Back to index...

	/*
	* Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation. Oracle designates this
	* particular file as subject to the "Classpath" exception as provided
	* by Oracle in the LICENSE file that accompanied this code.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	package javax.crypto.spec;

	import java.security.MessageDigest;
	import java.security.spec.KeySpec;
	import java.util.Locale;
	import javax.crypto.SecretKey;

	/**
	* This class specifies a secret key in a provider-independent fashion.
	*
	* <p>It can be used to construct a <code>SecretKey</code> from a byte array,
	* without having to go through a (provider-based)
	* <code>SecretKeyFactory</code>.
	*
	* <p>This class is only useful for raw secret keys that can be represented as
	* a byte array and have no key parameters associated with them, e.g., DES or
	* Triple DES keys.
	*
	* @author Jan Luehe
	*
	* @see javax.crypto.SecretKey
	* @see javax.crypto.SecretKeyFactory
	* @since 1.4
	*/
	public class SecretKeySpec implements KeySpec, SecretKey {

	private static final long serialVersionUID = 6577238317307289933L;

	/**
	* The secret key.
	*
	* @serial
	*/
	private byte[] key;

	/**
	* The name of the algorithm associated with this key.
	*
	* @serial
	*/
	private String algorithm;

	/**
	* Constructs a secret key from the given byte array.
	*
	* <p>This constructor does not check if the given bytes indeed specify a
	* secret key of the specified algorithm. For example, if the algorithm is
	* DES, this constructor does not check if <code>key</code> is 8 bytes
	* long, and also does not check for weak or semi-weak keys.
	* In order for those checks to be performed, an algorithm-specific
	* <i>key specification</i> class (in this case:
	* {@link DESKeySpec DESKeySpec})
	* should be used.
	*
	* @param key the key material of the secret key. The contents of
	* the array are copied to protect against subsequent modification.
	* @param algorithm the name of the secret-key algorithm to be associated
	* with the given key material.
	* See Appendix A in the <a href=
	* "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA">
	* Java Cryptography Architecture Reference Guide</a>
	* for information about standard algorithm names.
	* @exception IllegalArgumentException if <code>algorithm</code>
	* is null or <code>key</code> is null or empty.
	*/
	public SecretKeySpec(byte[] key, String algorithm) {
	if (key == null \|\| algorithm == null) {
	throw new IllegalArgumentException("Missing argument");
	}
	if (key.length == 0) {
	throw new IllegalArgumentException("Empty key");
	}
	this.key = key.clone();
	this.algorithm = algorithm;
	}

	/**
	* Constructs a secret key from the given byte array, using the first
	* <code>len</code> bytes of <code>key</code>, starting at
	* <code>offset</code> inclusive.
	*
	* <p> The bytes that constitute the secret key are
	* those between <code>key[offset]</code> and
	* <code>key[offset+len-1]</code> inclusive.
	*
	* <p>This constructor does not check if the given bytes indeed specify a
	* secret key of the specified algorithm. For example, if the algorithm is
	* DES, this constructor does not check if <code>key</code> is 8 bytes
	* long, and also does not check for weak or semi-weak keys.
	* In order for those checks to be performed, an algorithm-specific key
	* specification class (in this case:
	* {@link DESKeySpec DESKeySpec})
	* must be used.
	*
	* @param key the key material of the secret key. The first
	* <code>len</code> bytes of the array beginning at
	* <code>offset</code> inclusive are copied to protect
	* against subsequent modification.
	* @param offset the offset in <code>key</code> where the key material
	* starts.
	* @param len the length of the key material.
	* @param algorithm the name of the secret-key algorithm to be associated
	* with the given key material.
	* See Appendix A in the <a href=
	* "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA">
	* Java Cryptography Architecture Reference Guide</a>
	* for information about standard algorithm names.
	* @exception IllegalArgumentException if <code>algorithm</code>
	* is null or <code>key</code> is null, empty, or too short,
	* i.e. {@code key.length-offset<len}.
	* @exception ArrayIndexOutOfBoundsException is thrown if
	* <code>offset</code> or <code>len</code> index bytes outside the
	* <code>key</code>.
	*/
	public SecretKeySpec(byte[] key, int offset, int len, String algorithm) {
	if (key == null \|\| algorithm == null) {
	throw new IllegalArgumentException("Missing argument");
	}
	if (key.length == 0) {
	throw new IllegalArgumentException("Empty key");
	}
	if (key.length-offset < len) {
	throw new IllegalArgumentException
	("Invalid offset/length combination");
	}
	if (len < 0) {
	throw new ArrayIndexOutOfBoundsException("len is negative");
	}
	this.key = new byte[len];
	System.arraycopy(key, offset, this.key, 0, len);
	this.algorithm = algorithm;
	}

	/**
	* Returns the name of the algorithm associated with this secret key.
	*
	* @return the secret key algorithm.
	*/
	public String getAlgorithm() {
	return this.algorithm;
	}

	/**
	* Returns the name of the encoding format for this secret key.
	*
	* @return the string "RAW".
	*/
	public String getFormat() {
	return "RAW";
	}

	/**
	* Returns the key material of this secret key.
	*
	* @return the key material. Returns a new array
	* each time this method is called.
	*/
	public byte[] getEncoded() {
	return this.key.clone();
	}

	/**
	* Calculates a hash code value for the object.
	* Objects that are equal will also have the same hashcode.
	*/
	public int hashCode() {
	int retval = 0;
	for (int i = 1; i < this.key.length; i++) {
	retval += this.key[i] * i;
	}
	if (this.algorithm.equalsIgnoreCase("TripleDES"))
	return (retval ^= "desede".hashCode());
	else
	return (retval ^=
	this.algorithm.toLowerCase(Locale.ENGLISH).hashCode());
	}

	/**
	* Tests for equality between the specified object and this
	* object. Two SecretKeySpec objects are considered equal if
	* they are both SecretKey instances which have the
	* same case-insensitive algorithm name and key encoding.
	*
	* @param obj the object to test for equality with this object.
	*
	* @return true if the objects are considered equal, false if
	* <code>obj</code> is null or otherwise.
	*/
	public boolean equals(Object obj) {
	if (this == obj)
	return true;

	if (!(obj instanceof SecretKey))
	return false;

	String thatAlg = ((SecretKey)obj).getAlgorithm();
	if (!(thatAlg.equalsIgnoreCase(this.algorithm))) {
	if ((!(thatAlg.equalsIgnoreCase("DESede"))
	\|\| !(this.algorithm.equalsIgnoreCase("TripleDES")))
	&& (!(thatAlg.equalsIgnoreCase("TripleDES"))
	\|\| !(this.algorithm.equalsIgnoreCase("DESede"))))
	return false;
	}

	byte[] thatKey = ((SecretKey)obj).getEncoded();

	return MessageDigest.isEqual(this.key, thatKey);
	}
	}

Back to index...