71 throw new InvalidParameterException(MSG); |
71 throw new InvalidParameterException(MSG); |
72 } |
72 } |
73 |
73 |
74 protected void engineInit(AlgorithmParameterSpec params, |
74 protected void engineInit(AlgorithmParameterSpec params, |
75 SecureRandom random) throws InvalidAlgorithmParameterException { |
75 SecureRandom random) throws InvalidAlgorithmParameterException { |
76 if (params instanceof TlsRsaPremasterSecretParameterSpec == false) { |
76 if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) { |
77 throw new InvalidAlgorithmParameterException(MSG); |
77 throw new InvalidAlgorithmParameterException(MSG); |
78 } |
78 } |
79 this.spec = (TlsRsaPremasterSecretParameterSpec)params; |
79 this.spec = (TlsRsaPremasterSecretParameterSpec)params; |
80 } |
80 } |
81 |
81 |
82 protected void engineInit(int keysize, SecureRandom random) { |
82 protected void engineInit(int keysize, SecureRandom random) { |
83 throw new InvalidParameterException(MSG); |
83 throw new InvalidParameterException(MSG); |
84 } |
84 } |
85 |
85 |
|
86 // Only can be used in client side to generate TLS RSA premaster secret. |
86 protected SecretKey engineGenerateKey() { |
87 protected SecretKey engineGenerateKey() { |
87 if (spec == null) { |
88 if (spec == null) { |
88 throw new IllegalStateException |
89 throw new IllegalStateException |
89 ("TlsRsaPremasterSecretGenerator must be initialized"); |
90 ("TlsRsaPremasterSecretGenerator must be initialized"); |
90 } |
91 } |
91 |
92 |
92 byte[] b = spec.getEncodedSecret(); |
93 CK_VERSION version = new CK_VERSION( |
93 if (b == null) { |
|
94 CK_VERSION version = new CK_VERSION( |
|
95 spec.getMajorVersion(), spec.getMinorVersion()); |
94 spec.getMajorVersion(), spec.getMinorVersion()); |
96 Session session = null; |
95 Session session = null; |
97 try { |
96 try { |
98 session = token.getObjSession(); |
97 session = token.getObjSession(); |
99 CK_ATTRIBUTE[] attributes = token.getAttributes( |
98 CK_ATTRIBUTE[] attributes = token.getAttributes( |
100 O_GENERATE, CKO_SECRET_KEY, |
99 O_GENERATE, CKO_SECRET_KEY, |
101 CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); |
100 CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); |
102 long keyID = token.p11.C_GenerateKey(session.id(), |
101 long keyID = token.p11.C_GenerateKey(session.id(), |
103 new CK_MECHANISM(mechanism, version), attributes); |
102 new CK_MECHANISM(mechanism, version), attributes); |
104 SecretKey key = P11Key.secretKey(session, |
103 SecretKey key = P11Key.secretKey(session, |
105 keyID, "TlsRsaPremasterSecret", 48 << 3, attributes); |
104 keyID, "TlsRsaPremasterSecret", 48 << 3, attributes); |
106 return key; |
105 return key; |
107 } catch (PKCS11Exception e) { |
106 } catch (PKCS11Exception e) { |
108 throw new ProviderException( |
107 throw new ProviderException( |
109 "Could not generate premaster secret", e); |
108 "Could not generate premaster secret", e); |
110 } finally { |
109 } finally { |
111 token.releaseSession(session); |
110 token.releaseSession(session); |
112 } |
|
113 } |
111 } |
114 |
|
115 // Won't worry, the TlsRsaPremasterSecret will be soon converted to |
|
116 // TlsMasterSecret. |
|
117 return new SecretKeySpec(b, "TlsRsaPremasterSecret"); |
|
118 } |
112 } |
119 |
113 |
120 } |
114 } |