolean
checkPlain(String realm, String user, String pw)
String
createHash(String pw)
Create a salt+hash, to be saved and verified later by verifyHash().String
get(String realm, String user)
Either plain or b64String
getB64(String realm, String user)
String
getPlain(String realm, String user)
static String
md5Hex(String fullpw)
Straight MD5, no salt Will return the MD5 sum of the data, compatible with Jetty and RFC 2617.static String
md5Hex(String subrealm, String user, String pw)
Straight MD5, no salt Will return the MD5 sum of "user:subrealm:pw", compatible with Jetty and RFC 2617.static byte[]
md5Sum(byte[] data)
Standard MD5 checksum
-
-
-
Field Detail
-
SALT_LENGTH
protected static final int SALT_LENGTH
- See Also:
- Constant Field Values
-
SHASH_LENGTH
protected static final int SHASH_LENGTH
48- See Also:
- Constant Field Values
-
PROP_PW
protected static final String PROP_PW
stored as plain text- See Also:
- Constant Field Values
-
PROP_B64
protected static final String PROP_B64
stored obfuscated as b64 of the UTF-8 bytes- See Also:
- Constant Field Values
-
PROP_MD5
protected static final String PROP_MD5
stored as the hex of the MD5 hash of the UTF-8 bytes. Compatible with Jetty.- See Also:
- Constant Field Values
-
PROP_CRYPT
protected static final String PROP_CRYPT
stored as a Unix crypt string- See Also:
- Constant Field Values
-
PROP_SHASH
protected static final String PROP_SHASH
stored as the b64 of the 16 byte salt + the 32 byte hash of the UTF-8 bytes- See Also:
- Constant Field Values
-
-
Constructor Detail
-
PasswordManager
public PasswordManager(I2PAppContext ctx)
-
-
Method Detail
-
check
public boolean check(String realm, String user, String pw)
Checks both plaintext and hash- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmedpw
- plain text, already trimmed- Returns:
- if pw verified
-
checkPlain
public boolean checkPlain(String realm, String user, String pw)
- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmedpw
- plain text, already trimmed- Returns:
- if pw verified
-
checkB64
public boolean checkB64(String realm, String user, String pw)
- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmedpw
- plain text, already trimmed- Returns:
- if pw verified
-
checkHash
public boolean checkHash(String realm, String user, String pw)
With random salt- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmedpw
- plain text, already trimmed- Returns:
- if pw verified
-
checkHash
public boolean checkHash(String shash, String pw)
Check pw against b64 salt+hash, as generated by createHash()- Parameters:
shash
- b64 stringpw
- plain text non-null, already trimmed- Returns:
- if pw verified
- Since:
- 0.9.24
-
createHash
public String createHash(String pw)
Create a salt+hash, to be saved and verified later by verifyHash().- Parameters:
pw
- plain text non-null, already trimmed- Returns:
- salted+hash b64 string
- Since:
- 0.9.24
-
get
public String get(String realm, String user)
Either plain or b64- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmed- Returns:
- the pw or null
-
getPlain
public String getPlain(String realm, String user)
- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmed- Returns:
- the pw or null
-
getB64
public String getB64(String realm, String user)
- Parameters:
realm
- e.g. i2cp, routerconsole, etc.user
- null or "" for no user, already trimmed- Returns:
- the decoded pw or null
-
md5Hex
public static String md5Hex(String subrealm, String user, String pw)
Straight MD5, no salt Will return the MD5 sum of "user:subrealm:pw", compatible with Jetty and RFC 2617. Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617 See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication http://stackoverflow.com/questions/702629/utf-8-characters-mangled-in-http-basic-auth-username- Parameters:
subrealm
- to be used in creating the checksumuser
- non-null, non-empty, already trimmedpw
- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 32 chars, or null on error
-
md5Hex
public static String md5Hex(String fullpw)
Straight MD5, no salt Will return the MD5 sum of the data, compatible with Jetty and RFC 2617. Updated in 0.9.26 to use UTF-8, as implied in RFC 7616/7617 See also http://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication- Parameters:
fullpw
- non-null, plain text, already trimmed- Returns:
- lower-case hex with leading zeros, 32 chars, or null on error
-
md5Sum
public static byte[] md5Sum(byte[] data)
Standard MD5 checksum- Parameters:
data
- non-null- Returns:
- 16 bytes, or null on error
-
-