archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8233884: Avoid looking up standard charsets in security libraries

Browse source 
Reviewed-by: coffeys
This commit is contained in:
Ivan Gerasimov 2019-11-12 01:36:17 -08:00
parent 301e068935
commit 8e859259bc
48 changed files with 317 additions and 391 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/java.base/share/classes/sun/security/provider/JavaKeyStore.java
View file

@ -32,6 +32,8 @@ import java.security.cert.CertificateFactory;
import java.security.cert.CertificateException;
import java.util.*;
import static java.nio.charset.StandardCharsets.UTF_8;
import sun.security.pkcs.EncryptedPrivateKeyInfo;
import sun.security.pkcs12.PKCS12KeyStore;
import sun.security.util.Debug;
@ -805,14 +807,14 @@ public abstract class JavaKeyStore extends KeyStoreSpi {
* hash with a bit of whitener.
*/
private MessageDigest getPreKeyedHash(char[] password)
throws NoSuchAlgorithmException, UnsupportedEncodingException
throws NoSuchAlgorithmException
{
MessageDigest md = MessageDigest.getInstance("SHA");
byte[] passwdBytes = convertToBytes(password);
md.update(passwdBytes);
Arrays.fill(passwdBytes, (byte) 0x00);
md.update("Mighty Aphrodite".getBytes("UTF8"));
md.update("Mighty Aphrodite".getBytes(UTF_8));
return md;
}