Class Argon2PasswordEncoder
java.lang.Object
org.springframework.security.crypto.password.AbstractValidatingPasswordEncoder
org.springframework.security.crypto.argon2.Argon2PasswordEncoder
- All Implemented Interfaces:
PasswordEncoder
Implementation of PasswordEncoder that uses the Argon2 hashing function. Clients can optionally supply the length of the salt to use, the length of the generated hash, a cpu cost parameter, a memory cost parameter and a parallelization parameter.
Note:
The currently implementation uses Bouncy castle which does not exploit parallelism/optimizations that password crackers will, so there is an unnecessary asymmetry between attacker and defender.
- Since:
- 5.3
-
Constructor Summary
ConstructorsConstructorDescriptionArgon2PasswordEncoder(int saltLength, int hashLength, int parallelism, int memory, int iterations) Constructs an Argon2 password encoder with the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionstatic Argon2PasswordEncoderDeprecated.static Argon2PasswordEncoderConstructs an Argon2 password encoder with a salt length of 16 bytes, a hash length of 32 bytes, parallelism of 1, memory cost of 1 << 14 and 2 iterations.protected StringencodeNonNullPassword(String rawPassword) protected booleanmatchesNonNull(String rawPassword, String encodedPassword) protected booleanupgradeEncodingNonNull(String encodedPassword) Methods inherited from class org.springframework.security.crypto.password.AbstractValidatingPasswordEncoder
encode, matches, upgradeEncoding
-
Constructor Details
-
Argon2PasswordEncoder
public Argon2PasswordEncoder(int saltLength, int hashLength, int parallelism, int memory, int iterations) Constructs an Argon2 password encoder with the provided parameters.- Parameters:
saltLength- the salt length (in bytes)hashLength- the hash length (in bytes)parallelism- the parallelismmemory- the memory costiterations- the number of iterations
-
-
Method Details
-
defaultsForSpringSecurity_v5_2
Deprecated.UsedefaultsForSpringSecurity_v5_8()insteadConstructs an Argon2 password encoder with a salt length of 16 bytes, a hash length of 32 bytes, parallelism of 1, memory cost of 1 << 12 and 3 iterations.- Returns:
- the
Argon2PasswordEncoder - Since:
- 5.8
-
defaultsForSpringSecurity_v5_8
Constructs an Argon2 password encoder with a salt length of 16 bytes, a hash length of 32 bytes, parallelism of 1, memory cost of 1 << 14 and 2 iterations.- Returns:
- the
Argon2PasswordEncoder - Since:
- 5.8
-
encodeNonNullPassword
- Specified by:
encodeNonNullPasswordin classAbstractValidatingPasswordEncoder
-
matchesNonNull
- Specified by:
matchesNonNullin classAbstractValidatingPasswordEncoder
-
upgradeEncodingNonNull
- Overrides:
upgradeEncodingNonNullin classAbstractValidatingPasswordEncoder
-
defaultsForSpringSecurity_v5_8()instead