diff options
Diffstat (limited to 'libraries/spongycastle/jce/src/main/java/javax/crypto/spec/PBEKeySpec.java')
| -rw-r--r-- | libraries/spongycastle/jce/src/main/java/javax/crypto/spec/PBEKeySpec.java | 222 |
1 files changed, 0 insertions, 222 deletions
diff --git a/libraries/spongycastle/jce/src/main/java/javax/crypto/spec/PBEKeySpec.java b/libraries/spongycastle/jce/src/main/java/javax/crypto/spec/PBEKeySpec.java deleted file mode 100644 index 3727031bc..000000000 --- a/libraries/spongycastle/jce/src/main/java/javax/crypto/spec/PBEKeySpec.java +++ /dev/null @@ -1,222 +0,0 @@ -package javax.crypto.spec; - -import java.security.spec.KeySpec; - -import javax.crypto.SecretKeyFactory; - -/** - * A user-chosen password that can be used with password-based encryption (PBE). - * <p> - * The password can be viewed as some kind of raw key material, from which the - * encryption mechanism that uses it derives a cryptographic key. - * <p> - * Different PBE mechanisms may consume different bits of each password - * character. For example, the PBE mechanism defined in PKCS #5 looks at only - * the low order 8 bits of each character, whereas PKCS #12 looks at all 16 bits - * of each character. - * <p> - * You convert the password characters to a PBE key by creating an instance of - * the appropriate secret-key factory. For example, a secret-key factory for - * PKCS #5 will construct a PBE key from only the low order 8 bits of each - * password character, whereas a secret-key factory for PKCS #12 will take all - * 16 bits of each character. - * <p> - * Also note that this class stores passwords as char arrays instead of String - * objects (which would seem more logical), because the String class is - * immutable and there is no way to overwrite its internal value when the - * password stored in it is no longer needed. Hence, this class requests the - * password as a char array, so it can be overwritten when done. - * - * @see SecretKeyFactory - * @see PBEParameterSpec - */ -public class PBEKeySpec - implements KeySpec -{ - - private char[] password; - - private byte[] salt; - - private int iterationCount; - - private int keyLength; - - private boolean isPasswordCleared; - - /** - * Constructor that takes a password. An empty char[] is used if null is - * specified. - * <p> - * Note: password is cloned before it is stored in the new PBEKeySpec - * object. - * - * @param password - - * the password. - */ - public PBEKeySpec(char[] password) - { - if (password == null) - { - this.password = new char[0]; - } - else - { - this.password = new char[password.length]; - - System.arraycopy(password, 0, this.password, 0, password.length); - } - } - - /** - * Returns a copy of the password. - * <p> - * Note: this method returns a copy of the password. It is the caller's - * responsibility to zero out the password information after it is no longer - * needed. - * - * @return the password - * @throws IllegalStateException - - * if password has been cleared by calling clearPassword method. - */ - public final char[] getPassword() - { - if (isPasswordCleared) - { - throw new IllegalStateException("Password has been cleared"); - } - return password; - } - - /** - * Constructor that takes a password, salt, iteration count, and - * to-be-derived key length for generating PBEKey of variable-key-size PBE - * ciphers. An empty char[] is used if null is specified for password. - * <p> - * Note: the password and salt are cloned before they are stored in the new - * PBEKeySpec object. - * - * - * @param password - * password - the password. - * @param salt - * salt - the salt. - * @param iterationCount - * iterationCount - the iteration count. - * @param keyLength - * keyLength - the to-be-derived key length. - * @throws NullPointerException - - * if salt is null. - * @throws IllegalArgumentException - - * if salt is empty, i.e. 0-length, iterationCount or keyLength - * is not positive. - */ - public PBEKeySpec(char[] password, byte[] salt, int iterationCount, int keyLength) - { - this(password); - if (salt == null) - { - throw new NullPointerException("salt is null"); - } - if (salt.length == 0) - { - throw new IllegalArgumentException("salt is empty"); - } - if (iterationCount < 0) - { - throw new IllegalArgumentException("iterationCount is not positive"); - } - if (keyLength < 0) - { - throw new IllegalArgumentException("keyLength is not positive"); - } - this.keyLength = keyLength; - this.iterationCount = iterationCount; - this.salt = (byte[]) salt.clone(); - } - - /** - * Constructor that takes a password, salt, iteration count for generating - * PBEKey of fixed-key-size PBE ciphers. An empty char[] is used if null is - * specified for password. - * <p> - * Note: the password and salt are cloned before they are stored in the new - * PBEKeySpec object. - * - * @param password - - * the password. - * @param salt - - * the salt. - * @param iterationCount - - * the iteration count. - * @throws NullPointerException - - * if salt is null. - * @throws IllegalArgumentException - - * if salt is empty, i.e. 0-length, or iterationCount is not - * positive. - */ - public PBEKeySpec(char[] password, byte[] salt, int iterationCount) - { - this(password, salt, iterationCount, 0); - } - - /** - * Clears the internal copy of the password. - */ - public final void clearPassword() - { - for (int i = 0; i < password.length; i++) - { - password[i] = 0; - } - password = null; - isPasswordCleared = true; - } - - /** - * Returns a copy of the salt or null if not specified. - * - * Note: this method should return a copy of the salt. It is the caller's - * responsibility to zero out the salt information after it is no longer - * needed. - * - * @return the salt. - */ - public final byte[] getSalt() - { - if (salt != null) - { - byte[] tmp = new byte[salt.length]; - - System.arraycopy(salt, 0, tmp, 0, salt.length); - - return tmp; - } - - return null; - } - - /** - * Returns the iteration count or 0 if not specified. - * - * @return the iteration count. - */ - public final int getIterationCount() - { - return iterationCount; - } - - /** - * Returns the to-be-derived key length or 0 if not specified. - * <p> - * Note: this is used to indicate the preference on key length for - * variable-key-size ciphers. The actual key size depends on each provider's - * implementation. - * - * @return the to-be-derived key length. - */ - public final int getKeyLength() - { - return keyLength; - } -} |