Package com.codingchili.core.security

Class HashFactory

java.lang.Object

com.codingchili.core.security.HashFactory

public class HashFactory
extends Object

Handles the hashing of passwords and the generation of the salts used in the hashing; internally in Argon2.

Uses mutable data types for storing plaintext passwords to allow wiping. Reduces effectiveness of core dumps slightly, as awaiting gc takes much longer time.

Constructor Summary

Constructors

Constructor	Description
HashFactory(CoreContext context)	Creates a new hash factory - requires a context to be created.

Method Summary

Modifier and Type	Method	Description
io.vertx.core.Future<String>	hash(char[] plaintext)	Async hashing a password with an internal salt using ARGON2.
void	verify(io.vertx.core.Handler<io.vertx.core.AsyncResult<Void>> future, String expected, char[] plaintext)	Verifies a plaintext password against a hashed password.
void	wipe(char[] sensitive)	Wipes an array that contains sensitive data.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

HashFactory

public HashFactory(CoreContext context)

Creates a new hash factory - requires a context to be created.

Parameters:

context - core context to execute on.

Method Details

verify

public void verify(io.vertx.core.Handler<io.vertx.core.AsyncResult<Void>> future,
 String expected,
 char[] plaintext)

Verifies a plaintext password against a hashed password.

Parameters:

future - callback

expected - the expected outcome of the hash operation.

plaintext - the plaintext password to be hashed and compared to expected.

hash

public io.vertx.core.Future<String> hash(char[] plaintext)

Async hashing a password with an internal salt using ARGON2.

Parameters:

plaintext - plaintext password to be hashed.

Returns:

callback

wipe

public void wipe(char[] sensitive)

Wipes an array that contains sensitive data.

Parameters:

sensitive - the data to be wiped.