PageRenderTime 40ms CodeModel.GetById 15ms RepoModel.GetById 1ms app.codeStats 0ms

/src/com/sun/crypto/provider/CipherWithWrappingSpi.java

https://gitlab.com/borneywpf/openjdk-7-src
Java | 261 lines | 128 code | 21 blank | 112 comment | 5 complexity | cdac8001b887b723412cf86f51858304 MD5 | raw file
  1. /*
  2. * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved.
  3. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  4. *
  5. * This code is free software; you can redistribute it and/or modify it
  6. * under the terms of the GNU General Public License version 2 only, as
  7. * published by the Free Software Foundation. Oracle designates this
  8. * particular file as subject to the "Classpath" exception as provided
  9. * by Oracle in the LICENSE file that accompanied this code.
  10. *
  11. * This code is distributed in the hope that it will be useful, but WITHOUT
  12. * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13. * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
  14. * version 2 for more details (a copy is included in the LICENSE file that
  15. * accompanied this code).
  16. *
  17. * You should have received a copy of the GNU General Public License version
  18. * 2 along with this work; if not, write to the Free Software Foundation,
  19. * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20. *
  21. * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22. * or visit www.oracle.com if you need additional information or have any
  23. * questions.
  24. */
  25. package com.sun.crypto.provider;
  26. import java.security.Key;
  27. import java.security.PublicKey;
  28. import java.security.PrivateKey;
  29. import java.security.KeyFactory;
  30. import java.security.InvalidKeyException;
  31. import java.security.NoSuchProviderException;
  32. import java.security.NoSuchAlgorithmException;
  33. import java.security.spec.PKCS8EncodedKeySpec;
  34. import java.security.spec.X509EncodedKeySpec;
  35. import java.security.spec.InvalidKeySpecException;
  36. import javax.crypto.Cipher;
  37. import javax.crypto.CipherSpi;
  38. import javax.crypto.SecretKey;
  39. import javax.crypto.IllegalBlockSizeException;
  40. import javax.crypto.BadPaddingException;
  41. import javax.crypto.spec.SecretKeySpec;
  42. /**
  43. * This class entends the javax.crypto.CipherSpi class with a concrete
  44. * implementation of the methods for wrapping and unwrapping
  45. * keys.
  46. *
  47. * @author Sharon Liu
  48. *
  49. *
  50. * @see javax.crypto.CipherSpi
  51. * @see BlowfishCipher
  52. * @see DESCipher
  53. * @see PBEWithMD5AndDESCipher
  54. */
  55. public abstract class CipherWithWrappingSpi extends CipherSpi {
  56. /**
  57. * Wrap a key.
  58. *
  59. * @param key the key to be wrapped.
  60. *
  61. * @return the wrapped key.
  62. *
  63. * @exception IllegalBlockSizeException if this cipher is a block
  64. * cipher, no padding has been requested, and the length of the
  65. * encoding of the key to be wrapped is not a
  66. * multiple of the block size.
  67. *
  68. * @exception InvalidKeyException if it is impossible or unsafe to
  69. * wrap the key with this cipher (e.g., a hardware protected key is
  70. * being passed to a software only cipher).
  71. */
  72. protected final byte[] engineWrap(Key key)
  73. throws IllegalBlockSizeException, InvalidKeyException
  74. {
  75. byte[] result = null;
  76. try {
  77. byte[] encodedKey = key.getEncoded();
  78. if ((encodedKey == null) || (encodedKey.length == 0)) {
  79. throw new InvalidKeyException("Cannot get an encoding of " +
  80. "the key to be wrapped");
  81. }
  82. result = engineDoFinal(encodedKey, 0, encodedKey.length);
  83. } catch (BadPaddingException e) {
  84. // Should never happen
  85. }
  86. return result;
  87. }
  88. /**
  89. * Unwrap a previously wrapped key.
  90. *
  91. * @param wrappedKey the key to be unwrapped.
  92. *
  93. * @param wrappedKeyAlgorithm the algorithm the wrapped key is for.
  94. *
  95. * @param wrappedKeyType the type of the wrapped key.
  96. * This is one of <code>Cipher.SECRET_KEY</code>,
  97. * <code>Cipher.PRIVATE_KEY</code>, or <code>Cipher.PUBLIC_KEY</code>.
  98. *
  99. * @return the unwrapped key.
  100. *
  101. * @exception InvalidKeyException if <code>wrappedKey</code> does not
  102. * represent a wrapped key, or if the algorithm associated with the
  103. * wrapped key is different from <code>wrappedKeyAlgorithm</code>
  104. * and/or its key type is different from <code>wrappedKeyType</code>.
  105. *
  106. * @exception NoSuchAlgorithmException if no installed providers
  107. * can create keys for the <code>wrappedKeyAlgorithm</code>.
  108. */
  109. protected final Key engineUnwrap(byte[] wrappedKey,
  110. String wrappedKeyAlgorithm,
  111. int wrappedKeyType)
  112. throws InvalidKeyException, NoSuchAlgorithmException
  113. {
  114. byte[] encodedKey;
  115. Key result = null;
  116. try {
  117. encodedKey = engineDoFinal(wrappedKey, 0,
  118. wrappedKey.length);
  119. } catch (BadPaddingException ePadding) {
  120. throw new InvalidKeyException();
  121. } catch (IllegalBlockSizeException eBlockSize) {
  122. throw new InvalidKeyException();
  123. }
  124. switch (wrappedKeyType) {
  125. case Cipher.SECRET_KEY:
  126. result = constructSecretKey(encodedKey,
  127. wrappedKeyAlgorithm);
  128. break;
  129. case Cipher.PRIVATE_KEY:
  130. result = constructPrivateKey(encodedKey,
  131. wrappedKeyAlgorithm);
  132. break;
  133. case Cipher.PUBLIC_KEY:
  134. result = constructPublicKey(encodedKey,
  135. wrappedKeyAlgorithm);
  136. break;
  137. }
  138. return result;
  139. }
  140. /**
  141. * Construct a public key from its encoding.
  142. *
  143. * @param encodedKey the encoding of a public key.
  144. *
  145. * @param encodedKeyAlgorithm the algorithm the encodedKey is for.
  146. *
  147. * @return a public key constructed from the encodedKey.
  148. */
  149. private final PublicKey constructPublicKey(byte[] encodedKey,
  150. String encodedKeyAlgorithm)
  151. throws InvalidKeyException, NoSuchAlgorithmException
  152. {
  153. PublicKey key = null;
  154. try {
  155. KeyFactory keyFactory =
  156. KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE");
  157. X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
  158. key = keyFactory.generatePublic(keySpec);
  159. } catch (NoSuchAlgorithmException nsae) {
  160. // Try to see whether there is another
  161. // provider which supports this algorithm
  162. try {
  163. KeyFactory keyFactory =
  164. KeyFactory.getInstance(encodedKeyAlgorithm);
  165. X509EncodedKeySpec keySpec =
  166. new X509EncodedKeySpec(encodedKey);
  167. key = keyFactory.generatePublic(keySpec);
  168. } catch (NoSuchAlgorithmException nsae2) {
  169. throw new NoSuchAlgorithmException("No installed providers " +
  170. "can create keys for the " +
  171. encodedKeyAlgorithm +
  172. "algorithm");
  173. } catch (InvalidKeySpecException ikse2) {
  174. // Should never happen.
  175. }
  176. } catch (InvalidKeySpecException ikse) {
  177. // Should never happen.
  178. } catch (NoSuchProviderException nspe) {
  179. // Should never happen.
  180. }
  181. return key;
  182. }
  183. /**
  184. * Construct a private key from its encoding.
  185. *
  186. * @param encodedKey the encoding of a private key.
  187. *
  188. * @param encodedKeyAlgorithm the algorithm the wrapped key is for.
  189. *
  190. * @return a private key constructed from the encodedKey.
  191. */
  192. private final PrivateKey constructPrivateKey(byte[] encodedKey,
  193. String encodedKeyAlgorithm)
  194. throws InvalidKeyException, NoSuchAlgorithmException
  195. {
  196. PrivateKey key = null;
  197. try {
  198. KeyFactory keyFactory =
  199. KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE");
  200. PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey);
  201. return keyFactory.generatePrivate(keySpec);
  202. } catch (NoSuchAlgorithmException nsae) {
  203. // Try to see whether there is another
  204. // provider which supports this algorithm
  205. try {
  206. KeyFactory keyFactory =
  207. KeyFactory.getInstance(encodedKeyAlgorithm);
  208. PKCS8EncodedKeySpec keySpec =
  209. new PKCS8EncodedKeySpec(encodedKey);
  210. key = keyFactory.generatePrivate(keySpec);
  211. } catch (NoSuchAlgorithmException nsae2) {
  212. throw new NoSuchAlgorithmException("No installed providers " +
  213. "can create keys for the " +
  214. encodedKeyAlgorithm +
  215. "algorithm");
  216. } catch (InvalidKeySpecException ikse2) {
  217. // Should never happen.
  218. }
  219. } catch (InvalidKeySpecException ikse) {
  220. // Should never happen.
  221. } catch (NoSuchProviderException nspe) {
  222. // Should never happen.
  223. }
  224. return key;
  225. }
  226. /**
  227. * Construct a secret key from its encoding.
  228. *
  229. * @param encodedKey the encoding of a secret key.
  230. *
  231. * @param encodedKeyAlgorithm the algorithm the secret key is for.
  232. *
  233. * @return a secret key constructed from the encodedKey.
  234. */
  235. private final SecretKey constructSecretKey(byte[] encodedKey,
  236. String encodedKeyAlgorithm)
  237. {
  238. return (new SecretKeySpec(encodedKey, encodedKeyAlgorithm));
  239. }
  240. }