summaryrefslogtreecommitdiffstats
path: root/pki/base/kra/src/com/netscape/kra/EncryptionUnit.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/kra/src/com/netscape/kra/EncryptionUnit.java')
-rw-r--r--pki/base/kra/src/com/netscape/kra/EncryptionUnit.java592
1 files changed, 175 insertions, 417 deletions
diff --git a/pki/base/kra/src/com/netscape/kra/EncryptionUnit.java b/pki/base/kra/src/com/netscape/kra/EncryptionUnit.java
index 9eb2ae3b8..cbd3b7a3d 100644
--- a/pki/base/kra/src/com/netscape/kra/EncryptionUnit.java
+++ b/pki/base/kra/src/com/netscape/kra/EncryptionUnit.java
@@ -17,6 +17,7 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.kra;
+
import java.io.CharConversionException;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
@@ -47,20 +48,20 @@ import com.netscape.certsrv.logging.ILogger;
import com.netscape.certsrv.security.IEncryptionUnit;
import com.netscape.cmscore.util.Debug;
+
/**
- * A class represents the transport key pair. This key pair is used to protected
- * EE's private key in transit.
- *
+ * A class represents the transport key pair. This key pair
+ * is used to protected EE's private key in transit.
+ *
* @author thomask
* @version $Revision$, $Date$
*/
public abstract class EncryptionUnit implements IEncryptionUnit {
- /*
- * Establish one constant IV for base class, to be used for internal
- * operations. Constant IV acceptable for symmetric keys.
- */
- private byte iv[] = { 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1 };
+ /* Establish one constant IV for base class, to be used for
+ internal operations. Constant IV acceptable for symmetric keys.
+ */
+ private byte iv[] = {0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1};
protected IVParameterSpec IV = null;
public EncryptionUnit() {
@@ -78,145 +79,84 @@ public abstract class EncryptionUnit implements IEncryptionUnit {
public abstract PrivateKey getPrivateKey();
/**
- * Protects the private key so that it can be stored in internal database.
+ * Protects the private key so that it can be stored in
+ * internal database.
*/
- public byte[] encryptInternalPrivate(byte priKey[]) throws EBaseException {
+ public byte[] encryptInternalPrivate(byte priKey[])
+ throws EBaseException {
try {
CMS.debug("EncryptionUnit.encryptInternalPrivate");
CryptoToken token = getToken();
CryptoToken internalToken = getInternalToken();
// (1) generate session key
- org.mozilla.jss.crypto.KeyGenerator kg = internalToken
- .getKeyGenerator(KeyGenAlgorithm.DES3);
+ org.mozilla.jss.crypto.KeyGenerator kg =
+ internalToken.getKeyGenerator(KeyGenAlgorithm.DES3);
SymmetricKey sk = kg.generate();
// (2) wrap private key with session key
- Cipher cipher = internalToken
- .getCipherContext(EncryptionAlgorithm.DES3_CBC_PAD);
+ Cipher cipher = internalToken.getCipherContext(
+ EncryptionAlgorithm.DES3_CBC_PAD);
cipher.initEncrypt(sk, IV);
byte pri[] = cipher.doFinal(priKey);
// (3) wrap session with transport public
- KeyWrapper rsaWrap = internalToken
- .getKeyWrapper(KeyWrapAlgorithm.RSA);
+ KeyWrapper rsaWrap = internalToken.getKeyWrapper(
+ KeyWrapAlgorithm.RSA);
rsaWrap.initWrap(getPublicKey(), null);
byte session[] = rsaWrap.wrap(sk);
// use MY own structure for now:
// SEQUENCE {
- // encryptedSession OCTET STRING,
- // encryptedPrivate OCTET STRING
+ // encryptedSession OCTET STRING,
+ // encryptedPrivate OCTET STRING
// }
-
+
DerOutputStream tmp = new DerOutputStream();
DerOutputStream out = new DerOutputStream();
tmp.putOctetString(session);
tmp.putOctetString(pri);
out.write(DerValue.tag_Sequence, tmp);
-
+
return out.toByteArray();
} catch (TokenException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
} catch (NoSuchAlgorithmException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
} catch (CharConversionException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
} catch (InvalidAlgorithmParameterException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
} catch (InvalidKeyException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
} catch (BadPaddingException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
} catch (IllegalBlockSizeException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
} catch (IOException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
} catch (Exception e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::encryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_INTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::encryptInternalPrivate " + e.toString());
return null;
}
}
@@ -231,133 +171,92 @@ public abstract class EncryptionUnit implements IEncryptionUnit {
CryptoToken token = getToken();
// (1) generate session key
- org.mozilla.jss.crypto.KeyGenerator kg = token
- .getKeyGenerator(KeyGenAlgorithm.DES3);
- // internalToken.getKeyGenerator(KeyGenAlgorithm.DES3);
+ org.mozilla.jss.crypto.KeyGenerator kg =
+ token.getKeyGenerator(KeyGenAlgorithm.DES3);
+ // internalToken.getKeyGenerator(KeyGenAlgorithm.DES3);
SymmetricKey.Usage usages[] = new SymmetricKey.Usage[2];
usages[0] = SymmetricKey.Usage.WRAP;
usages[1] = SymmetricKey.Usage.UNWRAP;
kg.setKeyUsages(usages);
kg.temporaryKeys(true);
SymmetricKey sk = kg.generate();
- CMS.debug("EncryptionUnit:wrap() session key generated on slot: "
- + token.getName());
+ CMS.debug("EncryptionUnit:wrap() session key generated on slot: "+token.getName());
// (2) wrap private key with session key
// KeyWrapper wrapper = internalToken.getKeyWrapper(
- KeyWrapper wrapper = token
- .getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD);
+ KeyWrapper wrapper = token.getKeyWrapper(
+ KeyWrapAlgorithm.DES3_CBC_PAD);
wrapper.initWrap(sk, IV);
byte pri[] = wrapper.wrap(priKey);
- CMS.debug("EncryptionUnit:wrap() privKey wrapped");
+ CMS.debug("EncryptionUnit:wrap() privKey wrapped");
// (3) wrap session with transport public
- KeyWrapper rsaWrap = token.getKeyWrapper(KeyWrapAlgorithm.RSA);
+ KeyWrapper rsaWrap = token.getKeyWrapper(
+ KeyWrapAlgorithm.RSA);
rsaWrap.initWrap(getPublicKey(), null);
byte session[] = rsaWrap.wrap(sk);
- CMS.debug("EncryptionUnit:wrap() sessin key wrapped");
+ CMS.debug("EncryptionUnit:wrap() sessin key wrapped");
// use MY own structure for now:
// SEQUENCE {
- // encryptedSession OCTET STRING,
- // encryptedPrivate OCTET STRING
+ // encryptedSession OCTET STRING,
+ // encryptedPrivate OCTET STRING
// }
-
+
DerOutputStream tmp = new DerOutputStream();
DerOutputStream out = new DerOutputStream();
tmp.putOctetString(session);
tmp.putOctetString(pri);
out.write(DerValue.tag_Sequence, tmp);
-
+
return out.toByteArray();
} catch (TokenException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP", e.toString()));
Debug.trace("EncryptionUnit::wrap " + e.toString());
return null;
} catch (NoSuchAlgorithmException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP", e.toString()));
Debug.trace("EncryptionUnit::wrap " + e.toString());
return null;
} catch (CharConversionException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP", e.toString()));
Debug.trace("EncryptionUnit::wrap " + e.toString());
return null;
} catch (InvalidAlgorithmParameterException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP", e.toString()));
Debug.trace("EncryptionUnit::wrap " + e.toString());
return null;
} catch (InvalidKeyException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP", e.toString()));
Debug.trace("EncryptionUnit::wrap " + e.toString());
return null;
} catch (IOException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP", e.toString()));
Debug.trace("EncryptionUnit::wrap " + e.toString());
return null;
} catch (Exception e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_WRAP", e.toString()));
Debug.trace("EncryptionUnit::wrap " + e.toString());
return null;
}
}
/**
- * External unwrapping. Unwraps the data using the transport private key.
+ * External unwrapping. Unwraps the data using
+ * the transport private key.
*/
- public SymmetricKey unwrap_sym(byte encSymmKey[], SymmetricKey.Usage usage) {
+ public SymmetricKey unwrap_sym(byte encSymmKey[], SymmetricKey.Usage usage)
+ {
try {
CryptoToken token = getToken();
// (1) unwrap the session
PrivateKey priKey = getPrivateKey();
String priKeyAlgo = priKey.getAlgorithm();
- CMS.debug("EncryptionUnit::unwrap_sym() private key algo: "
- + priKeyAlgo);
+ CMS.debug("EncryptionUnit::unwrap_sym() private key algo: " + priKeyAlgo);
KeyWrapper keyWrapper = null;
if (priKeyAlgo.equals("EC")) {
keyWrapper = token.getKeyWrapper(KeyWrapAlgorithm.AES_ECB);
@@ -367,152 +266,117 @@ public abstract class EncryptionUnit implements IEncryptionUnit {
keyWrapper.initUnwrap(priKey, null);
}
SymmetricKey sk = keyWrapper.unwrapSymmetric(encSymmKey,
- SymmetricKey.DES3, usage, 0);
- CMS.debug("EncryptionUnit::unwrap_sym() unwrapped on slot: "
- + token.getName());
+ SymmetricKey.DES3, usage,
+ 0);
+ CMS.debug("EncryptionUnit::unwrap_sym() unwrapped on slot: "
+ +token.getName());
return sk;
} catch (Exception e) {
- CMS.debug("EncryptionUnit::unwrap_sym() error:" + e.toString());
+ CMS.debug("EncryptionUnit::unwrap_sym() error:" +
+ e.toString());
return null;
}
}
- public SymmetricKey unwrap_sym(byte encSymmKey[]) {
+ public SymmetricKey unwrap_sym(byte encSymmKey[])
+ {
return unwrap_sym(encSymmKey, SymmetricKey.Usage.WRAP);
}
-
- public SymmetricKey unwrap_encrypt_sym(byte encSymmKey[]) {
+
+ public SymmetricKey unwrap_encrypt_sym(byte encSymmKey[])
+ {
return unwrap_sym(encSymmKey, SymmetricKey.Usage.ENCRYPT);
}
/**
* Decrypts the user private key.
*/
- public byte[] decryptExternalPrivate(byte encSymmKey[], String symmAlgOID,
- byte symmAlgParams[], byte encValue[]) throws EBaseException {
+ public byte[] decryptExternalPrivate(byte encSymmKey[],
+ String symmAlgOID, byte symmAlgParams[],
+ byte encValue[])
+ throws EBaseException {
try {
CMS.debug("EncryptionUnit.decryptExternalPrivate");
CryptoToken token = getToken();
// (1) unwrap the session
- KeyWrapper rsaWrap = token.getKeyWrapper(KeyWrapAlgorithm.RSA);
+ KeyWrapper rsaWrap = token.getKeyWrapper(
+ KeyWrapAlgorithm.RSA);
rsaWrap.initUnwrap(getPrivateKey(), null);
SymmetricKey sk = rsaWrap.unwrapSymmetric(encSymmKey,
- SymmetricKey.DES3, SymmetricKey.Usage.DECRYPT, 0);
+ SymmetricKey.DES3, SymmetricKey.Usage.DECRYPT,
+ 0);
// (2) unwrap the pri
- Cipher cipher = token
- .getCipherContext(EncryptionAlgorithm.DES3_CBC_PAD // XXX
- );
+ Cipher cipher = token.getCipherContext(
+ EncryptionAlgorithm.DES3_CBC_PAD // XXX
+ );
- cipher.initDecrypt(sk, new IVParameterSpec(symmAlgParams));
+ cipher.initDecrypt(sk, new IVParameterSpec(
+ symmAlgParams));
return cipher.doFinal(encValue);
} catch (IllegalBlockSizeException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptExternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::decryptExternalPrivate " + e.toString());
return null;
} catch (BadPaddingException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptExternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::decryptExternalPrivate " + e.toString());
return null;
} catch (TokenException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptExternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::decryptExternalPrivate " + e.toString());
return null;
} catch (NoSuchAlgorithmException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptExternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::decryptExternalPrivate " + e.toString());
return null;
} catch (InvalidAlgorithmParameterException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptExternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::decryptExternalPrivate " + e.toString());
return null;
} catch (InvalidKeyException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptExternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::decryptExternalPrivate " + e.toString());
return null;
} catch (Exception e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptExternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_EXTERNAL", e.toString()));
+ Debug.trace("EncryptionUnit::decryptExternalPrivate " + e.toString());
return null;
}
}
/**
- * External unwrapping. Unwraps the data using the transport private key.
+ * External unwrapping. Unwraps the data using
+ * the transport private key.
*/
- public PrivateKey unwrap(byte encSymmKey[], String symmAlgOID,
- byte symmAlgParams[], byte encValue[], PublicKey pubKey)
- throws EBaseException {
+ public PrivateKey unwrap(byte encSymmKey[],
+ String symmAlgOID, byte symmAlgParams[],
+ byte encValue[], PublicKey pubKey)
+ throws EBaseException {
try {
CryptoToken token = getToken();
// (1) unwrap the session
- KeyWrapper rsaWrap = token.getKeyWrapper(KeyWrapAlgorithm.RSA);
+ KeyWrapper rsaWrap = token.getKeyWrapper(
+ KeyWrapAlgorithm.RSA);
rsaWrap.initUnwrap(getPrivateKey(), null);
SymmetricKey sk = rsaWrap.unwrapSymmetric(encSymmKey,
- SymmetricKey.DES3, SymmetricKey.Usage.UNWRAP, 0);
+ SymmetricKey.DES3, SymmetricKey.Usage.UNWRAP,
+ 0);
// (2) unwrap the pri
- KeyWrapper wrapper = token
- .getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD // XXX
- );
+ KeyWrapper wrapper = token.getKeyWrapper(
+ KeyWrapAlgorithm.DES3_CBC_PAD // XXX
+ );
- wrapper.initUnwrap(sk, new IVParameterSpec(symmAlgParams));
+ wrapper.initUnwrap(sk, new IVParameterSpec(
+ symmAlgParams));
- PrivateKey.Type keytype = null;
+ PrivateKey.Type keytype = null;
String alg = pubKey.getAlgorithm();
if (alg.equals("DSA")) {
keytype = PrivateKey.DSA;
@@ -521,58 +385,34 @@ public abstract class EncryptionUnit implements IEncryptionUnit {
} else {
keytype = PrivateKey.RSA;
}
- PrivateKey pk = wrapper.unwrapTemporaryPrivate(encValue, keytype,
- pubKey);
+ PrivateKey pk = wrapper.unwrapTemporaryPrivate(encValue,
+ keytype , pubKey);
return pk;
} catch (TokenException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.trace("EncryptionUnit::unwrap " + e.toString());
return null;
} catch (NoSuchAlgorithmException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.trace("EncryptionUnit::unwrap " + e.toString());
return null;
} catch (InvalidAlgorithmParameterException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.trace("EncryptionUnit::unwrap " + e.toString());
return null;
} catch (InvalidKeyException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.trace("EncryptionUnit::unwrap " + e.toString());
return null;
} catch (Exception e) {
- CMS.debug("EncryptionUnit.unwrap : Exception:" + e.toString());
+ CMS.debug("EncryptionUnit.unwrap : Exception:"+e.toString());
return null;
}
}
- public byte[] decryptInternalPrivate(byte wrappedKeyData[])
- throws EBaseException {
+ public byte[] decryptInternalPrivate(byte wrappedKeyData[])
+ throws EBaseException {
try {
CMS.debug("EncryptionUnit.decryptInternalPrivate");
DerValue val = new DerValue(wrappedKeyData);
@@ -586,107 +426,51 @@ public abstract class EncryptionUnit implements IEncryptionUnit {
CryptoToken token = getToken();
// (1) unwrap the session
- CMS.debug("decryptInternalPrivate(): getting key wrapper on slot:"
- + token.getName());
- KeyWrapper rsaWrap = token.getKeyWrapper(KeyWrapAlgorithm.RSA);
+ CMS.debug("decryptInternalPrivate(): getting key wrapper on slot:"+ token.getName());
+ KeyWrapper rsaWrap = token.getKeyWrapper(
+ KeyWrapAlgorithm.RSA);
rsaWrap.initUnwrap(getPrivateKey(), null);
SymmetricKey sk = rsaWrap.unwrapSymmetric(session,
SymmetricKey.DES3, SymmetricKey.Usage.DECRYPT, 0);
// (2) unwrap the pri
- Cipher cipher = token
- .getCipherContext(EncryptionAlgorithm.DES3_CBC_PAD);
+ Cipher cipher = token.getCipherContext(
+ EncryptionAlgorithm.DES3_CBC_PAD);
cipher.initDecrypt(sk, IV);
return cipher.doFinal(pri);
} catch (IllegalBlockSizeException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT", e.toString()));
+ Debug.trace("EncryptionUnit::decryptInternalPrivate " + e.toString());
return null;
} catch (BadPaddingException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT", e.toString()));
+ Debug.trace("EncryptionUnit::decryptInternalPrivate " + e.toString());
return null;
} catch (TokenException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT", e.toString()));
+ Debug.trace("EncryptionUnit::decryptInternalPrivate " + e.toString());
return null;
} catch (NoSuchAlgorithmException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT", e.toString()));
+ Debug.trace("EncryptionUnit::decryptInternalPrivate " + e.toString());
return null;
} catch (InvalidAlgorithmParameterException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT", e.toString()));
+ Debug.trace("EncryptionUnit::decryptInternalPrivate " + e.toString());
return null;
} catch (InvalidKeyException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT", e.toString()));
+ Debug.trace("EncryptionUnit::decryptInternalPrivate " + e.toString());
return null;
} catch (IOException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT", e.toString()));
+ Debug.trace("EncryptionUnit::decryptInternalPrivate " + e.toString());
return null;
} catch (Exception e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT",
- e.toString()));
- Debug.trace("EncryptionUnit::decryptInternalPrivate "
- + e.toString());
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_DECRYPT", e.toString()));
+ Debug.trace("EncryptionUnit::decryptInternalPrivate " + e.toString());
return null;
}
}
@@ -694,24 +478,25 @@ public abstract class EncryptionUnit implements IEncryptionUnit {
/**
* Internal unwrapping.
*/
- public PrivateKey unwrap_temp(byte wrappedKeyData[], PublicKey pubKey)
- throws EBaseException {
+ public PrivateKey unwrap_temp(byte wrappedKeyData[], PublicKey pubKey)
+ throws EBaseException {
return _unwrap(wrappedKeyData, pubKey, true);
}
/**
* Internal unwrapping.
*/
- public PrivateKey unwrap(byte wrappedKeyData[], PublicKey pubKey)
- throws EBaseException {
+ public PrivateKey unwrap(byte wrappedKeyData[], PublicKey pubKey)
+ throws EBaseException {
return _unwrap(wrappedKeyData, pubKey, false);
}
/**
* Internal unwrapping.
*/
- private PrivateKey _unwrap(byte wrappedKeyData[], PublicKey pubKey,
- boolean temporary) throws EBaseException {
+ private PrivateKey _unwrap(byte wrappedKeyData[], PublicKey
+ pubKey, boolean temporary)
+ throws EBaseException {
try {
DerValue val = new DerValue(wrappedKeyData);
// val.tag == DerValue.tag_Sequence
@@ -723,87 +508,60 @@ public abstract class EncryptionUnit implements IEncryptionUnit {
CryptoToken token = getToken();
// (1) unwrap the session
- KeyWrapper rsaWrap = token.getKeyWrapper(KeyWrapAlgorithm.RSA);
+ KeyWrapper rsaWrap = token.getKeyWrapper(
+ KeyWrapAlgorithm.RSA);
rsaWrap.initUnwrap(getPrivateKey(), null);
SymmetricKey sk = rsaWrap.unwrapSymmetric(session,
SymmetricKey.DES3, SymmetricKey.Usage.UNWRAP, 0);
// (2) unwrap the pri
- KeyWrapper wrapper = token
- .getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD);
+ KeyWrapper wrapper = token.getKeyWrapper(
+ KeyWrapAlgorithm.DES3_CBC_PAD);
wrapper.initUnwrap(sk, IV);
PrivateKey pk = null;
if (temporary) {
- pk = wrapper
- .unwrapTemporaryPrivate(pri, PrivateKey.RSA, pubKey);
+ pk = wrapper.unwrapTemporaryPrivate(pri,
+ PrivateKey.RSA, pubKey);
} else {
- pk = wrapper.unwrapPrivate(pri, PrivateKey.RSA, pubKey);
+ pk = wrapper.unwrapPrivate(pri,
+ PrivateKey.RSA, pubKey);
}
return pk;
} catch (TokenException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.trace("EncryptionUnit::unwrap " + e.toString());
CMS.debug(e);
return null;
} catch (NoSuchAlgorithmException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.trace("EncryptionUnit::unwrap " + e.toString());
return null;
} catch (InvalidAlgorithmParameterException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.trace("EncryptionUnit::unwrap " + e.toString());
return null;
} catch (InvalidKeyException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.printStackTrace(e);
return null;
} catch (IOException e) {
- CMS.getLogger().log(
- ILogger.EV_SYSTEM,
- null,
- ILogger.S_KRA,
- ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP",
- e.toString()));
+ CMS.getLogger().log(ILogger.EV_SYSTEM, null, ILogger.S_KRA, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_KRA_ENCRYPTION_UNWRAP", e.toString()));
Debug.trace("EncryptionUnit::unwrap " + e.toString());
return null;
} catch (Exception e) {
Debug.printStackTrace(e);
- return null;
+ return null;
}
}
/**
* Verify the given key pair.
*/
- public void verify(PublicKey publicKey, PrivateKey privateKey)
- throws EBaseException {
+ public void verify(PublicKey publicKey, PrivateKey privateKey) throws
+ EBaseException {
}
}
+
generated by cgit (git 2.34.1) at 2024-07-07 09:11:30 +0000