Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java
41154 views
1
/*

2
 * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25


26
package sun.security.pkcs11;

27


28
import java.security.*;

29
import java.security.spec.AlgorithmParameterSpec;

30


31
import javax.crypto.*;

32
import javax.crypto.spec.*;

33


34
import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;

35


36
import static sun.security.pkcs11.TemplateManager.*;

37
import sun.security.pkcs11.wrapper.*;

38
import static sun.security.pkcs11.wrapper.PKCS11Constants.*;

39


40
/**

41
 * KeyGenerator for the SSL/TLS RSA premaster secret.

42
 *

43
 * @author  Andreas Sterbenz

44
 * @since   1.6

45
 */

46
final class P11TlsRsaPremasterSecretGenerator extends KeyGeneratorSpi {

47


48
    private static final String MSG = "TlsRsaPremasterSecretGenerator must be "

49
        + "initialized using a TlsRsaPremasterSecretParameterSpec";

50


51
    // token instance

52
    private final Token token;

53


54
    // algorithm name

55
    private final String algorithm;

56


57
    // mechanism id

58
    private long mechanism;

59


60
    @SuppressWarnings("deprecation")

61
    private TlsRsaPremasterSecretParameterSpec spec;

62


63
    // whether SSLv3 is supported

64
    private final boolean supportSSLv3;

65


66
    P11TlsRsaPremasterSecretGenerator(Token token, String algorithm, long mechanism)

67
            throws PKCS11Exception {

68
        super();

69
        this.token = token;

70
        this.algorithm = algorithm;

71
        this.mechanism = mechanism;

72


73
        // Given the current lookup order specified in SunPKCS11.java,

74
        // if CKM_SSL3_PRE_MASTER_KEY_GEN is not used to construct this object,

75
        // it means that this mech is disabled or unsupported.

76
        this.supportSSLv3 = (mechanism == CKM_SSL3_PRE_MASTER_KEY_GEN);

77
    }

78


79
    protected void engineInit(SecureRandom random) {

80
        throw new InvalidParameterException(MSG);

81
    }

82


83
    @SuppressWarnings("deprecation")

84
    protected void engineInit(AlgorithmParameterSpec params,

85
            SecureRandom random) throws InvalidAlgorithmParameterException {

86
        if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {

87
            throw new InvalidAlgorithmParameterException(MSG);

88
        }

89


90
        TlsRsaPremasterSecretParameterSpec spec =

91
            (TlsRsaPremasterSecretParameterSpec) params;

92
        int tlsVersion = (spec.getMajorVersion() << 8) | spec.getMinorVersion();

93


94
        if ((tlsVersion == 0x0300 && !supportSSLv3) ||

95
                (tlsVersion < 0x0300) || (tlsVersion > 0x0303)) {

96
             throw new InvalidAlgorithmParameterException

97
                    ("Only" + (supportSSLv3? " SSL 3.0,": "") +

98
                     " TLS 1.0, TLS 1.1 and TLS 1.2 are supported (" +

99
                     tlsVersion + ")");

100
        }

101
        this.spec = spec;

102
    }

103


104
    protected void engineInit(int keysize, SecureRandom random) {

105
        throw new InvalidParameterException(MSG);

106
    }

107


108
    // Only can be used in client side to generate TLS RSA premaster secret.

109
    protected SecretKey engineGenerateKey() {

110
        if (spec == null) {

111
            throw new IllegalStateException

112
                        ("TlsRsaPremasterSecretGenerator must be initialized");

113
        }

114


115
        CK_VERSION version = new CK_VERSION(

116
                        spec.getMajorVersion(), spec.getMinorVersion());

117
        Session session = null;

118
        try {

119
            session = token.getObjSession();

120
            CK_ATTRIBUTE[] attributes = token.getAttributes(

121
                    O_GENERATE, CKO_SECRET_KEY,

122
                    CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]);

123
            long keyID = token.p11.C_GenerateKey(session.id(),

124
                    new CK_MECHANISM(mechanism, version), attributes);

125
            SecretKey key = P11Key.secretKey(session,

126
                    keyID, "TlsRsaPremasterSecret", 48 << 3, attributes);

127
            return key;

128
        } catch (PKCS11Exception e) {

129
            throw new ProviderException(

130
                    "Could not generate premaster secret", e);

131
        } finally {

132
            token.releaseSession(session);

133
        }

134
    }

135


136
}

137


138