236 .toByteArray(); 237 } catch (IOException e) { 238 throw new 239 IllegalArgumentException("Could not DER encode point", e); 240 } 241 } 242 243 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 244 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY), 245 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), 246 new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint), 247 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams), 248 }; 249 attributes = token.getAttributes 250 (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes); 251 Session session = null; 252 try { 253 session = token.getObjSession(); 254 long keyID = token.p11.C_CreateObject(session.id(), attributes); 255 return P11Key.publicKey 256 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes); 257 } finally { 258 token.releaseSession(session); 259 } 260 } 261 262 private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params) 263 throws PKCS11Exception { 264 byte[] encodedParams = 265 ECUtil.encodeECParameterSpec(getSunECProvider(), params); 266 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 267 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), 268 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), 269 new CK_ATTRIBUTE(CKA_VALUE, s), 270 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams), 271 }; 272 attributes = token.getAttributes 273 (O_IMPORT, CKO_PRIVATE_KEY, CKK_EC, attributes); 274 Session session = null; 275 try { 276 session = token.getObjSession(); 277 long keyID = token.p11.C_CreateObject(session.id(), attributes); 278 return P11Key.privateKey 279 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes); 280 } finally { 281 token.releaseSession(session); 282 } 283 } 284 285 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, 286 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 287 if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) { 288 session[0] = token.getObjSession(); 289 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 290 new CK_ATTRIBUTE(CKA_EC_POINT), 291 new CK_ATTRIBUTE(CKA_EC_PARAMS), 292 }; 293 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 294 try { 295 ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); 296 ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve()); 297 return keySpec.cast(new ECPublicKeySpec(point, params)); 298 } catch (IOException e) { 299 throw new InvalidKeySpecException("Could not parse key", e); 300 } 301 } else { // X.509 handled in superclass 302 throw new InvalidKeySpecException("Only ECPublicKeySpec and " 303 + "X509EncodedKeySpec supported for EC public keys"); 304 } 305 } 306 307 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, 308 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 309 if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) { 310 session[0] = token.getObjSession(); 311 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 312 new CK_ATTRIBUTE(CKA_VALUE), 313 new CK_ATTRIBUTE(CKA_EC_PARAMS), 314 }; 315 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 316 try { 317 ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); 318 return keySpec.cast( 319 new ECPrivateKeySpec(attributes[0].getBigInteger(), params)); 320 } catch (IOException e) { 321 throw new InvalidKeySpecException("Could not parse key", e); 322 } 323 } else { // PKCS#8 handled in superclass 324 throw new InvalidKeySpecException("Only ECPrivateKeySpec " 325 + "and PKCS8EncodedKeySpec supported for EC private keys"); 326 } 327 } 328 329 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException { 330 return KeyFactory.getInstance("EC", getSunECProvider()); 331 } 332 333 } | 236 .toByteArray(); 237 } catch (IOException e) { 238 throw new 239 IllegalArgumentException("Could not DER encode point", e); 240 } 241 } 242 243 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 244 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY), 245 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), 246 new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint), 247 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams), 248 }; 249 attributes = token.getAttributes 250 (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes); 251 Session session = null; 252 try { 253 session = token.getObjSession(); 254 long keyID = token.p11.C_CreateObject(session.id(), attributes); 255 return P11Key.publicKey 256 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes, true); 257 } finally { 258 token.releaseSession(session); 259 } 260 } 261 262 private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params) 263 throws PKCS11Exception { 264 byte[] encodedParams = 265 ECUtil.encodeECParameterSpec(getSunECProvider(), params); 266 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 267 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), 268 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), 269 new CK_ATTRIBUTE(CKA_VALUE, s), 270 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams), 271 }; 272 attributes = token.getAttributes 273 (O_IMPORT, CKO_PRIVATE_KEY, CKK_EC, attributes); 274 Session session = null; 275 try { 276 session = token.getObjSession(); 277 long keyID = token.p11.C_CreateObject(session.id(), attributes); 278 return P11Key.privateKey 279 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes, true); 280 } finally { 281 token.releaseSession(session); 282 } 283 } 284 285 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, 286 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 287 if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) { 288 session[0] = token.getObjSession(); 289 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 290 new CK_ATTRIBUTE(CKA_EC_POINT), 291 new CK_ATTRIBUTE(CKA_EC_PARAMS), 292 }; 293 key.incNativeKeyRef(); 294 try { 295 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 296 } finally { 297 key.decNativeKeyRef(); 298 } 299 try { 300 ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); 301 ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve()); 302 return keySpec.cast(new ECPublicKeySpec(point, params)); 303 } catch (IOException e) { 304 throw new InvalidKeySpecException("Could not parse key", e); 305 } 306 } else { // X.509 handled in superclass 307 throw new InvalidKeySpecException("Only ECPublicKeySpec and " 308 + "X509EncodedKeySpec supported for EC public keys"); 309 } 310 } 311 312 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, 313 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 314 if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) { 315 session[0] = token.getObjSession(); 316 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 317 new CK_ATTRIBUTE(CKA_VALUE), 318 new CK_ATTRIBUTE(CKA_EC_PARAMS), 319 }; 320 key.incNativeKeyRef(); 321 try { 322 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 323 } finally { 324 key.decNativeKeyRef(); 325 } 326 try { 327 ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); 328 return keySpec.cast( 329 new ECPrivateKeySpec(attributes[0].getBigInteger(), params)); 330 } catch (IOException e) { 331 throw new InvalidKeySpecException("Could not parse key", e); 332 } 333 } else { // PKCS#8 handled in superclass 334 throw new InvalidKeySpecException("Only ECPrivateKeySpec " 335 + "and PKCS8EncodedKeySpec supported for EC private keys"); 336 } 337 } 338 339 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException { 340 return KeyFactory.getInstance("EC", getSunECProvider()); 341 } 342 343 } |