Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-18 13:49:53 +01:00
Code Issues Projects Releases Wiki Activity

Use SHA-384 rather than SHA-1 for PBKDF2.

Browse Source
This commit is contained in:
akwizgran
2014-01-15 13:57:41 +00:00
parent 941f088781
commit c146da2e7a
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
briar-core/src/org/briarproject/crypto/CryptoComponentImpl.java
View File

@@ -36,6 +36,7 @@ import org.briarproject.util.ByteUtils;
import org.spongycastle.crypto.AsymmetricCipherKeyPair; import org.spongycastle.crypto.AsymmetricCipherKeyPair;
import org.spongycastle.crypto.BlockCipher; import org.spongycastle.crypto.BlockCipher;
import org.spongycastle.crypto.CipherParameters; import org.spongycastle.crypto.CipherParameters;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.Mac; import org.spongycastle.crypto.Mac;
import org.spongycastle.crypto.agreement.ECDHCBasicAgreement; import org.spongycastle.crypto.agreement.ECDHCBasicAgreement;
import org.spongycastle.crypto.digests.SHA384Digest; import org.spongycastle.crypto.digests.SHA384Digest;
@@ -458,7 +459,8 @@ class CryptoComponentImpl implements CryptoComponent {
// Password-based key derivation function - see PKCS#5 v2.1, section 5.2 // Password-based key derivation function - see PKCS#5 v2.1, section 5.2
private byte[] pbkdf2(char[] password, byte[] salt, int iterations) { private byte[] pbkdf2(char[] password, byte[] salt, int iterations) {
byte[] utf8 = toUtf8ByteArray(password); byte[] utf8 = toUtf8ByteArray(password);
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(); Digest digest = new SHA384Digest();
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(digest);
gen.init(utf8, salt, iterations); gen.init(utf8, salt, iterations);
int keyLengthInBits = CIPHER_KEY_BYTES * 8; int keyLengthInBits = CIPHER_KEY_BYTES * 8;
CipherParameters p = gen.generateDerivedParameters(keyLengthInBits); CipherParameters p = gen.generateDerivedParameters(keyLengthInBits);
@@ -500,7 +502,8 @@ class CryptoComponentImpl implements CryptoComponent {
byte[] salt = new byte[PBKDF_SALT_BYTES]; byte[] salt = new byte[PBKDF_SALT_BYTES];
int keyLengthInBits = CIPHER_KEY_BYTES * 8; int keyLengthInBits = CIPHER_KEY_BYTES * 8;
long start = System.nanoTime(); long start = System.nanoTime();
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(); Digest digest = new SHA384Digest();
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(digest);
gen.init(password, salt, iterations); gen.init(password, salt, iterations);
gen.generateDerivedParameters(keyLengthInBits); gen.generateDerivedParameters(keyLengthInBits);
return System.nanoTime() - start; return System.nanoTime() - start;
@@ -514,7 +517,7 @@ class CryptoComponentImpl implements CryptoComponent {
return list.get(size / 2 - 1) + list.get(size / 2) / 2; return list.get(size / 2 - 1) + list.get(size / 2) / 2;
} }
byte[] toUtf8ByteArray(char[] c) { private byte[] toUtf8ByteArray(char[] c) {
ByteArrayOutputStream out = new ByteArrayOutputStream(); ByteArrayOutputStream out = new ByteArrayOutputStream();
try { try {
Strings.toUTF8ByteArray(c, out); Strings.toUTF8ByteArray(c, out);