@Override public String hash(final String input) { return BCrypt.hashpw(input, salt); }
/** * Check that a plaintext password matches a previously hashed * one. * * @param plaintext the plaintext password to verify * @param hashed the previously-hashed password * @return true if the passwords match, false otherwise */ public static boolean checkpw(String plaintext, String hashed) { byte[] hashed_bytes; byte[] try_bytes; try { String try_pw = hashpw(plaintext, hashed); hashed_bytes = hashed.getBytes("UTF-8"); try_bytes = try_pw.getBytes("UTF-8"); } catch (UnsupportedEncodingException uee) { return false; } if (hashed_bytes.length != try_bytes.length) { return false; } byte ret = 0; for (int i = 0; i < try_bytes.length; i++) { ret |= hashed_bytes[i] ^ try_bytes[i]; } return ret == 0; } }
/** * Test method for 'BCrypt.gensalt()' */ @Test void testGensalt() { for (int i = 0; i < test_vectors.length; i += 4) { String plain = test_vectors[i][0]; String salt = BCrypt.gensalt(); String hashed1 = BCrypt.hashpw(plain, salt); String hashed2 = BCrypt.hashpw(plain, hashed1); assertEquals(hashed1, hashed2); } }
/** * Test method for 'BCrypt.gensalt(int)' */ @Test void testGensaltInt() { for (int i = 4; i <= 12; i++) { for (int j = 0; j < test_vectors.length; j += 4) { String plain = test_vectors[j][0]; String salt = BCrypt.gensalt(i); String hashed1 = BCrypt.hashpw(plain, salt); String hashed2 = BCrypt.hashpw(plain, hashed1); assertEquals(hashed1, hashed2); } } }
/** * Test method for 'BCrypt.hashpw(String, String)' */ @Test void testHashpw() { for (String[] test_vector : test_vectors) { String plain = test_vector[0]; String salt = test_vector[1]; String expected = test_vector[2]; String hashed = BCrypt.hashpw(plain, salt); assertEquals(hashed, expected); } }
/** * Encodes the {@link SimTok} to JSON string. */ public String encode(final SimTok simTok) { final String json = JsonSerializer.create().deep(true).serialize(simTok); final String p1 = Base64.encodeToString("JoddSimTok" + SALT_ROUNDS); final String p2 = Base64.encodeToString(json); final String salt = BCrypt.gensalt(SALT_ROUNDS); final String p3 = BCrypt.hashpw(p1 + "." + p2 + "." + SECRET, salt); return p1 + "." + p2 + "." + p3; }
/** * Test for correct hashing of non-US-ASCII passwords */ @Test void testInternationalChars() { String pw1 = "\u2605\u2605\u2605\u2605\u2605\u2605\u2605\u2605"; String pw2 = "????????"; String h1 = BCrypt.hashpw(pw1, BCrypt.gensalt()); assertFalse(BCrypt.checkpw(pw2, h1)); String h2 = BCrypt.hashpw(pw2, BCrypt.gensalt()); assertFalse(BCrypt.checkpw(pw1, h2)); }
@Test void testBCrypt() { String hash = BCrypt.hashpw("password", BCrypt.gensalt(7)); assertTrue(BCrypt.checkpw("password", hash)); }
@Test void testBCryptRandom() { for (int rounds = 0; rounds < 1000; rounds++) { String text = RandomString.get().randomAlphaNumeric(10); String hash = BCrypt.hashpw(text, BCrypt.gensalt(4)); assertTrue(BCrypt.checkpw(text, hash)); } }
@Override public String hash(final String input) { return BCrypt.hashpw(input, salt); }
/** * Check that a plaintext password matches a previously hashed * one. * * @param plaintext the plaintext password to verify * @param hashed the previously-hashed password * @return true if the passwords match, false otherwise */ public static boolean checkpw(String plaintext, String hashed) { byte[] hashed_bytes; byte[] try_bytes; try { String try_pw = hashpw(plaintext, hashed); hashed_bytes = hashed.getBytes("UTF-8"); try_bytes = try_pw.getBytes("UTF-8"); } catch (UnsupportedEncodingException uee) { return false; } if (hashed_bytes.length != try_bytes.length) { return false; } byte ret = 0; for (int i = 0; i < try_bytes.length; i++) { ret |= hashed_bytes[i] ^ try_bytes[i]; } return ret == 0; } }
/** * Encodes the {@link SimTok} to JSON string. */ public String encode(final SimTok simTok) { final String json = JsonSerializer.create().deep(true).serialize(simTok); final String p1 = Base64.encodeToString("JoddSimTok" + SALT_ROUNDS); final String p2 = Base64.encodeToString(json); final String salt = BCrypt.gensalt(SALT_ROUNDS); final String p3 = BCrypt.hashpw(p1 + "." + p2 + "." + SECRET, salt); return p1 + "." + p2 + "." + p3; }