public class Password extends java.lang.Object implements PasswordCallback, java.lang.Cloneable, java.io.Serializable
clear
should be
called when the password is no longer needed so that the sensitive
information is not left in memory.
A Password
can be used as a hard-coded
PasswordCallback
.
PasswordCallback
,
Serialized FormPasswordCallback.GiveUpException
Modifier and Type | Field and Description |
---|---|
static org.slf4j.Logger |
logger |
Constructor and Description |
---|
Password(char[] pw)
Creates a Password from a char array, then wipes the char array.
|
Modifier and Type | Method and Description |
---|---|
static byte[] |
charToByte(char[] charArray)
Converts a char array to a null-terminated byte array using a standard
encoding, which is currently UTF8.
|
void |
clear()
Clears the password so that sensitive data is no longer present
in memory.
|
java.lang.Object |
clone()
Clones the password.
|
boolean |
equals(java.lang.Object obj)
Compares this password to another and returns true if they
are the same.
|
protected void |
finalize()
Deprecated.
finalize() in Object has been deprecated
|
char[] |
getCharCopy()
Returns a char array that is a copy of the password.
|
char[] |
getChars()
Returns the char array underlying this password.
|
Password |
getPasswordAgain(PasswordCallbackInfo info)
An implementation of
PasswordCallback.getPasswordAgain . |
Password |
getPasswordFirstAttempt(PasswordCallbackInfo info)
An implementation of
PasswordCallback.getPasswordFirstAttempt . |
static Password |
readPasswordFromConsole()
Reads a password from the console with echo disabled.
|
static void |
wipeBytes(byte[] byteArray)
Wipes a byte array by setting all its elements to zero.
|
static void |
wipeChars(char[] charArray)
Wipes a char array by setting all its elements to zero.
|
public Password(char[] pw)
pw
- A char[] containing the password. This array will be
cleared (set to zeroes) by the constructor.public Password getPasswordFirstAttempt(PasswordCallbackInfo info) throws PasswordCallback.GiveUpException
PasswordCallback.getPasswordFirstAttempt
. This allows
a Password
object to be treated as a
PasswordCallback
. This method simply returns a clone
of the password.getPasswordFirstAttempt
in interface PasswordCallback
info
- Information about the token that is being logged into.PasswordCallback.GiveUpException
- If the callback does not want to supply
a password.public boolean equals(java.lang.Object obj)
equals
in class java.lang.Object
public Password getPasswordAgain(PasswordCallbackInfo info) throws PasswordCallback.GiveUpException
PasswordCallback.getPasswordAgain
.
This allows a Password
object to be used as a
PasswordCallback
. This method is only called after
a call to getPasswordFirstAttempt
returned the wrong
password. This means the password is incorrect and there's no
sense returning it again, so a GiveUpException
is thrown.getPasswordAgain
in interface PasswordCallback
info
- Information about the token that is being logged into.PasswordCallback.GiveUpException
- If the callback does not want to supply
a password. This may often be the case if the first attempt failed.public char[] getChars()
public char[] getCharCopy()
wipeChars
.public void clear()
public java.lang.Object clone()
clone
in class java.lang.Object
@Deprecated protected void finalize() throws java.lang.Throwable
finalize
in class java.lang.Object
java.lang.Throwable
public static byte[] charToByte(char[] charArray)
wipeBytes
, for example).charArray
- A character array, which should not be null. It will
be wiped with zeroes.wipeBytes
is ideal for this purpose.wipeBytes(byte[])
public static void wipeBytes(byte[] byteArray)
null
must not be passed in.public static void wipeChars(char[] charArray)
null
must not be passed in.public static Password readPasswordFromConsole() throws PasswordCallback.GiveUpException
PasswordCallback.GiveUpException
- If the user enters no password (just hits
<enter>
).