com.unbound.provider.UBSecretKeyFactory Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of unbound-java-provider Show documentation

This is a collection of JAVA libraries that implement Unbound cryptographic classes for JAVA provider, PKCS11 wrapper, cryptoki, and advapi

There is a newer version: 42761

Show newest version

package com.unbound.provider;

import com.unbound.client.*;

import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactorySpi;
import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;

public class UBSecretKeyFactory extends SecretKeyFactorySpi
{
  private final ObjectType type;
  private final Partition partition;

  UBSecretKeyFactory(Partition partition, ObjectType type)
  {
    this.partition = partition;
    this.type = type;
  }

  @Override
  protected SecretKey engineGenerateSecret(KeySpec keySpec) throws InvalidKeySpecException
  {
    KeyParameters keyParameter = null;
    if (keySpec instanceof KeyFactorySpec)
    {
      keyParameter = ((KeyFactorySpec)keySpec).getKeyParams();
      keySpec = ((KeyFactorySpec)keySpec).getOriginal();
    }

    if (keySpec == null) throw new InvalidKeySpecException("keySpec == null");
    if (keySpec instanceof SecretKeySpec)
    {
      byte[] keyValue = ((SecretKeySpec) keySpec).getEncoded();
      int bitSize  = keyValue.length * 8;
      if (type== ObjectType.AES)
      {
        if (bitSize != 128 && bitSize != 192 && bitSize != 256) throw new InvalidKeySpecException("Wrong key size: must be equal to 128, 192 or 256");
      }
      else // hmac
      {
        if (bitSize < 8 || bitSize > 2048) throw new InvalidKeySpecException("Wrong key size");
      }

      SecretKeyObject object = partition.importSecretKey(null, type, keyValue, keyParameter);
      return new UBSecretKey(object);
    }

    throw new InvalidKeySpecException("Must use SecretKeySpec; was " + keySpec.getClass().getName());
  }

  @Override
  protected KeySpec engineGetKeySpec(SecretKey secretKey, Class aClass) throws InvalidKeySpecException
  {
    throw new InvalidKeySpecException("Could not encode key");
  }

  @Override
  protected SecretKey engineTranslateKey(SecretKey secretKey) throws InvalidKeyException
  {
    if (secretKey instanceof UBSecretKey) return secretKey;
    throw new InvalidKeyException("secretKey must be instance of UBSecretKey");
  }

  // --------------------- Sub-classes ---------------------------

  public static final class AES extends UBSecretKeyFactory
  { public AES(Partition partition) { super(partition, ObjectType.AES); }  }
  public static final class DES3 extends UBSecretKeyFactory
  { public DES3(Partition partition) { super(partition, ObjectType.DES3); }  }
  public static final class Hmac extends UBSecretKeyFactory
  { public Hmac(Partition partition) { super(partition, ObjectType.GenericSecret); }  }
}