mindol1004/getting-started
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add simple examples for password encoders

Browse Source
This commit is contained in:
akuksin
2020-02-20 22:10:17 +01:00
parent ef9fe2c506
commit 2ae9c0b2ae
8 changed files with 154 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
spring-boot/password-encoding/src/main/java/io/reflectoring/passwordencoding/encoder/Argon2Example.java Normal file
View File

@@ -0,0 +1,18 @@
package io.reflectoring.passwordencoding.encoder;
import org.springframework.security.crypto.argon2.Argon2PasswordEncoder;
public class Argon2Example {
public String encode(String plainPassword) {
int saltLength = 16; // salt length in bytes
int hashLength = 32; // hash length in bytes
int parallelism = 1; // currently is not supported
int memory = 4096; // memory costs
int iterations = 3;
Argon2PasswordEncoder argon2PasswordEncoder = new Argon2PasswordEncoder(saltLength, hashLength, parallelism, memory, iterations);
return argon2PasswordEncoder.encode(plainPassword);
}
}

14
spring-boot/password-encoding/src/main/java/io/reflectoring/passwordencoding/encoder/BCryptExample.java Normal file
View File

@@ -0,0 +1,14 @@
package io.reflectoring.passwordencoding.encoder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import java.security.SecureRandom;
public class BCryptExample {
public String encode(String plainPassword) {
int strength = 10;
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder(strength, new SecureRandom());
return bCryptPasswordEncoder.encode(plainPassword);
}
}

16
spring-boot/password-encoding/src/main/java/io/reflectoring/passwordencoding/encoder/Pbkdf2Example.java Normal file
View File

@@ -0,0 +1,16 @@
package io.reflectoring.passwordencoding.encoder;
import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
public class Pbkdf2Example {
public String encode(String plainPassword) {
String pepper = "pepper"; // secret key used by password encoding
int iterations = 200000; // number of hash iteration
int hashWidth = 256; // hash with in bits
Pbkdf2PasswordEncoder pbkdf2PasswordEncoder = new Pbkdf2PasswordEncoder(pepper, iterations, hashWidth);
return pbkdf2PasswordEncoder.encode(plainPassword);
}
}

17
spring-boot/password-encoding/src/main/java/io/reflectoring/passwordencoding/encoder/SCryptExample.java Normal file
View File

@@ -0,0 +1,17 @@
package io.reflectoring.passwordencoding.encoder;
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
public class SCryptExample {
public String encode(String plainPassword) {
int cpuCost = (int) Math.pow(2, 14); // factor to increase CPU costs
int memoryCost = 8; // factor to increases memory usage
int parallelization = 1; // currently nor supported by Spring Security
int keyLength = 32; // key length in bytes
int saltLength = 64; // salt length in bytes
SCryptPasswordEncoder sCryptPasswordEncoder = new SCryptPasswordEncoder(cpuCost, memoryCost, parallelization, keyLength, saltLength);
return sCryptPasswordEncoder.encode(plainPassword);
}
}

22
spring-boot/password-encoding/src/test/java/io/reflectoring/passwordencoding/encoder/Argon2ExampleTest.java Normal file
View File

@@ -0,0 +1,22 @@
package io.reflectoring.passwordencoding.encoder;
import org.junit.jupiter.api.Test;
import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
class Argon2ExampleTest {
private Argon2Example argon2Example = new Argon2Example();
@Test
void encode() {
// given
String plainPassword = "password";
// when
String actual = argon2Example.encode(plainPassword);
// then
assertThat(actual).startsWith("$argon2id$v=19$m=4096,t=3,p=1");
}
}

22
spring-boot/password-encoding/src/test/java/io/reflectoring/passwordencoding/encoder/BCryptExampleTest.java Normal file
View File

@@ -0,0 +1,22 @@
package io.reflectoring.passwordencoding.encoder;
import org.junit.jupiter.api.Test;
import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
class BCryptExampleTest {
private BCryptExample bcryptExample = new BCryptExample();
@Test
void encode() {
// given
String plainPassword = "password";
// when
String encoded = bcryptExample.encode(plainPassword);
// then
assertThat(encoded).startsWith("$2a$10");
}
}

22
spring-boot/password-encoding/src/test/java/io/reflectoring/passwordencoding/encoder/Pbkdf2ExampleTest.java Normal file
View File

@@ -0,0 +1,22 @@
package io.reflectoring.passwordencoding.encoder;
import org.junit.jupiter.api.Test;
import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
class Pbkdf2ExampleTest {
private Pbkdf2Example pbkdf2Example = new Pbkdf2Example();
@Test
void encode() {
// given
String plainPassword = "plainPassword";
// when
String actual = pbkdf2Example.encode(plainPassword);
// then
assertThat(actual).hasSize(80);
}
}

23
spring-boot/password-encoding/src/test/java/io/reflectoring/passwordencoding/encoder/SCryptExampleTest.java Normal file
View File

@@ -0,0 +1,23 @@
package io.reflectoring.passwordencoding.encoder;
import org.junit.jupiter.api.Test;
import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
class SCryptExampleTest {
private SCryptExample sCryptExample = new SCryptExample();
@Test
void encode() {
// given
String plainPassword = "password";
// when
String actual = sCryptExample.encode(plainPassword);
// then
assertThat(actual).hasSize(140);
assertThat(actual).startsWith("$e0801");
}
}