BCrypt.checkpw() Invalid salt version exception

Tags: , , , ,



I’m trying to implement authentication using BCrypt, in my Play 2.1. Java application, but I’m getting Invalid salt version exception when I’m trying to authenticate the user.

This is my stack trace

play.api.Application$$anon$1: Execution exception[[IllegalArgumentException: Invalid salt version]]
at play.api.Application$class.handleError(Application.scala:289) ~[play_2.10.jar:2.1.0]
at play.api.DefaultApplication.handleError(Application.scala:383) [play_2.10.jar:2.1.0]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anon$2$$anonfun$handle$1.apply(PlayDefaultUpstreamHandler.scala:132) [play_2.10.jar:2.1.0]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anon$2$$anonfun$handle$1.apply(PlayDefaultUpstreamHandler.scala:128) [play_2.10.jar:2.1.0]
at play.api.libs.concurrent.PlayPromise$$anonfun$extend1$1.apply(Promise.scala:113) [play_2.10.jar:2.1.0]
at play.api.libs.concurrent.PlayPromise$$anonfun$extend1$1.apply(Promise.scala:113) [play_2.10.jar:2.1.0]
java.lang.IllegalArgumentException: Invalid salt version
at org.mindrot.jbcrypt.BCrypt.hashpw(BCrypt.java:664) ~[jbcrypt-0.3m.jar:na]
at org.mindrot.jbcrypt.BCrypt.checkpw(BCrypt.java:763) ~[jbcrypt-0.3m.jar:na]
at model.operations.DistrictOperations.authenticate(DistrictOperations.java:24) ~[na:na]
at controllers.Application.authenticateDistrict(Application.java:26) ~[na:na]
at Routes$$anonfun$routes$1$$anonfun$applyOrElse$2$$anonfun$apply$2.apply(routes_routing.scala:133) ~[na:na]
at Routes$$anonfun$routes$1$$anonfun$applyOrElse$2$$anonfun$apply$2.apply(routes_routing.scala:133) ~[na:na]

I’m using following maven repository: http://mvnrepository.com/artifact/org.mindrot/jbcrypt/0.3m

My code is based on the documentation, thus

district.setPassword(BCrypt.hashpw(json.findPath("password").getTextValue(), BCrypt.gensalt()));    

For saving the password (I’m also checking the password for being null)

BCrypt.checkpw(password, d.getPassword());

For checking if the entered password is correct, where password is String and d.getPassword() is hashed password.

I don’t know if this is relevant information, but to be precise I’m using hibernate for ORM and PostgreSQL 8.4 as DB.

I’m kind of stuck in here so I’m asking if anyone could help me out. Than you very much in advance.

Answer

I’m very sorry for bothering with this question. I had just one bug in the code that was saving plain string to the DB instead of the BCrypted one. It was whole called from some other part of code.



Source: stackoverflow