1 /* |
|
2 * Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. Oracle designates this |
|
8 * particular file as subject to the "Classpath" exception as provided |
|
9 * by Oracle in the LICENSE file that accompanied this code. |
|
10 * |
|
11 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 * version 2 for more details (a copy is included in the LICENSE file that |
|
15 * accompanied this code). |
|
16 * |
|
17 * You should have received a copy of the GNU General Public License version |
|
18 * 2 along with this work; if not, write to the Free Software Foundation, |
|
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 * |
|
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 * or visit www.oracle.com if you need additional information or have any |
|
23 * questions. |
|
24 */ |
|
25 |
|
26 package sun.security.ec; |
|
27 |
|
28 import java.io.IOException; |
|
29 |
|
30 import java.security.*; |
|
31 import java.security.spec.*; |
|
32 |
|
33 import sun.security.util.*; |
|
34 |
|
35 /** |
|
36 * This class implements encoding and decoding of Elliptic Curve parameters |
|
37 * as specified in RFC 3279. |
|
38 * |
|
39 * However, only named curves are currently supported. |
|
40 * |
|
41 * ASN.1 from RFC 3279 follows. Note that X9.62 (2005) has added some additional |
|
42 * options. |
|
43 * |
|
44 * <pre> |
|
45 * EcpkParameters ::= CHOICE { |
|
46 * ecParameters ECParameters, |
|
47 * namedCurve OBJECT IDENTIFIER, |
|
48 * implicitlyCA NULL } |
|
49 * |
|
50 * ECParameters ::= SEQUENCE { |
|
51 * version ECPVer, -- version is always 1 |
|
52 * fieldID FieldID, -- identifies the finite field over |
|
53 * -- which the curve is defined |
|
54 * curve Curve, -- coefficients a and b of the |
|
55 * -- elliptic curve |
|
56 * base ECPoint, -- specifies the base point P |
|
57 * -- on the elliptic curve |
|
58 * order INTEGER, -- the order n of the base point |
|
59 * cofactor INTEGER OPTIONAL -- The integer h = #E(Fq)/n |
|
60 * } |
|
61 * |
|
62 * ECPVer ::= INTEGER {ecpVer1(1)} |
|
63 * |
|
64 * Curve ::= SEQUENCE { |
|
65 * a FieldElement, |
|
66 * b FieldElement, |
|
67 * seed BIT STRING OPTIONAL } |
|
68 * |
|
69 * FieldElement ::= OCTET STRING |
|
70 * |
|
71 * ECPoint ::= OCTET STRING |
|
72 * </pre> |
|
73 * |
|
74 * @since 1.6 |
|
75 * @author Andreas Sterbenz |
|
76 */ |
|
77 public final class ECParameters extends AlgorithmParametersSpi { |
|
78 |
|
79 // used by ECPublicKeyImpl and ECPrivateKeyImpl |
|
80 static AlgorithmParameters getAlgorithmParameters(ECParameterSpec spec) |
|
81 throws InvalidKeyException { |
|
82 try { |
|
83 AlgorithmParameters params = |
|
84 AlgorithmParameters.getInstance("EC", "SunEC"); |
|
85 params.init(spec); |
|
86 return params; |
|
87 } catch (GeneralSecurityException e) { |
|
88 throw new InvalidKeyException("EC parameters error", e); |
|
89 } |
|
90 } |
|
91 |
|
92 /* |
|
93 * The parameters these AlgorithmParameters object represents. |
|
94 * Currently, it is always an instance of NamedCurve. |
|
95 */ |
|
96 private NamedCurve namedCurve; |
|
97 |
|
98 // A public constructor is required by AlgorithmParameters class. |
|
99 public ECParameters() { |
|
100 // empty |
|
101 } |
|
102 |
|
103 // AlgorithmParameterSpi methods |
|
104 |
|
105 protected void engineInit(AlgorithmParameterSpec paramSpec) |
|
106 throws InvalidParameterSpecException { |
|
107 |
|
108 if (paramSpec == null) { |
|
109 throw new InvalidParameterSpecException |
|
110 ("paramSpec must not be null"); |
|
111 } |
|
112 |
|
113 if (paramSpec instanceof NamedCurve) { |
|
114 namedCurve = (NamedCurve)paramSpec; |
|
115 return; |
|
116 } |
|
117 |
|
118 if (paramSpec instanceof ECParameterSpec) { |
|
119 namedCurve = CurveDB.lookup((ECParameterSpec)paramSpec); |
|
120 } else if (paramSpec instanceof ECGenParameterSpec) { |
|
121 String name = ((ECGenParameterSpec)paramSpec).getName(); |
|
122 namedCurve = CurveDB.lookup(name); |
|
123 } else if (paramSpec instanceof ECKeySizeParameterSpec) { |
|
124 int keySize = ((ECKeySizeParameterSpec)paramSpec).getKeySize(); |
|
125 namedCurve = CurveDB.lookup(keySize); |
|
126 } else { |
|
127 throw new InvalidParameterSpecException |
|
128 ("Only ECParameterSpec and ECGenParameterSpec supported"); |
|
129 } |
|
130 |
|
131 if (namedCurve == null) { |
|
132 throw new InvalidParameterSpecException( |
|
133 "Not a supported curve: " + paramSpec); |
|
134 } |
|
135 } |
|
136 |
|
137 protected void engineInit(byte[] params) throws IOException { |
|
138 DerValue encodedParams = new DerValue(params); |
|
139 if (encodedParams.tag == DerValue.tag_ObjectId) { |
|
140 ObjectIdentifier oid = encodedParams.getOID(); |
|
141 NamedCurve spec = CurveDB.lookup(oid.toString()); |
|
142 if (spec == null) { |
|
143 throw new IOException("Unknown named curve: " + oid); |
|
144 } |
|
145 |
|
146 namedCurve = spec; |
|
147 return; |
|
148 } |
|
149 |
|
150 throw new IOException("Only named ECParameters supported"); |
|
151 |
|
152 // The code below is incomplete. |
|
153 // It is left as a starting point for a complete parsing implementation. |
|
154 |
|
155 /* |
|
156 if (encodedParams.tag != DerValue.tag_Sequence) { |
|
157 throw new IOException("Unsupported EC parameters, tag: " + |
|
158 encodedParams.tag); |
|
159 } |
|
160 |
|
161 encodedParams.data.reset(); |
|
162 |
|
163 DerInputStream in = encodedParams.data; |
|
164 |
|
165 int version = in.getInteger(); |
|
166 if (version != 1) { |
|
167 throw new IOException("Unsupported EC parameters version: " + |
|
168 version); |
|
169 } |
|
170 ECField field = parseField(in); |
|
171 EllipticCurve curve = parseCurve(in, field); |
|
172 ECPoint point = parsePoint(in, curve); |
|
173 |
|
174 BigInteger order = in.getBigInteger(); |
|
175 int cofactor = 0; |
|
176 |
|
177 if (in.available() != 0) { |
|
178 cofactor = in.getInteger(); |
|
179 } |
|
180 |
|
181 // XXX HashAlgorithm optional |
|
182 |
|
183 if (encodedParams.data.available() != 0) { |
|
184 throw new IOException("encoded params have " + |
|
185 encodedParams.data.available() + |
|
186 " extra bytes"); |
|
187 } |
|
188 |
|
189 return new ECParameterSpec(curve, point, order, cofactor); |
|
190 */ |
|
191 } |
|
192 |
|
193 protected void engineInit(byte[] params, String decodingMethod) |
|
194 throws IOException { |
|
195 engineInit(params); |
|
196 } |
|
197 |
|
198 protected <T extends AlgorithmParameterSpec> T |
|
199 engineGetParameterSpec(Class<T> spec) |
|
200 throws InvalidParameterSpecException { |
|
201 |
|
202 if (spec.isAssignableFrom(ECParameterSpec.class)) { |
|
203 return spec.cast(namedCurve); |
|
204 } |
|
205 |
|
206 if (spec.isAssignableFrom(ECGenParameterSpec.class)) { |
|
207 // Ensure the name is the Object ID |
|
208 String name = namedCurve.getObjectId(); |
|
209 return spec.cast(new ECGenParameterSpec(name)); |
|
210 } |
|
211 |
|
212 if (spec.isAssignableFrom(ECKeySizeParameterSpec.class)) { |
|
213 int keySize = namedCurve.getCurve().getField().getFieldSize(); |
|
214 return spec.cast(new ECKeySizeParameterSpec(keySize)); |
|
215 } |
|
216 |
|
217 throw new InvalidParameterSpecException( |
|
218 "Only ECParameterSpec and ECGenParameterSpec supported"); |
|
219 } |
|
220 |
|
221 protected byte[] engineGetEncoded() throws IOException { |
|
222 return namedCurve.getEncoded(); |
|
223 } |
|
224 |
|
225 protected byte[] engineGetEncoded(String encodingMethod) |
|
226 throws IOException { |
|
227 return engineGetEncoded(); |
|
228 } |
|
229 |
|
230 protected String engineToString() { |
|
231 if (namedCurve == null) { |
|
232 return "Not initialized"; |
|
233 } |
|
234 |
|
235 return namedCurve.toString(); |
|
236 } |
|
237 } |
|
238 |
|