public class Pbkdf2PasswordEncoder extends Object implements PasswordEncoder
PasswordEncoder implementation that uses PBKDF2 with a configurable number of
iterations and a random 8-byte random salt value.
The width of the output hash can also be configured.
The algorithm is invoked on the concatenated bytes of the salt, secret and password.
| Constructor and Description |
|---|
Pbkdf2PasswordEncoder()
Constructs a PBKDF2 password encoder with no additional secret value.
|
Pbkdf2PasswordEncoder(CharSequence secret)
Constructs a standard password encoder with a secret value which is also included
in the password hash.
|
Pbkdf2PasswordEncoder(CharSequence secret,
int iterations,
int hashWidth)
Constructs a standard password encoder with a secret value as well as iterations
and hash.
|
| Modifier and Type | Method and Description |
|---|---|
String |
encode(CharSequence rawPassword)
Encode the raw password.
|
boolean |
matches(CharSequence rawPassword,
String encodedPassword)
Verify the encoded password obtained from storage matches the submitted raw
password after it too is encoded.
|
public Pbkdf2PasswordEncoder()
public Pbkdf2PasswordEncoder(CharSequence secret)
secret - the secret key used in the encoding process (should not be shared)public Pbkdf2PasswordEncoder(CharSequence secret, int iterations, int hashWidth)
secret - the secretiterations - the number of iterations. Users should aim for taking about .5
seconds on their own system.hashWidth - the size of the hashpublic String encode(CharSequence rawPassword)
PasswordEncoderencode in interface PasswordEncoderpublic boolean matches(CharSequence rawPassword, String encodedPassword)
PasswordEncodermatches in interface PasswordEncoderrawPassword - the raw password to encode and matchencodedPassword - the encoded password from storage to compare with