This should not be happening. I'm using the "Basic" encoder
(Base64.getEncoder()), which, per the Base64 Javadoc, should not be
inserting any line feed/line separator characters.
On 07/27/2017 06:31 AM, Rudy De
During the tests I was writing for
Pbkdf2PasswordHashImpl, I saw that
Pbkdf2PasswordHashImpl#generate() generates a result with line
breaks in it.
(the above example is when using a longer salt and longer
key size, both 64)
This is due to the fact that the Base64 algorithm adds line
breaks after every 76 character.
But these line breaks makes the Base64 invalid when we call
the verify() method with this kind of values.
My proposal is to remove them (the line breaks) during
generation of the hash (generate() method) and also clean them
out before base64 decoding (decode() method)
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803