search

phxql / argon2-jvm

Argon2 Binding for the JVM
GNU Lesser General Public License v3.0
330 stars 32 forks source link

Different Hashes, Verify does not work #73

Closed technical-customs closed 4 years ago

technical-customs commented 4 years ago

Can't seem to get verify to work or any other compares based on the algorithm producing different hashes with the same configuration and same string.

phxql commented 4 years ago

Please share the code for creating the hash and verifying it.

Gatgeagent commented 4 years ago

Hashes are salted and thus will always produce a different String, which is why you cannot compare them using String.equals, you have to use the Argon2.verify method. Try the following code from the README.md:

Argon2 argon2 = Argon2Factory.create(); 
char[] password = "abc12345".toCharArray();
try {
    String hash = argon2.hash(10, 65536, 1, password);
    if (argon2.verify(hash, password)) {
        System.out.println("matches")
    } else {
      System.out.println("error");
    }
} finally {
    argon2.wipeArray(password);
}
technical-customs commented 4 years ago

Got it to work. Thanks.

phxql commented 4 years ago

Thanks for the help, @Gatgeagent :)