Interface PasswordHash

All Known Implementing Classes:
Argon2Hash, BCryptHash, Pbkdf2Hash, SCryptHash
public interface PasswordHash
Password hashing interface for secure password storage - Provides methods for hashing and verifying passwords 密码哈希接口,用于安全存储密码 - 提供密码哈希和验证方法

Features | 主要功能:

  • Password hashing and verification - 密码哈希和验证
  • Support for String and char[] inputs - 支持 String 和 char[] 输入
  • Hash upgrade detection - 哈希升级检测

Usage Examples | 使用示例:

PasswordHash hasher = Argon2Hash.argon2id();
String hash = hasher.hash("password");
boolean valid = hasher.verify("password", hash);

Security | 安全性:

  • Thread-safe: Yes - 线程安全: 是
  • Null-safe: Partial - 空值安全: 部分

Performance | 性能特性:

  • Time complexity: O(cost) - 时间复杂度: O(cost),cost为算法参数
  • Space complexity: O(1) - 空间复杂度: O(1)
Since:
JDK 25, opencode-base-crypto V1.0.0
Author:
Leon Soo www.LeonSoo.com
See Also:

  • Method Summary

    Modifier and Type
    Method
    Description
    String
    getAlgorithm()
    Get the algorithm name for this password hash implementation 获取此密码哈希实现的算法名称
    String
    hash(char[] password)
    Hash a password from a character array 从字符数组哈希密码
    String
    hash(String password)
    Hash a password from a string 从字符串哈希密码
    boolean
    needsRehash(String hash)
    Check if a hash needs to be rehashed with current parameters 检查哈希值是否需要使用当前参数重新哈希
    static void
    secureErase(char[] password)
    Securely erase a password character array by overwriting with zeros 通过用零覆盖来安全擦除密码字符数组
    boolean
    verify(char[] password, String hash)
    Verify a password against a hash using character array 使用字符数组验证密码与哈希值
    boolean
    verify(String password, String hash)
    Verify a password against a hash using string 使用字符串验证密码与哈希值

  • Method Details

    • hash

      String hash(char[] password)
      Hash a password from a character array 从字符数组哈希密码
      Parameters:
      password - the password to hash (will not be modified)
      Returns:
      the hash string (self-describing format)
      Throws:
      NullPointerException - if password is null

    • hash

      String hash(String password)
      Hash a password from a string 从字符串哈希密码
      Parameters:
      password - the password to hash
      Returns:
      the hash string (self-describing format)
      Throws:
      NullPointerException - if password is null

    • verify

      boolean verify(char[] password, String hash)
      Verify a password against a hash using character array 使用字符数组验证密码与哈希值
      Parameters:
      password - the password to verify (will not be modified)
      hash - the hash to verify against
      Returns:
      true if password matches the hash, false otherwise
      Throws:
      NullPointerException - if password or hash is null

    • verify

      boolean verify(String password, String hash)
      Verify a password against a hash using string 使用字符串验证密码与哈希值
      Parameters:
      password - the password to verify
      hash - the hash to verify against
      Returns:
      true if password matches the hash, false otherwise
      Throws:
      NullPointerException - if password or hash is null

    • needsRehash

      boolean needsRehash(String hash)
      Check if a hash needs to be rehashed with current parameters 检查哈希值是否需要使用当前参数重新哈希

      Returns true if the hash was created with different parameters than the current instance, indicating the password should be rehashed on next successful authentication.

      Parameters:
      hash - the hash to check
      Returns:
      true if rehashing is needed, false otherwise
      Throws:
      NullPointerException - if hash is null

    • secureErase

      static void secureErase(char[] password)
      Securely erase a password character array by overwriting with zeros 通过用零覆盖来安全擦除密码字符数组
      Parameters:
      password - the password array to erase (can be null)

    • getAlgorithm

      String getAlgorithm()
      Get the algorithm name for this password hash implementation 获取此密码哈希实现的算法名称
      Returns:
      algorithm name