Class Argon2PasswordEncoder
java.lang.Object
org.springframework.security.crypto.password.AbstractValidatingPasswordEncoder
org.springframework.security.crypto.argon2.Argon2PasswordEncoder
- All Implemented Interfaces:
PasswordEncoder
Implementation of PasswordEncoder that uses the Argon2 hashing function. Clients can optionally supply the length of the salt to use, the length of the generated hash, a cpu cost parameter, a memory cost parameter and a parallelization parameter.
Note:
The currently implementation uses Bouncy castle which does not exploit parallelism/optimizations that password crackers will, so there is an unnecessary asymmetry between attacker and defender.
- Since:
- 5.3
-
Constructor Summary
ConstructorsConstructorDescriptionArgon2PasswordEncoder
(int saltLength, int hashLength, int parallelism, int memory, int iterations) Constructs an Argon2 password encoder with the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionstatic Argon2PasswordEncoder
Deprecated.static Argon2PasswordEncoder
Constructs an Argon2 password encoder with a salt length of 16 bytes, a hash length of 32 bytes, parallelism of 1, memory cost of 1 << 14 and 2 iterations.protected String
encodeNonNullPassword
(String rawPassword) protected boolean
matchesNonNull
(String rawPassword, String encodedPassword) protected boolean
upgradeEncodingNonNull
(String encodedPassword) Methods inherited from class org.springframework.security.crypto.password.AbstractValidatingPasswordEncoder
encode, matches, upgradeEncoding
-
Constructor Details
-
Argon2PasswordEncoder
public Argon2PasswordEncoder(int saltLength, int hashLength, int parallelism, int memory, int iterations) Constructs an Argon2 password encoder with the provided parameters.- Parameters:
saltLength
- the salt length (in bytes)hashLength
- the hash length (in bytes)parallelism
- the parallelismmemory
- the memory costiterations
- the number of iterations
-
-
Method Details
-
defaultsForSpringSecurity_v5_2
Deprecated.UsedefaultsForSpringSecurity_v5_8()
insteadConstructs an Argon2 password encoder with a salt length of 16 bytes, a hash length of 32 bytes, parallelism of 1, memory cost of 1 << 12 and 3 iterations.- Returns:
- the
Argon2PasswordEncoder
- Since:
- 5.8
-
defaultsForSpringSecurity_v5_8
Constructs an Argon2 password encoder with a salt length of 16 bytes, a hash length of 32 bytes, parallelism of 1, memory cost of 1 << 14 and 2 iterations.- Returns:
- the
Argon2PasswordEncoder
- Since:
- 5.8
-
encodeNonNullPassword
- Specified by:
encodeNonNullPassword
in classAbstractValidatingPasswordEncoder
-
matchesNonNull
- Specified by:
matchesNonNull
in classAbstractValidatingPasswordEncoder
-
upgradeEncodingNonNull
- Overrides:
upgradeEncodingNonNull
in classAbstractValidatingPasswordEncoder
-
defaultsForSpringSecurity_v5_8()
instead