< prev index next >

src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java

Print this page




 180                 ("Could not create RSA private key", e);
 181         }
 182     }
 183 
 184     private PublicKey generatePublic(BigInteger n, BigInteger e)
 185             throws PKCS11Exception, InvalidKeyException {
 186         RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024);
 187         CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 188             new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
 189             new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA),
 190             new CK_ATTRIBUTE(CKA_MODULUS, n),
 191             new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, e),
 192         };
 193         attributes = token.getAttributes
 194                 (O_IMPORT, CKO_PUBLIC_KEY, CKK_RSA, attributes);
 195         Session session = null;
 196         try {
 197             session = token.getObjSession();
 198             long keyID = token.p11.C_CreateObject(session.id(), attributes);
 199             return P11Key.publicKey
 200                 (session, keyID, "RSA", n.bitLength(), attributes);
 201         } finally {
 202             token.releaseSession(session);
 203         }
 204     }
 205 
 206     private PrivateKey generatePrivate(BigInteger n, BigInteger d)
 207             throws PKCS11Exception, InvalidKeyException {
 208         RSAKeyFactory.checkKeyLengths(n.bitLength(), null, -1, 64 * 1024);
 209         CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 210             new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
 211             new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA),
 212             new CK_ATTRIBUTE(CKA_MODULUS, n),
 213             new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, d),
 214         };
 215         attributes = token.getAttributes
 216                 (O_IMPORT, CKO_PRIVATE_KEY, CKK_RSA, attributes);
 217         Session session = null;
 218         try {
 219             session = token.getObjSession();
 220             long keyID = token.p11.C_CreateObject(session.id(), attributes);
 221             return P11Key.privateKey
 222                 (session,  keyID, "RSA", n.bitLength(), attributes);
 223         } finally {
 224             token.releaseSession(session);
 225         }
 226     }
 227 
 228     private PrivateKey generatePrivate(BigInteger n, BigInteger e,
 229             BigInteger d, BigInteger p, BigInteger q, BigInteger pe,
 230             BigInteger qe, BigInteger coeff) throws PKCS11Exception,
 231             InvalidKeyException {
 232         RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024);
 233         CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 234             new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
 235             new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA),
 236             new CK_ATTRIBUTE(CKA_MODULUS, n),
 237             new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, e),
 238             new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, d),
 239             new CK_ATTRIBUTE(CKA_PRIME_1, p),
 240             new CK_ATTRIBUTE(CKA_PRIME_2, q),
 241             new CK_ATTRIBUTE(CKA_EXPONENT_1, pe),
 242             new CK_ATTRIBUTE(CKA_EXPONENT_2, qe),
 243             new CK_ATTRIBUTE(CKA_COEFFICIENT, coeff),
 244         };
 245         attributes = token.getAttributes
 246                 (O_IMPORT, CKO_PRIVATE_KEY, CKK_RSA, attributes);
 247         Session session = null;
 248         try {
 249             session = token.getObjSession();
 250             long keyID = token.p11.C_CreateObject(session.id(), attributes);
 251             return P11Key.privateKey
 252                 (session, keyID, "RSA", n.bitLength(), attributes);
 253         } finally {
 254             token.releaseSession(session);
 255         }
 256     }
 257 
 258     <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
 259             Session[] session) throws PKCS11Exception, InvalidKeySpecException {
 260         if (RSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
 261             session[0] = token.getObjSession();
 262             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 263                 new CK_ATTRIBUTE(CKA_MODULUS),
 264                 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT),
 265             };
 266             token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);






 267             KeySpec spec = new RSAPublicKeySpec(
 268                 attributes[0].getBigInteger(),
 269                 attributes[1].getBigInteger()
 270             );
 271             return keySpec.cast(spec);
 272         } else { // X.509 handled in superclass
 273             throw new InvalidKeySpecException("Only RSAPublicKeySpec and "
 274                 + "X509EncodedKeySpec supported for RSA public keys");
 275         }
 276     }
 277 
 278     <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
 279             Session[] session) throws PKCS11Exception, InvalidKeySpecException {
 280         if (RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) {
 281             session[0] = token.getObjSession();
 282             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 283                 new CK_ATTRIBUTE(CKA_MODULUS),
 284                 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT),
 285                 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT),
 286                 new CK_ATTRIBUTE(CKA_PRIME_1),
 287                 new CK_ATTRIBUTE(CKA_PRIME_2),
 288                 new CK_ATTRIBUTE(CKA_EXPONENT_1),
 289                 new CK_ATTRIBUTE(CKA_EXPONENT_2),
 290                 new CK_ATTRIBUTE(CKA_COEFFICIENT),
 291             };
 292             token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);






 293             KeySpec spec = new RSAPrivateCrtKeySpec(
 294                 attributes[0].getBigInteger(),
 295                 attributes[1].getBigInteger(),
 296                 attributes[2].getBigInteger(),
 297                 attributes[3].getBigInteger(),
 298                 attributes[4].getBigInteger(),
 299                 attributes[5].getBigInteger(),
 300                 attributes[6].getBigInteger(),
 301                 attributes[7].getBigInteger()
 302             );
 303             return keySpec.cast(spec);
 304         } else if (RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
 305             session[0] = token.getObjSession();
 306             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 307                 new CK_ATTRIBUTE(CKA_MODULUS),
 308                 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT),
 309             };
 310             token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);






 311             KeySpec spec = new RSAPrivateKeySpec(
 312                 attributes[0].getBigInteger(),
 313                 attributes[1].getBigInteger()
 314             );
 315             return keySpec.cast(spec);
 316         } else { // PKCS#8 handled in superclass
 317             throw new InvalidKeySpecException("Only RSAPrivate(Crt)KeySpec "
 318                 + "and PKCS8EncodedKeySpec supported for RSA private keys");
 319         }
 320     }
 321 
 322     KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
 323         return KeyFactory.getInstance("RSA", P11Util.getSunRsaSignProvider());
 324     }
 325 
 326 }


 180                 ("Could not create RSA private key", e);
 181         }
 182     }
 183 
 184     private PublicKey generatePublic(BigInteger n, BigInteger e)
 185             throws PKCS11Exception, InvalidKeyException {
 186         RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024);
 187         CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 188             new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
 189             new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA),
 190             new CK_ATTRIBUTE(CKA_MODULUS, n),
 191             new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, e),
 192         };
 193         attributes = token.getAttributes
 194                 (O_IMPORT, CKO_PUBLIC_KEY, CKK_RSA, attributes);
 195         Session session = null;
 196         try {
 197             session = token.getObjSession();
 198             long keyID = token.p11.C_CreateObject(session.id(), attributes);
 199             return P11Key.publicKey
 200                 (session, keyID, "RSA", n.bitLength(), attributes, true);
 201         } finally {
 202             token.releaseSession(session);
 203         }
 204     }
 205 
 206     private PrivateKey generatePrivate(BigInteger n, BigInteger d)
 207             throws PKCS11Exception, InvalidKeyException {
 208         RSAKeyFactory.checkKeyLengths(n.bitLength(), null, -1, 64 * 1024);
 209         CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 210             new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
 211             new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA),
 212             new CK_ATTRIBUTE(CKA_MODULUS, n),
 213             new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, d),
 214         };
 215         attributes = token.getAttributes
 216                 (O_IMPORT, CKO_PRIVATE_KEY, CKK_RSA, attributes);
 217         Session session = null;
 218         try {
 219             session = token.getObjSession();
 220             long keyID = token.p11.C_CreateObject(session.id(), attributes);
 221             return P11Key.privateKey
 222                 (session,  keyID, "RSA", n.bitLength(), attributes, true);
 223         } finally {
 224             token.releaseSession(session);
 225         }
 226     }
 227 
 228     private PrivateKey generatePrivate(BigInteger n, BigInteger e,
 229             BigInteger d, BigInteger p, BigInteger q, BigInteger pe,
 230             BigInteger qe, BigInteger coeff) throws PKCS11Exception,
 231             InvalidKeyException {
 232         RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024);
 233         CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 234             new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
 235             new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA),
 236             new CK_ATTRIBUTE(CKA_MODULUS, n),
 237             new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, e),
 238             new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, d),
 239             new CK_ATTRIBUTE(CKA_PRIME_1, p),
 240             new CK_ATTRIBUTE(CKA_PRIME_2, q),
 241             new CK_ATTRIBUTE(CKA_EXPONENT_1, pe),
 242             new CK_ATTRIBUTE(CKA_EXPONENT_2, qe),
 243             new CK_ATTRIBUTE(CKA_COEFFICIENT, coeff),
 244         };
 245         attributes = token.getAttributes
 246                 (O_IMPORT, CKO_PRIVATE_KEY, CKK_RSA, attributes);
 247         Session session = null;
 248         try {
 249             session = token.getObjSession();
 250             long keyID = token.p11.C_CreateObject(session.id(), attributes);
 251             return P11Key.privateKey
 252                 (session, keyID, "RSA", n.bitLength(), attributes, true);
 253         } finally {
 254             token.releaseSession(session);
 255         }
 256     }
 257 
 258     <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
 259             Session[] session) throws PKCS11Exception, InvalidKeySpecException {
 260         if (RSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
 261             session[0] = token.getObjSession();
 262             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 263                 new CK_ATTRIBUTE(CKA_MODULUS),
 264                 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT),
 265             };
 266             key.incNativeKeyRef();
 267             try {
 268                 token.p11.C_GetAttributeValue(session[0].id(), key.keyID,
 269                         attributes);
 270             } finally {
 271                 key.decNativeKeyRef();
 272             }
 273             KeySpec spec = new RSAPublicKeySpec(
 274                 attributes[0].getBigInteger(),
 275                 attributes[1].getBigInteger()
 276             );
 277             return keySpec.cast(spec);
 278         } else { // X.509 handled in superclass
 279             throw new InvalidKeySpecException("Only RSAPublicKeySpec and "
 280                 + "X509EncodedKeySpec supported for RSA public keys");
 281         }
 282     }
 283 
 284     <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
 285             Session[] session) throws PKCS11Exception, InvalidKeySpecException {
 286         if (RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) {
 287             session[0] = token.getObjSession();
 288             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 289                 new CK_ATTRIBUTE(CKA_MODULUS),
 290                 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT),
 291                 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT),
 292                 new CK_ATTRIBUTE(CKA_PRIME_1),
 293                 new CK_ATTRIBUTE(CKA_PRIME_2),
 294                 new CK_ATTRIBUTE(CKA_EXPONENT_1),
 295                 new CK_ATTRIBUTE(CKA_EXPONENT_2),
 296                 new CK_ATTRIBUTE(CKA_COEFFICIENT),
 297             };
 298             key.incNativeKeyRef();
 299             try {
 300                 token.p11.C_GetAttributeValue(session[0].id(), key.keyID,
 301                         attributes);
 302             } finally {
 303                 key.decNativeKeyRef();
 304             }
 305             KeySpec spec = new RSAPrivateCrtKeySpec(
 306                 attributes[0].getBigInteger(),
 307                 attributes[1].getBigInteger(),
 308                 attributes[2].getBigInteger(),
 309                 attributes[3].getBigInteger(),
 310                 attributes[4].getBigInteger(),
 311                 attributes[5].getBigInteger(),
 312                 attributes[6].getBigInteger(),
 313                 attributes[7].getBigInteger()
 314             );
 315             return keySpec.cast(spec);
 316         } else if (RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
 317             session[0] = token.getObjSession();
 318             CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
 319                 new CK_ATTRIBUTE(CKA_MODULUS),
 320                 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT),
 321             };
 322             key.incNativeKeyRef();
 323             try {
 324                 token.p11.C_GetAttributeValue(session[0].id(), key.keyID,
 325                         attributes);
 326             } finally {
 327                 key.decNativeKeyRef();
 328             }
 329             KeySpec spec = new RSAPrivateKeySpec(
 330                 attributes[0].getBigInteger(),
 331                 attributes[1].getBigInteger()
 332             );
 333             return keySpec.cast(spec);
 334         } else { // PKCS#8 handled in superclass
 335             throw new InvalidKeySpecException("Only RSAPrivate(Crt)KeySpec "
 336                 + "and PKCS8EncodedKeySpec supported for RSA private keys");
 337         }
 338     }
 339 
 340     KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
 341         return KeyFactory.getInstance("RSA", P11Util.getSunRsaSignProvider());
 342     }
 343 
 344 }
< prev index next >