Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for PBKDF2 algorithms #442

Closed
wants to merge 5 commits into from
Closed

Add support for PBKDF2 algorithms #442

wants to merge 5 commits into from

Conversation

jasonkatonica
Copy link
Member

@jasonkatonica jasonkatonica commented Feb 6, 2025
edited
Loading

The following algorithms will be added to the OpenJCEPlusFIPS provider:

  • PBKDF2WithHmacSHA224
  • PBKDF2WithHmacSHA256
  • PBKDF2WithHmacSHA384
  • PBKDF2WithHmacSHA512

The following algorithms will be added to the OpenJCEPlus provider:

  • PBKDF2WithHmacSHA1
  • PBKDF2WithHmacSHA224
  • PBKDF2WithHmacSHA256
  • PBKDF2WithHmacSHA384
  • PBKDF2WithHmacSHA512

Updates required include:

  • Adding a new PBKDF2Core class based on OpenJDK.
  • Adding a new PBKDF2KeyImpl class based on OpenJDK yet modified to make use of the OCKC library to perform PBKDF2 key derivations.
  • New JNI code to call a new native method to derive a key using PBKDF2 from a given password, salt, iteration count, and desired key length.
  • Updates in makefiles to allow the new PBKDF.c file to be built into the JNI dll.
  • A new set of interoperability test was created to enforce that we get the same results from SunJCE, OpenJCEPlus, OpenJCEPlusFIPS for the KeyFactory methods generateSecret, translateKey, and getKeySpec.
  • A new test was introduce to drive various KAT and error paths.

Back-ported from: #432

Signed-off-by: Jason Katonica [email protected]

@jasonkatonica
Add support for PBKDF2 algorithms
324d104 
The following algorithms will be added to the OpenJCEPlusFIPS provider:
- PBKDF2WithHmacSHA224
- PBKDF2WithHmacSHA256
- PBKDF2WithHmacSHA384
- PBKDF2WithHmacSHA512

The following algorithms will be added to the OpenJCEPlus provider:
- PBKDF2WithHmacSHA1
- PBKDF2WithHmacSHA224
- PBKDF2WithHmacSHA256
- PBKDF2WithHmacSHA384
- PBKDF2WithHmacSHA512

Updates required include:
- Adding a new PBKDF2Core class based on OpenJDK.
- Adding a new PBKDF2KeyImpl class based on OpenJDK yet modified to
make use of the OCKC library to perform PBKDF2 key derivations.
- New JNI code to call a new native method to derive a key using PBKDF2
from a given password, salt, iteration count, and desired key length.
- Updates in makefiles to allow the new PBKDF.c file to be built into
the JNI dll.
- A new set of interoperability test was created to enforce that we get the same
results from SunJCE, OpenJCEPlus, OpenJCEPlusFIPS for the KeyFactory
methods `generateSecret`, `translateKey`, and `getKeySpec`.
- A new test was introduce to drive various KAT and error paths.

Signed-off-by: Jason Katonica <[email protected]>
@jasonkatonica
Fix compilation on 11
3e46214
@jasonkatonica
Hash code logic specific to Java 17
fea02bc
@jasonkatonica
More casting issues on 11
32804c1
@jasonkatonica
Remove serial and more fixes
a721b85
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jasonkatonica