private void getSaltedPasswordFromPasswordChars(char[] passwordChars, ByteStringBuilder b)
throws SaslException {
StringPrep.encode(passwordChars, b, StringPrep.PROFILE_SASL_STORED);
Arrays.fill(passwordChars, (char) 0); // wipe out the password
passwordChars = new String(b.toArray(), StandardCharsets.UTF_8).toCharArray();
b.setLength(0);
iterationCount = algorithmSpec.getIterationCount();
salt = algorithmSpec.getSalt();
if (iterationCount < minimumIterationCount) {
throw log.saslIterationCountIsTooLow(
getMechanismName(), iterationCount, minimumIterationCount);
} else if (iterationCount > maximumIterationCount) {
throw log.saslIterationCountIsTooHigh(
getMechanismName(), iterationCount, maximumIterationCount);
}
if (salt == null) {
throw log.saslSaltMustBeSpecified(getMechanismName());
}
try {
saltedPassword =
ScramUtil.calculateHi(mac, passwordChars, salt, 0, salt.length, iterationCount);
Arrays.fill(passwordChars, (char) 0); // wipe out the password
} catch (InvalidKeyException e) {
throw log.saslInvalidMacInitializationKey(getMechanismName());
}
}
private SunUnixMD5CryptPasswordImpl(
final String algorithm, final char[] password, final IteratedSaltedPasswordAlgorithmSpec spec)
throws NoSuchAlgorithmException {
this(
algorithm,
password,
spec.getSalt() == null
? PasswordUtil.generateRandomSalt(DEFAULT_SALT_SIZE)
: spec.getSalt().clone(),
spec.getIterationCount());
}