All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.jasypt.encryption.pbe.config.SimplePBEConfig Maven / Gradle / Ivy

There is a newer version: 6.1.4
Show newest version
/*
 * =============================================================================
 * 
 *   Copyright (c) 2007-2010, The JASYPT team (http://www.jasypt.org)
 * 
 *   Licensed under the Apache License, Version 2.0 (the "License");
 *   you may not use this file except in compliance with the License.
 *   You may obtain a copy of the License at
 * 
 *       http://www.apache.org/licenses/LICENSE-2.0
 * 
 *   Unless required by applicable law or agreed to in writing, software
 *   distributed under the License is distributed on an "AS IS" BASIS,
 *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *   See the License for the specific language governing permissions and
 *   limitations under the License.
 * 
 * =============================================================================
 */
package org.jasypt.encryption.pbe.config;

import java.security.Provider;

import org.jasypt.exceptions.EncryptionInitializationException;
import org.jasypt.exceptions.PasswordAlreadyCleanedException;
import org.jasypt.iv.IvGenerator;
import org.jasypt.salt.SaltGenerator;


/**
 * 

* Bean implementation for {@link PBEConfig}. This class allows * the values for the configuration parameters to be set * via "standard" setX methods. *

*

* For any of the configuration parameters, if its setX * method is not called, a null value will be returned by the * corresponding getX method. *

*

* Note that there is not an exact correspondence between setX() * and getX() methods, as sometimes two methods like * setProvider() and setProviderClassName() will affect the * same configuration parameter (getProvider()). This means that * several combinations of setX() methods collide, and * should not be called together (a call to setProviderClassName() * will override any previous call to setProvider()). *

*

* Also note that, in order to satisfy the needs of extreme security-conscious * environments in which no immutable String containing the password is allowed * to be kept in memory, this configuration objects stores the password as char[] * that is cleaned (reset to '') by the jasypt engine as soon as encryption operations * start (and therefore the specified password is no longer needed as an attribute) * (see {@link PBECleanablePasswordConfig}). *

*

* Setting and getting the password as a char[] is also allowed via the * {@link #getPasswordCharArray()} and {@link #setPasswordCharArray(char[])} methods. *

* * @since 1.0 * * @author Daniel Fernández * */ public class SimplePBEConfig implements PBEConfig, PBECleanablePasswordConfig { private String algorithm = null; private char[] password = null; private Integer keyObtentionIterations = null; private SaltGenerator saltGenerator = null; private IvGenerator ivGenerator = null; private String providerName = null; private Provider provider = null; private Integer poolSize = null; private boolean passwordCleaned = false; /** *

* Creates a new SimplePBEConfig instance. *

*/ public SimplePBEConfig() { super(); } /** *

* Sets a value for the encryption algorithm *

*

* This algorithm has to be supported by your JCE provider and, if this provider * supports it, you can also specify mode and padding for * it, like ALGORITHM/MODE/PADDING. *

*

* Determines the result of: {@link #getAlgorithm()} *

* * @param algorithm the name of the algorithm to be used */ public void setAlgorithm(final String algorithm) { this.algorithm = algorithm; } /** * Sets the password to be used for encryption. *

* Determines the result of: {@link #getPassword()} and * {@link #getPasswordCharArray()}. *

* * @param password the password to be used. */ public void setPassword(final String password) { if (this.password != null) { // We clean the old password, if there is one. cleanPassword(); } if (password == null) { this.password = null; } else { this.password = password.toCharArray(); } } /** * Sets the password to be used for encryption, as a char[]. *

* This allows the password to be specified as a cleanable * char[] instead of a String, in extreme security conscious environments * in which no copy of the password as an immutable String should * be kept in memory. *

*

* Important: the array specified as a parameter WILL BE COPIED * in order to be stored in the configuration object. The caller of * this method will therefore be responsible for its cleaning (jasypt * will only clean the internally stored copy). *

*

* Determines the result of: {@link #getPassword()} and * {@link #getPasswordCharArray()}. *

* * @since 1.8 * * @param password the password to be used. */ public void setPasswordCharArray(final char[] password) { if (this.password != null) { // We clean the old password, if there is one. cleanPassword(); } if (password == null) { this.password = null; } else { this.password = new char[password.length]; System.arraycopy(password, 0, this.password, 0, password.length); } } /** * Sets the number of hashing iterations applied to obtain the * encryption key. *

* Determines the result of: {@link #getKeyObtentionIterations()} *

* * @param keyObtentionIterations the number of iterations. */ public void setKeyObtentionIterations(final Integer keyObtentionIterations) { this.keyObtentionIterations = keyObtentionIterations; } /** * Sets the number of hashing iterations applied to obtain the * encryption key. *

* Determines the result of: {@link #getKeyObtentionIterations()} *

* * @since 1.4 * * @param keyObtentionIterations the number of iterations. */ public void setKeyObtentionIterations(final String keyObtentionIterations) { if (keyObtentionIterations != null) { try { this.keyObtentionIterations = new Integer(keyObtentionIterations); } catch (NumberFormatException e) { throw new EncryptionInitializationException(e); } } else { this.keyObtentionIterations = null; } } /** *

* Sets the salt generator. *

*

* If not set, null will returned. *

*

* Determines the result of: {@link #getSaltGenerator()} *

* * @param saltGenerator the salt generator. */ public void setSaltGenerator(final SaltGenerator saltGenerator) { this.saltGenerator = saltGenerator; } /** *

* Sets the salt generator. *

*

* If not set, null will returned. *

*

* Determines the result of: {@link #getSaltGenerator()} *

* * @since 1.4 * * @param saltGeneratorClassName the name of the salt generator class. */ public void setSaltGeneratorClassName(final String saltGeneratorClassName) { if (saltGeneratorClassName != null) { try { final Class saltGeneratorClass = Thread.currentThread().getContextClassLoader().loadClass(saltGeneratorClassName); this.saltGenerator = (SaltGenerator) saltGeneratorClass.newInstance(); } catch (Exception e) { throw new EncryptionInitializationException(e); } } else { this.saltGenerator = null; } } /** *

* Sets the IV generator. *

*

* If not set, null will returned. *

*

* Determines the result of: {@link #getIvGenerator()} *

* * @since 1.9.3 * * @param ivGenerator the IV generator. */ public void setIvGenerator(final IvGenerator ivGenerator) { this.ivGenerator = ivGenerator; } /** *

* Sets the IV generator. *

*

* If not set, null will returned. *

*

* Determines the result of: {@link #getIvGenerator()} *

* * @since 1.9.3 * * @param ivGeneratorClassName the name of the IV generator class. */ public void setIvGeneratorClassName(final String ivGeneratorClassName) { if (ivGeneratorClassName != null) { try { final Class ivGeneratorClass = Thread.currentThread().getContextClassLoader().loadClass(ivGeneratorClassName); this.ivGenerator = (IvGenerator) ivGeneratorClass.newInstance(); } catch (Exception e) { throw new EncryptionInitializationException(e); } } else { this.ivGenerator = null; } } /** *

* Sets the name of the security provider to be asked for the encryption * algorithm. This provider should be already registered. *

*

* If both the providerName and provider properties * are set, only provider will be used, and providerName * will have no meaning for the encryptor object. *

*

* If not set, null will be returned. *

*

* Determines the result of: {@link #getProviderName()} *

* * @since 1.3 * * @param providerName the name of the security provider. */ public void setProviderName(final String providerName) { this.providerName = providerName; } /** *

* Sets the security provider to be used for obtaining the encryption * algorithm. This method is an alternative to * both {@link #setProviderName(String)} and * {@link #setProviderClassName(String)} and they should not be used * altogether. * The provider specified with {@link #setProvider(Provider)} does not * have to be registered beforehand, and its use will not result in its * being registered. *

*

* If both the providerName and provider properties * are set, only provider will be used, and providerName * will have no meaning for the encryptor object. *

*

* If not set, null will be returned. *

*

* Determines the result of: {@link #getProvider()} *

* * @since 1.3 * * @param provider the security provider object. */ public void setProvider(final Provider provider) { this.provider = provider; } /** *

* Sets the security provider to be used for obtaining the encryption * algorithm. This method is an alternative to * both {@link #setProviderName(String)} and {@link #setProvider(Provider)} * and they should not be used altogether. * The provider specified with {@link #setProviderClassName(String)} does not * have to be registered beforehand, and its use will not result in its * being registered. *

*

* If both the providerName and provider properties * are set, only provider will be used, and providerName * will have no meaning for the encryptor object. *

*

* If not set, null will be returned. *

*

* Determines the result of: {@link #getProvider()} *

* * @since 1.4 * * @param providerClassName the name of the security provider class. */ public void setProviderClassName(final String providerClassName) { if (providerClassName != null) { try { final Class providerClass = Thread.currentThread().getContextClassLoader().loadClass(providerClassName); this.provider = (Provider) providerClass.newInstance(); } catch (Exception e) { throw new EncryptionInitializationException(e); } } else { this.provider = null; } } /** *

* Sets the size of the pool of encryptors to be created. *

*

* This parameter will be ignored if used with a non-pooled encryptor. *

*

* If not set, null will be returned. *

*

* Determines the result of: {@link #getPoolSize()} *

* * @since 1.7 * * @param poolSize the size of the pool to be used if this configuration is used with a * pooled encryptor */ public void setPoolSize(final Integer poolSize) { this.poolSize = poolSize; } /** *

* Sets the size of the pool of encryptors to be created. *

*

* This parameter will be ignored if used with a non-pooled encryptor. *

*

* If not set, null will be returned. *

*

* Determines the result of: {@link #getPoolSize()} *

* * @since 1.7 * * @param poolSize the size of the pool to be used if this configuration is used with a * pooled encryptor */ public void setPoolSize(final String poolSize) { if (poolSize != null) { try { this.poolSize = new Integer(poolSize); } catch (NumberFormatException e) { throw new EncryptionInitializationException(e); } } else { this.poolSize = null; } } public String getAlgorithm() { return this.algorithm; } public String getPassword() { if (this.passwordCleaned) { throw new PasswordAlreadyCleanedException(); } return new String(this.password); } public char[] getPasswordCharArray() { if (this.passwordCleaned) { throw new PasswordAlreadyCleanedException(); } final char[] result = new char[this.password.length]; System.arraycopy(this.password, 0, result, 0, this.password.length); return result; } public Integer getKeyObtentionIterations() { return this.keyObtentionIterations; } public SaltGenerator getSaltGenerator() { return this.saltGenerator; } public IvGenerator getIvGenerator() { return this.ivGenerator; } public String getProviderName() { return this.providerName; } public Provider getProvider() { return this.provider; } public Integer getPoolSize() { return this.poolSize; } public void cleanPassword() { if (this.password != null) { final int pwdLength = this.password.length; for (int i = 0; i < pwdLength; i++) { this.password[i] = (char)0; } this.password = new char[0]; } this.passwordCleaned = true; } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy