[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU Crypto] Passwords Immutable?
From: |
Bryan Hoover |
Subject: |
Re: [GNU Crypto] Passwords Immutable? |
Date: |
Wed, 14 Apr 2004 18:54:11 -0400 |
See response at end of your (Casey's) message.
Casey Marshall wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> >>>>> "Bryan" == Bryan Hoover <address@hidden> writes:
>
> Bryan> So there may be a couple of minor implementation questions:
>
> Bryan> 1. Should Password make a copy?
>
> I think it should in the constructor, and probably a (byte[],int,int)
> constructor should be added.
> Bryan> 2. Should SRPClient this.password be char[] or Password?
>
> I'd say Password, because if Password.destroy() is called we wouldn't
> want a variable to change on us without notice.
>
> Bryan> Finally, I wasn't sure whether to throw an exception on
> Bryan> password access attempts subsequent to calling destroy(). I do
> Bryan> not.
>
> Probably an `IllegalStateException' is appropriate when getPassword is
> called on a destroyed object. It's arguably better then letting code
> use erased passwords, and failing in difficult-to-understand ways.
>
> Bryan> Sorry so wordy.
>
> Bryan> Feel free to use or not -- though I hope you will. I can also
> Bryan> add the code to pivot (and whatever else) relative to which
> Bryan> password property use if you want to go with the additional
> Bryan> property option for compatibility. I had fun doing it, and
> Bryan> will use it in my compile.
>
> We'd need copyright assignment in order to include these patches. But
> this is a really simple thing to do, so I can implement this myself.
> That is, of course, unless you have a desire to contribute more ;)
Okay to all of the above, and sure thing, I would like to contribute
more.
Let me know what, if anything, I need to do relative to copyright
assignment.
Bryan
> - --
> Casey Marshall || address@hidden
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
> Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/>
>
> iD8DBQFAfbIrgAuWMgRGsWsRAjvEAJoD/i9gXcuJJhR3ROOOtwAJiTiwVACdHDLy
> TS50QYsRlWhWcKIKQVgF4so=
> =L6mt
> -----END PGP SIGNATURE-----
--
And people flock around the poet and say: 'Sing again soon' - that is,
'May new sufferings torment your soul but your lips be fashioned as
before, for the cry would only frighten us, but the music, that is
blissful.' - (Soren Kierkegaard - Either/Or)
http://www.wecs.com/content.htm
This signature file is generated by Pick-a-Tag !
Written by Jeroen van Vaarsel
http://www.google.com/search?hl=en&ie=ISO-8859-1&q=pick-a-tag
- [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/12
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/12
- Re: [GNU Crypto] Passwords Immutable?, Matthew Sackman, 2004/04/12
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/12
- Re: [GNU Crypto] Passwords Immutable?, Matthew Sackman, 2004/04/12
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/12
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/14
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/14
- Re: [GNU Crypto] Passwords Immutable?,
Bryan Hoover <=
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/15
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/20
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/21
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/21
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/21
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/22
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/22
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/23
- Re: [GNU Crypto] Passwords Immutable?, Matthew Sackman, 2004/04/16
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/16