i'm developping android app need authentication. however, there existing web application (using symfony) accounts, , have reuse same accounts authenticate users.
in db, have basicals : username, salt, encryptedpassword, encryption_type(sha1)...
the problem don't know how authenticate users, using these informations.
if can me solving this...
many thanks!
depending on encryption algorithm this:
public final boolean authenticate(string attemptedpassword, byte[] encryptedpassword, byte[] salt) throws nosuchalgorithmexception, invalidkeyspecexception { string algorithm = "pbkdf2withhmacsha1"; int derivedkeylength = 160; int iterations = 20000; keyspec spec = new pbekeyspec(password.tochararray(), salt, iterations, derivedkeylength); secretkeyfactory f = secretkeyfactory.getinstance(algorithm); byte[] encryptedpassword = f.generatesecret(spec).getencoded(); return arrays.equals(encryptedpassword, encryptedattemptedpassword); } you need know settings used generate encrypted passwords in database.
Comments
Post a Comment