diff options
author | Adam Vartanian <flooey@google.com> | 2017-05-22 15:37:27 +0100 |
---|---|---|
committer | Adam Vartanian <flooey@google.com> | 2017-05-22 15:47:22 +0100 |
commit | 65832e311cb5fda062d79599b149232b47294fea (patch) | |
tree | dc840cc90ea0d3c91ce0f3b0976008f8d0995dc4 /bcprov/src/main/java/org/bouncycastle/jcajce/provider | |
parent | e984dbf63708351e1de1f6613d33befe91ad4dc1 (diff) | |
download | bouncycastle-65832e311cb5fda062d79599b149232b47294fea.tar.gz |
Don't use algorithm parameters if missing salt or iteration count.
The PBEKeySpec constructor doesn't allow an empty salt or iteration count,
and throws an exception if it sees one.
Bug: 38161557
Test: cts -m CtsLibcoreTestCases
Change-Id: Ib03360275e3a820efddc8de472dd4044070fdaba
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/jcajce/provider')
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java index 59b715ad..63d7b351 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java @@ -642,14 +642,17 @@ public class BaseBlockCipher { pbeSpec = (PBEParameterSpec)params; // BEGIN android-added - // At this point, k.getParam() == null, so the key hasn't been generated. Recreate - // the BCPBEKey with specs from algorithm parameters as to generate the key. - k = new BCPBEKey(k.getAlgorithm(), k.getOID(), k.getType(), k.getDigest(), - k.getKeySize(), k.getIvSize(), - new PBEKeySpec( - k.getPassword(), pbeSpec.getSalt(), pbeSpec.getIterationCount(), - k.getKeySize()), - null /* CipherParameters */); + // At this point, k.getParam() == null, so the key hasn't been generated. If + // the parameters have non-default values, recreate the BCPBEKey from algorithm + // parameters as to generate the key. + if ((pbeSpec.getSalt().length != 0) && (pbeSpec.getIterationCount() > 0)) { + k = new BCPBEKey(k.getAlgorithm(), k.getOID(), k.getType(), k.getDigest(), + k.getKeySize(), k.getIvSize(), + new PBEKeySpec( + k.getPassword(), pbeSpec.getSalt(), pbeSpec.getIterationCount(), + k.getKeySize()), + null /* CipherParameters */); + } // END android-added param = PBE.Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName()); } |