PBES2Parameters ("Entrust Authority Security Toolkit for the Java Platform")

java.lang.Object
- java.security.AlgorithmParametersSpi
- - iaik.security.pbe.PBES2Parameters

public class PBES2Parameters
extends java.security.AlgorithmParametersSpi

This class implements the parameter set used with password-based encryption scheme 2 (PBES2), which is defined in PKCS#5 as follows:

 -- PBES2

 PBES2Algorithms ALGORITHM-IDENTIFIER ::=
   { {PBES2-params IDENTIFIED BY id-PBES2}, ...}

 id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}

 PBES2-params ::= SEQUENCE {
   keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
   encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }

 PBES2-KDFs ALGORITHM-IDENTIFIER ::=
   { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }

 PBES2-Encs ALGORITHM-IDENTIFIER ::= { ... }

 -- PBKDF2

 PBKDF2Algorithms ALGORITHM-IDENTIFIER ::=
   { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ...}

 id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}

 PBKDF2-params ::= SEQUENCE {
     salt CHOICE {
       specified OCTET STRING,
       otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
     },
     iterationCount INTEGER (1..MAX),
     keyLength INTEGER (1..MAX) OPTIONAL,
     prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1
 }

 PBKDF2-SaltSources ALGORITHM-IDENTIFIER ::= { ... }

 PBKDF2-PRFs ALGORITHM-IDENTIFIER ::= {
     {NULL IDENTIFIED BY id-hmacWithSHA1} |
     {NULL IDENTIFIED BY id-hmacWithSHA224} |
     {NULL IDENTIFIED BY id-hmacWithSHA256} |
     {NULL IDENTIFIED BY id-hmacWithSHA384} |
     {NULL IDENTIFIED BY id-hmacWithSHA512}, ... }

 algid-hmacWithSHA1 AlgorithmIdentifier {{PBKDF2-PRFs}} ::=
     {algorithm id-hmacWithSHA1, parameters NULL : NULL}

 id-hmacWithSHA1 OBJECT IDENTIFIER ::= {digestAlgorithm 7}

 PBES2-Encs ALGORITHM-IDENTIFIER ::= { ... }

Since:: 9.0

Constructor Summary

Constructors
Constructor and Description

PBES2Parameters()
The default constructor.

Constructors
Constructor and Description
`PBES2Parameters()` The default constructor.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected byte[]`	`engineGetEncoded()` Returns the parameters as DER byte array.
`protected byte[]`	`engineGetEncoded(java.lang.String format)` Returns the parameters as a DER byte array.
`protected java.security.spec.AlgorithmParameterSpec`	`engineGetParameterSpec(java.lang.Class paramSpec)` Returns the PBES2 parameters as transparent PBES2 parameter specification of the given class type.
`protected void`	`engineInit(java.security.spec.AlgorithmParameterSpec paramSpec)` Initializes this PBES2Parameters with salt and iteration count from a given PBES2KeyAndParameterSpec.
`protected void`	`engineInit(byte[] params)` Initializes this PBES2Parameters object from the given DER encoded byte array.
`protected void`	`engineInit(byte[] params, java.lang.String format)` Inits the parameters from an DER encoded byte array.
`protected java.lang.String`	`engineToString()` Returns a String representation of the parameters.
`protected AlgorithmID`	`getEncryptionScheme()`
`protected int`	`getIterationCount()`
`protected AlgorithmID`	`getKD()`
`protected AlgorithmID`	`getPRF()`
`protected byte[]`	`getSalt()`
`ASN1Object`	`toASN1Object()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - PBES2Parameters
```
public PBES2Parameters()
```
    The default constructor. Only internally used for creating a PBES2Parameters object. Applications shall use one of the AlgorithmParameters.getInstance factory methods for obtaining PBES2Parameters.
- Method Detail
  - engineGetEncoded
```
protected byte[] engineGetEncoded()
                           throws java.io.IOException
```
    Returns the parameters as DER byte array.
    A SEQUENCE ASN.1 object is created for holding salt, iteration count, derived key length (optional) and the pseudorandom function; subsequently this SEQUENCE object is DER-encoded to get the required byte array.
```
 PBES2-params ::= SEQUENCE {
   keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
   encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }

 PBKDF2-params ::= SEQUENCE {
   salt            CHOICE
   {
     specified       OCTET STRING,
     otherSource     AlgorithmIdentifier {{PBKDF2-SaltSources}}
   },
   iterationCount  INTEGER (1000..MAX),
   keyLength       INTEGER (32..MAX) OPTIONAL,
   prf             AlgorithmIdentifier {{PBKDF2-PRFs}}
 }
        - salt contains the random value S in OCTET STRING.
        - iterationCount specifies the iteration count c.
        - keyLength is the length of the derived key in octets. It is optional field for PBES2 sheme since it is always 32 octets.
        - prf identifies the pseudorandom function.
 
```
    Specified by:
    
    engineGetEncoded in class java.security.AlgorithmParametersSpi
    
    Returns:
    
    the PBES2 parameters as DER byte array
    
    Throws:
    
    java.io.IOException - if an encoding error occurs
  - engineGetEncoded
```
protected byte[] engineGetEncoded(java.lang.String format)
                           throws java.io.IOException
```
    Returns the parameters as a DER byte array.
    Format is ignored. Only DER encoding is supported at this time. This method only calls engineGetEncoded() for returning the PBES2 paramters as DER encoded byte array, regardless of what is specified in the format string.
    
    Specified by:
    
    engineGetEncoded in class java.security.AlgorithmParametersSpi
    
    Parameters:
    
    format - the encoding format; ignored
    
    Returns:
    
    the PBES2 parameters as DER byte array
    
    Throws:
    
    java.io.IOException - if an encoding error occurs
  - engineGetParameterSpec
```
protected java.security.spec.AlgorithmParameterSpec engineGetParameterSpec(java.lang.Class paramSpec)
                                                                    throws java.security.spec.InvalidParameterSpecException
```
    Returns the PBES2 parameters as transparent PBES2 parameter specification of the given class type.
    
    Specified by:
    
    engineGetParameterSpec in class java.security.AlgorithmParametersSpi
    
    Parameters:
    
    paramSpec - the desired parameter specification class
    
    Returns:
    
    the PBES2 parameters as AlgorithmParaneterSpec
    
    Throws:
    
    java.security.spec.InvalidParameterSpecException - if the paramters cannot be converted to the desired parameter specification
  - engineInit
```
protected void engineInit(java.security.spec.AlgorithmParameterSpec paramSpec)
                   throws java.security.spec.InvalidParameterSpecException
```
    Initializes this PBES2Parameters with salt and iteration count from a given PBES2KeyAndParameterSpec.
    
    Specified by:
    
    engineInit in class java.security.AlgorithmParametersSpi
    
    Parameters:
    
    paramSpec - the parameter specification, which has to be a PBES2KeyAndParameterSpec
    
    Throws:
    
    java.security.spec.InvalidParameterSpecException - if the given parameter specification is not a PBEParameterSpec
  - engineInit
```
protected void engineInit(byte[] params)
                   throws java.io.IOException
```
    Initializes this PBES2Parameters object from the given DER encoded byte array.
    From the given byte array a ASN.1 object is created to be parsed for the required salt, iteration count, derived key length (optional) and the pseudorandom function.
    
    Specified by:
    
    engineInit in class java.security.AlgorithmParametersSpi
    
    Parameters:
    
    params - the DER encoded byte array
    
    Throws:
    
    java.io.IOException - if an error occurs when decoding the given byte array
  - toASN1Object
```
public ASN1Object toASN1Object()
```
  - getSalt
```
protected byte[] getSalt()
```
  - getIterationCount
```
protected int getIterationCount()
```
  - getKD
```
protected AlgorithmID getKD()
```
  - getPRF
```
protected AlgorithmID getPRF()
```
  - getEncryptionScheme
```
protected AlgorithmID getEncryptionScheme()
```
  - engineInit
```
protected void engineInit(byte[] params,
                          java.lang.String format)
                   throws java.io.IOException
```
    Inits the parameters from an DER encoded byte array. Format is ignored. Only calls engineInit(params) for initializing this PBEParamters object from the given DER encoded byte array, regardless of what is specified in the format string.
    
    Specified by:
    
    engineInit in class java.security.AlgorithmParametersSpi
    
    Parameters:
    
    params - the DER encoded byte array
    
    format - the encoding format; ignored
    
    Throws:
    
    java.io.IOException - if an error occurs when decoding the given byte array
  - engineToString
```
protected java.lang.String engineToString()
```
    Returns a String representation of the parameters.
    
    Specified by:
    
    engineToString in class java.security.AlgorithmParametersSpi
    
    Returns:
    
    a String representation of this PBEParameters object

Class PBES2Parameters

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

PBES2Parameters

Method Detail

engineGetEncoded

engineGetEncoded

engineGetParameterSpec

engineInit

engineInit

toASN1Object

getSalt

getIterationCount

getKD

getPRF

getEncryptionScheme

engineInit

engineToString