Re: [GNU Crypto] Passwords Immutable?

Bryan Hoover <bhoover@xxxxxxxx> · Thu, 15 Apr 2004 19:34:20 -0400

See inline.

Casey Marshall wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> >>>>> "Bryan" == Bryan Hoover <bhoover@xxxxxxxx> writes:
> 
> Bryan> So there may be a couple of minor implementation questions:
> 
> Bryan> 1.  Should Password make a copy?
> 
> I think it should in the constructor, and probably a (byte[],int,int)
> constructor should be added.
> 
> Bryan> 2.  Should SRPClient this.password be char[] or Password?
> 
> I'd say Password, because if Password.destroy() is called we wouldn't
> want a variable to change on us without notice.
> 
> Bryan> Finally, I wasn't sure whether to throw an exception on
> Bryan> password access attempts subsequent to calling destroy().  I do
> Bryan> not.
> 
> Probably an `IllegalStateException' is appropriate when getPassword is
> called on a destroyed object. It's arguably better then letting code
> use erased passwords, and failing in difficult-to-understand ways.
> 
> Bryan> Sorry so wordy.
> 
> Bryan> Feel free to use or not -- though I hope you will.  I can also
> Bryan> add the code to pivot (and whatever else) relative to which
> Bryan> password property use if you want to go with the additional
> Bryan> property option for compatibility.  I had fun doing it, and
> Bryan> will use it in my compile.
> 
> We'd need copyright assignment in order to include these patches. But
> this is a really simple thing to do, so I can implement this myself.
> That is, of course, unless you have a desire to contribute more ;)

Password.java, and patches attached.

I noticed some editor parsing irregularity with SaslConnection.java
probably related to binary/ascii, cr/lf system differences.  So there
are ascii, and binary versions of patches.  On my Freebsd account, I was
okay using the binary patch with SaslConnection.java, and the ascii
patch with SRPClient.java.  Do make back-ups before applying.

For symmetry, I guess, I added a char[] constructor with indexes, and a
byte[] constructor without, as well as the byte[] with, and char[]
without ones.  

A byte[] getBytes() function was also added.

Tested fine with the sourceforge project I'm interfacing it with.

I'll start the copyright assignment process right away.

Bryan

> - --
> Casey Marshall || csm@xxxxxxx
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
> Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/>
> 
> iD8DBQFAfbIrgAuWMgRGsWsRAjvEAJoD/i9gXcuJJhR3ROOOtwAJiTiwVACdHDLy
> TS50QYsRlWhWcKIKQVgF4so=
> =L6mt
> -----END PGP SIGNATURE-----

-- 
And people flock around the poet and say:  'Sing again soon' - that is,
'May new sufferings torment your soul but your lips be fashioned as
before, for the cry would only frighten us, but the music, that is
blissful.' - (Soren Kierkegaard - Either/Or)

http://www.wecs.com/content.htm

This signature file is generated by Pick-a-Tag !
Written by Jeroen van Vaarsel
http://www.google.com/search?hl=en&ie=ISO-8859-1&q=pick-a-tag