1 /*
2  * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 package javax.crypto.spec;
27 
28 import java.security.spec.KeySpec;
29 import java.util.Arrays;
30 
31 /**
32  * A user-chosen password that can be used with password-based encryption
33  * (<i>PBE</i>).
34  *
35  * <p>The password can be viewed as some kind of raw key material, from which
36  * the encryption mechanism that uses it derives a cryptographic key.
37  *
38  * <p>Different PBE mechanisms may consume different bits of each password
39  * character. For example, the PBE mechanism defined in
40  * <a href="http://www.ietf.org/rfc/rfc2898.txt">
41  * PKCS #5</a> looks at only the low order 8 bits of each character, whereas
42  * PKCS #12 looks at all 16 bits of each character.
43  *
44  * <p>You convert the password characters to a PBE key by creating an
45  * instance of the appropriate secret-key factory. For example, a secret-key
46  * factory for PKCS #5 will construct a PBE key from only the low order 8 bits
47  * of each password character, whereas a secret-key factory for PKCS #12 will
48  * take all 16 bits of each character.
49  *
50  * <p>Also note that this class stores passwords as char arrays instead of
51  * <code>String</code> objects (which would seem more logical), because the
52  * String class is immutable and there is no way to overwrite its
53  * internal value when the password stored in it is no longer needed. Hence,
54  * this class requests the password as a char array, so it can be overwritten
55  * when done.
56  *
57  * @author Jan Luehe
58  * @author Valerie Peng
59  *
60  * @see javax.crypto.SecretKeyFactory
61  * @see PBEParameterSpec
62  * @since 1.4
63  */
64 public class PBEKeySpec implements KeySpec {
65 
66     private char[] password;
67     private byte[] salt = null;
68     private int iterationCount = 0;
69     private int keyLength = 0;
70 
71     /**
72      * Constructor that takes a password. An empty char[] is used if
73      * null is specified.
74      *
75      * <p> Note: <code>password</code> is cloned before it is stored in
76      * the new <code>PBEKeySpec</code> object.
77      *
78      * @param password the password.
79      */
PBEKeySpec(char[] password)80     public PBEKeySpec(char[] password) {
81         if ((password == null) || (password.length == 0)) {
82             this.password = new char[0];
83         } else {
84             this.password = password.clone();
85         }
86     }
87 
88 
89     /**
90      * Constructor that takes a password, salt, iteration count, and
91      * to-be-derived key length for generating PBEKey of variable-key-size
92      * PBE ciphers.  An empty char[] is used if null is specified for
93      * <code>password</code>.
94      *
95      * <p> Note: the <code>password</code> and <code>salt</code>
96      * are cloned before they are stored in
97      * the new <code>PBEKeySpec</code> object.
98      *
99      * @param password the password.
100      * @param salt the salt.
101      * @param iterationCount the iteration count.
102      * @param keyLength the to-be-derived key length.
103      * @exception NullPointerException if <code>salt</code> is null.
104      * @exception IllegalArgumentException if <code>salt</code> is empty,
105      * i.e. 0-length, <code>iterationCount</code> or
106      * <code>keyLength</code> is not positive.
107      */
PBEKeySpec(char[] password, byte[] salt, int iterationCount, int keyLength)108     public PBEKeySpec(char[] password, byte[] salt, int iterationCount,
109         int keyLength) {
110         if ((password == null) || (password.length == 0)) {
111             this.password = new char[0];
112         } else {
113             this.password = password.clone();
114         }
115         if (salt == null) {
116             throw new NullPointerException("the salt parameter " +
117                                             "must be non-null");
118         } else if (salt.length == 0) {
119             throw new IllegalArgumentException("the salt parameter " +
120                                                 "must not be empty");
121         } else {
122             this.salt = salt.clone();
123         }
124         if (iterationCount<=0) {
125             throw new IllegalArgumentException("invalid iterationCount value");
126         }
127         if (keyLength<=0) {
128             throw new IllegalArgumentException("invalid keyLength value");
129         }
130         this.iterationCount = iterationCount;
131         this.keyLength = keyLength;
132     }
133 
134 
135     /**
136      * Constructor that takes a password, salt, iteration count for
137      * generating PBEKey of fixed-key-size PBE ciphers. An empty
138      * char[] is used if null is specified for <code>password</code>.
139      *
140      * <p> Note: the <code>password</code> and <code>salt</code>
141      * are cloned before they are stored in the new
142      * <code>PBEKeySpec</code> object.
143      *
144      * @param password the password.
145      * @param salt the salt.
146      * @param iterationCount the iteration count.
147      * @exception NullPointerException if <code>salt</code> is null.
148      * @exception IllegalArgumentException if <code>salt</code> is empty,
149      * i.e. 0-length, or <code>iterationCount</code> is not positive.
150      */
PBEKeySpec(char[] password, byte[] salt, int iterationCount)151     public PBEKeySpec(char[] password, byte[] salt, int iterationCount) {
152         if ((password == null) || (password.length == 0)) {
153             this.password = new char[0];
154         } else {
155             this.password = password.clone();
156         }
157         if (salt == null) {
158             throw new NullPointerException("the salt parameter " +
159                                             "must be non-null");
160         } else if (salt.length == 0) {
161             throw new IllegalArgumentException("the salt parameter " +
162                                                 "must not be empty");
163         } else {
164             this.salt = salt.clone();
165         }
166         if (iterationCount<=0) {
167             throw new IllegalArgumentException("invalid iterationCount value");
168         }
169         this.iterationCount = iterationCount;
170     }
171 
172     /**
173      * Clears the internal copy of the password.
174      *
175      */
clearPassword()176     public final void clearPassword() {
177         if (password != null) {
178             Arrays.fill(password, ' ');
179             password = null;
180         }
181     }
182 
183     /**
184      * Returns a copy of the password.
185      *
186      * <p> Note: this method returns a copy of the password. It is
187      * the caller's responsibility to zero out the password information after
188      * it is no longer needed.
189      *
190      * @exception IllegalStateException if password has been cleared by
191      * calling <code>clearPassword</code> method.
192      * @return the password.
193      */
getPassword()194     public final char[] getPassword() {
195         if (password == null) {
196             throw new IllegalStateException("password has been cleared");
197         }
198         return password.clone();
199     }
200 
201     /**
202      * Returns a copy of the salt or null if not specified.
203      *
204      * <p> Note: this method should return a copy of the salt. It is
205      * the caller's responsibility to zero out the salt information after
206      * it is no longer needed.
207      *
208      * @return the salt.
209      */
getSalt()210     public final byte[] getSalt() {
211         if (salt != null) {
212             return salt.clone();
213         } else {
214             return null;
215         }
216     }
217 
218     /**
219      * Returns the iteration count or 0 if not specified.
220      *
221      * @return the iteration count.
222      */
getIterationCount()223     public final int getIterationCount() {
224         return iterationCount;
225     }
226 
227     /**
228      * Returns the to-be-derived key length or 0 if not specified.
229      *
230      * <p> Note: this is used to indicate the preference on key length
231      * for variable-key-size ciphers. The actual key size depends on
232      * each provider's implementation.
233      *
234      * @return the to-be-derived key length.
235      */
getKeyLength()236     public final int getKeyLength() {
237         return keyLength;
238     }
239 }
240