Module ibm.crypto.hdwrcca
Package com.ibm.crypto.hdwrCCA.provider

Class PKCS5KeySpec

java.lang.Object
com.ibm.crypto.hdwrCCA.provider.PKCS5KeySpec
Type Parameters:
FinalizeRemoval -
All Implemented Interfaces:
KeySpec
public class PKCS5KeySpec extends Object implements KeySpec
Specification for a "generalized" PBE key. While a PBEKey is derived from a password and is used in the PBEWithMD5andDES cipher, a PKCS5Key is derived from a password and can be used in any PBES1 encryption schemes (for example, PBEWithMD5AndDES, PBEWithMD2AndRC2, PBEWithSHAAndTripleDES, etc).

Note that this class stores passwords as char arrays instead of String objects (which would seem more logical), because the String class is immutable and there is no way to overwrite its internal value when the password stored in it is no longer needed. Hence, this class requests the password as a char array, so it can be overwritten when done.

  • Constructor Details

    • PKCS5KeySpec

      public PKCS5KeySpec(char[] password, String alg)
      Constructor that takes a password and an algorithm.

      Note that the given password is cloned before it is stored in the new PKCS5KeySpec object.

      Parameters:
      password - the password.
      alg - the algorithm.

  • Method Details

    • getPassword

      public final char[] getPassword()
      Returns a clone of the password.

      Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.

      Returns:
      A clone of the password

    • getAlgorithm

      public final String getAlgorithm()
      Returns the algorithm.
      Returns:
      the algorithm

    • cleaner

      protected void cleaner()
      Call the class IBMJCECCACleaner to clean up this spec passowrd.