235 new DerValue(DerValue.tag_OctetString, encodedPoint)
236 .toByteArray();
237 } catch (IOException e) {
238 throw new
239 IllegalArgumentException("Could not DER encode point", e);
240 }
241 }
242
243 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
244 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
245 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
246 new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint),
247 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
248 };
249 attributes = token.getAttributes
250 (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes);
251 Session session = null;
252 try {
253 session = token.getObjSession();
254 long keyID = token.p11.C_CreateObject(session.id(), attributes);
255 return P11Key.publicKey
256 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes);
257 } finally {
258 token.releaseSession(session);
259 }
260 }
261
262 private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params)
263 throws PKCS11Exception {
264 byte[] encodedParams =
265 ECUtil.encodeECParameterSpec(getSunECProvider(), params);
266 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
267 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
268 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
269 new CK_ATTRIBUTE(CKA_VALUE, s),
270 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
271 };
272 attributes = token.getAttributes
273 (O_IMPORT, CKO_PRIVATE_KEY, CKK_EC, attributes);
274 Session session = null;
275 try {
276 session = token.getObjSession();
277 long keyID = token.p11.C_CreateObject(session.id(), attributes);
278 return P11Key.privateKey
279 (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes);
280 } finally {
281 token.releaseSession(session);
282 }
283 }
284
285 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
286 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
287 if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) {
288 session[0] = token.getObjSession();
289 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
290 new CK_ATTRIBUTE(CKA_EC_POINT),
291 new CK_ATTRIBUTE(CKA_EC_PARAMS),
292 };
293 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
294 try {
295 ECParameterSpec params = decodeParameters(attributes[1].getByteArray());
296 ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve());
297 return keySpec.cast(new ECPublicKeySpec(point, params));
298 } catch (IOException e) {
299 throw new InvalidKeySpecException("Could not parse key", e);
300 }
301 } else { // X.509 handled in superclass
302 throw new InvalidKeySpecException("Only ECPublicKeySpec and "
303 + "X509EncodedKeySpec supported for EC public keys");
304 }
305 }
306
307 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
308 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
309 if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) {
310 session[0] = token.getObjSession();
311 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
312 new CK_ATTRIBUTE(CKA_VALUE),
313 new CK_ATTRIBUTE(CKA_EC_PARAMS),
314 };
315 token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes);
316 try {
317 ECParameterSpec params = decodeParameters(attributes[1].getByteArray());
318 return keySpec.cast(
319 new ECPrivateKeySpec(attributes[0].getBigInteger(), params));
320 } catch (IOException e) {
321 throw new InvalidKeySpecException("Could not parse key", e);
322 }
323 } else { // PKCS#8 handled in superclass
324 throw new InvalidKeySpecException("Only ECPrivateKeySpec "
325 + "and PKCS8EncodedKeySpec supported for EC private keys");
326 }
327 }
328
329 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
330 return KeyFactory.getInstance("EC", getSunECProvider());
331 }
332
333 }
|
235 new DerValue(DerValue.tag_OctetString, encodedPoint)
236 .toByteArray();
237 } catch (IOException e) {
238 throw new
239 IllegalArgumentException("Could not DER encode point", e);
240 }
241 }
242
243 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
244 new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
245 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
246 new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint),
247 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
248 };
249 attributes = token.getAttributes
250 (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes);
251 Session session = null;
252 try {
253 session = token.getObjSession();
254 long keyID = token.p11.C_CreateObject(session.id(), attributes);
255 return P11Key.publicKey(session, keyID, "EC",
256 params.getCurve().getField().getFieldSize(),
257 attributes, true);
258 } finally {
259 token.releaseSession(session);
260 }
261 }
262
263 private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params)
264 throws PKCS11Exception {
265 byte[] encodedParams =
266 ECUtil.encodeECParameterSpec(getSunECProvider(), params);
267 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
268 new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
269 new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
270 new CK_ATTRIBUTE(CKA_VALUE, s),
271 new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
272 };
273 attributes = token.getAttributes
274 (O_IMPORT, CKO_PRIVATE_KEY, CKK_EC, attributes);
275 Session session = null;
276 try {
277 session = token.getObjSession();
278 long keyID = token.p11.C_CreateObject(session.id(), attributes);
279 return P11Key.privateKey(session, keyID, "EC",
280 params.getCurve().getField().getFieldSize(),
281 attributes, true);
282 } finally {
283 token.releaseSession(session);
284 }
285 }
286
287 <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
288 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
289 if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) {
290 session[0] = token.getObjSession();
291 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
292 new CK_ATTRIBUTE(CKA_EC_POINT),
293 new CK_ATTRIBUTE(CKA_EC_PARAMS),
294 };
295 key.incNativeKeyRef();
296 try {
297 token.p11.C_GetAttributeValue(session[0].id(), key.keyID,
298 attributes);
299 } finally {
300 key.decNativeKeyRef();
301 }
302 try {
303 ECParameterSpec params = decodeParameters(attributes[1].getByteArray());
304 ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve());
305 return keySpec.cast(new ECPublicKeySpec(point, params));
306 } catch (IOException e) {
307 throw new InvalidKeySpecException("Could not parse key", e);
308 }
309 } else { // X.509 handled in superclass
310 throw new InvalidKeySpecException("Only ECPublicKeySpec and "
311 + "X509EncodedKeySpec supported for EC public keys");
312 }
313 }
314
315 <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
316 Session[] session) throws PKCS11Exception, InvalidKeySpecException {
317 if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) {
318 session[0] = token.getObjSession();
319 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
320 new CK_ATTRIBUTE(CKA_VALUE),
321 new CK_ATTRIBUTE(CKA_EC_PARAMS),
322 };
323 key.incNativeKeyRef();
324 try {
325 token.p11.C_GetAttributeValue(session[0].id(), key.keyID,
326 attributes);
327 } finally {
328 key.decNativeKeyRef();
329 }
330 try {
331 ECParameterSpec params = decodeParameters(attributes[1].getByteArray());
332 return keySpec.cast(
333 new ECPrivateKeySpec(attributes[0].getBigInteger(), params));
334 } catch (IOException e) {
335 throw new InvalidKeySpecException("Could not parse key", e);
336 }
337 } else { // PKCS#8 handled in superclass
338 throw new InvalidKeySpecException("Only ECPrivateKeySpec "
339 + "and PKCS8EncodedKeySpec supported for EC private keys");
340 }
341 }
342
343 KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
344 return KeyFactory.getInstance("EC", getSunECProvider());
345 }
346
347 }
|