Java tutorial
/* * Copyright (C) 2016 Ilmo Euro <ilmo.euro@gmail.com> * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ package fi.ilmoeuro.membertrack.util; import java.nio.charset.StandardCharsets; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.Hex; /** * * @author Ilmo Euro <ilmo.euro@gmail.com> */ public class Crypto { public static String hash(String candidate, String salt) { try { SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); KeySpec ks = new PBEKeySpec(candidate.toCharArray(), salt.getBytes(StandardCharsets.US_ASCII), 1024, 128); SecretKey sk = skf.generateSecret(ks); Key k = new SecretKeySpec(sk.getEncoded(), "AES"); return Hex.encodeHexString(k.getEncoded()); } catch (NoSuchAlgorithmException | InvalidKeySpecException ex) { throw new RuntimeException("Error while hashing", ex); } } public static String randomSalt() { byte[] randomBytes = new byte[32]; SecureRandom random = new SecureRandom(); random.nextBytes(randomBytes); String salt = Hex.encodeHexString(randomBytes); return salt; } }