de.qaware.heimdall:heimdall
Advanced tools
This library implements a secure and upgradeable password hashing mechanism.
This library implements a secure and upgradeable password hashing mechanism. See this blog post for details.
Actually, this library uses (some of) these algorithms. But it makes it easier for you: no need to worry about iterations, salt generation and the same. And if a flaw is discovered in one of the algorithms, the library makes sure that the hashes in your database are automatically updated to a secure format (provided you use the pattern as shown in the usage block down below).
The JARs are available via JCenter and Maven Central. If you are using Maven to build your project, add the following to the pom.xml file:
<dependencies>
<dependency>
<groupId>de.qaware.heimdall</groupId>
<artifactId>heimdall</artifactId>
<version>1.5.1</version>
</dependency>
</dependencies>
In case you are using Gradle to build your project, add the following to the build.gradle file:
repositories {
jcenter()
mavenCentral()
}
dependencies {
compile 'de.qaware:heimdall:1.5.1'
}
Password password = PasswordFactory.create();
try(SecureCharArray cleartext = new SecureCharArray(...)) { // Read cleartext password from user
String hash = password.hash(cleartext);
// Persist the hash in a database etc...
}
Password password = PasswordFactory.create();
String hash = ... // Load hash from persistent storage
try(SecureCharArray cleartext = new SecureCharArray(...)) { // Read cleartext password from user
if (password.verify(cleartext, hash)) {
if (password.needsRehash(hash)) { // Check if the hash uses an old hash algorithm, insecure parameters, etc.
String newHash = password.hash(cleartext);
// Persist the new hash in a database etc...
}
// Password is correct, proceed...
} else {
// Password is incorrect
}
}
By default this library uses the PBKDF2 SHA-1 HMAC (PBKDF2WithHmacSHA1) with 20000 iterations and 192 bit (24 byte) of salt.
Moritz Kammerer (@phxql), moritz.kammerer@qaware.de
This software is provided under the MIT open source license, read the LICENSE.txt file for details.
FAQs
This library implements a secure and upgradeable password hashing mechanism.
We found that de.qaware.heimdall:heimdall demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenSSF has published OSPS Baseline, an initiative designed to establish a minimum set of security-related best practices for open source software projects.
Security News
Michigan TypeScript founder Dimitri Mitropoulos implements WebAssembly runtime in TypeScript types, enabling Doom to run after processing 177 terabytes of type definitions.
Security News
vlt's new "reproduce" tool verifies npm packages against their source code, outperforming traditional provenance adoption in the JavaScript ecosystem.