| /* |
| * Copyright (c) 2006, 2007, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package sun.security.pkcs11; |
| |
| import java.security.*; |
| import java.security.interfaces.ECPublicKey; |
| import java.security.spec.AlgorithmParameterSpec; |
| |
| import javax.crypto.*; |
| |
| import static sun.security.pkcs11.TemplateManager.*; |
| import sun.security.pkcs11.wrapper.*; |
| import static sun.security.pkcs11.wrapper.PKCS11Constants.*; |
| |
| /** |
| * KeyAgreement implementation for ECDH. |
| * |
| * @author Andreas Sterbenz |
| * @since 1.6 |
| */ |
| final class P11ECDHKeyAgreement extends KeyAgreementSpi { |
| |
| // token instance |
| private final Token token; |
| |
| // algorithm name |
| private final String algorithm; |
| |
| // mechanism id |
| private final long mechanism; |
| |
| // private key, if initialized |
| private P11Key privateKey; |
| |
| // encoded public point, non-null between doPhase() and generateSecret() only |
| private byte[] publicValue; |
| |
| // length of the secret to be derived |
| private int secretLen; |
| |
| P11ECDHKeyAgreement(Token token, String algorithm, long mechanism) { |
| super(); |
| this.token = token; |
| this.algorithm = algorithm; |
| this.mechanism = mechanism; |
| } |
| |
| // see JCE spec |
| protected void engineInit(Key key, SecureRandom random) |
| throws InvalidKeyException { |
| if (key instanceof PrivateKey == false) { |
| throw new InvalidKeyException |
| ("Key must be instance of PrivateKey"); |
| } |
| privateKey = P11KeyFactory.convertKey(token, key, "EC"); |
| publicValue = null; |
| } |
| |
| // see JCE spec |
| protected void engineInit(Key key, AlgorithmParameterSpec params, |
| SecureRandom random) throws InvalidKeyException, |
| InvalidAlgorithmParameterException { |
| if (params != null) { |
| throw new InvalidAlgorithmParameterException |
| ("Parameters not supported"); |
| } |
| engineInit(key, random); |
| } |
| |
| // see JCE spec |
| protected Key engineDoPhase(Key key, boolean lastPhase) |
| throws InvalidKeyException, IllegalStateException { |
| if (privateKey == null) { |
| throw new IllegalStateException("Not initialized"); |
| } |
| if (publicValue != null) { |
| throw new IllegalStateException("Phase already executed"); |
| } |
| if (lastPhase == false) { |
| throw new IllegalStateException |
| ("Only two party agreement supported, lastPhase must be true"); |
| } |
| if (key instanceof ECPublicKey == false) { |
| throw new InvalidKeyException |
| ("Key must be a PublicKey with algorithm EC"); |
| } |
| ECPublicKey ecKey = (ECPublicKey)key; |
| int keyLenBits = ecKey.getParams().getCurve().getField().getFieldSize(); |
| secretLen = (keyLenBits + 7) >> 3; |
| publicValue = P11ECKeyFactory.getEncodedPublicValue(ecKey); |
| return null; |
| } |
| |
| // see JCE spec |
| protected byte[] engineGenerateSecret() throws IllegalStateException { |
| if ((privateKey == null) || (publicValue == null)) { |
| throw new IllegalStateException("Not initialized correctly"); |
| } |
| Session session = null; |
| try { |
| session = token.getOpSession(); |
| CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
| new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY), |
| new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_GENERIC_SECRET), |
| }; |
| CK_ECDH1_DERIVE_PARAMS ckParams = |
| new CK_ECDH1_DERIVE_PARAMS(CKD_NULL, null, publicValue); |
| attributes = token.getAttributes |
| (O_GENERATE, CKO_SECRET_KEY, CKK_GENERIC_SECRET, attributes); |
| long keyID = token.p11.C_DeriveKey(session.id(), |
| new CK_MECHANISM(mechanism, ckParams), privateKey.keyID, |
| attributes); |
| attributes = new CK_ATTRIBUTE[] { |
| new CK_ATTRIBUTE(CKA_VALUE) |
| }; |
| token.p11.C_GetAttributeValue(session.id(), keyID, attributes); |
| byte[] secret = attributes[0].getByteArray(); |
| token.p11.C_DestroyObject(session.id(), keyID); |
| return secret; |
| } catch (PKCS11Exception e) { |
| throw new ProviderException("Could not derive key", e); |
| } finally { |
| publicValue = null; |
| token.releaseSession(session); |
| } |
| } |
| |
| // see JCE spec |
| protected int engineGenerateSecret(byte[] sharedSecret, int |
| offset) throws IllegalStateException, ShortBufferException { |
| if (offset + secretLen > sharedSecret.length) { |
| throw new ShortBufferException("Need " + secretLen |
| + " bytes, only " + (sharedSecret.length - offset) + " available"); |
| } |
| byte[] secret = engineGenerateSecret(); |
| System.arraycopy(secret, 0, sharedSecret, offset, secret.length); |
| return secret.length; |
| } |
| |
| // see JCE spec |
| protected SecretKey engineGenerateSecret(String algorithm) |
| throws IllegalStateException, NoSuchAlgorithmException, |
| InvalidKeyException { |
| if (algorithm == null) { |
| throw new NoSuchAlgorithmException("Algorithm must not be null"); |
| } |
| if (algorithm.equals("TlsPremasterSecret") == false) { |
| throw new NoSuchAlgorithmException |
| ("Only supported for algorithm TlsPremasterSecret"); |
| } |
| return nativeGenerateSecret(algorithm); |
| } |
| |
| private SecretKey nativeGenerateSecret(String algorithm) |
| throws IllegalStateException, NoSuchAlgorithmException, |
| InvalidKeyException { |
| if ((privateKey == null) || (publicValue == null)) { |
| throw new IllegalStateException("Not initialized correctly"); |
| } |
| long keyType = CKK_GENERIC_SECRET; |
| Session session = null; |
| try { |
| session = token.getObjSession(); |
| CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
| new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY), |
| new CK_ATTRIBUTE(CKA_KEY_TYPE, keyType), |
| }; |
| CK_ECDH1_DERIVE_PARAMS ckParams = |
| new CK_ECDH1_DERIVE_PARAMS(CKD_NULL, null, publicValue); |
| attributes = token.getAttributes |
| (O_GENERATE, CKO_SECRET_KEY, keyType, attributes); |
| long keyID = token.p11.C_DeriveKey(session.id(), |
| new CK_MECHANISM(mechanism, ckParams), privateKey.keyID, |
| attributes); |
| CK_ATTRIBUTE[] lenAttributes = new CK_ATTRIBUTE[] { |
| new CK_ATTRIBUTE(CKA_VALUE_LEN), |
| }; |
| token.p11.C_GetAttributeValue(session.id(), keyID, lenAttributes); |
| int keyLen = (int)lenAttributes[0].getLong(); |
| SecretKey key = P11Key.secretKey |
| (session, keyID, algorithm, keyLen << 3, attributes); |
| return key; |
| } catch (PKCS11Exception e) { |
| throw new InvalidKeyException("Could not derive key", e); |
| } finally { |
| publicValue = null; |
| token.releaseSession(session); |
| } |
| } |
| |
| } |