Class PBEKeyGenParams

java.lang.Object
org.mozilla.jss.crypto.PBEKeyGenParams
All Implemented Interfaces:
AlgorithmParameterSpec, KeySpec

public class PBEKeyGenParams extends Object implements AlgorithmParameterSpec, KeySpec
  • Field Details

    • pass

      private Password pass
    • salt

      private byte[] salt
    • iterations

      private int iterations
    • encryptionAlgorithm

      private EncryptionAlgorithm encryptionAlgorithm
    • hashAlgorithm

      private HMACAlgorithm hashAlgorithm
    • DEFAULT_SALT_LENGTH

      private static final int DEFAULT_SALT_LENGTH
      See Also:
    • DEFAULT_ITERATIONS

      private static final int DEFAULT_ITERATIONS
      See Also:
  • Constructor Details

    • PBEKeyGenParams

      public PBEKeyGenParams(Password pass, byte[] salt, int iterations)
      Creates PBE parameters.
      Parameters:
      pass - The password. It will be cloned, so the caller is still responsible for clearing it. It must not be null.
      salt - The salt for the PBE algorithm. Will not be cloned. Must not be null. It is the responsibility of the caller to use the right salt length for the algorithm. Most algorithms use 8 bytes of salt.
      iterations - The iteration count for the PBE algorithm.
    • PBEKeyGenParams

      public PBEKeyGenParams(char[] pass, byte[] salt, int iterations)
      Creates PBE parameters using default encryption algorithm (DES3_EDE3_CBC).
      Parameters:
      pass - The password. It will be cloned, so the caller is still responsible for clearing it. It must not be null.
      salt - The salt for the PBE algorithm. Will not be cloned. Must not be null. It is the responsibility of the caller to use the right salt length for the algorithm. Most algorithms use 8 bytes of salt.
      iterations - The iteration count for the PBE algorithm.
    • PBEKeyGenParams

      public PBEKeyGenParams(char[] pass, byte[] salt, int iterations, EncryptionAlgorithm encAlg)
      Creates PBE parameters using default encryption algorithm (DES3_EDE3_CBC).
      Parameters:
      pass - The password. It will be cloned, so the caller is still responsible for clearing it. It must not be null.
      salt - The salt for the PBE algorithm. Will not be cloned. Must not be null. It is the responsibility of the caller to use the right salt length for the algorithm. Most algorithms use 8 bytes of salt.
      iterations - The iteration count for the PBE algorithm.
      encAlg - The encryption algorithm. This is used with SOME PBE algorithms for determining the KDF output length.
    • PBEKeyGenParams

      public PBEKeyGenParams(char[] pass, byte[] salt, int iterations, EncryptionAlgorithm encAlg, HMACAlgorithm hashAlg)
      Creates PBE parameters using default encryption algorithm (DES3_EDE3_CBC).
      Parameters:
      pass - The password. It will be cloned, so the caller is still responsible for clearing it. It must not be null.
      salt - The salt for the PBE algorithm. Will not be cloned. Must not be null. It is the responsibility of the caller to use the right salt length for the algorithm. Most algorithms use 8 bytes of salt.
      iterations - The iteration count for the PBE algorithm.
      encAlg - The encryption algorithm. This is used with SOME PBE algorithms for determining the KDF output length.
      hashAlg - The hash algorithm. This is used with PBEv2 algorithms because it cannot be derived from the key generation algorithm.
  • Method Details

    • getPassword

      public Password getPassword()
      Returns a reference to the password, not a copy.
    • getSalt

      public byte[] getSalt()
      Returns a reference to the salt.
    • getIterations

      public int getIterations()
      Returns the iteration count.
    • getEncryptionAlgorithm

      public EncryptionAlgorithm getEncryptionAlgorithm()
      The encryption algorithm is used with SOME PBE algorithms for determining the KDF output length.
    • getHashAlgorithm

      public HMACAlgorithm getHashAlgorithm()
      The hash algorithm is used with PBEv2 algorithms because it cannot be derived from the key generation algorithm.
    • clear

      public void clear()
      Clears the password. This should be called when this object is no longer needed so the password is not left around in memory.
    • finalize

      @Deprecated protected void finalize() throws Throwable
      Deprecated.
      finalize() in Object has been deprecated
      Overrides:
      finalize in class Object
      Throws:
      Throwable