Closed Andrew-Cottrell closed 5 years ago
Is added. Downside is, that this can be a bit confusing as it expects the byte representation of a chars representing a base64 string.
I have run a quick test and the new method works exactly as I would expect.
public static void main(final String[] args) {
final char[] password = "password".toCharArray();
final byte[] bcryptHash = "$2a$12$Kuy09vX7/OoqoDBcKFvbluzt0/kj.PYAYFyyuXyW0kA/sCgk6wKCW".getBytes(StandardCharsets.UTF_8);
final Result result = BCrypt.verifyer().verify(password, bcryptHash);
System.out.println(result);
}
Output (formatted):
Result {
details = HashData {
cost = 12,
version = $2a$,
rawSalt = 330d36ff167d050aaca850de307c5d9f,
rawHash = d6fd819a5011682687d34c19d18da6081b848a6f323046
},
validFormat = true,
verified = true,
formatErrorMessage = 'null'
}
It's perfect for my use-case. Thank you.
While converting some existing code to the
bcrypt
API, I ran in to a (very) minor pain-point.When working with some APIs it is natural for the
password
to be achar[]
(e.g. passed tojavax.crypto.spec.PBEKeySpec
ctor) and thebcryptHash
to be abyte[]
(e.g. read fully from ajava.io.DataInputStream
).This is probably an advanced use-case, but it would be nice to have
Bcrypt.Verifyer.verify(char[] password, byte[] bcryptHash)
.