Cuba offers two encryption type out of the box (md5 and sha1). Since they are not very secure I would like to use BCrypt for encrypting my password.
This can be done by implementing my own EncryptionModule ([https://github.com/cuba-platform/cuba/blob/8836668c2fd0ffa88f2e91b9df6f64565c28b983/modules/global/src/com/haulmont/cuba/core/sys/encryption/EncryptionModule.java]). After implementing the different get*Hash()-methods I am now stuck with the checkPassword method:
EncryptionModule.checkPassword(User user, String givenPassword);
I expected that givenPassword would be the plain text password that the user entered. Actually it the givenPassword is already encrypted. My problem is that I need he plain text password and the previously encrypted password to check if they are equal.
(see spring security implementation: [https://github.com/spring-projects/spring-security/blob/master/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.java])
How can I implement BCrypt for password encryption in cuba?