secdevlpr26/Storing passwords with salt

## Storing passwords with salt
import java.util.*;
import java.lang.*;
import java.io.*;
import java.security.MessageDigest;
import java.io.ByteArrayOutputStream;
import javax.xml.bind.DatatypeConverter;
import java.security.*;

public class Main
{
	public static void main (String[] args) throws java.lang.Exception
	{
		Console console = System.console();
		if (console == null)
		{
		    System.out.println( "No console available");
            return;
		}
//Get the Plaintext password
		String passwordString = console.readLine("Please Enter your Password:");
		try {
//Generate new salt
		    SecureRandom salt = new SecureRandom();
		    int salt_length = 16;
		    byte salt_bytes[] = new byte[salt_length];
		    salt.nextBytes(salt_bytes);
		    ByteArrayOutputStream data_to_hash = new ByteArrayOutputStream();
		    data_to_hash.write(salt_bytes,0,salt_length);
		    data_to_hash.write(passwordString.getBytes());
		    SecretKeyFactory skf = SecretKeyFactory.getInstance(“PBKDF2WithHmacSHA512”);
                    int length = 256;
                    PBEKeySpec spec = new PBEKeySepc(passwordString.toCharArray(),salt_bytes,1000,keyLength);
                    SecretKey key = skf.generateSecret(spec);
                    byte[] digest = key.getEncoded();
//Generating hash value for the password
		    MessageDigest md = MessageDigest.getInstance("MD5");
		    md.update(data_to_hash.toByteArray());
		    byte[] digest = md.digest();
//Converting the plaintext to Hash value - Uppercase
		    String hashPassword = DatatypeConverter.printHexBinary(digest).toUpperCase();
//Converting the salt bytes to Uppercase
		    String salt_str = DatatypeConverter.printHexBinary(salt_bytes).toUpperCase();
//Print the hash value
		    console.printf("Hash value stored:\t" + hashPassword + "\n");
//Print the salt value
		    console.printf("Salt value stored:" + salt_str+ "\n");

		}
//Capture exceptions when no MD5 is found
		catch(Exception e)
		{
		    System.out.print("Hashing is not possible right now due to unknown error.");
		}
//Print the plaintext password
		console.printf("Plain text password:" + passwordString);
	}
}
	import java.util.*;
	import java.lang.*;
	import java.io.*;
	import java.security.MessageDigest;
	import java.io.ByteArrayOutputStream;
	import javax.xml.bind.DatatypeConverter;
	import java.security.*;

	public class Main
	{
	public static void main (String[] args) throws java.lang.Exception
	{
	Console console = System.console();
	if (console == null)
	{
	System.out.println( "No console available");
	return;
	}
	//Get the Plaintext password
	String passwordString = console.readLine("Please Enter your Password:");
	try {
	//Generate new salt
	SecureRandom salt = new SecureRandom();
	int salt_length = 16;
	byte salt_bytes[] = new byte[salt_length];
	salt.nextBytes(salt_bytes);
	ByteArrayOutputStream data_to_hash = new ByteArrayOutputStream();
	data_to_hash.write(salt_bytes,0,salt_length);
	data_to_hash.write(passwordString.getBytes());
	SecretKeyFactory skf = SecretKeyFactory.getInstance(“PBKDF2WithHmacSHA512”);
	int length = 256;
	PBEKeySpec spec = new PBEKeySepc(passwordString.toCharArray(),salt_bytes,1000,keyLength);
	SecretKey key = skf.generateSecret(spec);
	byte[] digest = key.getEncoded();
	//Generating hash value for the password
	MessageDigest md = MessageDigest.getInstance("MD5");
	md.update(data_to_hash.toByteArray());
	byte[] digest = md.digest();
	//Converting the plaintext to Hash value - Uppercase
	String hashPassword = DatatypeConverter.printHexBinary(digest).toUpperCase();
	//Converting the salt bytes to Uppercase
	String salt_str = DatatypeConverter.printHexBinary(salt_bytes).toUpperCase();
	//Print the hash value
	console.printf("Hash value stored:\t" + hashPassword + "\n");
	//Print the salt value
	console.printf("Salt value stored:" + salt_str+ "\n");

	}
	//Capture exceptions when no MD5 is found
	catch(Exception e)
	{
	System.out.print("Hashing is not possible right now due to unknown error.");
	}
	//Print the plaintext password
	console.printf("Plain text password:" + passwordString);
	}
	}