[GNU Crypto] Binary key initialisation in PBKDF2

[Stephen White]

Some code I'm working on requires the use of PBKDF2, but requires that
it operate on specific binary data.  The implementation of PBKDF2 in GNU
Crypto takes a password as a char[], which is then converted to a byte[]
using the default character set (or UTF-8 in the latest codebase).  This
makes it impossible to pass in arbitary binary data as the 'password',
something which I need to be able to do for interoperability reasons.

I have added the option to use a new attribute IPBE.MAC_KEY_MATERIAL
instead of IPBE.PASSWORD in the initialisation data to the setup()
routine in my local copy of PBKDF2.java.  If provided this attibute is
interpreted as the literal byte[] to use as the key, avoiding the char
-> byte conversion issues.

My modified key/password initialisaion code is:

   byte[] key = (byte[]) attributes.get(IPBE.MAC_KEY_MATERIAL);
   char[] password = (char[]) attributes.get(IPBE.PASSWORD);
   if (password != null) {
      try {
        key = new String(password).getBytes("UTF-8");
      } catch (UnsupportedEncodingException uee) {
         throw new Error(uee.getMessage());
      }
   }
   
   if (key != null) {
     macAttrib.put(IMac.MAC_KEY_MATERIAL, key);
   } else if (!initialised) {
      throw new IllegalArgumentException("no password specified");
   } // otherwise re-use previous password.


It would be helpful to me, and possibly others, if this code (or an 
alternative implementation of a similar idea) could be included in the 
standard gnu.crypto codebase.

Many thanks,

-- 
Stephen White