Refactor crypto code

Move some of the crypto functions in EncryptionUnit to CryptoUtil. Change-Id: Iee391392fb88a87f6af3b450b69508fd52729a62
author: Ade Lee <alee@redhat.com> 2017-03-08 23:46:30 -0500
committer: Ade Lee <alee@redhat.com> 2017-03-14 17:10:28 -0400
commit: 7e42ef2f63a73931610252db3e30b8a7357e4425 (patch)
tree: 719b1af07a52931038993c12633c8963165dff6f /base/java-tools/src/com
parent: 5fb045fe888000d447cf56079b0404410adea70a (diff)
download: pki-7e42ef2f63a73931610252db3e30b8a7357e4425.tar.gz
pki-7e42ef2f63a73931610252db3e30b8a7357e4425.tar.xz
pki-7e42ef2f63a73931610252db3e30b8a7357e4425.zip
1 files changed, 7 insertions, 7 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java b/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java
index 8d5bd1f8a..0a05a395a 100644
--- a/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java
+++ b/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java
@@ -59,7 +59,6 @@ import org.mozilla.jss.crypto.KeyGenerator;
 import org.mozilla.jss.crypto.KeyPairAlgorithm;
 import org.mozilla.jss.crypto.KeyPairGenerator;
 import org.mozilla.jss.crypto.KeyWrapAlgorithm;
-import org.mozilla.jss.crypto.KeyWrapper;
 import org.mozilla.jss.crypto.Signature;
 import org.mozilla.jss.crypto.SignatureAlgorithm;
 import org.mozilla.jss.crypto.SymmetricKey;
@@ -551,9 +550,12 @@ public class CRMFPopClient {
     public byte[] wrapPrivateKey(CryptoToken token, SymmetricKey sessionKey, byte[] iv, KeyPair keyPair) throws Exception {
 
         // wrap private key using session
-        KeyWrapper wrapper = token.getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD);
-        wrapper.initWrap(sessionKey, new IVParameterSpec(iv));
-        return wrapper.wrap((org.mozilla.jss.crypto.PrivateKey) keyPair.getPrivate());
+        return CryptoUtil.wrapUsingSymmetricKey(
+                token,
+                sessionKey,
+                (org.mozilla.jss.crypto.PrivateKey) keyPair.getPrivate(),
+                new IVParameterSpec(iv),
+                KeyWrapAlgorithm.DES3_CBC_PAD);
     }
 
     public byte[] wrapSessionKey(CryptoToken token, X509Certificate transportCert, SymmetricKey sessionKey) throws Exception {
@@ -561,9 +563,7 @@ public class CRMFPopClient {
         // wrap session key using KRA transport cert
         // currently, a transport cert has to be an RSA cert,
         // regardless of the key you are wrapping
-        KeyWrapper wrapper = token.getKeyWrapper(KeyWrapAlgorithm.RSA);
-        wrapper.initWrap(transportCert.getPublicKey(), null);
-        return wrapper.wrap(sessionKey);
+        return CryptoUtil.wrapUsingPublicKey(token, transportCert.getPublicKey(), sessionKey, KeyWrapAlgorithm.RSA);
     }
 
     public CertRequest createCertRequest(
author	Ade Lee <alee@redhat.com>	2017-03-08 23:46:30 -0500
committer	Ade Lee <alee@redhat.com>	2017-03-14 17:10:28 -0400
commit	7e42ef2f63a73931610252db3e30b8a7357e4425 (patch)
tree	719b1af07a52931038993c12633c8963165dff6f /base/java-tools/src/com
parent	5fb045fe888000d447cf56079b0404410adea70a (diff)
download	pki-7e42ef2f63a73931610252db3e30b8a7357e4425.tar.gz pki-7e42ef2f63a73931610252db3e30b8a7357e4425.tar.xz pki-7e42ef2f63a73931610252db3e30b8a7357e4425.zip