...
Java's MessageDigest class provides the functionality of various cryptographic hash functions. Be careful not to use any defective hash functions, such as MD5. red}} How do I go about learning which hash functions are safe, and which are defective?{{red
It is also important that you append a salt to the password you are hashing. A salt is a piece of data that is randomly generated during the creation of the program (and consistent throughout the rest of its implementation) red}} not sure what period of time does this refer to?{{red . The use of a salt helps prevents dictionary attacks against the hash value, provided the salt is long enough red}} what is long enough{{red .
Noncompliant Code Example
...
| Code Block | ||
|---|---|---|
| ||
class Password {
public static void main(String[] args) throws IOException {
char[] password = new char[100];
BufferedReader br = new BufferedReader(new InputStreamReader(
new FileInputStream("credentials.txt")));
// Reads the password into the char array, returns the number of bytes read
int n = br.read(password);
// Decrypt password, perform operations
for (int i = n - 1; i >= 0; i--) { // Manually clear out the password immediately after use
password[i] = 0;
}
br.close();
}
}
|
red}} the rest of this makes no sense to me. I thought the problem was that the programmer was leaving the information unencrypted where it could be leaked{{red
An attacker could potentially decrypt this file to discover the password. This attacker could be someone knows or has figured out the encryption scheme being used by the program.
...
In both the setPassword() and checkPassword() methods, the cleartext representation of the password is erased as soon as it is converted into a hash value. After this happens, there is no way for an attacker to get the password as cleartext.
Exceptions
There are a few cases where you MSC18-EX0 You may be forced to encrypt passwords or store them as cleartext . These might happen when you are extending code or an application that you cannot change. For example, a password manager may need to input passwords into other programs as cleartext. Another example is
MSC18-EX1 You may be forced to encrypt password when using a library that returns the password as a Java string object, resulting in the vulnerability described in the second noncompliant example. In these cases your best strategy may be to use somewhat vulnerable methods such as encryption, unless you can change the other code.
...