BCrypt (ph-security 10.1.5 API)

java.lang.Object
- com.helger.security.bcrypt.BCrypt

```
public class BCrypt
extends Object
```
BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.
This password hashing system tries to thwart off-line password cracking using a computationally-intensive hashing algorithm, based on Bruce Schneier's Blowfish cipher. The work factor of the algorithm is parameterised, so it can be increased as computers get faster.
Usage is really simple. To hash a password for the first time, call the hashpw method with a random salt, like this:
String pw_hash = BCrypt.hashpw(plain_password, BCrypt.gensalt());
To check whether a plaintext password matches one that has been hashed previously, use the checkpw method:
if (BCrypt.checkpw(candidate_password, stored_hash)) System.out.println("It matches"); else System.out.println("It does not match");
The gensalt() method takes an optional parameter (log_rounds) that determines the computational complexity of the hashing:
String strong_salt = BCrypt.gensalt(10) String stronger_salt = BCrypt.gensalt(12)
The amount of work increases exponentially (2**log_rounds), so each increment is twice as much work. The default log_rounds is 10, and the valid range is 4 to 30.

Version:

0.2

Author:

Damien Miller

Field Summary

Fields
Modifier and Type Field and Description

static int BCRYPT_SALT_LEN

static int GENSALT_DEFAULT_LOG2_ROUNDS

Fields
Modifier and Type	Field and Description
`static int`	`BCRYPT_SALT_LEN`
`static int`	`GENSALT_DEFAULT_LOG2_ROUNDS`

Constructor Summary

Constructors
Constructor and Description

BCrypt()

Constructors
Constructor and Description
`BCrypt()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static boolean`	`checkpw(String sPlaintext, String sHashed)` Check that a plaintext password matches a previously hashed one
`byte[]`	`crypt_raw(byte[] password, byte[] salt, int nLogRounds, int[] cdata)` Perform the central password hashing step in the bcrypt scheme
`static String`	`gensalt()` Generate a salt for use with the BCrypt.hashpw() method, selecting a reasonable default for the number of hashing rounds to apply
`static String`	`gensalt(int log_rounds)` Generate a salt for use with the BCrypt.hashpw() method
`static String`	`gensalt(int nLogRounds, SecureRandom aRandom)` Generate a salt for use with the BCrypt.hashpw() method
`static String`	`hashpw(String sPassword, String sSalt)` Hash a password using the OpenBSD bcrypt scheme

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - GENSALT_DEFAULT_LOG2_ROUNDS
```
public static final int GENSALT_DEFAULT_LOG2_ROUNDS
```
    See Also:
    
    Constant Field Values
  - BCRYPT_SALT_LEN
```
public static final int BCRYPT_SALT_LEN
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - BCrypt
```
public BCrypt()
```
- Method Detail
  - crypt_raw
```
@Nonnull
public byte[] crypt_raw(byte[] password,
                                  byte[] salt,
                                  int nLogRounds,
                                  int[] cdata)
```
    Perform the central password hashing step in the bcrypt scheme
    
    Parameters:
    
    password - the password to hash
    
    salt - the binary salt to hash with the password
    
    nLogRounds - the binary logarithm of the number of rounds of hashing to apply
    
    cdata - the plaintext to encrypt
    
    Returns:
    
    an array containing the binary hashed password
  - hashpw
```
@Nonnull
public static String hashpw(@Nonnull
                                      String sPassword,
                                      @Nonnull
                                      String sSalt)
```
    Hash a password using the OpenBSD bcrypt scheme
    
    Parameters:
    
    sPassword - the password to hash
    
    sSalt - the salt to hash with (perhaps generated using BCrypt.gensalt)
    
    Returns:
    
    the hashed password
  - gensalt
```
@Nonnull
public static String gensalt(@Nonnegative
                                       int nLogRounds,
                                       @Nonnull
                                       SecureRandom aRandom)
```
    Generate a salt for use with the BCrypt.hashpw() method
    
    Parameters:
    
    nLogRounds - the log2 of the number of rounds of hashing to apply - the work factor therefore increases as 2**log_rounds.
    
    aRandom - an instance of SecureRandom to use
    
    Returns:
    
    an encoded salt value
  - gensalt
```
@Nonnull
public static String gensalt(@Nonnegative
                                       int log_rounds)
```
    Generate a salt for use with the BCrypt.hashpw() method
    
    Parameters:
    
    log_rounds - the log2 of the number of rounds of hashing to apply - the work factor therefore increases as 2**log_rounds.
    
    Returns:
    
    an encoded salt value
  - gensalt
```
@Nonnull
public static String gensalt()
```
    Generate a salt for use with the BCrypt.hashpw() method, selecting a reasonable default for the number of hashing rounds to apply
    
    Returns:
    
    an encoded salt value
  - checkpw
```
public static boolean checkpw(@Nonnull
                              String sPlaintext,
                              @Nonnull
                              String sHashed)
```
    Check that a plaintext password matches a previously hashed one
    
    Parameters:
    
    sPlaintext - the plaintext password to verify
    
    sHashed - the previously-hashed password
    
    Returns:
    
    true if the passwords match, false otherwise

Class BCrypt

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

GENSALT_DEFAULT_LOG2_ROUNDS

BCRYPT_SALT_LEN

Constructor Detail

BCrypt

Method Detail

crypt_raw

hashpw

gensalt

gensalt

gensalt

checkpw