Class BCrypt
java.lang.Object
com.hierynomus.sshj.userauth.keyprovider.bcrypt.BCrypt
BCrypt implements OpenBSD-style Blowfish password hashing using
the scheme described in "A Future-Adaptable Password Scheme" by
Niels Provos and David Mazieres.
This password hashing system tries to thwart off-line password cracking using a computationally-intensive hashing algorithm, based on Bruce Schneier's Blowfish cipher. The work factor of the algorithm is parameterised, so it can be increased as computers get faster. The amount of work increases exponentially (2**log_rounds), so each increment is twice as much work. The default log_rounds is 10, and the valid range is 4 to 30.
- Version:
- 0.2
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final int
private static final int[]
private int[]
private static final int[]
private int[]
private static final int[]
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprivate void
ekskey
(byte[] data, byte[] key) Perform the "enhanced key schedule" step described by Provos and Mazieres in "A Future-Adaptable Password Scheme" http://www.openbsd.org/papers/bcrypt-paper.psprivate void
encipher
(int[] lr, int off) Blowfish encipher a single 64-bit block encoded as two 32-bit halvesvoid
hash
(byte[] hpass, byte[] hsalt, byte[] output) Compatibility with new OpenBSD function.private void
init_key()
Initialise the Blowfish key scheduleprivate void
key
(byte[] key) Key the Blowfish ciphervoid
pbkdf
(byte[] password, byte[] salt, int rounds, byte[] output) Compatibility with new OpenBSD function.private static int
streamtoword
(byte[] data, int[] offp) Cycically extract a word of key material
-
Field Details
-
BLOWFISH_NUM_ROUNDS
private static final int BLOWFISH_NUM_ROUNDS- See Also:
-
P_orig
private static final int[] P_orig -
S_orig
private static final int[] S_orig -
openbsd_iv
private static final int[] openbsd_iv -
P
private int[] P -
S
private int[] S
-
-
Constructor Details
-
BCrypt
public BCrypt()
-
-
Method Details
-
encipher
private void encipher(int[] lr, int off) Blowfish encipher a single 64-bit block encoded as two 32-bit halves- Parameters:
lr
- an array containing the two 32-bit half blocksoff
- the position in the array of the blocks
-
streamtoword
private static int streamtoword(byte[] data, int[] offp) Cycically extract a word of key material- Parameters:
data
- the string to extract the data fromoffp
- a "pointer" (as a one-entry array) to the current offset into data- Returns:
- the next word of material from data
-
init_key
private void init_key()Initialise the Blowfish key schedule -
key
private void key(byte[] key) Key the Blowfish cipher- Parameters:
key
- an array containing the key
-
ekskey
private void ekskey(byte[] data, byte[] key) Perform the "enhanced key schedule" step described by Provos and Mazieres in "A Future-Adaptable Password Scheme" http://www.openbsd.org/papers/bcrypt-paper.ps- Parameters:
data
- salt informationkey
- password information
-
hash
public void hash(byte[] hpass, byte[] hsalt, byte[] output) Compatibility with new OpenBSD function. -
pbkdf
public void pbkdf(byte[] password, byte[] salt, int rounds, byte[] output) Compatibility with new OpenBSD function.
-