2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 package javax.crypto.spec;
20 import java.security.spec.KeySpec;
21 import java.util.Arrays;
24 * The key specification for a <i>password based encryption</i> key.
26 * Password based encryption is described in <a
27 * href="http://www.ietf.org/rfc/rfc2898.txt">PKCS #5</a>.
29 public class PBEKeySpec implements KeySpec {
31 private char[] password;
32 private final byte[] salt;
33 private final int iterationCount;
34 private final int keyLength;
37 * Creates a new <code>PBEKeySpec</code> with the specified password.
42 public PBEKeySpec(char[] password) {
43 if (password == null) {
44 this.password = new char[0];
46 this.password = new char[password.length];
47 System.arraycopy(password, 0, this.password, 0, password.length);
55 * Creates a new <code>PBEKeySpec</code> with the specified password, salt,
56 * iteration count and the desired length of the derived key.
62 * @param iterationCount
63 * the iteration count.
65 * the desired key length of the derived key,
66 * @throws NullPointerException
67 * if the salt is null.
68 * @throws IllegalArgumentException
69 * if the salt is empty, iteration count is zero or negative or
70 * the key length is zero or negative.
72 public PBEKeySpec(char[] password, byte[] salt, int iterationCount,
75 throw new NullPointerException("salt == null");
77 if (salt.length == 0) {
78 throw new IllegalArgumentException("salt.length == 0");
80 if (iterationCount <= 0) {
81 throw new IllegalArgumentException("iterationCount <= 0");
84 throw new IllegalArgumentException("keyLength <= 0");
87 if (password == null) {
88 this.password = new char[0];
90 this.password = new char[password.length];
91 System.arraycopy(password, 0, this.password, 0, password.length);
93 this.salt = new byte[salt.length];
94 System.arraycopy(salt, 0, this.salt, 0, salt.length);
95 this.iterationCount = iterationCount;
96 this.keyLength = keyLength;
100 * Creates a new <code>PBEKeySpec</code> with the specified password, salt
101 * and iteration count.
107 * @param iterationCount
108 * the iteration count.
109 * @throws NullPointerException
111 * @throws IllegalArgumentException
112 * if the salt is empty or iteration count is zero or negative.
114 public PBEKeySpec(char[] password, byte[] salt, int iterationCount) {
116 throw new NullPointerException("salt == null");
118 if (salt.length == 0) {
119 throw new IllegalArgumentException("salt.length == 0");
121 if (iterationCount <= 0) {
122 throw new IllegalArgumentException("iterationCount <= 0");
125 if (password == null) {
126 this.password = new char[0];
128 this.password = new char[password.length];
129 System.arraycopy(password, 0, this.password, 0, password.length);
131 this.salt = new byte[salt.length];
132 System.arraycopy(salt, 0, this.salt, 0, salt.length);
133 this.iterationCount = iterationCount;
138 * Clears the password by overwriting it.
140 public final void clearPassword() {
141 Arrays.fill(password, '?');
146 * Returns a copy of the password of this key specification.
148 * @return a copy of the password of this key specification.
149 * @throws IllegalStateException
150 * if the password has been cleared before.
152 public final char[] getPassword() {
153 if (password == null) {
154 throw new IllegalStateException("The password has been cleared");
156 char[] result = new char[password.length];
157 System.arraycopy(password, 0, result, 0, password.length);
162 * Returns a copy of the salt of this key specification.
164 * @return a copy of the salt of this key specification or null if none is
167 public final byte[] getSalt() {
171 byte[] result = new byte[salt.length];
172 System.arraycopy(salt, 0, result, 0, salt.length);
177 * Returns the iteration count of this key specification.
179 * @return the iteration count of this key specification.
181 public final int getIterationCount() {
182 return iterationCount;
186 * Returns the desired key length of the derived key.
188 * @return the desired key length of the derived key.
190 public final int getKeyLength() {