67 |
67 |
68 if (encodedPoint == null || encodedPoint.length == 0) { |
68 if (encodedPoint == null || encodedPoint.length == 0) { |
69 return null; |
69 return null; |
70 } |
70 } |
71 |
71 |
72 NamedParameterSpec namedSpec = new NamedParameterSpec(namedGroup.algorithm); |
72 NamedParameterSpec namedSpec = |
73 XECPublicKeySpec xecKeySpec = ECUtil.decodeXecPublicKey(encodedPoint, namedSpec); |
73 new NamedParameterSpec(namedGroup.algorithm); |
|
74 XECPublicKeySpec xecKeySpec = |
|
75 ECUtil.decodeXecPublicKey(encodedPoint, namedSpec); |
74 KeyFactory factory = JsseJce.getKeyFactory(namedGroup.algorithm); |
76 KeyFactory factory = JsseJce.getKeyFactory(namedGroup.algorithm); |
75 |
77 |
76 XECPublicKey publicKey = (XECPublicKey)factory.generatePublic(xecKeySpec); |
78 XECPublicKey publicKey = |
|
79 (XECPublicKey) factory.generatePublic(xecKeySpec); |
77 return new XDHECredentials(publicKey, namedGroup); |
80 return new XDHECredentials(publicKey, namedGroup); |
78 } |
81 } |
79 } |
82 } |
80 |
83 |
81 static final class XDHEPossession implements SSLPossession { |
84 static final class XDHEPossession implements SSLPossession { |
83 final XECPublicKey publicKey; |
86 final XECPublicKey publicKey; |
84 final NamedGroup namedGroup; |
87 final NamedGroup namedGroup; |
85 |
88 |
86 XDHEPossession(NamedGroup namedGroup, SecureRandom random) { |
89 XDHEPossession(NamedGroup namedGroup, SecureRandom random) { |
87 try { |
90 try { |
88 KeyPairGenerator kpg = JsseJce.getKeyPairGenerator(namedGroup.algorithm); |
91 KeyPairGenerator kpg = |
|
92 JsseJce.getKeyPairGenerator(namedGroup.algorithm); |
89 AlgorithmParameterSpec params = namedGroup.getParameterSpec(); |
93 AlgorithmParameterSpec params = namedGroup.getParameterSpec(); |
90 kpg.initialize(params, random); |
94 kpg.initialize(params, random); |
91 KeyPair kp = kpg.generateKeyPair(); |
95 KeyPair kp = kpg.generateKeyPair(); |
92 privateKey = kp.getPrivate(); |
96 privateKey = kp.getPrivate(); |
93 publicKey = (XECPublicKey)kp.getPublic(); |
97 publicKey = (XECPublicKey) kp.getPublic(); |
94 } catch (GeneralSecurityException e) { |
98 } catch (GeneralSecurityException e) { |
95 throw new RuntimeException( |
99 throw new RuntimeException( |
96 "Could not generate XDH keypair", e); |
100 "Could not generate XDH keypair", e); |
97 } |
101 } |
98 |
102 |
100 } |
104 } |
101 |
105 |
102 @Override |
106 @Override |
103 public byte[] encode() { |
107 public byte[] encode() { |
104 try { |
108 try { |
105 return ECUtil.encodeXecPublicKey(publicKey.getU(), publicKey.getParams()); |
109 return ECUtil.encodeXecPublicKey(publicKey.getU(), |
|
110 publicKey.getParams()); |
106 } catch (InvalidParameterSpecException ex) { |
111 } catch (InvalidParameterSpecException ex) { |
107 throw new RuntimeException(ex); |
112 throw new RuntimeException(ex); |
108 } |
113 } |
109 } |
114 } |
110 } |
115 } |
124 for (SSLPossession poss : context.handshakePossessions) { |
129 for (SSLPossession poss : context.handshakePossessions) { |
125 if (!(poss instanceof XDHEPossession)) { |
130 if (!(poss instanceof XDHEPossession)) { |
126 continue; |
131 continue; |
127 } |
132 } |
128 |
133 |
129 NamedGroup ng = ((XDHEPossession)poss).namedGroup; |
134 NamedGroup ng = ((XDHEPossession) poss).namedGroup; |
130 for (SSLCredentials cred : context.handshakeCredentials) { |
135 for (SSLCredentials cred : context.handshakeCredentials) { |
131 if (!(cred instanceof XDHECredentials)) { |
136 if (!(cred instanceof XDHECredentials)) { |
132 continue; |
137 continue; |
133 } |
138 } |
134 if (ng.equals(((XDHECredentials)cred).namedGroup)) { |
139 if (ng.equals(((XDHECredentials) cred).namedGroup)) { |
135 xdheCredentials = (XDHECredentials)cred; |
140 xdheCredentials = (XDHECredentials) cred; |
136 break; |
141 break; |
137 } |
142 } |
138 } |
143 } |
139 |
144 |
140 if (xdheCredentials != null) { |
145 if (xdheCredentials != null) { |
141 xdhePossession = (XDHEPossession)poss; |
146 xdhePossession = (XDHEPossession) poss; |
142 break; |
147 break; |
143 } |
148 } |
144 } |
149 } |
145 |
150 |
146 if (xdhePossession == null || xdheCredentials == null) { |
151 if (xdhePossession == null || xdheCredentials == null) { |