### Example of a Full Bcrypt Hash String Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Provides a concrete example of a bcrypt hash string, breaking down its components: version, cost factor, salt, and the actual hash. ```Bcrypt Format Example $2a$08$cfcvVd2aQ8CMvoMpP2EBfeodLEkkFJ9umNEfPD18.hUF62qqlC/V. ``` -------------------------------- ### Run Maven Clean Install Source: https://github.com/patrickfav/bcrypt/blob/main/CONTRIBUTING.md This command cleans the project and installs dependencies, also running all unit tests and checkstyle validation. It's essential for contributors to ensure their changes pass all checks locally before submitting. ```shell mvn clean install ``` -------------------------------- ### Build Project with Maven Wrapper Source: https://github.com/patrickfav/bcrypt/blob/main/README.md This command demonstrates how to use the Maven wrapper (`mvnw`) to clean and install the project, which includes creating a jar file with all its dependencies. This is the standard way to build the project. ```Shell ./mvnw clean install ``` -------------------------------- ### Creating BCrypt Hashes with CLI Tool Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Command line example to generate a BCrypt hash for a given password with a specified cost factor using the `bcrypt-cli.jar`. ```CLI java -jar bcrypt-cli.jar 'mySecretPw' -b 12 ``` -------------------------------- ### Basic Password Hashing and Verification with Bcrypt in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md This Java example illustrates the fundamental steps to hash a password using default Bcrypt settings and then verify it. It shows how to use `BCrypt.withDefaults().hashToString()` for hashing and `BCrypt.verifyer().verify()` for verification. ```java String password = "1234"; String bcryptHashString = BCrypt.withDefaults().hashToString(12, password.toCharArray()); // $2a$12$US00g/uMhoSBm.HiuieBjeMtoN69SN.GE25fCpldebzkryUyopws6 ... BCrypt.Result result = BCrypt.verifyer().verify(password.toCharArray(), bcryptHashString); // result.verified == true ``` -------------------------------- ### BCrypt CLI Tool API Reference Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Detailed API documentation for the `bcrypt-cli.jar` tool, listing available flags, their parameters, and examples for hashing and checking passwords. ```APIDOC -b,--bhash <[16-hex-byte-salt]> Use this flag if you want to compute the bcrypt hash. Pass the logarithm cost factor (4-31) and optionally the used salt as hex encoded byte array (must be exactly 16 bytes/32 characters hex). Example: '--bhash 12 8e270d6129fd45f30a9b3fe44b4a8d9a' -c,--check Use this flag if you want to verify a hash against a given password. Example: '--check $2a$06$If6bvum7DFjUnE9p2uDeDu0YHzrHM6tf.iqN8.yx.jNN1ILEf7h0i' -h,--help Prints help docs. -v,--version Prints current version. ``` -------------------------------- ### Verifying BCrypt Hashes with CLI Tool Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Command line example to verify a password against a given BCrypt hash using the `bcrypt-cli.jar`. Returns non-zero on failure. ```CLI java -jar bcrypt-cli.jar 'mySecretPw' -c '$2a$08$hgaLWQl7PdKIkx9iQyoLkeuIqizWtPErpyC7aDBasi2Pav97wwW9G' ``` -------------------------------- ### Hash and Verify Passwords using Byte Array API in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md This Java example demonstrates using `byte[]` for password hashing and verification with the Bcrypt library. This approach is preferred for security-sensitive applications as `byte[]` can be explicitly wiped from memory, unlike immutable `String` objects. ```java byte[] bcryptHashBytes = BCrypt.withDefaults().hash(6, password.getBytes(StandardCharsets.UTF_8)); ... BCrypt.Result result = BCrypt.verifyer().verify(password.getBytes(StandardCharsets.UTF_8), bcryptHashBytes); ``` -------------------------------- ### Retrieving Raw BCrypt Hash Data in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Shows how to get the raw `BCrypt.HashData` object instead of the default Modular Crypt Format string, allowing for custom encoding of the hash. ```Java BCrypt.HashData hashData = BCrypt.withDefaults().hashRaw(6, salt, password.getBytes(StandardCharsets.UTF_8)); ``` -------------------------------- ### Hash and Verify Passwords using Char Array API in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md This Java example shows how to use `char[]` for password hashing and verification with the Bcrypt library. Similar to `byte[]`, `char[]` allows for immediate wiping of sensitive password data from memory, enhancing security over `String`. ```java char[] bcryptChars = BCrypt.withDefaults().hashToChar(12, password.toCharArray()); ... BCrypt.Result result = BCrypt.verifyer().verify(password.toCharArray(), bcryptChars); ``` -------------------------------- ### Execute JMH Benchmark JAR Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Command to run the compiled JMH benchmark JAR file. Replace `x.y.z` with the actual version number of the benchmark module. ```Shell java -jar modules/benchmark-jmh/target/benchmark-jmh-x.y.z-full.jar ``` -------------------------------- ### Formatting Raw BCrypt Hash Data to MCF in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Illustrates how to convert raw `BCrypt.HashData` into the standard Modular Crypt Format using a formatter. ```Java byet[] hashMsg = Version.VERSION_2A.formatter.createHashMessage(hashData); ``` -------------------------------- ### Build JMH Benchmark Module with Maven Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Instructions to build the JMH benchmark module using Maven. The `` property can be used to disable jar signing during the build process. ```Shell ./mvnw clean install ``` -------------------------------- ### Add Maven Dependency for Bcrypt Java Library Source: https://github.com/patrickfav/bcrypt/blob/main/README.md This XML snippet shows how to add the `patrickfav/bcrypt` library as a dependency to a Maven project's `pom.xml` file. Replace `{latest-version}` with the actual latest release version. ```xml at.favre.lib bcrypt {latest-version} ``` -------------------------------- ### Hashing with Custom SecureRandom in BCrypt Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Demonstrates how to supply a custom instance of a cryptographically secure pseudorandom number generator (CPRNG) for internal salt creation in BCrypt. ```Java BCrypt.with(new SecureRandom()).hash(6, password.getBytes(StandardCharsets.UTF_8)); ``` -------------------------------- ### Configure Maven Jar Signing Skip Source: https://github.com/patrickfav/bcrypt/blob/main/README.md This snippet shows how to configure the Maven jar sign plugin to skip the signing process by setting the `project.skipJarSign` property to `true` in the `pom.xml`. Jar signing typically requires a `keystore.jks` file and specific environment variables for credentials. ```XML true ``` -------------------------------- ### Add Gradle Dependency for Bcrypt Java Library Source: https://github.com/patrickfav/bcrypt/blob/main/README.md This Groovy snippet demonstrates how to include the `patrickfav/bcrypt` library as an implementation dependency in a Gradle build file. Remember to substitute `{latest-version}` with the current release version. ```groovy implementation("at.favre.lib:bcrypt:{latest-version}") ``` -------------------------------- ### Maven Dependency for BCrypt Library Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Provides the XML snippet required to add the `patrickfav/bcrypt` library as a dependency in a Maven `pom.xml` file, specifying the group ID, artifact ID, and version. ```XML at.favre.lib bcrypt {latest-version} ``` -------------------------------- ### Bcrypt Modular Crypt Format Structure Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Illustrates the formal structure of a bcrypt hash string in the Modular Crypt Format (MCF), showing the components like identifier, cost factor, salt, and hash. ```Bcrypt Format ${identifier}${cost-factor}${16-bytes-salt-radix64}{23-bytes-hash-radix64} ``` -------------------------------- ### Git Commit Signing GPG Key Information Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Presents the GPG key ID and fingerprint used by the project author for digitally signing Git tags and commits, ensuring authenticity. ```GPG Key GPG key ID: 4FDF85343912A3AB Fingerprint: 2FB392FB05158589B767960C4FDF85343912A3AB ``` -------------------------------- ### Add bcrypt Dependency to Gradle Project Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Instructions to include the patrickfav/bcrypt library as a dependency in a Gradle build file. This snippet adds the latest version of the library to the project's implementation dependencies. ```Gradle implementation group: 'at.favre.lib', name: 'bcrypt', version: '{latest-version}' ``` -------------------------------- ### Verifying Raw BCrypt Hash Data in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Provides an optimized verification method for `BCrypt.HashData` objects, useful when working with raw hash representations. ```Java BCrypt.Result result = BCrypt.verifyer().verify(pw, hashData); ``` -------------------------------- ### Hashing with Custom Salt in BCrypt Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Explains how to provide a pre-defined 16-byte salt when hashing a password with the BCrypt library. ```Java BCrypt.withDefaults().hash(6, salt16Bytes, password.getBytes(StandardCharsets.UTF_8)); ``` -------------------------------- ### JAR Signing Certificate Details Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Displays the details of the digital certificate used to sign the project's JAR releases, including common name, organization, validity period, and cryptographic fingerprints. ```Certificate Details CN=Patrick Favre-Bulle, OU=Private, O=PF Github Open Source, L=Vienna, ST=Vienna, C=AT Validity: Thu Sep 07 16:40:57 SGT 2017 to: Fri Feb 10 16:40:57 SGT 2034 SHA1: 06:DE:F2:C5:F7:BC:0C:11:ED:35:E2:0F:B1:9F:78:99:0F:BE:43:C4 SHA256: 2B:65:33:B0:1C:0D:2A:69:4E:2D:53:8F:29:D5:6C:D6:87:AF:06:42:1F:1A:EE:B3:3C:E0:6D:0B:65:A1:AA:88 ``` -------------------------------- ### Strict BCrypt Hash Verification in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Demonstrates how to perform strict hash verification using a specific BCrypt version (e.g., 2A) to ensure compatibility and prevent verification against other versions. ```Java byte[] hash2y = BCrypt.with(BCrypt.Version.VERSION_2Y).hash(6, password.getBytes(StandardCharsets.UTF_8)); BCrypt.Result resultStrict = BCrypt.verifyer(BCrypt.Version.VERSION_2A).verifyStrict(password.getBytes(StandardCharsets.UTF_8), hash2y); // resultStrict.verified == false ``` -------------------------------- ### Verifying Overlong Passwords with BCrypt in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Illustrates how to apply the same `LongPasswordStrategies` (e.g., `truncate`) during the verification process to ensure consistency with how the hash was originally created. ```Java BCrypt.verifyer(LongPasswordStrategies.truncate(Version.VERSION_2A)).verify(pw, hash); ``` -------------------------------- ### Define Custom Bcrypt Version in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md This Java snippet shows how to create a custom Bcrypt `Version` object. This advanced feature allows developers to define their own version identifiers, message formatters, and parsers for highly specific use cases. ```java Version customVersion2f = new Version(new byte[]{0x32, 0x66} /* 2f */, true, true, myCustomFormatter, myCustomParser); ``` -------------------------------- ### Specify Bcrypt Versions for Hashing in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md These Java snippets demonstrate how to explicitly specify different Bcrypt versions (e.g., `VERSION_2Y`, `VERSION_2B`) when hashing passwords. This is useful for compatibility with other implementations like PHP's bcrypt, which might use specific version identifiers. ```java char[] bcryptChars = BCrypt.with(BCrypt.Version.VERSION_2Y).hashToChar(6, password.toCharArray()); // $2y$06$doGnefu9cbLkJTn8sef7U.dynHJFe5hS6xp7vLWb2Zu7e8cOuMVmS char[] bcryptChars = BCrypt.with(BCrypt.Version.VERSION_2B).hashToChar(6, password.toCharArray()); // $2b$06$GskjDDM9oejRN8pxNhiSZuIw/cnjbsNb8IfWGd3TFQXtRfKTN95r. ``` -------------------------------- ### Hashing Overlong Passwords with BCrypt in Java Source: https://github.com/patrickfav/bcrypt/blob/main/README.md Shows how to handle passwords exceeding 72 bytes using `LongPasswordStrategies` like `truncate` or `hashSha512` during the hashing process. This allows custom behavior instead of throwing an exception. ```Java BCrypt.with(LongPasswordStrategies.truncate(Version.VERSION_2A)).hash(6, pw); BCrypt.with(LongPasswordStrategies.hashSha512(Version.VERSION_2A)).hash(6, pw); //allows to honour all pw bytes ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.