@Override public boolean check (String seed, String secret, String hash) throws Exception { byte[] b = Base64.decode(hash); byte[] salt = new byte[ONE.getSalt().length]; System.arraycopy (b, 1, salt, 0, salt.length); String computedHash = ONE.hash(seed, secret, ONE.getSalt(salt)); return computedHash.equals(hash); }
public byte[] getSalt(byte[] salt) { return ISOUtil.xor(salt, getSalt()); }
@Override public String hash (String seed, String secret, byte[] salt) throws Exception { if (salt == null) { System.out.println ("-- generated salt --"); salt = ONE.genSalt(); } SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); PBEKeySpec spec = new PBEKeySpec(secret.toCharArray(), salt, ONE.iterations, ONE.keylength); return org.bouncycastle.util.encoders.Base64.toBase64String( Arrays.concatenate( new byte[]{HashVersion.ONE.getVersion()}, ONE.getSalt(salt), skf.generateSecret(spec).getEncoded()) ); }
private void setV1Password (User u, String clearpass) throws Exception { assertNotNull(clearpass, "Invalid password"); u.setPasswordHash(HashVersion.ONE.hash(Long.toString(u.getId(),16), clearpass, HashVersion.ONE.getSalt())); }
c.setId(id); c.setUser(u); c.setHash(HashVersion.ONE.hash(Long.toString(c.getUser().getId(),16), secret, HashVersion.ONE.getSalt())); db.session().save(c); if (rr != null)
public void saveEntity () { Consumer c = getInstance(); if (getBinder().writeBeanIfValid(c)) { c.setUser(this.selectedUser); String sk = "?"; try{ sk = Base64.toBase64String(generateKey().getEncoded()); c.setHash(HashVersion.ONE.hash(Long.toString(c.getUser().getId(),16), sk, HashVersion.ONE.getSalt())); } catch (Exception e) { getApp().getLog().error(e); } getApp().addWindow(new ConfirmDialog( getApp().getMessage("secretTitle"), getApp().getMessage("secretDescription", sk), getApp().getMessage("secretConfirm"), getApp().getMessage("cancel"), confirm -> { if (confirm) { super.saveEntity(); } })); } }