com.unbound.client.pkcs11.PKCS11RSAPrivateKey Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of unbound-java-provider Show documentation
Show all versions of unbound-java-provider Show documentation
This is a collection of JAVA libraries that implement Unbound cryptographic classes for JAVA provider, PKCS11 wrapper, cryptoki, and advapi
package com.unbound.client.pkcs11;
import com.dyadicsec.cryptoki.*;
import com.unbound.client.*;
import com.unbound.common.Converter;
import com.unbound.provider.KeyParameters;
import java.math.BigInteger;
import java.security.ProviderException;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.ArrayList;
import static com.dyadicsec.cryptoki.CK.*;
public final class PKCS11RSAPrivateKey extends PKCS11Object implements RSAPrivateKeyObject
{
private BigInteger cka_modulus = null;
private BigInteger cka_public_exponent = null;
PKCS11RSAPrivateKey(PKCS11Session session, int handle)
{
super(ObjectType.RSAPrv, handle);
read(session);
}
@Override
public BigInteger getPublicExponent()
{
return cka_public_exponent;
}
@Override
public BigInteger getModulus() { return cka_modulus; }
@Override
protected void getReadTemplate(ArrayList t)
{
super.getReadTemplate(t);
t.add(new CK_ATTRIBUTE(CKA_MODULUS));
t.add(new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT));
}
@Override
protected int acceptReadTempate(CK_ATTRIBUTE[] attrs) throws CKR_Exception
{
int index = super.acceptReadTempate(attrs);
cka_modulus = (BigInteger) attrs[index+0].pValue;
cka_public_exponent = (BigInteger) attrs[index+1].pValue;
return index+2;
}
static ArrayList getNewTemplate(String name, KeyParameters kp)
{
if (name==null && kp!=null) name = kp.getName();
ArrayList t = new ArrayList();
try
{
t.add(new CK_ATTRIBUTE(CKA_TOKEN, true));
t.add(new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY));
t.add(new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA));
if (name!=null) t.add(new CK_ATTRIBUTE(CKA_ID, strToId(name)));
if (kp!=null)
{
if (kp.isSetSign()) t.add(new CK_ATTRIBUTE(CKA_SIGN, kp.isAllowSign()));
if (kp.isSetDecrypt()) t.add(new CK_ATTRIBUTE(CKA_DECRYPT, kp.isAllowDecrypt()));
if (kp.isSetUnwrap()) t.add(new CK_ATTRIBUTE(CKA_UNWRAP, kp.isAllowUnwrap()));
makeExportLevel(t, kp);
}
}
catch (CKR_Exception e)
{
throw new ProviderException(e);
}
return t;
}
static PKCS11RSAPrivateKey importKey(PKCS11Session session, String name, RSAPrivateCrtKey keyValue, KeyParameters kp)
{
try
{
int keySize = keyValue.getModulus().bitLength() / 8;
ArrayList t = getNewTemplate(name, kp);
t.add(new CK_ATTRIBUTE(CKA_MODULUS, Converter.bigNumToBin(keyValue.getModulus(), keySize)));
t.add(new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT, Converter.bigNumToBin(keyValue.getPublicExponent())));
t.add(new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT, Converter.bigNumToBin(keyValue.getPrivateExponent(), keySize)));
t.add(new CK_ATTRIBUTE(CKA_PRIME_1, Converter.bigNumToBin(keyValue.getPrimeP(), keySize/2)));
t.add(new CK_ATTRIBUTE(CKA_PRIME_2, Converter.bigNumToBin(keyValue.getPrimeQ(), keySize/2)));
t.add(new CK_ATTRIBUTE(CKA_EXPONENT_1, Converter.bigNumToBin(keyValue.getPrimeExponentP(), keySize/2)));
t.add(new CK_ATTRIBUTE(CKA_EXPONENT_2, Converter.bigNumToBin(keyValue.getPrimeExponentQ(), keySize/2)));
t.add(new CK_ATTRIBUTE(CKA_COEFFICIENT, Converter.bigNumToBin(keyValue.getCrtCoefficient(), keySize/2)));
int keyHandle = Library.C_CreateObject(session.getHandle(), getAttrs(t));
return new PKCS11RSAPrivateKey(session, keyHandle);
}
catch (CKR_Exception e) { throw new ProviderException(e); }
}
static PKCS11RSAPrivateKey generate(PKCS11Session session, String name, int bitsize, KeyParameters kp)
{
try
{
ArrayList t = getNewTemplate(name, kp);
CK_ATTRIBUTE[] tPub =
{
new CK_ATTRIBUTE(CKA_TOKEN, false),
new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA),
new CK_ATTRIBUTE(CKA_MODULUS_BITS, bitsize),
};
int[] keyHandles = Library.C_GenerateKeyPair(session.getHandle(), new CK_MECHANISM(CK.CKM_RSA_PKCS_KEY_PAIR_GEN), tPub, getAttrs(t));
Library.C_DestroyObject(session.getHandle(), keyHandles[0]);
return new PKCS11RSAPrivateKey(session, keyHandles[1]);
}
catch (CKR_Exception e) { throw new ProviderException(e); }
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy