Package com.jk.core.security

Class JKPasswordHash

java.lang.Object
com.jk.core.security.JKPasswordHash
public class JKPasswordHash extends Object
This class provides methods for encoding and verifying passwords using the BCrypt hashing algorithm.

Implementation of PasswordEncoder that uses the BCrypt strong hashing function.

Clients can optionally supply a "strength" (a.k.a. log rounds in BCrypt) and a SecureRandom instance.

The larger the strength parameter the more work will have to be done (exponentially) to hash the passwords.

The default value is 10.

Version:
1.0
Author:
Dr. Jalal H. Kiswani, Dave Syer

  • Constructor Summary

    Constructors
    Constructor
    Description
    JKPasswordHash()
    This method constructs a new JKPasswordHash with default strength of (-1) and the random instance is set to null
    JKPasswordHash(int strength)
    This method constructs a new JKPasswordHash with the provided strength and the random instance is set to null.
    JKPasswordHash(int strength, SecureRandom random)
    This method constructs a new JKPasswordHash with the specified strength and the random instance is set to the provided instance.

  • Method Summary

    Modifier and Type
    Method
    Description
    String
    encode(CharSequence rawPassword)
    This method hashes the provided rawPassword using BCrypt and returns the encoded password.
    boolean
    matches(CharSequence rawPassword, String encodedPassword)
    This method checks if the provided rawPassword matches the encodedPassword using BCrypt.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • JKPasswordHash

      public JKPasswordHash()
      This method constructs a new JKPasswordHash with default strength of (-1) and the random instance is set to null

    • JKPasswordHash

      public JKPasswordHash(int strength)
      This method constructs a new JKPasswordHash with the provided strength and the random instance is set to null.
      Parameters:
      strength - Specifies the strength parameter for BCrypt hashing.

    • JKPasswordHash

      public JKPasswordHash(int strength, SecureRandom random)
      This method constructs a new JKPasswordHash with the specified strength and the random instance is set to the provided instance.
      Parameters:
      strength - Specifies the strength parameter for BCrypt hashing.
      random - Specifies the SecureRandom instance to use for generating salts.

  • Method Details

    • encode

      public String encode(CharSequence rawPassword)
      This method hashes the provided rawPassword using BCrypt and returns the encoded password.
      Parameters:
      rawPassword - Specifies the plain text password to be encoded.
      Returns:
      The encoded password.

    • matches

      public boolean matches(CharSequence rawPassword, String encodedPassword)
      This method checks if the provided rawPassword matches the encodedPassword using BCrypt.
      Parameters:
      rawPassword - Specifies the plain text password to be encoded.
      encodedPassword - Specifies the encoded password.
      Returns:
      true, if the passwords match, false otherwise.