Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/src/java.base/share/classes/javax/crypto/spec/PBEKeySpec.java
41159 views
1
/*

2
 * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25


26
package javax.crypto.spec;

27


28
import java.security.spec.KeySpec;

29
import java.util.Arrays;

30


31
/**

32
 * A user-chosen password that can be used with password-based encryption

33
 * (<i>PBE</i>).

34
 *

35
 * <p>The password can be viewed as some kind of raw key material, from which

36
 * the encryption mechanism that uses it derives a cryptographic key.

37
 *

38
 * <p>Different PBE mechanisms may consume different bits of each password

39
 * character. For example, the PBE mechanism defined in

40
 * <a href="http://www.ietf.org/rfc/rfc2898.txt">

41
 * PKCS #5</a> looks at only the low order 8 bits of each character, whereas

42
 * PKCS #12 looks at all 16 bits of each character.

43
 *

44
 * <p>You convert the password characters to a PBE key by creating an

45
 * instance of the appropriate secret-key factory. For example, a secret-key

46
 * factory for PKCS #5 will construct a PBE key from only the low order 8 bits

47
 * of each password character, whereas a secret-key factory for PKCS #12 will

48
 * take all 16 bits of each character.

49
 *

50
 * <p>Also note that this class stores passwords as char arrays instead of

51
 * <code>String</code> objects (which would seem more logical), because the

52
 * String class is immutable and there is no way to overwrite its

53
 * internal value when the password stored in it is no longer needed. Hence,

54
 * this class requests the password as a char array, so it can be overwritten

55
 * when done.

56
 *

57
 * @author Jan Luehe

58
 * @author Valerie Peng

59
 *

60
 * @see javax.crypto.SecretKeyFactory

61
 * @see PBEParameterSpec

62
 * @since 1.4

63
 */

64
public class PBEKeySpec implements KeySpec {

65


66
    private char[] password;

67
    private byte[] salt = null;

68
    private int iterationCount = 0;

69
    private int keyLength = 0;

70


71
    /**

72
     * Constructor that takes a password. An empty char[] is used if

73
     * null is specified.

74
     *

75
     * <p> Note: <code>password</code> is cloned before it is stored in

76
     * the new <code>PBEKeySpec</code> object.

77
     *

78
     * @param password the password.

79
     */

80
    public PBEKeySpec(char[] password) {

81
        if ((password == null) || (password.length == 0)) {

82
            this.password = new char[0];

83
        } else {

84
            this.password = password.clone();

85
        }

86
    }

87


88


89
    /**

90
     * Constructor that takes a password, salt, iteration count, and

91
     * to-be-derived key length for generating PBEKey of variable-key-size

92
     * PBE ciphers.  An empty char[] is used if null is specified for

93
     * <code>password</code>.

94
     *

95
     * <p> Note: the <code>password</code> and <code>salt</code>

96
     * are cloned before they are stored in

97
     * the new <code>PBEKeySpec</code> object.

98
     *

99
     * @param password the password.

100
     * @param salt the salt.

101
     * @param iterationCount the iteration count.

102
     * @param keyLength the to-be-derived key length.

103
     * @exception NullPointerException if <code>salt</code> is null.

104
     * @exception IllegalArgumentException if <code>salt</code> is empty,

105
     * i.e. 0-length, <code>iterationCount</code> or

106
     * <code>keyLength</code> is not positive.

107
     */

108
    public PBEKeySpec(char[] password, byte[] salt, int iterationCount,

109
        int keyLength) {

110
        if ((password == null) || (password.length == 0)) {

111
            this.password = new char[0];

112
        } else {

113
            this.password = password.clone();

114
        }

115
        if (salt == null) {

116
            throw new NullPointerException("the salt parameter " +

117
                                            "must be non-null");

118
        } else if (salt.length == 0) {

119
            throw new IllegalArgumentException("the salt parameter " +

120
                                                "must not be empty");

121
        } else {

122
            this.salt = salt.clone();

123
        }

124
        if (iterationCount<=0) {

125
            throw new IllegalArgumentException("invalid iterationCount value");

126
        }

127
        if (keyLength<=0) {

128
            throw new IllegalArgumentException("invalid keyLength value");

129
        }

130
        this.iterationCount = iterationCount;

131
        this.keyLength = keyLength;

132
    }

133


134


135
    /**

136
     * Constructor that takes a password, salt, iteration count for

137
     * generating PBEKey of fixed-key-size PBE ciphers. An empty

138
     * char[] is used if null is specified for <code>password</code>.

139
     *

140
     * <p> Note: the <code>password</code> and <code>salt</code>

141
     * are cloned before they are stored in the new

142
     * <code>PBEKeySpec</code> object.

143
     *

144
     * @param password the password.

145
     * @param salt the salt.

146
     * @param iterationCount the iteration count.

147
     * @exception NullPointerException if <code>salt</code> is null.

148
     * @exception IllegalArgumentException if <code>salt</code> is empty,

149
     * i.e. 0-length, or <code>iterationCount</code> is not positive.

150
     */

151
    public PBEKeySpec(char[] password, byte[] salt, int iterationCount) {

152
        if ((password == null) || (password.length == 0)) {

153
            this.password = new char[0];

154
        } else {

155
            this.password = password.clone();

156
        }

157
        if (salt == null) {

158
            throw new NullPointerException("the salt parameter " +

159
                                            "must be non-null");

160
        } else if (salt.length == 0) {

161
            throw new IllegalArgumentException("the salt parameter " +

162
                                                "must not be empty");

163
        } else {

164
            this.salt = salt.clone();

165
        }

166
        if (iterationCount<=0) {

167
            throw new IllegalArgumentException("invalid iterationCount value");

168
        }

169
        this.iterationCount = iterationCount;

170
    }

171


172
    /**

173
     * Clears the internal copy of the password.

174
     *

175
     */

176
    public final void clearPassword() {

177
        if (password != null) {

178
            Arrays.fill(password, ' ');

179
            password = null;

180
        }

181
    }

182


183
    /**

184
     * Returns a copy of the password.

185
     *

186
     * <p> Note: this method returns a copy of the password. It is

187
     * the caller's responsibility to zero out the password information after

188
     * it is no longer needed.

189
     *

190
     * @exception IllegalStateException if password has been cleared by

191
     * calling <code>clearPassword</code> method.

192
     * @return the password.

193
     */

194
    public final char[] getPassword() {

195
        if (password == null) {

196
            throw new IllegalStateException("password has been cleared");

197
        }

198
        return password.clone();

199
    }

200


201
    /**

202
     * Returns a copy of the salt or null if not specified.

203
     *

204
     * <p> Note: this method should return a copy of the salt. It is

205
     * the caller's responsibility to zero out the salt information after

206
     * it is no longer needed.

207
     *

208
     * @return the salt.

209
     */

210
    public final byte[] getSalt() {

211
        if (salt != null) {

212
            return salt.clone();

213
        } else {

214
            return null;

215
        }

216
    }

217


218
    /**

219
     * Returns the iteration count or 0 if not specified.

220
     *

221
     * @return the iteration count.

222
     */

223
    public final int getIterationCount() {

224
        return iterationCount;

225
    }

226


227
    /**

228
     * Returns the to-be-derived key length or 0 if not specified.

229
     *

230
     * <p> Note: this is used to indicate the preference on key length

231
     * for variable-key-size ciphers. The actual key size depends on

232
     * each provider's implementation.

233
     *

234
     * @return the to-be-derived key length.

235
     */

236
    public final int getKeyLength() {

237
        return keyLength;

238
    }

239
}

240


241