Statements
In order to produce an hash with any of the algorithms included in Password4j, you can build a statement based on dot-notation as it follows:
Hash hash = Password.hash(password)
// choose none or one of the following to:
.addSalt(customSalt) // add a user-defined salt
.addRandomSalt(length) // a random salt with a user-defined length
.addRandomSalt() // a random salt of 64 bytes
// choose none or one of the following to:
.addPepper(customPepper) // add a user-defined pepper
.addPepper() // add the pepper defined in psw4j.properties file
// choose one of the following to:
.withXXX() // hash with a function defined in the psw4j.properties file (replace XXX with the name of the function)
.with(function); // hash with a user-defined functionwithXXX() is replaced with:
-
withPBKDF2()for PBKDF2 -
withCompressedPBKDF2()for Compressed PBKDF2 -
withBCrypt()for bcrypt -
withSCrypt()for scrypt -
withArgon2()for Argon2 - (legacy)
withMessageDigest()for message digests
In order to verify an hash against a user password with any of the algorithms included in Password4j, you can build a statement based on dot-notation as it follows:
boolean verified = Password.check(hash, password)
// choose none or one of the following to:
.addSalt(customSalt) // add a user-defined salt
.addRandomSalt(length) // a random salt with a user-defined length
.addRandomSalt() // a random salt of 64 bytes
// choose none or one of the following to:
.addPepper(customPepper) // add a user-defined pepper
.addPepper() // add the pepper defined in psw4j.properties file
// choose one of the following to:
.withXXX() // hash with a function defined in the psw4j.properties file (replace XXX with the name of the function)
.with(function); // hash with a user-defined functionwithXXX() is replaced with:
-
withPBKDF2()for PBKDF2 -
withCompressedPBKDF2()for Compressed PBKDF2 -
withBCrypt()for bcrypt -
withSCrypt()for scrypt -
withArgon2()for Argon2 - (legacy)
withMessageDigest()for message digests
