Added SHA-512 password hashing. Closes #16

src/main/java/businessLogic/BlFacadeImplementation.java

@@ -1,5 +1,9 @@
 package businessLogic;
 
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
@@ -27,9 +31,9 @@ public class BlFacadeImplementation implements BlFacade {
 
 	DataAccess dbManager;
 	ConfigXML config = ConfigXML.getInstance();
-	//Regular Expression for checking email format:
+	// Regular Expression for checking email format:
 	private String emailRegEx = new String("^\\w+@\\w+\\.[a-z]{2,3}$");
-	//Minum length for password:
+	// Minimum length for password:
 	private final int MINIMUM_PSW_LENGHT = 6;
 
 	public BlFacadeImplementation()  {		
@@ -170,12 +174,45 @@ public void register(String username, String firstName, String lastName, String
 			Date birthdate = myformat.parse(day + "-" + month + "-" + year);
 			if(UtilDate.isUnderage(birthdate)) throw new UnderageRegistrationException();
 
-			//Persist:
-			dbManager.register(username, firstName, lastName, address, email, password, birthdate);
+			// Generate a random salt
+			byte[] salt = generateSalt();
+			byte[] hashedPassword = hashPassword(password, salt);
+
+			dbManager.register(username, firstName, lastName, address, email, hashedPassword, birthdate, salt);
 		} catch (ParseException e) {
 			throw new InvalidDateException();
 		} finally {
 			dbManager.close();
 		}
 	}
+
+	/**
+	 * Hashes the passed password with the given salt.
+	 * It uses SHA-512 algorithm.
+	 * @param salt the salt used to hash the password.
+	 * @return the hashed password.
+	 */
+	public byte[] hashPassword(String password, byte[] salt) {
+		byte[] hashedPassword = null;
+		try {
+			MessageDigest md = MessageDigest.getInstance("SHA-512");
+			md.update(salt);
+			hashedPassword = md.digest(password.getBytes(StandardCharsets.UTF_8));
+		} catch (NoSuchAlgorithmException e) {
+			e.printStackTrace();
+		}
+
+		return hashedPassword;
+	}
+
+	/**
+	 * Generates a random salt for later use in password hashing.
+	 * @return a random salt.
+	 */
+	public byte[] generateSalt() {
+		SecureRandom random = new SecureRandom();
+		byte[] salt = new byte[16];
+		random.nextBytes(salt);
+		return salt;
+	}
 }

src/main/java/dataAccess/DataAccess.java

@@ -278,18 +278,18 @@ public boolean existQuestion(Event event, String question) {
 	 * @param lastName User's las name.
 	 * @param address User's current bill home address.
 	 * @param email User's email.
-	 * @param password User's password
-	 * @param confirmPassword User's confirmation password.
+	 * @param password User's hashed password.
 	 * @param birthdate The birthday date of the user.
+	 * @param salt The salt used in password hashing.
 	 */
-	public void register(String username, String firstName, String lastName, String address, String email, String password, Date birthdate)
+	public void register(String username, String firstName, String lastName, String address, String email, byte[] hashedPassword, Date birthdate, byte[] salt)
 	{
-			db.getTransaction().begin();
-			User newUser = new User(username, firstName, lastName,
-					birthdate, address, password, email, 1);
-			db.persist(newUser);
-			db.getTransaction().commit();
-			System.out.println(newUser + " has been saved");
+		db.getTransaction().begin();
+		User newUser = new User(username, firstName, lastName,
+				birthdate, address, hashedPassword, email, salt, 1);
+		db.persist(newUser);
+		db.getTransaction().commit();
+		System.out.println(newUser + " has been saved");
 	}
 
 	public void storeEvent(String description, Date eventDate) {

src/main/java/domain/User.java

@@ -21,8 +21,9 @@ public class User {
 	private String lastName;
 	private Date birthdate;
 	private String address;
-	private String password;
+	private byte[] password;
 	private String email;
+	private byte[] salt; // salt used in password hashing
 	private int userMode; // 0 => guest, 1 => logged user, 2 => administrator
 
 	/**
@@ -32,19 +33,21 @@ public class User {
 	 * @param lastName user's last name.
 	 * @param birthdate user's birth date.
 	 * @param address user's address.
-	 * @param password user's password.
+	 * @param password user's password hashed.
 	 * @param email user's email.
+	 * @param salt the salt used in password hashing.
 	 * @param userMode user's userMode
 	 */
 	public User(String username, String firstName, String lastName,
-			Date birthdate, String address, String password, String email, int userMode) {
+			Date birthdate, String address, byte[] password, String email, byte[] salt, int userMode) {
 		this.username = username;
 		this.firstName = firstName;
 		this.lastName = lastName;
 		this.birthdate = birthdate;
 		this.address = address;
 		this.password = password;
-		this.setEmail(email);
+		this.email = email;
+		this.salt = salt;
 		this.userMode = userMode;
 	}
 
@@ -108,15 +111,15 @@ public void setAddress(String address) {
 	 * Getter for user's password.
 	 * @return user's password.
 	 */
-	public String getPassword() {
+	public byte[] getPassword() {
 		return password;
 	}
 
 	/**
 	 * Setter for user's password.
 	 * @param password user's password.
 	 */
-	public void setPassword(String password) {
+	public void setPassword(byte[] password) {
 		this.password = password;
 	}
 

src/main/java/gui/WelcomeGUI.java

@@ -74,16 +74,17 @@ public WelcomeGUI() {
 	 * Initializes all the components.
 	 */
 	private void jbInit() {
+
+		// Initialize components
+		initializeWelcomePane();
+
 		setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
 		setBounds(100, 100, 354, 339);
 		contentPane.setBackground(Color.WHITE);
 		contentPane.setBorder(new EmptyBorder(5, 5, 5, 5));
 		setContentPane(contentPane);
 		welcomeLabel.setFont(new Font("Tahoma", Font.PLAIN, 24));
 
-		// Initialize components
-		initializeWelcomePane();
-
 		// Group layout code
 		GroupLayout gl_contentPane = new GroupLayout(contentPane);
 		gl_contentPane.setHorizontalGroup(