180 ("Could not create RSA private key", e); 181 } 182 } 183 184 private PublicKey generatePublic(BigInteger n, BigInteger e) 185 throws PKCS11Exception, InvalidKeyException { 186 RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024); 187 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 188 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY), 189 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), 190 new CK_ATTRIBUTE(CKA_MODULUS, n), 191 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, e), 192 }; 193 attributes = token.getAttributes 194 (O_IMPORT, CKO_PUBLIC_KEY, CKK_RSA, attributes); 195 Session session = null; 196 try { 197 session = token.getObjSession(); 198 long keyID = token.p11.C_CreateObject(session.id(), attributes); 199 return P11Key.publicKey 200 (session, keyID, "RSA", n.bitLength(), attributes); 201 } finally { 202 token.releaseSession(session); 203 } 204 } 205 206 private PrivateKey generatePrivate(BigInteger n, BigInteger d) 207 throws PKCS11Exception, InvalidKeyException { 208 RSAKeyFactory.checkKeyLengths(n.bitLength(), null, -1, 64 * 1024); 209 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 210 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), 211 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), 212 new CK_ATTRIBUTE(CKA_MODULUS, n), 213 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, d), 214 }; 215 attributes = token.getAttributes 216 (O_IMPORT, CKO_PRIVATE_KEY, CKK_RSA, attributes); 217 Session session = null; 218 try { 219 session = token.getObjSession(); 220 long keyID = token.p11.C_CreateObject(session.id(), attributes); 221 return P11Key.privateKey 222 (session, keyID, "RSA", n.bitLength(), attributes); 223 } finally { 224 token.releaseSession(session); 225 } 226 } 227 228 private PrivateKey generatePrivate(BigInteger n, BigInteger e, 229 BigInteger d, BigInteger p, BigInteger q, BigInteger pe, 230 BigInteger qe, BigInteger coeff) throws PKCS11Exception, 231 InvalidKeyException { 232 RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024); 233 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 234 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), 235 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), 236 new CK_ATTRIBUTE(CKA_MODULUS, n), 237 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, e), 238 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, d), 239 new CK_ATTRIBUTE(CKA_PRIME_1, p), 240 new CK_ATTRIBUTE(CKA_PRIME_2, q), 241 new CK_ATTRIBUTE(CKA_EXPONENT_1, pe), 242 new CK_ATTRIBUTE(CKA_EXPONENT_2, qe), 243 new CK_ATTRIBUTE(CKA_COEFFICIENT, coeff), 244 }; 245 attributes = token.getAttributes 246 (O_IMPORT, CKO_PRIVATE_KEY, CKK_RSA, attributes); 247 Session session = null; 248 try { 249 session = token.getObjSession(); 250 long keyID = token.p11.C_CreateObject(session.id(), attributes); 251 return P11Key.privateKey 252 (session, keyID, "RSA", n.bitLength(), attributes); 253 } finally { 254 token.releaseSession(session); 255 } 256 } 257 258 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, 259 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 260 if (RSAPublicKeySpec.class.isAssignableFrom(keySpec)) { 261 session[0] = token.getObjSession(); 262 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 263 new CK_ATTRIBUTE(CKA_MODULUS), 264 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), 265 }; 266 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 267 KeySpec spec = new RSAPublicKeySpec( 268 attributes[0].getBigInteger(), 269 attributes[1].getBigInteger() 270 ); 271 return keySpec.cast(spec); 272 } else { // X.509 handled in superclass 273 throw new InvalidKeySpecException("Only RSAPublicKeySpec and " 274 + "X509EncodedKeySpec supported for RSA public keys"); 275 } 276 } 277 278 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, 279 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 280 if (RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) { 281 session[0] = token.getObjSession(); 282 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 283 new CK_ATTRIBUTE(CKA_MODULUS), 284 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), 285 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT), 286 new CK_ATTRIBUTE(CKA_PRIME_1), 287 new CK_ATTRIBUTE(CKA_PRIME_2), 288 new CK_ATTRIBUTE(CKA_EXPONENT_1), 289 new CK_ATTRIBUTE(CKA_EXPONENT_2), 290 new CK_ATTRIBUTE(CKA_COEFFICIENT), 291 }; 292 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 293 KeySpec spec = new RSAPrivateCrtKeySpec( 294 attributes[0].getBigInteger(), 295 attributes[1].getBigInteger(), 296 attributes[2].getBigInteger(), 297 attributes[3].getBigInteger(), 298 attributes[4].getBigInteger(), 299 attributes[5].getBigInteger(), 300 attributes[6].getBigInteger(), 301 attributes[7].getBigInteger() 302 ); 303 return keySpec.cast(spec); 304 } else if (RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) { 305 session[0] = token.getObjSession(); 306 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 307 new CK_ATTRIBUTE(CKA_MODULUS), 308 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT), 309 }; 310 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 311 KeySpec spec = new RSAPrivateKeySpec( 312 attributes[0].getBigInteger(), 313 attributes[1].getBigInteger() 314 ); 315 return keySpec.cast(spec); 316 } else { // PKCS#8 handled in superclass 317 throw new InvalidKeySpecException("Only RSAPrivate(Crt)KeySpec " 318 + "and PKCS8EncodedKeySpec supported for RSA private keys"); 319 } 320 } 321 322 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException { 323 return KeyFactory.getInstance("RSA", P11Util.getSunRsaSignProvider()); 324 } 325 326 } | 180 ("Could not create RSA private key", e); 181 } 182 } 183 184 private PublicKey generatePublic(BigInteger n, BigInteger e) 185 throws PKCS11Exception, InvalidKeyException { 186 RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024); 187 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 188 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY), 189 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), 190 new CK_ATTRIBUTE(CKA_MODULUS, n), 191 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, e), 192 }; 193 attributes = token.getAttributes 194 (O_IMPORT, CKO_PUBLIC_KEY, CKK_RSA, attributes); 195 Session session = null; 196 try { 197 session = token.getObjSession(); 198 long keyID = token.p11.C_CreateObject(session.id(), attributes); 199 return P11Key.publicKey 200 (session, keyID, "RSA", n.bitLength(), attributes, true); 201 } finally { 202 token.releaseSession(session); 203 } 204 } 205 206 private PrivateKey generatePrivate(BigInteger n, BigInteger d) 207 throws PKCS11Exception, InvalidKeyException { 208 RSAKeyFactory.checkKeyLengths(n.bitLength(), null, -1, 64 * 1024); 209 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 210 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), 211 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), 212 new CK_ATTRIBUTE(CKA_MODULUS, n), 213 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, d), 214 }; 215 attributes = token.getAttributes 216 (O_IMPORT, CKO_PRIVATE_KEY, CKK_RSA, attributes); 217 Session session = null; 218 try { 219 session = token.getObjSession(); 220 long keyID = token.p11.C_CreateObject(session.id(), attributes); 221 return P11Key.privateKey 222 (session, keyID, "RSA", n.bitLength(), attributes, true); 223 } finally { 224 token.releaseSession(session); 225 } 226 } 227 228 private PrivateKey generatePrivate(BigInteger n, BigInteger e, 229 BigInteger d, BigInteger p, BigInteger q, BigInteger pe, 230 BigInteger qe, BigInteger coeff) throws PKCS11Exception, 231 InvalidKeyException { 232 RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024); 233 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 234 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), 235 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), 236 new CK_ATTRIBUTE(CKA_MODULUS, n), 237 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, e), 238 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, d), 239 new CK_ATTRIBUTE(CKA_PRIME_1, p), 240 new CK_ATTRIBUTE(CKA_PRIME_2, q), 241 new CK_ATTRIBUTE(CKA_EXPONENT_1, pe), 242 new CK_ATTRIBUTE(CKA_EXPONENT_2, qe), 243 new CK_ATTRIBUTE(CKA_COEFFICIENT, coeff), 244 }; 245 attributes = token.getAttributes 246 (O_IMPORT, CKO_PRIVATE_KEY, CKK_RSA, attributes); 247 Session session = null; 248 try { 249 session = token.getObjSession(); 250 long keyID = token.p11.C_CreateObject(session.id(), attributes); 251 return P11Key.privateKey 252 (session, keyID, "RSA", n.bitLength(), attributes, true); 253 } finally { 254 token.releaseSession(session); 255 } 256 } 257 258 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, 259 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 260 if (RSAPublicKeySpec.class.isAssignableFrom(keySpec)) { 261 session[0] = token.getObjSession(); 262 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 263 new CK_ATTRIBUTE(CKA_MODULUS), 264 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), 265 }; 266 key.incNativeKeyRef(); 267 try { 268 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, 269 attributes); 270 } finally { 271 key.decNativeKeyRef(); 272 } 273 KeySpec spec = new RSAPublicKeySpec( 274 attributes[0].getBigInteger(), 275 attributes[1].getBigInteger() 276 ); 277 return keySpec.cast(spec); 278 } else { // X.509 handled in superclass 279 throw new InvalidKeySpecException("Only RSAPublicKeySpec and " 280 + "X509EncodedKeySpec supported for RSA public keys"); 281 } 282 } 283 284 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, 285 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 286 if (RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) { 287 session[0] = token.getObjSession(); 288 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 289 new CK_ATTRIBUTE(CKA_MODULUS), 290 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), 291 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT), 292 new CK_ATTRIBUTE(CKA_PRIME_1), 293 new CK_ATTRIBUTE(CKA_PRIME_2), 294 new CK_ATTRIBUTE(CKA_EXPONENT_1), 295 new CK_ATTRIBUTE(CKA_EXPONENT_2), 296 new CK_ATTRIBUTE(CKA_COEFFICIENT), 297 }; 298 key.incNativeKeyRef(); 299 try { 300 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, 301 attributes); 302 } finally { 303 key.decNativeKeyRef(); 304 } 305 KeySpec spec = new RSAPrivateCrtKeySpec( 306 attributes[0].getBigInteger(), 307 attributes[1].getBigInteger(), 308 attributes[2].getBigInteger(), 309 attributes[3].getBigInteger(), 310 attributes[4].getBigInteger(), 311 attributes[5].getBigInteger(), 312 attributes[6].getBigInteger(), 313 attributes[7].getBigInteger() 314 ); 315 return keySpec.cast(spec); 316 } else if (RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) { 317 session[0] = token.getObjSession(); 318 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 319 new CK_ATTRIBUTE(CKA_MODULUS), 320 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT), 321 }; 322 key.incNativeKeyRef(); 323 try { 324 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, 325 attributes); 326 } finally { 327 key.decNativeKeyRef(); 328 } 329 KeySpec spec = new RSAPrivateKeySpec( 330 attributes[0].getBigInteger(), 331 attributes[1].getBigInteger() 332 ); 333 return keySpec.cast(spec); 334 } else { // PKCS#8 handled in superclass 335 throw new InvalidKeySpecException("Only RSAPrivate(Crt)KeySpec " 336 + "and PKCS8EncodedKeySpec supported for RSA private keys"); 337 } 338 } 339 340 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException { 341 return KeyFactory.getInstance("RSA", P11Util.getSunRsaSignProvider()); 342 } 343 344 } |