Produced by Araxis Merge on 9/25/2018 2:13:24 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\pkcs11 | P11KeyAgreement.java | Mon Jan 22 14:46:54 2018 UTC |
2 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\pkcs11 | P11KeyAgreement.java | Wed Sep 12 17:53:11 2018 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 20 | 680 |
Changed | 19 | 54 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /* | |
2 | * Copyrig ht (c) 200 3, 2017, O racle and/ or its aff iliates. A ll rights reserved. | |
3 | * DO NOT ALTER OR R EMOVE COPY RIGHT NOTI CES OR THI S FILE HEA DER. | |
4 | * | |
5 | * This co de is free software; you can r edistribut e it and/o r modify i t | |
6 | * under t he terms o f the GNU General Pu blic Licen se version 2 only, a s | |
7 | * publish ed by the Free Softw are Founda tion. Ora cle design ates this | |
8 | * particu lar file a s subject to the "Cl asspath" e xception a s provided | |
9 | * by Orac le in the LICENSE fi le that ac companied this code. | |
10 | * | |
11 | * This co de is dist ributed in the hope that it wi ll be usef ul, but WI THOUT | |
12 | * ANY WAR RANTY; wit hout even the implie d warranty of MERCHA NTABILITY or | |
13 | * FITNESS FOR A PAR TICULAR PU RPOSE. Se e the GNU General Pu blic Licen se | |
14 | * version 2 for mor e details (a copy is included in the LIC ENSE file that | |
15 | * accompa nied this code). | |
16 | * | |
17 | * You sho uld have r eceived a copy of th e GNU Gene ral Public License v ersion | |
18 | * 2 along with this work; if not, write to the Fr ee Softwar e Foundati on, | |
19 | * Inc., 5 1 Franklin St, Fifth Floor, Bo ston, MA 0 2110-1301 USA. | |
20 | * | |
21 | * Please contact Or acle, 500 Oracle Par kway, Redw ood Shores , CA 94065 USA | |
22 | * or visi t www.orac le.com if you need a dditional informatio n or have any | |
23 | * questio ns. | |
24 | */ | |
25 | ||
26 | package su n.security .pkcs11; | |
27 | ||
28 | import jav a.math.Big Integer; | |
29 | ||
30 | import jav a.security .*; | |
31 | import jav a.security .spec.*; | |
32 | ||
33 | import jav ax.crypto. *; | |
34 | import jav ax.crypto. interfaces .*; | |
35 | import jav ax.crypto. spec.*; | |
36 | ||
37 | import sta tic sun.se curity.pkc s11.Templa teManager. *; | |
38 | import sun .security. pkcs11.wra pper.*; | |
39 | import sta tic sun.se curity.pkc s11.wrappe r.PKCS11Co nstants.*; | |
40 | import sun .security. util.KeyUt il; | |
41 | ||
42 | /** | |
43 | * KeyAgre ement impl ementation class. Th is class c urrently s upports | |
44 | * DH. | |
45 | * | |
46 | * @author Andreas Sterbenz | |
47 | * @since 1.5 | |
48 | */ | |
49 | final clas s P11KeyAg reement ex tends KeyA greementSp i { | |
50 | ||
51 | // tok en instanc e | |
52 | privat e final To ken token; | |
53 | ||
54 | // alg orithm nam e | |
55 | privat e final St ring algor ithm; | |
56 | ||
57 | // mec hanism id | |
58 | privat e final lo ng mechani sm; | |
59 | ||
60 | // pri vate key, if initial ized | |
61 | privat e P11Key p rivateKey; | |
62 | ||
63 | // oth er sides p ublic valu e ("y"), i f doPhase( ) already called | |
64 | privat e BigInteg er publicV alue; | |
65 | ||
66 | // length of the PW to be deri ved | |
67 | private in t PW Len; | |
68 | ||
69 | // Key Agreement from SunJC E as fallb ack for > 2 party ag reement | |
70 | privat e KeyAgree ment multi PartyAgree ment; | |
71 | ||
72 | privat e static c lass Allow KDF { | |
73 | ||
74 | pr ivate stat ic final b oolean VAL UE = getVa lue(); | |
75 | ||
76 | pr ivate stat ic boolean getValue( ) { | |
77 | return A ccessContr oller.doPr ivileged( | |
78 | (Pri vilegedAct ion<Boolea n>) | |
79 | () - > Boolean. getBoolean ("jdk.cryp to.KeyAgre ement.lega cyKDF")); | |
80 | } | |
81 | } | |
82 | ||
83 | P11Key Agreement( Token toke n, String algorithm, long mech anism) { | |
84 | su per(); | |
85 | th is.token = token; | |
86 | th is.algorit hm = algor ithm; | |
87 | th is.mechani sm = mecha nism; | |
88 | } | |
89 | ||
90 | // see JCE spec | |
91 | protec ted void e ngineInit( Key key, S ecureRando m random) | |
92 | throws I nvalidKeyE xception { | |
93 | if (key inst anceof Pri vateKey == false) { | |
94 | throw ne w InvalidK eyExceptio n | |
95 | ("Key must be in stance of PrivateKey "); | |
96 | } | |
97 | pr ivateKey = P11KeyFac tory.conve rtKey(toke n, key, al gorithm); | |
98 | pu blicValue = null; | |
99 | mu ltiPartyAg reement = null; | |
100 | } | |
101 | ||
102 | // see JCE spec | |
103 | protec ted void e ngineInit( Key key, A lgorithmPa rameterSpe c params, | |
104 | SecureRa ndom rando m) throws InvalidKey Exception, | |
105 | InvalidA lgorithmPa rameterExc eption { | |
106 | if (params ! = null) { | |
107 | throw ne w InvalidA lgorithmPa rameterExc eption | |
108 | ("Para meters not supported "); | |
109 | } | |
110 | en gineInit(k ey, random ); | |
111 | } | |
112 | ||
113 | // see JCE spec | |
114 | protec ted Key en gineDoPhas e(Key key, boolean l astPhase) | |
115 | throws I nvalidKeyE xception, IllegalSta teExceptio n { | |
116 | if (privateK ey == null ) { | |
117 | throw ne w IllegalS tateExcept ion("Not i nitialized "); | |
118 | } | |
119 | if (publicVa lue != nul l) { | |
120 | throw ne w IllegalS tateExcept ion("Phase already e xecuted"); | |
121 | } | |
122 | // PKCS#11 o nly allows key agree ment betwe en 2 parti es | |
123 | // JCE allow s >= 2 par ties. To s upport tha t case (fo r compatib ility | |
124 | // and to pa ss JCK), f all back t o SunJCE i n this cas e. | |
125 | // NOTE that we initia lize using the P11Ke y, which w ill fail i f it | |
126 | // is sensit ive/unextr actable. H owever, th is is not an issue i n the | |
127 | // compatibi lity confi guration, which is a ll we are targeting here. | |
128 | if ((multiPa rtyAgreeme nt != null ) || (last Phase == f alse)) { | |
129 | if (mult iPartyAgre ement == n ull) { | |
130 | try { | |
131 | multiParty Agreement = KeyAgree ment.getIn stance | |
132 | ("DH", P11Util.g etSunJcePr ovider()); | |
133 | multiParty Agreement. init(priva teKey); | |
134 | } ca tch (NoSuc hAlgorithm Exception e) { | |
135 | throw new InvalidKey Exception | |
136 | ("Coul d not init ialize mul ti party a greement", e); | |
137 | } | |
138 | } | |
139 | return m ultiPartyA greement.d oPhase(key , lastPhas e); | |
140 | } | |
141 | if ((key ins tanceof Pu blicKey == false) | |
142 | || ( key.getAlg orithm().e quals(algo rithm) == false)) { | |
143 | throw ne w InvalidK eyExceptio n | |
144 | ("Ke y must be a PublicKe y with alg orithm DH" ); | |
145 | } | |
146 | Bi gInteger p , g, y; | |
147 | if (key inst anceof DHP ublicKey) { | |
148 | DHPublic Key dhKey = (DHPubli cKey)key; | |
149 | ||
150 | // valid ate the Di ffie-Hellm an public key | |
151 | KeyUtil. validate(d hKey); | |
152 | ||
153 | y = dhKe y.getY(); | |
154 | DHParame terSpec pa rams = dhK ey.getPara ms(); | |
155 | p = para ms.getP(); | |
156 | g = para ms.getG(); | |
157 | } else { | |
158 | // norma lly, DH Pu blicKeys w ill always implement DHPublicK ey | |
159 | // just in case no t, attempt conversio n | |
160 | P11DHKey Factory kf = new P11 DHKeyFacto ry(token, "DH"); | |
161 | try { | |
162 | DHPu blicKeySpe c spec = k f.engineGe tKeySpec( | |
163 | key, D HPublicKey Spec.class ); | |
164 | ||
165 | // v alidate th e Diffie-H ellman pub lic key | |
166 | KeyU til.valida te(spec); | |
167 | ||
168 | y = spec.getY( ); | |
169 | p = spec.getP( ); | |
170 | g = spec.getG( ); | |
171 | } catch (InvalidKe ySpecExcep tion e) { | |
172 | thro w new Inva lidKeyExce ption("Cou ld not obt ain key va lues", e); | |
173 | } | |
174 | } | |
175 | // if parame ters of pr ivate key are access ible, veri fy that | |
176 | // they matc h paramete rs of publ ic key | |
177 | // XXX p and g should always be readable, even if th e key is s ensitive | |
178 | if (privateK ey instanc eof DHPriv ateKey) { | |
179 | DHPrivat eKey dhKey = (DHPriv ateKey)pri vateKey; | |
180 | DHParame terSpec pa rams = dhK ey.getPara ms(); | |
181 | if ((p.e quals(para ms.getP()) == false) | |
182 | || (g.eq uals(param s.getG()) == false)) { | |
183 | thro w new Inva lidKeyExce ption | |
184 | ("Pu blicKey DH parameter s must mat ch Private Key DH par ameters"); | |
185 | } | |
186 | } | |
187 | pu blicValue = y; | |
188 | // length of the PW is length of key | |
189 | PW Len = (p.b itLength() + 7) >> 3 ; | |
190 | re turn null; | |
191 | } | |
192 | ||
193 | // see JCE spec | |
194 | protec ted byte[] engineGen erateSecre t() throws IllegalSt ateExcepti on { | |
195 | if (multiPar tyAgreemen t != null) { | |
196 | byte[] v al = multi PartyAgree ment.gener ateSecret( ); | |
197 | multiPar tyAgreemen t = null; | |
198 | return v al; | |
199 | } | |
200 | if ((private Key == nul l) || (pub licValue = = null)) { | |
201 | throw ne w IllegalS tateExcept ion("Not i nitialized correctly "); | |
202 | } | |
203 | Se ssion sess ion = null ; | |
204 | tr y { | |
205 | session = token.ge tOpSession (); | |
206 | CK_ATTRI BUTE[] att ributes = new CK_ATT RIBUTE[] { | |
207 | new CK_ATTRIBU TE(CKA_CLA SS, CKO_SE CRET_KEY), | |
208 | new CK_ATTRIBU TE(CKA_KEY _TYPE, CKK _GENERIC_S ECRET), | |
209 | }; | |
210 | attribut es = token .getAttrib utes | |
211 | (O_G ENERATE, C KO_SECRET_ KEY, CKK_G ENERIC_SEC RET, attri butes); | |
212 | long key ID = token .p11.C_Der iveKey(ses sion.id(), | |
213 | new CK_MECHANI SM(mechani sm, public Value), pr ivateKey.k eyID, | |
214 | attr ibutes); | |
215 | attribut es = new C K_ATTRIBUT E[] { | |
216 | new CK_ATTRIBU TE(CKA_VAL UE) | |
217 | }; | |
218 | token.p1 1.C_GetAtt ributeValu e(session. id(), keyI D, attribu tes); | |
219 | byte[] PW = attribut es[0].getB yteArray() ; | |
220 | token.p1 1.C_Destro yObject(se ssion.id() , keyID); | |
221 | // Some vendors, e .g. NSS, t rim off th e leading 0x00 byte( s) from | |
222 | // the gen erated PW . Thus, we need to c heck the PW length | |
223 | // and t rim/pad it so the re turned val ue has the same leng th as | |
224 | // the m odulus siz e | |
225 | if ( PW .length == PW Len) { | |
226 | return PW ; | |
227 | } else { | |
228 | if ( PW .length > PW Len) { | |
229 | // Shouldn 't happen; but check just in c ase | |
230 | throw new ProviderEx ception("g enerated PW is out-of- range"); | |
231 | } | |
232 | byte[] new Secret = n ew byte[ PW Len]; | |
233 | System.arr aycopy( PW , 0, newSe cret, PW Len - PW .length, | |
234 | PW .length); | |
235 | retu rn newSecr et; | |
236 | } | |
237 | } catch (PKC S11Excepti on e) { | |
238 | throw ne w Provider Exception( "Could not derive ke y", e); | |
239 | } finally { | |
240 | publicVa lue = null ; | |
241 | token.re leaseSessi on(session ); | |
242 | } | |
243 | } | |
244 | ||
245 | // see JCE spec | |
246 | protec ted int en gineGenera teSecret(b yte[] shar edSecret, int | |
247 | offset) throws Ill egalStateE xception, ShortBuffe rException { | |
248 | if (multiPar tyAgreemen t != null) { | |
249 | int n = multiParty Agreement. generateSe cret(share dSecret, o ffset); | |
250 | multiPar tyAgreemen t = null; | |
251 | return n ; | |
252 | } | |
253 | if (offset + PW Len > shar edSecret.l ength) { | |
254 | throw new ShortBuffe rException ("Need " + PW Len | |
255 | + " bytes, onl y " + (sha redSecret. length - o ffset) + " available "); | |
256 | } | |
257 | byte[] PW = engineGe nerateSecr et(); | |
258 | System.arr aycopy( PW , 0, share dSecret, o ffset, PW .length); | |
259 | return PW .length; | |
260 | } | |
261 | ||
262 | // see JCE spec | |
263 | protec ted Secret Key engine GenerateSe cret(Strin g algorith m) | |
264 | throws I llegalStat eException , NoSuchAl gorithmExc eption, | |
265 | InvalidK eyExceptio n { | |
266 | if (multiPar tyAgreemen t != null) { | |
267 | SecretKe y key = mu ltiPartyAg reement.ge nerateSecr et(algorit hm); | |
268 | multiPar tyAgreemen t = null; | |
269 | return k ey; | |
270 | } | |
271 | if (algorith m == null) { | |
272 | throw ne w NoSuchAl gorithmExc eption("Al gorithm mu st not be null"); | |
273 | } | |
274 | ||
275 | if (algorith m.equals(" TlsPremast erSecret") ) { | |
276 | // For n ow, only p erform nat ive deriva tion for T lsPremaste rSecret | |
277 | // as th at is requ ired for F IPS compli ance. | |
278 | // For o ther algor ithms, the re are unr esolved is sues regar ding | |
279 | // how t his should work in J CE plus a Solaris tr uncation b ug. | |
280 | // (bug not yet fi led). | |
281 | return n ativeGener ateSecret( algorithm) ; | |
282 | } | |
283 | ||
284 | if (!algorit hm.equalsI gnoreCase( "TlsPremas terSecret" ) && | |
285 | !AllowKD F.VALUE) { | |
286 | ||
287 | throw new NoSuchAlgo rithmExcep tion("Unsu pported PW key " | |
288 | + " algorithm: " + algor ithm); | |
289 | } | |
290 | ||
291 | byte[] PW = engineGe nerateSecr et(); | |
292 | // Maintain compatibil ity for Su nJCE: | |
293 | // verify PW length is sensible f or algorit hm / trunc ate | |
294 | // return ge nerated ke y itself i f possible | |
295 | in t keyLen; | |
296 | if (algorith m.equalsIg noreCase(" DES")) { | |
297 | keyLen = 8; | |
298 | } else if (a lgorithm.e qualsIgnor eCase("DES ede")) { | |
299 | keyLen = 24; | |
300 | } else if (a lgorithm.e qualsIgnor eCase("Blo wfish")) { | |
301 | keyLen = M ath.min(56 , PW .length); | |
302 | } else if (a lgorithm.e qualsIgnor eCase("Tls PremasterS ecret")) { | |
303 | keyLen = PW .length; | |
304 | } else { | |
305 | throw ne w NoSuchAl gorithmExc eption | |
306 | ("Un known algo rithm " + algorithm) ; | |
307 | } | |
308 | if ( PW .length < keyLen) { | |
309 | throw ne w InvalidK eyExceptio n("Secret too short" ); | |
310 | } | |
311 | if (algorith m.equalsIg noreCase(" DES") || | |
312 | algorith m.equalsIg noreCase(" DESede")) { | |
313 | for (int i = 0 ; i < keyL en; i+=8) { | |
314 | P11SecretK eyFactory. fixDESPari ty( PW , i); | |
315 | } | |
316 | } | |
317 | return new SecretKey Spec( PW , 0, keyLe n, algorit hm); | |
318 | } | |
319 | ||
320 | privat e SecretKe y nativeGe nerateSecr et(String algorithm) | |
321 | throws I llegalStat eException , NoSuchAl gorithmExc eption, | |
322 | InvalidK eyExceptio n { | |
323 | if ((private Key == nul l) || (pub licValue = = null)) { | |
324 | throw ne w IllegalS tateExcept ion("Not i nitialized correctly "); | |
325 | } | |
326 | lo ng keyType = CKK_GEN ERIC_SECRE T; | |
327 | Se ssion sess ion = null ; | |
328 | tr y { | |
329 | session = token.ge tObjSessio n(); | |
330 | CK_ATTRI BUTE[] att ributes = new CK_ATT RIBUTE[] { | |
331 | new CK_ATTRIBU TE(CKA_CLA SS, CKO_SE CRET_KEY), | |
332 | new CK_ATTRIBU TE(CKA_KEY _TYPE, key Type), | |
333 | }; | |
334 | attribut es = token .getAttrib utes | |
335 | (O_G ENERATE, C KO_SECRET_ KEY, keyTy pe, attrib utes); | |
336 | long key ID = token .p11.C_Der iveKey(ses sion.id(), | |
337 | new CK_MECHANI SM(mechani sm, public Value), pr ivateKey.k eyID, | |
338 | attr ibutes); | |
339 | CK_ATTRI BUTE[] len Attributes = new CK_ ATTRIBUTE[ ] { | |
340 | new CK_ATTRIBU TE(CKA_VAL UE_LEN), | |
341 | }; | |
342 | token.p1 1.C_GetAtt ributeValu e(session. id(), keyI D, lenAttr ibutes); | |
343 | int keyL en = (int) lenAttribu tes[0].get Long(); | |
344 | SecretKey key = P11K ey. PW Key | |
345 | (sessi on, keyID, algorithm , keyLen < < 3, attri butes); | |
346 | if ("RAW ".equals(k ey.getForm at())) { | |
347 | // W orkaround for Solari s bug 6318 543. | |
348 | // S trip leadi ng zeroes ourselves if possibl e (key not sensitive ). | |
349 | // T his should be remove d once the Solaris f ix is avai lable | |
350 | // a s here we always ret rieve the CKA_VALUE even for t okens | |
351 | // t hat do not have that bug. | |
352 | byte [] keyByte s = key.ge tEncoded() ; | |
353 | byte [] newByte s = KeyUti l.trimZero es(keyByte s); | |
354 | if ( keyBytes ! = newBytes ) { | |
355 | key = new SecretKeyS pec(newByt es, algori thm); | |
356 | } | |
357 | } | |
358 | return k ey; | |
359 | } catch (PKC S11Excepti on e) { | |
360 | throw ne w InvalidK eyExceptio n("Could n ot derive key", e); | |
361 | } finally { | |
362 | publicVa lue = null ; | |
363 | token.re leaseSessi on(session ); | |
364 | } | |
365 | } | |
366 | ||
367 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.