| | |
| | | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
| | | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| | | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| | | * Portions Copyright 2026 3A Systems, LLC. |
| | | */ |
| | | |
| | | package org.opends.server.extensions; |
| | |
| | | * call the hashpw method with a random salt, like this: |
| | | * <p> |
| | | * <code> |
| | | * String pw_hash = BCrypt.hashpw(plain_password, BCrypt.gensalt()); <br /> |
| | | * String pw_hash = BCrypt.hashpw(plain_password, BCrypt.gensalt()); <br> |
| | | * </code> |
| | | * <p> |
| | | * To check whether a plaintext password matches one that has been |
| | | * hashed previously, use the checkpw method: |
| | | * <p> |
| | | * <code> |
| | | * if (BCrypt.checkpw(candidate_password, stored_hash))<br /> |
| | | * System.out.println("It matches");<br /> |
| | | * else<br /> |
| | | * System.out.println("It does not match");<br /> |
| | | * if (BCrypt.checkpw(candidate_password, stored_hash))<br> |
| | | * System.out.println("It matches");<br> |
| | | * else<br> |
| | | * System.out.println("It does not match");<br> |
| | | * </code> |
| | | * <p> |
| | | * The gensalt() method takes an optional parameter (log_rounds) |
| | | * that determines the computational complexity of the hashing: |
| | | * <p> |
| | | * <code> |
| | | * String strong_salt = BCrypt.gensalt(10)<br /> |
| | | * String stronger_salt = BCrypt.gensalt(12)<br /> |
| | | * String strong_salt = BCrypt.gensalt(10)<br> |
| | | * String stronger_salt = BCrypt.gensalt(12)<br> |
| | | * </code> |
| | | * <p> |
| | | * The amount of work increases exponentially (2**log_rounds), so |