167 ("Could not create DH private key", e);
168 }
169 }
170
171 private PublicKey generatePublic(BigInteger y, BigInteger p, BigInteger g)
172 throws PKCS11Exception {
173 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
174 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
175 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_DH),
176 new CK_ATTRIBUTE(CKA_VALUE, y),
177 new CK_ATTRIBUTE(CKA_PRIME, p),
178 new CK_ATTRIBUTE(CKA_BASE, g),
179 };
180 attributes = token.getAttributes
181 (O_IMPORT, CKO_PUBLIC_KEY, CKK_DH, attributes);
182 Session session = null;
183 try {
184 session = token.getObjSession();
185 long keyID = token.p11.C_CreateObject(session.id(), attributes);
186 return P11Key.publicKey
187 (session, keyID, "DH", p.bitLength(), attributes);
188 } finally {
189 token.releaseSession(session);
190 }
191 }
192
193 private PrivateKey generatePrivate(BigInteger x, BigInteger p,
194 BigInteger g) throws PKCS11Exception {
195 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
196 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
197 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_DH),
198 new CK_ATTRIBUTE(CKA_VALUE, x),
199 new CK_ATTRIBUTE(CKA_PRIME, p),
200 new CK_ATTRIBUTE(CKA_BASE, g),
201 };
202 attributes = token.getAttributes
203 (O_IMPORT, CKO_PRIVATE_KEY, CKK_DH, attributes);
204 Session session = null;
205 try {
206 session = token.getObjSession();
207 long keyID = token.p11.C_CreateObject(session.id(), attributes);
208 return P11Key.privateKey
209 (session, keyID, "DH", p.bitLength(), attributes);
210 } finally {
211 token.releaseSession(session);
212 }
213 }
214
215 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
216 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
217 if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) {
218 session[0] = token.getObjSession();
219 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
220 new CK_ATTRIBUTE(CKA_VALUE),
221 new CK_ATTRIBUTE(CKA_PRIME),
222 new CK_ATTRIBUTE(CKA_BASE),
223 };
224 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
225 KeySpec spec = new DHPublicKeySpec(
226 attributes[0].getBigInteger(),
227 attributes[1].getBigInteger(),
228 attributes[2].getBigInteger()
229 );
230 return keySpec.cast(spec);
231 } else { // X.509 handled in superclass
232 throw new InvalidKeySpecException("Only DHPublicKeySpec and "
233 + "X509EncodedKeySpec supported for DH public keys");
234 }
235 }
236
237 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
238 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
239 if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) {
240 session[0] = token.getObjSession();
241 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
242 new CK_ATTRIBUTE(CKA_VALUE),
243 new CK_ATTRIBUTE(CKA_PRIME),
244 new CK_ATTRIBUTE(CKA_BASE),
245 };
246 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
247 KeySpec spec = new DHPrivateKeySpec(
248 attributes[0].getBigInteger(),
249 attributes[1].getBigInteger(),
250 attributes[2].getBigInteger()
251 );
252 return keySpec.cast(spec);
253 } else { // PKCS#8 handled in superclass
254 throw new InvalidKeySpecException("Only DHPrivateKeySpec "
255 + "and PKCS8EncodedKeySpec supported for DH private keys");
256 }
257 }
258
259 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
260 return KeyFactory.getInstance("DH", P11Util.getSunJceProvider());
261 }
262
263 }
|
167 ("Could not create DH private key", e);
168 }
169 }
170
171 private PublicKey generatePublic(BigInteger y, BigInteger p, BigInteger g)
172 throws PKCS11Exception {
173 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
174 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
175 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_DH),
176 new CK_ATTRIBUTE(CKA_VALUE, y),
177 new CK_ATTRIBUTE(CKA_PRIME, p),
178 new CK_ATTRIBUTE(CKA_BASE, g),
179 };
180 attributes = token.getAttributes
181 (O_IMPORT, CKO_PUBLIC_KEY, CKK_DH, attributes);
182 Session session = null;
183 try {
184 session = token.getObjSession();
185 long keyID = token.p11.C_CreateObject(session.id(), attributes);
186 return P11Key.publicKey
187 (session, keyID, "DH", p.bitLength(), attributes, true);
188 } finally {
189 token.releaseSession(session);
190 }
191 }
192
193 private PrivateKey generatePrivate(BigInteger x, BigInteger p,
194 BigInteger g) throws PKCS11Exception {
195 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
196 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
197 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_DH),
198 new CK_ATTRIBUTE(CKA_VALUE, x),
199 new CK_ATTRIBUTE(CKA_PRIME, p),
200 new CK_ATTRIBUTE(CKA_BASE, g),
201 };
202 attributes = token.getAttributes
203 (O_IMPORT, CKO_PRIVATE_KEY, CKK_DH, attributes);
204 Session session = null;
205 try {
206 session = token.getObjSession();
207 long keyID = token.p11.C_CreateObject(session.id(), attributes);
208 return P11Key.privateKey
209 (session, keyID, "DH", p.bitLength(), attributes, true);
210 } finally {
211 token.releaseSession(session);
212 }
213 }
214
215 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
216 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
217 if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) {
218 session[0] = token.getObjSession();
219 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
220 new CK_ATTRIBUTE(CKA_VALUE),
221 new CK_ATTRIBUTE(CKA_PRIME),
222 new CK_ATTRIBUTE(CKA_BASE),
223 };
224 key.incNativeKeyRef();
225 try {
226 token.p11.C_GetAttributeValue(session[0].id(), key.keyID,
227 attributes);
228 } finally {
229 key.decNativeKeyRef();
230 }
231 KeySpec spec = new DHPublicKeySpec(
232 attributes[0].getBigInteger(),
233 attributes[1].getBigInteger(),
234 attributes[2].getBigInteger()
235 );
236 return keySpec.cast(spec);
237 } else { // X.509 handled in superclass
238 throw new InvalidKeySpecException("Only DHPublicKeySpec and "
239 + "X509EncodedKeySpec supported for DH public keys");
240 }
241 }
242
243 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
244 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
245 if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) {
246 session[0] = token.getObjSession();
247 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
248 new CK_ATTRIBUTE(CKA_VALUE),
249 new CK_ATTRIBUTE(CKA_PRIME),
250 new CK_ATTRIBUTE(CKA_BASE),
251 };
252 key.incNativeKeyRef();
253 try {
254 token.p11.C_GetAttributeValue(session[0].id(), key.keyID,
255 attributes);
256 } finally {
257 key.decNativeKeyRef();
258 }
259 KeySpec spec = new DHPrivateKeySpec(
260 attributes[0].getBigInteger(),
261 attributes[1].getBigInteger(),
262 attributes[2].getBigInteger()
263 );
264 return keySpec.cast(spec);
265 } else { // PKCS#8 handled in superclass
266 throw new InvalidKeySpecException("Only DHPrivateKeySpec "
267 + "and PKCS8EncodedKeySpec supported for DH private keys");
268 }
269 }
270
271 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
272 return KeyFactory.getInstance("DH", P11Util.getSunJceProvider());
273 }
274
275 }
|