+ * Description + *
+ * + * @author Robin Strand Prestmo + */ +public final class PasswordHasher { + private static final SecureRandom RNG = new SecureRandom(); + + /** + * Get the hash of the password + * + * @param password a string password + * @return a hash secured password + */ + public String getHashPassword(String password) { + String hasPass = ""; + + try { + // 1. Create salt + byte[] salt = new byte[16]; + RNG.nextBytes(salt); + + // 2. Create PBKDF2 Hash value + PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 100000, 32*8); + SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); + byte[] hash = factory.generateSecret(spec).getEncoded(); + + // 3. Combine salt and password bytes + byte[] hashBytes = new byte[48]; + System.arraycopy(salt, 0, hashBytes, 0, 16); + System.arraycopy(hash, 0, hashBytes, 16, 32); + + //4. Turn the combined salt+hash into a string. + hasPass = Base64.getEncoder().encodeToString(hashBytes); + } catch (Exception e) { + throw new RuntimeException("Error while hasing password.", e); + } + return hasPass; + } +} diff --git a/helpmehelpapplication/src/main/java/ntnu/sytemutvikling/team6/models/User.java b/helpmehelpapplication/src/main/java/ntnu/sytemutvikling/team6/models/User.java index 283bfa1..afa414a 100644 --- a/helpmehelpapplication/src/main/java/ntnu/sytemutvikling/team6/models/User.java +++ b/helpmehelpapplication/src/main/java/ntnu/sytemutvikling/team6/models/User.java @@ -2,9 +2,9 @@ import java.util.UUID; -// Passord må hashes!!! -// Unntakshåndtering mangler -// Enhetstesting mangler +// TODO: Passord må hashes!!! +// TODO: Unntakshåndtering mangler +// TODO: Enhetstesting mangler /** * Represents a user.