jdk-sandbox: jdk/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeRSACipher.java@4525d13b8af1 (annotated)

27182 4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	1	/*
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	2	* Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	4	*
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	10	*
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	15	* accompanied this code).
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	16	*
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	20	*
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	23	* questions.
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	24	*/
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	25
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	26	package com.oracle.security.ucrypto;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	27
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	28	import java.util.Arrays;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	29	import java.util.WeakHashMap;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	30	import java.util.Collections;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	31	import java.util.Map;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	32
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	33	import java.security.AlgorithmParameters;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	34	import java.security.InvalidAlgorithmParameterException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	35	import java.security.InvalidKeyException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	36	import java.security.Key;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	37	import java.security.PublicKey;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	38	import java.security.PrivateKey;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	39	import java.security.spec.RSAPrivateCrtKeySpec;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	40	import java.security.spec.RSAPublicKeySpec;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	41	import java.security.interfaces.RSAKey;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	42	import java.security.interfaces.RSAPrivateCrtKey;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	43	import java.security.interfaces.RSAPublicKey;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	44
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	45	import java.security.KeyFactory;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	46	import java.security.NoSuchAlgorithmException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	47	import java.security.SecureRandom;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	48
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	49	import java.security.spec.AlgorithmParameterSpec;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	50	import java.security.spec.InvalidParameterSpecException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	51	import java.security.spec.InvalidKeySpecException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	52
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	53	import javax.crypto.BadPaddingException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	54	import javax.crypto.Cipher;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	55	import javax.crypto.CipherSpi;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	56	import javax.crypto.SecretKey;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	57	import javax.crypto.IllegalBlockSizeException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	58	import javax.crypto.NoSuchPaddingException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	59	import javax.crypto.ShortBufferException;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	60
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	61	import javax.crypto.spec.SecretKeySpec;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	62
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	63	import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	64	import sun.security.util.KeyUtil;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	65
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	66	/**
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	67	* Asymmetric Cipher wrapper class utilizing ucrypto APIs. This class
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	68	* currently supports
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	69	* - RSA/ECB/NOPADDING
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	70	* - RSA/ECB/PKCS1PADDING
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	71	*
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	72	* @since 1.9
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	73	*/
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	74	public class NativeRSACipher extends CipherSpi {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	75	// fields set in constructor
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	76	private final UcryptoMech mech;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	77	private final int padLen;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	78	private final NativeRSAKeyFactory keyFactory;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	79	private AlgorithmParameterSpec spec;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	80	private SecureRandom random;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	81
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	82	// Keep a cache of RSA keys and their RSA NativeKey for reuse.
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	83	// When the RSA key is gc'ed, we let NativeKey phatom references cleanup
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	84	// the native allocation
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	85	private static final Map<Key, NativeKey> keyList =
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	86	Collections.synchronizedMap(new WeakHashMap<Key, NativeKey>());
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	87
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	88	//
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	89	// fields (re)set in every init()
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	90	//
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	91	private NativeKey key = null;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	92	private int outputSize = 0; // e.g. modulus size in bytes
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	93	private boolean encrypt = true;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	94	private byte[] buffer;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	95	private int bufOfs = 0;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	96
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	97	// public implementation classes
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	98	public static final class NoPadding extends NativeRSACipher {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	99	public NoPadding() throws NoSuchAlgorithmException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	100	super(UcryptoMech.CRYPTO_RSA_X_509, 0);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	101	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	102	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	103
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	104	public static final class PKCS1Padding extends NativeRSACipher {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	105	public PKCS1Padding() throws NoSuchAlgorithmException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	106	super(UcryptoMech.CRYPTO_RSA_PKCS, 11);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	107	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	108	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	109
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	110	NativeRSACipher(UcryptoMech mech, int padLen)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	111	throws NoSuchAlgorithmException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	112	this.mech = mech;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	113	this.padLen = padLen;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	114	this.keyFactory = new NativeRSAKeyFactory();
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	115	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	116
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	117	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	118	protected void engineSetMode(String mode) throws NoSuchAlgorithmException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	119	// Disallow change of mode for now since currently it's explicitly
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	120	// defined in transformation strings
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	121	throw new NoSuchAlgorithmException("Unsupported mode " + mode);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	122	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	123
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	124	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	125	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	126	protected void engineSetPadding(String padding)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	127	throws NoSuchPaddingException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	128	// Disallow change of padding for now since currently it's explicitly
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	129	// defined in transformation strings
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	130	throw new NoSuchPaddingException("Unsupported padding " + padding);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	131	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	132
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	133	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	134	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	135	protected int engineGetBlockSize() {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	136	return 0;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	137	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	138
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	139	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	140	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	141	protected synchronized int engineGetOutputSize(int inputLen) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	142	return outputSize;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	143	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	144
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	145	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	146	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	147	protected byte[] engineGetIV() {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	148	return null;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	149	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	150
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	151	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	152	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	153	protected AlgorithmParameters engineGetParameters() {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	154	return null;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	155	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	156
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	157	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	158	protected int engineGetKeySize(Key key) throws InvalidKeyException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	159	if (!(key instanceof RSAKey)) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	160	throw new InvalidKeyException("RSAKey required");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	161	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	162	int n = ((RSAKey)key).getModulus().bitLength();
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	163	// strip off the leading extra 0x00 byte prefix
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	164	int realByteSize = (n + 7) >> 3;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	165	return realByteSize * 8;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	166	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	167
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	168	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	169	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	170	protected synchronized void engineInit(int opmode, Key key, SecureRandom random)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	171	throws InvalidKeyException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	172	try {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	173	engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	174	} catch (InvalidAlgorithmParameterException e) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	175	throw new InvalidKeyException("init() failed", e);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	176	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	177	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	178
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	179	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	180	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	181	protected synchronized void engineInit(int opmode, Key newKey,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	182	AlgorithmParameterSpec params, SecureRandom random)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	183	throws InvalidKeyException, InvalidAlgorithmParameterException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	184	if (newKey == null) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	185	throw new InvalidKeyException("Key cannot be null");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	186	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	187	if (opmode != Cipher.ENCRYPT_MODE &&
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	188	opmode != Cipher.DECRYPT_MODE &&
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	189	opmode != Cipher.WRAP_MODE &&
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	190	opmode != Cipher.UNWRAP_MODE) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	191	throw new InvalidAlgorithmParameterException
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	192	("Unsupported mode: " + opmode);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	193	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	194	if (params != null) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	195	if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	196	throw new InvalidAlgorithmParameterException(
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	197	"No Parameters can be specified");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	198	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	199	spec = params;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	200	this.random = random; // for TLS RSA premaster secret
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	201	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	202	boolean doEncrypt = (opmode == Cipher.ENCRYPT_MODE \|\| opmode == Cipher.WRAP_MODE);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	203
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	204	// Make sure the proper opmode uses the proper key
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	205	if (doEncrypt && (!(newKey instanceof RSAPublicKey))) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	206	throw new InvalidKeyException("RSAPublicKey required for encryption");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	207	} else if (!doEncrypt && (!(newKey instanceof RSAPrivateCrtKey))) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	208	throw new InvalidKeyException("RSAPrivateCrtKey required for decryption");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	209	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	210
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	211	NativeKey nativeKey = null;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	212	// Check keyList cache for a nativeKey
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	213	nativeKey = keyList.get(newKey);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	214	if (nativeKey == null) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	215	// With no existing nativeKey for this newKey, create one
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	216	if (doEncrypt) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	217	RSAPublicKey publicKey = (RSAPublicKey) newKey;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	218	try {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	219	nativeKey = (NativeKey) keyFactory.engineGeneratePublic
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	220	(new RSAPublicKeySpec(publicKey.getModulus(), publicKey.getPublicExponent()));
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	221	} catch (InvalidKeySpecException ikse) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	222	throw new InvalidKeyException(ikse);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	223	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	224	} else {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	225	RSAPrivateCrtKey privateKey = (RSAPrivateCrtKey) newKey;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	226	try {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	227	nativeKey = (NativeKey) keyFactory.engineGeneratePrivate
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	228	(new RSAPrivateCrtKeySpec(privateKey.getModulus(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	229	privateKey.getPublicExponent(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	230	privateKey.getPrivateExponent(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	231	privateKey.getPrimeP(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	232	privateKey.getPrimeQ(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	233	privateKey.getPrimeExponentP(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	234	privateKey.getPrimeExponentQ(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	235	privateKey.getCrtCoefficient()));
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	236	} catch (InvalidKeySpecException ikse) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	237	throw new InvalidKeyException(ikse);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	238	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	239	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	240
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	241	// Add nativeKey to keyList cache and associate it with newKey
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	242	keyList.put(newKey, nativeKey);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	243	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	244
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	245	init(doEncrypt, nativeKey);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	246	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	247
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	248	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	249	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	250	protected synchronized void engineInit(int opmode, Key key, AlgorithmParameters params,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	251	SecureRandom random)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	252	throws InvalidKeyException, InvalidAlgorithmParameterException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	253	if (params != null) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	254	throw new InvalidAlgorithmParameterException("No Parameters can be specified");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	255	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	256	engineInit(opmode, key, (AlgorithmParameterSpec) null, random);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	257	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	258
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	259	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	260	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	261	protected synchronized byte[] engineUpdate(byte[] in, int inOfs, int inLen) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	262	if (inLen > 0) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	263	update(in, inOfs, inLen);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	264	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	265	return null;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	266	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	267
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	268	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	269	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	270	protected synchronized int engineUpdate(byte[] in, int inOfs, int inLen, byte[] out,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	271	int outOfs) throws ShortBufferException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	272	if (out.length - outOfs < outputSize) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	273	throw new ShortBufferException("Output buffer too small");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	274	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	275	if (inLen > 0) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	276	update(in, inOfs, inLen);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	277	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	278	return 0;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	279	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	280
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	281	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	282	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	283	protected synchronized byte[] engineDoFinal(byte[] in, int inOfs, int inLen)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	284	throws IllegalBlockSizeException, BadPaddingException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	285	byte[] out = new byte[outputSize];
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	286	try {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	287	// delegate to the other engineDoFinal(...) method
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	288	int actualLen = engineDoFinal(in, inOfs, inLen, out, 0);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	289	if (actualLen != outputSize) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	290	return Arrays.copyOf(out, actualLen);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	291	} else {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	292	return out;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	293	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	294	} catch (ShortBufferException e) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	295	throw new UcryptoException("Internal Error", e);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	296	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	297	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	298
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	299	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	300	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	301	protected synchronized int engineDoFinal(byte[] in, int inOfs, int inLen, byte[] out,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	302	int outOfs)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	303	throws ShortBufferException, IllegalBlockSizeException,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	304	BadPaddingException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	305	if (inLen != 0) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	306	update(in, inOfs, inLen);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	307	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	308	return doFinal(out, outOfs, out.length - outOfs);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	309	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	310
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	311
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	312	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	313	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	314	protected synchronized byte[] engineWrap(Key key) throws IllegalBlockSizeException,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	315	InvalidKeyException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	316	try {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	317	byte[] encodedKey = key.getEncoded();
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	318	if ((encodedKey == null) \|\| (encodedKey.length == 0)) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	319	throw new InvalidKeyException("Cannot get an encoding of " +
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	320	"the key to be wrapped");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	321	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	322	if (encodedKey.length > buffer.length) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	323	throw new InvalidKeyException("Key is too long for wrapping");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	324	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	325	return engineDoFinal(encodedKey, 0, encodedKey.length);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	326	} catch (BadPaddingException e) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	327	// Should never happen for key wrapping
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	328	throw new UcryptoException("Internal Error", e);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	329	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	330	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	331
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	332	// see JCE spec
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	333	@Override
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	334	protected synchronized Key engineUnwrap(byte[] wrappedKey,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	335	String wrappedKeyAlgorithm, int wrappedKeyType)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	336	throws InvalidKeyException, NoSuchAlgorithmException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	337
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	338	if (wrappedKey.length > buffer.length) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	339	throw new InvalidKeyException("Key is too long for unwrapping");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	340	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	341
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	342	boolean isTlsRsaPremasterSecret =
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	343	wrappedKeyAlgorithm.equals("TlsRsaPremasterSecret");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	344	Exception failover = null;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	345
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	346	byte[] encodedKey = null;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	347	try {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	348	encodedKey = engineDoFinal(wrappedKey, 0, wrappedKey.length);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	349	} catch (BadPaddingException bpe) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	350	if (isTlsRsaPremasterSecret) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	351	failover = bpe;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	352	} else {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	353	throw new InvalidKeyException("Unwrapping failed", bpe);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	354	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	355	} catch (Exception e) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	356	throw new InvalidKeyException("Unwrapping failed", e);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	357	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	358
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	359	if (isTlsRsaPremasterSecret) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	360	if (!(spec instanceof TlsRsaPremasterSecretParameterSpec)) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	361	throw new IllegalStateException(
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	362	"No TlsRsaPremasterSecretParameterSpec specified");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	363	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	364
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	365	// polish the TLS premaster secret
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	366	encodedKey = KeyUtil.checkTlsPreMasterSecretKey(
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	367	((TlsRsaPremasterSecretParameterSpec)spec).getClientVersion(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	368	((TlsRsaPremasterSecretParameterSpec)spec).getServerVersion(),
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	369	random, encodedKey, (failover != null));
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	370	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	371
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	372	return NativeCipher.constructKey(wrappedKeyType,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	373	encodedKey, wrappedKeyAlgorithm);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	374	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	375
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	376	/**
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	377	* calls ucrypto_encrypt(...) or ucrypto_decrypt(...)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	378	* @returns the length of output or an negative error status code
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	379	*/
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	380	private native static int nativeAtomic(int mech, boolean encrypt,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	381	long keyValue, int keyLength,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	382	byte[] in, int inLen,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	383	byte[] out, int ouOfs, int outLen);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	384
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	385	// do actual initialization
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	386	private void init(boolean encrypt, NativeKey key) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	387	this.encrypt = encrypt;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	388	this.key = key;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	389	try {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	390	this.outputSize = engineGetKeySize(key)/8;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	391	} catch (InvalidKeyException ike) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	392	throw new UcryptoException("Internal Error", ike);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	393	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	394	this.buffer = new byte[outputSize];
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	395	this.bufOfs = 0;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	396	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	397
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	398	// store the specified input into the internal buffer
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	399	private void update(byte[] in, int inOfs, int inLen) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	400	if ((inLen <= 0) \|\| (in == null)) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	401	return;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	402	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	403	// buffer bytes internally until doFinal is called
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	404	if ((bufOfs + inLen + (encrypt? padLen:0)) > buffer.length) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	405	// lead to IllegalBlockSizeException when doFinal() is called
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	406	bufOfs = buffer.length + 1;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	407	return;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	408	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	409	System.arraycopy(in, inOfs, buffer, bufOfs, inLen);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	410	bufOfs += inLen;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	411	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	412
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	413	// return the actual non-negative output length
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	414	private int doFinal(byte[] out, int outOfs, int outLen)
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	415	throws ShortBufferException, IllegalBlockSizeException,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	416	BadPaddingException {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	417	if (bufOfs > buffer.length) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	418	throw new IllegalBlockSizeException(
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	419	"Data must not be longer than " +
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	420	(buffer.length - (encrypt ? padLen : 0)) + " bytes");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	421	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	422	if (outLen < outputSize) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	423	throw new ShortBufferException();
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	424	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	425	try {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	426	long keyValue = key.value();
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	427	int k = nativeAtomic(mech.value(), encrypt, keyValue,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	428	key.length(), buffer, bufOfs,
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	429	out, outOfs, outLen);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	430	if (k < 0) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	431	if ( k == -16 \|\| k == -64) {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	432	// -16: CRYPTO_ENCRYPTED_DATA_INVALID
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	433	// -64: CKR_ENCRYPTED_DATA_INVALID, see bug 17459266
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	434	UcryptoException ue = new UcryptoException(16);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	435	BadPaddingException bpe =
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	436	new BadPaddingException("Invalid encryption data");
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	437	bpe.initCause(ue);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	438	throw bpe;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	439	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	440	throw new UcryptoException(-k);
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	441	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	442
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	443	return k;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	444	} finally {
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	445	bufOfs = 0;
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	446	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	447	}
4525d13b8af1 8046002: Move Ucrypto to the open jdk repo valeriep parents: diff changeset	448	}

author	valeriep
	Mon, 20 Oct 2014 21:18:48 +0000
changeset 27182	4525d13b8af1
child 28092	a67de45e0b25
permissions	-rw-r--r--