GitBucket
4.21.2
| 2026-05-06 |
Sanitise password after hashing.
Mark George
committed
on 6 May
|
|---|---|
|
Add a couple of tests to check that malformed hashes are handled properly
Mark George
committed
on 6 May
|
|
|
SecureRandom.getInstanceStrong() uses /dev/random on Linux which may block if out of entropy
...
Mark George
committed
on 6 May
|
|
|
Switch to Bouncy Castle Base64 to avoid leaks
Mark George
committed
on 6 May
|
|
|
Reimplement toBytes to avoid Charset.encode method which may leak hashes
Mark George
committed
on 6 May
|
|
|
Reimplement the parsing to avoid the regex group method which creates strings that we can't sanitise.
Mark George
committed
on 6 May
|
|
|
Switch to cleaner log2 implementation
Mark George
committed
on 6 May
|
|
|
Switch to more modern and stronger RNG
Mark George
committed
on 6 May
|
|
|
Fix potential timing attack due to manually comparing hashes with a loop
...
Mark George
committed
on 6 May
|
|
|
Update Bouncy Castle
Mark George
committed
on 6 May
|
|
| 2021-10-02 |
Overwrite byte arrays in check method
Mark George
committed
on 2 Oct 2021
|
|
Update README.md
Mark George
committed
on 2 Oct 2021
|
|
| 2021-07-09 |
Updated deps, upped work factor, add timing tests
Chris Edwards
committed
on 9 Jul 2021
|
| 2020-10-04 |
Update bouncy castle dependency
Mark George
committed
on 4 Oct 2020
|
| 2018-12-13 |
log2 now complains if it is given a number that is not a power of 2.
Mark George
committed
on 13 Dec 2018
|
|
Minor edit.
Mark George
committed
on 13 Dec 2018
|
|
| 2018-11-22 |
More markdown fixes.
Mark George
committed
on 22 Nov 2018
|
|
Fixed header problem in README.
Mark George
committed
on 22 Nov 2018
|
|
|
Added example and README.
Mark George
committed
on 22 Nov 2018
|
|
|
Switched to CharSequence/CharBuffer.
Mark George
committed
on 22 Nov 2018
|
|
| 2018-11-16 |
Initial commit.
Mark George
committed
on 16 Nov 2018
|