Module java.base
Package java.security

Class KeyStore.PasswordProtection

    • Constructor Detail

      • PasswordProtection

        public PasswordProtection​(char[] password)
        Creates a password parameter.

        The specified password is cloned before it is stored in the new PasswordProtection object.

        Parameters:
        password - the password, which may be null
      • PasswordProtection

        public PasswordProtection​(char[] password,
                                  String protectionAlgorithm,
                                  AlgorithmParameterSpec protectionParameters)
        Creates a password parameter and specifies the protection algorithm and associated parameters to use when encrypting a keystore entry.

        The specified password is cloned before it is stored in the new PasswordProtection object.

        Parameters:
        password - the password, which may be null
        protectionAlgorithm - the encryption algorithm name, for example, PBEWithHmacSHA256AndAES_256. See the Cipher section in the Java Security Standard Algorithm Names Specification for information about standard encryption algorithm names.
        protectionParameters - the encryption algorithm parameter specification, which may be null
        Throws:
        NullPointerException - if protectionAlgorithm is null
        Since:
        1.8
    • Method Detail

      • getProtectionAlgorithm

        public String getProtectionAlgorithm​()
        Gets the name of the protection algorithm. If none was set then the keystore provider will use its default protection algorithm. The name of the default protection algorithm for a given keystore type is set using the 'keystore.<type>.keyProtectionAlgorithm' security property. For example, the keystore.PKCS12.keyProtectionAlgorithm property stores the name of the default key protection algorithm used for PKCS12 keystores. If the security property is not set, an implementation-specific algorithm will be used.
        Returns:
        the algorithm name, or null if none was set
        Since:
        1.8
      • getProtectionParameters

        public AlgorithmParameterSpec getProtectionParameters​()
        Gets the parameters supplied for the protection algorithm.
        Returns:
        the algorithm parameter specification, or null, if none was set
        Since:
        1.8
      • getPassword

        public char[] getPassword​()
        Gets the password.

        Note that this method returns a reference to the password. If a clone of the array is created it is the caller's responsibility to zero out the password information after it is no longer needed.

        Returns:
        the password, which may be null
        Throws:
        IllegalStateException - if the password has been cleared (destroyed)
        See Also:
        destroy()
      • isDestroyed

        public boolean isDestroyed​()
        Determines if password has been cleared.
        Specified by:
        isDestroyed in interface Destroyable
        Returns:
        true if the password has been cleared, false otherwise