/*

 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

 *

 * This code is free software; you can redistribute it and/or modify it

 * under the terms of the GNU General Public License version 2 only, as

 * published by the Free Software Foundation.  Oracle designates this

 * particular file as subject to the "Classpath" exception as provided

 * by Oracle in the LICENSE file that accompanied this code.

 *

 * This code is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

 * version 2 for more details (a copy is included in the LICENSE file that

 * accompanied this code).

 *

 * You should have received a copy of the GNU General Public License version

 * 2 along with this work; if not, write to the Free Software Foundation,

 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

 *

 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

 * or visit www.oracle.com if you need additional information or have any

 * questions.

 */

package javax.crypto.spec;

import java.security.spec.KeySpec;

import java.util.Locale;

import javax.crypto.SecretKey;

/**

 * This class specifies a secret key in a provider-independent fashion.

 *

 * <p>It can be used to construct a <code>SecretKey</code> from a byte array,

 * without having to go through a (provider-based)

 * <code>SecretKeyFactory</code>.

 *

 * <p>This class is only useful for raw secret keys that can be represented as

 * a byte array and have no key parameters associated with them, e.g., DES or

 * Triple DES keys.

 *

 * @author Jan Luehe

 *

 * @see javax.crypto.SecretKey

 * @see javax.crypto.SecretKeyFactory

 * @since 1.4

 */

public class SecretKeySpec implements KeySpec, SecretKey {

    private static final long serialVersionUID = 6577238317307289933L;

    /**

     * The secret key.

     *

     * @serial

     */

    private byte[] key;

    /**

     * The name of the algorithm associated with this key.

     *

     * @serial

     */

    private String algorithm;

    /**

     * Constructs a secret key from the given byte array.

     *

     * <p>This constructor does not check if the given bytes indeed specify a

     * secret key of the specified algorithm. For example, if the algorithm is

     * DES, this constructor does not check if <code>key</code> is 8 bytes

     * long, and also does not check for weak or semi-weak keys.

     * In order for those checks to be performed, an algorithm-specific

     * <i>key specification</i> class (in this case:

     * {@link DESKeySpec DESKeySpec})

     * should be used.

     *

     * @param key the key material of the secret key. The contents of

     * the array are copied to protect against subsequent modification.

     * @param algorithm the name of the secret-key algorithm to be associated

     * with the given key material.

     * See Appendix A in the <a href=

     *   "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA">

     * Java Cryptography Architecture Reference Guide</a>

     * for information about standard algorithm names.

     * @exception IllegalArgumentException if <code>algorithm</code>

     * is null or <code>key</code> is null or empty.

     */

    public SecretKeySpec(byte[] key, String algorithm) {

        if (key == null || algorithm == null) {

            throw new IllegalArgumentException("Missing argument");

        }

        if (key.length == 0) {

            throw new IllegalArgumentException("Empty key");

        }

        this.key = key.clone();

        this.algorithm = algorithm;

    }

    /**

     * Constructs a secret key from the given byte array, using the first

     * <code>len</code> bytes of <code>key</code>, starting at

     * <code>offset</code> inclusive.

     *

     * <p> The bytes that constitute the secret key are

     * those between <code>key[offset]</code> and

     * <code>key[offset+len-1]</code> inclusive.

     *

     * <p>This constructor does not check if the given bytes indeed specify a

     * secret key of the specified algorithm. For example, if the algorithm is

     * DES, this constructor does not check if <code>key</code> is 8 bytes

     * long, and also does not check for weak or semi-weak keys.

     * In order for those checks to be performed, an algorithm-specific key

     * specification class (in this case:

     * {@link DESKeySpec DESKeySpec})

     * must be used.

     *

     * @param key the key material of the secret key. The first

     * <code>len</code> bytes of the array beginning at

     * <code>offset</code> inclusive are copied to protect

     * against subsequent modification.

     * @param offset the offset in <code>key</code> where the key material

     * starts.

     * @param len the length of the key material.

     * @param algorithm the name of the secret-key algorithm to be associated

     * with the given key material.

     * See Appendix A in the <a href=

     *   "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA">

     * Java Cryptography Architecture Reference Guide</a>

     * for information about standard algorithm names.

     * @exception IllegalArgumentException if <code>algorithm</code>

     * is null or <code>key</code> is null, empty, or too short,

     * i.e. {@code key.length-offset<len}.

     * @exception ArrayIndexOutOfBoundsException is thrown if

     * <code>offset</code> or <code>len</code> index bytes outside the

     * <code>key</code>.

     */

    public SecretKeySpec(byte[] key, int offset, int len, String algorithm) {

        if (key == null || algorithm == null) {

            throw new IllegalArgumentException("Missing argument");

        }

        if (key.length == 0) {

            throw new IllegalArgumentException("Empty key");

        }

        if (key.length-offset < len) {

            throw new IllegalArgumentException

                ("Invalid offset/length combination");

        }

        if (len < 0) {

            throw new ArrayIndexOutOfBoundsException("len is negative");

        }

        this.key = new byte[len];

        System.arraycopy(key, offset, this.key, 0, len);

        this.algorithm = algorithm;

    }

    /**

     * Returns the name of the algorithm associated with this secret key.

     *

     * @return the secret key algorithm.

     */

    public String getAlgorithm() {

        return this.algorithm;

    }

    /**

     * Returns the name of the encoding format for this secret key.

     *

     * @return the string "RAW".

     */

    public String getFormat() {

        return "RAW";

    }

    /**

     * Returns the key material of this secret key.

     *

     * @return the key material. Returns a new array

     * each time this method is called.

     */

    public byte[] getEncoded() {

        return this.key.clone();

    }

    /**

     * Calculates a hash code value for the object.

     * Objects that are equal will also have the same hashcode.

     */

    public int hashCode() {

        int retval = 0;

        for (int i = 1; i < this.key.length; i++) {

            retval += this.key[i] * i;

        }

        if (this.algorithm.equalsIgnoreCase("TripleDES"))

            return (retval ^= "desede".hashCode());

        else

            return (retval ^=

                    this.algorithm.toLowerCase(Locale.ENGLISH).hashCode());

    }

   /**

     * Tests for equality between the specified object and this

     * object. Two SecretKeySpec objects are considered equal if

     * they are both SecretKey instances which have the

     * same case-insensitive algorithm name and key encoding.

     *

     * @param obj the object to test for equality with this object.

     *

     * @return true if the objects are considered equal, false if

     * <code>obj</code> is null or otherwise.

     */

    public boolean equals(Object obj) {

        if (this == obj)

            return true;

        if (!(obj instanceof SecretKey))

            return false;

        String thatAlg = ((SecretKey)obj).getAlgorithm();

        if (!(thatAlg.equalsIgnoreCase(this.algorithm))) {

            if ((!(thatAlg.equalsIgnoreCase("DESede"))

                 || !(this.algorithm.equalsIgnoreCase("TripleDES")))

                && (!(thatAlg.equalsIgnoreCase("TripleDES"))

                    || !(this.algorithm.equalsIgnoreCase("DESede"))))

            return false;

        }

        byte[] thatKey = ((SecretKey)obj).getEncoded();

    }

}