167 ("Could not create DH private key", e);
168 }
169 }
170
171 private PublicKey generatePublic(BigInteger y, BigInteger p, BigInteger g)
172 throws PKCS11Exception {
173 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
174 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
175 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_DH),
176 new CK_ATTRIBUTE(CKA_VALUE, y),
177 new CK_ATTRIBUTE(CKA_PRIME, p),
178 new CK_ATTRIBUTE(CKA_BASE, g),
179 };
180 attributes = token.getAttributes
181 (O_IMPORT, CKO_PUBLIC_KEY, CKK_DH, attributes);
182 Session session = null;
183 try {
184 session = token.getObjSession();
185 long keyID = token.p11.C_CreateObject(session.id(), attributes);
186 return P11Key.publicKey
187 (session, keyID, "DH", p.bitLength(), attributes);
188 } finally {
189 token.releaseSession(session);
190 }
191 }
192
193 private PrivateKey generatePrivate(BigInteger x, BigInteger p,
194 BigInteger g) throws PKCS11Exception {
195 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
196 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
197 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_DH),
198 new CK_ATTRIBUTE(CKA_VALUE, x),
199 new CK_ATTRIBUTE(CKA_PRIME, p),
200 new CK_ATTRIBUTE(CKA_BASE, g),
201 };
202 attributes = token.getAttributes
203 (O_IMPORT, CKO_PRIVATE_KEY, CKK_DH, attributes);
204 Session session = null;
205 try {
206 session = token.getObjSession();
207 long keyID = token.p11.C_CreateObject(session.id(), attributes);
208 return P11Key.privateKey
209 (session, keyID, "DH", p.bitLength(), attributes);
210 } finally {
211 token.releaseSession(session);
212 }
213 }
214
215 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
216 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
217 if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) {
218 session[0] = token.getObjSession();
219 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
220 new CK_ATTRIBUTE(CKA_VALUE),
221 new CK_ATTRIBUTE(CKA_PRIME),
222 new CK_ATTRIBUTE(CKA_BASE),
223 };
224 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
225 KeySpec spec = new DHPublicKeySpec(
226 attributes[0].getBigInteger(),
227 attributes[1].getBigInteger(),
228 attributes[2].getBigInteger()
229 );
230 return keySpec.cast(spec);
231 } else { // X.509 handled in superclass
232 throw new InvalidKeySpecException("Only DHPublicKeySpec and "
233 + "X509EncodedKeySpec supported for DH public keys");
234 }
235 }
236
237 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
238 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
239 if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) {
240 session[0] = token.getObjSession();
241 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
242 new CK_ATTRIBUTE(CKA_VALUE),
243 new CK_ATTRIBUTE(CKA_PRIME),
244 new CK_ATTRIBUTE(CKA_BASE),
245 };
246 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
247 KeySpec spec = new DHPrivateKeySpec(
248 attributes[0].getBigInteger(),
249 attributes[1].getBigInteger(),
250 attributes[2].getBigInteger()
251 );
252 return keySpec.cast(spec);
253 } else { // PKCS#8 handled in superclass
254 throw new InvalidKeySpecException("Only DHPrivateKeySpec "
255 + "and PKCS8EncodedKeySpec supported for DH private keys");
256 }
257 }
258
259 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
260 return KeyFactory.getInstance("DH", P11Util.getSunJceProvider());
261 }
262
263 }
|
167 ("Could not create DH private key", e);
168 }
169 }
170
171 private PublicKey generatePublic(BigInteger y, BigInteger p, BigInteger g)
172 throws PKCS11Exception {
173 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
174 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
175 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_DH),
176 new CK_ATTRIBUTE(CKA_VALUE, y),
177 new CK_ATTRIBUTE(CKA_PRIME, p),
178 new CK_ATTRIBUTE(CKA_BASE, g),
179 };
180 attributes = token.getAttributes
181 (O_IMPORT, CKO_PUBLIC_KEY, CKK_DH, attributes);
182 Session session = null;
183 try {
184 session = token.getObjSession();
185 long keyID = token.p11.C_CreateObject(session.id(), attributes);
186 return P11Key.publicKey
187 (session, keyID, "DH", p.bitLength(), attributes, true);
188 } finally {
189 token.releaseSession(session);
190 }
191 }
192
193 private PrivateKey generatePrivate(BigInteger x, BigInteger p,
194 BigInteger g) throws PKCS11Exception {
195 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
196 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
197 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_DH),
198 new CK_ATTRIBUTE(CKA_VALUE, x),
199 new CK_ATTRIBUTE(CKA_PRIME, p),
200 new CK_ATTRIBUTE(CKA_BASE, g),
201 };
202 attributes = token.getAttributes
203 (O_IMPORT, CKO_PRIVATE_KEY, CKK_DH, attributes);
204 Session session = null;
205 try {
206 session = token.getObjSession();
207 long keyID = token.p11.C_CreateObject(session.id(), attributes);
208 return P11Key.privateKey
209 (session, keyID, "DH", p.bitLength(), attributes, true);
210 } finally {
211 token.releaseSession(session);
212 }
213 }
214
215 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
216 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
217 if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) {
218 session[0] = token.getObjSession();
219 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
220 new CK_ATTRIBUTE(CKA_VALUE),
221 new CK_ATTRIBUTE(CKA_PRIME),
222 new CK_ATTRIBUTE(CKA_BASE),
223 };
224 key.incNativeKeyRef();
225 try {
226 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
227 } finally {
228 key.decNativeKeyRef();
229 }
230 KeySpec spec = new DHPublicKeySpec(
231 attributes[0].getBigInteger(),
232 attributes[1].getBigInteger(),
233 attributes[2].getBigInteger()
234 );
235 return keySpec.cast(spec);
236 } else { // X.509 handled in superclass
237 throw new InvalidKeySpecException("Only DHPublicKeySpec and "
238 + "X509EncodedKeySpec supported for DH public keys");
239 }
240 }
241
242 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
243 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
244 if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) {
245 session[0] = token.getObjSession();
246 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
247 new CK_ATTRIBUTE(CKA_VALUE),
248 new CK_ATTRIBUTE(CKA_PRIME),
249 new CK_ATTRIBUTE(CKA_BASE),
250 };
251 key.incNativeKeyRef();
252 try {
253 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
254 } finally {
255 key.decNativeKeyRef();
256 }
257 KeySpec spec = new DHPrivateKeySpec(
258 attributes[0].getBigInteger(),
259 attributes[1].getBigInteger(),
260 attributes[2].getBigInteger()
261 );
262 return keySpec.cast(spec);
263 } else { // PKCS#8 handled in superclass
264 throw new InvalidKeySpecException("Only DHPrivateKeySpec "
265 + "and PKCS8EncodedKeySpec supported for DH private keys");
266 }
267 }
268
269 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
270 return KeyFactory.getInstance("DH", P11Util.getSunJceProvider());
271 }
272
273 }
|