org.conscrypt.OpenSSLECDHKeyAgreement Maven / Gradle / Ivy
/*
* Copyright (C) 2013 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.conscrypt;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.KeyAgreementSpi;
import javax.crypto.SecretKey;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.SecretKeySpec;
/**
* Elliptic Curve Diffie-Hellman key agreement backed by the OpenSSL engine.
*/
@Internal
public final class OpenSSLECDHKeyAgreement extends KeyAgreementSpi {
/** OpenSSL handle of the private key. Only available after the engine has been initialized. */
private OpenSSLKey mOpenSslPrivateKey;
/**
* Expected length (in bytes) of the agreed key ({@link #mResult}). Only available after the
* engine has been initialized.
*/
private int mExpectedResultLength;
/** Agreed key. Only available after {@link #engineDoPhase(Key, boolean)} completes. */
private byte[] mResult;
public OpenSSLECDHKeyAgreement() {}
@Override
public Key engineDoPhase(Key key, boolean lastPhase) throws InvalidKeyException {
if (mOpenSslPrivateKey == null) {
throw new IllegalStateException("Not initialized");
}
if (!lastPhase) {
throw new IllegalStateException("ECDH only has one phase");
}
if (key == null) {
throw new InvalidKeyException("key == null");
}
if (!(key instanceof PublicKey)) {
throw new InvalidKeyException("Not a public key: " + key.getClass());
}
OpenSSLKey openSslPublicKey = OpenSSLKey.fromPublicKey((PublicKey) key);
byte[] buffer = new byte[mExpectedResultLength];
int actualResultLength = NativeCrypto.ECDH_compute_key(
buffer,
0,
openSslPublicKey.getNativeRef(),
mOpenSslPrivateKey.getNativeRef());
byte[] result;
if (actualResultLength == -1) {
throw new RuntimeException("Engine returned " + actualResultLength);
} else if (actualResultLength == mExpectedResultLength) {
// The output is as long as expected -- use the whole buffer
result = buffer;
} else if (actualResultLength < mExpectedResultLength) {
// The output is shorter than expected -- use only what's produced by the engine
result = new byte[actualResultLength];
System.arraycopy(buffer, 0, mResult, 0, mResult.length);
} else {
// The output is longer than expected
throw new RuntimeException("Engine produced a longer than expected result. Expected: "
+ mExpectedResultLength + ", actual: " + actualResultLength);
}
mResult = result;
return null; // No intermediate key
}
@Override
protected int engineGenerateSecret(byte[] sharedSecret, int offset)
throws ShortBufferException {
checkCompleted();
int available = sharedSecret.length - offset;
if (mResult.length > available) {
throw new ShortBufferException(
"Needed: " + mResult.length + ", available: " + available);
}
System.arraycopy(mResult, 0, sharedSecret, offset, mResult.length);
return mResult.length;
}
@Override
protected byte[] engineGenerateSecret() {
checkCompleted();
return mResult;
}
@Override
protected SecretKey engineGenerateSecret(String algorithm) {
checkCompleted();
return new SecretKeySpec(engineGenerateSecret(), algorithm);
}
@Override
protected void engineInit(Key key, SecureRandom random) throws InvalidKeyException {
if (key == null) {
throw new InvalidKeyException("key == null");
}
if (!(key instanceof PrivateKey)) {
throw new InvalidKeyException("Not a private key: " + key.getClass());
}
OpenSSLKey openSslKey = OpenSSLKey.fromPrivateKey((PrivateKey) key);
int fieldSizeBits = NativeCrypto.EC_GROUP_get_degree(new NativeRef.EC_GROUP(
NativeCrypto.EC_KEY_get1_group(openSslKey.getNativeRef())));
mExpectedResultLength = (fieldSizeBits + 7) / 8;
mOpenSslPrivateKey = openSslKey;
}
@Override
protected void engineInit(Key key, AlgorithmParameterSpec params,
SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
// ECDH doesn't need an AlgorithmParameterSpec
if (params != null) {
throw new InvalidAlgorithmParameterException("No algorithm parameters supported");
}
engineInit(key, random);
}
private void checkCompleted() {
if (mResult == null) {
throw new IllegalStateException("Key agreement not completed");
}
}
}