• Home
• com.github.unbound-tech
• unbound-java-provider
• 2.0.2007.46455
• source code
• KMIPRSAPrivateKey.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.unbound.client.kmip.KMIPRSAPrivateKey Maven / Gradle / Ivy

package com.unbound.client.kmip;

import com.unbound.client.*;
import com.unbound.common.Converter;
import com.unbound.common.Log;
import com.unbound.common.crypto.SHA256;
import com.unbound.common.crypto.SystemProvider;
import com.unbound.kmip.KMIP;
import com.unbound.kmip.attribute.*;
import com.unbound.kmip.object.ManagedObject;
import com.unbound.kmip.request.CreateKeyPairRequest;
import com.unbound.kmip.request.RegisterRequest;
import com.unbound.provider.KeyParameters;

import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.ProviderException;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;

public class KMIPRSAPrivateKey extends KMIPObject implements RSAPrivateKeyObject
{
  private BigInteger modulus = null;
  private BigInteger publicExponent = null;

  KMIPRSAPrivateKey(KMIPSession session, long uid)
  {
    super(ObjectType.RSAPrv, uid);
    read(session);
  }

  static TemplateAttribute getTemplate(String name, KeyParameters kp)
  {
    TemplateAttribute template = new TemplateAttribute();
    if (kp!=null)
    {
      if (name==null) name = kp.getName();
      template.attrs.add(new BoolAttribute(KMIP.Tag.CKA_DECRYPT, kp.isAllowDecrypt()));
      template.attrs.add(new BoolAttribute(KMIP.Tag.CKA_SIGN, kp.isAllowSign()));
      template.attrs.add(new BoolAttribute(KMIP.Tag.CKA_UNWRAP, kp.isAllowUnwrap()));
      makeExportLevel(template, kp);
    }
    else template.attrs.add(new IntAttribute(KMIP.Tag.CryptographicUsageMask,
  KMIP.CryptographicUsageMask.Decrypt |
        KMIP.CryptographicUsageMask.Sign |
        KMIP.CryptographicUsageMask.UnwrapKey));

    template.attrs.add(new EnumAttribute(KMIP.Tag.CryptographicAlgorithm, KMIP.CryptographicAlgorithm.RSA));
    if (name!=null) template.attrs.add(new Name(name));

    return template;
  }


  @Override
  public BigInteger getPublicExponent()
  {
    return publicExponent;
  }

  @Override
  public BigInteger getModulus()
  {
    return modulus;
  }


  @Override
  void acceptManagedObject(ManagedObject managedObject)
  {
    com.unbound.kmip.object.PrivateKey kmipPrivateKey = (com.unbound.kmip.object.PrivateKey)managedObject;
    try
    {
      X509EncodedKeySpec spec = new X509EncodedKeySpec(kmipPrivateKey.keyBlock.buf);
      KeyFactory kf = SystemProvider.KeyFactory.getInstance("RSA");
      RSAPublicKey rsa = (RSAPublicKey) kf.generatePublic(spec);
      modulus = rsa.getModulus();
      publicExponent = rsa.getPublicExponent();
    }
    catch (InvalidKeySpecException e) { throw new ProviderException(e); }
  }

  static RSAPrivateKeyObject importKey(KMIPSession session, String name, RSAPrivateCrtKey keyValue, KeyParameters kp)
  {
    long uid = 0;
    Log log = Log.func("KMIPRSAPrivateKey.importKey").end(); try
    {
      wipeDeletedObject(session, Client.getRsaUid(keyValue.getModulus()));

      RegisterRequest req = new RegisterRequest();
      req.objectType = KMIP.ObjectType.PrivateKey;
      req.template = getTemplate(name, kp);

      com.unbound.kmip.object.PrivateKey mo = new com.unbound.kmip.object.PrivateKey();
      req.object = mo;
      mo.keyBlock.formatType = KMIP.KeyFormatType.PKCS_8;
      mo.keyBlock.buf = keyValue.getEncoded();
      mo.keyBlock.algorithm = KMIP.CryptographicAlgorithm.RSA;

      uid = register(session, req);
      return new KMIPRSAPrivateKey(session, uid);
    }
    catch (Exception e) { log.failed(e); throw e; } finally { log.leavePrint().logHex("UID", uid).end(); }
  }

  static RSAPrivateKeyObject generate(KMIPSession session, String name, int bitSize, KeyParameters kp)
  {
    long uid = 0;
    Log log = Log.func("KMIPRSAPrivateKey.generateRsaKey").log("bitSize", bitSize).end(); try
    {
      TemplateAttribute template = getTemplate(name, kp);
      template.attrs.add(new IntAttribute(KMIP.Tag.CryptographicLength, bitSize));

      CreateKeyPairRequest req = new CreateKeyPairRequest();
      req.prv = template;
      uid = createKeyPair(session, req);
      return new KMIPRSAPrivateKey(session, uid);
    }
    catch (Exception e) { log.failed(e); throw e; } finally { log.leavePrint().logHex("UID", uid).end(); }
  }

}