Skip to content

Commit 78582ef

Browse files
authored
Updating Javadoc and docs (apache#208)
Co-authored-by: Yakov Shafranovich <yakovsh@amazon.com>
1 parent d1b0286 commit 78582ef

5 files changed

Lines changed: 147 additions & 71 deletions

File tree

src/main/java/org/apache/commons/codec/digest/Crypt.java

Lines changed: 4 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,6 @@
1818

1919
import java.nio.charset.StandardCharsets;
2020
import java.security.SecureRandom;
21-
import java.util.concurrent.ThreadLocalRandom;
2221

2322
/**
2423
* GNU libc crypt(3) compatible hash method.
@@ -40,8 +39,7 @@ public class Crypt {
4039
* details.
4140
* </p>
4241
* <p>
43-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
44-
* {@link SecureRandom} to generate your own salts and calling {@link #crypt(byte[], String)}.
42+
* A salt is generated for you using {@link SecureRandom}.
4543
* </p>
4644
*
4745
* @param keyBytes
@@ -65,9 +63,7 @@ public static String crypt(final byte[] keyBytes) {
6563
* plaintext password
6664
* @param salt
6765
* real salt value without prefix or "rounds=". The salt may be null,
68-
* in which case a salt is generated for you using {@link ThreadLocalRandom};
69-
* for more secure salts consider using {@link SecureRandom} to
70-
* generate your own salts.
66+
* in which case a salt is generated for you using {@link SecureRandom}.
7167
* @return hash value
7268
* @throws IllegalArgumentException
7369
* if the salt does not match the allowed pattern
@@ -96,8 +92,7 @@ public static String crypt(final byte[] keyBytes, final String salt) {
9692
* A random salt and the default algorithm (currently SHA-512) are used.
9793
* </p>
9894
* <p>
99-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
100-
* {@link SecureRandom} to generate your own salts and calling {@link #crypt(String, String)}.
95+
* A salt is generated for you using {@link SecureRandom}.
10196
* </p>
10297
*
10398
* @see #crypt(String, String)
@@ -165,8 +160,7 @@ public static String crypt(final String key) {
165160
* plaintext password as entered by the used
166161
* @param salt
167162
* real salt value without prefix or "rounds=". The salt may be null, in which case a
168-
* salt is generated for you using {@link ThreadLocalRandom}; for more secure salts
169-
* consider using {@link SecureRandom} to generate your own salts.
163+
* salt is generated for you using {@link SecureRandom}
170164
* @return hash value, i.e. encrypted password including the salt string
171165
* @throws IllegalArgumentException
172166
* if the salt does not match the allowed pattern

src/main/java/org/apache/commons/codec/digest/Md5Crypt.java

Lines changed: 13 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,6 @@
2121
import java.security.SecureRandom;
2222
import java.util.Arrays;
2323
import java.util.Random;
24-
import java.util.concurrent.ThreadLocalRandom;
2524
import java.util.regex.Matcher;
2625
import java.util.regex.Pattern;
2726

@@ -87,8 +86,8 @@ public static String apr1Crypt(final byte[] keyBytes) {
8786
* </p>
8887
*
8988
* @param keyBytes plaintext string to hash. Each array element is set to {@code 0} before returning.
90-
* @param random the instance of {@link Random} to use for generating the salt. Consider using {@link SecureRandom}
91-
* or {@link ThreadLocalRandom}.
89+
* @param random the instance of {@link Random} to use for generating the salt.
90+
* Consider using {@link SecureRandom} for more secure salts.
9291
* @return the hash value
9392
* @throws IllegalArgumentException when a {@link java.security.NoSuchAlgorithmException} is caught. *
9493
* @see #apr1Crypt(byte[], String)
@@ -108,8 +107,7 @@ public static String apr1Crypt(final byte[] keyBytes, final Random random) {
108107
* plaintext string to hash. Each array element is set to {@code 0} before returning.
109108
* @param salt
110109
* An APR1 salt. The salt may be null, in which case a salt is generated for you using
111-
* {@link ThreadLocalRandom}; for more secure salts consider using {@link SecureRandom} to generate your
112-
* own salts.
110+
* {@link SecureRandom}
113111
* @return the hash value
114112
* @throws IllegalArgumentException
115113
* if the salt does not match the allowed pattern
@@ -127,8 +125,7 @@ public static String apr1Crypt(final byte[] keyBytes, String salt) {
127125
/**
128126
* See {@link #apr1Crypt(String, String)} for details.
129127
* <p>
130-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
131-
* {@link SecureRandom} to generate your own salts and calling {@link #apr1Crypt(byte[], String)}.
128+
* A salt is generated for you using {@link SecureRandom}.
132129
* </p>
133130
*
134131
* @param keyBytes
@@ -153,8 +150,7 @@ public static String apr1Crypt(final String keyBytes) {
153150
* plaintext string to hash. Each array element is set to {@code 0} before returning.
154151
* @param salt
155152
* salt string including the prefix and optionally garbage at the end. The salt may be null, in which
156-
* case a salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
157-
* {@link SecureRandom} to generate your own salts.
153+
* case a salt is generated for you using {@link SecureRandom}.
158154
* @return the hash value
159155
* @throws IllegalArgumentException
160156
* if the salt does not match the allowed pattern
@@ -171,8 +167,7 @@ public static String apr1Crypt(final String keyBytes, final String salt) {
171167
* See {@link #md5Crypt(byte[], String)} for details.
172168
* </p>
173169
* <p>
174-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
175-
* {@link SecureRandom} to generate your own salts and calling {@link #md5Crypt(byte[], String)}.
170+
* A salt is generated for you using {@link SecureRandom}.
176171
* </p>
177172
* @param keyBytes
178173
* plaintext string to hash. Each array element is set to {@code 0} before returning.
@@ -196,8 +191,8 @@ public static String md5Crypt(final byte[] keyBytes) {
196191
* @param keyBytes
197192
* plaintext string to hash. Each array element is set to {@code 0} before returning.
198193
* @param random
199-
* the instance of {@link Random} to use for generating the salt. Consider using {@link SecureRandom}
200-
* or {@link ThreadLocalRandom}.
194+
* the instance of {@link Random} to use for generating the salt.
195+
* Consider using {@link SecureRandom} for more secure salts.
201196
* @return the hash value
202197
* @throws IllegalArgumentException
203198
* when a {@link java.security.NoSuchAlgorithmException} is caught.
@@ -219,8 +214,7 @@ public static String md5Crypt(final byte[] keyBytes, final Random random) {
219214
* plaintext string to hash. Each array element is set to {@code 0} before returning.
220215
* @param salt
221216
* salt string including the prefix and optionally garbage at the end. The salt may be null, in which
222-
* case a salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
223-
* {@link SecureRandom} to generate your own salts.
217+
* case a salt is generated for you using {@link SecureRandom}.
224218
* @return the hash value
225219
* @throws IllegalArgumentException
226220
* if the salt does not match the allowed pattern
@@ -242,8 +236,7 @@ public static String md5Crypt(final byte[] keyBytes, final String salt) {
242236
* plaintext string to hash. Each array element is set to {@code 0} before returning.
243237
* @param salt
244238
* real salt value without prefix or "rounds=". The salt may be null, in which case a salt
245-
* is generated for you using {@link ThreadLocalRandom}; for more secure salts consider
246-
* using {@link SecureRandom} to generate your own salts.
239+
* is generated for you using {@link SecureRandom}.
247240
* @param prefix
248241
* salt prefix
249242
* @return the hash value
@@ -266,13 +259,12 @@ public static String md5Crypt(final byte[] keyBytes, final String salt, final St
266259
* plaintext string to hash. Each array element is set to {@code 0} before returning.
267260
* @param salt
268261
* real salt value without prefix or "rounds=". The salt may be null, in which case a salt
269-
* is generated for you using {@link ThreadLocalRandom}; for more secure salts consider
270-
* using {@link SecureRandom} to generate your own salts.
262+
* is generated for you using {@link SecureRandom}.
271263
* @param prefix
272264
* salt prefix
273265
* @param random
274-
* the instance of {@link Random} to use for generating the salt. Consider using {@link SecureRandom}
275-
* or {@link ThreadLocalRandom}.
266+
* the instance of {@link Random} to use for generating the salt.
267+
* Consider using {@link SecureRandom} for more secure salts.
276268
* @return the hash value
277269
* @throws IllegalArgumentException
278270
* if the salt does not match the allowed pattern

src/main/java/org/apache/commons/codec/digest/Sha2Crypt.java

Lines changed: 7 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,6 @@
2222
import java.security.SecureRandom;
2323
import java.util.Arrays;
2424
import java.util.Random;
25-
import java.util.concurrent.ThreadLocalRandom;
2625
import java.util.regex.Matcher;
2726
import java.util.regex.Pattern;
2827

@@ -78,8 +77,7 @@ public class Sha2Crypt {
7877
* See {@link Crypt#crypt(String, String)} for details.
7978
* </p>
8079
* <p>
81-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
82-
* {@link SecureRandom} to generate your own salts and calling {@link #sha256Crypt(byte[], String)}.
80+
* A salt is generated for you using {@link SecureRandom}.
8381
* </p>
8482
*
8583
* @param keyBytes
@@ -126,8 +124,8 @@ public static String sha256Crypt(final byte[] keyBytes, String salt) {
126124
* @param salt
127125
* real salt value without prefix or "rounds=".
128126
* @param random
129-
* the instance of {@link Random} to use for generating the salt. Consider using {@link SecureRandom}
130-
* or {@link ThreadLocalRandom}.
127+
* the instance of {@link Random} to use for generating the salt.
128+
* Consider using {@link SecureRandom} for more secure salts.
131129
* @return complete hash value including salt
132130
* @throws IllegalArgumentException
133131
* if the salt does not match the allowed pattern
@@ -551,8 +549,7 @@ private static String sha2Crypt(final byte[] keyBytes, final String salt, final
551549
* See {@link Crypt#crypt(String, String)} for details.
552550
* </p>
553551
* <p>
554-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
555-
* {@link SecureRandom} to generate your own salts and calling {@link #sha512Crypt(byte[], String)}.
552+
* A salt is generated for you using {@link SecureRandom}
556553
* </p>
557554
*
558555
* @param keyBytes
@@ -601,11 +598,10 @@ public static String sha512Crypt(final byte[] keyBytes, String salt) {
601598
* plaintext to hash. Each array element is set to {@code 0} before returning.
602599
* @param salt
603600
* real salt value without prefix or "rounds=". The salt may be null, in which case a salt
604-
* is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
605-
* {@link SecureRandom} to generate your own salts.
601+
* is generated for you using {@link SecureRandom}.
606602
* @param random
607-
* the instance of {@link Random} to use for generating the salt. Consider using {@link SecureRandom}
608-
* or {@link ThreadLocalRandom}.
603+
* the instance of {@link Random} to use for generating the salt.
604+
* Consider using {@link SecureRandom} for more secure salts.
609605
* @return complete hash value including salt
610606
* @throws IllegalArgumentException
611607
* if the salt does not match the allowed pattern

src/main/java/org/apache/commons/codec/digest/UnixCrypt.java

Lines changed: 5 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,6 @@
1919
import java.nio.charset.StandardCharsets;
2020
import java.security.SecureRandom;
2121
import java.util.Arrays;
22-
import java.util.concurrent.ThreadLocalRandom;
2322

2423
/**
2524
* Unix crypt(3) algorithm implementation.
@@ -176,8 +175,7 @@ public class UnixCrypt {
176175
/**
177176
* Generates a crypt(3) compatible hash using the DES algorithm.
178177
* <p>
179-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
180-
* {@link SecureRandom} to generate your own salts and calling {@link #crypt(byte[], String)}.
178+
* A salt is generated for you using {@link SecureRandom}.
181179
* </p>
182180
*
183181
* @param original
@@ -198,15 +196,14 @@ public static String crypt(final byte[] original) {
198196
* plaintext password
199197
* @param salt
200198
* a two character string drawn from [a-zA-Z0-9./]. The salt may be null, in which case a salt is
201-
* generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
202-
* {@link SecureRandom} to generate your own salts.
199+
* generated for you using {@link SecureRandom}.
203200
* @return a 13 character string starting with the salt string
204201
* @throws IllegalArgumentException
205202
* if the salt does not match the allowed pattern
206203
*/
207204
public static String crypt(final byte[] original, String salt) {
208205
if (salt == null) {
209-
final ThreadLocalRandom randomGenerator = ThreadLocalRandom.current();
206+
final SecureRandom randomGenerator = new SecureRandom();
210207
final int numSaltChars = SALT_CHARS.length;
211208
salt = "" + SALT_CHARS[randomGenerator.nextInt(numSaltChars)] +
212209
SALT_CHARS[randomGenerator.nextInt(numSaltChars)];
@@ -261,8 +258,7 @@ public static String crypt(final byte[] original, String salt) {
261258
/**
262259
* Generates a crypt(3) compatible hash using the DES algorithm.
263260
* <p>
264-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
265-
* {@link SecureRandom} to generate your own salts and calling {@link #crypt(String, String)}.
261+
* A salt is generated for you using {@link SecureRandom}.
266262
* </p>
267263
*
268264
* @param original
@@ -280,8 +276,7 @@ public static String crypt(final String original) {
280276
* plaintext password
281277
* @param salt
282278
* a two character string drawn from [a-zA-Z0-9./]. The salt may be null, in which case a salt is
283-
* generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
284-
* {@link SecureRandom} to generate your own salts.
279+
* generated for you using {@link SecureRandom}.
285280
* @return a 13 character string starting with the salt string
286281
* @throws IllegalArgumentException
287282
* if the salt does not match the allowed pattern

0 commit comments

Comments
 (0)