Package org.cryptacular.bean
Class BCryptHashBean
java.lang.Object
org.cryptacular.bean.BCryptHashBean
HashBean
implementation that uses the bcrypt algorithm for hashing. Hash strings of the following
format are supported:
$2n$cost$xxxxxxxxxxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
where:
n is an optional bcrypt algorithm version (typically "a" or "b")
4 ≤ cost ≤ 31
x is 22 characters of encoded salt
y is 31 characters of encoded hash bytes
The encoding for salt and hash bytes is a variant of base-64 encoding without padding in the following alphabet:
./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- Author:
- Middleware Services
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
Handles encoding and decoding a bcrypt hash of the form$2n$cost$xxxxxxxxxxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
. -
Constructor Summary
ConstructorsConstructorDescriptionCreates a new instance.BCryptHashBean
(int costFactor) Creates a new instance that uses the given cost factor when hashing. -
Method Summary
Modifier and TypeMethodDescriptionboolean
Compares a bcrypt hash of the form$2n$cost$xxxxxxxxxxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
with the computed hash from the given password.Compute a bcrypt hash of the form$2n$cost$xxxxxxxxxxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
given a salt and a password.void
setCost
(int costFactor) Sets the bcrypt cost factor.void
setVersion
(String ver) Sets the bcrypt version.
-
Constructor Details
-
BCryptHashBean
public BCryptHashBean()Creates a new instance. -
BCryptHashBean
public BCryptHashBean(int costFactor) Creates a new instance that uses the given cost factor when hashing.- Parameters:
costFactor
- BCrypt cost in the range [4, 31].
-
-
Method Details
-
setCost
public void setCost(int costFactor) Sets the bcrypt cost factor.- Parameters:
costFactor
- BCrypt cost in the range [4, 31].
-
setVersion
Sets the bcrypt version.- Parameters:
ver
- Bcrypt version, e.g. "2b"
-
hash
Compute a bcrypt hash of the form$2n$cost$xxxxxxxxxxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
given a salt and a password.- Specified by:
hash
in interfaceHashBean<String>
- Parameters:
data
- A 2-element array containing salt and password. The salt may be encoded per the bcrypt standard or raw bytes.- Returns:
- An encoded bcrypt hash,
yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
in the specification above. - Throws:
CryptoException
- on bcrypt algorithm errors.
-
compare
Compares a bcrypt hash of the form$2n$cost$xxxxxxxxxxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
with the computed hash from the given password. The bcrypt algorithm parameters are derived from the reference bcrypt hash string.- Specified by:
compare
in interfaceHashBean<String>
- Parameters:
data
- A 1-element array containing password.hash
- Known hash value.- Returns:
- True if the computed hash is exactly equal to the reference hash, false otherwise.
- Throws:
CryptoException
- on bcrypt algorithm errors.StreamException
- on stream IO errors.
-