org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder

已于 2023-07-03 21:58:30 修改
阅读量333 收藏
点赞数
分类专栏: spring 文章标签: java
于 2023-05-19 17:19:17 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/spencer_tseng/article/details/130770908
版权

 

/*
 * Copyright 2002-2011 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.security.crypto.bcrypt;

import java.security.SecureRandom;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * Implementation of PasswordEncoder that uses the BCrypt strong hashing function. Clients
 * can optionally supply a "version" ($2a, $2b, $2y) and a "strength" (a.k.a. log rounds
 * in BCrypt) and a SecureRandom instance. The larger the strength parameter the more work
 * will have to be done (exponentially) to hash the passwords. The default value is 10.
 *
 * @author Dave Syer
 */
public class BCryptPasswordEncoder implements PasswordEncoder {

	private Pattern BCRYPT_PATTERN = Pattern.compile("\\A\\$2(a|y|b)?\\$(\\d\\d)\\$[./0-9A-Za-z]{53}");

	private final Log logger = LogFactory.getLog(getClass());

	private final int strength;

	private final BCryptVersion version;

	private final SecureRandom random;

	public BCryptPasswordEncoder() {
		this(-1);
	}

	/**
	 * @param strength the log rounds to use, between 4 and 31
	 */
	public BCryptPasswordEncoder(int strength) {
		this(strength, null);
	}

	/**
	 * @param version the version of bcrypt, can be 2a,2b,2y
	 */
	public BCryptPasswordEncoder(BCryptVersion version) {
		this(version, null);
	}

	/**
	 * @param version the version of bcrypt, can be 2a,2b,2y
	 * @param random the secure random instance to use
	 */
	public BCryptPasswordEncoder(BCryptVersion version, SecureRandom random) {
		this(version, -1, random);
	}

	/**
	 * @param strength the log rounds to use, between 4 and 31
	 * @param random the secure random instance to use
	 */
	public BCryptPasswordEncoder(int strength, SecureRandom random) {
		this(BCryptVersion.$2A, strength, random);
	}

	/**
	 * @param version the version of bcrypt, can be 2a,2b,2y
	 * @param strength the log rounds to use, between 4 and 31
	 */
	public BCryptPasswordEncoder(BCryptVersion version, int strength) {
		this(version, strength, null);
	}

	/**
	 * @param version the version of bcrypt, can be 2a,2b,2y
	 * @param strength the log rounds to use, between 4 and 31
	 * @param random the secure random instance to use
	 */
	public BCryptPasswordEncoder(BCryptVersion version, int strength, SecureRandom random) {
		if (strength != -1 && (strength < BCrypt.MIN_LOG_ROUNDS || strength > BCrypt.MAX_LOG_ROUNDS)) {
			throw new IllegalArgumentException("Bad strength");
		}
		this.version = version;
		this.strength = (strength == -1) ? 10 : strength;
		this.random = random;
	}

	@Override
	public String encode(CharSequence rawPassword) {
		if (rawPassword == null) {
			throw new IllegalArgumentException("rawPassword cannot be null");
		}
		String salt = getSalt();
		return BCrypt.hashpw(rawPassword.toString(), salt);
	}

	private String getSalt() {
		if (this.random != null) {
			return BCrypt.gensalt(this.version.getVersion(), this.strength, this.random);
		}
		return BCrypt.gensalt(this.version.getVersion(), this.strength);
	}

	@Override
	public boolean matches(CharSequence rawPassword, String encodedPassword) {
		if (rawPassword == null) {
			throw new IllegalArgumentException("rawPassword cannot be null");
		}
		if (encodedPassword == null || encodedPassword.length() == 0) {
			this.logger.warn("Empty encoded password");
			return false;
		}
		if (!this.BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
			this.logger.warn("Encoded password does not look like BCrypt");
			return false;
		}
		return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
	}

	@Override
	public boolean upgradeEncoding(String encodedPassword) {
		if (encodedPassword == null || encodedPassword.length() == 0) {
			this.logger.warn("Empty encoded password");
			return false;
		}
		Matcher matcher = this.BCRYPT_PATTERN.matcher(encodedPassword);
		if (!matcher.matches()) {
			throw new IllegalArgumentException("Encoded password does not look like BCrypt: " + encodedPassword);
		}
		int strength = Integer.parseInt(matcher.group(2));
		return strength < this.strength;
	}

	/**
	 * Stores the default bcrypt version for use in configuration.
	 *
	 * @author Lin Feng
	 */
	public enum BCryptVersion {

		$2A("$2a"),

		$2Y("$2y"),

		$2B("$2b");

		private final String version;

		BCryptVersion(String version) {
			this.version = version;
		}

		public String getVersion() {
			return this.version;
		}

	}

}

密码:加密解密

spencer_tseng
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Spring security中的BCryptPasswordEncoder
荒的博客
03-10 1187
在SpringBoot1.5之前使用的是MD5进行加密处理,但是在SpringBoot2.0之后废弃了该加密算法,采用了BCryptPasswordEncoder BCryptPasswordEncoder中连个常用的方法 加密 BCryptPasswordEncoder encode = new BCryptPasswordEncoder(); encode.encode(passwor...
spring-security-crypto-5.5.2-API文档-中文版.zip
06-04
赠送jar包:spring-security-crypto-5.5.2.jar; 赠送原API文档:spring-security-crypto-5.5.2-javadoc.jar; 赠送源代码:spring-security-crypto-5.5.2-sources.jar; 赠送Maven依赖信息文件:spring-security-crypto-5.5.2.pom; 包含翻译后的API文档:spring-security-crypto-5.5.2-javadoc-API文档-中文(简体)版.zip; Maven坐标:org.springframework.security:spring-security-crypto:5.5.2; 标签:springframeworksecurity、spring、crypto、中文文档、jar包、java; 使用方法:解压翻译后的API文档,用浏览器打开“index.html”文件,即可纵览文档内容。 人性化翻译,文档中的代码和结构保持不变,注释和说明精准翻译,请放心使用。
【配置】SSM项目配置Spring-SecurityBCryptPasswordEncoder密码加密
weixin_44216706的博客
05-24 375
前言: Spring版本:5.2.5.RELEASE MyBatis:3.5.3 数据库MySQL:9 缓存EhCache:2.10.6 依赖 <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-core</artifactId> <version>5.3.2.RELEASE</
springboot 集成spring security(二)
GSON的博客
04-30 377
上一章的练习中,用户名和密码都是写在代码里的,这显然是不符合逻辑的。 一、我们需要在数据库中建立角色表ay_role和用户角色关联表ay_user_rdle_rel 二、建立对应的实体类 package com.example.demo.model; import java.io.Serializable; /** * 角色类 */ public class...
Spring Security 中的 BCryptPasswordEncoder加密、验证策略
爱穿格子裤的专栏
11-27 3914
首先明确一点,那就是 BCrypt 算法是一种 单向Hash加密算法。 算法 特点 有效破解方式 破解难度 其它 对称加密 可以解密出明文 获取密钥 中 需要确保密钥不被泄露 单向Hash 不可解密 碰撞/彩虹表 中 可以通过加盐和多次hash来提高安全性,确保盐不被泄漏 Pbkdf2 不可解密 暂无 难 需要设定合理的参数 加密过程 直接上代码:以 spring-security-core-5.3.4.RELEASE-sources.jar 包中为例,在 BCryptPas
Spring Security系列三 用户密码加密实现
m0_59448100的博客
09-28 1245
对用户的密码进行加密。
使用Spring Security下的BCryptPasswordEncoder进行密码加密
热门推荐
Orcas
08-14 2万+
以往一般都用MD5加盐进行密码加密,现在正好使用Spring Security框架,那么就来了解一下如何使用BCryptPasswordEncoder进行密码加密。 一. BCryptPasswordEncoder源码的大致理解 public class BCryptPasswordEncoder implements PasswordEncoder public interf...
redis密码设置与清空
随心笔记
09-10 742
redis 操作相关 获取密码 config get requirepass 设置密码 config set requirepass 123456 当有密码的时候登录时需要密码登录 auth 密码 取消密码 config set requirepass ''
springboot启动发现PasswordEncoder无法加载问题
zcm036200的博客
12-18 3130
异常信息: Action: Consider defining a bean of type 'org.springframework.security.crypto.password.PasswordEncoder' in your configuration. 2021-12-18 14:40:43.298 ERROR 15452 --- [ main] o.s.test.context.TestContextManager : Caught exc...
Spring SecurityPasswordEncoder密码加密匹配操作
席木木的博客
01-02 3410
Spring Security:`PasswordEncoder`与`BCryptPasswordEncoder`密码加密匹配操作,包含:SpringBoot中注入BCryptPasswordEncoder实例的配置方法,以及BCryptPasswordEncoder与父接口详解、测试方法。
spring-security-crypto-5.6.1-API文档-中文版.zip
05-04
Maven坐标:org.springframework.security:spring-security-crypto:5.6.1; 标签:spring、securityspringframeworkcrypto、jar包、java、中文文档; 使用方法:解压翻译后的API文档,用浏览器打开“index.html...
org.bouncycastle jar包
08-13
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.6.
golang.org.zip
11-21
go语言 下载依赖 package golang.org/x/net/http2/hpack: unrecognized import path "golang.org/x/net/http2/hpack" ... or established connection failed because connected host has failed to respond.)
crypto-js-4.0.0.tar.gz
07-20
crypto.js 资源文件
springoboot与springsecurity整合基础篇
点点滴滴
04-07 138
本章节基础入门篇 话不多说开干 首先引入springsecurity的pom <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> 首先你要 WebSec
Spring Security学习(三)——密码加密
sadoshi的专栏
10-16 1715
上一篇文章我们实现了从数据库读取用户名密码到Spring Security中,并验证登录成功。不过密码的形式有点奇怪,这篇文章我们研究一下密码加密和比对的问题。
maven配置spring security5新手简单入门配置
qq_37099009的博客
09-23 1368
1.pom依赖 <!-- Spring Security--> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-web</artifactId> <...
Spring SecurityBCryptPasswordEncoder类 对密码进行加密与密码匹配
weixin_41318009的博客
07-30 909
一、SpringBoot 结合 Spring Security安全需要引入的基础jar org.springframework.boot spring-boot-starter-security org.springframework.security spring-security-jwt 1.1.0.RELEASE 二、使用spring security进行密码加密与密码匹配说明 spring security中的BCryptPasswordEncoder方法采用SHA-256 +随机盐+密钥
Spring Security 密码编码
allway2的博客
09-06 1004
要实例化,我们可以选择传递盐的长度、生成的哈希长度、CPU 成本参数、内存成本参数和并行化参数。要实例化,我们可以选择传递要包含在密码哈希、迭代次数和哈希大小中的秘密值。在我们的 Spring Security Java 配置中,要启用特定的密码编码器,只需为该密码编码器创建一个 bean。在 Spring Security Java 配置中使用,只需创建它的 bean。在 XML 配置中,要使用密码编码器,请为密码编码器创建一个 bean,并使用。在 XML 配置中找到要创建的 bean,并使用。
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private JwtTokenProvider jwtTokenProvider; @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests() .antMatchers("/api/**").authenticated() .and() .apply(new JwtConfigurer(jwtTokenProvider)); } @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); } @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(12); } } 这段代码中JwtConfigurer报错,帮我修改下
最新发布
05-25
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.authentication....

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值