View | Details | Return to bug 28204 | Differences between
and this patch

Collapse All | Expand All

(-)PBEKeySpec.java (-28 / +133 lines)
Lines 1-5 Link Here
1
/* PBEKeySpec.java -- Wrapper for password-based keys.
1
/* PBEKeySpec.java -- Wrapper for password-based keys.
2
   Copyright (C) 2004  Free Software Foundation, Inc.
2
   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
3
3
4
This file is part of GNU Classpath.
4
This file is part of GNU Classpath.
5
5
Lines 76-122 Link Here
76
  /** The salt. */
76
  /** The salt. */
77
  private byte[] salt;
77
  private byte[] salt;
78
78
79
  /** The password state */
80
  private boolean passwordValid = true;
81
  
79
  // Constructors.
82
  // Constructors.
80
  // ------------------------------------------------------------------------
83
  // ------------------------------------------------------------------------
81
84
82
  /**
85
  /**
83
   * Create a new PBE key spec with just a password.
86
   * Create a new PBE key spec with just a password.
84
   *
87
   * <p>
88
   * A copy of the password argument is stored instead of the argument itself.
89
   * 
85
   * @param password The password char array.
90
   * @param password The password char array.
86
   */
91
   */
87
  public PBEKeySpec(char[] password)
92
  public PBEKeySpec(char[] password)
88
  {
93
  {
89
    this(password, null, 0, 0);
94
    setPassword(password);
95
    
96
    // load the default values for unspecified variables.
97
    salt = null;
98
    iterationCount = 0;
99
    keyLength = 0;
90
  }
100
  }
91
101
92
  /**
102
  /**
93
   * Create a PBE key spec with a password, salt, and iteration count.
103
   * Create a PBE key spec with a password, salt, and iteration count.
94
   *
104
   * <p>
95
   * @param password       The password char array.
105
   * A copy of the password and salt arguments are stored instead of the
96
   * @param salt           The salt bytes.
106
   * arguments themselves.
107
   * 
108
   * @param password The password char array.
109
   * @param salt The salt bytes.
97
   * @param iterationCount The iteration count.
110
   * @param iterationCount The iteration count.
111
   * @throws NullPointerException If salt is null
112
   * @throws IllegalArgumentException If salt is an empty array, or
113
   *           iterationCount is negative
98
   */
114
   */
99
  public PBEKeySpec(char[] password, byte[] salt, int iterationCount)
115
  public PBEKeySpec(char[] password, byte[] salt, int iterationCount)
100
  {
116
  {
101
    this(password, salt, iterationCount, 0);
117
    setPassword(password);
118
    setSalt(salt);
119
    setIterationCount(iterationCount);
120
121
    // load default values into unspecified variables.
122
    keyLength = 0;
102
  }
123
  }
103
124
104
  /**
125
  /**
105
   * Create a PBE key spec with a password, salt, iteration count, and
126
   * Create a PBE key spec with a password, salt, iteration count, and key
106
   * key length.
127
   * length.
107
   *
128
   * <p>
108
   * @param password       The password char array.
129
   * A copy of the password and salt arguments are stored instead of the
109
   * @param salt           The salt bytes.
130
   * arguments themselves.
131
   * 
132
   * @param password The password char array.
133
   * @param salt The salt bytes.
110
   * @param iterationCount The iteration count.
134
   * @param iterationCount The iteration count.
111
   * @param keyLength      The generated key length.
135
   * @param keyLength The generated key length.
136
   * @throws NullPointerException If salt is null
137
   * @throws IllegalArgumentException If salt is an empty array, if
138
   *           iterationCount or keyLength is negative
112
   */
139
   */
113
  public PBEKeySpec(char[] password, byte[] salt, int iterationCount,
140
  public PBEKeySpec(char[] password, byte[] salt, int iterationCount,
114
                    int keyLength)
141
                    int keyLength)
115
  {
142
  {
116
    this.password = password;
143
    setPassword(password);
117
    this.salt = salt;
144
    setSalt(salt);
118
    this.iterationCount = iterationCount;
145
    setIterationCount(iterationCount);
119
    this.keyLength = keyLength;
146
    setKeyLength(keyLength);
120
  }
147
  }
121
148
122
  // Instance methods.
149
  // Instance methods.
Lines 124-137 Link Here
124
151
125
  /**
152
  /**
126
   * Clear the password array by filling it with null characters.
153
   * Clear the password array by filling it with null characters.
154
   * <p>
155
   * This clears the stored copy of the password, not the original char array
156
   * used to create the password.
127
   */
157
   */
128
  public final void clearPassword()
158
  public final void clearPassword()
129
  {
159
  {
130
    if (password == null) return;
160
    if (password == null)
161
      return;
131
    for (int i = 0; i < password.length; i++)
162
    for (int i = 0; i < password.length; i++)
132
      {
163
      password[i] = '\u0000';
133
        password[i] = '\u0000';
164
    
134
      }
165
    // since the password is cleared, it is no longer valid
166
    passwordValid = false;
135
  }
167
  }
136
168
137
  /**
169
  /**
Lines 155-176 Link Here
155
  }
187
  }
156
188
157
  /**
189
  /**
158
   * Get the password character array.
190
   * Get the password character array copy.
159
   *
191
   * <p>
160
   * @return The password.
192
   * This returns a copy of the password, not the password itself.
193
   * 
194
   * @return a clone of the password.
195
   * @throws IllegalStateException If {@link #clearPassword()} has already been
196
   *           called.
161
   */
197
   */
162
  public final char[] getPassword()
198
  public final char[] getPassword()
163
  {
199
  {
164
    return password;
200
    if (! passwordValid)
201
      throw new IllegalStateException("clearPassword() has been called, the "
202
                                      + "password is no longer valid");
203
    return (char[]) password.clone();
165
  }
204
  }
166
205
167
  /**
206
  /**
168
   * Get the salt bytes.
207
   * Get the salt bytes array copy.
169
   *
208
   * <p>
209
   * This returns a copy of the salt, not the salt itself.
210
   * 
170
   * @return The salt.
211
   * @return The salt.
171
   */
212
   */
172
  public final byte[] getSalt()
213
  public final byte[] getSalt()
173
  {
214
  {
174
    return salt;
215
    if (salt != null)
216
      return (byte[]) salt.clone();
217
    return null;
218
  }
219
220
  /**
221
   * Set the password char array.
222
   * <p>
223
   * A copy of the password argument is stored instead of the argument itself.
224
   * 
225
   * @param password The password to be set
226
   */
227
  private void setPassword(char[] password)
228
  {
229
    if (password != null)
230
      this.password = (char[]) password.clone();
231
    else
232
      this.password = new char[0];
233
234
    passwordValid = true;
235
  }
236
237
  /**
238
   * Set the salt byte array.
239
   * <p>
240
   * A copy of the salt arguments is stored instead of the argument itself.
241
   * 
242
   * @param salt The salt to be set.
243
   * @throws NullPointerException If the salt is null.
244
   * @throws IllegalArgumentException If the salt is an empty array.
245
   */
246
  private void setSalt(byte[] salt)
247
  {
248
    if (salt.length == 0)
249
      throw new IllegalArgumentException("salt MUST NOT be an empty byte array");
250
251
    this.salt = (byte[]) salt.clone();
252
  }
253
254
  /**
255
   * Set the iterationCount.
256
   * 
257
   * @param iterationCount The iteration count to be set.
258
   * @throws IllegalArgumentException If the iterationCount is negative.
259
   */
260
  private void setIterationCount(int iterationCount)
261
  {
262
    if (iterationCount < 0)
263
      throw new IllegalArgumentException("iterationCount MUST be positive");
264
265
    this.iterationCount = iterationCount;
266
  }
267
268
  /**
269
   * Set the keyLength.
270
   * 
271
   * @param keyLength The keyLength to be set.
272
   * @throws IllegalArgumentException if the keyLength is negative.
273
   */
274
  private void setKeyLength(int keyLength)
275
  {
276
    if (keyLength < 0)
277
      throw new IllegalArgumentException("keyLength MUST be positive");
278
279
    this.keyLength = keyLength;
175
  }
280
  }
176
}
281
}

Return to bug 28204