summaryrefslogtreecommitdiffstats
path: root/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
diff options
context:
space:
mode:
Diffstat (limited to 'base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java')
-rw-r--r--base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java92
1 files changed, 83 insertions, 9 deletions
diff --git a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
index 06f177887..82a98c082 100644
--- a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
+++ b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
@@ -218,15 +218,46 @@ public class CryptoUtil {
NoSuchTokenException,
NoSuchAlgorithmException,
TokenException {
+ return generateECCKeyPair(token, keysize, usage_ops, usage_mask,
+ false, -1, -1);
+ }
+
+ /*
+ * temporary, sensitive, and extractable usages are per defined in
+ * JSS pkcs11/PK11KeyPairGenerator.java
+ */
+ public static KeyPair generateECCKeyPair(String token, int keysize,
+ org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
+ org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask,
+ boolean temporary, int sensitive, int extractable)
+ throws CryptoManager.NotInitializedException,
+ NoSuchTokenException,
+ NoSuchAlgorithmException,
+ TokenException {
+
CryptoToken t = getTokenByName(token);
KeyPairAlgorithm alg = KeyPairAlgorithm.EC;
- KeyPairGenerator g = t.getKeyPairGenerator(alg);
+ KeyPairGenerator keygen = t.getKeyPairGenerator(alg);
- g.setKeyPairUsages(usage_ops, usage_mask);
- g.initialize(keysize);
+ keygen.setKeyPairUsages(usage_ops, usage_mask);
+ keygen.initialize(keysize);
+ keygen.setKeyPairUsages(usage_ops, usage_mask);
+ keygen.temporaryPairs(temporary);
- KeyPair pair = g.genKeyPair();
+ if (sensitive == 1 )
+ keygen.sensitivePairs(true);
+ else if (sensitive == 0)
+ keygen.sensitivePairs(false);
+
+ if (extractable == 1 )
+ keygen.extractablePairs(true);
+ else if (extractable == 0)
+ keygen.extractablePairs(false);
+
+ keygen.initialize(keysize);
+
+ KeyPair pair = keygen.genKeyPair();
return pair;
}
@@ -261,6 +292,20 @@ public class CryptoUtil {
return generateECCKeyPair(t, curveName, usage_ops, usage_mask);
}
+ public static KeyPair generateECCKeyPair(String token, String curveName,
+ org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
+ org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask,
+ boolean temporary, int sensitive, int extractable)
+ throws CryptoManager.NotInitializedException,
+ NoSuchTokenException,
+ NoSuchAlgorithmException,
+ TokenException {
+ CryptoToken t = getTokenByName(token);
+ return generateECCKeyPair(t, curveName, usage_ops, usage_mask,
+ temporary, sensitive, extractable);
+ }
+
+
public static KeyPair generateECCKeyPair(CryptoToken token, String curveName,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask)
@@ -268,23 +313,52 @@ public class CryptoUtil {
NoSuchTokenException,
NoSuchAlgorithmException,
TokenException {
+ return generateECCKeyPair(token, curveName, usage_ops, usage_mask,
+ false, -1, -1);
+ }
+
+ /*
+ * temporary, sensitive, and extractable usages are per defined in
+ * JSS pkcs11/PK11KeyPairGenerator.java
+ */
+ public static KeyPair generateECCKeyPair(CryptoToken token, String curveName,
+ org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
+ org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask,
+ boolean temporary, int sensitive, int extractable)
+ throws CryptoManager.NotInitializedException,
+ NoSuchTokenException,
+ NoSuchAlgorithmException,
+ TokenException {
+
KeyPairAlgorithm alg = KeyPairAlgorithm.EC;
- KeyPairGenerator g = token.getKeyPairGenerator(alg);
+ KeyPairGenerator keygen = token.getKeyPairGenerator(alg);
+
+ keygen.setKeyPairUsages(usage_ops, usage_mask);
+ keygen.setKeyPairUsages(usage_ops, usage_mask);
+ keygen.temporaryPairs(temporary);
- g.setKeyPairUsages(usage_ops, usage_mask);
+ if (sensitive == 1 )
+ keygen.sensitivePairs(true);
+ else if (sensitive == 0)
+ keygen.sensitivePairs(false);
+
+ if (extractable == 1 )
+ keygen.extractablePairs(true);
+ else if (extractable == 0)
+ keygen.extractablePairs(false);
System.out.println("CryptoUtil: generateECCKeyPair: curve = " + curveName);
int curveCode = 0;
try {
- curveCode = g.getCurveCodeByName(curveName);
+ curveCode = keygen.getCurveCodeByName(curveName);
} catch (Exception e) {
System.out.println("CryptoUtil: generateECCKeyPair: " + e.toString());
throw new NoSuchAlgorithmException();
}
- g.initialize(curveCode);
+ keygen.initialize(curveCode);
System.out.println("CryptoUtil: generateECCKeyPair: after KeyPairGenerator initialize with:" + curveName);
- KeyPair pair = g.genKeyPair();
+ KeyPair pair = keygen.genKeyPair();
return pair;
}
generated by cgit (git 2.34.1) at 2024-05-27 21:53:56 +0000