com.unbound.client.kmip.KMIPDeriveOper Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of unbound-java-provider Show documentation
Show all versions of unbound-java-provider Show documentation
This is a collection of JAVA libraries that implement Unbound cryptographic classes for JAVA provider, PKCS11 wrapper, cryptoki, and advapi
package com.unbound.client.kmip;
import com.unbound.client.DeriveMode;
import com.unbound.client.DeriveOper;
import com.unbound.client.ObjectType;
import com.unbound.client.SecretKeyObject;
import com.unbound.common.Converter;
import com.unbound.common.Log;
import com.unbound.common.crypto.EC;
import com.unbound.kmip.attribute.CryptoParams;
import com.unbound.kmip.request.ActivateRequest;
import com.unbound.kmip.request.DeriveRequest;
import com.unbound.kmip.request.RequestMessage;
import com.unbound.kmip.request.dy.DyDeriveRequest;
import com.unbound.kmip.response.DeriveResponse;
import com.unbound.kmip.response.dy.DyDeriveResponse;
import com.unbound.provider.KeyParameters;
import java.security.ProviderException;
public class KMIPDeriveOper extends DeriveOper
{
private long getKeyUid() { return ((KMIPObject)keyObject).uid; }
private KMIPSession getKmipSession() { return (KMIPSession)session; }
private void setCryptoParams(DyDeriveRequest req)
{
req.params = new CryptoParams();
req.params.cryptoAlg = mode.getKmipAlg();
if (req.params.cryptoAlg==null) req.params.cryptoAlg = ((KMIPObject)keyObject).type.getKmipAlg();
if (mode == DeriveMode.ECDH)
{
EC.Curve curve = ((KMIPECPrivateKey)keyObject).getCurve();
req.data = curve.toDer(ecdhPubKey);
}
if (mode == DeriveMode.ECPRF)
{
req.secretSize = resultLen;
req.data = new byte[4 + prfTweak.length];
Converter.setBE4(req.data, 0, prfPurpose);
System.arraycopy(prfTweak, 0, req.data, 4, prfTweak.length);
}
}
private void setCryptoParams(DeriveRequest req)
{
throw new ProviderException("Not implemented");
}
@Override
protected byte[] hwDerive()
{
int outLen = 0;
Log log = Log.func("KMIPCryptoOperation.derive").end(); try
{
DyDeriveRequest req = new DyDeriveRequest();
req.uid = KMIPObject.uidToStr(getKeyUid());
setCryptoParams(req);
DyDeriveResponse resp = (DyDeriveResponse)getKmipSession().transmit(req);
outLen = resp.data.length;
return resp.data;
}
catch (Exception e) { log.failed(e); throw e; } finally { log.leavePrint().log("outLen", outLen).end(); }
}
@Override
protected SecretKeyObject hwDeriveKey(ObjectType objectType, String name, KeyParameters kp)
{
long uid = 0;
Log log = Log.func("KMIPCryptoOperation.deriveKey").end(); try
{
DeriveRequest req = new DeriveRequest();
req.template = KMIPSecretKey.getTemplate(name, objectType, kp);
req.uid = KMIPObject.uidToStr(getKeyUid());
setCryptoParams(req);
RequestMessage reqMsg = new RequestMessage();
reqMsg.batch.add(req); reqMsg.batch.add(new ActivateRequest());
KMIPSession session = getKmipSession();
DeriveResponse resp = (DeriveResponse)session.transmit(reqMsg).batch.get(0);
uid = KMIPObject.strToUid(resp.uid);
return new KMIPSecretKey(objectType, session, uid);
}
catch (Exception e) { log.failed(e); throw e; } finally { log.leavePrint().logHex("uid", uid).end(); }
}
}