Package org.mozilla.jss.util
Class Password
- java.lang.Object
-
- org.mozilla.jss.util.Password
-
- All Implemented Interfaces:
java.io.Serializable
,java.lang.Cloneable
,PasswordCallback
public class Password extends java.lang.Object implements PasswordCallback, java.lang.Cloneable, java.io.Serializable
Stores a password.clear
should be called when the password is no longer needed so that the sensitive information is not left in memory.A
Password
can be used as a hard-codedPasswordCallback
.- See Also:
PasswordCallback
, Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.mozilla.jss.util.PasswordCallback
PasswordCallback.GiveUpException
-
-
Field Summary
Fields Modifier and Type Field Description static org.slf4j.Logger
logger
-
Constructor Summary
Constructors Constructor Description Password(char[] pw)
Creates a Password from a char array, then wipes the char array.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static byte[]
charToByte(char[] charArray)
Converts a char array to a null-terminated byte array using a standard encoding, which is currently UTF8.void
clear()
Clears the password so that sensitive data is no longer present in memory.java.lang.Object
clone()
Clones the password.boolean
equals(java.lang.Object obj)
Compares this password to another and returns true if they are the same.protected void
finalize()
Deprecated.finalize() in Object has been deprecatedchar[]
getCharCopy()
Returns a char array that is a copy of the password.char[]
getChars()
Returns the char array underlying this password.Password
getPasswordAgain(PasswordCallbackInfo info)
An implementation ofPasswordCallback.getPasswordAgain
.Password
getPasswordFirstAttempt(PasswordCallbackInfo info)
An implementation ofPasswordCallback.getPasswordFirstAttempt
.static Password
readPasswordFromConsole()
Reads a password from the console with echo disabled.static void
wipeBytes(byte[] byteArray)
Wipes a byte array by setting all its elements to zero.static void
wipeChars(char[] charArray)
Wipes a char array by setting all its elements to zero.
-
-
-
Method Detail
-
getPasswordFirstAttempt
public Password getPasswordFirstAttempt(PasswordCallbackInfo info) throws PasswordCallback.GiveUpException
An implementation ofPasswordCallback.getPasswordFirstAttempt
. This allows aPassword
object to be treated as aPasswordCallback
. This method simply returns a clone of the password.- Specified by:
getPasswordFirstAttempt
in interfacePasswordCallback
- Parameters:
info
- Information about the token that is being logged into.- Returns:
- A copy of the password. The caller is responsible for clearing this copy.
- Throws:
PasswordCallback.GiveUpException
- If the callback does not want to supply a password.
-
equals
public boolean equals(java.lang.Object obj)
Compares this password to another and returns true if they are the same.- Overrides:
equals
in classjava.lang.Object
-
getPasswordAgain
public Password getPasswordAgain(PasswordCallbackInfo info) throws PasswordCallback.GiveUpException
An implementation ofPasswordCallback.getPasswordAgain
. This allows aPassword
object to be used as aPasswordCallback
. This method is only called after a call togetPasswordFirstAttempt
returned the wrong password. This means the password is incorrect and there's no sense returning it again, so aGiveUpException
is thrown.- Specified by:
getPasswordAgain
in interfacePasswordCallback
- Parameters:
info
- Information about the token that is being logged into.- Returns:
- The password. This password object is owned by and will be cleared by the caller.
- Throws:
PasswordCallback.GiveUpException
- If the callback does not want to supply a password. This may often be the case if the first attempt failed.
-
getChars
public char[] getChars()
Returns the char array underlying this password. It must not be modified in any way.
-
getCharCopy
public char[] getCharCopy()
Returns a char array that is a copy of the password. The caller is responsible for wiping the returned array, for example usingwipeChars
.
-
clear
public void clear()
Clears the password so that sensitive data is no longer present in memory. This should be called as soon as the password is no longer needed.
-
clone
public java.lang.Object clone()
Clones the password. The resulting clone will be completely independent of the parent, which means it will have to be separately cleared.- Overrides:
clone
in classjava.lang.Object
-
finalize
@Deprecated protected void finalize() throws java.lang.Throwable
Deprecated.finalize() in Object has been deprecatedThe finalizer clears the sensitive information before releasing it to the garbage collector, but it should have been cleared manually before this point anyway.- Overrides:
finalize
in classjava.lang.Object
- Throws:
java.lang.Throwable
-
charToByte
public static byte[] charToByte(char[] charArray)
Converts a char array to a null-terminated byte array using a standard encoding, which is currently UTF8. The caller is responsible for clearing the copy (withwipeBytes
, for example).- Parameters:
charArray
- A character array, which should not be null. It will be wiped with zeroes.- Returns:
- A copy of the charArray, converted from Unicode to UTF8. It
is the responsibility of the caller to clear the output byte array;
wipeBytes
is ideal for this purpose. - See Also:
wipeBytes(byte[])
-
wipeBytes
public static void wipeBytes(byte[] byteArray)
Wipes a byte array by setting all its elements to zero.null
must not be passed in.
-
wipeChars
public static void wipeChars(char[] charArray)
Wipes a char array by setting all its elements to zero.null
must not be passed in.
-
readPasswordFromConsole
public static Password readPasswordFromConsole() throws PasswordCallback.GiveUpException
Reads a password from the console with echo disabled. This is a blocking call which will return after the user types a newline. It only works with ASCII password characters. The call is synchronized because it alters terminal settings in a way that is not thread-safe.- Returns:
- The password the user entered at the command line.
- Throws:
PasswordCallback.GiveUpException
- If the user enters no password (just hits<enter>
).
-
-