130 throw new InvalidParameterException(MSG); 131 } 132 133 protected SecretKey engineGenerateKey() { 134 if (spec == null) { 135 throw new IllegalStateException 136 ("TlsMasterSecretGenerator must be initialized"); 137 } 138 byte[] clientRandom = spec.getClientRandom(); 139 byte[] serverRandom = spec.getServerRandom(); 140 CK_SSL3_RANDOM_DATA random = 141 new CK_SSL3_RANDOM_DATA(clientRandom, serverRandom); 142 CK_SSL3_MASTER_KEY_DERIVE_PARAMS params = 143 new CK_SSL3_MASTER_KEY_DERIVE_PARAMS(random, ckVersion); 144 145 Session session = null; 146 try { 147 session = token.getObjSession(); 148 CK_ATTRIBUTE[] attributes = token.getAttributes(O_GENERATE, 149 CKO_SECRET_KEY, CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); 150 long keyID = token.p11.C_DeriveKey(session.id(), 151 new CK_MECHANISM(mechanism, params), p11Key.keyID, attributes); 152 int major, minor; 153 if (params.pVersion == null) { 154 major = -1; 155 minor = -1; 156 } else { 157 major = params.pVersion.major; 158 minor = params.pVersion.minor; 159 } 160 SecretKey key = P11Key.masterSecretKey(session, keyID, 161 "TlsMasterSecret", 48 << 3, attributes, major, minor); 162 return key; 163 } catch (Exception e) { 164 throw new ProviderException("Could not generate key", e); 165 } finally { 166 token.releaseSession(session); 167 } 168 } 169 } | 130 throw new InvalidParameterException(MSG); 131 } 132 133 protected SecretKey engineGenerateKey() { 134 if (spec == null) { 135 throw new IllegalStateException 136 ("TlsMasterSecretGenerator must be initialized"); 137 } 138 byte[] clientRandom = spec.getClientRandom(); 139 byte[] serverRandom = spec.getServerRandom(); 140 CK_SSL3_RANDOM_DATA random = 141 new CK_SSL3_RANDOM_DATA(clientRandom, serverRandom); 142 CK_SSL3_MASTER_KEY_DERIVE_PARAMS params = 143 new CK_SSL3_MASTER_KEY_DERIVE_PARAMS(random, ckVersion); 144 145 Session session = null; 146 try { 147 session = token.getObjSession(); 148 CK_ATTRIBUTE[] attributes = token.getAttributes(O_GENERATE, 149 CKO_SECRET_KEY, CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); 150 p11Key.incNativeKeyRef(); 151 long keyID; 152 try { 153 keyID = token.p11.C_DeriveKey(session.id(), 154 new CK_MECHANISM(mechanism, params), p11Key.keyID, attributes); 155 } finally { 156 p11Key.decNativeKeyRef(); 157 } 158 int major, minor; 159 if (params.pVersion == null) { 160 major = -1; 161 minor = -1; 162 } else { 163 major = params.pVersion.major; 164 minor = params.pVersion.minor; 165 } 166 SecretKey key = P11Key.masterSecretKey(session, keyID, 167 "TlsMasterSecret", 48 << 3, attributes, major, minor, true); 168 return key; 169 } catch (Exception e) { 170 throw new ProviderException("Could not generate key", e); 171 } finally { 172 token.releaseSession(session); 173 } 174 } 175 } |