12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25 package sun.security.ssl;
26
27 import java.io.IOException;
28 import java.math.BigInteger;
29 import java.security.*;
30 import java.security.interfaces.XECPublicKey;
31 import java.security.spec.*;
32 import sun.security.ssl.NamedGroup.NamedGroupType;
33 import sun.security.util.*;
34
35 /**
36 * Specifics for XEC/XDH Keys/Exchanges
37 */
38 final class XDHKeyExchange {
39
40 static final SSLKeyAgreementGenerator xdheKAGenerator
41 = new XDHEKAGenerator();
42
43 static final class XDHECredentials implements NamedGroupCredentials {
44
45 final XECPublicKey popPublicKey;
46 final NamedGroup namedGroup;
47
48 XDHECredentials(XECPublicKey popPublicKey, NamedGroup namedGroup) {
49 this.popPublicKey = popPublicKey;
50 this.namedGroup = namedGroup;
51 }
52
53 @Override
54 public PublicKey getPublicKey() {
55 return popPublicKey;
56 }
57
58 @Override
59 public NamedGroup getNamedGroup() {
60 return namedGroup;
61 }
62
63 /**
64 * Parse the encoded Point into the XDHECredentials using the
65 * namedGroup.
66 */
67 static XDHECredentials valueOf(NamedGroup namedGroup,
68 byte[] encodedPoint) throws IOException,
69 GeneralSecurityException {
70
71 if (namedGroup.type != NamedGroupType.NAMED_GROUP_XDH) {
72 throw new RuntimeException(
73 "Credentials decoding: Not XDH named group");
74 }
75
76 if (encodedPoint == null || encodedPoint.length == 0) {
77 return null;
78 }
79
80 byte[] uBytes = encodedPoint.clone();
81 Utilities.reverseBytes(uBytes);
82 BigInteger u = new BigInteger(1, uBytes);
83
84 XECPublicKeySpec xecPublicKeySpec = new XECPublicKeySpec(
85 new NamedParameterSpec(namedGroup.name), u);
86 KeyFactory factory = JsseJce.getKeyFactory(namedGroup.algorithm);
87 XECPublicKey publicKey = (XECPublicKey) factory.generatePublic(
88 xecPublicKeySpec);
89
90 return new XDHECredentials(publicKey, namedGroup);
91 }
92 }
93
94 static final class XDHEPossession implements NamedGroupPossession {
95
96 final PrivateKey privateKey;
97 final XECPublicKey publicKey;
98 final NamedGroup namedGroup;
99
100 XDHEPossession(NamedGroup namedGroup, SecureRandom random) {
101 try {
102 KeyPairGenerator kpg
103 = JsseJce.getKeyPairGenerator(namedGroup.algorithm);
104 AlgorithmParameterSpec params = namedGroup.getParameterSpec();
105 kpg.initialize(params, random);
106 KeyPair kp = kpg.generateKeyPair();
107 privateKey = kp.getPrivate();
108 publicKey = (XECPublicKey) kp.getPublic();
109 } catch (GeneralSecurityException e) {
110 throw new RuntimeException(
111 "Could not generate XDH keypair", e);
112 }
113
114 this.namedGroup = namedGroup;
115 }
116
117 @Override
118 public byte[] encode() {
119
120 byte[] uBytes = ECUtil.trimZeroes(publicKey.getU().toByteArray());
121
122 int expLength;
123 switch (namedGroup) {
124 case X25519:
125 expLength = 32;
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25 package sun.security.ssl;
26
27 import java.io.IOException;
28 import java.math.BigInteger;
29 import java.security.*;
30 import java.security.interfaces.XECPublicKey;
31 import java.security.spec.*;
32 import sun.security.ssl.NamedGroup.NamedGroupSpec;
33 import sun.security.util.*;
34
35 /**
36 * Specifics for XEC/XDH Keys/Exchanges
37 */
38 final class XDHKeyExchange {
39
40 static final SSLKeyAgreementGenerator xdheKAGenerator
41 = new XDHEKAGenerator();
42
43 static final class XDHECredentials implements NamedGroupCredentials {
44
45 final XECPublicKey popPublicKey;
46 final NamedGroup namedGroup;
47
48 XDHECredentials(XECPublicKey popPublicKey, NamedGroup namedGroup) {
49 this.popPublicKey = popPublicKey;
50 this.namedGroup = namedGroup;
51 }
52
53 @Override
54 public PublicKey getPublicKey() {
55 return popPublicKey;
56 }
57
58 @Override
59 public NamedGroup getNamedGroup() {
60 return namedGroup;
61 }
62
63 /**
64 * Parse the encoded Point into the XDHECredentials using the
65 * namedGroup.
66 */
67 static XDHECredentials valueOf(NamedGroup namedGroup,
68 byte[] encodedPoint) throws IOException,
69 GeneralSecurityException {
70
71 if (namedGroup.spec != NamedGroupSpec.NAMED_GROUP_XDH) {
72 throw new RuntimeException(
73 "Credentials decoding: Not XDH named group");
74 }
75
76 if (encodedPoint == null || encodedPoint.length == 0) {
77 return null;
78 }
79
80 byte[] uBytes = encodedPoint.clone();
81 Utilities.reverseBytes(uBytes);
82 BigInteger u = new BigInteger(1, uBytes);
83
84 XECPublicKeySpec xecPublicKeySpec = new XECPublicKeySpec(
85 new NamedParameterSpec(namedGroup.name), u);
86 KeyFactory factory = JsseJce.getKeyFactory(namedGroup.algorithm);
87 XECPublicKey publicKey = (XECPublicKey) factory.generatePublic(
88 xecPublicKeySpec);
89
90 return new XDHECredentials(publicKey, namedGroup);
91 }
92 }
93
94 static final class XDHEPossession implements NamedGroupPossession {
95
96 final PrivateKey privateKey;
97 final XECPublicKey publicKey;
98 final NamedGroup namedGroup;
99
100 XDHEPossession(NamedGroup namedGroup, SecureRandom random) {
101 try {
102 KeyPairGenerator kpg
103 = JsseJce.getKeyPairGenerator(namedGroup.algorithm);
104 kpg.initialize(namedGroup.keAlgParamSpec, random);
105 KeyPair kp = kpg.generateKeyPair();
106 privateKey = kp.getPrivate();
107 publicKey = (XECPublicKey) kp.getPublic();
108 } catch (GeneralSecurityException e) {
109 throw new RuntimeException(
110 "Could not generate XDH keypair", e);
111 }
112
113 this.namedGroup = namedGroup;
114 }
115
116 @Override
117 public byte[] encode() {
118
119 byte[] uBytes = ECUtil.trimZeroes(publicKey.getU().toByteArray());
120
121 int expLength;
122 switch (namedGroup) {
123 case X25519:
124 expLength = 32;
|