How about
this.prf = (passwdBytes.length == 0) ?
Mac.getInstance(prfAlgo, SunJCE.getInstance()) :
Mac.getInstance(prfAlgo);
Mac is only implemented in SunPKCS11 and SunJCE out-of-box, so this
saves an extra getInstance() call.
If a 3rd party provider is involved, I'm not sure it supports an empty
password (I have a feeling that except for Java everyone else are using
the same C codes. Maybe not Microsoft), and this call is safer.
--Max
On 8/20/2016 5:18, Valerie Peng wrote:
Looks fine to me.
Thanks,
Valerie
On 8/19/2016 9:57 AM, Vincent Ryan wrote:
Please review this fix to PBE key derivation function which detects
when a non-empty password
is supplied to the SunPKCS11-Solaris JCE provider and fails over to
the SunJCE provider instead.
Thanks.
Bug: https://bugs.openjdk.java.net/browse/JDK-8164494
Webrev: http://cr.openjdk.java.net/~vinnie/8164494/webrev.00/
<http://cr.openjdk.java.net/%7Evinnie/8164494/webrev.00/>
