无效的盐修订时，比较的Python生成的散列与Java中的原始密码(Invalid salt rev

所以我创建存储用户信息和他们的哈希密码，这是使用使用Python脚本哈希数据库bcrypt模块。

现在登录使用我的Java客户端，我现在用的是JBCrypt包括在我的IntelliJ项目Maven的依赖库。据检索散列和数据库连接的作品完美，唯一的问题是，它抛出这个错误：

Exception in thread "AWT-EventQueue-0" java.lang.IllegalArgumentException: Invalid salt revision
    at org.mindrot.jbcrypt.BCrypt.hashpw(BCrypt.java:671)
    at org.mindrot.jbcrypt.BCrypt.checkpw(BCrypt.java:763)
    at mypackage.Login.validateUser(Login.java:81)
    at mypackage.Login.actionPerformed(Login.java:63)
    at java.desktop/javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:1967)
    at java.desktop/javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2308)
    at java.desktop/javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:405)
    at java.desktop/javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:262)
    at java.desktop/javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:269)
    at java.desktop/java.awt.Component.processMouseEvent(Component.java:6578)
    at java.desktop/javax.swing.JComponent.processMouseEvent(JComponent.java:3343)
    at java.desktop/java.awt.Component.processEvent(Component.java:6343)
    at java.desktop/java.awt.Container.processEvent(Container.java:2259)
    at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:4961)
    at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2317)
    at java.desktop/java.awt.Component.dispatchEvent(Component.java:4793)
    at java.desktop/java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4904)
    at java.desktop/java.awt.LightweightDispatcher.processMouseEvent(Container.java:4539)
    at java.desktop/java.awt.LightweightDispatcher.dispatchEvent(Container.java:4480)
    at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2303)
    at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2758)
    at java.desktop/java.awt.Component.dispatchEvent(Component.java:4793)
    at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:766)
    at java.desktop/java.awt.EventQueue.access$500(EventQueue.java:97)
    at java.desktop/java.awt.EventQueue$3.run(EventQueue.java:717)
    at java.desktop/java.awt.EventQueue$3.run(EventQueue.java:711)
    at java.base/java.security.AccessController.doPrivileged(Native Method)
    at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:89)
    at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:99)
    at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:739)
    at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:737)
    at java.base/java.security.AccessController.doPrivileged(Native Method)
    at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:89)
    at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:736)
    at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:199)
    at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
    at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
    at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
    at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
    at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)

对于检查代码如下：

String dbHash = results.getString("password");
System.out.println(dbHash);
boolean result = BCrypt.checkpw(new String(passwordField.getPassword()), dbHash);

编辑：从Python脚本模块的哈希密码和密码原的一个例子是如下：

Raw:    zO/15;w|c'*uftH)
Hashed: $2b$12$7Y4ZmORuoH0dziYSg8dpd.PfvWQx2QPcoiRoGWg.HKfhuN6evEZnO

**编辑：**我已经注意到它是因为JBCrypt似乎不支持任何大于$2a哈希值。我找不到bcrypt的Python模块文件，所以我不能确定我是否可以使用$2a在Python代码哈希值。

Answer 1:

问题是有问题JBCrypt 。它已经过时（它只能验证$2a哈希值。

因此，要解决这个问题，我不得不改变Python脚本生成它采用了盐$2a前缀：

可调前缀
的bcrypt的功能另外一个是可调节的前缀，让你定义什么库，你会保持兼容。调整此，通过其中2a或2b（默认值），以bcrypt.gensalt（前缀= B“2B”），为字节对象。
https://pypi.python.org/pypi/bcrypt/3.1.0

Answer 2:

从源代码，它似乎异常从哪里来检查哈希密码的格式：

    if (salt.charAt(0) != '$' || salt.charAt(1) != '2')
        throw new IllegalArgumentException ("Invalid salt version");
    if (salt.charAt(2) == '$')
        off = 3;
    else {
        minor = salt.charAt(2);
        if (minor != 'a' || salt.charAt(3) != '$')
            throw new IllegalArgumentException ("Invalid salt revision");
        off = 4;
    }

所以我的猜测是， dbHash出于某种原因不匹配的格式。无论它是由一个不兼容的版本生成。或者，它实际上是不散列。或空。