Package org.bouncycastle.crypto.generators

Class OpenBSDBCrypt

java.lang.Object
org.bouncycastle.crypto.generators.OpenBSDBCrypt
public class OpenBSDBCrypt extends Object
Password hashing scheme BCrypt, designed by Niels Provos and David Mazières, using the String format and the Base64 encoding of the reference implementation on OpenBSD.

Passwords are encoded using UTF-8 when provided as char[]. Encoded passwords longer than 72 bytes are truncated and all remaining bytes are ignored.

  • Method Summary

    Modifier and Type
    Method
    Description
    static boolean
    checkPassword(String bcryptString, byte[] password)
    Checks if a password corresponds to a 60 character Bcrypt String
    static boolean
    checkPassword(String bcryptString, char[] password)
    Checks if a password corresponds to a 60 character Bcrypt String
    static String
    generate(byte[] password, byte[] salt, int cost)
    Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$' using version '2y'.
    static String
    generate(char[] password, byte[] salt, int cost)
    Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$' using version '2y'.
    static String
    generate(String version, byte[] password, byte[] salt, int cost)
    Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
    static String
    generate(String version, char[] password, byte[] salt, int cost)
    Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • generate

      public static String generate(char[] password, byte[] salt, int cost)
      Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$' using version '2y'.
      Parameters:
      password - the password
      salt - a 16 byte salt
      cost - the cost factor, treated as an exponent of 2
      Returns:
      a 60 character Bcrypt String

    • generate

      public static String generate(byte[] password, byte[] salt, int cost)
      Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$' using version '2y'.
      Parameters:
      password - the password
      salt - a 16 byte salt
      cost - the cost factor, treated as an exponent of 2
      Returns:
      a 60 character Bcrypt String

    • generate

      public static String generate(String version, char[] password, byte[] salt, int cost)
      Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
      Parameters:
      version - the version, may be 2b, 2y or 2a. (2a is not backwards compatible.)
      password - the password
      salt - a 16 byte salt
      cost - the cost factor, treated as an exponent of 2
      Returns:
      a 60 character Bcrypt String

    • generate

      public static String generate(String version, byte[] password, byte[] salt, int cost)
      Creates a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
      Parameters:
      version - the version, may be 2b, 2y or 2a. (2a is not backwards compatible.)
      password - the password already encoded as a byte array.
      salt - a 16 byte salt
      cost - the cost factor, treated as an exponent of 2
      Returns:
      a 60 character Bcrypt String

    • checkPassword

      public static boolean checkPassword(String bcryptString, char[] password)
      Checks if a password corresponds to a 60 character Bcrypt String
      Parameters:
      bcryptString - a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
      password - the password as an array of chars
      Returns:
      true if the password corresponds to the Bcrypt String, otherwise false

    • checkPassword

      public static boolean checkPassword(String bcryptString, byte[] password)
      Checks if a password corresponds to a 60 character Bcrypt String
      Parameters:
      bcryptString - a 60 character Bcrypt String, including version, cost factor, salt and hash, separated by '$'
      password - the password as an array of bytes
      Returns:
      true if the password corresponds to the Bcrypt String, otherwise false