com.unbound.client.kmip.KMIPECPRFKey Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of unbound-java-provider Show documentation

This is a collection of JAVA libraries that implement Unbound cryptographic classes for JAVA provider, PKCS11 wrapper, cryptoki, and advapi

There is a newer version: 42761

Show newest version

package com.unbound.client.kmip;

import com.dyadicsec.cryptoki.CK;
import com.unbound.client.ECPRFKey;
import com.unbound.client.ObjectType;
import com.unbound.common.Log;
import com.unbound.kmip.KMIP;
import com.unbound.kmip.attribute.*;
import com.unbound.kmip.request.ActivateRequest;
import com.unbound.kmip.request.CreateKeyPairRequest;
import com.unbound.kmip.request.CreateRequest;
import com.unbound.kmip.request.RequestMessage;
import com.unbound.kmip.response.CreateKeyPairResponse;
import com.unbound.kmip.response.CreateResponse;
import com.unbound.kmip.response.ResponseMessage;
import com.unbound.provider.KeyParameters;


public class KMIPECPRFKey extends KMIPObject implements ECPRFKey
{
  KMIPECPRFKey(KMIPSession session, long uid)
  {
    super(ObjectType.ECPrf, uid);
    read(session);
  }


  static TemplateAttribute getTemplate(String name, KeyParameters kp)
  {
    TemplateAttribute template = new TemplateAttribute();
    template.attrs.add(new EnumAttribute(KMIP.Tag.CryptographicAlgorithm, KMIP.CryptographicAlgorithm.DyPRF));

    if (kp!=null)
    {
      if (name==null) name = kp.getName();
      template.attrs.add(new BoolAttribute(KMIP.Tag.CKA_ENCRYPT, kp.isAllowEncrypt()));
      template.attrs.add(new BoolAttribute(KMIP.Tag.CKA_DECRYPT, kp.isAllowDecrypt()));
      template.attrs.add(new BoolAttribute(KMIP.Tag.CKA_DERIVE, kp.isAllowDerive()));
      makeExportLevel(template, kp);
    }
    else
    {
      int usageMask =
        KMIP.CryptographicUsageMask.DeriveKey |
        KMIP.CryptographicUsageMask.Encrypt |
        KMIP.CryptographicUsageMask.Decrypt;
      template.attrs.add(new IntAttribute(KMIP.Tag.CryptographicUsageMask, usageMask));
    }

    if (name!=null) template.attrs.add(new Name(name));

    return template;
  }

  static KMIPECPRFKey generate(KMIPSession session, String name, KeyParameters kp)
  {
    long uid = 0;
    Log log = Log.func("KMIPECPRFKey.generate").log("name", name).end(); try
    {
      CreateKeyPairRequest req = new CreateKeyPairRequest();
      req.prv = getTemplate(name, kp);
      req.prv.attrs.add(new EnumAttribute(KMIP.Tag.CKA_KEY_TYPE, CK.DYCKK_ADV_PRF));

      RequestMessage reqMsg = new RequestMessage();
      reqMsg.batch.add(req);
      reqMsg.batch.add(new ActivateRequest());
      ResponseMessage respMsg = session.transmit(reqMsg);
      CreateKeyPairResponse resp = (CreateKeyPairResponse)respMsg.batch.get(0);
      uid = strToUid(resp.prvUID);
      return new KMIPECPRFKey(session, uid);
    }
    catch (Exception e) { log.failed(e); throw e; } finally { log.leavePrint().logHex("UID", uid).end(); }
  }

}