View Javadoc
1   /*
2    * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
3    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4    *
5    * This code is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU General Public License version 2 only, as
7    * published by the Free Software Foundation.  Oracle designates this
8    * particular file as subject to the "Classpath" exception as provided
9    * by Oracle in the LICENSE file that accompanied this code.
10   *
11   * This code is distributed in the hope that it will be useful, but WITHOUT
12   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13   * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14   * version 2 for more details (a copy is included in the LICENSE file that
15   * accompanied this code).
16   *
17   * You should have received a copy of the GNU General Public License version
18   * 2 along with this work; if not, write to the Free Software Foundation,
19   * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20   *
21   * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22   * or visit www.oracle.com if you need additional information or have any
23   * questions.
24   */
25  
26  package javax.crypto.spec;
27  
28  import java.security.spec.KeySpec;
29  import javax.crypto.SecretKey;
30  
31  /**
32   * This class specifies a secret key in a provider-independent fashion.
33   *
34   * <p>It can be used to construct a <code>SecretKey</code> from a byte array,
35   * without having to go through a (provider-based)
36   * <code>SecretKeyFactory</code>.
37   *
38   * <p>This class is only useful for raw secret keys that can be represented as
39   * a byte array and have no key parameters associated with them, e.g., DES or
40   * Triple DES keys.
41   *
42   * @author Jan Luehe
43   *
44   * @see javax.crypto.SecretKey
45   * @see javax.crypto.SecretKeyFactory
46   * @since 1.4
47   */
48  public class SecretKeySpec implements KeySpec, SecretKey {
49  
50      private static final long serialVersionUID = 6577238317307289933L;
51  
52      /**
53       * The secret key.
54       *
55       * @serial
56       */
57      private byte[] key;
58  
59      /**
60       * The name of the algorithm associated with this key.
61       *
62       * @serial
63       */
64      private String algorithm;
65  
66      /**
67       * Constructs a secret key from the given byte array.
68       *
69       * <p>This constructor does not check if the given bytes indeed specify a
70       * secret key of the specified algorithm. For example, if the algorithm is
71       * DES, this constructor does not check if <code>key</code> is 8 bytes
72       * long, and also does not check for weak or semi-weak keys.
73       * In order for those checks to be performed, an algorithm-specific
74       * <i>key specification</i> class (in this case:
75       * {@link DESKeySpec DESKeySpec})
76       * should be used.
77       *
78       * @param key the key material of the secret key. The contents of
79       * the array are copied to protect against subsequent modification.
80       * @param algorithm the name of the secret-key algorithm to be associated
81       * with the given key material.
82       * See Appendix A in the <a href=
83       *   "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA">
84       * Java Cryptography Architecture Reference Guide</a>
85       * for information about standard algorithm names.
86       * @exception IllegalArgumentException if <code>algorithm</code>
87       * is null or <code>key</code> is null or empty.
88       */
89      public SecretKeySpec(byte[] key, String algorithm) {
90          if (key == null || algorithm == null) {
91              throw new IllegalArgumentException("Missing argument");
92          }
93          if (key.length == 0) {
94              throw new IllegalArgumentException("Empty key");
95          }
96          this.key = key.clone();
97          this.algorithm = algorithm;
98      }
99  
100     /**
101      * Constructs a secret key from the given byte array, using the first
102      * <code>len</code> bytes of <code>key</code>, starting at
103      * <code>offset</code> inclusive.
104      *
105      * <p> The bytes that constitute the secret key are
106      * those between <code>key[offset]</code> and
107      * <code>key[offset+len-1]</code> inclusive.
108      *
109      * <p>This constructor does not check if the given bytes indeed specify a
110      * secret key of the specified algorithm. For example, if the algorithm is
111      * DES, this constructor does not check if <code>key</code> is 8 bytes
112      * long, and also does not check for weak or semi-weak keys.
113      * In order for those checks to be performed, an algorithm-specific key
114      * specification class (in this case:
115      * {@link DESKeySpec DESKeySpec})
116      * must be used.
117      *
118      * @param key the key material of the secret key. The first
119      * <code>len</code> bytes of the array beginning at
120      * <code>offset</code> inclusive are copied to protect
121      * against subsequent modification.
122      * @param offset the offset in <code>key</code> where the key material
123      * starts.
124      * @param len the length of the key material.
125      * @param algorithm the name of the secret-key algorithm to be associated
126      * with the given key material.
127      * See Appendix A in the <a href=
128      *   "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA">
129      * Java Cryptography Architecture Reference Guide</a>
130      * for information about standard algorithm names.
131      * @exception IllegalArgumentException if <code>algorithm</code>
132      * is null or <code>key</code> is null, empty, or too short,
133      * i.e. {@code key.length-offset<len}.
134      * @exception ArrayIndexOutOfBoundsException is thrown if
135      * <code>offset</code> or <code>len</code> index bytes outside the
136      * <code>key</code>.
137      */
138     public SecretKeySpec(byte[] key, int offset, int len, String algorithm) {
139         if (key == null || algorithm == null) {
140             throw new IllegalArgumentException("Missing argument");
141         }
142         if (key.length == 0) {
143             throw new IllegalArgumentException("Empty key");
144         }
145         if (key.length-offset < len) {
146             throw new IllegalArgumentException
147                 ("Invalid offset/length combination");
148         }
149         if (len < 0) {
150             throw new ArrayIndexOutOfBoundsException("len is negative");
151         }
152         this.key = new byte[len];
153         System.arraycopy(key, offset, this.key, 0, len);
154         this.algorithm = algorithm;
155     }
156 
157     /**
158      * Returns the name of the algorithm associated with this secret key.
159      *
160      * @return the secret key algorithm.
161      */
162     public String getAlgorithm() {
163         return this.algorithm;
164     }
165 
166     /**
167      * Returns the name of the encoding format for this secret key.
168      *
169      * @return the string "RAW".
170      */
171     public String getFormat() {
172         return "RAW";
173     }
174 
175     /**
176      * Returns the key material of this secret key.
177      *
178      * @return the key material. Returns a new array
179      * each time this method is called.
180      */
181     public byte[] getEncoded() {
182         return this.key.clone();
183     }
184 
185     /**
186      * Calculates a hash code value for the object.
187      * Objects that are equal will also have the same hashcode.
188      */
189     public int hashCode() {
190         int retval = 0;
191         for (int i = 1; i < this.key.length; i++) {
192             retval += this.key[i] * i;
193         }
194         if (this.algorithm.equalsIgnoreCase("TripleDES"))
195             return (retval ^= "desede".hashCode());
196         else
197             return (retval ^= this.algorithm.toLowerCase().hashCode());
198     }
199 
200    /**
201      * Tests for equality between the specified object and this
202      * object. Two SecretKeySpec objects are considered equal if
203      * they are both SecretKey instances which have the
204      * same case-insensitive algorithm name and key encoding.
205      *
206      * @param obj the object to test for equality with this object.
207      *
208      * @return true if the objects are considered equal, false if
209      * <code>obj</code> is null or otherwise.
210      */
211     public boolean equals(Object obj) {
212         if (this == obj)
213             return true;
214 
215         if (!(obj instanceof SecretKey))
216             return false;
217 
218         String thatAlg = ((SecretKey)obj).getAlgorithm();
219         if (!(thatAlg.equalsIgnoreCase(this.algorithm))) {
220             if ((!(thatAlg.equalsIgnoreCase("DESede"))
221                  || !(this.algorithm.equalsIgnoreCase("TripleDES")))
222                 && (!(thatAlg.equalsIgnoreCase("TripleDES"))
223                     || !(this.algorithm.equalsIgnoreCase("DESede"))))
224             return false;
225         }
226 
227         byte[] thatKey = ((SecretKey)obj).getEncoded();
228 
229         return java.util.Arrays.equals(this.key, thatKey);
230     }
231 }