Skip to content
/ hash Public

Common Lib to Hash passwords which is compatible to Java EE/ CDI (e.g. payara, wildfly) and Spring Boot.

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sterlp/hash

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
.github/workflows
.github/workflows
 
 
hash-cli
hash-cli
 
 
hash-lib
hash-lib
 
 
jee-hash-lib
jee-hash-lib
 
 
spring-hash-lib
spring-hash-lib
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Hash Lib CI CodeQL

Hash Lib Cli

Tool to create BCrypt and PBKDF2 hashes of passwords directly in the command line:

Download latest version of hash-cli here: https://github.com/sterlp/hash/releases

Create a password hash

BCrpyt

java -jar hash-cli.jar mypassword
> $2a$10$m4hjjVjjGD36bgHlblJaweMDrGelSO1lx4osfpNi/7DN9ZvTzMqA6

PBKDF2WithHmacSHA512

java -jar hash-cli.jar -a PBKDF2WithHmacSHA512 -p mypassword
> PBKDF2WithHmacSHA512:2048:ilIYz4CirlKeZfa59Tu9Dlruc69zaAxGyDb0OOcpppM=:HMv6yD8WUKSM2XY6jHIuzz9ShXX1wj120Njb0TptJ6hBBWAFnOdx0xR1hvz9ICtp91sdBxRaMyU8LsYZCIuP9g==

Verify a password hash

BCrypt

java -jar hash-cli.jar -p foo -h "$2a$10$At1ZDrj3taopwLzeZ237KekybhWlF6quEd8bv9eAIWrTVzvtKyTEi"
> true

PBKDF2WithHmacSHA512

java -jar hash-cli.jar -a PBKDF2WithHmacSHA512 -p mypassword -h PBKDF2WithHmacSHA512:2048:ilIYz4CirlKeZfa59Tu9Dlruc69zaAxGyDb0OOcpppM=:HMv6yD8WUKSM2XY6jHIuzz9ShXX1wj120Njb0TptJ6hBBWAFnOdx0xR1hvz9ICtp91sdBxRaMyU8LsYZCIuP9g==
> true

hash-lib

Common lib which provides a common Hash algorithms for JEE and Spring Boot:

  • BCrypt
  • PBKDF2WithHmacSHA224
  • PBKDF2WithHmacSHA256
  • PBKDF2WithHmacSHA384
  • PBKDF2WithHmacSHA512

jee-hash-lib

Support BCrypt and PBKDF2 password hash and verification. As so be compatible with existing JEE JDBC user stores and Spring Boot user stores.

Usage

import javax.annotation.security.DeclareRoles;
import javax.enterprise.context.ApplicationScoped;
import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
import javax.security.enterprise.identitystore.DatabaseIdentityStoreDefinition;
import javax.ws.rs.ApplicationPath;
import javax.ws.rs.core.Application;
import org.sterl.jee.hash.BCryptAndPbkdf2PasswordHash;

@ApplicationScoped
@BasicAuthenticationMechanismDefinition(realmName = "jee-basic")
@DeclareRoles({ "admin", "user" }) // this authorities are allowed
@DatabaseIdentityStoreDefinition(
    callerQuery = "select password from users where enabled = true AND username = ?",
    groupsQuery = "select authority from authorities where username = ?",
    dataSourceLookup = "jdbc/identity-store",
    hashAlgorithm = BCryptAndPbkdf2PasswordHash.class,
    hashAlgorithmParameters = {
        "Algorithm=PBKDF2WithHmacSHA512"
    }
)
@ApplicationPath("")
public class ApplicationConfiguration extends Application {
    
}

Maven import JEE

<dependency>
  <groupId>org.sterl.hash</groupId>
  <artifactId>jee-hash-lib</artifactId>
  <version>0.1.0</version>
</dependency>

Base Lib

<dependency>
  <groupId>org.sterl.hash</groupId>
  <artifactId>hash-lib</artifactId>
  <version>0.1.0</version>
</dependency>

How to release

  • mvn versions:set -DnewVersion=x.x.x-SNAPSHOT
  • mvn clean install -Prelease
  • mvn deploy

About

Common Lib to Hash passwords which is compatible to Java EE/ CDI (e.g. payara, wildfly) and Spring Boot.

Topics

hashing cli spring-boot hash bcrypt jee command-line-tool jee7 payara hash-passwords

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 1

v0.1.1 Latest
Nov 15, 2020

Packages

 
 
 

Languages