Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / libcore / 319a3b994703aac84df7bcde272adfcb3cdbbbf0 / . / jdk / src / share / classes / com / sun / crypto / provider / PBKDF2HmacSHA1Factory.java
blob: 9ba53036a5e12cbe5d76192b4b436aabd967b5d9 [file] [log] [blame]
J. Duke319a3b92007-12-01 00:00:00 +0000[diff] [blame^]1/*
2 * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Sun designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Sun in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
22 * CA 95054 USA or visit www.sun.com if you need additional information or
23 * have any questions.
24 */
25
26package com.sun.crypto.provider;
27
28import java.io.*;
29import java.security.InvalidKeyException;
30import java.security.spec.KeySpec;
31import java.security.spec.InvalidKeySpecException;
32import javax.crypto.SecretKey;
33import javax.crypto.SecretKeyFactorySpi;
34import javax.crypto.spec.PBEKeySpec;
35import javax.crypto.spec.SecretKeySpec;
36
37/**
38 * This class implements a key factory for PBE keys derived using
39 * PBKDF2 with HmacSHA1 psuedo random function(PRF) as defined in
40 * PKCS#5 v2.0.
41 *
42 * @author Valerie Peng
43 *
44 */
45public final class PBKDF2HmacSHA1Factory extends SecretKeyFactorySpi {
46
47 /**
48 * Verify the SunJCE provider in the constructor.
49 *
50 * @exception SecurityException if fails to verify
51 * its own integrity
52 */
53 public PBKDF2HmacSHA1Factory() {
54 if (!SunJCE.verifySelfIntegrity(this.getClass())) {
55 throw new SecurityException("The SunJCE provider may have " +
56 "been tampered.");
57 }
58 }
59
60 /**
61 * Generates a <code>SecretKey</code> object from the provided key
62 * specification (key material).
63 *
64 * @param keySpec the specification (key material) of the secret key
65 *
66 * @return the secret key
67 *
68 * @exception InvalidKeySpecException if the given key specification
69 * is inappropriate for this key factory to produce a public key.
70 */
71 protected SecretKey engineGenerateSecret(KeySpec keySpec)
72 throws InvalidKeySpecException
73 {
74 if (!(keySpec instanceof PBEKeySpec)) {
75 throw new InvalidKeySpecException("Invalid key spec");
76 }
77 PBEKeySpec ks = (PBEKeySpec) keySpec;
78 return new PBKDF2KeyImpl(ks, "HmacSHA1");
79 }
80
81 /**
82 * Returns a specification (key material) of the given key
83 * in the requested format.
84 *
85 * @param key the key
86 *
87 * @param keySpec the requested format in which the key material shall be
88 * returned
89 *
90 * @return the underlying key specification (key material) in the
91 * requested format
92 *
93 * @exception InvalidKeySpecException if the requested key
94 * specification is inappropriate for the given key, or the
95 * given key cannot be processed (e.g., the given key has an
96 * unrecognized algorithm or format).
97 */
98 protected KeySpec engineGetKeySpec(SecretKey key, Class keySpecCl)
99 throws InvalidKeySpecException {
100 if (key instanceof javax.crypto.interfaces.PBEKey) {
101 // Check if requested key spec is amongst the valid ones
102 if ((keySpecCl != null)
103 && PBEKeySpec.class.isAssignableFrom(keySpecCl)) {
104 javax.crypto.interfaces.PBEKey pKey =
105 (javax.crypto.interfaces.PBEKey) key;
106 return new PBEKeySpec
107 (pKey.getPassword(), pKey.getSalt(),
108 pKey.getIterationCount(), pKey.getEncoded().length*8);
109 } else {
110 throw new InvalidKeySpecException("Invalid key spec");
111 }
112 } else {
113 throw new InvalidKeySpecException("Invalid key " +
114 "format/algorithm");
115 }
116 }
117
118 /**
119 * Translates a <code>SecretKey</code> object, whose provider may be
120 * unknown or potentially untrusted, into a corresponding
121 * <code>SecretKey</code> object of this key factory.
122 *
123 * @param key the key whose provider is unknown or untrusted
124 *
125 * @return the translated key
126 *
127 * @exception InvalidKeyException if the given key cannot be processed by
128 * this key factory.
129 */
130 protected SecretKey engineTranslateKey(SecretKey key)
131 throws InvalidKeyException {
132 if ((key != null) &&
133 (key.getAlgorithm().equalsIgnoreCase("PBKDF2WithHmacSHA1")) &&
134 (key.getFormat().equalsIgnoreCase("RAW"))) {
135
136 // Check if key originates from this factory
137 if (key instanceof com.sun.crypto.provider.PBKDF2KeyImpl) {
138 return key;
139 }
140 // Check if key implements the PBEKey
141 if (key instanceof javax.crypto.interfaces.PBEKey) {
142 javax.crypto.interfaces.PBEKey pKey =
143 (javax.crypto.interfaces.PBEKey) key;
144 try {
145 PBEKeySpec spec =
146 new PBEKeySpec(pKey.getPassword(),
147 pKey.getSalt(),
148 pKey.getIterationCount(),
149 pKey.getEncoded().length*8);
150 return new PBKDF2KeyImpl(spec, "HmacSHA1");
151 } catch (InvalidKeySpecException re) {
152 InvalidKeyException ike = new InvalidKeyException
153 ("Invalid key component(s)");
154 ike.initCause(re);
155 throw ike;
156 }
157 }
158 }
159 throw new InvalidKeyException("Invalid key format/algorithm");
160 }
161}