Increase the iteration count of KDF and stop using SHA1, 3DES and hardcoded credentials

[Gax-c]

Hi, I'm new to elasticsearch, and when I was browsing the code I found some potential risks.

1. The iteration count for PBEKeySpec is only 1024 which is not sufficiently high to protect against brute-force attacks here.

       PBEKeySpec keySpec = new PBEKeySpec(hashedPassphrase, salt, 1024, 128);

2. Similar to the previous statement, the iteration count for KDF should be at least 600,000. But in the source code there is only 10,000 here. You can refer to KDF Algorithms | Bitwarden Help Center here for more information.

   private static final int KDF_ITERATION_COUNT = 10000;

3. The broken algorithms SHA1 and 3DES are still in use here. SHA1 and 3DES have long been considered to be vulnerable, and it's insecure to use them.

       byte[] shortKey = SecretKeyFactory.getInstance("PBEWithSHA1AndDESede").generateSecret(keySpec).getEncoded();

4. the credentials are hardcoded in the code here. Although it's only the default one, it will still lead to potential risks.

   private static final char[] DEFAULT_PASS_PHRASE = "elasticsearch-license".toCharArray();

I sincerely think these suggestions can help make elasticsearch better.

[elasticsearchmachine]

Pinging @elastic/es-security (Team:Security)