Produced by Araxis Merge on 9/25/2018 2:13:24 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\pkcs11 | P11ECDHKeyAgreement.java | Mon Jan 22 14:46:54 2018 UTC |
2 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\pkcs11 | P11ECDHKeyAgreement.java | Wed Sep 12 17:53:08 2018 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 8 | 406 |
Changed | 7 | 22 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /* | |
2 | * Copyrig ht (c) 200 6, 2007, O racle and/ or its aff iliates. A ll rights reserved. | |
3 | * DO NOT ALTER OR R EMOVE COPY RIGHT NOTI CES OR THI S FILE HEA DER. | |
4 | * | |
5 | * This co de is free software; you can r edistribut e it and/o r modify i t | |
6 | * under t he terms o f the GNU General Pu blic Licen se version 2 only, a s | |
7 | * publish ed by the Free Softw are Founda tion. Ora cle design ates this | |
8 | * particu lar file a s subject to the "Cl asspath" e xception a s provided | |
9 | * by Orac le in the LICENSE fi le that ac companied this code. | |
10 | * | |
11 | * This co de is dist ributed in the hope that it wi ll be usef ul, but WI THOUT | |
12 | * ANY WAR RANTY; wit hout even the implie d warranty of MERCHA NTABILITY or | |
13 | * FITNESS FOR A PAR TICULAR PU RPOSE. Se e the GNU General Pu blic Licen se | |
14 | * version 2 for mor e details (a copy is included in the LIC ENSE file that | |
15 | * accompa nied this code). | |
16 | * | |
17 | * You sho uld have r eceived a copy of th e GNU Gene ral Public License v ersion | |
18 | * 2 along with this work; if not, write to the Fr ee Softwar e Foundati on, | |
19 | * Inc., 5 1 Franklin St, Fifth Floor, Bo ston, MA 0 2110-1301 USA. | |
20 | * | |
21 | * Please contact Or acle, 500 Oracle Par kway, Redw ood Shores , CA 94065 USA | |
22 | * or visi t www.orac le.com if you need a dditional informatio n or have any | |
23 | * questio ns. | |
24 | */ | |
25 | ||
26 | package su n.security .pkcs11; | |
27 | ||
28 | import jav a.security .*; | |
29 | import jav a.security .interface s.ECPublic Key; | |
30 | import jav a.security .spec.Algo rithmParam eterSpec; | |
31 | ||
32 | import jav ax.crypto. *; | |
33 | ||
34 | import sta tic sun.se curity.pkc s11.Templa teManager. *; | |
35 | import sun .security. pkcs11.wra pper.*; | |
36 | import sta tic sun.se curity.pkc s11.wrappe r.PKCS11Co nstants.*; | |
37 | ||
38 | /** | |
39 | * KeyAgre ement impl ementation for ECDH. | |
40 | * | |
41 | * @author Andreas Sterbenz | |
42 | * @since 1.6 | |
43 | */ | |
44 | final clas s P11ECDHK eyAgreemen t extends KeyAgreeme ntSpi { | |
45 | ||
46 | // tok en instanc e | |
47 | privat e final To ken token; | |
48 | ||
49 | // alg orithm nam e | |
50 | privat e final St ring algor ithm; | |
51 | ||
52 | // mec hanism id | |
53 | privat e final lo ng mechani sm; | |
54 | ||
55 | // pri vate key, if initial ized | |
56 | privat e P11Key p rivateKey; | |
57 | ||
58 | // enc oded publi c point, n on-null be tween doPh ase() and generateSe cret() onl y | |
59 | privat e byte[] p ublicValue ; | |
60 | ||
61 | // length of the PW to be deri ved | |
62 | private in t PW Len; | |
63 | ||
64 | P11ECD HKeyAgreem ent(Token token, Str ing algori thm, long mechanism) { | |
65 | su per(); | |
66 | th is.token = token; | |
67 | th is.algorit hm = algor ithm; | |
68 | th is.mechani sm = mecha nism; | |
69 | } | |
70 | ||
71 | // see JCE spec | |
72 | protec ted void e ngineInit( Key key, S ecureRando m random) | |
73 | throws I nvalidKeyE xception { | |
74 | if (key inst anceof Pri vateKey == false) { | |
75 | throw ne w InvalidK eyExceptio n | |
76 | ("Key must be in stance of PrivateKey "); | |
77 | } | |
78 | pr ivateKey = P11KeyFac tory.conve rtKey(toke n, key, "E C"); | |
79 | pu blicValue = null; | |
80 | } | |
81 | ||
82 | // see JCE spec | |
83 | protec ted void e ngineInit( Key key, A lgorithmPa rameterSpe c params, | |
84 | SecureRa ndom rando m) throws InvalidKey Exception, | |
85 | InvalidA lgorithmPa rameterExc eption { | |
86 | if (params ! = null) { | |
87 | throw ne w InvalidA lgorithmPa rameterExc eption | |
88 | ("Para meters not supported "); | |
89 | } | |
90 | en gineInit(k ey, random ); | |
91 | } | |
92 | ||
93 | // see JCE spec | |
94 | protec ted Key en gineDoPhas e(Key key, boolean l astPhase) | |
95 | throws I nvalidKeyE xception, IllegalSta teExceptio n { | |
96 | if (privateK ey == null ) { | |
97 | throw ne w IllegalS tateExcept ion("Not i nitialized "); | |
98 | } | |
99 | if (publicVa lue != nul l) { | |
100 | throw ne w IllegalS tateExcept ion("Phase already e xecuted"); | |
101 | } | |
102 | if (lastPhas e == false ) { | |
103 | throw ne w IllegalS tateExcept ion | |
104 | ("On ly two par ty agreeme nt support ed, lastPh ase must b e true"); | |
105 | } | |
106 | if (key inst anceof ECP ublicKey = = false) { | |
107 | throw ne w InvalidK eyExceptio n | |
108 | ("Ke y must be a PublicKe y with alg orithm EC" ); | |
109 | } | |
110 | EC PublicKey ecKey = (E CPublicKey )key; | |
111 | in t keyLenBi ts = ecKey .getParams ().getCurv e().getFie ld().getFi eldSize(); | |
112 | PW Len = (key LenBits + 7) >> 3; | |
113 | pu blicValue = P11ECKey Factory.ge tEncodedPu blicValue( ecKey); | |
114 | re turn null; | |
115 | } | |
116 | ||
117 | // see JCE spec | |
118 | protec ted byte[] engineGen erateSecre t() throws IllegalSt ateExcepti on { | |
119 | if ((private Key == nul l) || (pub licValue = = null)) { | |
120 | throw ne w IllegalS tateExcept ion("Not i nitialized correctly "); | |
121 | } | |
122 | Se ssion sess ion = null ; | |
123 | tr y { | |
124 | session = token.ge tOpSession (); | |
125 | CK_ATTRI BUTE[] att ributes = new CK_ATT RIBUTE[] { | |
126 | new CK_ATTRIBU TE(CKA_CLA SS, CKO_SE CRET_KEY), | |
127 | new CK_ATTRIBU TE(CKA_KEY _TYPE, CKK _GENERIC_S ECRET), | |
128 | }; | |
129 | CK_ECDH1 _DERIVE_PA RAMS ckPar ams = | |
130 | new CK_ECD H1_DERIVE_ PARAMS(CKD _NULL, nul l, publicV alue); | |
131 | attribut es = token .getAttrib utes | |
132 | (O_G ENERATE, C KO_SECRET_ KEY, CKK_G ENERIC_SEC RET, attri butes); | |
133 | long key ID = token .p11.C_Der iveKey(ses sion.id(), | |
134 | new CK_MECHANI SM(mechani sm, ckPara ms), priva teKey.keyI D, | |
135 | attr ibutes); | |
136 | attribut es = new C K_ATTRIBUT E[] { | |
137 | new CK_ATTRIBU TE(CKA_VAL UE) | |
138 | }; | |
139 | token.p1 1.C_GetAtt ributeValu e(session. id(), keyI D, attribu tes); | |
140 | byte[] PW = attribut es[0].getB yteArray() ; | |
141 | token.p1 1.C_Destro yObject(se ssion.id() , keyID); | |
142 | return PW ; | |
143 | } catch (PKC S11Excepti on e) { | |
144 | throw ne w Provider Exception( "Could not derive ke y", e); | |
145 | } finally { | |
146 | publicVa lue = null ; | |
147 | token.re leaseSessi on(session ); | |
148 | } | |
149 | } | |
150 | ||
151 | // see JCE spec | |
152 | protec ted int en gineGenera teSecret(b yte[] shar edSecret, int | |
153 | offset) throws Ill egalStateE xception, ShortBuffe rException { | |
154 | if (offset + PW Len > shar edSecret.l ength) { | |
155 | throw new ShortBuffe rException ("Need " + PW Len | |
156 | + " bytes, onl y " + (sha redSecret. length - o ffset) + " available "); | |
157 | } | |
158 | byte[] PW = engineGe nerateSecr et(); | |
159 | System.arr aycopy( PW , 0, share dSecret, o ffset, PW .length); | |
160 | return PW .length; | |
161 | } | |
162 | ||
163 | // see JCE spec | |
164 | protec ted Secret Key engine GenerateSe cret(Strin g algorith m) | |
165 | throws I llegalStat eException , NoSuchAl gorithmExc eption, | |
166 | InvalidK eyExceptio n { | |
167 | if (algorith m == null) { | |
168 | throw ne w NoSuchAl gorithmExc eption("Al gorithm mu st not be null"); | |
169 | } | |
170 | if (algorith m.equals(" TlsPremast erSecret") == false) { | |
171 | throw ne w NoSuchAl gorithmExc eption | |
172 | ("On ly support ed for alg orithm Tls PremasterS ecret"); | |
173 | } | |
174 | re turn nativ eGenerateS ecret(algo rithm); | |
175 | } | |
176 | ||
177 | privat e SecretKe y nativeGe nerateSecr et(String algorithm) | |
178 | throws I llegalStat eException , NoSuchAl gorithmExc eption, | |
179 | InvalidK eyExceptio n { | |
180 | if ((private Key == nul l) || (pub licValue = = null)) { | |
181 | throw ne w IllegalS tateExcept ion("Not i nitialized correctly "); | |
182 | } | |
183 | lo ng keyType = CKK_GEN ERIC_SECRE T; | |
184 | Se ssion sess ion = null ; | |
185 | tr y { | |
186 | session = token.ge tObjSessio n(); | |
187 | CK_ATTRI BUTE[] att ributes = new CK_ATT RIBUTE[] { | |
188 | new CK_ATTRIBU TE(CKA_CLA SS, CKO_SE CRET_KEY), | |
189 | new CK_ATTRIBU TE(CKA_KEY _TYPE, key Type), | |
190 | }; | |
191 | CK_ECDH1 _DERIVE_PA RAMS ckPar ams = | |
192 | new CK_ECD H1_DERIVE_ PARAMS(CKD _NULL, nul l, publicV alue); | |
193 | attribut es = token .getAttrib utes | |
194 | (O_G ENERATE, C KO_SECRET_ KEY, keyTy pe, attrib utes); | |
195 | long key ID = token .p11.C_Der iveKey(ses sion.id(), | |
196 | new CK_MECHANI SM(mechani sm, ckPara ms), priva teKey.keyI D, | |
197 | attr ibutes); | |
198 | CK_ATTRI BUTE[] len Attributes = new CK_ ATTRIBUTE[ ] { | |
199 | new CK_ATTRIBU TE(CKA_VAL UE_LEN), | |
200 | }; | |
201 | token.p1 1.C_GetAtt ributeValu e(session. id(), keyI D, lenAttr ibutes); | |
202 | int keyL en = (int) lenAttribu tes[0].get Long(); | |
203 | SecretKey key = P11K ey. PW Key | |
204 | (sessi on, keyID, algorithm , keyLen < < 3, attri butes); | |
205 | return k ey; | |
206 | } catch (PKC S11Excepti on e) { | |
207 | throw ne w InvalidK eyExceptio n("Could n ot derive key", e); | |
208 | } finally { | |
209 | publicVa lue = null ; | |
210 | token.re leaseSessi on(session ); | |
211 | } | |
212 | } | |
213 | ||
214 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.