236 .toByteArray();
237 } catch (IOException e) {
238 throw new
239 IllegalArgumentException("Could not DER encode point", e);
240 }
241 }
242
243 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
244 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
245 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
246 new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint),
247 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
248 };
249 attributes = token.getAttributes
250 (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes);
251 Session session = null;
252 try {
253 session = token.getObjSession();
254 long keyID = token.p11.C_CreateObject(session.id(), attributes);
255 return P11Key.publicKey
256 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes);
257 } finally {
258 token.releaseSession(session);
259 }
260 }
261
262 private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params)
263 throws PKCS11Exception {
264 byte[] encodedParams =
265 ECUtil.encodeECParameterSpec(getSunECProvider(), params);
266 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
267 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
268 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
269 new CK_ATTRIBUTE(CKA_VALUE, s),
270 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
271 };
272 attributes = token.getAttributes
273 (O_IMPORT, CKO_PRIVATE_KEY, CKK_EC, attributes);
274 Session session = null;
275 try {
276 session = token.getObjSession();
277 long keyID = token.p11.C_CreateObject(session.id(), attributes);
278 return P11Key.privateKey
279 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes);
280 } finally {
281 token.releaseSession(session);
282 }
283 }
284
285 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
286 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
287 if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) {
288 session[0] = token.getObjSession();
289 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
290 new CK_ATTRIBUTE(CKA_EC_POINT),
291 new CK_ATTRIBUTE(CKA_EC_PARAMS),
292 };
293 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
294 try {
295 ECParameterSpec params = decodeParameters(attributes[1].getByteArray());
296 ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve());
297 return keySpec.cast(new ECPublicKeySpec(point, params));
298 } catch (IOException e) {
299 throw new InvalidKeySpecException("Could not parse key", e);
300 }
301 } else { // X.509 handled in superclass
302 throw new InvalidKeySpecException("Only ECPublicKeySpec and "
303 + "X509EncodedKeySpec supported for EC public keys");
304 }
305 }
306
307 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
308 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
309 if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) {
310 session[0] = token.getObjSession();
311 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
312 new CK_ATTRIBUTE(CKA_VALUE),
313 new CK_ATTRIBUTE(CKA_EC_PARAMS),
314 };
315 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
316 try {
317 ECParameterSpec params = decodeParameters(attributes[1].getByteArray());
318 return keySpec.cast(
319 new ECPrivateKeySpec(attributes[0].getBigInteger(), params));
320 } catch (IOException e) {
321 throw new InvalidKeySpecException("Could not parse key", e);
322 }
323 } else { // PKCS#8 handled in superclass
324 throw new InvalidKeySpecException("Only ECPrivateKeySpec "
325 + "and PKCS8EncodedKeySpec supported for EC private keys");
326 }
327 }
328
329 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
330 return KeyFactory.getInstance("EC", getSunECProvider());
331 }
332
333 }
|
236 .toByteArray();
237 } catch (IOException e) {
238 throw new
239 IllegalArgumentException("Could not DER encode point", e);
240 }
241 }
242
243 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
244 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
245 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
246 new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint),
247 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
248 };
249 attributes = token.getAttributes
250 (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes);
251 Session session = null;
252 try {
253 session = token.getObjSession();
254 long keyID = token.p11.C_CreateObject(session.id(), attributes);
255 return P11Key.publicKey
256 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes, true);
257 } finally {
258 token.releaseSession(session);
259 }
260 }
261
262 private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params)
263 throws PKCS11Exception {
264 byte[] encodedParams =
265 ECUtil.encodeECParameterSpec(getSunECProvider(), params);
266 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
267 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
268 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
269 new CK_ATTRIBUTE(CKA_VALUE, s),
270 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
271 };
272 attributes = token.getAttributes
273 (O_IMPORT, CKO_PRIVATE_KEY, CKK_EC, attributes);
274 Session session = null;
275 try {
276 session = token.getObjSession();
277 long keyID = token.p11.C_CreateObject(session.id(), attributes);
278 return P11Key.privateKey
279 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes, true);
280 } finally {
281 token.releaseSession(session);
282 }
283 }
284
285 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
286 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
287 if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) {
288 session[0] = token.getObjSession();
289 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
290 new CK_ATTRIBUTE(CKA_EC_POINT),
291 new CK_ATTRIBUTE(CKA_EC_PARAMS),
292 };
293 key.incNativeKeyRef();
294 try {
295 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
296 } finally {
297 key.decNativeKeyRef();
298 }
299 try {
300 ECParameterSpec params = decodeParameters(attributes[1].getByteArray());
301 ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve());
302 return keySpec.cast(new ECPublicKeySpec(point, params));
303 } catch (IOException e) {
304 throw new InvalidKeySpecException("Could not parse key", e);
305 }
306 } else { // X.509 handled in superclass
307 throw new InvalidKeySpecException("Only ECPublicKeySpec and "
308 + "X509EncodedKeySpec supported for EC public keys");
309 }
310 }
311
312 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
313 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
314 if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) {
315 session[0] = token.getObjSession();
316 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
317 new CK_ATTRIBUTE(CKA_VALUE),
318 new CK_ATTRIBUTE(CKA_EC_PARAMS),
319 };
320 key.incNativeKeyRef();
321 try {
322 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
323 } finally {
324 key.decNativeKeyRef();
325 }
326 try {
327 ECParameterSpec params = decodeParameters(attributes[1].getByteArray());
328 return keySpec.cast(
329 new ECPrivateKeySpec(attributes[0].getBigInteger(), params));
330 } catch (IOException e) {
331 throw new InvalidKeySpecException("Could not parse key", e);
332 }
333 } else { // PKCS#8 handled in superclass
334 throw new InvalidKeySpecException("Only ECPrivateKeySpec "
335 + "and PKCS8EncodedKeySpec supported for EC private keys");
336 }
337 }
338
339 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
340 return KeyFactory.getInstance("EC", getSunECProvider());
341 }
342
343 }
|