@@ -65,8 +65,8 @@ public class Md5Crypt {
6565 /**
6666 * See {@link #apr1Crypt(byte[], String)} for details.
6767 * <p>
68- * A salt is generated for you using {@link ThreadLocalRandom }; for more secure salts consider using
69- * {@link SecureRandom} to generate your own salts and calling {@link #apr1Crypt(byte[], String )}.
68+ * A salt is generated for you using {@link SecureRandom }; your own {@link Random} in
69+ * {@link #apr1Crypt(byte[], Random )}.
7070 * </p>
7171 *
7272 * @param keyBytes plaintext string to hash.
@@ -98,8 +98,7 @@ public static String apr1Crypt(final byte[] keyBytes, final Random random) {
9898 /**
9999 * See {@link #apr1Crypt(String, String)} for details.
100100 * <p>
101- * A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
102- * {@link SecureRandom} to generate your own salts.
101+ * A salt is generated for you using {@link SecureRandom}
103102 * </p>
104103 *
105104 * @param keyBytes
@@ -207,7 +206,8 @@ public static String md5Crypt(final byte[] keyBytes, final Random random) {
207206 /**
208207 * Generates a libc crypt() compatible "$1$" MD5 based hash value.
209208 * <p>
210- * See {@link Crypt#crypt(String, String)} for details.
209+ * See {@link Crypt#crypt(String, String)} for details. We use {@link SecureRandom} for seed generation by
210+ * default.
211211 * </p>
212212 *
213213 * @param keyBytes
@@ -229,7 +229,8 @@ public static String md5Crypt(final byte[] keyBytes, final String salt) {
229229 /**
230230 * Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
231231 * <p>
232- * See {@link Crypt#crypt(String, String)} or {@link #apr1Crypt(String, String)} for details.
232+ * See {@link Crypt#crypt(String, String)} or {@link #apr1Crypt(String, String)} for details. We use
233+ * {@link SecureRandom by default}.
233234 * </p>
234235 *
235236 * @param keyBytes
0 commit comments