feat: Add salted hash

This commit is contained in:
Nathan Woodburn 2023-10-23 18:17:38 +11:00
parent 1eaa83dc89
commit fe67cad2ef
Signed by: nathanwoodburn
GPG Key ID: 203B000478AD0EF1
3 changed files with 60 additions and 1 deletions

View File

@ -1,5 +1,10 @@
# Java Password storage solutions # Java Password storage solutions
1. [Hashing](hash.java) 1. [Hashing](hash.java)
2. [Salted Hashing](saltedHash.java)
https://crackstation.net/ - Decrypt Hashes

View File

@ -1,7 +1,6 @@
import java.io.BufferedReader; import java.io.BufferedReader;
import java.io.IOException; import java.io.IOException;
import java.io.InputStreamReader; import java.io.InputStreamReader;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;

55
saltedHash.java Normal file
View File

@ -0,0 +1,55 @@
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class saltedHash {
public static void main(String[] args) throws IOException {
BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
System.out.println("Enter a string to hash and salt: ");
String input = reader.readLine();
try {
String salt = bytetohex.toHexString(getSalt());
// Remove starting 0s
while (salt.charAt(0) == '0') {
salt = salt.substring(1);
}
String salted = input + salt;
System.out.println("Hashed as:");
String hashed = hash.hashstring(salted);
String stored = hashed + ":"+salt;
System.out.println(stored);
System.out.println("Enter a string to check: ");
String check = reader.readLine();
// Split stored by the colon
String[] parts = stored.split(":");
// Salt the checked
String saltedCheck = check + parts[1];
// Hash the salted checked
String hashedCheck = hash.hashstring(saltedCheck);
// Compare the hashed salted checked to the stored hash
if (hashedCheck.equals(parts[0])) {
System.out.println("Match!");
} else {
System.out.println("No match!");
}
} catch (NoSuchAlgorithmException e) {
System.out.println(e.toString());
}
}
private static byte[] getSalt() throws NoSuchAlgorithmException {
SecureRandom random = new SecureRandom();
byte[] salt = new byte[16];
random.nextBytes(salt);
return salt;
}
}