github #262 added settable digest to OpenSSL PBE generator
1 files changed, 28 insertions, 12 deletions
diff --git a/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs b/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs
index 8da5d3ad1..1b77d3427 100644
--- a/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs
+++ b/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs
@@ -6,23 +6,39 @@ using Org.BouncyCastle.Security;
namespace Org.BouncyCastle.Crypto.Generators
{
- /**
- * Generator for PBE derived keys and ivs as usd by OpenSSL.
- * <p>
- * The scheme is a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an
- * iteration count of 1.
- * </p>
- */
+ ///
+ /// <description>
+ ///
+ /// Generator for PBE derived keys and ivs as usd by OpenSSL.
+ /// <p>
+ /// Originally this scheme was a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an
+ /// iteration count of 1. The default digest was changed to SHA-256 with OpenSSL 1.1.0. This
+ /// implementation still defaults to MD5, but the digest can now be set.
+ /// </description>
+ ///
public class OpenSslPbeParametersGenerator
: PbeParametersGenerator
{
- private readonly IDigest digest = new MD5Digest();
+ private readonly IDigest digest;
+
+ ///
+ /// <description>
+ /// Construct a OpenSSL Parameters generator - digest the original MD5.
+ /// </description>
+ ///
+ public OpenSslPbeParametersGenerator() : this(new MD5Digest())
+ {
+ }
- /**
- * Construct a OpenSSL Parameters generator.
- */
- public OpenSslPbeParametersGenerator()
+ ///
+ /// <description>
+ /// Construct a OpenSSL Parameters generator - digest as specified.
+ /// </description>
+ /// <param name="digest">the digest to use as the PRF.</param>
+ ///
+ public OpenSslPbeParametersGenerator(IDigest digest)
{
+ this.digest = digest;
}
public override void Init(
|
