/** * Set the user name password hash. A random salt is generated as well. * The parameter is filled with zeros after use. * * @param userPasswordHash the user name password hash */ public void setUserPasswordHash(byte[] userPasswordHash) { if (userPasswordHash != null) { if (userPasswordHash.length == 0) { salt = passwordHash = userPasswordHash; } else { salt = new byte[Constants.SALT_LEN]; MathUtils.randomBytes(salt); passwordHash = SHA256.getHashWithSalt(userPasswordHash, salt); } } this.userPasswordHash = userPasswordHash; }
/** * Check the password of this user. * * @param userPasswordHash the password data (the user password hash) * @return true if the user password hash is correct */ public boolean validateUserPasswordHash(byte[] userPasswordHash) { if (userPasswordHash.length == 0 && passwordHash.length == 0) { return true; } if (userPasswordHash.length == 0) { userPasswordHash = SHA256.getKeyPasswordHash(getName(), new char[0]); } byte[] hash = SHA256.getHashWithSalt(userPasswordHash, salt); return Utils.compareSecure(hash, passwordHash); }
protected void initKey(byte[] salt) { key = SHA256.getHashWithSalt(key, salt); for (int i = 0; i < keyIterations; i++) { key = SHA256.getHash(key, true); } cipher.setKey(key); key = SHA256.getHash(key, true); cipherForInitVector.setKey(key); }
private byte[] calculateLobMac(long lobId) { byte[] lobMacSalt = null; if (session != null) { lobMacSalt = session.getLobMacSalt(); } if (lobMacSalt == null) { lobMacSalt = MathUtils.secureRandomBytes(LOB_MAC_SALT_LENGTH); if (session != null) { session.setLobMacSalt(lobMacSalt); } } byte[] data = new byte[8]; Utils.writeLong(data, 0, lobId); byte[] hmacData = SHA256.getHashWithSalt(data, lobMacSalt); return hmacData; }