下面列出了javax.crypto.spec.PBEKeySpec#getPassword() 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBEKey(PBEKeySpec keySpec, String keytype) throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
passwd = new char[0];
}
// Accept "\0" to signify "zero-length password with no terminator".
if (!(passwd.length == 1 && passwd[0] == 0)) {
for (int i=0; i<passwd.length; i++) {
if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
throw new InvalidKeySpecException("Password is not ASCII");
}
}
}
this.key = new byte[passwd.length];
for (int i=0; i<passwd.length; i++)
this.key[i] = (byte) (passwd[i] & 0x7f);
Arrays.fill(passwd, '\0');
type = keytype;
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBEKey(PBEKeySpec keySpec, String keytype) throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
passwd = new char[0];
}
// Accept "\0" to signify "zero-length password with no terminator".
if (!(passwd.length == 1 && passwd[0] == 0)) {
for (int i=0; i<passwd.length; i++) {
if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
throw new InvalidKeySpecException("Password is not ASCII");
}
}
}
this.key = new byte[passwd.length];
for (int i=0; i<passwd.length; i++)
this.key[i] = (byte) (passwd[i] & 0x7f);
Arrays.fill(passwd, '\0');
type = keytype;
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBEKey(PBEKeySpec keySpec, String keytype) throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
passwd = new char[0];
}
// Accept "\0" to signify "zero-length password with no terminator".
if (!(passwd.length == 1 && passwd[0] == 0)) {
for (int i=0; i<passwd.length; i++) {
if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
throw new InvalidKeySpecException("Password is not ASCII");
}
}
}
this.key = new byte[passwd.length];
for (int i=0; i<passwd.length; i++)
this.key[i] = (byte) (passwd[i] & 0x7f);
java.util.Arrays.fill(passwd, ' ');
type = keytype;
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBEKey(PBEKeySpec keySpec, String keytype) throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
passwd = new char[0];
}
// Accept "\0" to signify "zero-length password with no terminator".
if (!(passwd.length == 1 && passwd[0] == 0)) {
for (int i=0; i<passwd.length; i++) {
if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
throw new InvalidKeySpecException("Password is not ASCII");
}
}
}
this.key = new byte[passwd.length];
for (int i=0; i<passwd.length; i++)
this.key[i] = (byte) (passwd[i] & 0x7f);
java.util.Arrays.fill(passwd, ' ');
type = keytype;
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBEKey(PBEKeySpec keySpec, String keytype) throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
passwd = new char[0];
}
// Accept "\0" to signify "zero-length password with no terminator".
if (!(passwd.length == 1 && passwd[0] == 0)) {
for (int i=0; i<passwd.length; i++) {
if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
throw new InvalidKeySpecException("Password is not ASCII");
}
}
}
this.key = new byte[passwd.length];
for (int i=0; i<passwd.length; i++)
this.key[i] = (byte) (passwd[i] & 0x7f);
java.util.Arrays.fill(passwd, ' ');
type = keytype;
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBEKey(PBEKeySpec keySpec, String keytype) throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
passwd = new char[0];
}
// Accept "\0" to signify "zero-length password with no terminator".
if (!(passwd.length == 1 && passwd[0] == 0)) {
for (int i=0; i<passwd.length; i++) {
if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
throw new InvalidKeySpecException("Password is not ASCII");
}
}
}
this.key = new byte[passwd.length];
for (int i=0; i<passwd.length; i++)
this.key[i] = (byte) (passwd[i] & 0x7f);
java.util.Arrays.fill(passwd, ' ');
type = keytype;
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBEKey(PBEKeySpec keySpec, String keytype) throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
passwd = new char[0];
}
// Accept "\0" to signify "zero-length password with no terminator".
if (!(passwd.length == 1 && passwd[0] == 0)) {
for (int i=0; i<passwd.length; i++) {
if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
throw new InvalidKeySpecException("Password is not ASCII");
}
}
}
this.key = new byte[passwd.length];
for (int i=0; i<passwd.length; i++)
this.key[i] = (byte) (passwd[i] & 0x7f);
java.util.Arrays.fill(passwd, ' ');
type = keytype;
}
/**
* getPassword() method testing. Tests that returned password is equal
* to the password specified in the constructor and that the change of
* returned array does not cause the change of internal array.
*/
public void testGetPassword() {
char[] password = new char[] {'1', '2', '3', '4', '5'};
PBEKeySpec pbeks = new PBEKeySpec(password);
char[] result = pbeks.getPassword();
if (! Arrays.equals(password, result)) {
fail("The returned password is not equal to the specified "
+ "in the constructor.");
}
result[0] ++;
assertFalse("The change of returned by getPassword() method password "
+ "should not cause the change of internal array.",
result[0] == pbeks.getPassword()[0]);
}
protected SecretKey engineGenerateSecret(
KeySpec keySpec)
throws InvalidKeySpecException
{
if (keySpec instanceof PBEKeySpec)
{
PBEKeySpec pbeSpec = (PBEKeySpec)keySpec;
if (pbeSpec.getSalt() == null)
{
throw new InvalidKeySpecException("missing required salt");
}
if (pbeSpec.getIterationCount() <= 0)
{
throw new InvalidKeySpecException("positive iteration count required: "
+ pbeSpec.getIterationCount());
}
if (pbeSpec.getKeyLength() <= 0)
{
throw new InvalidKeySpecException("positive key length required: "
+ pbeSpec.getKeyLength());
}
if (pbeSpec.getPassword().length == 0)
{
throw new IllegalArgumentException("password empty");
}
int digest = SHA1;
int keySize = pbeSpec.getKeyLength();
int ivSize = -1; // JDK 1,2 and earlier does not understand simplified version.
CipherParameters param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize);
return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param);
}
throw new InvalidKeySpecException("Invalid KeySpec");
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
this.passwd = new char[0];
} else {
this.passwd = passwd.clone();
}
// Convert the password from char[] to byte[]
byte[] passwdBytes = getPasswordBytes(this.passwd);
this.salt = keySpec.getSalt();
if (salt == null) {
throw new InvalidKeySpecException("Salt not found");
}
this.iterCount = keySpec.getIterationCount();
if (iterCount == 0) {
throw new InvalidKeySpecException("Iteration count not found");
} else if (iterCount < 0) {
throw new InvalidKeySpecException("Iteration count is negative");
}
int keyLength = keySpec.getKeyLength();
if (keyLength == 0) {
throw new InvalidKeySpecException("Key length not found");
} else if (keyLength < 0) {
throw new InvalidKeySpecException("Key length is negative");
}
try {
this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
}
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
this.passwd = new char[0];
} else {
this.passwd = passwd.clone();
}
// Convert the password from char[] to byte[]
byte[] passwdBytes = getPasswordBytes(this.passwd);
this.salt = keySpec.getSalt();
if (salt == null) {
throw new InvalidKeySpecException("Salt not found");
}
this.iterCount = keySpec.getIterationCount();
if (iterCount == 0) {
throw new InvalidKeySpecException("Iteration count not found");
} else if (iterCount < 0) {
throw new InvalidKeySpecException("Iteration count is negative");
}
int keyLength = keySpec.getKeyLength();
if (keyLength == 0) {
throw new InvalidKeySpecException("Key length not found");
} else if (keyLength < 0) {
throw new InvalidKeySpecException("Key length is negative");
}
try {
this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
}
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
}
private boolean passwordIsValid(PBEKeySpec password) {
try {
return password.getPassword().length > 0;
} catch (IllegalStateException | NullPointerException e) {
return false;
}
}
/** Read an entry from the store
* @param tag Tag that identifies the entry
* @return Stored text or <code>null</code>
* @throws Exception on error
*/
public String get(final String tag) throws Exception
{
final KeyStore.SecretKeyEntry entry = (KeyStore.SecretKeyEntry) store.getEntry(tag, pp);
if (entry == null)
return null;
final PBEKeySpec key = (PBEKeySpec) kf.getKeySpec(entry.getSecretKey(), PBEKeySpec.class);
return new String(key.getPassword());
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param keytype the given PBE key specification
*/
PBEKey(PBEKeySpec keySpec, String keytype, boolean useCleaner)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
passwd = new char[0];
}
// Accept "\0" to signify "zero-length password with no terminator".
if (!(passwd.length == 1 && passwd[0] == 0)) {
for (int i=0; i<passwd.length; i++) {
if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
throw new InvalidKeySpecException("Password is not ASCII");
}
}
}
this.key = new byte[passwd.length];
for (int i=0; i<passwd.length; i++)
this.key[i] = (byte) (passwd[i] & 0x7f);
Arrays.fill(passwd, '\0');
type = keytype;
// Use the cleaner to zero the key when no longer referenced
if (useCleaner) {
final byte[] k = this.key;
CleanerFactory.cleaner().register(this,
() -> Arrays.fill(k, (byte) 0x00));
}
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
this.passwd = new char[0];
} else {
this.passwd = passwd.clone();
}
// Convert the password from char[] to byte[]
byte[] passwdBytes = getPasswordBytes(this.passwd);
this.salt = keySpec.getSalt();
if (salt == null) {
throw new InvalidKeySpecException("Salt not found");
}
this.iterCount = keySpec.getIterationCount();
if (iterCount == 0) {
throw new InvalidKeySpecException("Iteration count not found");
} else if (iterCount < 0) {
throw new InvalidKeySpecException("Iteration count is negative");
}
int keyLength = keySpec.getKeyLength();
if (keyLength == 0) {
throw new InvalidKeySpecException("Key length not found");
} else if (keyLength < 0) {
throw new InvalidKeySpecException("Key length is negative");
}
try {
this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
}
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
this.passwd = new char[0];
} else {
this.passwd = passwd.clone();
}
// Convert the password from char[] to byte[]
byte[] passwdBytes = getPasswordBytes(this.passwd);
this.salt = keySpec.getSalt();
if (salt == null) {
throw new InvalidKeySpecException("Salt not found");
}
this.iterCount = keySpec.getIterationCount();
if (iterCount == 0) {
throw new InvalidKeySpecException("Iteration count not found");
} else if (iterCount < 0) {
throw new InvalidKeySpecException("Iteration count is negative");
}
int keyLength = keySpec.getKeyLength();
if (keyLength == 0) {
throw new InvalidKeySpecException("Key length not found");
} else if (keyLength < 0) {
throw new InvalidKeySpecException("Key length is negative");
}
try {
this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
}
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
this.passwd = new char[0];
} else {
this.passwd = passwd.clone();
}
// Convert the password from char[] to byte[]
byte[] passwdBytes = getPasswordBytes(this.passwd);
this.salt = keySpec.getSalt();
if (salt == null) {
throw new InvalidKeySpecException("Salt not found");
}
this.iterCount = keySpec.getIterationCount();
if (iterCount == 0) {
throw new InvalidKeySpecException("Iteration count not found");
} else if (iterCount < 0) {
throw new InvalidKeySpecException("Iteration count is negative");
}
int keyLength = keySpec.getKeyLength();
if (keyLength == 0) {
throw new InvalidKeySpecException("Key length not found");
} else if (keyLength < 0) {
throw new InvalidKeySpecException("Key length is negative");
}
try {
this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
}
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
this.passwd = new char[0];
} else {
this.passwd = passwd.clone();
}
// Convert the password from char[] to byte[]
byte[] passwdBytes = getPasswordBytes(this.passwd);
// remove local copy
if (passwd != null) Arrays.fill(passwd, '\0');
this.salt = keySpec.getSalt();
if (salt == null) {
throw new InvalidKeySpecException("Salt not found");
}
this.iterCount = keySpec.getIterationCount();
if (iterCount == 0) {
throw new InvalidKeySpecException("Iteration count not found");
} else if (iterCount < 0) {
throw new InvalidKeySpecException("Iteration count is negative");
}
int keyLength = keySpec.getKeyLength();
if (keyLength == 0) {
throw new InvalidKeySpecException("Key length not found");
} else if (keyLength < 0) {
throw new InvalidKeySpecException("Key length is negative");
}
try {
this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
} finally {
Arrays.fill(passwdBytes, (byte)0x00);
}
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param key the given PBE key specification
*/
PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
this.passwd = new char[0];
} else {
this.passwd = passwd.clone();
}
// Convert the password from char[] to byte[]
byte[] passwdBytes = getPasswordBytes(this.passwd);
// remove local copy
if (passwd != null) Arrays.fill(passwd, '\0');
this.salt = keySpec.getSalt();
if (salt == null) {
throw new InvalidKeySpecException("Salt not found");
}
this.iterCount = keySpec.getIterationCount();
if (iterCount == 0) {
throw new InvalidKeySpecException("Iteration count not found");
} else if (iterCount < 0) {
throw new InvalidKeySpecException("Iteration count is negative");
}
int keyLength = keySpec.getKeyLength();
if (keyLength == 0) {
throw new InvalidKeySpecException("Key length not found");
} else if (keyLength < 0) {
throw new InvalidKeySpecException("Key length is negative");
}
try {
this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
} finally {
Arrays.fill(passwdBytes, (byte)0x00);
}
}
/**
* Creates a PBE key from a given PBE key specification.
*
* @param keySpec the given PBE key specification
* @param prfAlgo the given PBE key algorithm
*/
PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo)
throws InvalidKeySpecException {
char[] passwd = keySpec.getPassword();
if (passwd == null) {
// Should allow an empty password.
this.passwd = new char[0];
} else {
this.passwd = passwd.clone();
}
// Convert the password from char[] to byte[]
byte[] passwdBytes = getPasswordBytes(this.passwd);
// remove local copy
if (passwd != null) Arrays.fill(passwd, '\0');
try {
this.salt = keySpec.getSalt();
if (salt == null) {
throw new InvalidKeySpecException("Salt not found");
}
this.iterCount = keySpec.getIterationCount();
if (iterCount == 0) {
throw new InvalidKeySpecException("Iteration count not found");
} else if (iterCount < 0) {
throw new InvalidKeySpecException("Iteration count is negative");
}
int keyLength = keySpec.getKeyLength();
if (keyLength == 0) {
throw new InvalidKeySpecException("Key length not found");
} else if (keyLength < 0) {
throw new InvalidKeySpecException("Key length is negative");
}
this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance());
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
} finally {
Arrays.fill(passwdBytes, (byte) 0x00);
// Use the cleaner to zero the key when no longer referenced
final byte[] k = this.key;
final char[] p = this.passwd;
CleanerFactory.cleaner().register(this,
() -> {
Arrays.fill(k, (byte) 0x00);
Arrays.fill(p, '\0');
});
}
}