List of usage examples for org.bouncycastle.crypto PBEParametersGenerator generateDerivedMacParameters
public abstract CipherParameters generateDerivedMacParameters(int keySize);
From source file:dorkbox.util.crypto.Crypto.java
License:Apache License
/** * Secure way to generate an AES key based on a password. * * @param password//from w ww.j a v a 2 s . c o m * The password that you want to mix * @param salt * should be a RANDOM number, at least 256bits (32 bytes) in size. * @param iterationCount * should be a lot, like 10,000 * * @return the secure key to use */ public static byte[] PBKDF2(byte[] password, byte[] salt, int iterationCount) { SHA256Digest digest = new SHA256Digest(); PBEParametersGenerator pGen = new PKCS5S2ParametersGenerator(digest); pGen.init(password, salt, iterationCount); KeyParameter key = (KeyParameter) pGen.generateDerivedMacParameters(digest.getDigestSize() * 8); // *8 for bit length. // zero out the password. Arrays.fill(password, (byte) 0); return key.getKey(); }