Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Salting HMAC? (SHA-512)

843811Mar 17 2008 — edited Mar 18 2008

Using PHP, they let us "salt" the digest using a custom string. (http://ca3.php.net/hash_hmac).

So a simple call to

echo hash_hmac( "sha512", "abc", "def" );

outputs:

17111e70f32d48a37ccc50a21deb12b40dfe223abf5ac852428000182125dab8a12ee95dd9f526bfb79c1a4fe00a4118e3b525f40eb8291325e3030f2e13ad34

Things aren't so easy in Java! I've found the HMAC setup in the Crypto tutorials:

KeyGenerator kg = KeyGenerator.getInstance("HmacSHA512");
SecretKey sk = kg.generateKey();
	        
Mac mac = Mac.getInstance( "HmacSHA512" );
mac.init( sk );
byte [] r  = mac.doFinal( "abc".getBytes() );
System.out.println( auracle.crypt.Factory.toHexString( r ) );

But cannot figure out where I am to 'salt' the hash? guessing I need to call mac.init with a custom SecretKey...but how to generate one from the string "def"?

Help appreciated!
Cheers

Locked Post

New comments cannot be posted to this locked post.

Locked on Apr 15 2008

Added on Mar 17 2008

#cryptography

5 comments

1,110 views