001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */package org.apache.geronimo.crypto.jce.provider;
017:
018: import java.io.ByteArrayInputStream;
019: import java.io.IOException;
020: import java.io.InputStream;
021: import java.security.InvalidKeyException;
022: import java.security.Key;
023: import java.security.KeyFactorySpi;
024: import java.security.PrivateKey;
025: import java.security.PublicKey;
026: import java.security.interfaces.DSAPrivateKey;
027: import java.security.interfaces.DSAPublicKey;
028: import java.security.interfaces.RSAPrivateCrtKey;
029: import java.security.interfaces.RSAPrivateKey;
030: import java.security.interfaces.RSAPublicKey;
031: import java.security.spec.DSAPrivateKeySpec;
032: import java.security.spec.DSAPublicKeySpec;
033: import java.security.spec.InvalidKeySpecException;
034: import java.security.spec.KeySpec;
035: import java.security.spec.PKCS8EncodedKeySpec;
036: import java.security.spec.RSAPrivateCrtKeySpec;
037: import java.security.spec.RSAPrivateKeySpec;
038: import java.security.spec.RSAPublicKeySpec;
039: import java.security.spec.X509EncodedKeySpec;
040:
041: import javax.crypto.interfaces.DHPrivateKey;
042: import javax.crypto.interfaces.DHPublicKey;
043: import javax.crypto.spec.DHPrivateKeySpec;
044: import javax.crypto.spec.DHPublicKeySpec;
045:
046: import org.apache.geronimo.crypto.asn1.ASN1InputStream;
047: import org.apache.geronimo.crypto.asn1.ASN1Sequence;
048: import org.apache.geronimo.crypto.asn1.cryptopro.CryptoProObjectIdentifiers;
049: import org.apache.geronimo.crypto.asn1.oiw.OIWObjectIdentifiers;
050: import org.apache.geronimo.crypto.asn1.pkcs.PKCSObjectIdentifiers;
051: import org.apache.geronimo.crypto.asn1.pkcs.PrivateKeyInfo;
052: import org.apache.geronimo.crypto.asn1.pkcs.RSAPrivateKeyStructure;
053: import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
054: import org.apache.geronimo.crypto.asn1.x509.SubjectPublicKeyInfo;
055: import org.apache.geronimo.crypto.asn1.x509.X509ObjectIdentifiers;
056: import org.apache.geronimo.crypto.asn1.x9.X9ObjectIdentifiers;
057: import org.apache.geronimo.crypto.jce.provider.JCEDHPrivateKey;
058: import org.apache.geronimo.crypto.jce.provider.JCEDHPublicKey;
059:
060: public abstract class JDKKeyFactory extends KeyFactorySpi {
061: public JDKKeyFactory() {
062: }
063:
064: protected KeySpec engineGetKeySpec(Key key, Class spec)
065: throws InvalidKeySpecException {
066: if (spec.isAssignableFrom(PKCS8EncodedKeySpec.class)
067: && key.getFormat().equals("PKCS#8")) {
068: return new PKCS8EncodedKeySpec(key.getEncoded());
069: } else if (spec.isAssignableFrom(X509EncodedKeySpec.class)
070: && key.getFormat().equals("X.509")) {
071: return new X509EncodedKeySpec(key.getEncoded());
072: } else if (spec.isAssignableFrom(RSAPublicKeySpec.class)
073: && key instanceof RSAPublicKey) {
074: RSAPublicKey k = (RSAPublicKey) key;
075:
076: return new RSAPublicKeySpec(k.getModulus(), k
077: .getPublicExponent());
078: } else if (spec.isAssignableFrom(RSAPrivateKeySpec.class)
079: && key instanceof RSAPrivateKey) {
080: RSAPrivateKey k = (RSAPrivateKey) key;
081:
082: return new RSAPrivateKeySpec(k.getModulus(), k
083: .getPrivateExponent());
084: } else if (spec.isAssignableFrom(RSAPrivateCrtKeySpec.class)
085: && key instanceof RSAPrivateCrtKey) {
086: RSAPrivateCrtKey k = (RSAPrivateCrtKey) key;
087:
088: return new RSAPrivateCrtKeySpec(k.getModulus(), k
089: .getPublicExponent(), k.getPrivateExponent(), k
090: .getPrimeP(), k.getPrimeQ(), k.getPrimeExponentP(),
091: k.getPrimeExponentQ(), k.getCrtCoefficient());
092: } else if (spec.isAssignableFrom(DHPrivateKeySpec.class)
093: && key instanceof DHPrivateKey) {
094: DHPrivateKey k = (DHPrivateKey) key;
095:
096: return new DHPrivateKeySpec(k.getX(), k.getParams().getP(),
097: k.getParams().getG());
098: } else if (spec.isAssignableFrom(DHPublicKeySpec.class)
099: && key instanceof DHPublicKey) {
100: DHPublicKey k = (DHPublicKey) key;
101:
102: return new DHPublicKeySpec(k.getY(), k.getParams().getP(),
103: k.getParams().getG());
104: }
105:
106: throw new RuntimeException("not implemented yet " + key + " "
107: + spec);
108: }
109:
110: protected Key engineTranslateKey(Key key)
111: throws InvalidKeyException {
112: if (key instanceof RSAPublicKey) {
113: return new JCERSAPublicKey((RSAPublicKey) key);
114: } else if (key instanceof RSAPrivateCrtKey) {
115: return new JCERSAPrivateCrtKey((RSAPrivateCrtKey) key);
116: } else if (key instanceof RSAPrivateKey) {
117: return new JCERSAPrivateKey((RSAPrivateKey) key);
118: } else if (key instanceof DHPublicKey) {
119: return new JCEDHPublicKey((DHPublicKey) key);
120: } else if (key instanceof DHPrivateKey) {
121: return new JCEDHPrivateKey((DHPrivateKey) key);
122: } else if (key instanceof DSAPublicKey) {
123: return new JDKDSAPublicKey((DSAPublicKey) key);
124: } else if (key instanceof DSAPrivateKey) {
125: return new JDKDSAPrivateKey((DSAPrivateKey) key);
126: }
127: throw new InvalidKeyException("key type unknown");
128: }
129:
130: /**
131: * create a public key from the given DER encoded input stream.
132: */
133: static PublicKey createPublicKeyFromDERStream(InputStream in)
134: throws IOException {
135: return createPublicKeyFromPublicKeyInfo(new SubjectPublicKeyInfo(
136: (ASN1Sequence) (new ASN1InputStream(in).readObject())));
137: }
138:
139: /**
140: * create a public key from the given public key info object.
141: */
142: static PublicKey createPublicKeyFromPublicKeyInfo(
143: SubjectPublicKeyInfo info) {
144: AlgorithmIdentifier algId = info.getAlgorithmId();
145:
146: if (algId.getObjectId().equals(
147: PKCSObjectIdentifiers.rsaEncryption)
148: || algId.getObjectId().equals(
149: X509ObjectIdentifiers.id_ea_rsa)) {
150: return new JCERSAPublicKey(info);
151: } else if (algId.getObjectId().equals(
152: PKCSObjectIdentifiers.dhKeyAgreement)) {
153: return new JCEDHPublicKey(info);
154: } else if (algId.getObjectId().equals(
155: X9ObjectIdentifiers.dhpublicnumber)) {
156: return new JCEDHPublicKey(info);
157: } else if (algId.getObjectId().equals(
158: X9ObjectIdentifiers.id_dsa)) {
159: return new JDKDSAPublicKey(info);
160: } else if (algId.getObjectId().equals(
161: OIWObjectIdentifiers.dsaWithSHA1)) {
162: return new JDKDSAPublicKey(info);
163: } else {
164: throw new RuntimeException(
165: "algorithm identifier in key not recognised");
166: }
167: }
168:
169: /**
170: * create a private key from the given DER encoded input stream.
171: */
172: static PrivateKey createPrivateKeyFromDERStream(InputStream in)
173: throws IOException {
174: return createPrivateKeyFromPrivateKeyInfo(new PrivateKeyInfo(
175: (ASN1Sequence) (new ASN1InputStream(in).readObject())));
176: }
177:
178: /**
179: * create a private key from the given public key info object.
180: */
181: static PrivateKey createPrivateKeyFromPrivateKeyInfo(
182: PrivateKeyInfo info) {
183: AlgorithmIdentifier algId = info.getAlgorithmId();
184:
185: if (algId.getObjectId().equals(
186: PKCSObjectIdentifiers.rsaEncryption)) {
187: return new JCERSAPrivateCrtKey(info);
188: } else if (algId.getObjectId().equals(
189: PKCSObjectIdentifiers.dhKeyAgreement)) {
190: return new JCEDHPrivateKey(info);
191: } else if (algId.getObjectId().equals(
192: X9ObjectIdentifiers.id_dsa)) {
193: return new JDKDSAPrivateKey(info);
194: } else {
195: throw new RuntimeException(
196: "algorithm identifier in key not recognised");
197: }
198: }
199:
200: public static class RSA extends JDKKeyFactory {
201: public RSA() {
202: }
203:
204: protected PrivateKey engineGeneratePrivate(KeySpec keySpec)
205: throws InvalidKeySpecException {
206: if (keySpec instanceof PKCS8EncodedKeySpec) {
207: try {
208: return JDKKeyFactory
209: .createPrivateKeyFromDERStream(new ByteArrayInputStream(
210: ((PKCS8EncodedKeySpec) keySpec)
211: .getEncoded()));
212: } catch (Exception e) {
213: //
214: // in case it's just a RSAPrivateKey object...
215: //
216: try {
217: return new JCERSAPrivateCrtKey(
218: new RSAPrivateKeyStructure(
219: (ASN1Sequence) new ASN1InputStream(
220: new ByteArrayInputStream(
221: ((PKCS8EncodedKeySpec) keySpec)
222: .getEncoded()))
223: .readObject()));
224: } catch (Exception ex) {
225: throw (InvalidKeySpecException) new InvalidKeySpecException(
226: ex.getMessage()).initCause(ex);
227: }
228: }
229: } else if (keySpec instanceof RSAPrivateCrtKeySpec) {
230: return new JCERSAPrivateCrtKey(
231: (RSAPrivateCrtKeySpec) keySpec);
232: } else if (keySpec instanceof RSAPrivateKeySpec) {
233: return new JCERSAPrivateKey((RSAPrivateKeySpec) keySpec);
234: }
235:
236: throw new InvalidKeySpecException("Unknown KeySpec type.");
237: }
238:
239: protected PublicKey engineGeneratePublic(KeySpec keySpec)
240: throws InvalidKeySpecException {
241: if (keySpec instanceof X509EncodedKeySpec) {
242: try {
243: return JDKKeyFactory
244: .createPublicKeyFromDERStream(new ByteArrayInputStream(
245: ((X509EncodedKeySpec) keySpec)
246: .getEncoded()));
247: } catch (Exception e) {
248: throw (InvalidKeySpecException) new InvalidKeySpecException(
249: e.getMessage()).initCause(e);
250: }
251: } else if (keySpec instanceof RSAPublicKeySpec) {
252: return new JCERSAPublicKey((RSAPublicKeySpec) keySpec);
253: }
254:
255: throw new InvalidKeySpecException("Unknown KeySpec type.");
256: }
257: }
258:
259: public static class DH extends JDKKeyFactory {
260: public DH() {
261: }
262:
263: protected PrivateKey engineGeneratePrivate(KeySpec keySpec)
264: throws InvalidKeySpecException {
265: if (keySpec instanceof PKCS8EncodedKeySpec) {
266: try {
267: return JDKKeyFactory
268: .createPrivateKeyFromDERStream(new ByteArrayInputStream(
269: ((PKCS8EncodedKeySpec) keySpec)
270: .getEncoded()));
271: } catch (Exception e) {
272: throw (InvalidKeySpecException) new InvalidKeySpecException(
273: e.getMessage()).initCause(e);
274: }
275: } else if (keySpec instanceof DHPrivateKeySpec) {
276: return new JCEDHPrivateKey((DHPrivateKeySpec) keySpec);
277: }
278:
279: throw new InvalidKeySpecException("Unknown KeySpec type.");
280: }
281:
282: protected PublicKey engineGeneratePublic(KeySpec keySpec)
283: throws InvalidKeySpecException {
284: if (keySpec instanceof X509EncodedKeySpec) {
285: try {
286: return JDKKeyFactory
287: .createPublicKeyFromDERStream(new ByteArrayInputStream(
288: ((X509EncodedKeySpec) keySpec)
289: .getEncoded()));
290: } catch (Exception e) {
291: throw (InvalidKeySpecException) new InvalidKeySpecException(
292: e.getMessage()).initCause(e);
293: }
294: } else if (keySpec instanceof DHPublicKeySpec) {
295: return new JCEDHPublicKey((DHPublicKeySpec) keySpec);
296: }
297:
298: throw new InvalidKeySpecException("Unknown KeySpec type.");
299: }
300: }
301:
302: public static class DSA extends JDKKeyFactory {
303: public DSA() {
304: }
305:
306: protected PrivateKey engineGeneratePrivate(KeySpec keySpec)
307: throws InvalidKeySpecException {
308: if (keySpec instanceof PKCS8EncodedKeySpec) {
309: try {
310: return JDKKeyFactory
311: .createPrivateKeyFromDERStream(new ByteArrayInputStream(
312: ((PKCS8EncodedKeySpec) keySpec)
313: .getEncoded()));
314: } catch (Exception e) {
315: throw (InvalidKeySpecException) new InvalidKeySpecException(
316: e.getMessage()).initCause(e);
317: }
318: } else if (keySpec instanceof DSAPrivateKeySpec) {
319: return new JDKDSAPrivateKey((DSAPrivateKeySpec) keySpec);
320: }
321:
322: throw new InvalidKeySpecException("Unknown KeySpec type.");
323: }
324:
325: protected PublicKey engineGeneratePublic(KeySpec keySpec)
326: throws InvalidKeySpecException {
327: if (keySpec instanceof X509EncodedKeySpec) {
328: try {
329: return JDKKeyFactory
330: .createPublicKeyFromDERStream(new ByteArrayInputStream(
331: ((X509EncodedKeySpec) keySpec)
332: .getEncoded()));
333: } catch (Exception e) {
334: throw (InvalidKeySpecException) new InvalidKeySpecException(
335: e.getMessage()).initCause(e);
336: }
337: } else if (keySpec instanceof DSAPublicKeySpec) {
338: return new JDKDSAPublicKey((DSAPublicKeySpec) keySpec);
339: }
340:
341: throw new InvalidKeySpecException("Unknown KeySpec type.");
342: }
343: }
344:
345: public static class EC extends JDKKeyFactory {
346: String algorithm;
347:
348: public EC() {
349: this ("EC");
350: }
351:
352: public EC(String algorithm) {
353: this .algorithm = algorithm;
354: }
355:
356: protected PrivateKey engineGeneratePrivate(KeySpec keySpec)
357: throws InvalidKeySpecException {
358: if (keySpec instanceof PKCS8EncodedKeySpec) {
359: try {
360: return JDKKeyFactory
361: .createPrivateKeyFromDERStream(new ByteArrayInputStream(
362: ((PKCS8EncodedKeySpec) keySpec)
363: .getEncoded()));
364: } catch (Exception e) {
365: throw (InvalidKeySpecException) new InvalidKeySpecException(
366: e.getMessage()).initCause(e);
367: }
368: }
369:
370: throw new InvalidKeySpecException("Unknown KeySpec type.");
371: }
372:
373: protected PublicKey engineGeneratePublic(KeySpec keySpec)
374: throws InvalidKeySpecException {
375: if (keySpec instanceof X509EncodedKeySpec) {
376: try {
377: return JDKKeyFactory
378: .createPublicKeyFromDERStream(new ByteArrayInputStream(
379: ((X509EncodedKeySpec) keySpec)
380: .getEncoded()));
381: } catch (Exception e) {
382: throw (InvalidKeySpecException) new InvalidKeySpecException(
383: e.getMessage()).initCause(e);
384: }
385: }
386:
387: throw new InvalidKeySpecException("Unknown KeySpec type.");
388: }
389: }
390: }
|