130 throw new InvalidParameterException(MSG); 131 } 132 133 protected SecretKey engineGenerateKey() { 134 if (spec == null) { 135 throw new IllegalStateException 136 ("TlsMasterSecretGenerator must be initialized"); 137 } 138 byte[] clientRandom = spec.getClientRandom(); 139 byte[] serverRandom = spec.getServerRandom(); 140 CK_SSL3_RANDOM_DATA random = 141 new CK_SSL3_RANDOM_DATA(clientRandom, serverRandom); 142 CK_SSL3_MASTER_KEY_DERIVE_PARAMS params = 143 new CK_SSL3_MASTER_KEY_DERIVE_PARAMS(random, ckVersion); 144 145 Session session = null; 146 try { 147 session = token.getObjSession(); 148 CK_ATTRIBUTE[] attributes = token.getAttributes(O_GENERATE, 149 CKO_SECRET_KEY, CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); 150 long keyID = token.p11.C_DeriveKey(session.id(), 151 new CK_MECHANISM(mechanism, params), p11Key.keyID, attributes); 152 int major, minor; 153 if (params.pVersion == null) { 154 major = -1; 155 minor = -1; 156 } else { 157 major = params.pVersion.major; 158 minor = params.pVersion.minor; 159 } 160 SecretKey key = P11Key.masterSecretKey(session, keyID, 161 "TlsMasterSecret", 48 << 3, attributes, major, minor); 162 return key; 163 } catch (Exception e) { 164 throw new ProviderException("Could not generate key", e); 165 } finally { 166 token.releaseSession(session); 167 } 168 } 169 } | 130 throw new InvalidParameterException(MSG); 131 } 132 133 protected SecretKey engineGenerateKey() { 134 if (spec == null) { 135 throw new IllegalStateException 136 ("TlsMasterSecretGenerator must be initialized"); 137 } 138 byte[] clientRandom = spec.getClientRandom(); 139 byte[] serverRandom = spec.getServerRandom(); 140 CK_SSL3_RANDOM_DATA random = 141 new CK_SSL3_RANDOM_DATA(clientRandom, serverRandom); 142 CK_SSL3_MASTER_KEY_DERIVE_PARAMS params = 143 new CK_SSL3_MASTER_KEY_DERIVE_PARAMS(random, ckVersion); 144 145 Session session = null; 146 try { 147 session = token.getObjSession(); 148 CK_ATTRIBUTE[] attributes = token.getAttributes(O_GENERATE, 149 CKO_SECRET_KEY, CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); 150 p11Key.incNativeKeyRef(); 151 long keyID; 152 try { 153 keyID = token.p11.C_DeriveKey(session.id(), 154 new CK_MECHANISM(mechanism, params), 155 p11Key.keyID, attributes); 156 } finally { 157 p11Key.decNativeKeyRef(); 158 } 159 int major, minor; 160 if (params.pVersion == null) { 161 major = -1; 162 minor = -1; 163 } else { 164 major = params.pVersion.major; 165 minor = params.pVersion.minor; 166 } 167 SecretKey key = P11Key.masterSecretKey(session, keyID, 168 "TlsMasterSecret", 48 << 3, attributes, major, minor, true); 169 return key; 170 } catch (Exception e) { 171 throw new ProviderException("Could not generate key", e); 172 } finally { 173 token.releaseSession(session); 174 } 175 } 176 } |