Java Code Examples for org.mindrot.jbcrypt.BCrypt#hashpw()

The following examples show how to use org.mindrot.jbcrypt.BCrypt#hashpw() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestEndpoint.java    From divide with Apache License 2.0 6 votes vote down vote up
@Produces(MediaType.APPLICATION_JSON)
    @GET
    @Path("/setup")
    public Response setup() throws Exception{
//        logger.info("setup");
//        Credentials user = TestUtils.getTestUser();
//        user = new ServerCredentials(user);
//        user.setPassword(BCrypt.hashpw(user.getPassword(), BCrypt.gensalt(10)));

        ServerCredentials toSave = new ServerCredentials(TestUtils.getTestUser());

//        String en = toSave.getPassword();
//        toSave.decryptPassword(keyManager.getPrivateKey()); //decrypt the password
//        String de = toSave.getPassword();
        String ha = BCrypt.hashpw(toSave.getPassword(), BCrypt.gensalt(10));
        toSave.setPassword(ha); //hash the password for storage
        toSave.setAuthToken(AuthTokenUtils.getNewToken(securityManager.getSymmetricKey(), toSave));
        toSave.setRecoveryToken(AuthTokenUtils.getNewToken(securityManager.getSymmetricKey(), toSave));
        toSave.setOwnerId(dao.count(Credentials.class.getName()) + 1);

        dao.save(toSave);
        return Response.ok().entity(toSave).build();
    }
 
Example 2
Source File: UserController.java    From javalin-website-example with Apache License 2.0 5 votes vote down vote up
public static void setPassword(String username, String oldPassword, String newPassword) {
    if (authenticate(username, oldPassword)) {
        String newSalt = BCrypt.gensalt();
        String newHashedPassword = BCrypt.hashpw(newSalt, newPassword);
        // Update the user salt and password
    }
}
 
Example 3
Source File: BcryptAuthenticatorTest.java    From keywhiz with Apache License 2.0 4 votes vote down vote up
@Before
public void setup() throws Exception {
  // set up a credential
  bcryptAuthenticator = new BcryptAuthenticator(userDAO);
  hashedPass = BCrypt.hashpw("validpass", BCrypt.gensalt());
}
 
Example 4
Source File: BCryptHashProvider.java    From realworld-api-quarkus with MIT License 4 votes vote down vote up
@Override
public String hashPassword(String password) {
  return BCrypt.hashpw(password, BCrypt.gensalt());
}
 
Example 5
Source File: PasswordUtil.java    From minitwit with MIT License 4 votes vote down vote up
public static String hashPassword(String pwd) {
	String hashed = BCrypt.hashpw(pwd, BCrypt.gensalt());
	
	return hashed;
}
 
Example 6
Source File: AuthServerLogic.java    From divide with Apache License 2.0 4 votes vote down vote up
/**
     * Checks username/password against that stored in DB, if same return
     * token, if token expired create new.
     * @param credentials
     * @return authentication token
     */

    public Credentials userSignIn(Credentials credentials) throws DAOException {
            Credentials dbCreds = getUserByEmail(dao,credentials.getEmailAddress());
            if (dbCreds == null){
                throw new DAOException(HttpStatus.SC_UNAUTHORIZED,"User Doesnt exist");
            }
            else {
                //check if we are resetting the password
                if(dbCreds.getValidation()!=null && dbCreds.getValidation().equals(credentials.getValidation())){
                    credentials.decryptPassword(keyManager.getPrivateKey()); //decrypt the password
                    dbCreds.setPassword(BCrypt.hashpw(credentials.getPassword(), BCrypt.gensalt(10))); //set the new password
                }
                //else check password
                else {
                    String en = credentials.getPassword();
                    credentials.decryptPassword(keyManager.getPrivateKey()); //decrypt the password
                    String de = credentials.getPassword();
                    String ha = BCrypt.hashpw(de, BCrypt.gensalt(10));
                    System.out.println("Comparing passwords.\n" +
                            "Encrypted: " + en + "\n" +
                            "Decrypted: " + de + "\n" +
                            "Hashed:    " + ha + "\n" +
                            "Stored:    " + dbCreds.getPassword());
                    if (!BCrypt.checkpw(de, dbCreds.getPassword())){
                        throw new DAOException(HttpStatus.SC_UNAUTHORIZED,"User Already Exists");
                    }
                }

//              check if token is expired, if so return/set new
                AuthTokenUtils.AuthToken token;
                try {
                    token = new AuthTokenUtils.AuthToken(keyManager.getSymmetricKey(),dbCreds.getAuthToken());
                } catch (AuthenticationException e) {
                    throw new DAOException(HttpStatus.SC_INTERNAL_SERVER_ERROR,"internal error");
                }
                if (c.getTime().getTime() > token.expirationDate) {
                    dbCreds.setAuthToken(AuthTokenUtils.getNewToken(keyManager.getSymmetricKey(), dbCreds));
                    dao.save(dbCreds);
                }

                return dbCreds;
            }
    }
 
Example 7
Source File: BCryptEncryptionModule.java    From cuba with Apache License 2.0 4 votes vote down vote up
@Override
public String getHash(String content, String salt) {
    // CAUTION: we ignore passed salt
    return BCrypt.hashpw(content, BCrypt.gensalt());
}
 
Example 8
Source File: BCryptEncryptionModule.java    From cuba with Apache License 2.0 4 votes vote down vote up
@Override
public String getPasswordHash(UUID userId, String password) {
    String salt = BCrypt.gensalt();
    return BCrypt.hashpw(password, salt);
}
 
Example 9
Source File: BCryptEncryptionModule.java    From cuba with Apache License 2.0 4 votes vote down vote up
@Override
public HashDescriptor getHash(String content) {
    String salt = BCrypt.gensalt();
    String hash = BCrypt.hashpw(content, salt);
    return new HashDescriptor(hash, salt);
}
 
Example 10
Source File: PasswordAuthenticator.java    From stratio-cassandra with Apache License 2.0 4 votes vote down vote up
private static String hashpw(String password)
{
    return BCrypt.hashpw(password, BCrypt.gensalt(GENSALT_LOG2_ROUNDS));
}
 
Example 11
Source File: CredentialManager.java    From cineast with MIT License 4 votes vote down vote up
static User newUser(String username, String password, boolean isAdmin){
  return new User(username, BCrypt.hashpw(password, BCrypt.gensalt(12)), isAdmin);
}
 
Example 12
Source File: UpdatableBCrypt.java    From StubbornJava with MIT License 4 votes vote down vote up
public String hash(String password) {
    return BCrypt.hashpw(password, BCrypt.gensalt(logRounds));
}
 
Example 13
Source File: PasswordService.java    From waltz with Apache License 2.0 4 votes vote down vote up
public String hashPassword(String password) {
    return BCrypt.hashpw(password, BCrypt.gensalt());
}
 
Example 14
Source File: EncryptedBeanUser.java    From drftpd with GNU General Public License v2.0 4 votes vote down vote up
@Override
public void setPassword(String password) {
    if (((getEncryption() == 0) || (!password.equalsIgnoreCase(getPassword()))) && (_um != null)) {
        String pass;
        switch (_um.getPasscrypt()) {
            case 1:
                pass = Encrypt(password, "MD2");
                setEncryption(1);
                break;
            case 2:
                pass = Encrypt(password, "MD5");
                setEncryption(2);
                break;
            case 3:
                pass = Encrypt(password, "SHA-1");
                setEncryption(3);
                break;
            case 4:
                pass = Encrypt(password, "SHA-256");
                setEncryption(4);
                break;
            case 5:
                pass = Encrypt(password, "SHA-384");
                setEncryption(5);
                break;
            case 6:
                pass = Encrypt(password, "SHA-512");
                setEncryption(6);
                break;
            case 7:
                pass = BCrypt.hashpw(password, BCrypt.gensalt(_workload));
                setEncryption(7);
                break;
            default:
                pass = password;
                setEncryption(0);
                break;
        }

        if (pass != null) {
            if (pass.length() < 2) {
                logger.debug("Failed To Set Password, Length Too Short");
            } else {
                super.setPassword(pass);
            }
        }
    } else {
        super.setPassword(password);
    }
}
 
Example 15
Source File: AppCrypto.java    From actframework with Apache License 2.0 3 votes vote down vote up
/**
 * Generate crypted hash of given password. This method is more secure than
 * {@link #passwordHash(String)} as it will fill the password char array
 * with `\0` once used.
 *
 * Note this method uses {@link act.conf.AppConfigKey#SECRET confiured application secret}
 *
 * See <a href="http://stackoverflow.com/questions/8881291/why-is-char-preferred-over-string-for-passwords-in-java">This SO for more detail</a>
 * @param password the password
 * @return the password hash
 */
public char[] passwordHash(char[] password) {
    if (null == password) {
        return null;
    }
    return BCrypt.hashpw(password, BCrypt.gensalt());
}
 
Example 16
Source File: PasswordEncoder.java    From jersey-jwt with MIT License 2 votes vote down vote up
/**
 * Hashes a password using BCrypt.
 *
 * @param plainTextPassword
 * @return
 */
public String hashPassword(String plainTextPassword) {
    String salt = BCrypt.gensalt();
    return BCrypt.hashpw(plainTextPassword, salt);
}
 
Example 17
Source File: CodecUtils.java    From mangooio with Apache License 2.0 2 votes vote down vote up
/**
 * Hashes a given cleartext data with JBCrypt
 * 
 * @param data The cleartext data
 * @return JBCrypted hashed value
 */
public static String hexJBcrypt(String data) {
    Objects.requireNonNull(data, Required.DATA.toString());
    
    return BCrypt.hashpw(data, BCrypt.gensalt(Default.JBCRYPT_ROUNDS.toInt()));
}
 
Example 18
Source File: Utils.java    From para with Apache License 2.0 2 votes vote down vote up
/**
 * bcrypt hash function implemented by Spring Security.
 *
 * @param s the string to be hashed
 * @return the hash
 */
public static String bcrypt(String s) {
	return (s == null) ? s : BCrypt.hashpw(s, BCrypt.gensalt(12));
}
 
Example 19
Source File: AuthUtils.java    From rufus with MIT License 2 votes vote down vote up
/**
 * Hash an {@link User}'s plaintext password for storage
 * in the db.
 *
 * @param password
 * @return
 */
public static String hashPassword(String password) {
    return BCrypt.hashpw(password, BCrypt.gensalt());
}
 
Example 20
Source File: HashedValue.java    From dropwizard-experiment with MIT License 2 votes vote down vote up
/**
 * Constructor.
 * @param plaintext The plaintext value to hash.
 */
public HashedValue(String plaintext) {
    this.hashedValue = BCrypt.hashpw(plaintext, BCrypt.gensalt(12));
}