2006-04-19 Raif S. Naffah <raif@swiftdsl.com.au>

Suggested by Stephen White <stephen-gnu-crypto@randomstuff.org.uk> * gnu/javax/crypto/prng/IPBE.java: Updated documentation. (ITERATION_COUNT): Removed modifiers. (PASSWORD): Likewise. (SALT): Likewise. (PASSWORD_ENCODING): New property. (DEFAULT_PASSWORD_ENCODING): New constant. * gnu/javax/crypto/prng/PBKDF2.java (setup): Check for MAC's raw key material (bytes) before a password (chars).
author: Raif S. Naffah <raif@swiftdsl.com.au> 2006-04-19 11:57:44 +0000
committer: Raif S. Naffah <raif@swiftdsl.com.au> 2006-04-19 11:57:44 +0000
commit: 6022ac19d225fd5d7613db73d3336c925b0a81b8 (patch)
tree: db8f3c722d3812ba6449d931588cb9c8361c5ad3 /gnu/javax/crypto
parent: 20e6ccb06418934b1f946369df40c53370153fab (diff)
download: classpath-6022ac19d225fd5d7613db73d3336c925b0a81b8.tar.gz
2 files changed, 39 insertions, 14 deletions
diff --git a/gnu/javax/crypto/prng/IPBE.java b/gnu/javax/crypto/prng/IPBE.java
index ef0f3aa48..66921d635 100644
--- a/gnu/javax/crypto/prng/IPBE.java
+++ b/gnu/javax/crypto/prng/IPBE.java
@@ -39,29 +39,43 @@ exception statement from your version.  */
 package gnu.javax.crypto.prng;
 
 /**
- * <p>Trivial interface to group Password-based encryption property names.</p>
+ * Trivial interface to group Password-based encryption property names and
+ * constants.
  */
 public interface IPBE
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
   /**
    * Property name for the iteration count in a PBE algorithm. The property
    * associated with this is expected to be an {@link Integer}.
    */
-  public static final String ITERATION_COUNT = "gnu.crypto.pbe.iteration.count";
+  String ITERATION_COUNT = "gnu.crypto.pbe.iteration.count";
 
   /**
    * Property name for the password in a PBE algorithm. The property associated
    * with this is expected to be a char array.
    */
-  public static final String PASSWORD = "gnu.crypto.pbe.password";
+  String PASSWORD = "gnu.crypto.pbe.password";
+
+  /**
+   * Property name for the password character encoding in a PBE algorithm. The
+   * property associated with this is expected to be a String denoting a valid
+   * character-encoding name. If this property is not set, and a password is
+   * used, then {@link #DEFAULT_PASSWORD_ENCODING} will be used when converting
+   * the password character(s) to bytes.
+   */
+  String PASSWORD_ENCODING = "gnu.crypto.pbe.password.encoding";
 
   /**
    * Property name for the salt in a PBE algorithm. The property associated
    * with this is expected to be a byte array.
    */
-  public static final String SALT = "gnu.crypto.pbe.salt";
+  String SALT = "gnu.crypto.pbe.salt";
+
+  /**
+   * The default character set encoding name to be used if (a) a password is
+   * to be used as the source for a PBE-based Key Derivation Function (KDF) and
+   * (b) no character set encoding name was specified among the attributes used
+   * to initialize the instance.
+   */
+  String DEFAULT_PASSWORD_ENCODING = "UTF-8";
 }
diff --git a/gnu/javax/crypto/prng/PBKDF2.java b/gnu/javax/crypto/prng/PBKDF2.java
index 78e4ae0da..d39cd0a65 100644
--- a/gnu/javax/crypto/prng/PBKDF2.java
+++ b/gnu/javax/crypto/prng/PBKDF2.java
@@ -127,23 +127,34 @@ public class PBKDF2 extends BasePRNG implements Cloneable
         salt = s;
       }
 
+    byte[] macKeyMaterial;
     char[] password = (char[]) attributes.get(IPBE.PASSWORD);
     if (password != null)
       {
+        String encoding = (String) attributes.get(IPBE.PASSWORD_ENCODING);
+        if (encoding == null || encoding.trim().length() == 0)
+          encoding = IPBE.DEFAULT_PASSWORD_ENCODING;
+        else
+          encoding = encoding.trim();
+
         try
           {
-            macAttrib.put(IMac.MAC_KEY_MATERIAL,
-                          new String(password).getBytes("UTF-8"));
+            macKeyMaterial = new String(password).getBytes(encoding);
           }
         catch (UnsupportedEncodingException uee)
           {
-            throw new Error(uee.getMessage());
+            throw new IllegalArgumentException("Unknown or unsupported encoding: "
+                                               + encoding, uee);
           }
       }
+    else
+      macKeyMaterial = (byte[]) attributes.get(IMac.MAC_KEY_MATERIAL);
+
+    if (macKeyMaterial != null)
+      macAttrib.put(IMac.MAC_KEY_MATERIAL, macKeyMaterial);
     else if (!initialised)
-      {
-        throw new IllegalArgumentException("no password specified");
-      } // otherwise re-use previous password.
+      throw new IllegalArgumentException("Neither password nor key-material were specified");
+    // otherwise re-use previous password/key-material
 
     try
       {
author	Raif S. Naffah <raif@swiftdsl.com.au>	2006-04-19 11:57:44 +0000
committer	Raif S. Naffah <raif@swiftdsl.com.au>	2006-04-19 11:57:44 +0000
commit	6022ac19d225fd5d7613db73d3336c925b0a81b8 (patch)
tree	db8f3c722d3812ba6449d931588cb9c8361c5ad3 /gnu/javax/crypto
parent	20e6ccb06418934b1f946369df40c53370153fab (diff)
download	classpath-6022ac19d225fd5d7613db73d3336c925b0a81b8.tar.gz