PBKDF2WithHmacSHA512 抛出 NoSuchAlgorithmException

Question

I am writing an app in Eclipse for android. I tried using PBKDF2WithHmacSHA1 at first to hash my passwords, which worked well. But because of the weaknesses in SHA1, I decided to upgrade it to PBKDF2WithHmacSHA512. However, eclipse is now throwing a NoSuchAlgorithmException.

SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512") throws NoSuchAlgorithmException

I followed the instructions in the link above. However, the java file linked in the question above requires the sun.crypto library, which I don't have on Eclipse. I was also advised not to use Sun library, but to use java official library.

My question is, is there anyway of using PBKDF2WithHmacSHA512 on Eclipse? Or if possible, can someone teach me how to break it into parts of doing the PBKDF2 first and then HmacSHA512 the result?

Thank you.

Answer 1

Be careful when using SecretKeyFactory in android, please check supported API version, you will be got exception if using the wrong version like bellow: https://developer.android.com/reference/javax/crypto/SecretKeyFactory

This exception is thrown when a particular cryptographic algorithm is requested but is not available in the environment. So based on the requirement above 👆 if you also want to use this algorithm on the low android version, I would recommend you use Bouncy Castle Library.

// Gradle

implementation 'org.bouncycastle:bcpkix-jdk15to18:1.70'
implementation 'org.bouncycastle:bcprov-jdk15to18:1.70'


// Use "PBKDF2WithHmacSHA512" with android O version and above

if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
  val skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512")
  val pwSpec = PBEKeySpec(secret.toCharArray(), salt, iterations, keyLength)
  skf.generateSecret(pwSpec).encoded
}