Java Code Examples for javax.crypto.spec.PBEKeySpec#getSalt()
The following examples show how to use
javax.crypto.spec.PBEKeySpec#getSalt() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: PBKDF2KeyImpl.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); }
Example 2
Source File: DES.java From ripple-lib-java with ISC License | 5 votes |
protected SecretKey engineGenerateSecret( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof PBEKeySpec) { PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; CipherParameters param; if (pbeSpec.getSalt() == null) { return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, null); } if (forCipher) { param = PBE.Util.makePBEParameters(pbeSpec, scheme, digest, keySize, ivSize); } else { param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); } KeyParameter kParam; if (param instanceof ParametersWithIV) { kParam = (KeyParameter)((ParametersWithIV)param).getParameters(); } else { kParam = (KeyParameter)param; } DESParameters.setOddParity(kParam.getKey()); return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); } throw new InvalidKeySpecException("Invalid KeySpec"); }
Example 3
Source File: SHA1.java From RipplePower with Apache License 2.0 | 5 votes |
protected SecretKey engineGenerateSecret( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof PBEKeySpec) { PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; if (pbeSpec.getSalt() == null) { throw new InvalidKeySpecException("missing required salt"); } if (pbeSpec.getIterationCount() <= 0) { throw new InvalidKeySpecException("positive iteration count required: " + pbeSpec.getIterationCount()); } if (pbeSpec.getKeyLength() <= 0) { throw new InvalidKeySpecException("positive key length required: " + pbeSpec.getKeyLength()); } if (pbeSpec.getPassword().length == 0) { throw new IllegalArgumentException("password empty"); } int digest = SHA1; int keySize = pbeSpec.getKeyLength(); int ivSize = -1; // JDK 1,2 and earlier does not understand simplified version. CipherParameters param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); } throw new InvalidKeySpecException("Invalid KeySpec"); }
Example 4
Source File: PBESecretKeyFactory.java From RipplePower with Apache License 2.0 | 5 votes |
protected SecretKey engineGenerateSecret( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof PBEKeySpec) { PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; CipherParameters param; if (pbeSpec.getSalt() == null) { return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, null); } if (forCipher) { param = PBE.Util.makePBEParameters(pbeSpec, scheme, digest, keySize, ivSize); } else { param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); } return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); } throw new InvalidKeySpecException("Invalid KeySpec"); }
Example 5
Source File: DES.java From RipplePower with Apache License 2.0 | 5 votes |
protected SecretKey engineGenerateSecret( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof PBEKeySpec) { PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; CipherParameters param; if (pbeSpec.getSalt() == null) { return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, null); } if (forCipher) { param = PBE.Util.makePBEParameters(pbeSpec, scheme, digest, keySize, ivSize); } else { param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); } KeyParameter kParam; if (param instanceof ParametersWithIV) { kParam = (KeyParameter)((ParametersWithIV)param).getParameters(); } else { kParam = (KeyParameter)param; } DESParameters.setOddParity(kParam.getKey()); return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); } throw new InvalidKeySpecException("Invalid KeySpec"); }
Example 6
Source File: RangerMasterKey.java From ranger with Apache License 2.0 | 5 votes |
private byte[] decryptKey(byte[] encrypted, PBEKeySpec keyspec) throws Throwable { SecretKey key = getPasswordKey(keyspec); if (keyspec.getSalt() != null) { PBEParameterSpec paramSpec = new PBEParameterSpec(keyspec.getSalt(), keyspec.getIterationCount()); Cipher c = Cipher.getInstance(key.getAlgorithm()); c.init(Cipher.DECRYPT_MODE, key, paramSpec); return c.doFinal(encrypted); } return null; }
Example 7
Source File: RangerMasterKey.java From ranger with Apache License 2.0 | 5 votes |
private byte[] encryptKey(byte[] data, PBEKeySpec keyspec) throws Throwable { if (logger.isDebugEnabled()) { logger.debug("==> RangerMasterKey.encryptKey()"); } SecretKey key = getPasswordKey(keyspec); if (keyspec.getSalt() != null) { PBEParameterSpec paramSpec = new PBEParameterSpec(keyspec.getSalt(), keyspec.getIterationCount()); Cipher c = Cipher.getInstance(key.getAlgorithm()); c.init(Cipher.ENCRYPT_MODE, key, paramSpec); return c.doFinal(data); } return null; }
Example 8
Source File: PBKDF2KeyImpl.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 5 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); }
Example 9
Source File: SHA1.java From ripple-lib-java with ISC License | 5 votes |
protected SecretKey engineGenerateSecret( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof PBEKeySpec) { PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; if (pbeSpec.getSalt() == null) { throw new InvalidKeySpecException("missing required salt"); } if (pbeSpec.getIterationCount() <= 0) { throw new InvalidKeySpecException("positive iteration count required: " + pbeSpec.getIterationCount()); } if (pbeSpec.getKeyLength() <= 0) { throw new InvalidKeySpecException("positive key length required: " + pbeSpec.getKeyLength()); } if (pbeSpec.getPassword().length == 0) { throw new IllegalArgumentException("password empty"); } int digest = SHA1; int keySize = pbeSpec.getKeyLength(); int ivSize = -1; // JDK 1,2 and earlier does not understand simplified version. CipherParameters param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); } throw new InvalidKeySpecException("Invalid KeySpec"); }
Example 10
Source File: PBKDF2KeyImpl.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); }
Example 11
Source File: PBKDF2KeyImpl.java From hottub with GNU General Public License v2.0 | 5 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); }
Example 12
Source File: PBKDF2KeyImpl.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); }
Example 13
Source File: PBESecretKeyFactory.java From ripple-lib-java with ISC License | 5 votes |
protected SecretKey engineGenerateSecret( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof PBEKeySpec) { PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; CipherParameters param; if (pbeSpec.getSalt() == null) { return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, null); } if (forCipher) { param = PBE.Util.makePBEParameters(pbeSpec, scheme, digest, keySize, ivSize); } else { param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); } return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); } throw new InvalidKeySpecException("Invalid KeySpec"); }
Example 14
Source File: PBKDF2KeyImpl.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); }
Example 15
Source File: PBKDF2KeyImpl.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); }
Example 16
Source File: PBKDF2KeyImpl.java From dragonwell8_jdk with GNU General Public License v2.0 | 4 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); // remove local copy if (passwd != null) Arrays.fill(passwd, '\0'); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } finally { Arrays.fill(passwdBytes, (byte)0x00); } }
Example 17
Source File: PBKDF2KeyImpl.java From jdk8u_jdk with GNU General Public License v2.0 | 4 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); // remove local copy if (passwd != null) Arrays.fill(passwd, '\0'); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } finally { Arrays.fill(passwdBytes, (byte)0x00); } }
Example 18
Source File: PBKDF2KeyImpl.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo); // SunPKCS11 requires a non-empty PBE password if (passwdBytes.length == 0 && this.prf.getProvider().getName().startsWith("SunPKCS11")) { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); } } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); }
Example 19
Source File: PBKDF2KeyImpl.java From openjdk-jdk8u with GNU General Public License v2.0 | 4 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); // remove local copy if (passwd != null) Arrays.fill(passwd, '\0'); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } finally { Arrays.fill(passwdBytes, (byte)0x00); } }
Example 20
Source File: PBKDF2KeyImpl.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
/** * Creates a PBE key from a given PBE key specification. * * @param key the given PBE key specification */ PBKDF2KeyImpl(PBEKeySpec keySpec, String prfAlgo) throws InvalidKeySpecException { char[] passwd = keySpec.getPassword(); if (passwd == null) { // Should allow an empty password. this.passwd = new char[0]; } else { this.passwd = passwd.clone(); } // Convert the password from char[] to byte[] byte[] passwdBytes = getPasswordBytes(this.passwd); // remove local copy if (passwd != null) Arrays.fill(passwd, '\0'); this.salt = keySpec.getSalt(); if (salt == null) { throw new InvalidKeySpecException("Salt not found"); } this.iterCount = keySpec.getIterationCount(); if (iterCount == 0) { throw new InvalidKeySpecException("Iteration count not found"); } else if (iterCount < 0) { throw new InvalidKeySpecException("Iteration count is negative"); } int keyLength = keySpec.getKeyLength(); if (keyLength == 0) { throw new InvalidKeySpecException("Key length not found"); } else if (keyLength < 0) { throw new InvalidKeySpecException("Key length is negative"); } try { this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); ike.initCause(nsae); throw ike; } finally { Arrays.fill(passwdBytes, (byte)0x00); } }