1 /*
2 * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.util;
27
28 import java.io.*;
29 import java.nio.*;
30 import java.nio.charset.*;
31 import java.util.Arrays;
32 import jdk.internal.access.SharedSecrets;
33
34 /**
35 * A utility class for reading passwords
36 *
37 */
38 public class Password {
39 /** Reads user password from given input stream. */
40 public static char[] readPassword(InputStream in) throws IOException {
41 return readPassword(in, false);
42 }
43
44 /** Reads user password from given input stream.
45 * @param isEchoOn true if the password should be echoed on the screen
46 */
47 @SuppressWarnings("fallthrough")
48 public static char[] readPassword(InputStream in, boolean isEchoOn)
49 throws IOException {
50
51 char[] consoleEntered = null;
52 byte[] consoleBytes = null;
53
54 try {
55 // Use the new java.io.Console class
56 Console con = null;
57 if (!isEchoOn && in == System.in && ((con = System.console()) != null)) {
58 consoleEntered = con.readPassword();
59 // readPassword returns "" if you just print ENTER,
60 // to be compatible with old Password class, change to null
61 if (consoleEntered != null && consoleEntered.length == 0) {
62 return null;
63 }
64 consoleBytes = convertToBytes(consoleEntered);
65 in = new ByteArrayInputStream(consoleBytes);
66 }
67
68 // Rest of the lines still necessary for KeyStoreLoginModule
69 // and when there is no console.
70
71 char[] lineBuffer;
72 char[] buf;
73 int i;
74
75 buf = lineBuffer = new char[128];
76
77 int room = buf.length;
78 int offset = 0;
79 int c;
80
81 boolean done = false;
82 while (!done) {
83 switch (c = in.read()) {
84 case -1:
85 case '\n':
86 done = true;
87 break;
88
89 case '\r':
90 int c2 = in.read();
91 if ((c2 != '\n') && (c2 != -1)) {
92 if (!(in instanceof PushbackInputStream)) {
93 in = new PushbackInputStream(in);
94 }
95 ((PushbackInputStream)in).unread(c2);
96 } else {
97 done = true;
98 break;
99 }
100 /* fall through */
101 default:
102 if (--room < 0) {
103 buf = new char[offset + 128];
104 room = buf.length - offset - 1;
105 System.arraycopy(lineBuffer, 0, buf, 0, offset);
106 Arrays.fill(lineBuffer, ' ');
107 lineBuffer = buf;
108 }
109 buf[offset++] = (char) c;
110 break;
111 }
112 }
113
114 if (offset == 0) {
115 return null;
116 }
117
118 char[] ret = new char[offset];
119 System.arraycopy(buf, 0, ret, 0, offset);
120 Arrays.fill(buf, ' ');
121
122 return ret;
123 } finally {
124 if (consoleEntered != null) {
125 Arrays.fill(consoleEntered, ' ');
126 }
127 if (consoleBytes != null) {
128 Arrays.fill(consoleBytes, (byte)0);
129 }
130 }
131 }
132
133 /**
134 * Change a password read from Console.readPassword() into
135 * its original bytes.
136 *
137 * @param pass a char[]
138 * @return its byte[] format, similar to new String(pass).getBytes()
139 */
140 private static byte[] convertToBytes(char[] pass) {
141 if (enc == null) {
142 synchronized (Password.class) {
143 enc = SharedSecrets.getJavaIOAccess()
144 .charset()
145 .newEncoder()
146 .onMalformedInput(CodingErrorAction.REPLACE)
147 .onUnmappableCharacter(CodingErrorAction.REPLACE);
148 }
149 }
150 byte[] ba = new byte[(int)(enc.maxBytesPerChar() * pass.length)];
151 ByteBuffer bb = ByteBuffer.wrap(ba);
152 synchronized (enc) {
153 enc.reset().encode(CharBuffer.wrap(pass), bb, true);
154 }
155 if (bb.position() < ba.length) {
156 ba[bb.position()] = '\n';
157 }
158 return ba;
159 }
160 private static volatile CharsetEncoder enc;
161 }