如何确定字节数组是否包含散列数据

时间:2014-01-04 19:25:07

标签: encryption hmacsha1 pbkdf2

是否可以确定字节数组是否包含使用PBKDF2WithHmacSHA1散列的数据?有没有可以提供帮助的模式?

1 个答案:

答案 0 :(得分:0)

以下是我在Scala中解决问题的方法:

class Password(value: String, salt: Option[String]) {

  private final val IterationCount = 2048
  private final val KeyLength = 256
  private final val SaltLength = KeyLength / 8

  ...

  def hash = {
    val zalt = if (salt.isDefined)
      salt.get.getBytes(DefaultCharset)
    else 
      SecureRandom.getInstance("SHA1PRNG").generateSeed(SaltLength)

    val secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1")
    val secretKey = secretKeyFactory.generateSecret(
      new PBEKeySpec(value.toCharArray, zalt, IterationCount, KeyLength)
    )

    val byteBuffer = ByteBuffer.allocate(2 + KeyLength)
    byteBuffer.putShort(KeyLength)
    byteBuffer.put(secretKey.getEncoded)

    new Password(
      Base64.encodeBase64String(byteBuffer.array),
      Some(new String(zalt, DefaultCharset))
    )
  }

  def isHashed = Base64.decodeBase64(value).length > KeyLength
}

密钥的长度预先附加到编码的散列...并确定当前Password实例是否被散列我只检查整个缓冲区的长度 - 完整的源代码可用{ {3}}

相关问题
最新问题