diff options
author | Raif S. Naffah <raif@swiftdsl.com.au> | 2006-04-19 11:57:44 +0000 |
---|---|---|
committer | Raif S. Naffah <raif@swiftdsl.com.au> | 2006-04-19 11:57:44 +0000 |
commit | 6022ac19d225fd5d7613db73d3336c925b0a81b8 (patch) | |
tree | db8f3c722d3812ba6449d931588cb9c8361c5ad3 /gnu/javax/crypto | |
parent | 20e6ccb06418934b1f946369df40c53370153fab (diff) | |
download | classpath-6022ac19d225fd5d7613db73d3336c925b0a81b8.tar.gz |
2006-04-19 Raif S. Naffah <raif@swiftdsl.com.au>
Suggested by Stephen White <stephen-gnu-crypto@randomstuff.org.uk>
* gnu/javax/crypto/prng/IPBE.java: Updated documentation.
(ITERATION_COUNT): Removed modifiers.
(PASSWORD): Likewise.
(SALT): Likewise.
(PASSWORD_ENCODING): New property.
(DEFAULT_PASSWORD_ENCODING): New constant.
* gnu/javax/crypto/prng/PBKDF2.java (setup): Check for MAC's raw key
material (bytes) before a password (chars).
Diffstat (limited to 'gnu/javax/crypto')
-rw-r--r-- | gnu/javax/crypto/prng/IPBE.java | 30 | ||||
-rw-r--r-- | gnu/javax/crypto/prng/PBKDF2.java | 23 |
2 files changed, 39 insertions, 14 deletions
diff --git a/gnu/javax/crypto/prng/IPBE.java b/gnu/javax/crypto/prng/IPBE.java index ef0f3aa48..66921d635 100644 --- a/gnu/javax/crypto/prng/IPBE.java +++ b/gnu/javax/crypto/prng/IPBE.java @@ -39,29 +39,43 @@ exception statement from your version. */ package gnu.javax.crypto.prng; /** - * <p>Trivial interface to group Password-based encryption property names.</p> + * Trivial interface to group Password-based encryption property names and + * constants. */ public interface IPBE { - - // Constants - // ------------------------------------------------------------------------- - /** * Property name for the iteration count in a PBE algorithm. The property * associated with this is expected to be an {@link Integer}. */ - public static final String ITERATION_COUNT = "gnu.crypto.pbe.iteration.count"; + String ITERATION_COUNT = "gnu.crypto.pbe.iteration.count"; /** * Property name for the password in a PBE algorithm. The property associated * with this is expected to be a char array. */ - public static final String PASSWORD = "gnu.crypto.pbe.password"; + String PASSWORD = "gnu.crypto.pbe.password"; + + /** + * Property name for the password character encoding in a PBE algorithm. The + * property associated with this is expected to be a String denoting a valid + * character-encoding name. If this property is not set, and a password is + * used, then {@link #DEFAULT_PASSWORD_ENCODING} will be used when converting + * the password character(s) to bytes. + */ + String PASSWORD_ENCODING = "gnu.crypto.pbe.password.encoding"; /** * Property name for the salt in a PBE algorithm. The property associated * with this is expected to be a byte array. */ - public static final String SALT = "gnu.crypto.pbe.salt"; + String SALT = "gnu.crypto.pbe.salt"; + + /** + * The default character set encoding name to be used if (a) a password is + * to be used as the source for a PBE-based Key Derivation Function (KDF) and + * (b) no character set encoding name was specified among the attributes used + * to initialize the instance. + */ + String DEFAULT_PASSWORD_ENCODING = "UTF-8"; } diff --git a/gnu/javax/crypto/prng/PBKDF2.java b/gnu/javax/crypto/prng/PBKDF2.java index 78e4ae0da..d39cd0a65 100644 --- a/gnu/javax/crypto/prng/PBKDF2.java +++ b/gnu/javax/crypto/prng/PBKDF2.java @@ -127,23 +127,34 @@ public class PBKDF2 extends BasePRNG implements Cloneable salt = s; } + byte[] macKeyMaterial; char[] password = (char[]) attributes.get(IPBE.PASSWORD); if (password != null) { + String encoding = (String) attributes.get(IPBE.PASSWORD_ENCODING); + if (encoding == null || encoding.trim().length() == 0) + encoding = IPBE.DEFAULT_PASSWORD_ENCODING; + else + encoding = encoding.trim(); + try { - macAttrib.put(IMac.MAC_KEY_MATERIAL, - new String(password).getBytes("UTF-8")); + macKeyMaterial = new String(password).getBytes(encoding); } catch (UnsupportedEncodingException uee) { - throw new Error(uee.getMessage()); + throw new IllegalArgumentException("Unknown or unsupported encoding: " + + encoding, uee); } } + else + macKeyMaterial = (byte[]) attributes.get(IMac.MAC_KEY_MATERIAL); + + if (macKeyMaterial != null) + macAttrib.put(IMac.MAC_KEY_MATERIAL, macKeyMaterial); else if (!initialised) - { - throw new IllegalArgumentException("no password specified"); - } // otherwise re-use previous password. + throw new IllegalArgumentException("Neither password nor key-material were specified"); + // otherwise re-use previous password/key-material try { |