/** * Returns PBK2DF2 hash. */ public static HashEngine pbk2() { final PBKDF2Hash pbkdf2Hash = new PBKDF2Hash(); return new HashEngine() { @Override public String hash(final String input) { return pbkdf2Hash.createHash(input); } @Override public boolean check(final String input, final String hash) { return pbkdf2Hash.validatePassword(input, hash); } }; }
@Override public String hash(final String input) { return pbkdf2Hash.createHash(input); }
@Override public boolean check(final String input, final String hash) { return pbkdf2Hash.validatePassword(input, hash); } };
/** * Validates a password using a hash. * * @param password the password to check * @param goodHash the hash of the valid password * @return true if the password is correct, false if not */ public boolean validatePassword(final char[] password, final String goodHash) { // Decode the hash into its parameters String[] params = goodHash.split(":"); int iterations = Integer.parseInt(params[ITERATION_INDEX]); byte[] salt = fromHex(params[SALT_INDEX]); byte[] hash = fromHex(params[PBKDF2_INDEX]); // Compute the hash of the provided password, using the same salt, // iteration count, and hash length byte[] testHash = pbkdf2(password, salt, iterations, hash.length); // Compare the hashes in constant time. The password is correct if // both hashes match. return slowEquals(hash, testHash); }
@Test void simpleTest() { PBKDF2Hash pbkdf2Hash = new PBKDF2Hash(); String hash = pbkdf2Hash.createHash("secret"); assertFalse(pbkdf2Hash.validatePassword("bad", hash)); assertTrue(pbkdf2Hash.validatePassword("secret", hash)); } }
/** * Returns a salted PBKDF2 hash of the password. * * @param password the password to hash * @return a salted PBKDF2 hash of the password */ public String createHash(final char[] password) { // Generate a random salt SecureRandom random = new SecureRandom(); byte[] salt = new byte[saltBytes]; random.nextBytes(salt); // Hash the password byte[] hash = pbkdf2(password, salt, pbkdf2Iterations, hashBytes); // format iterations:salt:hash return pbkdf2Iterations + ":" + StringUtil.toHexString(salt) + ":" + StringUtil.toHexString(hash); }
/** * Validates a password using a hash. * * @param password the password to check * @param goodHash the hash of the valid password * @return true if the password is correct, false if not */ public boolean validatePassword(final char[] password, final String goodHash) { // Decode the hash into its parameters String[] params = goodHash.split(":"); int iterations = Integer.parseInt(params[ITERATION_INDEX]); byte[] salt = fromHex(params[SALT_INDEX]); byte[] hash = fromHex(params[PBKDF2_INDEX]); // Compute the hash of the provided password, using the same salt, // iteration count, and hash length byte[] testHash = pbkdf2(password, salt, iterations, hash.length); // Compare the hashes in constant time. The password is correct if // both hashes match. return slowEquals(hash, testHash); }
/** * Returns a salted PBKDF2 hash of the password. * * @param password the password to hash * @return a salted PBKDF2 hash of the password */ public String createHash(final char[] password) { // Generate a random salt SecureRandom random = new SecureRandom(); byte[] salt = new byte[saltBytes]; random.nextBytes(salt); // Hash the password byte[] hash = pbkdf2(password, salt, pbkdf2Iterations, hashBytes); // format iterations:salt:hash return pbkdf2Iterations + ":" + StringUtil.toHexString(salt) + ":" + StringUtil.toHexString(hash); }
/** * Validates a password using a hash. * * @param password the password to check * @param goodHash the hash of the valid password * @return true if the password is correct, false if not */ public boolean validatePassword(final String password, final String goodHash) { return validatePassword(password.toCharArray(), goodHash); }
/** * Returns a salted PBKDF2 hash of the password. * * @param password the password to hash * @return a salted PBKDF2 hash of the password */ public String createHash(final String password) { return createHash(password.toCharArray()); }
/** * Returns PBK2DF2 hash. */ public static HashEngine pbk2() { final PBKDF2Hash pbkdf2Hash = new PBKDF2Hash(); return new HashEngine() { @Override public String hash(final String input) { return pbkdf2Hash.createHash(input); } @Override public boolean check(final String input, final String hash) { return pbkdf2Hash.validatePassword(input, hash); } }; }
@Override public boolean check(final String input, final String hash) { return pbkdf2Hash.validatePassword(input, hash); } };
@Override public String hash(final String input) { return pbkdf2Hash.createHash(input); }
/** * Validates a password using a hash. * * @param password the password to check * @param goodHash the hash of the valid password * @return true if the password is correct, false if not */ public boolean validatePassword(final String password, final String goodHash) { return validatePassword(password.toCharArray(), goodHash); }
/** * Returns a salted PBKDF2 hash of the password. * * @param password the password to hash * @return a salted PBKDF2 hash of the password */ public String createHash(final String password) { return createHash(password.toCharArray()); }