Declutterfier! Saves Data!

--- a PPN by Garber Painting Akron. With Image Size Reduction included!

URL: http://github.com/apache/commons-codec/pull/301.patch

attribute can be add,update,fix,remove. - Tidy up salt Javadoc and validation. + Sha2Crypt: tidy up salt Javadoc and validation. Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 #296. From 394cde5ec5a1994abeff457ff36685e8dca3c88f Mon Sep 17 00:00:00 2001 From: Sebb Date: Fri, 2 Aug 2024 17:14:14 +0100 Subject: [PATCH 4/4] Must use correct prefix for algorithm --- .../org/apache/commons/codec/digest/Sha2Crypt.java | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/apache/commons/codec/digest/Sha2Crypt.java b/src/main/java/org/apache/commons/codec/digest/Sha2Crypt.java index 2bfe62bdb9..f9277b53a6 100644 --- a/src/main/java/org/apache/commons/codec/digest/Sha2Crypt.java +++ b/src/main/java/org/apache/commons/codec/digest/Sha2Crypt.java @@ -67,7 +67,10 @@ public class Sha2Crypt { /** The prefixes that can be used to identify this crypt() variant (SHA-512). */ static final String SHA512_PREFIX = "$6$"; - /** The pattern to match valid salt values. */ + /** + * The pattern to match valid salt values. + * $[56]$(rounds=nn$)?[./a-zA-Z0-9]{1,16}.* + */ private static final Pattern SALT_PATTERN = Pattern .compile("^(\\$[56]\\$)(rounds=(\\d+)\\$)?([\\.\\/a-zA-Z0-9]{1,16}).*"); @@ -98,7 +101,7 @@ public static String sha256Crypt(final byte[] keyBytes) { * @param keyBytes * plaintext to hash. Each array element is set to {@code 0} before returning. * @param salt - * salt value including prefix ($5$ or $6$) and optionally "rounds=". + * salt value including prefix ($5$) and optionally "rounds=". * The salt may be null, in which case a salt is generated for you using {@link SecureRandom}. * Or you can pass your own {@link Random} in {@link #sha256Crypt(byte[], String, Random)}. * @return complete hash value including salt @@ -122,7 +125,7 @@ public static String sha256Crypt(final byte[] keyBytes, String salt) { * @param keyBytes * plaintext to hash. Each array element is set to {@code 0} before returning. * @param salt - * salt value including prefix ($5$ or $6$) and optionally "rounds=". + * salt value including prefix ($5$) and optionally "rounds=". * The salt may be null, in which case a salt is generated for you using the provided random generator * @param random * the instance of {@link Random} to use for generating the salt. @@ -575,7 +578,7 @@ public static String sha512Crypt(final byte[] keyBytes) { * @param keyBytes * plaintext to hash. Each array element is set to {@code 0} before returning. * @param salt - * salt value including prefix ($5$ or $6$) and optionally "rounds=". + * salt value including prefix ($6$) and optionally "rounds=". * The salt may be null, in which case a salt is generated for you using {@link SecureRandom}. * Or you can pass your own {@link Random} to {@link #sha512Crypt(byte[], String, Random)}. * @return complete hash value including salt @@ -599,7 +602,7 @@ public static String sha512Crypt(final byte[] keyBytes, String salt) { * @param keyBytes * plaintext to hash. Each array element is set to {@code 0} before returning. * @param salt - * salt value including prefix ($5$ or $6$) and optionally "rounds=". + * salt value including prefix ($6$) and optionally "rounds=". * The salt may be null, in which case a salt is generated for you using the provided random generator * @param random * the instance of {@link Random} to use for generating the salt. pFad - Phonifier reborn

Pfad - The Proxy pFad © 2024 Your Company Name. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies: