Reliable implementation of PBKDF2-HMAC-SHA256 for JAVA
UPDATED 2019: Bouncycastle now support PBKDF2-HMAC-SHA256 since bouncycastle 1.60
Is there any reliable implementation of PBKDF2-HMAC-SHA256 f
-
It is available in Java 8:
public static byte[] getEncryptedPassword( String password, byte[] salt, int iterations, int derivedKeyLength ) throws NoSuchAlgorithmException, InvalidKeySpecException { KeySpec spec = new PBEKeySpec( password.toCharArray(), salt, iterations, derivedKeyLength * 8 ); SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); return f.generateSecret(spec).getEncoded(); }讨论(0) -
Using spongycastle (java on android)
Replace spongycastle with bouncycastle if you are using bouncycastle on java directly
import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator; import org.spongycastle.crypto.digests.SHA256Digest; import org.spongycastle.crypto.params.KeyParameter; public class Crypto { public String pbkdf2(String secret, String salt, int iterations, int keyLength) { PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest()); byte[] secretData = secret.getBytes(); byte[] saltData = salt.getBytes(); gen.init(secretData, saltData, iterations); byte[] derivedKey = ((KeyParameter)gen.generateDerivedParameters(keyLength * 8)).getKey(); return toHex(derivedKey); } private static String toHex(byte[] bytes) { BigInteger bi = new BigInteger(1, bytes); return String.format("%0" + (bytes.length << 1) + "x", bi); } }讨论(0) -
Using BouncyCastle classes directly:
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest()); gen.init("password".getBytes("UTF-8"), "salt".getBytes(), 4096); byte[] dk = ((KeyParameter) gen.generateDerivedParameters(256)).getKey();讨论(0)
加载中...
- 热议问题