1 /*

     2  * Copyright 2006-2007 Sun Microsystems, Inc.  All Rights Reserved.

     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

     4  *

     5  * This code is free software; you can redistribute it and/or modify it

     6  * under the terms of the GNU General Public License version 2 only, as

     7  * published by the Free Software Foundation.  Sun designates this

     8  * particular file as subject to the "Classpath" exception as provided

     9  * by Sun in the LICENSE file that accompanied this code.

    10  *

    11  * This code is distributed in the hope that it will be useful, but WITHOUT

    12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

    13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

    14  * version 2 for more details (a copy is included in the LICENSE file that

    15  * accompanied this code).

    16  *

    17  * You should have received a copy of the GNU General Public License version

    18  * 2 along with this work; if not, write to the Free Software Foundation,

    19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

    20  *

    21  * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,

    22  * CA 95054 USA or visit www.sun.com if you need additional information or

    23  * have any questions.

    24  */

    25 

    26 package sun.security.ssl;

    27 

    28 import java.security.*;

    29 import java.security.interfaces.ECPublicKey;

    30 import java.security.spec.*;

    31 

    32 import javax.crypto.SecretKey;

    33 import javax.crypto.KeyAgreement;

    34 import javax.crypto.spec.*;

    35 

    36 /**

    37  * Helper class for the ECDH key exchange. It generates the appropriate

    38  * ephemeral keys as necessary and performs the actual shared secret derivation.

    39  *

    40  * @since   1.6

    41  * @author  Andreas Sterbenz

    42  */

    43 final class ECDHCrypt {

    44 

    45     // our private key

    46     private PrivateKey privateKey;

    47 

    48     // our public key

    49     private ECPublicKey publicKey;

    50 

    51     // Called by ServerHandshaker for static ECDH

    52     ECDHCrypt(PrivateKey privateKey, PublicKey publicKey) {

    53         this.privateKey = privateKey;

    54         this.publicKey = (ECPublicKey)publicKey;

    55     }

    56 

    57     // Called by ServerHandshaker for ephemeral ECDH

    58     ECDHCrypt(String curveName, SecureRandom random) {

    59         try {

    60             KeyPairGenerator kpg = JsseJce.getKeyPairGenerator("EC");

    61             ECGenParameterSpec params = new ECGenParameterSpec(curveName);

    62             kpg.initialize(params, random);

    63             KeyPair kp = kpg.generateKeyPair();

    64             privateKey = kp.getPrivate();

    65             publicKey = (ECPublicKey)kp.getPublic();

    66         } catch (GeneralSecurityException e) {

    67             throw new RuntimeException("Could not generate DH keypair", e);

    68         }

    69     }

    70 

    71     // Called by ClientHandshaker with params it received from the server

    72     ECDHCrypt(ECParameterSpec params, SecureRandom random) {

    73         try {

    74             KeyPairGenerator kpg = JsseJce.getKeyPairGenerator("EC");

    75             kpg.initialize(params, random);

    76             KeyPair kp = kpg.generateKeyPair();

    77             privateKey = kp.getPrivate();

    78             publicKey = (ECPublicKey)kp.getPublic();

    79         } catch (GeneralSecurityException e) {

    80             throw new RuntimeException("Could not generate DH keypair", e);

    81         }

    82     }

    83 

    84     /**

    85      * Gets the public key of this end of the key exchange.

    86      */

    87     PublicKey getPublicKey() {

    88         return publicKey;

    89     }

    90 

    91     // called by ClientHandshaker with either the server's static or ephemeral public key

    92     SecretKey getAgreedSecret(PublicKey peerPublicKey) {

    93         try {

    94             KeyAgreement ka = JsseJce.getKeyAgreement("ECDH");

    95             ka.init(privateKey);

    96             ka.doPhase(peerPublicKey, true);

    97             return ka.generateSecret("TlsPremasterSecret");

    98         } catch (GeneralSecurityException e) {

    99             throw new RuntimeException("Could not generate secret", e);

   100         }

   101     }

   102 

   103     // called by ServerHandshaker

   104     SecretKey getAgreedSecret(byte[] encodedPoint) {

   105         try {

   106             ECParameterSpec params = publicKey.getParams();

   107             ECPoint point = JsseJce.decodePoint(encodedPoint, params.getCurve());

   108             KeyFactory kf = JsseJce.getKeyFactory("EC");

   109             ECPublicKeySpec spec = new ECPublicKeySpec(point, params);

   110             PublicKey peerPublicKey = kf.generatePublic(spec);

   111             return getAgreedSecret(peerPublicKey);

   112         } catch (GeneralSecurityException e) {

   113             throw new RuntimeException("Could not generate secret", e);

   114         } catch (java.io.IOException e) {

   115             throw new RuntimeException("Could not generate secret", e);

   116         }

   117     }

   118 

   119 }