235 new DerValue(DerValue.tag_OctetString, encodedPoint) 236 .toByteArray(); 237 } catch (IOException e) { 238 throw new 239 IllegalArgumentException("Could not DER encode point", e); 240 } 241 } 242 243 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 244 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY), 245 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), 246 new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint), 247 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams), 248 }; 249 attributes = token.getAttributes 250 (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes); 251 Session session = null; 252 try { 253 session = token.getObjSession(); 254 long keyID = token.p11.C_CreateObject(session.id(), attributes); 255 return P11Key.publicKey 256 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes); 257 } finally { 258 token.releaseSession(session); 259 } 260 } 261 262 private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params) 263 throws PKCS11Exception { 264 byte[] encodedParams = 265 ECUtil.encodeECParameterSpec(getSunECProvider(), params); 266 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 267 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), 268 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), 269 new CK_ATTRIBUTE(CKA_VALUE, s), 270 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams), 271 }; 272 attributes = token.getAttributes 273 (O_IMPORT, CKO_PRIVATE_KEY, CKK_EC, attributes); 274 Session session = null; 275 try { 276 session = token.getObjSession(); 277 long keyID = token.p11.C_CreateObject(session.id(), attributes); 278 return P11Key.privateKey 279 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes); 280 } finally { 281 token.releaseSession(session); 282 } 283 } 284 285 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, 286 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 287 if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) { 288 session[0] = token.getObjSession(); 289 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 290 new CK_ATTRIBUTE(CKA_EC_POINT), 291 new CK_ATTRIBUTE(CKA_EC_PARAMS), 292 }; 293 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 294 try { 295 ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); 296 ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve()); 297 return keySpec.cast(new ECPublicKeySpec(point, params)); 298 } catch (IOException e) { 299 throw new InvalidKeySpecException("Could not parse key", e); 300 } 301 } else { // X.509 handled in superclass 302 throw new InvalidKeySpecException("Only ECPublicKeySpec and " 303 + "X509EncodedKeySpec supported for EC public keys"); 304 } 305 } 306 307 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, 308 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 309 if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) { 310 session[0] = token.getObjSession(); 311 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 312 new CK_ATTRIBUTE(CKA_VALUE), 313 new CK_ATTRIBUTE(CKA_EC_PARAMS), 314 }; 315 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); 316 try { 317 ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); 318 return keySpec.cast( 319 new ECPrivateKeySpec(attributes[0].getBigInteger(), params)); 320 } catch (IOException e) { 321 throw new InvalidKeySpecException("Could not parse key", e); 322 } 323 } else { // PKCS#8 handled in superclass 324 throw new InvalidKeySpecException("Only ECPrivateKeySpec " 325 + "and PKCS8EncodedKeySpec supported for EC private keys"); 326 } 327 } 328 329 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException { 330 return KeyFactory.getInstance("EC", getSunECProvider()); 331 } 332 333 } | 235 new DerValue(DerValue.tag_OctetString, encodedPoint) 236 .toByteArray(); 237 } catch (IOException e) { 238 throw new 239 IllegalArgumentException("Could not DER encode point", e); 240 } 241 } 242 243 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 244 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY), 245 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), 246 new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint), 247 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams), 248 }; 249 attributes = token.getAttributes 250 (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes); 251 Session session = null; 252 try { 253 session = token.getObjSession(); 254 long keyID = token.p11.C_CreateObject(session.id(), attributes); 255 return P11Key.publicKey(session, keyID, "EC", 256 params.getCurve().getField().getFieldSize(), 257 attributes, true); 258 } finally { 259 token.releaseSession(session); 260 } 261 } 262 263 private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params) 264 throws PKCS11Exception { 265 byte[] encodedParams = 266 ECUtil.encodeECParameterSpec(getSunECProvider(), params); 267 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 268 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), 269 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), 270 new CK_ATTRIBUTE(CKA_VALUE, s), 271 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams), 272 }; 273 attributes = token.getAttributes 274 (O_IMPORT, CKO_PRIVATE_KEY, CKK_EC, attributes); 275 Session session = null; 276 try { 277 session = token.getObjSession(); 278 long keyID = token.p11.C_CreateObject(session.id(), attributes); 279 return P11Key.privateKey(session, keyID, "EC", 280 params.getCurve().getField().getFieldSize(), 281 attributes, true); 282 } finally { 283 token.releaseSession(session); 284 } 285 } 286 287 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, 288 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 289 if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) { 290 session[0] = token.getObjSession(); 291 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 292 new CK_ATTRIBUTE(CKA_EC_POINT), 293 new CK_ATTRIBUTE(CKA_EC_PARAMS), 294 }; 295 key.incNativeKeyRef(); 296 try { 297 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, 298 attributes); 299 } finally { 300 key.decNativeKeyRef(); 301 } 302 try { 303 ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); 304 ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve()); 305 return keySpec.cast(new ECPublicKeySpec(point, params)); 306 } catch (IOException e) { 307 throw new InvalidKeySpecException("Could not parse key", e); 308 } 309 } else { // X.509 handled in superclass 310 throw new InvalidKeySpecException("Only ECPublicKeySpec and " 311 + "X509EncodedKeySpec supported for EC public keys"); 312 } 313 } 314 315 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, 316 Session[] session) throws PKCS11Exception, InvalidKeySpecException { 317 if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) { 318 session[0] = token.getObjSession(); 319 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { 320 new CK_ATTRIBUTE(CKA_VALUE), 321 new CK_ATTRIBUTE(CKA_EC_PARAMS), 322 }; 323 key.incNativeKeyRef(); 324 try { 325 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, 326 attributes); 327 } finally { 328 key.decNativeKeyRef(); 329 } 330 try { 331 ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); 332 return keySpec.cast( 333 new ECPrivateKeySpec(attributes[0].getBigInteger(), params)); 334 } catch (IOException e) { 335 throw new InvalidKeySpecException("Could not parse key", e); 336 } 337 } else { // PKCS#8 handled in superclass 338 throw new InvalidKeySpecException("Only ECPrivateKeySpec " 339 + "and PKCS8EncodedKeySpec supported for EC private keys"); 340 } 341 } 342 343 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException { 344 return KeyFactory.getInstance("EC", getSunECProvider()); 345 } 346 347 } |