Class PasswordProvider

java.lang.Object
org.eclipse.equinox.security.storage.provider.PasswordProvider

public abstract class PasswordProvider extends Object
Password provider modules should extend this class. Secure storage will ask modules for passwords used to encrypt entries stored in the secure preferences.

Password provider modules can be thought of as trusted 3rd parties used to provide passwords to open keyrings containing secure preferences. They can do it, for instance, by asking the user to enter password, or integrating with operating system login, or exchanging information with a device such as a smart card reader.

Use org.eclipse.equinox.security.secureStorage extension point to contribute password provider module to the secure storage system.

  • Field Details

    • CREATE_NEW_PASSWORD

      public static final int CREATE_NEW_PASSWORD
      Bit mask for the password type field of the getPassword(IPreferencesContainer, int) method. If value at this bit set to 1, it indicates that a new password should be created; otherwise this is a request for the password previously used for this secure storage.
      See Also:
    • PASSWORD_CHANGE

      public static final int PASSWORD_CHANGE
      Bit mask for the password type field of the getPassword(IPreferencesContainer, int) method. If value at this bit set to 1, it indicates that a new password is requested as a part of the password change operation.
      See Also:
  • Constructor Details

    • PasswordProvider

      public PasswordProvider()
      Constructor.
  • Method Details

    • getPassword

      public abstract PBEKeySpec getPassword(IPreferencesContainer container, int passwordType)
      This method should return the password used to encrypt entries in the secure preferences.
      Parameters:
      container - container of the secure preferences
      passwordType - the collection of bits that describes password type requested. See CREATE_NEW_PASSWORD and PASSWORD_CHANGE. When evaluating value of this field use bit-wise filters as additional bits might be used in future versions
      Returns:
      password used to encrypt entries in the secure preferences, null if unable to obtain password
    • retryOnError

      public boolean retryOnError(Exception e, IPreferencesContainer container)
      The framework might call this method if it suspects that the password is invalid (for instance, due to a failed data decryption).
      Parameters:
      e - exception that occurred in the secure preferences processing
      container - container of the secure preferences
      Returns:
      true if a different password might be provided; false otherwise. If in doubt, return false