/** * Sets a ordered list of nonces where each position corresponds to a version. * * The nonces are supposed not to be stored in the underlying jdbc storage but to * be provided as a application configuration. The idea is to add one extra variable * to the hash function in order to make breaking the passwords using rainbow tables * or precomputed hashes harder. Leaving the attacker only with the brute force * approach. * * Nonces are dependent on the implementation. E.g.: for the SHA512 they are extra salt * used during the hashing, for the PBKDF2 they map the number of iterations the algorithm * should take * @param nonces a json array. */ public void setNonces(JsonArray nonces) { delegate.setNonces(nonces); }
/** * Sets a ordered list of nonces where each position corresponds to a version. * * The nonces are supposed not to be stored in the underlying jdbc storage but to * be provided as a application configuration. The idea is to add one extra variable * to the hash function in order to make breaking the passwords using rainbow tables * or precomputed hashes harder. Leaving the attacker only with the brute force * approach. * * Nonces are dependent on the implementation. E.g.: for the SHA512 they are extra salt * used during the hashing, for the PBKDF2 they map the number of iterations the algorithm * should take * @param nonces a json array. */ public void setNonces(JsonArray nonces) { delegate.setNonces(nonces); }
public static void setNonces(io.vertx.ext.auth.jdbc.JDBCHashStrategy j_receiver, java.util.List<Object> nonces) { j_receiver.setNonces(nonces != null ? io.vertx.core.impl.ConversionHelper.toJsonArray(nonces) : null); } }
@Test public void createHashTestWithVersion() { JDBCHashStrategy strategy = new PBKDF2Strategy(vertx); strategy.setNonces(new JsonArray().add(1000)); String hashedPassword = strategy.computeHash("Paulo", "123456", 0); assertTrue(JDBCHashStrategy.isEqual("39698770CC0B0B0553E9B74216FAE2C7C31B81D40940FA50601D7998B81820F86CEE7CD84CC1D06D06D832C5BACA45D3215F6B0F3F484931AE846915449BF72F$0", hashedPassword)); }
@Test public void createHashAppleStyleTest() { JDBCHashStrategy strategy = new PBKDF2Strategy(vertx); strategy.setNonces(new JsonArray().add(1).add(10000)); String hashedPassword = strategy.computeHash("Paulo", "123456", 1); assertTrue(JDBCHashStrategy.isEqual("3EF08FDF601E24F9D9DF99F2A199A563E1EB4C8C467D61962B9526001EF6FA9F31C2F89FCA7690CF022E11AF89DA8BFD4D18E8A0FC888A745C8DD7AAB92A359B$1", hashedPassword)); } }