Class OpenBSDBCrypt


  • public class OpenBSDBCrypt
    extends java.lang.Object
    Password hashing scheme BCrypt, designed by Niels Provos and David Mazières, using the String format and the Base64 encoding of the reference implementation on OpenBSD.

    Passwords are encoded using UTF-8 when provided as char[]. Encoded passwords longer than 72 bytes are truncated and all remaining bytes are ignored.

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static boolean checkPassword​(java.lang.String bcryptString, byte[] password)
      Checks if a password corresponds to a 60 character Bcrypt String
      static boolean checkPassword​(java.lang.String bcryptString, char[] password)
      Checks if a password corresponds to a 60 character Bcrypt String
      static java.lang.String generate​(byte[] password, byte[] salt, int cost)
      Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$' using version '2y'.
      static java.lang.String generate​(char[] password, byte[] salt, int cost)
      Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$' using version '2y'.
      static java.lang.String generate​(java.lang.String version, byte[] password, byte[] salt, int cost)
      Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
      static java.lang.String generate​(java.lang.String version, char[] password, byte[] salt, int cost)
      Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Method Detail

      • generate

        public static java.lang.String generate​(char[] password,
                                                byte[] salt,
                                                int cost)
        Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$' using version '2y'.
        Parameters:
        cost - the cost factor, treated as an exponent of 2
        salt - a 16 byte salt
        password - the password
        Returns:
        a 60 character Bcrypt String
      • generate

        public static java.lang.String generate​(byte[] password,
                                                byte[] salt,
                                                int cost)
        Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$' using version '2y'.
        Parameters:
        cost - the cost factor, treated as an exponent of 2
        salt - a 16 byte salt
        password - the password
        Returns:
        a 60 character Bcrypt String
      • generate

        public static java.lang.String generate​(java.lang.String version,
                                                char[] password,
                                                byte[] salt,
                                                int cost)
        Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
        Parameters:
        version - the version, may be 2b, 2y or 2a. (2a is not backwards compatible.)
        cost - the cost factor, treated as an exponent of 2
        salt - a 16 byte salt
        password - the password
        Returns:
        a 60 character Bcrypt String
      • generate

        public static java.lang.String generate​(java.lang.String version,
                                                byte[] password,
                                                byte[] salt,
                                                int cost)
        Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
        Parameters:
        version - the version, may be 2b, 2y or 2a. (2a is not backwards compatible.)
        cost - the cost factor, treated as an exponent of 2
        salt - a 16 byte salt
        password - the password already encoded as a byte array.
        Returns:
        a 60 character Bcrypt String
      • checkPassword

        public static boolean checkPassword​(java.lang.String bcryptString,
                                            char[] password)
        Checks if a password corresponds to a 60 character Bcrypt String
        Parameters:
        bcryptString - a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
        password - the password as an array of chars
        Returns:
        true if the password corresponds to the Bcrypt String, otherwise false
      • checkPassword

        public static boolean checkPassword​(java.lang.String bcryptString,
                                            byte[] password)
        Checks if a password corresponds to a 60 character Bcrypt String
        Parameters:
        bcryptString - a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
        password - the password as an array of bytes
        Returns:
        true if the password corresponds to the Bcrypt String, otherwise false