public class Argon2PasswordEncoder extends java.lang.Object implements PasswordEncoder
Implementation of PasswordEncoder that uses the Argon2 hashing function. Clients can optionally supply the length of the salt to use, the length of the generated hash, a cpu cost parameter, a memory cost parameter and a parallelization parameter.
Note:
The currently implementation uses Bouncy castle which does not exploit parallelism/optimizations that password crackers will, so there is an unnecessary asymmetry between attacker and defender.
Constructor and Description |
---|
Argon2PasswordEncoder() |
Argon2PasswordEncoder(int saltLength,
int hashLength,
int parallelism,
int memory,
int iterations) |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
encode(java.lang.CharSequence rawPassword)
Encode the raw password.
|
boolean |
matches(java.lang.CharSequence rawPassword,
java.lang.String encodedPassword)
Verify the encoded password obtained from storage matches the submitted raw
password after it too is encoded.
|
boolean |
upgradeEncoding(java.lang.String encodedPassword)
Returns true if the encoded password should be encoded again for better security,
else false.
|
public Argon2PasswordEncoder()
public Argon2PasswordEncoder(int saltLength, int hashLength, int parallelism, int memory, int iterations)
public java.lang.String encode(java.lang.CharSequence rawPassword)
PasswordEncoder
encode
in interface PasswordEncoder
public boolean matches(java.lang.CharSequence rawPassword, java.lang.String encodedPassword)
PasswordEncoder
matches
in interface PasswordEncoder
rawPassword
- the raw password to encode and matchencodedPassword
- the encoded password from storage to compare withpublic boolean upgradeEncoding(java.lang.String encodedPassword)
PasswordEncoder
upgradeEncoding
in interface PasswordEncoder
encodedPassword
- the encoded password to check