Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated PBKDF2 algorithm to 'PBKDF2WithHmacSHA256' #6

Closed
wants to merge 5 commits into from
Closed

Updated PBKDF2 algorithm to 'PBKDF2WithHmacSHA256' #6

wants to merge 5 commits into from

Conversation

prskr
Copy link

@prskr prskr commented Dec 27, 2017
edited
Loading

Adopted change in unit tests and added an additional test to ensure that the required rehashing is detected correctly.

Marked PasswordImpl as package local as it should be instantiated by the PasswordFactory and there's no reason to make it public.

Set JDK version to 1.8 to be able to use 'PBKDF2WithHmacSHA256'.
'PBKDF2WithHmacSHA1' might not be the best solution anymore due to known security vulnerabilities in SHA1.

Updated SecureSaltProvider to use specific PRNG on Windows.

Introduced base class for PBKDF2 implementations to avoid code duplications.

@phxql phxql self-assigned this Dec 28, 2017
@phxql
Copy link
Contributor

phxql commented Jan 22, 2018

PBKDF2 with SHA-256 is unfortunately not supported on Android. I took some changes (update of dependency versions, the dependency plugin and the SecureHash code for windows) and merged them in the master. I also created the issue #7 to think about multiple sets of hash algorithms per platform.

Thanks for the code!

@phxql phxql closed this Jan 22, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@phxql phxql

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@prskr @phxql