|
1 /* |
|
2 * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. Oracle designates this |
|
8 * particular file as subject to the "Classpath" exception as provided |
|
9 * by Oracle in the LICENSE file that accompanied this code. |
|
10 * |
|
11 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 * version 2 for more details (a copy is included in the LICENSE file that |
|
15 * accompanied this code). |
|
16 * |
|
17 * You should have received a copy of the GNU General Public License version |
|
18 * 2 along with this work; if not, write to the Free Software Foundation, |
|
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 * |
|
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 * or visit www.oracle.com if you need additional information or have any |
|
23 * questions. |
|
24 */ |
|
25 |
|
26 package sun.security.pkcs11; |
|
27 |
|
28 import java.io.*; |
|
29 import java.lang.ref.*; |
|
30 import java.math.BigInteger; |
|
31 import java.util.*; |
|
32 |
|
33 import java.security.*; |
|
34 import java.security.interfaces.*; |
|
35 import java.security.spec.*; |
|
36 |
|
37 import javax.crypto.*; |
|
38 import javax.crypto.interfaces.*; |
|
39 import javax.crypto.spec.*; |
|
40 |
|
41 import sun.security.rsa.RSAPublicKeyImpl; |
|
42 |
|
43 import sun.security.internal.interfaces.TlsMasterSecret; |
|
44 |
|
45 import sun.security.pkcs11.wrapper.*; |
|
46 import static sun.security.pkcs11.wrapper.PKCS11Constants.*; |
|
47 |
|
48 import sun.security.util.Debug; |
|
49 import sun.security.util.DerValue; |
|
50 import sun.security.util.Length; |
|
51 import sun.security.util.ECUtil; |
|
52 |
|
53 /** |
|
54 * Key implementation classes. |
|
55 * |
|
56 * In PKCS#11, the components of private and secret keys may or may not |
|
57 * be accessible. If they are, we use the algorithm specific key classes |
|
58 * (e.g. DSAPrivateKey) for compatibility with existing applications. |
|
59 * If the components are not accessible, we use a generic class that |
|
60 * only implements PrivateKey (or SecretKey). Whether the components of a |
|
61 * key are extractable is automatically determined when the key object is |
|
62 * created. |
|
63 * |
|
64 * @author Andreas Sterbenz |
|
65 * @since 1.5 |
|
66 */ |
|
67 abstract class P11Key implements Key, Length { |
|
68 |
|
69 private static final long serialVersionUID = -2575874101938349339L; |
|
70 |
|
71 private final static String PUBLIC = "public"; |
|
72 private final static String PRIVATE = "private"; |
|
73 private final static String SECRET = "secret"; |
|
74 |
|
75 // type of key, one of (PUBLIC, PRIVATE, SECRET) |
|
76 final String type; |
|
77 |
|
78 // token instance |
|
79 final Token token; |
|
80 |
|
81 // algorithm name, returned by getAlgorithm(), etc. |
|
82 final String algorithm; |
|
83 |
|
84 // key id |
|
85 final long keyID; |
|
86 |
|
87 // effective key length of the key, e.g. 56 for a DES key |
|
88 final int keyLength; |
|
89 |
|
90 // flags indicating whether the key is a token object, sensitive, extractable |
|
91 final boolean tokenObject, sensitive, extractable; |
|
92 |
|
93 // phantom reference notification clean up for session keys |
|
94 private final SessionKeyRef sessionKeyRef; |
|
95 |
|
96 P11Key(String type, Session session, long keyID, String algorithm, |
|
97 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
98 this.type = type; |
|
99 this.token = session.token; |
|
100 this.keyID = keyID; |
|
101 this.algorithm = algorithm; |
|
102 this.keyLength = keyLength; |
|
103 boolean tokenObject = false; |
|
104 boolean sensitive = false; |
|
105 boolean extractable = true; |
|
106 int n = (attributes == null) ? 0 : attributes.length; |
|
107 for (int i = 0; i < n; i++) { |
|
108 CK_ATTRIBUTE attr = attributes[i]; |
|
109 if (attr.type == CKA_TOKEN) { |
|
110 tokenObject = attr.getBoolean(); |
|
111 } else if (attr.type == CKA_SENSITIVE) { |
|
112 sensitive = attr.getBoolean(); |
|
113 } else if (attr.type == CKA_EXTRACTABLE) { |
|
114 extractable = attr.getBoolean(); |
|
115 } |
|
116 } |
|
117 this.tokenObject = tokenObject; |
|
118 this.sensitive = sensitive; |
|
119 this.extractable = extractable; |
|
120 if (tokenObject == false) { |
|
121 sessionKeyRef = new SessionKeyRef(this, keyID, session); |
|
122 } else { |
|
123 sessionKeyRef = null; |
|
124 } |
|
125 } |
|
126 |
|
127 // see JCA spec |
|
128 public final String getAlgorithm() { |
|
129 token.ensureValid(); |
|
130 return algorithm; |
|
131 } |
|
132 |
|
133 // see JCA spec |
|
134 public final byte[] getEncoded() { |
|
135 byte[] b = getEncodedInternal(); |
|
136 return (b == null) ? null : b.clone(); |
|
137 } |
|
138 |
|
139 abstract byte[] getEncodedInternal(); |
|
140 |
|
141 public boolean equals(Object obj) { |
|
142 if (this == obj) { |
|
143 return true; |
|
144 } |
|
145 // equals() should never throw exceptions |
|
146 if (token.isValid() == false) { |
|
147 return false; |
|
148 } |
|
149 if (obj instanceof Key == false) { |
|
150 return false; |
|
151 } |
|
152 String thisFormat = getFormat(); |
|
153 if (thisFormat == null) { |
|
154 // no encoding, key only equal to itself |
|
155 // XXX getEncoded() for unextractable keys will change that |
|
156 return false; |
|
157 } |
|
158 Key other = (Key)obj; |
|
159 if (thisFormat.equals(other.getFormat()) == false) { |
|
160 return false; |
|
161 } |
|
162 byte[] thisEnc = this.getEncodedInternal(); |
|
163 byte[] otherEnc; |
|
164 if (obj instanceof P11Key) { |
|
165 otherEnc = ((P11Key)other).getEncodedInternal(); |
|
166 } else { |
|
167 otherEnc = other.getEncoded(); |
|
168 } |
|
169 return MessageDigest.isEqual(thisEnc, otherEnc); |
|
170 } |
|
171 |
|
172 public int hashCode() { |
|
173 // hashCode() should never throw exceptions |
|
174 if (token.isValid() == false) { |
|
175 return 0; |
|
176 } |
|
177 byte[] b1 = getEncodedInternal(); |
|
178 if (b1 == null) { |
|
179 return 0; |
|
180 } |
|
181 int r = b1.length; |
|
182 for (int i = 0; i < b1.length; i++) { |
|
183 r += (b1[i] & 0xff) * 37; |
|
184 } |
|
185 return r; |
|
186 } |
|
187 |
|
188 protected Object writeReplace() throws ObjectStreamException { |
|
189 KeyRep.Type type; |
|
190 String format = getFormat(); |
|
191 if (isPrivate() && "PKCS#8".equals(format)) { |
|
192 type = KeyRep.Type.PRIVATE; |
|
193 } else if (isPublic() && "X.509".equals(format)) { |
|
194 type = KeyRep.Type.PUBLIC; |
|
195 } else if (isSecret() && "RAW".equals(format)) { |
|
196 type = KeyRep.Type.SECRET; |
|
197 } else { |
|
198 // XXX short term serialization for unextractable keys |
|
199 throw new NotSerializableException |
|
200 ("Cannot serialize sensitive and unextractable keys"); |
|
201 } |
|
202 return new KeyRep(type, getAlgorithm(), format, getEncoded()); |
|
203 } |
|
204 |
|
205 public String toString() { |
|
206 token.ensureValid(); |
|
207 String s1 = token.provider.getName() + " " + algorithm + " " + type |
|
208 + " key, " + keyLength + " bits"; |
|
209 s1 += " (id " + keyID + ", " |
|
210 + (tokenObject ? "token" : "session") + " object"; |
|
211 if (isPublic()) { |
|
212 s1 += ")"; |
|
213 } else { |
|
214 s1 += ", " + (sensitive ? "" : "not ") + "sensitive"; |
|
215 s1 += ", " + (extractable ? "" : "un") + "extractable)"; |
|
216 } |
|
217 return s1; |
|
218 } |
|
219 |
|
220 /** |
|
221 * Return bit length of the key. |
|
222 */ |
|
223 @Override |
|
224 public int length() { |
|
225 return keyLength; |
|
226 } |
|
227 |
|
228 boolean isPublic() { |
|
229 return type == PUBLIC; |
|
230 } |
|
231 |
|
232 boolean isPrivate() { |
|
233 return type == PRIVATE; |
|
234 } |
|
235 |
|
236 boolean isSecret() { |
|
237 return type == SECRET; |
|
238 } |
|
239 |
|
240 void fetchAttributes(CK_ATTRIBUTE[] attributes) { |
|
241 Session tempSession = null; |
|
242 try { |
|
243 tempSession = token.getOpSession(); |
|
244 token.p11.C_GetAttributeValue(tempSession.id(), keyID, attributes); |
|
245 } catch (PKCS11Exception e) { |
|
246 throw new ProviderException(e); |
|
247 } finally { |
|
248 token.releaseSession(tempSession); |
|
249 } |
|
250 } |
|
251 |
|
252 private final static CK_ATTRIBUTE[] A0 = new CK_ATTRIBUTE[0]; |
|
253 |
|
254 private static CK_ATTRIBUTE[] getAttributes(Session session, long keyID, |
|
255 CK_ATTRIBUTE[] knownAttributes, CK_ATTRIBUTE[] desiredAttributes) { |
|
256 if (knownAttributes == null) { |
|
257 knownAttributes = A0; |
|
258 } |
|
259 for (int i = 0; i < desiredAttributes.length; i++) { |
|
260 // For each desired attribute, check to see if we have the value |
|
261 // available already. If everything is here, we save a native call. |
|
262 CK_ATTRIBUTE attr = desiredAttributes[i]; |
|
263 for (CK_ATTRIBUTE known : knownAttributes) { |
|
264 if ((attr.type == known.type) && (known.pValue != null)) { |
|
265 attr.pValue = known.pValue; |
|
266 break; // break inner for loop |
|
267 } |
|
268 } |
|
269 if (attr.pValue == null) { |
|
270 // nothing found, need to call C_GetAttributeValue() |
|
271 for (int j = 0; j < i; j++) { |
|
272 // clear values copied from knownAttributes |
|
273 desiredAttributes[j].pValue = null; |
|
274 } |
|
275 try { |
|
276 session.token.p11.C_GetAttributeValue |
|
277 (session.id(), keyID, desiredAttributes); |
|
278 } catch (PKCS11Exception e) { |
|
279 throw new ProviderException(e); |
|
280 } |
|
281 break; // break loop, goto return |
|
282 } |
|
283 } |
|
284 return desiredAttributes; |
|
285 } |
|
286 |
|
287 static SecretKey secretKey(Session session, long keyID, String algorithm, |
|
288 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
289 attributes = getAttributes(session, keyID, attributes, new CK_ATTRIBUTE[] { |
|
290 new CK_ATTRIBUTE(CKA_TOKEN), |
|
291 new CK_ATTRIBUTE(CKA_SENSITIVE), |
|
292 new CK_ATTRIBUTE(CKA_EXTRACTABLE), |
|
293 }); |
|
294 return new P11SecretKey(session, keyID, algorithm, keyLength, attributes); |
|
295 } |
|
296 |
|
297 static SecretKey masterSecretKey(Session session, long keyID, String algorithm, |
|
298 int keyLength, CK_ATTRIBUTE[] attributes, int major, int minor) { |
|
299 attributes = getAttributes(session, keyID, attributes, new CK_ATTRIBUTE[] { |
|
300 new CK_ATTRIBUTE(CKA_TOKEN), |
|
301 new CK_ATTRIBUTE(CKA_SENSITIVE), |
|
302 new CK_ATTRIBUTE(CKA_EXTRACTABLE), |
|
303 }); |
|
304 return new P11TlsMasterSecretKey |
|
305 (session, keyID, algorithm, keyLength, attributes, major, minor); |
|
306 } |
|
307 |
|
308 // we assume that all components of public keys are always accessible |
|
309 static PublicKey publicKey(Session session, long keyID, String algorithm, |
|
310 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
311 switch (algorithm) { |
|
312 case "RSA": |
|
313 return new P11RSAPublicKey |
|
314 (session, keyID, algorithm, keyLength, attributes); |
|
315 case "DSA": |
|
316 return new P11DSAPublicKey |
|
317 (session, keyID, algorithm, keyLength, attributes); |
|
318 case "DH": |
|
319 return new P11DHPublicKey |
|
320 (session, keyID, algorithm, keyLength, attributes); |
|
321 case "EC": |
|
322 return new P11ECPublicKey |
|
323 (session, keyID, algorithm, keyLength, attributes); |
|
324 default: |
|
325 throw new ProviderException |
|
326 ("Unknown public key algorithm " + algorithm); |
|
327 } |
|
328 } |
|
329 |
|
330 static PrivateKey privateKey(Session session, long keyID, String algorithm, |
|
331 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
332 attributes = getAttributes(session, keyID, attributes, new CK_ATTRIBUTE[] { |
|
333 new CK_ATTRIBUTE(CKA_TOKEN), |
|
334 new CK_ATTRIBUTE(CKA_SENSITIVE), |
|
335 new CK_ATTRIBUTE(CKA_EXTRACTABLE), |
|
336 }); |
|
337 if (attributes[1].getBoolean() || (attributes[2].getBoolean() == false)) { |
|
338 return new P11PrivateKey |
|
339 (session, keyID, algorithm, keyLength, attributes); |
|
340 } else { |
|
341 switch (algorithm) { |
|
342 case "RSA": |
|
343 // In order to decide if this is RSA CRT key, we first query |
|
344 // and see if all extra CRT attributes are available. |
|
345 CK_ATTRIBUTE[] attrs2 = new CK_ATTRIBUTE[] { |
|
346 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), |
|
347 new CK_ATTRIBUTE(CKA_PRIME_1), |
|
348 new CK_ATTRIBUTE(CKA_PRIME_2), |
|
349 new CK_ATTRIBUTE(CKA_EXPONENT_1), |
|
350 new CK_ATTRIBUTE(CKA_EXPONENT_2), |
|
351 new CK_ATTRIBUTE(CKA_COEFFICIENT), |
|
352 }; |
|
353 boolean crtKey; |
|
354 try { |
|
355 session.token.p11.C_GetAttributeValue |
|
356 (session.id(), keyID, attrs2); |
|
357 crtKey = ((attrs2[0].pValue instanceof byte[]) && |
|
358 (attrs2[1].pValue instanceof byte[]) && |
|
359 (attrs2[2].pValue instanceof byte[]) && |
|
360 (attrs2[3].pValue instanceof byte[]) && |
|
361 (attrs2[4].pValue instanceof byte[]) && |
|
362 (attrs2[5].pValue instanceof byte[])) ; |
|
363 } catch (PKCS11Exception e) { |
|
364 // ignore, assume not available |
|
365 crtKey = false; |
|
366 } |
|
367 if (crtKey) { |
|
368 return new P11RSAPrivateKey |
|
369 (session, keyID, algorithm, keyLength, attributes, attrs2); |
|
370 } else { |
|
371 return new P11RSAPrivateNonCRTKey |
|
372 (session, keyID, algorithm, keyLength, attributes); |
|
373 } |
|
374 case "DSA": |
|
375 return new P11DSAPrivateKey |
|
376 (session, keyID, algorithm, keyLength, attributes); |
|
377 case "DH": |
|
378 return new P11DHPrivateKey |
|
379 (session, keyID, algorithm, keyLength, attributes); |
|
380 case "EC": |
|
381 return new P11ECPrivateKey |
|
382 (session, keyID, algorithm, keyLength, attributes); |
|
383 default: |
|
384 throw new ProviderException |
|
385 ("Unknown private key algorithm " + algorithm); |
|
386 } |
|
387 } |
|
388 } |
|
389 |
|
390 // class for sensitive and unextractable private keys |
|
391 private static final class P11PrivateKey extends P11Key |
|
392 implements PrivateKey { |
|
393 private static final long serialVersionUID = -2138581185214187615L; |
|
394 |
|
395 P11PrivateKey(Session session, long keyID, String algorithm, |
|
396 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
397 super(PRIVATE, session, keyID, algorithm, keyLength, attributes); |
|
398 } |
|
399 // XXX temporary encoding for serialization purposes |
|
400 public String getFormat() { |
|
401 token.ensureValid(); |
|
402 return null; |
|
403 } |
|
404 byte[] getEncodedInternal() { |
|
405 token.ensureValid(); |
|
406 return null; |
|
407 } |
|
408 } |
|
409 |
|
410 private static class P11SecretKey extends P11Key implements SecretKey { |
|
411 private static final long serialVersionUID = -7828241727014329084L; |
|
412 private volatile byte[] encoded; |
|
413 P11SecretKey(Session session, long keyID, String algorithm, |
|
414 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
415 super(SECRET, session, keyID, algorithm, keyLength, attributes); |
|
416 } |
|
417 public String getFormat() { |
|
418 token.ensureValid(); |
|
419 if (sensitive || (extractable == false)) { |
|
420 return null; |
|
421 } else { |
|
422 return "RAW"; |
|
423 } |
|
424 } |
|
425 byte[] getEncodedInternal() { |
|
426 token.ensureValid(); |
|
427 if (getFormat() == null) { |
|
428 return null; |
|
429 } |
|
430 byte[] b = encoded; |
|
431 if (b == null) { |
|
432 synchronized (this) { |
|
433 b = encoded; |
|
434 if (b == null) { |
|
435 Session tempSession = null; |
|
436 try { |
|
437 tempSession = token.getOpSession(); |
|
438 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
439 new CK_ATTRIBUTE(CKA_VALUE), |
|
440 }; |
|
441 token.p11.C_GetAttributeValue |
|
442 (tempSession.id(), keyID, attributes); |
|
443 b = attributes[0].getByteArray(); |
|
444 } catch (PKCS11Exception e) { |
|
445 throw new ProviderException(e); |
|
446 } finally { |
|
447 token.releaseSession(tempSession); |
|
448 } |
|
449 encoded = b; |
|
450 } |
|
451 } |
|
452 } |
|
453 return b; |
|
454 } |
|
455 } |
|
456 |
|
457 @SuppressWarnings("deprecation") |
|
458 private static class P11TlsMasterSecretKey extends P11SecretKey |
|
459 implements TlsMasterSecret { |
|
460 private static final long serialVersionUID = -1318560923770573441L; |
|
461 |
|
462 private final int majorVersion, minorVersion; |
|
463 P11TlsMasterSecretKey(Session session, long keyID, String algorithm, |
|
464 int keyLength, CK_ATTRIBUTE[] attributes, int major, int minor) { |
|
465 super(session, keyID, algorithm, keyLength, attributes); |
|
466 this.majorVersion = major; |
|
467 this.minorVersion = minor; |
|
468 } |
|
469 public int getMajorVersion() { |
|
470 return majorVersion; |
|
471 } |
|
472 |
|
473 public int getMinorVersion() { |
|
474 return minorVersion; |
|
475 } |
|
476 } |
|
477 |
|
478 // RSA CRT private key |
|
479 private static final class P11RSAPrivateKey extends P11Key |
|
480 implements RSAPrivateCrtKey { |
|
481 private static final long serialVersionUID = 9215872438913515220L; |
|
482 |
|
483 private BigInteger n, e, d, p, q, pe, qe, coeff; |
|
484 private byte[] encoded; |
|
485 P11RSAPrivateKey(Session session, long keyID, String algorithm, |
|
486 int keyLength, CK_ATTRIBUTE[] attrs, CK_ATTRIBUTE[] crtAttrs) { |
|
487 super(PRIVATE, session, keyID, algorithm, keyLength, attrs); |
|
488 |
|
489 for (CK_ATTRIBUTE a : crtAttrs) { |
|
490 if (a.type == CKA_PUBLIC_EXPONENT) { |
|
491 e = a.getBigInteger(); |
|
492 } else if (a.type == CKA_PRIME_1) { |
|
493 p = a.getBigInteger(); |
|
494 } else if (a.type == CKA_PRIME_2) { |
|
495 q = a.getBigInteger(); |
|
496 } else if (a.type == CKA_EXPONENT_1) { |
|
497 pe = a.getBigInteger(); |
|
498 } else if (a.type == CKA_EXPONENT_2) { |
|
499 qe = a.getBigInteger(); |
|
500 } else if (a.type == CKA_COEFFICIENT) { |
|
501 coeff = a.getBigInteger(); |
|
502 } |
|
503 } |
|
504 } |
|
505 private synchronized void fetchValues() { |
|
506 token.ensureValid(); |
|
507 if (n != null) { |
|
508 return; |
|
509 } |
|
510 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
511 new CK_ATTRIBUTE(CKA_MODULUS), |
|
512 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT), |
|
513 }; |
|
514 fetchAttributes(attributes); |
|
515 n = attributes[0].getBigInteger(); |
|
516 d = attributes[1].getBigInteger(); |
|
517 } |
|
518 |
|
519 public String getFormat() { |
|
520 token.ensureValid(); |
|
521 return "PKCS#8"; |
|
522 } |
|
523 synchronized byte[] getEncodedInternal() { |
|
524 token.ensureValid(); |
|
525 if (encoded == null) { |
|
526 fetchValues(); |
|
527 try { |
|
528 // XXX make constructor in SunRsaSign provider public |
|
529 // and call it directly |
|
530 KeyFactory factory = KeyFactory.getInstance |
|
531 ("RSA", P11Util.getSunRsaSignProvider()); |
|
532 Key newKey = factory.translateKey(this); |
|
533 encoded = newKey.getEncoded(); |
|
534 } catch (GeneralSecurityException e) { |
|
535 throw new ProviderException(e); |
|
536 } |
|
537 } |
|
538 return encoded; |
|
539 } |
|
540 public BigInteger getModulus() { |
|
541 fetchValues(); |
|
542 return n; |
|
543 } |
|
544 public BigInteger getPublicExponent() { |
|
545 return e; |
|
546 } |
|
547 public BigInteger getPrivateExponent() { |
|
548 fetchValues(); |
|
549 return d; |
|
550 } |
|
551 public BigInteger getPrimeP() { |
|
552 return p; |
|
553 } |
|
554 public BigInteger getPrimeQ() { |
|
555 return q; |
|
556 } |
|
557 public BigInteger getPrimeExponentP() { |
|
558 return pe; |
|
559 } |
|
560 public BigInteger getPrimeExponentQ() { |
|
561 return qe; |
|
562 } |
|
563 public BigInteger getCrtCoefficient() { |
|
564 return coeff; |
|
565 } |
|
566 } |
|
567 |
|
568 // RSA non-CRT private key |
|
569 private static final class P11RSAPrivateNonCRTKey extends P11Key |
|
570 implements RSAPrivateKey { |
|
571 private static final long serialVersionUID = 1137764983777411481L; |
|
572 |
|
573 private BigInteger n, d; |
|
574 private byte[] encoded; |
|
575 P11RSAPrivateNonCRTKey(Session session, long keyID, String algorithm, |
|
576 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
577 super(PRIVATE, session, keyID, algorithm, keyLength, attributes); |
|
578 } |
|
579 private synchronized void fetchValues() { |
|
580 token.ensureValid(); |
|
581 if (n != null) { |
|
582 return; |
|
583 } |
|
584 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
585 new CK_ATTRIBUTE(CKA_MODULUS), |
|
586 new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT), |
|
587 }; |
|
588 fetchAttributes(attributes); |
|
589 n = attributes[0].getBigInteger(); |
|
590 d = attributes[1].getBigInteger(); |
|
591 } |
|
592 public String getFormat() { |
|
593 token.ensureValid(); |
|
594 return "PKCS#8"; |
|
595 } |
|
596 synchronized byte[] getEncodedInternal() { |
|
597 token.ensureValid(); |
|
598 if (encoded == null) { |
|
599 fetchValues(); |
|
600 try { |
|
601 // XXX make constructor in SunRsaSign provider public |
|
602 // and call it directly |
|
603 KeyFactory factory = KeyFactory.getInstance |
|
604 ("RSA", P11Util.getSunRsaSignProvider()); |
|
605 Key newKey = factory.translateKey(this); |
|
606 encoded = newKey.getEncoded(); |
|
607 } catch (GeneralSecurityException e) { |
|
608 throw new ProviderException(e); |
|
609 } |
|
610 } |
|
611 return encoded; |
|
612 } |
|
613 public BigInteger getModulus() { |
|
614 fetchValues(); |
|
615 return n; |
|
616 } |
|
617 public BigInteger getPrivateExponent() { |
|
618 fetchValues(); |
|
619 return d; |
|
620 } |
|
621 } |
|
622 |
|
623 private static final class P11RSAPublicKey extends P11Key |
|
624 implements RSAPublicKey { |
|
625 private static final long serialVersionUID = -826726289023854455L; |
|
626 |
|
627 private BigInteger n, e; |
|
628 private byte[] encoded; |
|
629 P11RSAPublicKey(Session session, long keyID, String algorithm, |
|
630 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
631 super(PUBLIC, session, keyID, algorithm, keyLength, attributes); |
|
632 } |
|
633 private synchronized void fetchValues() { |
|
634 token.ensureValid(); |
|
635 if (n != null) { |
|
636 return; |
|
637 } |
|
638 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
639 new CK_ATTRIBUTE(CKA_MODULUS), |
|
640 new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), |
|
641 }; |
|
642 fetchAttributes(attributes); |
|
643 n = attributes[0].getBigInteger(); |
|
644 e = attributes[1].getBigInteger(); |
|
645 } |
|
646 public String getFormat() { |
|
647 token.ensureValid(); |
|
648 return "X.509"; |
|
649 } |
|
650 synchronized byte[] getEncodedInternal() { |
|
651 token.ensureValid(); |
|
652 if (encoded == null) { |
|
653 fetchValues(); |
|
654 try { |
|
655 encoded = new RSAPublicKeyImpl(n, e).getEncoded(); |
|
656 } catch (InvalidKeyException e) { |
|
657 throw new ProviderException(e); |
|
658 } |
|
659 } |
|
660 return encoded; |
|
661 } |
|
662 public BigInteger getModulus() { |
|
663 fetchValues(); |
|
664 return n; |
|
665 } |
|
666 public BigInteger getPublicExponent() { |
|
667 fetchValues(); |
|
668 return e; |
|
669 } |
|
670 public String toString() { |
|
671 fetchValues(); |
|
672 return super.toString() + "\n modulus: " + n |
|
673 + "\n public exponent: " + e; |
|
674 } |
|
675 } |
|
676 |
|
677 private static final class P11DSAPublicKey extends P11Key |
|
678 implements DSAPublicKey { |
|
679 private static final long serialVersionUID = 5989753793316396637L; |
|
680 |
|
681 private BigInteger y; |
|
682 private DSAParams params; |
|
683 private byte[] encoded; |
|
684 P11DSAPublicKey(Session session, long keyID, String algorithm, |
|
685 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
686 super(PUBLIC, session, keyID, algorithm, keyLength, attributes); |
|
687 } |
|
688 private synchronized void fetchValues() { |
|
689 token.ensureValid(); |
|
690 if (y != null) { |
|
691 return; |
|
692 } |
|
693 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
694 new CK_ATTRIBUTE(CKA_VALUE), |
|
695 new CK_ATTRIBUTE(CKA_PRIME), |
|
696 new CK_ATTRIBUTE(CKA_SUBPRIME), |
|
697 new CK_ATTRIBUTE(CKA_BASE), |
|
698 }; |
|
699 fetchAttributes(attributes); |
|
700 y = attributes[0].getBigInteger(); |
|
701 params = new DSAParameterSpec( |
|
702 attributes[1].getBigInteger(), |
|
703 attributes[2].getBigInteger(), |
|
704 attributes[3].getBigInteger() |
|
705 ); |
|
706 } |
|
707 public String getFormat() { |
|
708 token.ensureValid(); |
|
709 return "X.509"; |
|
710 } |
|
711 synchronized byte[] getEncodedInternal() { |
|
712 token.ensureValid(); |
|
713 if (encoded == null) { |
|
714 fetchValues(); |
|
715 try { |
|
716 Key key = new sun.security.provider.DSAPublicKey |
|
717 (y, params.getP(), params.getQ(), params.getG()); |
|
718 encoded = key.getEncoded(); |
|
719 } catch (InvalidKeyException e) { |
|
720 throw new ProviderException(e); |
|
721 } |
|
722 } |
|
723 return encoded; |
|
724 } |
|
725 public BigInteger getY() { |
|
726 fetchValues(); |
|
727 return y; |
|
728 } |
|
729 public DSAParams getParams() { |
|
730 fetchValues(); |
|
731 return params; |
|
732 } |
|
733 public String toString() { |
|
734 fetchValues(); |
|
735 return super.toString() + "\n y: " + y + "\n p: " + params.getP() |
|
736 + "\n q: " + params.getQ() + "\n g: " + params.getG(); |
|
737 } |
|
738 } |
|
739 |
|
740 private static final class P11DSAPrivateKey extends P11Key |
|
741 implements DSAPrivateKey { |
|
742 private static final long serialVersionUID = 3119629997181999389L; |
|
743 |
|
744 private BigInteger x; |
|
745 private DSAParams params; |
|
746 private byte[] encoded; |
|
747 P11DSAPrivateKey(Session session, long keyID, String algorithm, |
|
748 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
749 super(PRIVATE, session, keyID, algorithm, keyLength, attributes); |
|
750 } |
|
751 private synchronized void fetchValues() { |
|
752 token.ensureValid(); |
|
753 if (x != null) { |
|
754 return; |
|
755 } |
|
756 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
757 new CK_ATTRIBUTE(CKA_VALUE), |
|
758 new CK_ATTRIBUTE(CKA_PRIME), |
|
759 new CK_ATTRIBUTE(CKA_SUBPRIME), |
|
760 new CK_ATTRIBUTE(CKA_BASE), |
|
761 }; |
|
762 fetchAttributes(attributes); |
|
763 x = attributes[0].getBigInteger(); |
|
764 params = new DSAParameterSpec( |
|
765 attributes[1].getBigInteger(), |
|
766 attributes[2].getBigInteger(), |
|
767 attributes[3].getBigInteger() |
|
768 ); |
|
769 } |
|
770 public String getFormat() { |
|
771 token.ensureValid(); |
|
772 return "PKCS#8"; |
|
773 } |
|
774 synchronized byte[] getEncodedInternal() { |
|
775 token.ensureValid(); |
|
776 if (encoded == null) { |
|
777 fetchValues(); |
|
778 try { |
|
779 Key key = new sun.security.provider.DSAPrivateKey |
|
780 (x, params.getP(), params.getQ(), params.getG()); |
|
781 encoded = key.getEncoded(); |
|
782 } catch (InvalidKeyException e) { |
|
783 throw new ProviderException(e); |
|
784 } |
|
785 } |
|
786 return encoded; |
|
787 } |
|
788 public BigInteger getX() { |
|
789 fetchValues(); |
|
790 return x; |
|
791 } |
|
792 public DSAParams getParams() { |
|
793 fetchValues(); |
|
794 return params; |
|
795 } |
|
796 } |
|
797 |
|
798 private static final class P11DHPrivateKey extends P11Key |
|
799 implements DHPrivateKey { |
|
800 private static final long serialVersionUID = -1698576167364928838L; |
|
801 |
|
802 private BigInteger x; |
|
803 private DHParameterSpec params; |
|
804 private byte[] encoded; |
|
805 P11DHPrivateKey(Session session, long keyID, String algorithm, |
|
806 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
807 super(PRIVATE, session, keyID, algorithm, keyLength, attributes); |
|
808 } |
|
809 private synchronized void fetchValues() { |
|
810 token.ensureValid(); |
|
811 if (x != null) { |
|
812 return; |
|
813 } |
|
814 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
815 new CK_ATTRIBUTE(CKA_VALUE), |
|
816 new CK_ATTRIBUTE(CKA_PRIME), |
|
817 new CK_ATTRIBUTE(CKA_BASE), |
|
818 }; |
|
819 fetchAttributes(attributes); |
|
820 x = attributes[0].getBigInteger(); |
|
821 params = new DHParameterSpec( |
|
822 attributes[1].getBigInteger(), |
|
823 attributes[2].getBigInteger() |
|
824 ); |
|
825 } |
|
826 public String getFormat() { |
|
827 token.ensureValid(); |
|
828 return "PKCS#8"; |
|
829 } |
|
830 synchronized byte[] getEncodedInternal() { |
|
831 token.ensureValid(); |
|
832 if (encoded == null) { |
|
833 fetchValues(); |
|
834 try { |
|
835 DHPrivateKeySpec spec = new DHPrivateKeySpec |
|
836 (x, params.getP(), params.getG()); |
|
837 KeyFactory kf = KeyFactory.getInstance |
|
838 ("DH", P11Util.getSunJceProvider()); |
|
839 Key key = kf.generatePrivate(spec); |
|
840 encoded = key.getEncoded(); |
|
841 } catch (GeneralSecurityException e) { |
|
842 throw new ProviderException(e); |
|
843 } |
|
844 } |
|
845 return encoded; |
|
846 } |
|
847 public BigInteger getX() { |
|
848 fetchValues(); |
|
849 return x; |
|
850 } |
|
851 public DHParameterSpec getParams() { |
|
852 fetchValues(); |
|
853 return params; |
|
854 } |
|
855 public int hashCode() { |
|
856 if (token.isValid() == false) { |
|
857 return 0; |
|
858 } |
|
859 fetchValues(); |
|
860 return Objects.hash(x, params.getP(), params.getG()); |
|
861 } |
|
862 public boolean equals(Object obj) { |
|
863 if (this == obj) return true; |
|
864 // equals() should never throw exceptions |
|
865 if (token.isValid() == false) { |
|
866 return false; |
|
867 } |
|
868 if (!(obj instanceof DHPrivateKey)) { |
|
869 return false; |
|
870 } |
|
871 fetchValues(); |
|
872 DHPrivateKey other = (DHPrivateKey) obj; |
|
873 DHParameterSpec otherParams = other.getParams(); |
|
874 return ((this.x.compareTo(other.getX()) == 0) && |
|
875 (this.params.getP().compareTo(otherParams.getP()) == 0) && |
|
876 (this.params.getG().compareTo(otherParams.getG()) == 0)); |
|
877 } |
|
878 } |
|
879 |
|
880 private static final class P11DHPublicKey extends P11Key |
|
881 implements DHPublicKey { |
|
882 static final long serialVersionUID = -598383872153843657L; |
|
883 |
|
884 private BigInteger y; |
|
885 private DHParameterSpec params; |
|
886 private byte[] encoded; |
|
887 P11DHPublicKey(Session session, long keyID, String algorithm, |
|
888 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
889 super(PUBLIC, session, keyID, algorithm, keyLength, attributes); |
|
890 } |
|
891 private synchronized void fetchValues() { |
|
892 token.ensureValid(); |
|
893 if (y != null) { |
|
894 return; |
|
895 } |
|
896 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
897 new CK_ATTRIBUTE(CKA_VALUE), |
|
898 new CK_ATTRIBUTE(CKA_PRIME), |
|
899 new CK_ATTRIBUTE(CKA_BASE), |
|
900 }; |
|
901 fetchAttributes(attributes); |
|
902 y = attributes[0].getBigInteger(); |
|
903 params = new DHParameterSpec( |
|
904 attributes[1].getBigInteger(), |
|
905 attributes[2].getBigInteger() |
|
906 ); |
|
907 } |
|
908 public String getFormat() { |
|
909 token.ensureValid(); |
|
910 return "X.509"; |
|
911 } |
|
912 synchronized byte[] getEncodedInternal() { |
|
913 token.ensureValid(); |
|
914 if (encoded == null) { |
|
915 fetchValues(); |
|
916 try { |
|
917 DHPublicKeySpec spec = new DHPublicKeySpec |
|
918 (y, params.getP(), params.getG()); |
|
919 KeyFactory kf = KeyFactory.getInstance |
|
920 ("DH", P11Util.getSunJceProvider()); |
|
921 Key key = kf.generatePublic(spec); |
|
922 encoded = key.getEncoded(); |
|
923 } catch (GeneralSecurityException e) { |
|
924 throw new ProviderException(e); |
|
925 } |
|
926 } |
|
927 return encoded; |
|
928 } |
|
929 public BigInteger getY() { |
|
930 fetchValues(); |
|
931 return y; |
|
932 } |
|
933 public DHParameterSpec getParams() { |
|
934 fetchValues(); |
|
935 return params; |
|
936 } |
|
937 public String toString() { |
|
938 fetchValues(); |
|
939 return super.toString() + "\n y: " + y + "\n p: " + params.getP() |
|
940 + "\n g: " + params.getG(); |
|
941 } |
|
942 public int hashCode() { |
|
943 if (token.isValid() == false) { |
|
944 return 0; |
|
945 } |
|
946 fetchValues(); |
|
947 return Objects.hash(y, params.getP(), params.getG()); |
|
948 } |
|
949 public boolean equals(Object obj) { |
|
950 if (this == obj) return true; |
|
951 // equals() should never throw exceptions |
|
952 if (token.isValid() == false) { |
|
953 return false; |
|
954 } |
|
955 if (!(obj instanceof DHPublicKey)) { |
|
956 return false; |
|
957 } |
|
958 fetchValues(); |
|
959 DHPublicKey other = (DHPublicKey) obj; |
|
960 DHParameterSpec otherParams = other.getParams(); |
|
961 return ((this.y.compareTo(other.getY()) == 0) && |
|
962 (this.params.getP().compareTo(otherParams.getP()) == 0) && |
|
963 (this.params.getG().compareTo(otherParams.getG()) == 0)); |
|
964 } |
|
965 } |
|
966 |
|
967 private static final class P11ECPrivateKey extends P11Key |
|
968 implements ECPrivateKey { |
|
969 private static final long serialVersionUID = -7786054399510515515L; |
|
970 |
|
971 private BigInteger s; |
|
972 private ECParameterSpec params; |
|
973 private byte[] encoded; |
|
974 P11ECPrivateKey(Session session, long keyID, String algorithm, |
|
975 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
976 super(PRIVATE, session, keyID, algorithm, keyLength, attributes); |
|
977 } |
|
978 private synchronized void fetchValues() { |
|
979 token.ensureValid(); |
|
980 if (s != null) { |
|
981 return; |
|
982 } |
|
983 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
984 new CK_ATTRIBUTE(CKA_VALUE), |
|
985 new CK_ATTRIBUTE(CKA_EC_PARAMS, params), |
|
986 }; |
|
987 fetchAttributes(attributes); |
|
988 s = attributes[0].getBigInteger(); |
|
989 try { |
|
990 params = P11ECKeyFactory.decodeParameters |
|
991 (attributes[1].getByteArray()); |
|
992 } catch (Exception e) { |
|
993 throw new RuntimeException("Could not parse key values", e); |
|
994 } |
|
995 } |
|
996 public String getFormat() { |
|
997 token.ensureValid(); |
|
998 return "PKCS#8"; |
|
999 } |
|
1000 synchronized byte[] getEncodedInternal() { |
|
1001 token.ensureValid(); |
|
1002 if (encoded == null) { |
|
1003 fetchValues(); |
|
1004 try { |
|
1005 Key key = ECUtil.generateECPrivateKey(s, params); |
|
1006 encoded = key.getEncoded(); |
|
1007 } catch (InvalidKeySpecException e) { |
|
1008 throw new ProviderException(e); |
|
1009 } |
|
1010 } |
|
1011 return encoded; |
|
1012 } |
|
1013 public BigInteger getS() { |
|
1014 fetchValues(); |
|
1015 return s; |
|
1016 } |
|
1017 public ECParameterSpec getParams() { |
|
1018 fetchValues(); |
|
1019 return params; |
|
1020 } |
|
1021 } |
|
1022 |
|
1023 private static final class P11ECPublicKey extends P11Key |
|
1024 implements ECPublicKey { |
|
1025 private static final long serialVersionUID = -6371481375154806089L; |
|
1026 |
|
1027 private ECPoint w; |
|
1028 private ECParameterSpec params; |
|
1029 private byte[] encoded; |
|
1030 P11ECPublicKey(Session session, long keyID, String algorithm, |
|
1031 int keyLength, CK_ATTRIBUTE[] attributes) { |
|
1032 super(PUBLIC, session, keyID, algorithm, keyLength, attributes); |
|
1033 } |
|
1034 private synchronized void fetchValues() { |
|
1035 token.ensureValid(); |
|
1036 if (w != null) { |
|
1037 return; |
|
1038 } |
|
1039 CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { |
|
1040 new CK_ATTRIBUTE(CKA_EC_POINT), |
|
1041 new CK_ATTRIBUTE(CKA_EC_PARAMS), |
|
1042 }; |
|
1043 fetchAttributes(attributes); |
|
1044 |
|
1045 try { |
|
1046 params = P11ECKeyFactory.decodeParameters |
|
1047 (attributes[1].getByteArray()); |
|
1048 byte[] ecKey = attributes[0].getByteArray(); |
|
1049 |
|
1050 // Check whether the X9.63 encoding of an EC point is wrapped |
|
1051 // in an ASN.1 OCTET STRING |
|
1052 if (!token.config.getUseEcX963Encoding()) { |
|
1053 DerValue wECPoint = new DerValue(ecKey); |
|
1054 |
|
1055 if (wECPoint.getTag() != DerValue.tag_OctetString) { |
|
1056 throw new IOException("Could not DER decode EC point." + |
|
1057 " Unexpected tag: " + wECPoint.getTag()); |
|
1058 } |
|
1059 w = P11ECKeyFactory.decodePoint |
|
1060 (wECPoint.getDataBytes(), params.getCurve()); |
|
1061 |
|
1062 } else { |
|
1063 w = P11ECKeyFactory.decodePoint(ecKey, params.getCurve()); |
|
1064 } |
|
1065 |
|
1066 } catch (Exception e) { |
|
1067 throw new RuntimeException("Could not parse key values", e); |
|
1068 } |
|
1069 } |
|
1070 public String getFormat() { |
|
1071 token.ensureValid(); |
|
1072 return "X.509"; |
|
1073 } |
|
1074 synchronized byte[] getEncodedInternal() { |
|
1075 token.ensureValid(); |
|
1076 if (encoded == null) { |
|
1077 fetchValues(); |
|
1078 try { |
|
1079 return ECUtil.x509EncodeECPublicKey(w, params); |
|
1080 } catch (InvalidKeySpecException e) { |
|
1081 throw new ProviderException(e); |
|
1082 } |
|
1083 } |
|
1084 return encoded; |
|
1085 } |
|
1086 public ECPoint getW() { |
|
1087 fetchValues(); |
|
1088 return w; |
|
1089 } |
|
1090 public ECParameterSpec getParams() { |
|
1091 fetchValues(); |
|
1092 return params; |
|
1093 } |
|
1094 public String toString() { |
|
1095 fetchValues(); |
|
1096 return super.toString() |
|
1097 + "\n public x coord: " + w.getAffineX() |
|
1098 + "\n public y coord: " + w.getAffineY() |
|
1099 + "\n parameters: " + params; |
|
1100 } |
|
1101 } |
|
1102 } |
|
1103 |
|
1104 /* |
|
1105 * NOTE: Must use PhantomReference here and not WeakReference |
|
1106 * otherwise the key maybe cleared before other objects which |
|
1107 * still use these keys during finalization such as SSLSocket. |
|
1108 */ |
|
1109 final class SessionKeyRef extends PhantomReference<P11Key> |
|
1110 implements Comparable<SessionKeyRef> { |
|
1111 private static ReferenceQueue<P11Key> refQueue = |
|
1112 new ReferenceQueue<P11Key>(); |
|
1113 private static Set<SessionKeyRef> refList = |
|
1114 Collections.synchronizedSortedSet(new TreeSet<SessionKeyRef>()); |
|
1115 |
|
1116 static ReferenceQueue<P11Key> referenceQueue() { |
|
1117 return refQueue; |
|
1118 } |
|
1119 |
|
1120 private static void drainRefQueueBounded() { |
|
1121 Session sess = null; |
|
1122 Token tkn = null; |
|
1123 while (true) { |
|
1124 SessionKeyRef next = (SessionKeyRef) refQueue.poll(); |
|
1125 if (next == null) { |
|
1126 break; |
|
1127 } |
|
1128 |
|
1129 // If the token is still valid, try to remove the object |
|
1130 if (next.session.token.isValid()) { |
|
1131 // If this key's token is the same as the previous key, the |
|
1132 // same session can be used for C_DestroyObject. |
|
1133 try { |
|
1134 if (next.session.token != tkn || sess == null) { |
|
1135 // Release session if not using previous token |
|
1136 if (tkn != null && sess != null) { |
|
1137 tkn.releaseSession(sess); |
|
1138 sess = null; |
|
1139 } |
|
1140 |
|
1141 tkn = next.session.token; |
|
1142 sess = tkn.getOpSession(); |
|
1143 } |
|
1144 next.disposeNative(sess); |
|
1145 } catch (PKCS11Exception e) { |
|
1146 // ignore |
|
1147 } |
|
1148 } |
|
1149 // Regardless of native results, dispose of java references |
|
1150 next.dispose(); |
|
1151 } |
|
1152 |
|
1153 if (tkn != null && sess != null) { |
|
1154 tkn.releaseSession(sess); |
|
1155 } |
|
1156 } |
|
1157 |
|
1158 // handle to the native key |
|
1159 private long keyID; |
|
1160 private Session session; |
|
1161 |
|
1162 SessionKeyRef(P11Key key , long keyID, Session session) { |
|
1163 super(key, refQueue); |
|
1164 this.keyID = keyID; |
|
1165 this.session = session; |
|
1166 this.session.addObject(); |
|
1167 refList.add(this); |
|
1168 drainRefQueueBounded(); |
|
1169 } |
|
1170 |
|
1171 private void disposeNative(Session s) throws PKCS11Exception { |
|
1172 session.token.p11.C_DestroyObject(s.id(), keyID); |
|
1173 } |
|
1174 |
|
1175 private void dispose() { |
|
1176 refList.remove(this); |
|
1177 this.clear(); |
|
1178 session.removeObject(); |
|
1179 } |
|
1180 |
|
1181 public int compareTo(SessionKeyRef other) { |
|
1182 if (this.keyID == other.keyID) { |
|
1183 return 0; |
|
1184 } else { |
|
1185 return (this.keyID < other.keyID) ? -1 : 1; |
|
1186 } |
|
1187 } |
|
1188 } |