Mark, On 9/24/14 12:27 PM, Mark Thomas wrote: > On 24/09/2014 16:59, Christopher Schultz wrote: >> Mark, >> >> On 9/24/14 5:00 AM, Mark Thomas wrote: >>> On 23/09/2014 10:49, Mark Thomas wrote: >>>> On 23/09/2014 00:56, "Gabriel E. Sánchez Martínez" wrote: >>>>> >>>>> On 09/17/2014 04:36 AM, Mark Thomas wrote: >>>>>> On 16/09/2014 22:14, Christopher Schultz wrote: >>>>>>> Mark, >>>>>>> >>>>>>> On 9/16/14 3:39 PM, Mark Thomas wrote: >>>>>>>> Updated patch: >>>>>>>> http://people.apache.org/~markt/patches/2014-09-16-bug56403-tc8-v2.patch >>>>>>>> >>>>> It's looking good! >>>> >>>> I have an updated version I need to upload that addresses the remaining >>>> issues. >>> >>> Version 3: >>> http://people.apache.org/~markt/patches/2014-09-24-bug56403-tc8-v3.patch >> >> Looks good. >> >> I'm just curious: why did you call the class that does PBKDF2 >> PBECredentialFilter? Does that stand for "Password-based >> encryption/encoding"? > > It does. > >> PBE is often used for "password-based encryption" but here we aren't >> actually doing any encryption; we're just doing the password part. >> Naming this class is tough because technically it can use any algorithm >> that works with Java's SecretKey API. > > SecretKeyCredentialHandler? > >> Also, why does ConcurrentMessageDigest.digest have a varargs byte[] >> parameter? Is it useful to be able to accept more than one byte array to >> that method? > > Yes. You want to be able to pass either just the password or the salt > and the password.
Gotcha. +1 for commit. -chris
signature.asc
Description: OpenPGP digital signature
