jdk-sandbox: comparison src/java.base/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java

equal deleted inserted replaced

-:0265a70ea2a5
+:c9a3e3cac9c7
 byte[] I = new byte[s + p];
 Arrays.fill(D, (byte)type);
 concat(salt, I, 0, s);
 concat(passwd, I, s, p);
+Arrays.fill(passwd, (byte) 0x00);
 byte[] Ai;
 byte[] B = new byte[v];
 byte[] tmp = new byte[v];
 (javax.crypto.interfaces.PBEKey) key;
 passwdChars = pbeKey.getPassword();
 salt = pbeKey.getSalt(); // maybe null if unspecified
 iCount = pbeKey.getIterationCount(); // maybe 0 if unspecified
 } else if (key instanceof SecretKey) {
-byte[] passwdBytes = key.getEncoded();
+byte[] passwdBytes;
-if ((passwdBytes == null) ||
+if (!(key.getAlgorithm().regionMatches(true, 0, "PBE", 0, 3)) ||
-!(key.getAlgorithm().regionMatches(true, 0, "PBE", 0, 3))) {
+(passwdBytes = key.getEncoded()) == null) {
 throw new InvalidKeyException("Missing password");
 }
 passwdChars = new char[passwdBytes.length];
 for (int i=0; i<passwdChars.length; i++) {
 passwdChars[i] = (char) (passwdBytes[i] & 0x7f);
 }
+Arrays.fill(passwdBytes, (byte)0x00);
 } else {
 throw new InvalidKeyException("SecretKey of PBE type required");
 }
-if (((opmode == Cipher.DECRYPT_MODE) ||
+try {
-(opmode == Cipher.UNWRAP_MODE)) &&
+if (((opmode == Cipher.DECRYPT_MODE) ||
-((params == null) && ((salt == null) || (iCount == 0)))) {
+(opmode == Cipher.UNWRAP_MODE)) &&
-throw new InvalidAlgorithmParameterException
+((params == null) && ((salt == null) || (iCount == 0)))) {
-("Parameters missing");
+throw new InvalidAlgorithmParameterException
-}
+("Parameters missing");
+}
-if (params == null) {
-// generate default for salt and iteration count if necessary
+if (params == null) {
-if (salt == null) {
+// generate default for salt and iteration count if necessary
-salt = new byte[DEFAULT_SALT_LENGTH];
+if (salt == null) {
-if (random != null) {
+salt = new byte[DEFAULT_SALT_LENGTH];
-random.nextBytes(salt);
+if (random != null) {
+random.nextBytes(salt);
+} else {
+SunJCE.getRandom().nextBytes(salt);
+}
+}
+if (iCount == 0) iCount = DEFAULT_COUNT;
+} else if (!(params instanceof PBEParameterSpec)) {
+throw new InvalidAlgorithmParameterException
+("PBEParameterSpec type required");
+} else {
+PBEParameterSpec pbeParams = (PBEParameterSpec) params;
+// make sure the parameter values are consistent
+if (salt != null) {
+if (!Arrays.equals(salt, pbeParams.getSalt())) {
+throw new InvalidAlgorithmParameterException
+("Inconsistent value of salt between key and params");
+}
 } else {
-SunJCE.getRandom().nextBytes(salt);
+salt = pbeParams.getSalt();
 }
-}
+if (iCount != 0) {
-if (iCount == 0) iCount = DEFAULT_COUNT;
+if (iCount != pbeParams.getIterationCount()) {
-} else if (!(params instanceof PBEParameterSpec)) {
+throw new InvalidAlgorithmParameterException
-throw new InvalidAlgorithmParameterException
+("Different iteration count between key and params");
-("PBEParameterSpec type required");
+}
 } else {
-PBEParameterSpec pbeParams = (PBEParameterSpec) params;
+iCount = pbeParams.getIterationCount();
-// make sure the parameter values are consistent
-if (salt != null) {
-if (!Arrays.equals(salt, pbeParams.getSalt())) {
-throw new InvalidAlgorithmParameterException
-("Inconsistent value of salt between key and params");
 }
+}
+// salt is recommended to be ideally as long as the output
+// of the hash function. However, it may be too strict to
+// force this; so instead, we'll just require the minimum
+// salt length to be 8-byte which is what PKCS#5 recommends
+// and openssl does.
+if (salt.length < 8) {
+throw new InvalidAlgorithmParameterException
+("Salt must be at least 8 bytes long");
+}
+if (iCount <= 0) {
+throw new InvalidAlgorithmParameterException
+("IterationCount must be a positive number");
+}
+byte[] derivedKey = derive(passwdChars, salt, iCount,
+keySize, CIPHER_KEY);
+SecretKey cipherKey = new SecretKeySpec(derivedKey, algo);
+if (cipherImpl != null && cipherImpl instanceof ARCFOURCipher) {
+((ARCFOURCipher)cipherImpl).engineInit(opmode, cipherKey, random);
 } else {
-salt = pbeParams.getSalt();
+byte[] derivedIv = derive(passwdChars, salt, iCount, 8,
-}
+CIPHER_IV);
-if (iCount != 0) {
+IvParameterSpec ivSpec = new IvParameterSpec(derivedIv, 0, 8);
-if (iCount != pbeParams.getIterationCount()) {
-throw new InvalidAlgorithmParameterException
+// initialize the underlying cipher
-("Different iteration count between key and params");
+cipher.init(opmode, cipherKey, ivSpec, random);
 }
-} else {
+} finally {
-iCount = pbeParams.getIterationCount();
+Arrays.fill(passwdChars, '\0');
-}
-}
-// salt is recommended to be ideally as long as the output
-// of the hash function. However, it may be too strict to
-// force this; so instead, we'll just require the minimum
-// salt length to be 8-byte which is what PKCS#5 recommends
-// and openssl does.
-if (salt.length < 8) {
-throw new InvalidAlgorithmParameterException
-("Salt must be at least 8 bytes long");
-}
-if (iCount <= 0) {
-throw new InvalidAlgorithmParameterException
-("IterationCount must be a positive number");
-}
-byte[] derivedKey = derive(passwdChars, salt, iCount,
-keySize, CIPHER_KEY);
-SecretKey cipherKey = new SecretKeySpec(derivedKey, algo);
-if (cipherImpl != null && cipherImpl instanceof ARCFOURCipher) {
-((ARCFOURCipher)cipherImpl).engineInit(opmode, cipherKey, random);
-} else {
-byte[] derivedIv = derive(passwdChars, salt, iCount, 8,
-CIPHER_IV);
-IvParameterSpec ivSpec = new IvParameterSpec(derivedIv, 0, 8);
-// initialize the underlying cipher
-cipher.init(opmode, cipherKey, ivSpec, random);
 }
 }
 void implInit(int opmode, Key key, AlgorithmParameters params,
 SecureRandom random)

changeset 51504	c9a3e3cac9c7
parent 47216	71c04702a3d5