List of usage examples for org.apache.shiro.crypto.hash DefaultHashService setHashIterations
public void setHashIterations(int count)
From source file:CryptoTest.java
License:Apache License
@Test public void test_hashingService() { log.info("*** test_hashingService ***"); final DefaultHashService hashService = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator(); secureRandomNumberGenerator.setDefaultNextBytesSize(64); final ByteSource privateSalt = secureRandomNumberGenerator.nextBytes(); final ByteSource publicSalt = secureRandomNumberGenerator.nextBytes(); log.info("privateSalt .length = {}", privateSalt.getBytes().length); hashService.setHashAlgorithmName("SHA-512"); hashService.setHashIterations(1024 * 64); hashService.setPrivateSalt(privateSalt); hashService.setRandomNumberGenerator(secureRandomNumberGenerator); hashService.setGeneratePublicSalt(true); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").setSalt(publicSalt).build(); final Hash hash = hashService.computeHash(hashRequest); log.info("hash.salt : {}", hash.getSalt()); log.info("publicSalt : {}", publicSalt); log.info("hash Base64 : {}", hash.toBase64()); final String hash1 = hashService.computeHash(hashRequest).toBase64(); final String hash2 = hashService.computeHash(hashRequest).toBase64(); log.info("hash1 Base64 : {}", hash1); log.info("hash2 Base64 : {}", hash2); Assert.assertEquals(hash1, hash2);// w w w .j av a 2 s .co m Sha512Hash encodedPassword = new Sha512Hash("password", publicSalt, 1024 * 64); Sha512Hash encodedPassword2 = new Sha512Hash(encodedPassword.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword Base64 : {}", encodedPassword.toBase64()); log.info("encodedPassword2 Base64 : {}", encodedPassword2.toBase64()); Sha512Hash encodedPassword3 = new Sha512Hash("password", publicSalt, 1024 * 64); Sha512Hash encodedPassword4 = new Sha512Hash(encodedPassword3.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword3 Base64 : {}", encodedPassword3.toBase64()); log.info("encodedPassword4 Base64 : {}", encodedPassword4.toBase64()); Assert.assertEquals(encodedPassword2, encodedPassword4); }
From source file:CryptoTest.java
License:Apache License
@Test public void test_hashingService_usingRandomSalts() { log.info("*** test_hashingService_usingRandomSalts ***"); final DefaultHashService hashService = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator(); secureRandomNumberGenerator.setDefaultNextBytesSize(64); final ByteSource privateSalt = secureRandomNumberGenerator.nextBytes(); hashService.setHashAlgorithmName("SHA-512"); hashService.setHashIterations(1024 * 128); hashService.setPrivateSalt(privateSalt); hashService.setRandomNumberGenerator(secureRandomNumberGenerator); hashService.setGeneratePublicSalt(true); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").build(); final StopWatch stopWatch = new StopWatch(); stopWatch.start();/*from w w w.jav a2 s . com*/ final Hash hash = hashService.computeHash(hashRequest); stopWatch.stop(); final byte[] hashBytes = hash.getBytes(); log.info("hashBytes length = {}", hashBytes.length); log.info("hash Base64 length = {}", hash.toBase64().length()); log.info("hash time: {}", stopWatch.getTime()); log.info("hash.salt : {}", hash.getSalt()); final ByteSource salt = hash.getSalt(); log.info("salt : {}", salt); log.info("hash Base64 : {}", hash.toBase64()); final String hash1 = hashService .computeHash(new HashRequest.Builder().setSource("password").setSalt(salt).build()).toBase64(); final String hash2 = hashService .computeHash(new HashRequest.Builder().setSource("password").setSalt(salt).build()).toBase64(); log.info("hash1 Base64 : {}", hash1); log.info("hash2 Base64 : {}", hash2); Assert.assertEquals(hash1, hash2); Sha512Hash encodedPassword = new Sha512Hash("password", salt, 1024 * 64); Sha512Hash encodedPassword2 = new Sha512Hash(encodedPassword.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword Base64 : {}", encodedPassword.toBase64()); log.info("encodedPassword2 Base64 : {}", encodedPassword2.toBase64()); Sha512Hash encodedPassword3 = new Sha512Hash("password", salt, 1024 * 64); Sha512Hash encodedPassword4 = new Sha512Hash(encodedPassword3.getBytes(), privateSalt, 1024 * 64); log.info("encodedPassword3 Base64 : {}", encodedPassword3.toBase64()); log.info("encodedPassword4 Base64 : {}", encodedPassword4.toBase64()); Assert.assertEquals(encodedPassword2, encodedPassword4); hashService.setHashIterations(1024 * 127); }
From source file:CryptoTest.java
License:Apache License
@Test public void test_secureRandomNumberGenerator_nextBytesSize() { log.info("*** test_secureRandomNumberGenerator_nextBytesSize ***"); final DefaultHashService hashService = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator(); secureRandomNumberGenerator.setDefaultNextBytesSize(8); final ByteSource privateSalt = secureRandomNumberGenerator.nextBytes(); log.info("privateSalt = {}", privateSalt); log.info("privateSalt byte length = {}", privateSalt.getBytes().length); hashService.setHashAlgorithmName("SHA-512"); hashService.setHashIterations(1024 * 128); hashService.setPrivateSalt(privateSalt); hashService.setRandomNumberGenerator(secureRandomNumberGenerator); hashService.setGeneratePublicSalt(true); final HashRequest hashRequest = new HashRequest.Builder().setSource("password").build(); final Hash hash = hashService.computeHash(hashRequest); final DefaultHashService hashService2 = new DefaultHashService(); final SecureRandomNumberGenerator secureRandomNumberGenerator2 = new SecureRandomNumberGenerator(); secureRandomNumberGenerator2.setDefaultNextBytesSize(16); hashService2.setHashAlgorithmName("SHA-512"); hashService2.setHashIterations(1024 * 128); hashService2.setPrivateSalt(privateSalt); hashService2.setRandomNumberGenerator(secureRandomNumberGenerator2); hashService2.setGeneratePublicSalt(true); final HashRequest hashRequest2 = new HashRequest.Builder().setSource("password").setSalt(hash.getSalt()) .build();//from w w w . ja va 2 s . c o m final Hash hash2 = hashService.computeHash(hashRequest2); log.info("hash = {}", hash.toBase64()); log.info("hash2 = {}", hash2.toBase64()); Assert.assertEquals(hash2.toBase64(), hash.toBase64()); }
From source file:base.web.ShiroDbRealm.java
License:Apache License
/** * ??spring/shiro.xml?credentialsMatcher <br/> * /*from w w w. ja v a 2 s .co m*/ * ?SHA-256Base64?1024<br/> * SHA-256Base64??(44?)Hex??64?<br/> * ?SHA-384?SHA-512???? * * @author Junas.Cheung */ public String encrytPassword(String password) { // ???? String hashAlgorithmName = ConfigUtil.getValue("password.hash.algorithm.name"); int iterations = ConfigUtil.getIntValue("password.iterations"); boolean isStoredHex = ConfigUtil.getBooleanValue("password.is.stored.hex"); // DefaultHashService hashService = new DefaultHashService(); // hashService.setHashAlgorithmName(hashAlgorithmName); // hashService.setHashIterations(iterations); // ? ByteSource byteSource = ByteSource.Util.bytes(password); Hash hash = hashService.computeHash(new HashRequest.Builder().setSource(byteSource).build()); // ?Hash return isStoredHex ? hash.toHex() : hash.toBase64(); }
From source file:br.com.criativasoft.opendevice.middleware.persistence.dao.jpa.UserJPA.java
License:Open Source License
@Override public User createUser(Account account, String username, String password) { User user = new User(); user.setUsername(username);/* www . j a v a2 s . c o m*/ user.setPassword(password); //Encrypt DefaultPasswordService service = new DefaultPasswordService(); DefaultHashService hashService = (DefaultHashService) service.getHashService(); hashService.setHashIterations(1); user.setPassword(service.encryptPassword(user.getPassword())); UserAccount userAccount = new UserAccount(); userAccount.setOwner(account); account.getUserAccounts().add(userAccount); if (account.getId() <= 0) userAccount.setType(AccountType.ACCOUNT_MANAGER); else userAccount.setType(AccountType.USER); userAccount.setUser(user); ApiKey key = new ApiKey(); key.setKey(account.getUuid()); key.setAppName("ApplicationID"); key.setAccount(userAccount); userAccount.getKeys().add(key); user.getAccounts().add(userAccount); persist(user); return user; }
From source file:cn.powerdash.libsystem.common.security.authc.PrivateSaltPasswordService.java
License:Open Source License
/** * @param hashInterations/*from w w w .j a va 2s. c o m*/ * Set hashInterations value */ public void setHashIterations(int hashIterations) { DefaultHashService hashServiceInstance = (DefaultHashService) super.getHashService(); hashServiceInstance.setHashIterations(hashIterations); }
From source file:com.azaptree.services.security.domain.config.impl.HashServiceConfig.java
License:Apache License
@Override public HashService getHashService() { if (hashService != null) { return hashService; }//from ww w.j a v a 2s .c o m final DefaultHashService service = new DefaultHashService(); service.setGeneratePublicSalt(true); service.setPrivateSalt(ByteSource.Util.bytes(privateSalt)); service.setHashAlgorithmName(hashAlgorithmName); service.setHashIterations(hashIterations); final SecureRandomNumberGenerator rng = new SecureRandomNumberGenerator(); rng.setDefaultNextBytesSize(secureRandomNumberGeneratorNextBytesSize); final SecureRandom random = new SecureRandom(); final byte rngSeed[] = new byte[20]; random.nextBytes(rngSeed); rng.setSeed(rngSeed); service.setRandomNumberGenerator(rng); hashService = service; return service; }
From source file:com.epimorphics.registry.security.BaseRegRealm.java
License:Apache License
public BaseRegRealm() { setPermissionResolver(new RegPermissionResolver()); setCredentialsMatcher(new RegCredentialsMatcher()); DefaultHashService hashing = new DefaultHashService(); hashing.setHashAlgorithmName(RegCredentialsMatcher.DEFAULT_ALGORITHM); hashing.setHashIterations(RegCredentialsMatcher.DEFAULT_ITERATIONS); hashService = hashing;//from w w w. j av a 2s . c o m }
From source file:com.masslink.idea.zigbee.shiro.UserPasswordService.java
License:Apache License
public UserPasswordService() { this.hashFormatWarned = false; DefaultHashService defaultHashService = new DefaultHashService(); defaultHashService.setHashAlgorithmName(ALGORITHM); defaultHashService.setHashIterations(ITERATIONS); defaultHashService.setGeneratePublicSalt(true); //always want generated salts for user passwords to be most secure defaultHashService.setPrivateSalt(new SimpleByteSource(SALT)); this.hashService = defaultHashService; this.hashFormat = new Shiro1CryptFormat(); this.hashFormatFactory = new DefaultHashFormatFactory(); }
From source file:com.mycompany.shirofaces.SHA256.java
public static void main(String args[]) { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); Object salt = rng.nextBytes(); String hashedPasswordBase64 = new Sha256Hash("juancho18", salt, 1024).toBase64(); Sha256Hash sha256Hash = new Sha256Hash("juancho18"); System.out.println("Clave sin salt: " + sha256Hash.toHex()); System.out.println("Clave con salt : " + hashedPasswordBase64); DefaultHashService hashService = new DefaultHashService(); hashService.setHashIterations(50000); // 500000 hashService.setHashAlgorithmName(Sha256Hash.ALGORITHM_NAME); hashService.setPrivateSalt(new SimpleByteSource("jumarome")); hashService.setGeneratePublicSalt(true); DefaultPasswordService passwordService = new DefaultPasswordService(); passwordService.setHashService(hashService); String salte = hashService.getPrivateSalt().toBase64(); String claveMaldita = passwordService.encryptPassword("unaep"); System.out.println("Miraaa: " + claveMaldita); System.out.println("private salt= " + salte); }