[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNU Crypto] Binary key initialisation in PBKDF2
From: |
Stephen White |
Subject: |
[GNU Crypto] Binary key initialisation in PBKDF2 |
Date: |
Sat, 15 Apr 2006 00:42:25 +0100 |
User-agent: |
Mutt/1.5.9i |
Some code I'm working on requires the use of PBKDF2, but requires that
it operate on specific binary data. The implementation of PBKDF2 in GNU
Crypto takes a password as a char[], which is then converted to a byte[]
using the default character set (or UTF-8 in the latest codebase). This
makes it impossible to pass in arbitary binary data as the 'password',
something which I need to be able to do for interoperability reasons.
I have added the option to use a new attribute IPBE.MAC_KEY_MATERIAL
instead of IPBE.PASSWORD in the initialisation data to the setup()
routine in my local copy of PBKDF2.java. If provided this attibute is
interpreted as the literal byte[] to use as the key, avoiding the char
-> byte conversion issues.
My modified key/password initialisaion code is:
byte[] key = (byte[]) attributes.get(IPBE.MAC_KEY_MATERIAL);
char[] password = (char[]) attributes.get(IPBE.PASSWORD);
if (password != null) {
try {
key = new String(password).getBytes("UTF-8");
} catch (UnsupportedEncodingException uee) {
throw new Error(uee.getMessage());
}
}
if (key != null) {
macAttrib.put(IMac.MAC_KEY_MATERIAL, key);
} else if (!initialised) {
throw new IllegalArgumentException("no password specified");
} // otherwise re-use previous password.
It would be helpful to me, and possibly others, if this code (or an
alternative implementation of a similar idea) could be included in the
standard gnu.crypto codebase.
Many thanks,
--
Stephen White
- [GNU Crypto] Binary key initialisation in PBKDF2,
Stephen White <=