From f3d25a49430aa81626a0b26d00685c09b08332d8 Mon Sep 17 00:00:00 2001
From: ludovicp <ludovicp@localhost>
Date: Mon, 05 Jul 2010 09:34:28 +0000
Subject: [PATCH] Fix issue #2448. Improves error messages with password storage schemes when attempting to set a key length greater than allowed by the "Strong juridiction" policy files.
---
opendj-sdk/opends/src/server/org/opends/server/crypto/CryptoManagerImpl.java | 12 +++++++++++-
1 files changed, 11 insertions(+), 1 deletions(-)
diff --git a/opendj-sdk/opends/src/server/org/opends/server/crypto/CryptoManagerImpl.java b/opendj-sdk/opends/src/server/org/opends/server/crypto/CryptoManagerImpl.java
index 7e6a94c..039da6c 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/crypto/CryptoManagerImpl.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/crypto/CryptoManagerImpl.java
@@ -22,7 +22,7 @@
* CDDL HEADER END
*
*
- * Copyright 2006-2009 Sun Microsystems, Inc.
+ * Copyright 2006-2010 Sun Microsystems, Inc.
* Portions Copyright 2009 Parametric Technology Corporation (PTC)
*/
package org.opends.server.crypto;
@@ -1526,14 +1526,24 @@
public SecretKeyEntry(final String algorithm, final int keyLengthBits)
throws CryptoManagerException {
KeyGenerator keyGen;
+ int maxAllowedKeyLengthBits;
try {
keyGen = KeyGenerator.getInstance(algorithm);
+ maxAllowedKeyLengthBits = Cipher.getMaxAllowedKeyLength(algorithm);
}
catch (NoSuchAlgorithmException ex) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_INVALID_SYMMETRIC_KEY_ALGORITHM.get(
algorithm, getExceptionMessage(ex)), ex);
}
+ //See if key length is beyond the permissible value.
+ if(maxAllowedKeyLengthBits < keyLengthBits)
+ {
+ throw new CryptoManagerException(
+ ERR_CRYPTOMGR_INVALID_SYMMETRIC_KEY_LENGTH.get(keyLengthBits,
+ maxAllowedKeyLengthBits));
+ }
+
keyGen.init(keyLengthBits, secureRandom);
final byte[] key = keyGen.generateKey().getEncoded();
--
Gitblit v1.10.0