com.hissenit.crypto.compacthashing

Class CompactPasswordHash

java.lang.Object

com.hissenit.crypto.compacthashing.CompactPasswordHash

public class CompactPasswordHash
extends java.lang.Object

PBKDF2 based implementation for secure and compact password hashes.

!!! WARNING !!! Do NEVER use the same Secret of a user for both CompactPasswordKey AND CompactPasswordHash. You would store the hash and hence the encryption key in plain text!

If you use CompactPasswordKey, you can use the checksum option (CompactPasswordKey.isPasswordValid()) to immediately check if a user provided the correct/valid password.

This class solely applies for secure user password hashes of applications which do not require encryption!

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CompactPasswordHash.GenerationParametersCPH None of these parameters have to be set, defaults will be used instead for each single parameter being not set.

Method Summary

Methods

Modifier and Type	Method and Description
static CompactPasswordHash.GenerationParametersCPH	createParameters() Create an empty parameters object to set single parameters that shall be changed from defaults
static CompactPasswordHash.GenerationParametersCPH	createParameters(java.lang.String hmacAlgorithm, int hashLengthInBytes, int saltLengthInBytes, int iterationCount) None of these parameters have to be set, defaults will be used instead for each single parameter being not set.
static CompactPasswordHash	generateHash(Secret passwordOrSecret)
static CompactPasswordHash	generateHash(Secret passwordOrSecret, CompactPasswordHash.GenerationParametersCPH parameters)
byte[]	getHashInBytes()
java.lang.String	getHMACAlgorithm()
int	getIterationCount()
byte[]	getSaltInBytes()
static CompactPasswordHash	newInstance() Creates an uninitialized hash object.
void	readFromBase64(java.lang.String base64)
void	readFromBytes(byte[] bytes)
void	readFromHex(java.lang.String hex)
boolean	verifyPassword(Secret password)
java.lang.String	writeToBase64()
byte[]	writeToBytes()
java.lang.String	writeToHex()

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getHashInBytes

public byte[] getHashInBytes()

getSaltInBytes

public byte[] getSaltInBytes()

getIterationCount

public int getIterationCount()

getHMACAlgorithm

public java.lang.String getHMACAlgorithm()

writeToBytes

public byte[] writeToBytes()

writeToBase64

public java.lang.String writeToBase64()

writeToHex

public java.lang.String writeToHex()

readFromBytes

public void readFromBytes(byte[] bytes)

readFromBase64

public void readFromBase64(java.lang.String base64)

readFromHex

public void readFromHex(java.lang.String hex)

verifyPassword

public boolean verifyPassword(Secret password)

generateHash

public static final CompactPasswordHash generateHash(Secret passwordOrSecret)

generateHash

public static final CompactPasswordHash generateHash(Secret passwordOrSecret,
                               CompactPasswordHash.GenerationParametersCPH parameters)

newInstance

public static final CompactPasswordHash newInstance()

Creates an uninitialized hash object. The hash has to be loaded by one of the read* methods.

Returns:

empty instance, one of the read* methods has to be used to initialize the instance

createParameters

public static final CompactPasswordHash.GenerationParametersCPH createParameters()

Create an empty parameters object to set single parameters that shall be changed from defaults

createParameters

public static final CompactPasswordHash.GenerationParametersCPH createParameters(java.lang.String hmacAlgorithm,
                                                           int hashLengthInBytes,
                                                           int saltLengthInBytes,
                                                           int iterationCount)

None of these parameters have to be set, defaults will be used instead for each single parameter being not set.