0

i have create an university project with Java And Symfony when the user register from my java app he can login with both java and symfony , but the contrary it is impossible , it only login from symfony and it display to me this error in java

Caused by: java.lang.IllegalArgumentException: Invalid salt revision

Cryptage Methode : Bcrypt Security.yml Symf

        App\Entity\Utilisateur: 
        algorithm: bcrypt
        encode_as_base64: false
        iterations: 1

Utilisateur entity

 /**
 * Returning a salt is only needed, if you are not using a modern
 * hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.
 *
 * @see UserInterface
 */
public function getSalt(): ?string
{
    return null;
}

JAVA

Login Method

 if (rs.getString("email").equals(t.getEmail()) && BCrypt.checkpw(t.getMotpasse(), rs.getString("motpasse")) == true) {
                    if (rs.getString("activated").equals("Active")) {
                        idUser = rs.getInt("idU");
TrpTOdo
  • 3
  • 2
  • Can you paraphrase it the way to clarify what the question is, please? Also, it doesn't work as an excellent way to describe the issue. Add some details of what you tried, what you think the problem is, what you tried doing yourself etc. – Dmytro Chasovskyi May 16 '22 at 17:43

1 Answers1

0

For more information on this error check BCrypt.checkpw() Invalid salt version exception

I would suggest you start to debug the following piece of your code:

BCrypt.checkpw(t.getMotpasse(), rs.getString("motpasse"))

Check in your database what the value for the hashed password is. Does it match the expected value of $xy$... where xy should be 2a, 2b, 2y or similar.

Check in your Java code what the values of password t.getMotpasse() and hashed password rs.getString("motpasse") are; log them/debug the code.

Make sure to check the documentation, that you are providing the arguments of checkpw in the correct order (plain, hashed and not hashed, plain).

But I suspect that your PHP library generates a newer salt version (revision) that your current java library does not support. See for example https://github.com/djmdjm/jBCrypt/issues/2

Some code examples that i could find throw this exception when the salt version is not 2a, which would explain why generated salts from Java do work, but from Php don't.

In that case you will either have to:

  • make sure the PHP code generates salt versions 2a
  • upgrade/change the Java BCrypt library to a version that supports the newer salt revision
slindenau
  • 1,091
  • 2
  • 11
  • 18