jdk_sunpkcs11 Sdiff src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11

src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECDHKeyAgreement.java

 113         publicValue = P11ECKeyFactory.getEncodedPublicValue(ecKey);
 114         return null;
 115     }
 116 
 117     // see JCE spec
 118     protected byte[] engineGenerateSecret() throws IllegalStateException {
 119         if ((privateKey == null) || (publicValue == null)) {
 120             throw new IllegalStateException("Not initialized correctly");
 121         }
 122         Session session = null;
 123         try {
 124             session = token.getOpSession();
 125             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 126                 new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY),
 127                 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_GENERIC_SECRET),
 128             };
 129             CK_ECDH1_DERIVE_PARAMS ckParams =
 130                     new CK_ECDH1_DERIVE_PARAMS(CKD_NULL, null, publicValue);
 131             attributes = token.getAttributes
 132                 (O_GENERATE, CKO_SECRET_KEY, CKK_GENERIC_SECRET, attributes);
 133             long keyID = token.p11.C_DeriveKey(session.id(),



 134                 new CK_MECHANISM(mechanism, ckParams), privateKey.keyID,
 135                 attributes);



 136             attributes = new CK_ATTRIBUTE[] {
 137                 new CK_ATTRIBUTE(CKA_VALUE)
 138             };
 139             token.p11.C_GetAttributeValue(session.id(), keyID, attributes);
 140             byte[] secret = attributes[0].getByteArray();
 141             token.p11.C_DestroyObject(session.id(), keyID);
 142             return secret;
 143         } catch (PKCS11Exception e) {
 144             throw new ProviderException("Could not derive key", e);
 145         } finally {
 146             publicValue = null;
 147             token.releaseSession(session);
 148         }
 149     }
 150 
 151     // see JCE spec
 152     protected int engineGenerateSecret(byte[] sharedSecret, int
 153             offset) throws IllegalStateException, ShortBufferException {
 154         if (offset + secretLen > sharedSecret.length) {
 155             throw new ShortBufferException("Need " + secretLen

 175     }
 176 
 177     private SecretKey nativeGenerateSecret(String algorithm)
 178             throws IllegalStateException, NoSuchAlgorithmException,
 179             InvalidKeyException {
 180         if ((privateKey == null) || (publicValue == null)) {
 181             throw new IllegalStateException("Not initialized correctly");
 182         }
 183         long keyType = CKK_GENERIC_SECRET;
 184         Session session = null;
 185         try {
 186             session = token.getObjSession();
 187             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 188                 new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY),
 189                 new CK_ATTRIBUTE(CKA_KEY_TYPE, keyType),
 190             };
 191             CK_ECDH1_DERIVE_PARAMS ckParams =
 192                     new CK_ECDH1_DERIVE_PARAMS(CKD_NULL, null, publicValue);
 193             attributes = token.getAttributes
 194                 (O_GENERATE, CKO_SECRET_KEY, keyType, attributes);
 195             long keyID = token.p11.C_DeriveKey(session.id(),



 196                 new CK_MECHANISM(mechanism, ckParams), privateKey.keyID,
 197                 attributes);



 198             CK_ATTRIBUTE[] lenAttributes = new CK_ATTRIBUTE[] {
 199                 new CK_ATTRIBUTE(CKA_VALUE_LEN),
 200             };
 201             token.p11.C_GetAttributeValue(session.id(), keyID, lenAttributes);
 202             int keyLen = (int)lenAttributes[0].getLong();
 203             SecretKey key = P11Key.secretKey
 204                         (session, keyID, algorithm, keyLen << 3, attributes);
 205             return key;
 206         } catch (PKCS11Exception e) {
 207             throw new InvalidKeyException("Could not derive key", e);
 208         } finally {
 209             publicValue = null;
 210             token.releaseSession(session);
 211         }
 212     }
 213 
 214 }

 113         publicValue = P11ECKeyFactory.getEncodedPublicValue(ecKey);
 114         return null;
 115     }
 116 
 117     // see JCE spec
 118     protected byte[] engineGenerateSecret() throws IllegalStateException {
 119         if ((privateKey == null) || (publicValue == null)) {
 120             throw new IllegalStateException("Not initialized correctly");
 121         }
 122         Session session = null;
 123         try {
 124             session = token.getOpSession();
 125             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 126                 new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY),
 127                 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_GENERIC_SECRET),
 128             };
 129             CK_ECDH1_DERIVE_PARAMS ckParams =
 130                     new CK_ECDH1_DERIVE_PARAMS(CKD_NULL, null, publicValue);
 131             attributes = token.getAttributes
 132                 (O_GENERATE, CKO_SECRET_KEY, CKK_GENERIC_SECRET, attributes);
 133             privateKey.incNativeKeyRef();
 134             long keyID;
 135             try {
 136                 keyID = token.p11.C_DeriveKey(session.id(),
 137                         new CK_MECHANISM(mechanism, ckParams), privateKey.keyID,
 138                 attributes);
 139             } finally {
 140                 privateKey.decNativeKeyRef();
 141             }
 142             attributes = new CK_ATTRIBUTE[] {
 143                 new CK_ATTRIBUTE(CKA_VALUE)
 144             };
 145             token.p11.C_GetAttributeValue(session.id(), keyID, attributes);
 146             byte[] secret = attributes[0].getByteArray();
 147             token.p11.C_DestroyObject(session.id(), keyID);
 148             return secret;
 149         } catch (PKCS11Exception e) {
 150             throw new ProviderException("Could not derive key", e);
 151         } finally {
 152             publicValue = null;
 153             token.releaseSession(session);
 154         }
 155     }
 156 
 157     // see JCE spec
 158     protected int engineGenerateSecret(byte[] sharedSecret, int
 159             offset) throws IllegalStateException, ShortBufferException {
 160         if (offset + secretLen > sharedSecret.length) {
 161             throw new ShortBufferException("Need " + secretLen

 181     }
 182 
 183     private SecretKey nativeGenerateSecret(String algorithm)
 184             throws IllegalStateException, NoSuchAlgorithmException,
 185             InvalidKeyException {
 186         if ((privateKey == null) || (publicValue == null)) {
 187             throw new IllegalStateException("Not initialized correctly");
 188         }
 189         long keyType = CKK_GENERIC_SECRET;
 190         Session session = null;
 191         try {
 192             session = token.getObjSession();
 193             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 194                 new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY),
 195                 new CK_ATTRIBUTE(CKA_KEY_TYPE, keyType),
 196             };
 197             CK_ECDH1_DERIVE_PARAMS ckParams =
 198                     new CK_ECDH1_DERIVE_PARAMS(CKD_NULL, null, publicValue);
 199             attributes = token.getAttributes
 200                 (O_GENERATE, CKO_SECRET_KEY, keyType, attributes);
 201             privateKey.incNativeKeyRef();
 202             long keyID;
 203             try {
 204                 keyID = token.p11.C_DeriveKey(session.id(),
 205                         new CK_MECHANISM(mechanism, ckParams), privateKey.keyID,
 206                 attributes);
 207             } finally {
 208                 privateKey.decNativeKeyRef();
 209             }
 210             CK_ATTRIBUTE[] lenAttributes = new CK_ATTRIBUTE[] {
 211                 new CK_ATTRIBUTE(CKA_VALUE_LEN),
 212             };
 213             token.p11.C_GetAttributeValue(session.id(), keyID, lenAttributes);
 214             int keyLen = (int)lenAttributes[0].getLong();
 215             SecretKey key = P11Key.secretKey
 216                         (session, keyID, algorithm, keyLen << 3, attributes, true);
 217             return key;
 218         } catch (PKCS11Exception e) {
 219             throw new InvalidKeyException("Could not derive key", e);
 220         } finally {
 221             publicValue = null;
 222             token.releaseSession(session);
 223         }
 224     }
 225 
 226 }

< prev index next >