crypt(3) $6$ 密码哈希算法(基于 SHA-512)在 Java 中?
我正在寻找一个 Java 函数来生成/验证密码哈希值,这些哈希值在将密码存储在 Linux“/etc/shadow”文件中时以 crypt(3) 的方式进行编码,如果 sha512 在“/etc/pam.d/common-password”中激活。
明文字符串“geheim”将转换为:
"$6$WoC532HB$LagBJ00vAGNGu8p9oeYDOSNZo9vTNTzOgPA.K0bJoiXfbcpj3jBuTkNwdzCrSNadRi8LanH1tH6tGGPPp/Lp3."
来自 http://www.akkadia.org/ drepper/SHA-crypt.txt 我知道,与 MD5 一样,它不仅仅是像 DigestUtils 或 Java MessageDigest 类那样产生的 SHA 哈希,而是一种算法那做了更多的魔法。
I'm looking for a Java function to generate/verify password hashes that were encoded in the way crypt(3) does when storing them in the Linux "/etc/shadow" file if sha512 is activated in "/etc/pam.d/common-password".
The plaintext string "geheim" will translate to:
"$6$WoC532HB$LagBJ00vAGNGu8p9oeYDOSNZo9vTNTzOgPA.K0bJoiXfbcpj3jBuTkNwdzCrSNadRi8LanH1tH6tGGPPp/Lp3."
From http://www.akkadia.org/drepper/SHA-crypt.txt I understand that, like with MD5, it's not just a SHA hash like DigestUtils or the Java MessageDigest classes produce but an algorithm that does a bit more magic.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我在这里找到了所有新 crypt() 算法的 Java 实现:ftp://ftp.arlut.utexas。 edu/java_hashes/
I found Java implementations for all the new crypt() algorithms here: ftp://ftp.arlut.utexas.edu/java_hashes/
查看 Apache Commons 编解码器摘要
另外,jBCrypt 您可能会发现有用。
在本文中模块化加密格式,或者关于标准的旁注 Crypt3 格式的详细信息。
Take a look on Apache Commons Codec Digest
Also jBCrypt you may find useful.
In this article Modular Crypt Format or, a side note about a standard that isn’t a lot of details of Crypt3 format.
您提到的其他问题仅提供基于 DES 的传统 crypt(3) 方法和基于 MD5 的“$1$”方法的链接。我需要检查使用基于 SHA-1 的“$5$”方法甚至基于 SHA-512 的“$6$”方法的密码。
基于此处意味着 crypt(3) 使用例如 SHA-512,但添加盐值并执行多次迭代,如 http://www.akkadia.org/drepper/SHA-crypt.txt
The othe question you refer to only provides links to the traditional crypt(3) method based on DES and the "$1$" method based on MD5. I need to check passwords that use the "$5$" method that is based on SHA-1 or even the "$6$" method that is based on SHA-512.
Based here means that crypt(3) uses e.g. SHA-512 but adds a salt value and does several iterations as described on http://www.akkadia.org/drepper/SHA-crypt.txt