org.springframework.security.crypto.scrypt

Class SCryptPasswordEncoder

java.lang.Object

org.springframework.security.crypto.scrypt.SCryptPasswordEncoder

All Implemented Interfaces:

PasswordEncoder

public class SCryptPasswordEncoder
extends java.lang.Object
implements PasswordEncoder

Implementation of PasswordEncoder that uses the SCrypt hashing function. Clients can optionally supply a cpu cost parameter, a memory cost parameter and a parallelization parameter.

A few warnings:

• The currently implementation uses Bouncy castle which does not exploit parallelism/optimizations that password crackers will, so there is an unnecessary asymmetry between attacker and defender.
• Scrypt is based on Salsa20 which performs poorly in Java (on par with AES) but performs awesome (~4-5x faster) on SIMD capable platforms
• While there are some that would disagree, consider reading - Why I Don't Recommend Scrypt (for password storage)

Constructor Summary

Constructors

Constructor and Description
SCryptPasswordEncoder()
SCryptPasswordEncoder(int cpuCost, int memoryCost, int parallelization, int keyLength, int saltLength) Creates a new instance

Method Summary

Modifier and Type	Method and Description
java.lang.String	encode(java.lang.CharSequence rawPassword) Encode the raw password.
boolean	matches(java.lang.CharSequence rawPassword, java.lang.String encodedPassword) Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SCryptPasswordEncoder

public SCryptPasswordEncoder()

SCryptPasswordEncoder

public SCryptPasswordEncoder(int cpuCost,
                             int memoryCost,
                             int parallelization,
                             int keyLength,
                             int saltLength)

Creates a new instance

Parameters:

cpuCost - cpu cost of the algorithm (as defined in scrypt this is N). must be power of 2 greater than 1. Default is currently 16,348 or 2^14)

memoryCost - memory cost of the algorithm (as defined in scrypt this is r) Default is currently 8.

parallelization - the parallelization of the algorithm (as defined in scrypt this is p) Default is currently 1. Note that the implementation does not currently take advantage of parallelization.

keyLength - key length for the algorithm (as defined in scrypt this is dkLen). The default is currently 32.

saltLength - salt length (as defined in scrypt this is the length of S). The default is currently 64.

Method Detail

encode

public java.lang.String encode(java.lang.CharSequence rawPassword)

Description copied from interface: PasswordEncoder

Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or greater hash combined with an 8-byte or greater randomly generated salt.

Specified by:

encode in interface PasswordEncoder

matches

public boolean matches(java.lang.CharSequence rawPassword,
                       java.lang.String encodedPassword)

Description copied from interface: PasswordEncoder

Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded.

Specified by:

matches in interface PasswordEncoder

Parameters:

rawPassword - the raw password to encode and match

encodedPassword - the encoded password from storage to compare with

Returns:

true if the raw password, after encoding, matches the encoded password from storage