Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use JCA provider for implementation of PBKDF2 #1448

Merged
merged 1 commit into from
Jul 18, 2024
Merged

Use JCA provider for implementation of PBKDF2 #1448

merged 1 commit into from
Jul 18, 2024

Conversation

jyemin
Copy link
Contributor

@jyemin jyemin commented Jul 15, 2024

Previously the driver implemented the PBKDF2 (Password-based-Key-Derivative-Function) function itself. With this change it instead looks up an implementation of either PBKDF2WithHmacSHA1 or PBKDF2WithHmacSHA256 from the JCA provider via SecretKeyFactory#getInstance.

JAVA-5507

@jyemin
Use JCA provider for implementation of PBKDF2
4eac704 
Previously the driver implemented the PBKDF2 (Password-based-Key-Derivative-Function)
function itself. With this change it instead looks up an implementation of either
PBKDF2WithHmacSHA1 or PBKDF2WithHmacSHA256 from the JCA provider via
SecretKeyFactory#getInstance.

JAVA-5507
@jyemin jyemin self-assigned this Jul 15, 2024
@jyemin jyemin requested a review from vbabanin July 16, 2024 13:18
@jyemin jyemin marked this pull request as ready for review July 16, 2024 13:18
rozza
rozza approved these changes Jul 17, 2024
View reviewed changes
Copy link
Member

@rozza rozza left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - iirc we had to manually implement the algorithm so to support Java 6 & 7

vbabanin
vbabanin approved these changes Jul 18, 2024
View reviewed changes
Copy link
Member

@vbabanin vbabanin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

driver-core/src/main/com/mongodb/internal/connection/ScramShaAuthenticator.java
throw new SaslException(format("Algorithm for '%s' could not be found.", hmacAlgorithm), e);
} catch (InvalidKeyException e) {
throw new SaslException(format("Invalid key for %s", hmacAlgorithm), e);
throw new SaslException(format("Algorithm for '%s' could not be found.", pbeAlgorithm), e);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nit] This String is repeated in the code. It could be a candidate for a constant.

@jyemin
Copy link
Contributor Author

jyemin commented Jul 18, 2024

iirc we had to manually implement the algorithm so to support Java 6 & 7

Oh, good memory! I checked and found that PBKDF2WithHmacSHA1 is supported back to Java 6 but PBKDF2WithHmacSHA256 came in Java 8.

@jyemin jyemin merged commit 7d80cef into mongodb:master Jul 18, 2024
59 checks passed
@jyemin jyemin deleted the JAVA-5507 branch July 18, 2024 12:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vbabanin vbabanin vbabanin approved these changes

@rozza rozza rozza approved these changes

Assignees

@jyemin jyemin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jyemin @rozza @vbabanin