|
6.0 (c) 2002 IAIK, (c) 2003 - 2022 SIC |
|
public class PBES2ParameterSpec extends PBKDF2ParameterSpec implements java.lang.Cloneable
PBES2 parameters specify parameters for deriving a secret key from a password, and the encryption scheme for encrypting the data with the derived secret key:
PBES2-params ::= SEQUENCE {
keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }
PBES2-KDFs ALGORITHM-IDENTIFIER ::=
{ {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
PBES2-Encs ALGORITHM-IDENTIFIER ::= { ... }
The default key derivation function used by PBES2 is PBKDF2
which uses the following parameters:
salt value, iteration count, length of the to-be-derived key (optional),
and (MAC based) pseudo random function (default: HMCA/SHA1):
PBKDF2-params ::= SEQUENCE {
salt CHOICE {
specified OCTET STRING,
otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
},
iterationCount INTEGER (1..MAX),
keyLength INTEGER (1..MAX) OPTIONAL,
prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT
algid-hmacWithSHA1 }
The PBKDF2-params ASN.1 definition allows to specify the salt
value as OCTET STRING or otherSource algorithm id. However, this
implementation does not support the otherSource alternative because
until now it is not yet fully specified by PKCS#5 (version v2.1).| Constructor and Description |
|---|
PBES2ParameterSpec(byte[] salt,
int iterationCount,
int derivedKeyLength,
AlgorithmID encryptionScheme)
Creates a PBES2 parameter set for PBES2 encryption.
|
| Modifier and Type | Method and Description |
|---|---|
java.lang.Object |
clone()
Returns a clone of this PBES2ParameterSpec.
|
java.lang.String |
getAlgorithm()
Gets the algorithm name for this PBES2ParameterSpec.
|
AlgorithmID |
getEncryptionScheme()
Gets the encryption scheme to be used.
|
java.security.spec.AlgorithmParameterSpec |
getEncryptionSchemeParameters()
Gets the cipher parameters used by the encryption scheme, if included.
|
java.security.spec.AlgorithmParameterSpec |
getParameterSpec()
Gets the cipher parameters used by the encryption scheme, if included.
|
void |
setEncryptionSchemeParameters(java.security.spec.AlgorithmParameterSpec paramSpec)
Sets the cipher parameters used by the encryption scheme.
|
java.lang.String |
toString()
Returns a String representation of this PBES2ParameterSpec object.
|
java.lang.String |
toString(boolean detailed)
Returns a String representation of this PBES2ParameterSpec object.
|
getDerivedKeyLength, getIterationCount, getPrf, getSalt, setPrfpublic PBES2ParameterSpec(byte[] salt,
int iterationCount,
int derivedKeyLength,
AlgorithmID encryptionScheme)
salt - the saltiterationCount - the iteration countderivedKeyLength - the length the derived key should haveencryptionScheme - the encryption scheme to be usedjava.lang.IllegalArgumentException - if salt is null, or iteration count or derived key length are < 1public AlgorithmID getEncryptionScheme()
public java.security.spec.AlgorithmParameterSpec getEncryptionSchemeParameters()
throws java.security.InvalidAlgorithmParameterException
null
if no parameters are includedjava.security.InvalidAlgorithmParameterException - if the parameters cannot be gotpublic java.security.spec.AlgorithmParameterSpec getParameterSpec()
This method simply calls getEncryptionSchemeParameters,
this it might be better to immediately call method getEncryptionSchemeParameters.
null
if no parameters are includedjava.security.InvalidAlgorithmParameterException - if the parameters cannot be gotgetEncryptionSchemeParameterspublic void setEncryptionSchemeParameters(java.security.spec.AlgorithmParameterSpec paramSpec)
throws java.security.InvalidAlgorithmParameterException
paramSpec - the parameters to be used for the encryption scheme
(e.g. an IvParameterSpec)java.security.InvalidAlgorithmParameterException - if an error occurs when getting the algorithm parameterspublic java.lang.Object clone()
clone in class PBKDF2ParameterSpecpublic java.lang.String getAlgorithm()
public java.lang.String toString()
toString in class PBKDF2ParameterSpecpublic java.lang.String toString(boolean detailed)