当前位置:theitroad>Java SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512") 抛出 NoSuchAlgorithmException

Java SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512") 抛出 NoSuchAlgorithmException

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/20807647/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-13 04:29:14  来源:igfitidea点击:

SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512") throws NoSuchAlgorithmException

javaalgorithmsecuritysha

提问by Fahadalkadhi95

After a little bit of research and some work I finally was able to hash salt the password now there is a question which is on my mind I have used the SHA1 method and I would like to try to use the SHA512 because I was told it's better (more secure) so the following is my code its a little bit all over the place but I think its comprehensible so:

经过一些研究和一些工作,我终于能够对密码进行哈希处理,现在我想到了一个问题,我使用了 SHA1 方法,我想尝试使用 SHA512,因为有人告诉我它更好(更安全)所以以下是我的代码,它到处都是,但我认为它是可以理解的:

public class Safety
{
   //calling some parameters for possible later changes
   public static final String algorithm = "PBKDF2WithHmacSHA1";
   public static final int saltbytesize = 24;
   public static final int hashbytesize = 24;
   public static final int iterations = 1000;
   public static final int iIndex = 0;
   public static final int sIndex = 1;
   public static final int pbkIndex = 2;

   public static Users passwordHash(Users user) throws NoSuchAlgorithmException,
                                                       InvalidKeySpecException
   {
      SecureRandom sR = new SecureRandom();

      byte[] pws = new byte[saltbytesize];

      sR.nextBytes(pws);
      byte[] pwh = pbkdf2(user.getPassword().toCharArray(), pws, iterations, hashbytesize);

      user.setPassword(toHex(pwh));

      byte[] sas = new byte[saltbytesize];

      sR.nextBytes(sas);

      byte[] sah = pbkdf2(user.getsA().toCharArray(), sas, iterations, hashbytesize);

      user.setsA(toHex(sah));

      user.setUserhash(pws);

      user.setSahash(sas);

      return user;
   }

   public static boolean hashpassword(String username, String password, Users user)
   throws NoSuchAlgorithmException,
          InvalidKeySpecException
   {
      byte[] pws = user.getUserhash();

      byte[] pwh = pbkdf2(password.toCharArray(), pws, iterations, hashbytesize);

      String searcher = toHex(pwh) + username;

      String searched = user.getPassword() + user.getUsername();

      if (searcher.equals(searched))
      {
         return true;
      }
      return false;
   }

   private static byte[] pbkdf2(char[] password, byte[] salt,
                                int iterations, int bytes)
      throws NoSuchAlgorithmException, InvalidKeySpecException
   {
      PBEKeySpec spec = new PBEKeySpec(password, salt, iterations, bytes * 8);
      SecretKeyFactory skf = SecretKeyFactory.getInstance(algorithm);
      return skf.generateSecret(spec).getEncoded();
   }

   private static String toHex(byte[] array)
   {
      BigInteger bi = new BigInteger(1, array);

      String hex = bi.toString(16);

      int paddingLength = (array.length * 2) - hex.length();

      if (paddingLength > 0)
         return String.format("%0" + paddingLength + "d", 0) + hex;
      else
         return hex;
   }
}

So that's my code, however, I have not been able to make that SHA512 and I have already tried public static final String algorithm = "PBKDF2WithHmacSHA512"but that doesn't seem to be the right string for the algorithm since it throws the no such algorithm exception.

所以这就是我的代码,但是,我无法制作那个 SHA512,我已经尝试过了,public static final String algorithm = "PBKDF2WithHmacSHA512"但这似乎不是算法的正确字符串,因为它抛出了没有这样的算法异常。

I also welcome any changes that would make the code better.

我也欢迎任何可以使代码更好的更改。

as stated above! relevant few line(s) of code

如上所述!相关的几行代码

public static final String algorithm = "PBKDF2WithHmacSHA512"<<<<<

public static final String algorithm = "PBKDF2WithHmacSHA512"<<<<<

采纳答案by Javier

That is not possible out of the box

这是不可能的开箱即用

The OpenJDK implementation does only provide a PBKDF2HmacSHA1Factory.javawhich has the "HmacSHA1" digest harcoded. As far as I tested, the Oracle JDK is not different in that sense.

OpenJDK 实现只提供了一个PBKDF2HmacSHA1Factory.java,其中包含硬编码的“HmacSHA1”摘要。据我测试,Oracle JDK 在这个意义上没有什么不同。

What you have to do is derive the PBKDF2HmacSHA1Factory(come on, it is open!) and add a parameter to its constructor. You may avoid the mess of creating your own Provider, and just initialize and use your factory as follows:

您需要做的是派生PBKDF2HmacSHA1Factory(来吧,它是开放的!)并向其构造函数添加一个参数。您可以避免创建自己的混乱Provider,只需初始化并使用您的工厂,如下所示:

PBKDF_SecretKeyFactory kf = new PBKDF_SecretKeyFactory("HmacSHA512");
KeySpec ks = new PBEKeySpec(password,salt,iterations,bitlen);
byte key[] = kf.engineGenerateSecret(ks).getEncoded();

相关推荐

如何在 Java 中绘制一个正好位于小程序窗口中心的实心方框?

如何在 Java 中绘制一个正好位于小程序窗口中心的实心方框?

Java 如何检查 JButton 是否被按下?如果 isEnable() 不起作用?

Java 如何检查 JButton 是否被按下?如果 isEnable() 不起作用?

是否可以只在顶部有一个 java 摆动边框?

是否可以只在顶部有一个 java 摆动边框?

Java 如何使用带有@SerializedName 注释的 gson 进行序列化?

Java 如何使用带有@SerializedName 注释的 gson 进行序列化?

相关推荐
最近更新
标签