jdk/src/java.base/share/classes/com/sun/crypto/provider/CipherWithWrappingSpi.java
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/java.base/share/classes/com/sun/crypto/provider/CipherWithWrappingSpi.java Sun Aug 17 15:54:13 2014 +0100
@@ -0,0 +1,259 @@
+/*
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.sun.crypto.provider;
+
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.PrivateKey;
+import java.security.KeyFactory;
+import java.security.InvalidKeyException;
+import java.security.NoSuchProviderException;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.security.spec.InvalidKeySpecException;
+
+import javax.crypto.Cipher;
+import javax.crypto.CipherSpi;
+import javax.crypto.SecretKey;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.BadPaddingException;
+import javax.crypto.spec.SecretKeySpec;
+
+/**
+ * This class entends the javax.crypto.CipherSpi class with a concrete
+ * implementation of the methods for wrapping and unwrapping
+ * keys.
+ *
+ * @author Sharon Liu
+ *
+ *
+ * @see javax.crypto.CipherSpi
+ * @see BlowfishCipher
+ * @see DESCipher
+ * @see PBEWithMD5AndDESCipher
+ */
+
+public abstract class CipherWithWrappingSpi extends CipherSpi {
+
+ /**
+ * Wrap a key.
+ *
+ * @param key the key to be wrapped.
+ *
+ * @return the wrapped key.
+ *
+ * @exception IllegalBlockSizeException if this cipher is a block
+ * cipher, no padding has been requested, and the length of the
+ * encoding of the key to be wrapped is not a
+ * multiple of the block size.
+ *
+ * @exception InvalidKeyException if it is impossible or unsafe to
+ * wrap the key with this cipher (e.g., a hardware protected key is
+ * being passed to a software only cipher).
+ */
+ protected final byte[] engineWrap(Key key)
+ throws IllegalBlockSizeException, InvalidKeyException
+ {
+ byte[] result = null;
+
+ try {
+ byte[] encodedKey = key.getEncoded();
+ if ((encodedKey == null) || (encodedKey.length == 0)) {
+ throw new InvalidKeyException("Cannot get an encoding of " +
+ "the key to be wrapped");
+ }
+
+ result = engineDoFinal(encodedKey, 0, encodedKey.length);
+ } catch (BadPaddingException e) {
+ // Should never happen
+ }
+
+ return result;
+ }
+
+ /**
+ * Unwrap a previously wrapped key.
+ *
+ * @param wrappedKey the key to be unwrapped.
+ *
+ * @param wrappedKeyAlgorithm the algorithm the wrapped key is for.
+ *
+ * @param wrappedKeyType the type of the wrapped key.
+ * This is one of <code>Cipher.SECRET_KEY</code>,
+ * <code>Cipher.PRIVATE_KEY</code>, or <code>Cipher.PUBLIC_KEY</code>.
+ *
+ * @return the unwrapped key.
+ *
+ * @exception InvalidKeyException if <code>wrappedKey</code> does not
+ * represent a wrapped key, or if the algorithm associated with the
+ * wrapped key is different from <code>wrappedKeyAlgorithm</code>
+ * and/or its key type is different from <code>wrappedKeyType</code>.
+ *
+ * @exception NoSuchAlgorithmException if no installed providers
+ * can create keys for the <code>wrappedKeyAlgorithm</code>.
+ */
+ protected final Key engineUnwrap(byte[] wrappedKey,
+ String wrappedKeyAlgorithm,
+ int wrappedKeyType)
+ throws InvalidKeyException, NoSuchAlgorithmException
+ {
+ byte[] encodedKey;
+ Key result = null;
+
+ try {
+ encodedKey = engineDoFinal(wrappedKey, 0,
+ wrappedKey.length);
+ } catch (BadPaddingException ePadding) {
+ throw new InvalidKeyException();
+ } catch (IllegalBlockSizeException eBlockSize) {
+ throw new InvalidKeyException();
+ }
+
+ switch (wrappedKeyType) {
+ case Cipher.SECRET_KEY:
+ result = constructSecretKey(encodedKey,
+ wrappedKeyAlgorithm);
+ break;
+ case Cipher.PRIVATE_KEY:
+ result = constructPrivateKey(encodedKey,
+ wrappedKeyAlgorithm);
+ break;
+ case Cipher.PUBLIC_KEY:
+ result = constructPublicKey(encodedKey,
+ wrappedKeyAlgorithm);
+ break;
+ }
+
+ return result;
+
+ }
+
+ /**
+ * Construct a public key from its encoding.
+ *
+ * @param encodedKey the encoding of a public key.
+ *
+ * @param encodedKeyAlgorithm the algorithm the encodedKey is for.
+ *
+ * @return a public key constructed from the encodedKey.
+ */
+ private final PublicKey constructPublicKey(byte[] encodedKey,
+ String encodedKeyAlgorithm)
+ throws InvalidKeyException, NoSuchAlgorithmException
+ {
+ PublicKey key = null;
+
+ try {
+ KeyFactory keyFactory =
+ KeyFactory.getInstance(encodedKeyAlgorithm,
+ SunJCE.getInstance());
+ X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
+ key = keyFactory.generatePublic(keySpec);
+ } catch (NoSuchAlgorithmException nsae) {
+ // Try to see whether there is another
+ // provider which supports this algorithm
+ try {
+ KeyFactory keyFactory =
+ KeyFactory.getInstance(encodedKeyAlgorithm);
+ X509EncodedKeySpec keySpec =
+ new X509EncodedKeySpec(encodedKey);
+ key = keyFactory.generatePublic(keySpec);
+ } catch (NoSuchAlgorithmException nsae2) {
+ throw new NoSuchAlgorithmException("No installed providers " +
+ "can create keys for the " +
+ encodedKeyAlgorithm +
+ "algorithm");
+ } catch (InvalidKeySpecException ikse2) {
+ // Should never happen.
+ }
+ } catch (InvalidKeySpecException ikse) {
+ // Should never happen.
+ }
+
+ return key;
+ }
+
+ /**
+ * Construct a private key from its encoding.
+ *
+ * @param encodedKey the encoding of a private key.
+ *
+ * @param encodedKeyAlgorithm the algorithm the wrapped key is for.
+ *
+ * @return a private key constructed from the encodedKey.
+ */
+ private final PrivateKey constructPrivateKey(byte[] encodedKey,
+ String encodedKeyAlgorithm)
+ throws InvalidKeyException, NoSuchAlgorithmException
+ {
+ PrivateKey key = null;
+
+ try {
+ KeyFactory keyFactory =
+ KeyFactory.getInstance(encodedKeyAlgorithm,
+ SunJCE.getInstance());
+ PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey);
+ return keyFactory.generatePrivate(keySpec);
+ } catch (NoSuchAlgorithmException nsae) {
+ // Try to see whether there is another
+ // provider which supports this algorithm
+ try {
+ KeyFactory keyFactory =
+ KeyFactory.getInstance(encodedKeyAlgorithm);
+ PKCS8EncodedKeySpec keySpec =
+ new PKCS8EncodedKeySpec(encodedKey);
+ key = keyFactory.generatePrivate(keySpec);
+ } catch (NoSuchAlgorithmException nsae2) {
+ throw new NoSuchAlgorithmException("No installed providers " +
+ "can create keys for the " +
+ encodedKeyAlgorithm +
+ "algorithm");
+ } catch (InvalidKeySpecException ikse2) {
+ // Should never happen.
+ }
+ } catch (InvalidKeySpecException ikse) {
+ // Should never happen.
+ }
+
+ return key;
+ }
+
+ /**
+ * Construct a secret key from its encoding.
+ *
+ * @param encodedKey the encoding of a secret key.
+ *
+ * @param encodedKeyAlgorithm the algorithm the secret key is for.
+ *
+ * @return a secret key constructed from the encodedKey.
+ */
+ private final SecretKey constructSecretKey(byte[] encodedKey,
+ String encodedKeyAlgorithm)
+ {
+ return (new SecretKeySpec(encodedKey, encodedKeyAlgorithm));
+ }
+}