![](/img/trans.png)
[英]PasswordHash.java not generating matching PBKDF2-HMAC-SHA1 hash
[英]PKCS5_PBKDF2_HMAC_SHA1 in Java
必须在 Java 中实现 openssl 函数 - PKCS5_PBKDF2_HMAC_SHA1(keyData, 8, salt, 8, iterCount, KEY_SIZE, key))。
下面是我的 Java 代码
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(customerId.toCharArray(), RefundUtil.getSalt(), iterationCount, bitLength);
SecretKey tmp = factory.generateSecret(spec);
byte[] pbkdf2Key = tmp.getEncoded();
上面的Java代码是否正确?
这通常是我实现PBKDF2_HMAC_SHA1
:
private static byte[] getSalt(int saltSize){
SecureRandom secureRandom = new SecureRandom();
byte[] salt = new byte[saltSize];
secureRandom.nextBytes(salt);
this.MC = salt;
return salt;
}
public static byte[] hashPassword(char[] password, int saltSize) throws NoSuchAlgorithmException, InvalidKeySpecException{
byte[] salt = getSalt(saltSize);
PBEKeySpec pbeKeySpec = new PBEKeySpec(password,salt,iterations,hashBites);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
return keyFactory.generateSecret(pbeKeySpec).getEncoded();
}
您的实施将正常工作
您可以使用以下功能:
private static byte[] calculatePbeMac(
DERObjectIdentifier oid,
byte[] salt,
int itCount,
char[] password,
byte[] data,
String provider)
throws Exception
{
SecretKeyFactory keyFact = SecretKeyFactory.getInstance(oid.getId(), provider);
PBEParameterSpec defParams = new PBEParameterSpec(salt, itCount);
PBEKeySpec pbeSpec = new PBEKeySpec(password);
SecretKey key = keyFact.generateSecret(pbeSpec);
Mac mac = Mac.getInstance(oid.getId(), provider);
mac.init(key, defParams);
mac.update(data);
return mac.doFinal();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.