Code Monkey home page Code Monkey logo

jhashlib's Introduction

jhashlib

A java convenience wrapper for low level hashing functionality

Dependencies:

Using jhashlib

Currently there are two hashing functions available: SHA-256 and PBKDF2-with-HMAC-SHA-256. SHA-256 might be used for any large data that does not need to be stored securely. PBKDF2-with-HMAC-SHA-256 should be used for storing secured hashes eg. of passwords in a database. This is a quite reasonable security directive (but as always: nothing ever is 100% secure).

To generate a SHA-256 hash use:

SHA256Hash hash = SHA256HashBuilder.buildHash("Hello World");
byte[] raw = hash.getHash();
assert hash.getBuilder().getClass() == SHA256.class;

To generate a SHA-256 hash of large data use:

SHA256HashBuilder b = new SHA256HashBuilder();
b.update("Hello");
b.update(" World");
SHA256Hash hash = b.hash();
b.reset();
SHA256Hash hash2 = b.hash("Hello World");
assert hash.equals(hash2);

To generate a PBKDF2-with-HMAC-SHA-256 hash use:

PBKDF2WithHmacSHA256HashBuilder b = new PBKDF2WithHmacSHA256HashBuilder(
  SecureHashBuilder.buildSalt( 64 ), /* the salt to vary the hash with. here this salt is securely randomly generated */
  500000 /* the iterations to repeatedly compute the hash to harden against brute-force-dehashing */
);
PBKDF2WithHmacSHA256Hash record = b.hash( "my very secure password" );
// save record.getRaw(), record.getSalt() and record.getIterations() to database
// recompute the database record from time to time when user logs in with a different salt to protect against data breaches
// also increase the iterations slightly to keep up with increasing hardware capabilities

To check a second PBKDF2-with-HMAC-SHA-256 hash against a first one (eg for user login) use:

PBKDF2WithHmacSHA256HashBuilder b = new PBKDF2WithHmacSHA256Hash( saltFromDatabase, iterationsFromDatabase );
PBKDF2WithHmacSHA256Hash testHash = b.hash( "password user tries to login with" );
if ( testHash.equals( rawHashFromDatabase ) ) {
    // login correct
} else {
    // deny access
}

jhashlib's People

Contributors

trensetim avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.