Google Git
Sign in
android / platform / external / conscrypt / 4314dcb6f5eb0484f17d9096e45e8ae9c3bb1f72 / . / src / main / java / org / conscrypt / OpenSSLDHPrivateKey.java
blob: b138f7793ad43caad2bd74495126fe14137f4052 [file] [log] [blame]
/*
* Copyright (C) 2014 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.conscrypt;
import java.io.IOException;
import java.io.NotSerializableException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPrivateKeySpec;
public class OpenSSLDHPrivateKey implements DHPrivateKey, OpenSSLKeyHolder {
private static final long serialVersionUID = -7321023036951606638L;
private transient OpenSSLKey key;
/** base prime */
private transient byte[] p;
/** generator */
private transient byte[] g;
/** private key */
private transient byte[] x;
private transient Object mParamsLock = new Object();
private transient boolean readParams;
OpenSSLDHPrivateKey(OpenSSLKey key) {
this.key = key;
}
@Override
public OpenSSLKey getOpenSSLKey() {
return key;
}
OpenSSLDHPrivateKey(DHPrivateKeySpec dhKeySpec) throws InvalidKeySpecException {
try {
key = new OpenSSLKey(NativeCrypto.EVP_PKEY_new_DH(
dhKeySpec.getP().toByteArray(),
dhKeySpec.getG().toByteArray(),
null,
dhKeySpec.getX().toByteArray()));
} catch (Exception e) {
throw new InvalidKeySpecException(e);
}
}
private void ensureReadParams() {
synchronized (mParamsLock) {
if (readParams) {
return;
}
byte[][] params = NativeCrypto.get_DH_params(key.getPkeyContext());
p = params[0];
g = params[1];
x = params[3];
readParams = true;
}
}
static OpenSSLKey getInstance(DHPrivateKey dhPrivateKey) throws InvalidKeyException {
try {
DHParameterSpec dhParams = dhPrivateKey.getParams();
return new OpenSSLKey(NativeCrypto.EVP_PKEY_new_DH(
dhParams.getP().toByteArray(),
dhParams.getG().toByteArray(),
null,
dhPrivateKey.getX().toByteArray()));
} catch (Exception e) {
throw new InvalidKeyException(e);
}
}
@Override
public String getAlgorithm() {
return "DH";
}
@Override
public String getFormat() {
/*
* If we're using an OpenSSL ENGINE, there's no guarantee we can export
* the key. Returning {@code null} tells the caller that there's no
* encoded format.
*/
if (key.isEngineBased()) {
return null;
}
return "PKCS#8";
}
@Override
public byte[] getEncoded() {
/*
* If we're using an OpenSSL ENGINE, there's no guarantee we can export
* the key. Returning {@code null} tells the caller that there's no
* encoded format.
*/
if (key.isEngineBased()) {
return null;
}
return NativeCrypto.i2d_PKCS8_PRIV_KEY_INFO(key.getPkeyContext());
}
@Override
public DHParameterSpec getParams() {
ensureReadParams();
return new DHParameterSpec(new BigInteger(p), new BigInteger(g));
}
@Override
public BigInteger getX() {
if (key.isEngineBased()) {
throw new UnsupportedOperationException("private key value X cannot be extracted");
}
ensureReadParams();
return new BigInteger(x);
}
@Override
public boolean equals(Object o) {
if (o == this) {
return true;
}
if (o instanceof OpenSSLDHPrivateKey) {
OpenSSLDHPrivateKey other = (OpenSSLDHPrivateKey) o;
/*
* We can shortcut the true case, but it still may be equivalent but
* different copies.
*/
if (key.equals(other.getOpenSSLKey())) {
return true;
}
}
if (!(o instanceof DHPrivateKey)) {
return false;
}
ensureReadParams();
final DHPrivateKey other = (DHPrivateKey) o;
if (!x.equals(other.getX())) {
return false;
}
DHParameterSpec spec = other.getParams();
return g.equals(spec.getG()) && p.equals(spec.getP());
}
@Override
public int hashCode() {
ensureReadParams();
int hash = 1;
if (!key.isEngineBased()) {
hash = hash * 3 + x.hashCode();
}
hash = hash * 7 + p.hashCode();
hash = hash * 13 + g.hashCode();
return hash;
}
@Override
public String toString() {
final StringBuilder sb = new StringBuilder("OpenSSLDHPrivateKey{");
if (key.isEngineBased()) {
sb.append("key=");
sb.append(key);
sb.append('}');
return sb.toString();
}
ensureReadParams();
sb.append("X=");
sb.append(new BigInteger(x).toString(16));
sb.append(',');
sb.append("P=");
sb.append(new BigInteger(p).toString(16));
sb.append(',');
sb.append("G=");
sb.append(new BigInteger(g).toString(16));
sb.append('}');
return sb.toString();
}
private void readObject(ObjectInputStream stream) throws IOException, ClassNotFoundException {
stream.defaultReadObject();
final BigInteger g = (BigInteger) stream.readObject();
final BigInteger p = (BigInteger) stream.readObject();
final BigInteger x = (BigInteger) stream.readObject();
key = new OpenSSLKey(NativeCrypto.EVP_PKEY_new_DH(
p.toByteArray(),
g.toByteArray(),
null,
x.toByteArray()));
mParamsLock = new Object();
}
private void writeObject(ObjectOutputStream stream) throws IOException {
if (getOpenSSLKey().isEngineBased()) {
throw new NotSerializableException("engine-based keys can not be serialized");
}
stream.defaultWriteObject();
ensureReadParams();
stream.writeObject(new BigInteger(g));
stream.writeObject(new BigInteger(p));
stream.writeObject(new BigInteger(x));
}
}