From e217baab36c0346ea4057e7ac976c1f933543608 Mon Sep 17 00:00:00 2001 From: Athou Date: Tue, 9 Apr 2013 15:38:25 +0200 Subject: [PATCH] fix findbugs warnings --- .../security/PasswordEncryptionService.java | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/src/main/java/com/commafeed/backend/security/PasswordEncryptionService.java b/src/main/java/com/commafeed/backend/security/PasswordEncryptionService.java index dcde2c11..2a438618 100644 --- a/src/main/java/com/commafeed/backend/security/PasswordEncryptionService.java +++ b/src/main/java/com/commafeed/backend/security/PasswordEncryptionService.java @@ -57,32 +57,32 @@ public class PasswordEncryptionService { KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterations, derivedKeyLength); - SecretKey key = null; + byte[] bytes = null; try { SecretKeyFactory f = SecretKeyFactory.getInstance(algorithm); - key = f.generateSecret(spec); + SecretKey key = f.generateSecret(spec); + bytes = key.getEncoded(); } catch (Exception e) { // should never happen log.error(e.getMessage(), e); } - - return key.getEncoded(); + return bytes; } public byte[] generateSalt() { // VERY important to use SecureRandom instead of just Random - SecureRandom random = null; + + byte[] salt = null; try { - random = SecureRandom.getInstance("SHA1PRNG"); + SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); + + // Generate a 8 byte (64 bit) salt as recommended by RSA PKCS5 + salt = new byte[8]; + random.nextBytes(salt); } catch (NoSuchAlgorithmException e) { // should never happen log.error(e.getMessage(), e); } - - // Generate a 8 byte (64 bit) salt as recommended by RSA PKCS5 - byte[] salt = new byte[8]; - random.nextBytes(salt); - return salt; }