[enhancement] Bcrypt.Verifyer.verify(char[] password, byte[] bcryptHash)

[Andrew-Cottrell]

While converting some existing code to the bcrypt API, I ran in to a (very) minor pain-point.

When working with some APIs it is natural for the password to be a char[] (e.g. passed to javax.crypto.spec.PBEKeySpec ctor) and the bcryptHash to be a byte[] (e.g. read fully from a java.io.DataInputStream).

This is probably an advanced use-case, but it would be nice to have Bcrypt.Verifyer.verify(char[] password, byte[] bcryptHash).

[patrickfav]

Is added. Downside is, that this can be a bit confusing as it expects the byte representation of a chars representing a base64 string.

[Andrew-Cottrell]

I have run a quick test and the new method works exactly as I would expect.

public static void main(final String[] args) {
    final char[] password = "password".toCharArray();
    final byte[] bcryptHash = "$2a$12$Kuy09vX7/OoqoDBcKFvbluzt0/kj.PYAYFyyuXyW0kA/sCgk6wKCW".getBytes(StandardCharsets.UTF_8);
    final Result result = BCrypt.verifyer().verify(password, bcryptHash);
    System.out.println(result);
}

Output (formatted):

Result {
    details = HashData {
        cost = 12,
        version = $2a$,
        rawSalt = 330d36ff167d050aaca850de307c5d9f,
        rawHash = d6fd819a5011682687d34c19d18da6081b848a6f323046
    },
    validFormat = true,
    verified = true,
    formatErrorMessage = 'null'
}

It's perfect for my use-case. Thank you.