org.springframework.security.crypto.password.Pbkdf2PasswordEncoder Java Examples

The following examples show how to use org.springframework.security.crypto.password.Pbkdf2PasswordEncoder. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: Pbkdf2Example.java    From code-examples with MIT License 7 votes vote down vote up
public String encode(String plainPassword) {

    String pepper = "pepper"; // secret key used by password encoding
    int iterations = 200000; // number of hash iteration
    int hashWidth = 256; // hash with in bits

    Pbkdf2PasswordEncoder pbkdf2PasswordEncoder =
        new Pbkdf2PasswordEncoder(pepper, iterations, hashWidth);
    return pbkdf2PasswordEncoder.encode(plainPassword);
  }
 
Example #2
Source File: PasswordEncoderFactory.java    From authmore-framework with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("deprecation")
public static PasswordEncoder createDelegatingPasswordEncoder() {
    String encodingId = "pbkdf2";
    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put(encodingId, new BCryptPasswordEncoder());
    encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder());
    encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder());
    encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5"));
    encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance());
    encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
    encoders.put("scrypt", new SCryptPasswordEncoder());
    encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1"));
    encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256"));
    encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());

    return new DelegatingPasswordEncoder(encodingId, encoders);
}
 
Example #3
Source File: Pbkdf2WorkFactorService.java    From code-examples with MIT License 6 votes vote down vote up
/**
 * Finds the number of Iteration for the {@link Pbkdf2PasswordEncoder} to get the duration of
 * password encoding close to 1s. The Calculation does not use any secret (pepper) and applies
 * hash algorithm SHA256.
 */
public int calculateIteration() {

  int iterationNumber = 150000;
  while (true) {
    Pbkdf2PasswordEncoder pbkdf2PasswordEncoder =
        new Pbkdf2PasswordEncoder(NO_ADDITIONAL_SECRET, iterationNumber, HASH_WIDTH);

    Stopwatch stopwatch = Stopwatch.createStarted();
    pbkdf2PasswordEncoder.encode(TEST_PASSWORD);
    stopwatch.stop();

    long duration = stopwatch.elapsed(TimeUnit.MILLISECONDS);
    if (duration > GOAL_MILLISECONDS_PER_PASSWORD) {
      return iterationNumber;
    }
    iterationNumber += ITERATION_STEP;
  }
}
 
Example #4
Source File: PasswordEncoderFactoriesTest.java    From spring-boot-demo with MIT License 5 votes vote down vote up
public static PasswordEncoder newPasswordEncoder(final String encoderType) {

        switch (encoderType) {
            case "bcrypt":
                return new BCryptPasswordEncoder();
            case "ldap":
                return new org.springframework.security.crypto.password.LdapShaPasswordEncoder();
            case "MD4":
                return new org.springframework.security.crypto.password.Md4PasswordEncoder();
            case "MD5":
                return new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5");
            case "noop":
                return org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance();
            case "pbkdf2":
                return new Pbkdf2PasswordEncoder();
            case "scrypt":
                return new SCryptPasswordEncoder();
            case "SHA-1":
                return new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1");
            case "SHA-256":
                return new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256");
            case "sha256":
                return new org.springframework.security.crypto.password.StandardPasswordEncoder();
            default:
                return NoOpPasswordEncoder.getInstance();
        }
    }
 
Example #5
Source File: WebSecurityConfig.java    From Spring-5.0-Projects with MIT License 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder() {
	
	  Map<String,PasswordEncoder> encoders = new HashMap<>();
	  encoders.put(PwdEncodingAlgo.BCrypt.getStatus(), new BCryptPasswordEncoder());
	  encoders.put(PwdEncodingAlgo.Pbkf2.getStatus(), new Pbkdf2PasswordEncoder());
	  encoders.put(PwdEncodingAlgo.SCrypt.getStatus(), new SCryptPasswordEncoder());
	 
	  return new DelegatingPasswordEncoder(PwdEncodingAlgo.BCrypt.getStatus(), encoders);
}