0N/A/*
2362N/A * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved.
0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
0N/A *
0N/A * This code is free software; you can redistribute it and/or modify it
0N/A * under the terms of the GNU General Public License version 2 only, as
2362N/A * published by the Free Software Foundation. Oracle designates this
0N/A * particular file as subject to the "Classpath" exception as provided
2362N/A * by Oracle in the LICENSE file that accompanied this code.
0N/A *
0N/A * This code is distributed in the hope that it will be useful, but WITHOUT
0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
0N/A * version 2 for more details (a copy is included in the LICENSE file that
0N/A * accompanied this code).
0N/A *
0N/A * You should have received a copy of the GNU General Public License version
0N/A * 2 along with this work; if not, write to the Free Software Foundation,
0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
0N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
0N/A */
0N/A
0N/Apackage com.sun.crypto.provider;
0N/A
0N/Aimport java.io.*;
0N/Aimport java.security.InvalidKeyException;
0N/Aimport java.security.spec.KeySpec;
0N/Aimport java.security.spec.InvalidKeySpecException;
0N/Aimport javax.crypto.SecretKey;
0N/Aimport javax.crypto.SecretKeyFactorySpi;
0N/Aimport javax.crypto.spec.PBEKeySpec;
0N/Aimport javax.crypto.spec.SecretKeySpec;
0N/A
0N/A/**
0N/A * This class implements a key factory for PBE keys derived using
0N/A * PBKDF2 with HmacSHA1 psuedo random function(PRF) as defined in
0N/A * PKCS#5 v2.0.
0N/A *
0N/A * @author Valerie Peng
0N/A *
0N/A */
0N/Apublic final class PBKDF2HmacSHA1Factory extends SecretKeyFactorySpi {
0N/A
0N/A /**
1460N/A * Empty constructor
0N/A */
0N/A public PBKDF2HmacSHA1Factory() {
0N/A }
0N/A
0N/A /**
0N/A * Generates a <code>SecretKey</code> object from the provided key
0N/A * specification (key material).
0N/A *
0N/A * @param keySpec the specification (key material) of the secret key
0N/A *
0N/A * @return the secret key
0N/A *
0N/A * @exception InvalidKeySpecException if the given key specification
0N/A * is inappropriate for this key factory to produce a public key.
0N/A */
0N/A protected SecretKey engineGenerateSecret(KeySpec keySpec)
0N/A throws InvalidKeySpecException
0N/A {
0N/A if (!(keySpec instanceof PBEKeySpec)) {
0N/A throw new InvalidKeySpecException("Invalid key spec");
0N/A }
0N/A PBEKeySpec ks = (PBEKeySpec) keySpec;
0N/A return new PBKDF2KeyImpl(ks, "HmacSHA1");
0N/A }
0N/A
0N/A /**
0N/A * Returns a specification (key material) of the given key
0N/A * in the requested format.
0N/A *
0N/A * @param key the key
0N/A *
0N/A * @param keySpec the requested format in which the key material shall be
0N/A * returned
0N/A *
0N/A * @return the underlying key specification (key material) in the
0N/A * requested format
0N/A *
0N/A * @exception InvalidKeySpecException if the requested key
0N/A * specification is inappropriate for the given key, or the
0N/A * given key cannot be processed (e.g., the given key has an
0N/A * unrecognized algorithm or format).
0N/A */
0N/A protected KeySpec engineGetKeySpec(SecretKey key, Class keySpecCl)
0N/A throws InvalidKeySpecException {
0N/A if (key instanceof javax.crypto.interfaces.PBEKey) {
0N/A // Check if requested key spec is amongst the valid ones
0N/A if ((keySpecCl != null)
0N/A && PBEKeySpec.class.isAssignableFrom(keySpecCl)) {
0N/A javax.crypto.interfaces.PBEKey pKey =
0N/A (javax.crypto.interfaces.PBEKey) key;
0N/A return new PBEKeySpec
0N/A (pKey.getPassword(), pKey.getSalt(),
0N/A pKey.getIterationCount(), pKey.getEncoded().length*8);
0N/A } else {
0N/A throw new InvalidKeySpecException("Invalid key spec");
0N/A }
0N/A } else {
0N/A throw new InvalidKeySpecException("Invalid key " +
0N/A "format/algorithm");
0N/A }
0N/A }
0N/A
0N/A /**
0N/A * Translates a <code>SecretKey</code> object, whose provider may be
0N/A * unknown or potentially untrusted, into a corresponding
0N/A * <code>SecretKey</code> object of this key factory.
0N/A *
0N/A * @param key the key whose provider is unknown or untrusted
0N/A *
0N/A * @return the translated key
0N/A *
0N/A * @exception InvalidKeyException if the given key cannot be processed by
0N/A * this key factory.
0N/A */
0N/A protected SecretKey engineTranslateKey(SecretKey key)
0N/A throws InvalidKeyException {
0N/A if ((key != null) &&
0N/A (key.getAlgorithm().equalsIgnoreCase("PBKDF2WithHmacSHA1")) &&
0N/A (key.getFormat().equalsIgnoreCase("RAW"))) {
0N/A
0N/A // Check if key originates from this factory
0N/A if (key instanceof com.sun.crypto.provider.PBKDF2KeyImpl) {
0N/A return key;
0N/A }
0N/A // Check if key implements the PBEKey
0N/A if (key instanceof javax.crypto.interfaces.PBEKey) {
0N/A javax.crypto.interfaces.PBEKey pKey =
0N/A (javax.crypto.interfaces.PBEKey) key;
0N/A try {
0N/A PBEKeySpec spec =
0N/A new PBEKeySpec(pKey.getPassword(),
0N/A pKey.getSalt(),
0N/A pKey.getIterationCount(),
0N/A pKey.getEncoded().length*8);
0N/A return new PBKDF2KeyImpl(spec, "HmacSHA1");
0N/A } catch (InvalidKeySpecException re) {
0N/A InvalidKeyException ike = new InvalidKeyException
0N/A ("Invalid key component(s)");
0N/A ike.initCause(re);
0N/A throw ike;
0N/A }
0N/A }
0N/A }
0N/A throw new InvalidKeyException("Invalid key format/algorithm");
0N/A }
0N/A}