发表新帖
发表新帖

android sha512 example

前端 未结
关注
2 1401
情歌与酒
情歌与酒 2020-12-29 17:34

  1. Can someone provide an example for java/android on how to hash a password using PW_HASH_ITERATION_COUNT iterations of sha512 + salt?

    in pseudo

相关标签:
2条回答
  • 梦如初夏
    2020-12-29 17:53

    a HMAC is found to be sufficient for what you wanna do and it does only 2 iterations

    it boils down to 

    hash = sha512(concat(xor(salt,nonce2),sha512(concat(xor(salt,nonce1),pw)));
    0 讨论(0)
  • 鱼传尺愫
    2020-12-29 17:56

    Read my post here, especially the post I linked to about password hashing.

    • You should ideally use bcrypt or scrypt rather than doing your own password hashing.
    • But if you must, you should run for a few thousand iterations at the minimum, preferably more.

    Yes, you can use MessageDigest for SHA-512. Each time you call digest, the state of the object automatically resets, which is really handy---you can start updating for the next iteration straight away.

    But I still think you should use bcrypt or scrypt instead. For your own good, and the good of your users. :-)

    0 讨论(0)
 看不清?
提交回复
热议问题