Class KeyStore.PasswordProtection

All Implemented Interfaces:
KeyStore.ProtectionParameter, Destroyable
Enclosing class:
KeyStore

public static class KeyStore.PasswordProtection
extends Object
implements KeyStore.ProtectionParameter, Destroyable

A password-based implementation of ProtectionParameter.

Since:
1.5

Constructors

Constructor and Description
PasswordProtection(char[] password)

Creates a password parameter.
PasswordProtection(char[] password, String protectionAlgorithm, AlgorithmParameterSpec protectionParameters)

Creates a password parameter and specifies the protection algorithm and associated parameters to use when encrypting a keystore entry.

Methods

Modifier and Type Method and Description
void destroy()

Clears the password.
char[] getPassword()

Gets the password.
String getProtectionAlgorithm()

Gets the name of the protection algorithm.
AlgorithmParameterSpec getProtectionParameters()

Gets the parameters supplied for the protection algorithm.
boolean isDestroyed()

Determines if password has been cleared.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructors

PasswordProtection

public PasswordProtection(char[] password)

Creates a password parameter.

The specified password is cloned before it is stored in the new PasswordProtection object.

Parameters:
password - the password, which may be null

PasswordProtection

public PasswordProtection(char[] password,
                          String protectionAlgorithm,
                          AlgorithmParameterSpec protectionParameters)

Creates a password parameter and specifies the protection algorithm and associated parameters to use when encrypting a keystore entry.

The specified password is cloned before it is stored in the new PasswordProtection object.

Parameters:
password - the password, which may be null
protectionAlgorithm - the encryption algorithm name, for example, PBEWithHmacSHA256AndAES_256. See the Cipher section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard encryption algorithm names.
protectionParameters - the encryption algorithm parameter specification, which may be null
Throws:
NullPointerException - if protectionAlgorithm is null
Since:
1.8

Methods

getProtectionAlgorithm

public String getProtectionAlgorithm()

Gets the name of the protection algorithm. If none was set then the keystore provider will use its default protection algorithm. The name of the default protection algorithm for a given keystore type is set using the 'keystore.<type>.keyProtectionAlgorithm' security property. For example, the keystore.PKCS12.keyProtectionAlgorithm property stores the name of the default key protection algorithm used for PKCS12 keystores. If the security property is not set, an implementation-specific algorithm will be used.

Returns:
the algorithm name, or null if none was set
Since:
1.8

getProtectionParameters

public AlgorithmParameterSpec getProtectionParameters()

Gets the parameters supplied for the protection algorithm.

Returns:
the algorithm parameter specification, or null, if none was set
Since:
1.8

getPassword

public char[] getPassword()

Gets the password.

Note that this method returns a reference to the password. If a clone of the array is created it is the caller's responsibility to zero out the password information after it is no longer needed.

Returns:
the password, which may be null
Throws:
IllegalStateException - if the password has been cleared (destroyed)
See Also:
destroy()

destroy

public void destroy()
             throws DestroyFailedException

Clears the password.

Specified by:
destroy in interface Destroyable
Throws:
DestroyFailedException - if this method was unable to clear the password

isDestroyed

public boolean isDestroyed()

Determines if password has been cleared.

Specified by:
isDestroyed in interface Destroyable
Returns:
true if the password has been cleared, false otherwise

© 1993, 2020, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
https://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.PasswordProtection.html