public class SimplePBEConfig extends Object implements PBEConfig, PBECleanablePasswordConfig
Bean implementation for PBEConfig
. This class allows
the values for the configuration parameters to be set
via "standard" setX methods.
For any of the configuration parameters, if its setX method is not called, a null value will be returned by the corresponding getX method.
Note that there is not an exact correspondence between setX() and getX() methods, as sometimes two methods like setProvider() and setProviderClassName() will affect the same configuration parameter (getProvider()). This means that several combinations of setX() methods collide, and should not be called together (a call to setProviderClassName() will override any previous call to setProvider()).
Also note that, in order to satisfy the needs of extreme security-conscious
environments in which no immutable String containing the password is allowed
to be kept in memory, this configuration objects stores the password as char[]
that is cleaned (reset to '') by the jasypt engine as soon as encryption operations
start (and therefore the specified password is no longer needed as an attribute)
(see PBECleanablePasswordConfig
).
Setting and getting the password as a char[] is also allowed via the
getPasswordCharArray()
and setPasswordCharArray(char[])
methods.
Constructor and Description |
---|
SimplePBEConfig()
Creates a new SimplePBEConfig instance.
|
Modifier and Type | Method and Description |
---|---|
void |
cleanPassword()
Clean the password stored in this configuration object.
|
String |
getAlgorithm()
Returns the algorithm to be used for encryption, like
PBEWithMD5AndDES.
|
Integer |
getKeyObtentionIterations()
Returns the number of hashing iterations applied to obtain the
encryption key.
|
String |
getPassword()
Returns the password to be used.
|
char[] |
getPasswordCharArray()
Return the password set, as a char array.
|
Integer |
getPoolSize()
Get the size of the pool of encryptors to be created.
|
Provider |
getProvider()
Returns the java.security.Provider implementation object
to be used by the encryptor for obtaining the encryption algorithm.
|
String |
getProviderName()
Returns the name of the java.security.Provider implementation
to be used by the encryptor for obtaining the encryption algorithm.
|
SaltGenerator |
getSaltGenerator()
Returns a
SaltGenerator implementation to be used by the
encryptor. |
void |
setAlgorithm(String algorithm)
Sets a value for the encryption algorithm
|
void |
setKeyObtentionIterations(Integer keyObtentionIterations)
Sets the number of hashing iterations applied to obtain the
encryption key.
|
void |
setKeyObtentionIterations(String keyObtentionIterations)
Sets the number of hashing iterations applied to obtain the
encryption key.
|
void |
setPassword(String password)
Sets the password to be used for encryption.
|
void |
setPasswordCharArray(char[] password)
Sets the password to be used for encryption, as a char[].
|
void |
setPoolSize(Integer poolSize)
Sets the size of the pool of encryptors to be created.
|
void |
setPoolSize(String poolSize)
Sets the size of the pool of encryptors to be created.
|
void |
setProvider(Provider provider)
Sets the security provider to be used for obtaining the encryption
algorithm.
|
void |
setProviderClassName(String providerClassName)
Sets the security provider to be used for obtaining the encryption
algorithm.
|
void |
setProviderName(String providerName)
Sets the name of the security provider to be asked for the encryption
algorithm.
|
void |
setSaltGenerator(SaltGenerator saltGenerator)
Sets the salt generator.
|
void |
setSaltGeneratorClassName(String saltGeneratorClassName)
Sets the salt generator.
|
public void setAlgorithm(String algorithm)
Sets a value for the encryption algorithm
This algorithm has to be supported by your JCE provider and, if this provider supports it, you can also specify mode and padding for it, like ALGORITHM/MODE/PADDING.
Determines the result of: getAlgorithm()
algorithm
- the name of the algorithm to be usedpublic void setPassword(String password)
Determines the result of: getPassword()
and
getPasswordCharArray()
.
password
- the password to be used.public void setPasswordCharArray(char[] password)
This allows the password to be specified as a cleanable char[] instead of a String, in extreme security conscious environments in which no copy of the password as an immutable String should be kept in memory.
Important: the array specified as a parameter WILL BE COPIED in order to be stored in the configuration object. The caller of this method will therefore be responsible for its cleaning (jasypt will only clean the internally stored copy).
Determines the result of: getPassword()
and
getPasswordCharArray()
.
password
- the password to be used.public void setKeyObtentionIterations(Integer keyObtentionIterations)
Determines the result of: getKeyObtentionIterations()
keyObtentionIterations
- the number of iterations.public void setKeyObtentionIterations(String keyObtentionIterations)
Determines the result of: getKeyObtentionIterations()
keyObtentionIterations
- the number of iterations.public void setSaltGenerator(SaltGenerator saltGenerator)
Sets the salt generator.
If not set, null will returned.
Determines the result of: getSaltGenerator()
saltGenerator
- the salt generator.public void setSaltGeneratorClassName(String saltGeneratorClassName)
Sets the salt generator.
If not set, null will returned.
Determines the result of: getSaltGenerator()
saltGeneratorClassName
- the name of the salt generator class.public void setProviderName(String providerName)
Sets the name of the security provider to be asked for the encryption algorithm. This provider should be already registered.
If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the encryptor object.
If not set, null will be returned.
Determines the result of: getProviderName()
providerName
- the name of the security provider.public void setProvider(Provider provider)
Sets the security provider to be used for obtaining the encryption
algorithm. This method is an alternative to
both setProviderName(String)
and
setProviderClassName(String)
and they should not be used
altogether.
The provider specified with setProvider(Provider)
does not
have to be registered beforehand, and its use will not result in its
being registered.
If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the encryptor object.
If not set, null will be returned.
Determines the result of: getProvider()
provider
- the security provider object.public void setProviderClassName(String providerClassName)
Sets the security provider to be used for obtaining the encryption
algorithm. This method is an alternative to
both setProviderName(String)
and setProvider(Provider)
and they should not be used altogether.
The provider specified with setProviderClassName(String)
does not
have to be registered beforehand, and its use will not result in its
being registered.
If both the providerName and provider properties are set, only provider will be used, and providerName will have no meaning for the encryptor object.
If not set, null will be returned.
Determines the result of: getProvider()
providerClassName
- the name of the security provider class.public void setPoolSize(Integer poolSize)
Sets the size of the pool of encryptors to be created.
This parameter will be ignored if used with a non-pooled encryptor.
If not set, null will be returned.
Determines the result of: getPoolSize()
poolSize
- the size of the pool to be used if this configuration is used with a
pooled encryptorpublic void setPoolSize(String poolSize)
Sets the size of the pool of encryptors to be created.
This parameter will be ignored if used with a non-pooled encryptor.
If not set, null will be returned.
Determines the result of: getPoolSize()
poolSize
- the size of the pool to be used if this configuration is used with a
pooled encryptorpublic String getAlgorithm()
PBEConfig
Returns the algorithm to be used for encryption, like PBEWithMD5AndDES.
This algorithm has to be supported by the specified JCE provider (or the default one if no provider has been specified) and, if the provider supports it, you can also specify mode and padding for it, like ALGORITHM/MODE/PADDING.
getAlgorithm
in interface PBEConfig
public String getPassword()
PBEConfig
Returns the password to be used.
There is no default value for password, so not setting
this parameter either from a
PBEConfig
object or from
a call to setPassword will result in an
EncryptionInitializationException being thrown during initialization.
getPassword
in interface PBEConfig
public char[] getPasswordCharArray()
PBECleanablePasswordConfig
Return the password set, as a char array.
Important: the returned array MUST BE A COPY of the one stored in the configuration object. The caller of this method is therefore be responsible for cleaning this resulting char[].
getPasswordCharArray
in interface PBECleanablePasswordConfig
public Integer getKeyObtentionIterations()
PBEConfig
Returns the number of hashing iterations applied to obtain the encryption key.
This mechanism is explained in PKCS #5: Password-Based Cryptography Standard.
getKeyObtentionIterations
in interface PBEConfig
public SaltGenerator getSaltGenerator()
PBEConfig
Returns a SaltGenerator
implementation to be used by the
encryptor.
If this method returns null, the encryptor will ignore the config object when deciding the salt generator to be used.
getSaltGenerator
in interface PBEConfig
public String getProviderName()
PBEConfig
Returns the name of the java.security.Provider implementation to be used by the encryptor for obtaining the encryption algorithm. This provider must have been registered beforehand.
If this method returns null, the encryptor will ignore this parameter when deciding the name of the security provider to be used.
If this method does not return null, and neither does PBEConfig.getProvider()
,
providerName will be ignored, and the provider object returned
by getProvider() will be used.
getProviderName
in interface PBEConfig
public Provider getProvider()
PBEConfig
Returns the java.security.Provider implementation object to be used by the encryptor for obtaining the encryption algorithm.
If this method returns null, the encryptor will ignore this parameter when deciding the security provider object to be used.
If this method does not return null, and neither does PBEConfig.getProviderName()
,
providerName will be ignored, and the provider object returned
by getProvider() will be used.
The provider returned by this method does not need to be registered beforehand, and its use will not result in its being registered.
getProvider
in interface PBEConfig
public Integer getPoolSize()
PBEConfig
Get the size of the pool of encryptors to be created.
This parameter will be ignored if used with a non-pooled encryptor.
getPoolSize
in interface PBEConfig
public void cleanPassword()
PBECleanablePasswordConfig
Clean the password stored in this configuration object.
A common implementation of this cleaning operation consists of iterating the array of chars and setting each of its positions to (char)0.
cleanPassword
in interface PBECleanablePasswordConfig
Copyright © 2019 JBoss by Red Hat. All rights reserved.