Package org.springframework.security.crypto.password4j

Class Argon2Password4jPasswordEncoder

java.lang.Object

org.springframework.security.crypto.password.AbstractValidatingPasswordEncoder

org.springframework.security.crypto.password4j.Argon2Password4jPasswordEncoder

All Implemented Interfaces:

PasswordEncoder

public class Argon2Password4jPasswordEncoder
extends AbstractValidatingPasswordEncoder

Implementation of PasswordEncoder that uses the Password4j library with Argon2 hashing algorithm.

Argon2 is the winner of the Password Hashing Competition (2015) and is recommended for new applications. It provides excellent resistance against GPU-based attacks and includes built-in salt generation. This implementation leverages Password4j's Argon2 support which properly includes the salt in the output hash.

This implementation is thread-safe and can be shared across multiple threads.

Usage Examples:

 // Using default Argon2 settings (recommended)
 PasswordEncoder encoder = new Argon2Password4jPasswordEncoder();

 // Using custom Argon2 configuration
 PasswordEncoder customEncoder = new Argon2Password4jPasswordEncoder(
     Argon2Function.getInstance(65536, 3, 4, 32, Argon2.ID));
 

Since:

7.0

See Also:

• Argon2Function
• AlgorithmFinder.getArgon2Instance()

Constructor Summary

Constructors

Constructor	Description
Argon2Password4jPasswordEncoder()	Constructs an Argon2 password encoder using the default Argon2 configuration from Password4j's AlgorithmFinder.
Argon2Password4jPasswordEncoder(com.password4j.Argon2Function argon2Function)	Constructs an Argon2 password encoder with a custom Argon2 function.

Method Summary

Modifier and Type	Method	Description
protected String	encodeNonNullPassword(String rawPassword)
protected boolean	matchesNonNull(String rawPassword, String encodedPassword)
protected boolean	upgradeEncodingNonNull(String encodedPassword)

Methods inherited from class org.springframework.security.crypto.password.AbstractValidatingPasswordEncoder

encode, matches, upgradeEncoding

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Argon2Password4jPasswordEncoder

public Argon2Password4jPasswordEncoder()

Constructs an Argon2 password encoder using the default Argon2 configuration from Password4j's AlgorithmFinder.

Argon2Password4jPasswordEncoder

public Argon2Password4jPasswordEncoder(com.password4j.Argon2Function argon2Function)

Constructs an Argon2 password encoder with a custom Argon2 function.

Parameters:

argon2Function - the Argon2 function to use for encoding passwords, must not be null

Throws:

IllegalArgumentException - if argon2Function is null

Method Details

encodeNonNullPassword

protected String encodeNonNullPassword(String rawPassword)

Specified by:

encodeNonNullPassword in class AbstractValidatingPasswordEncoder

matchesNonNull

protected boolean matchesNonNull(String rawPassword,
 String encodedPassword)

Specified by:

matchesNonNull in class AbstractValidatingPasswordEncoder

upgradeEncodingNonNull

protected boolean upgradeEncodingNonNull(String encodedPassword)

Overrides:

upgradeEncodingNonNull in class AbstractValidatingPasswordEncoder