Provide new verify API with signature (char[] password, byte[] bcrypt…

…Hash) refs #16
patrickfav · Apr 15, 2019 · ac12452 · ac12452
1 parent 567907f
commit ac12452
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 0 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -2,6 +2,8 @@
 
 ## v0.8.0
 
+* add new verify API signature accepting char array password and byte array hash
+
 ## v0.7.0
 
 * add OSWAP dependency check plugin to Maven POM #14

diff --git a/modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCrypt.java b/modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCrypt.java
@@ -3,6 +3,7 @@
 import at.favre.lib.bytes.Bytes;
 import at.favre.lib.bytes.BytesTransformer;
 import at.favre.lib.bytes.BytesValidators;
+import at.favre.lib.bytes.MutableBytes;
 
 import java.nio.ByteBuffer;
 import java.nio.charset.Charset;
@@ -443,6 +444,26 @@ public Result verify(char[] password, CharSequence bcryptHash) {
             return verify(password, toCharArray(bcryptHash), null);
         }
 
+        /**
+         * Verify given bcrypt hash, which includes salt and cost factor with given raw password.
+         * The result will have {@link Result#verified} true if they match. If given hash has an
+         * invalid format {@link Result#validFormat} will be false; see also {@link Result#formatErrorMessage}
+         * for easier debugging.
+         * <p>
+         * Same as calling <code>verify(Bytes.from(password, defaultCharset).array(), bcryptHash.toCharArray())</code>
+         *
+         * @param password   to compare against the hash
+         * @param bcryptHash to compare against the password; here the whole bcrypt hash
+         *                   (including salt, etc) in its encoded form is expected not the
+         *                   raw bytes found in {@link HashData#rawHash}
+         * @return result object, see {@link Result} for more info
+         */
+        public Result verify(char[] password, byte[] bcryptHash) {
+            try (MutableBytes pw = Bytes.from(password, defaultCharset).mutable()) {
+                return verify(pw.array(), bcryptHash, null);
+            }
+        }
+
         private static char[] toCharArray(CharSequence charSequence) {
             if (charSequence instanceof String) {
                 return charSequence.toString().toCharArray();

diff --git a/modules/bcrypt/src/test/java/at/favre/lib/crypto/bcrypt/BcryptTest.java b/modules/bcrypt/src/test/java/at/favre/lib/crypto/bcrypt/BcryptTest.java
@@ -143,6 +143,8 @@ private void checkHash(BCrypt.Hasher bCrypt) throws Exception {
         assertTrue(verifyer.verify(pw.getBytes(UTF_8), hash2).verified);
         assertTrue(verifyer.verify(pw.toCharArray(), hash3).verified);
         assertTrue(verifyer.verify(pw.toCharArray(), hash4).verified);
+        assertTrue(verifyer.verify(pw.toCharArray(), hash1).verified);
+        assertTrue(verifyer.verify(pw.toCharArray(), hash2).verified);
         assertEquals(new BCryptParser.Default(new Radix64Encoder.Default(), UTF_8).parse(hash2), hashData);
     }