implements KeyStore.ProtectionParameter Destroyable
A password-based implementation of ProtectionParameter
.
Public Constructor Summary
PasswordProtection(char[] password)
Creates a password parameter.
|
|
PasswordProtection(char[] password, String protectionAlgorithm, AlgorithmParameterSpec protectionParameters)
Creates a password parameter and specifies the protection algorithm
and associated parameters to use when encrypting a keystore entry.
|
Public Method Summary
synchronized void |
destroy()
Clears the password.
|
synchronized char[] |
getPassword()
Gets the password.
|
String |
getProtectionAlgorithm()
Gets the name of the protection algorithm.
|
AlgorithmParameterSpec |
getProtectionParameters()
Gets the parameters supplied for the protection algorithm.
|
synchronized boolean |
isDestroyed()
Determines if password has been cleared.
|
Inherited Method Summary
Public Constructors
public PasswordProtection (char[] password)
Creates a password parameter.
The specified password
is cloned before it is stored
in the new PasswordProtection
object.
Parameters
password | the password, which may be null
|
---|
public PasswordProtection (char[] password, String protectionAlgorithm, AlgorithmParameterSpec protectionParameters)
Creates a password parameter and specifies the protection algorithm and associated parameters to use when encrypting a keystore entry.
The specified password
is cloned before it is stored in the
new PasswordProtection
object.
Parameters
password | the password, which may be null |
---|---|
protectionAlgorithm | the encryption algorithm name, for
example, PBEWithHmacSHA256AndAES_256 .
See the Cipher section in the
Java Cryptography Architecture Standard Algorithm Name
Documentation
for information about standard encryption algorithm names. |
protectionParameters | the encryption algorithm parameter
specification, which may be null |
Throws
NullPointerException | if protectionAlgorithm is
null |
---|
Public Methods
public synchronized void destroy ()
Clears the password.
Throws
DestroyFailedException | if this method was unable to clear the password |
---|
public synchronized char[] getPassword ()
Gets the password.
Note that this method returns a reference to the password. If a clone of the array is created it is the caller's responsibility to zero out the password information after it is no longer needed.
Returns
- the password, which may be
null
Throws
IllegalStateException | if the password has been cleared (destroyed) |
---|
See Also
public String getProtectionAlgorithm ()
Gets the name of the protection algorithm.
If none was set then the keystore provider will use its default
protection algorithm. The name of the default protection algorithm
for a given keystore type is set using the
'keystore.<type>.keyProtectionAlgorithm'
security property.
For example, the
keystore.PKCS12.keyProtectionAlgorithm
property stores the
name of the default key protection algorithm used for PKCS12
keystores. If the security property is not set, an
implementation-specific algorithm will be used.
Returns
- the algorithm name, or
null
if none was set
public AlgorithmParameterSpec getProtectionParameters ()
Gets the parameters supplied for the protection algorithm.
Returns
- the algorithm parameter specification, or
null
, if none was set
public synchronized boolean isDestroyed ()
Determines if password has been cleared.
Returns
- true if the password has been cleared, false otherwise