I try to use PasswordMatcher with DefaultPasswordService with DefaultHashService.
DefaultHashService hashService = new DefaultHashService();
hashService.setHashIterations(10000);
hashService.setHashAlgorithmName(Sha512Hash.ALGORITHM_NAME);
hashService.setGeneratePublicSalt(true);
DefaultPasswordService passwordService = new DefaultPasswordService();
passwordService.setHashService(hashService);
String encryptedPassword = passwordService.encryptPassword("password");
System.out.println("Result:"+encryptedPassword);
And here is the result which I must save to database in the column PASSWORD.
$shiro1$SHA-512$10000$T5nkQEA3qjMLPuB/x+WN4Q==$qWViYjBljsMwH7FSvhecKlxQqXY11lv8eS4guxD9t8D4HTeKclN/muyTnhzYZ+YvI1YkEg6L7T2kM3qykUG0XQ==
Everything is working. However my question is why are iterations number and algorithm name saved together with salt and password? This case we do inform the potential attacker, who dumps our database about such important properties.
Nowadays, we aim to protect user passwords even when an attacker knows all implementation secrets. This is known as "white-box encryption":
In such a context, a ‘white-box attacker’ has full access to the software implementation of a cryptographic algorithm: the binary is completely visible and alterable by the attacker; and the attacker has full control over the execution platform (CPU calls, memory registers, etc.). Hence, the implementation itself is the sole line of defence.
That being said, you can store the hash algorithm and iteration count together with the password, as you have to assume the attacker also has access to the code/binaries anyways (which is not unlikely if they have access to the database).
Storing the number of iterations together with the hash has an additional benefit: In the future you might want to change to a larger number of iterations, since processing power has increased. You can then easily upgrade your database by going through all the hashes with the old number of iterations, apply a number of additional iterations and store the new result in the database, upgraded to a more secure scheme.
Similarly, if you add the hash algorithm to the hash, you may easily change to other password schemes (bcrypt, ...) later and upgrade users gracefully on their next login.