Class BCryptHash

java.lang.Object

cloud.opencode.base.crypto.password.BCryptHash

All Implemented Interfaces:

PasswordHash

public final class BCryptHash
extends Object
implements PasswordHash

BCrypt password hashing implementation - Adaptive password hashing based on the Blowfish cipher BCrypt 密码哈希实现 - 基于 Blowfish 密码的自适应密码哈希

BCrypt is a password hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher. It incorporates a salt to protect against rainbow table attacks and is adaptive, meaning the iteration count can be increased to make it slower as computers get faster.

BCrypt 是由 Niels Provos 和 David Mazières 设计的密码哈希函数， 基于 Blowfish 密码。它包含盐值以防止彩虹表攻击，并且是自适应的， 这意味着可以增加迭代次数使其变慢，以应对计算机速度的提升。

BCrypt uses a work factor (cost) parameter that determines the number of iterations. The number of iterations is 2^cost. A cost of 12 means 4096 iterations.

BCrypt 使用工作因子（成本）参数来确定迭代次数。 迭代次数为 2^成本。成本为 12 表示 4096 次迭代。

Usage example:

// Create BCrypt hasher with default cost (12)
PasswordHash hasher = BCryptHash.create();

// Hash a password
String hash = hasher.hash("myPassword123");

// Verify a password
boolean valid = hasher.verify("myPassword123", hash);

// Check if rehashing is needed (cost increased)
if (hasher.needsRehash(hash)) {
    String newHash = hasher.hash("myPassword123");
}

Features | 主要功能:

• BCrypt password hashing - BCrypt 密码哈希
• Configurable cost factor (4-31) - 可配置代价因子（4-31）

Usage Examples | 使用示例:

BCryptHash bcrypt = BCryptHash.create();
String hash = bcrypt.hash("password");
boolean valid = bcrypt.verify("password", hash);

Security | 安全性:

• Thread-safe: Yes - 线程安全: 是
• Null-safe: Yes - 空值安全: 是

Performance | 性能特性:

• Time complexity: O(2^cost) - 时间复杂度: O(2^cost)，cost为工作因子
• Space complexity: O(1) - 空间复杂度: O(1)

Since:

JDK 25, opencode-base-crypto V1.0.0

Author:

Leon Soo www.LeonSoo.com

See Also:

• OpenCode.cloud

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	BCryptHash.Builder	Builder for creating customized BCrypt hashers 用于创建自定义 BCrypt 哈希器的构建器

Method Summary

Modifier and Type	Method	Description
static BCryptHash.Builder	builder()	Create a builder for custom BCrypt configuration 创建用于自定义 BCrypt 配置的构建器
static BCryptHash	create()	Create BCrypt hasher with default cost factor (12) 使用默认成本因子（12）创建 BCrypt 哈希器
String	getAlgorithm()	Get the algorithm name for this password hash implementation 获取此密码哈希实现的算法名称
String	hash(char[] password)	Hash a password from a character array 从字符数组哈希密码
String	hash(String password)	Hash a password from a string 从字符串哈希密码
boolean	needsRehash(String hash)	Check if a hash needs to be rehashed with current parameters 检查哈希值是否需要使用当前参数重新哈希
boolean	verify(char[] password, String hash)	Verify a password against a hash using character array 使用字符数组验证密码与哈希值
boolean	verify(String password, String hash)	Verify a password against a hash using string 使用字符串验证密码与哈希值
static BCryptHash	withCost(int cost)	Create BCrypt hasher with custom cost factor 使用自定义成本因子创建 BCrypt 哈希器

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

create

public static BCryptHash create()

Create BCrypt hasher with default cost factor (12) 使用默认成本因子（12）创建 BCrypt 哈希器

Returns:

BCrypt password hasher

withCost

public static BCryptHash withCost(int cost)

Create BCrypt hasher with custom cost factor 使用自定义成本因子创建 BCrypt 哈希器

Parameters:

cost - the cost factor (4-31, recommended 12-14)

Returns:

BCrypt password hasher

Throws:

IllegalArgumentException - if cost is out of valid range

builder

public static BCryptHash.Builder builder()

Create a builder for custom BCrypt configuration 创建用于自定义 BCrypt 配置的构建器

Returns:

builder instance

hash

public String hash(char[] password)

Description copied from interface: PasswordHash

Hash a password from a character array 从字符数组哈希密码

Specified by:

hash in interface PasswordHash

Parameters:

password - the password to hash (will not be modified)

Returns:

the hash string (self-describing format)

hash

public String hash(String password)

Description copied from interface: PasswordHash

Hash a password from a string 从字符串哈希密码

Specified by:

hash in interface PasswordHash

Parameters:

password - the password to hash

Returns:

the hash string (self-describing format)

verify

public boolean verify(char[] password,
 String hash)

Description copied from interface: PasswordHash

Verify a password against a hash using character array 使用字符数组验证密码与哈希值

Specified by:

verify in interface PasswordHash

Parameters:

password - the password to verify (will not be modified)

hash - the hash to verify against

Returns:

true if password matches the hash, false otherwise

verify

public boolean verify(String password,
 String hash)

Description copied from interface: PasswordHash

Verify a password against a hash using string 使用字符串验证密码与哈希值

Specified by:

verify in interface PasswordHash

Parameters:

password - the password to verify

hash - the hash to verify against

Returns:

true if password matches the hash, false otherwise

needsRehash

public boolean needsRehash(String hash)

Description copied from interface: PasswordHash

Check if a hash needs to be rehashed with current parameters 检查哈希值是否需要使用当前参数重新哈希

Returns true if the hash was created with different parameters than the current instance, indicating the password should be rehashed on next successful authentication.

Specified by:

needsRehash in interface PasswordHash

Parameters:

hash - the hash to check

Returns:

true if rehashing is needed, false otherwise

getAlgorithm

public String getAlgorithm()

Description copied from interface: PasswordHash

Get the algorithm name for this password hash implementation 获取此密码哈希实现的算法名称

Specified by:

getAlgorithm in interface PasswordHash

Returns:

algorithm name