Package rife.tools

Class DrupalPassword

java.lang.Object
rife.tools.DrupalPassword
public class DrupalPassword extends Object
Java implementation of the Drupal 7 password hashing algorithm.
Since:
1.1

  • Field Details

    • PREFIX

      public static final String PREFIX
      The string prefix that all Drupal password hashes have.
      See Also:

    • DRUPAL_HASH_COUNT

      public static final int DRUPAL_HASH_COUNT
      The standard log2 number of iterations for password stretching. This should increase by 1 every Drupal version in order to counteract increases in the speed and power of computers available to crack the hashes.
      See Also:

    • DRUPAL_MIN_HASH_COUNT

      public static final int DRUPAL_MIN_HASH_COUNT
      The minimum allowed log2 number of iterations for password stretching.
      See Also:

    • DRUPAL_MAX_HASH_COUNT

      public static final int DRUPAL_MAX_HASH_COUNT
      The maximum allowed log2 number of iterations for password stretching.
      See Also:

    • DRUPAL_HASH_LENGTH

      public static final int DRUPAL_HASH_LENGTH
      The expected (and maximum) number of characters in a hashed password.
      See Also:

  • Constructor Details

    • DrupalPassword

      public DrupalPassword()

    • DrupalPassword

      public DrupalPassword(int passwordCountLog2)

  • Method Details

    • hashPassword

      public String hashPassword(String password) throws NoSuchAlgorithmException
      Hash a password using a secure hash.
      Parameters:
      password - A plain-text password.
      Returns:
      A string containing the hashed password (and a salt), or null on failure.
      Throws:
      NoSuchAlgorithmException
      Since:
      1.1

    • hashPassword

      public String hashPassword(String password, String setting) throws NoSuchAlgorithmException
      Hash a password using a secure hash.
      Parameters:
      password - A plain-text password.
      setting - An existing hash or the output of _password_generate_salt(). Must be at least 12 characters (the settings and salt).
      Returns:
      A string containing the hashed password (and a salt), or null on failure.
      Throws:
      NoSuchAlgorithmException
      Since:
      1.1

    • md5php

      public static String md5php(String password) throws NoSuchAlgorithmException
      Throws:
      NoSuchAlgorithmException

    • checkPassword

      public static boolean checkPassword(String candidate, String saltedEncrypted) throws NoSuchAlgorithmException
      Check whether a plain text password matches a stored hashed password.
      Parameters:
      candidate - the clear text password
      saltedEncrypted - the salted encrypted Drupal 7 password string to check
      Returns:
      true if the candidate matches; or false otherwise.
      Throws:
      NoSuchAlgorithmException - when the hashing algorithm couldn't be found
      Since:
      1.1

    • passwordGetCountLog2

      public static int passwordGetCountLog2(String setting)
      Parse the log2 iteration count from a stored hash or setting string.
      Parameters:
      setting - the Drupal 7 hash or setting string
      Since:
      1.1

    • passwordNeedsNewHash

      public boolean passwordNeedsNewHash(String password)
      Check whether a user's hashed password needs to be replaced with a new hash.

      This is typically called during the login process when the plain text password is available. A new hash is needed when the desired iteration count has changed through a change in the variable password_count_log2 or DRUPAL_HASH_COUNT or if the user's password hash was generated in an update like user_update_7000().

      Alternative implementations of this function might use other criteria based on the fields in $account.

      Parameters:
      password - the password ot check
      Returns:
      true when the password needs to be re-hashed; or {code false} otherwise
      Since:
      1.1