1 /* 2 * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package javax.crypto.spec; 27 28 import java.security.spec.KeySpec; 29 import javax.crypto.SecretKey; 30 31 /** 32 * This class specifies a secret key in a provider-independent fashion. 33 * 34 * <p>It can be used to construct a <code>SecretKey</code> from a byte array, 35 * without having to go through a (provider-based) 36 * <code>SecretKeyFactory</code>. 37 * 38 * <p>This class is only useful for raw secret keys that can be represented as 39 * a byte array and have no key parameters associated with them, e.g., DES or 40 * Triple DES keys. 41 * 42 * @author Jan Luehe 43 * 44 * @see javax.crypto.SecretKey 45 * @see javax.crypto.SecretKeyFactory 46 * @since 1.4 47 */ 48 public class SecretKeySpec implements KeySpec, SecretKey { 49 50 private static final long serialVersionUID = 6577238317307289933L; 51 52 /** 53 * The secret key. 54 * 55 * @serial 56 */ 57 private byte[] key; 58 59 /** 60 * The name of the algorithm associated with this key. 61 * 62 * @serial 63 */ 64 private String algorithm; 65 66 /** 67 * Constructs a secret key from the given byte array. 68 * 69 * <p>This constructor does not check if the given bytes indeed specify a 70 * secret key of the specified algorithm. For example, if the algorithm is 71 * DES, this constructor does not check if <code>key</code> is 8 bytes 72 * long, and also does not check for weak or semi-weak keys. 73 * In order for those checks to be performed, an algorithm-specific 74 * <i>key specification</i> class (in this case: 75 * {@link DESKeySpec DESKeySpec}) 76 * should be used. 77 * 78 * @param key the key material of the secret key. The contents of 79 * the array are copied to protect against subsequent modification. 80 * @param algorithm the name of the secret-key algorithm to be associated 81 * with the given key material. 82 * See Appendix A in the <a href= 83 * "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA"> 84 * Java Cryptography Architecture Reference Guide</a> 85 * for information about standard algorithm names. 86 * @exception IllegalArgumentException if <code>algorithm</code> 87 * is null or <code>key</code> is null or empty. 88 */ 89 public SecretKeySpec(byte[] key, String algorithm) { 90 if (key == null || algorithm == null) { 91 throw new IllegalArgumentException("Missing argument"); 92 } 93 if (key.length == 0) { 94 throw new IllegalArgumentException("Empty key"); 95 } 96 this.key = key.clone(); 97 this.algorithm = algorithm; 98 } 99 100 /** 101 * Constructs a secret key from the given byte array, using the first 102 * <code>len</code> bytes of <code>key</code>, starting at 103 * <code>offset</code> inclusive. 104 * 105 * <p> The bytes that constitute the secret key are 106 * those between <code>key[offset]</code> and 107 * <code>key[offset+len-1]</code> inclusive. 108 * 109 * <p>This constructor does not check if the given bytes indeed specify a 110 * secret key of the specified algorithm. For example, if the algorithm is 111 * DES, this constructor does not check if <code>key</code> is 8 bytes 112 * long, and also does not check for weak or semi-weak keys. 113 * In order for those checks to be performed, an algorithm-specific key 114 * specification class (in this case: 115 * {@link DESKeySpec DESKeySpec}) 116 * must be used. 117 * 118 * @param key the key material of the secret key. The first 119 * <code>len</code> bytes of the array beginning at 120 * <code>offset</code> inclusive are copied to protect 121 * against subsequent modification. 122 * @param offset the offset in <code>key</code> where the key material 123 * starts. 124 * @param len the length of the key material. 125 * @param algorithm the name of the secret-key algorithm to be associated 126 * with the given key material. 127 * See Appendix A in the <a href= 128 * "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA"> 129 * Java Cryptography Architecture Reference Guide</a> 130 * for information about standard algorithm names. 131 * @exception IllegalArgumentException if <code>algorithm</code> 132 * is null or <code>key</code> is null, empty, or too short, 133 * i.e. {@code key.length-offset<len}. 134 * @exception ArrayIndexOutOfBoundsException is thrown if 135 * <code>offset</code> or <code>len</code> index bytes outside the 136 * <code>key</code>. 137 */ 138 public SecretKeySpec(byte[] key, int offset, int len, String algorithm) { 139 if (key == null || algorithm == null) { 140 throw new IllegalArgumentException("Missing argument"); 141 } 142 if (key.length == 0) { 143 throw new IllegalArgumentException("Empty key"); 144 } 145 if (key.length-offset < len) { 146 throw new IllegalArgumentException 147 ("Invalid offset/length combination"); 148 } 149 if (len < 0) { 150 throw new ArrayIndexOutOfBoundsException("len is negative"); 151 } 152 this.key = new byte[len]; 153 System.arraycopy(key, offset, this.key, 0, len); 154 this.algorithm = algorithm; 155 } 156 157 /** 158 * Returns the name of the algorithm associated with this secret key. 159 * 160 * @return the secret key algorithm. 161 */ 162 public String getAlgorithm() { 163 return this.algorithm; 164 } 165 166 /** 167 * Returns the name of the encoding format for this secret key. 168 * 169 * @return the string "RAW". 170 */ 171 public String getFormat() { 172 return "RAW"; 173 } 174 175 /** 176 * Returns the key material of this secret key. 177 * 178 * @return the key material. Returns a new array 179 * each time this method is called. 180 */ 181 public byte[] getEncoded() { 182 return this.key.clone(); 183 } 184 185 /** 186 * Calculates a hash code value for the object. 187 * Objects that are equal will also have the same hashcode. 188 */ 189 public int hashCode() { 190 int retval = 0; 191 for (int i = 1; i < this.key.length; i++) { 192 retval += this.key[i] * i; 193 } 194 if (this.algorithm.equalsIgnoreCase("TripleDES")) 195 return (retval ^= "desede".hashCode()); 196 else 197 return (retval ^= this.algorithm.toLowerCase().hashCode()); 198 } 199 200 /** 201 * Tests for equality between the specified object and this 202 * object. Two SecretKeySpec objects are considered equal if 203 * they are both SecretKey instances which have the 204 * same case-insensitive algorithm name and key encoding. 205 * 206 * @param obj the object to test for equality with this object. 207 * 208 * @return true if the objects are considered equal, false if 209 * <code>obj</code> is null or otherwise. 210 */ 211 public boolean equals(Object obj) { 212 if (this == obj) 213 return true; 214 215 if (!(obj instanceof SecretKey)) 216 return false; 217 218 String thatAlg = ((SecretKey)obj).getAlgorithm(); 219 if (!(thatAlg.equalsIgnoreCase(this.algorithm))) { 220 if ((!(thatAlg.equalsIgnoreCase("DESede")) 221 || !(this.algorithm.equalsIgnoreCase("TripleDES"))) 222 && (!(thatAlg.equalsIgnoreCase("TripleDES")) 223 || !(this.algorithm.equalsIgnoreCase("DESede")))) 224 return false; 225 } 226 227 byte[] thatKey = ((SecretKey)obj).getEncoded(); 228 229 return java.util.Arrays.equals(this.key, thatKey); 230 } 231 }