Comments (4)
Hi @realkarmakun,
the feature requested is in master
brach. The 1.7.0 release will be public by the end of the week.
You can check if there have been an update with a boolean flag like in this example:
HashUpdate update = Password.check(password, hash.getResult())
.andUpdate().with(...);
update.isUpdated() // true or false
Using a different algoritmh even with different parameters, using #addNewSalt(...)
or #addNewPepper(...)
makes the library to recalculate the hash.
If you need to force for any reason the update, you can use #forceUpdate()
. For example Bcrypt salt could be regenerated internally by the library.
HashUpdate updated5 = Password.check(password, hash.getResult())
.andUpdate().forceUpdate().with(...);
update.isUpdated() // true
from password4j.
Hi @realkarmakun ,
version 1.7.0 is now public.
See the changelog for further information.
from password4j.
Hi @realkarmakun thanks for the suggestion.
Do you need a boolean function that tells if you need to update the hash or just the certainty that the library would not calculate a new hash?
I prefer the first one, because one would need to regenerate the salt event if the parameters didn't change.
from password4j.
@firaja
Yes I prefer first option as well. It would allow more control over when generation happens and overall more intuitive (IMHO). Checks if update is needed => Updates the hash.
Not sure about handling updates between algorithms in this case though. Is it possible to check what algorithm was used in original hash after the check call?
from password4j.
Related Issues (20)
- Library cannot be loaded on Java8 JVMs HOT 3
- Bad Shift in Bcrypt cryptRaw HOT 9
- JDK17: java.security.AccessController is deprecated HOT 2
- static block in Password class does not initialize due to NPE HOT 3
- Password4J Module Support HOT 1
- Wrong hashes when characters outside of ISO 8859-1 are used HOT 7
- Support for Balloon Hashing HOT 10
- There is no option to disable console printBanner. HOT 4
- stdout polluted with friendly message HOT 2
- Argon2: fix addRandomSalt
- Move assertions into separate method or use assertThrows or try-catch instead. HOT 2
- Align default values to OWASP recommended
- Remove logging functionalities HOT 2
- Add banner HOT 2
- Remove the remaining dependencies
- Argon2 not working as expected HOT 11
- Inconsistency between public and internal APIs HOT 1
- Configurable salt length HOT 8
- Please provide byte array based hashing HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from password4j.