Replace wrongly packaged bcrypt lib

See patrickfav/bcrypt#38
sidneywidmer · May 21, 2021 · 2f0885d · 2f0885d
1 parent a661afd
commit 2f0885d
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 6 deletions.
diff --git a/app/build.gradle b/app/build.gradle
@@ -37,7 +37,7 @@ dependencies {
     implementation 'org.hibernate.validator:hibernate-validator:6.0.13.Final'
     implementation 'org.glassfish:javax.el:3.0.0'
     implementation 'com.auth0:java-jwt:3.15.0'
-    implementation 'at.favre.lib:bcrypt:0.9.0'
+    implementation 'org.mindrot:jbcrypt:0.4'
 
     // query bean generation
     annotationProcessor 'io.ebean:querybean-generator:12.8.0'

diff --git a/app/src/main/java/ch/nebula/recorder/core/Hasher.java b/app/src/main/java/ch/nebula/recorder/core/Hasher.java
@@ -1,6 +1,7 @@
 package ch.nebula.recorder.core;
 
-import at.favre.lib.crypto.bcrypt.BCrypt;
+
+import org.mindrot.jbcrypt.BCrypt;
 
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
@@ -10,12 +11,10 @@ public class Hasher {
      * Create a salted bcrypt hash of given password string
      */
     public String make(String password) throws InvalidKeySpecException, NoSuchAlgorithmException {
-        return BCrypt.withDefaults().hashToString(12, password.toCharArray());
+        return BCrypt.hashpw(password, BCrypt.gensalt(12));
     }
 
     public boolean check(String password, String hash) {
-        var result = BCrypt.verifyer().verify(password.toCharArray(), hash);
-
-        return result.verified;
+        return BCrypt.checkpw(password, hash);
     }
 }