Package org.keycloak.crypto.hash
Class Argon2PasswordHashProvider
java.lang.Object
org.keycloak.crypto.hash.Argon2PasswordHashProvider
- All Implemented Interfaces:
PasswordHashProvider,Provider
-
Constructor Summary
ConstructorsConstructorDescriptionArgon2PasswordHashProvider(String version, String type, int hashLength, int memory, int iterations, int parallelism, Semaphore cpuCoreSemaphore) -
Method Summary
Modifier and TypeMethodDescriptionvoidclose()encodedCredential(String rawPassword, int iterations) Password hashing iterations from password policy is intentionally ignored for now for two reasons.booleanpolicyCheck(PasswordPolicy policy, PasswordCredentialModel credential) booleanverify(String rawPassword, PasswordCredentialModel credential) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.credential.hash.PasswordHashProvider
encode, encode, policyCheck, verify
-
Constructor Details
-
Argon2PasswordHashProvider
-
-
Method Details
-
policyCheck
- Specified by:
policyCheckin interfacePasswordHashProvider
-
encodedCredential
Password hashing iterations from password policy is intentionally ignored for now for two reasons. 1) default iterations are 210K, which is way too large for Argon2, and 2) it makes little sense to configure iterations only for Argon2, which should be combined with configuring memory, which is not currently configurable in password policy.- Specified by:
encodedCredentialin interfacePasswordHashProvider
-
verify
- Specified by:
verifyin interfacePasswordHashProvider
-
close
public void close()
-