crypt(3) $6$ password hash algorithm (based on SHA-512) in Java?

Question

I'm looking for a Java function to generate/verify password hashes that were encoded in the way crypt(3) does when storing them in the Linux "/etc/shadow" file if sha512 is activated in "/etc/pam.d/common-password".

The plaintext string "geheim" will translate to:

"$6$WoC532HB$LagBJ00vAGNGu8p9oeYDOSNZo9vTNTzOgPA.K0bJoiXfbcpj3jBuTkNwdzCrSNadRi8LanH1tH6tGGPPp/Lp3."

From http://www.akkadia.org/drepper/SHA-crypt.txt I understand that, like with MD5, it's not just a SHA hash like DigestUtils or the Java MessageDigest classes produce but an algorithm that does a bit more magic.

Did you check that: stackoverflow.com/questions/3174943/…

home
– home

2012-01-30 11:02:54 +00:00
Commented Jan 30, 2012 at 11:02 — home
– home, Commented Jan 30, 2012 at 11:02

lathspell42 · Accepted Answer · 2012-02-08 13:45:40Z

5

I found Java implementations for all the new crypt() algorithms here: ftp://ftp.arlut.utexas.edu/java_hashes/

answered Feb 8, 2012 at 13:45

lathspell42

6533 gold badges7 silver badges11 bronze badges

Sign up to request clarification or add additional context in comments.

4 Comments

lathspell42 Over a year ago

Meanwhile the Apache Commons Codec project has complete support for all Linux crypt() algorithms!

DonyorM Over a year ago

I would appreciate a little info about where that link comes from. Downloading random jars can be a bad idea.

Luc Over a year ago

FYI the link is dead, and no archive.org version available. Do you have another source?

Air2 Over a year ago

github.com/apache/commons-codec/blob/master/src/main/java/org/…

Sergey Ponomarev · Accepted Answer · 2016-03-07 13:33:42Z

Take a look on Apache Commons Codec Digest

Also jBCrypt you may find useful.

In this article Modular Crypt Format or, a side note about a standard that isn’t a lot of details of Crypt3 format.

user1188139 · Accepted Answer · 2012-02-03 17:47:33Z

The othe question you refer to only provides links to the traditional crypt(3) method based on DES and the "$1$" method based on MD5. I need to check passwords that use the "$5$" method that is based on SHA-1 or even the "$6$" method that is based on SHA-512.

Based here means that crypt(3) uses e.g. SHA-512 but adds a salt value and does several iterations as described on http://www.akkadia.org/drepper/SHA-crypt.txt

After some searching I found at least one implementation of the $6$ mechanism based on SHA-512: tools.arlut.utexas.edu/gash2/doc/javadoc/arlut/csd/crypto/…
man 3 crypt → "NOTES" → "Features in glibc" → $5$ = SHA-256 (not SHA-1)

Collectives™ on Stack Overflow

crypt(3) $6$ password hash algorithm (based on SHA-512) in Java?

3 Answers 3

4 Comments

Comments

2 Comments

Linked

Hot Network Questions

Collectives™ on Stack Overflow

3 Answers 3

4 Comments

Comments

2 Comments

Linked

Related