| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Some code I'm working on requires the use of PBKDF2, but requires that
it operate on specific binary data. The implementation of PBKDF2 in GNU
Crypto takes a password as a char[], which is then converted to a byte[]
using the default character set (or UTF-8 in the latest codebase). This
makes it impossible to pass in arbitary binary data as the 'password',
something which I need to be able to do for interoperability reasons.
I have added the option to use a new attribute IPBE.MAC_KEY_MATERIAL
instead of IPBE.PASSWORD in the initialisation data to the setup()
routine in my local copy of PBKDF2.java. If provided this attibute is
interpreted as the literal byte[] to use as the key, avoiding the char
-> byte conversion issues.
My modified key/password initialisaion code is:
byte[] key = (byte[]) attributes.get(IPBE.MAC_KEY_MATERIAL);
char[] password = (char[]) attributes.get(IPBE.PASSWORD);
if (password != null) {
try {
key = new String(password).getBytes("UTF-8");
} catch (UnsupportedEncodingException uee) {
throw new Error(uee.getMessage());
}
}
if (key != null) {
macAttrib.put(IMac.MAC_KEY_MATERIAL, key);
} else if (!initialised) {
throw new IllegalArgumentException("no password specified");
} // otherwise re-use previous password.
It would be helpful to me, and possibly others, if this code (or an
alternative implementation of a similar idea) could be included in the
standard gnu.crypto codebase.
Many thanks,
--
Stephen White
_______________________________________________
gnu-crypto-discuss mailing list
gnu-crypto-discuss@xxxxxxx
http://lists.gnu.org/mailman/listinfo/gnu-crypto-discuss
[Home] [Gnu Classpath] [Linux Kernel] [Linux Cryptography] [Fedora] [Fedora Directory] [Red Hat Development] [Red Hat 9 Bible] [Fedora Bible] [Red Hat 9] [Network Security Reading]
|