39 lines
821 B
Plaintext
39 lines
821 B
Plaintext
include::../description.adoc[]
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
== Noncompliant Code Example
|
|
----
|
|
val salt = "notrandom".toByteArray()
|
|
|
|
val cipherSpec = PBEParameterSpec(salt, 10000) // Noncompliant, predictable salt
|
|
val spec = PBEKeySpec(password, salt, 10000, 256) // Noncompliant, predictable salt
|
|
----
|
|
|
|
== Compliant Solution
|
|
----
|
|
val random = SecureRandom()
|
|
val salt = ByteArray(16)
|
|
random.nextBytes(salt)
|
|
|
|
val cipherSpec = PBEParameterSpec(salt, 10000) // Compliant
|
|
val spec = PBEKeySpec(password, salt, 10000, 256) // Compliant
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|