Fix KEY_LENGTH for PBKDF2 by specifying it in bits rather than bytes

uio-bmi · Jan 20, 2025 · 8226b6d · 8226b6d
1 parent b3b97f5
commit 8226b6d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/main/java/no/uio/ifi/crypt4gh/pojo/key/KDF.java b/src/main/java/no/uio/ifi/crypt4gh/pojo/key/KDF.java
@@ -38,7 +38,7 @@ public byte[] derive(int rounds, char[] password, byte[] salt) throws GeneralSec
             case BCRYPT:
                 return BKDF.createKdf().derive(salt, password, (int) (Math.log(rounds) / Math.log(2)), null, KEY_LENGTH);
             case PBKDF2_HMAC_SHA256:
-                KeySpec spec = new PBEKeySpec(password, salt, rounds, KEY_LENGTH);
+                KeySpec spec = new PBEKeySpec(password, salt, rounds, KEY_LENGTH*8);
                 SecretKeyFactory factory = SecretKeyFactory.getInstance(PBKDF_2_WITH_HMAC_SHA_256);
                 return factory.generateSecret(spec).getEncoded();
             case NONE: