mark.george/BouncyScrypt

mark.george / BouncyScrypt

History for BouncyScrypt / src / main / java / helpers / ScryptHelper.java

2026-05-06	860fcd8 Browse files » SecureRandom.getInstanceStrong() uses /dev/random on Linux which may block if out of entropy ... new SecureRandom() uses /dev/urandom Mark George committed on 6 May
	f9a7fba Browse files » Switch to Bouncy Castle Base64 to avoid leaks Mark George committed on 6 May
	eccd206 Browse files » Reimplement toBytes to avoid Charset.encode method which may leak hashes Mark George committed on 6 May
	61cc575 Browse files » Reimplement the parsing to avoid the regex group method which creates strings that we can't sanitise. Mark George committed on 6 May
	3303fc3 Browse files » Switch to cleaner log2 implementation Mark George committed on 6 May
	324ef9a Browse files » Switch to more modern and stronger RNG Mark George committed on 6 May
	2bbdd25 Browse files » Fix potential timing attack due to manually comparing hashes with a loop ... The number of loop iterations can be used as an indication of how close a guessed hash is to the correct one. Mark George committed on 6 May
2021-10-02	76f9a3f Browse files » Overwrite byte arrays in check method Mark George committed on 2 Oct 2021
2021-07-09	4af7416 Browse files » Updated deps, upped work factor, add timing tests Chris Edwards committed on 9 Jul 2021
2018-12-13	0a22e17 Browse files » log2 now complains if it is given a number that is not a power of 2. Mark George committed on 13 Dec 2018
2018-11-22	c4e5e1d Browse files » Switched to CharSequence/CharBuffer. Mark George committed on 22 Nov 2018
2018-11-16	0835ab2 Browse files » Initial commit. Mark George committed on 16 Nov 2018