X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=basic%2Fruntime%2Forg.argeo.basic.nodeps%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Futil%2Fcrypto%2FPasswordBasedEncryption.java;h=18cccd4e1271bcf964ebc45d0d8e90ccc96a0c66;hb=6bb0606505be3e99021c5ff9771c719eb1e1f2e7;hp=b1c18eb82a9fca0515048e8b9c96fdc22b47470c;hpb=9de5b5babb1d3676b89ceed1e27b67f81c798625;p=lgpl%2Fargeo-commons.git diff --git a/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/PasswordBasedEncryption.java b/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/PasswordBasedEncryption.java index b1c18eb82..18cccd4e1 100644 --- a/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/PasswordBasedEncryption.java +++ b/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/PasswordBasedEncryption.java @@ -40,16 +40,29 @@ public class PasswordBasedEncryption { private final Cipher ecipher; private final Cipher dcipher; + /** + * This is up to the caller to clear the passed array. Neither copy of nor + * reference to the passed array is kept + */ public PasswordBasedEncryption(char[] password) { + this(password, DEFAULT_SALT_8, DEFAULT_IV_16); + } + + /** + * This is up to the caller to clear the passed array. Neither copies of nor + * references to the passed arrays are kept + */ + public PasswordBasedEncryption(char[] password, byte[] passwordSalt, + byte[] initializationVector) { try { byte[] salt = new byte[8]; - System.arraycopy(DEFAULT_SALT_8, 0, salt, 0, salt.length); - for (int i = 0; i < password.length && i < salt.length; i++) - salt[i] = (byte) password[i]; + System.arraycopy(passwordSalt, 0, salt, 0, salt.length); + // for (int i = 0; i < password.length && i < salt.length; i++) + // salt[i] = (byte) password[i]; byte[] iv = new byte[16]; - System.arraycopy(DEFAULT_IV_16, 0, iv, 0, iv.length); - for (int i = 0; i < password.length && i < iv.length; i++) - iv[i] = (byte) password[i]; + System.arraycopy(initializationVector, 0, iv, 0, iv.length); + // for (int i = 0; i < password.length && i < iv.length; i++) + // iv[i] = (byte) password[i]; SecretKeyFactory keyFac = SecretKeyFactory .getInstance(getSecretKeyFactoryName());