Support DSAPrivateKey.

This commit is contained in:
nicolson%netscape.com 2002-05-14 02:21:25 +00:00
parent 9c3865877f
commit 9bd721b3fc
5 changed files with 149 additions and 8 deletions

View File

@ -8,7 +8,6 @@ use File::Copy;
@excluded_sources = qw(
Debug_.*\.java
provider\.new/
org/mozilla/jss/pkcs11/PK11DSAPrivateKey\.java
org/mozilla/jss/provider/java/security/KeyFactorySpi1_4\.java
org/mozilla/jss/pkix/cert/X509Certificate\.java
samples/

View File

@ -241,6 +241,7 @@ Java_org_mozilla_jss_provider_java_security_JSSKeyStoreSpi_engineIsCertificateEn
Java_org_mozilla_jss_provider_java_security_JSSKeyStoreSpi_engineSetKeyEntryNative;
Java_org_mozilla_jss_CryptoManager_initializeAllNative2;
Java_org_mozilla_jss_ssl_SocketBase_getLocalAddressNative;
Java_org_mozilla_jss_pkcs11_PK11PrivKey_getDSAParamsNative;
;+ local:
;+ *;
;+};

View File

@ -1,11 +1,14 @@
package org.mozilla.jss.pkcs11;
import org.mozilla.jss.crypto.PrivateKey;
import org.mozilla.jss.crypto.TokenException;
import org.mozilla.jss.util.Assert;
import java.math.BigInteger;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPrivateKey;
class PK11DSAPrivateKey
extends PK11PrivKey implements java.security.interfaces.DSAPrivateKey
extends PK11PrivKey implements DSAPrivateKey
{
private PK11DSAPrivateKey() { super(null); }
@ -18,11 +21,22 @@ class PK11DSAPrivateKey
return PrivateKey.Type.DSA;
}
/**
* If this fails, we just return null, since no exceptions are allowed.
*/
public DSAParams getParams() {
// !!!
try {
return getDSAParams();
} catch(TokenException te) {
return null;
}
}
/**
* Not implemented. NSS doesn't support extracting private key material
* like this.
*/
public BigInteger getX() {
// !!!
return null;
}
}

View File

@ -39,6 +39,7 @@
#include <secerr.h>
#include <nspr.h>
#include <key.h>
#include <secitem.h>
#include <jssutil.h>
#include <jss_exceptions.h>
@ -59,20 +60,31 @@ JSS_PK11_wrapPrivKey(JNIEnv *env, SECKEYPrivateKey **privk)
jmethodID constructor;
jbyteArray ptrArray;
jobject Key=NULL;
const char *className = NULL;
PR_ASSERT(env!=NULL && privk!=NULL && *privk!=NULL);
/* Find the class */
keyClass = (*env)->FindClass(env, PK11PRIVKEY_CLASS_NAME);
switch( (*privk)->keyType ) {
case rsaKey:
className = "org/mozilla/jss/pkcs11/PK11RSAPrivateKey";
break;
case dsaKey:
className = "org/mozilla/jss/pkcs11/PK11DSAPrivateKey";
break;
default:
className = "org/mozilla/jss/pkcs11/PK11PrivKey";
break;
}
keyClass = (*env)->FindClass(env, className);
if(keyClass == NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
/* find the constructor */
constructor = (*env)->GetMethodID(env, keyClass,
PK11PRIVKEY_CONSTRUCTOR_NAME,
PK11PRIVKEY_CONSTRUCTOR_SIG);
constructor = (*env)->GetMethodID(env, keyClass, "<init>", "([B)V");
if(constructor == NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
@ -557,3 +569,99 @@ finish:
}
return keyObj;
}
#define ZERO_SECITEM(item) (item).data=NULL; (item).len=0;
/***********************************************************************
* getDSAParamsNative
*
* Returns a 3-element array of byte[]. The elements are P, Q, and G.
*/
JNIEXPORT jobjectArray JNICALL
Java_org_mozilla_jss_pkcs11_PK11PrivKey_getDSAParamsNative
(JNIEnv *env, jobject this)
{
SECKEYPrivateKey *key = NULL;
SECKEYPQGParams *pqgParams = NULL;
/*----PQG parameters and friends----*/
SECItem P; /* prime */
SECItem Q; /* subPrime */
SECItem G; /* base */
/*----Java versions of the PQG parameters----*/
jobject jP = NULL;
jobject jQ = NULL;
jobject jG = NULL;
jobjectArray pqgArray = NULL;
PR_ASSERT(env!=NULL && this!=NULL);
/* clear the SECItems so we can free them indiscriminately at the end */
ZERO_SECITEM(P);
ZERO_SECITEM(Q);
ZERO_SECITEM(G);
/*
* Get the private key C structure
*/
if( JSS_PK11_getPrivKeyPtr(env, this, &key) != PR_SUCCESS) {
PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
goto finish;
}
/*
* Get the PQG params from the private key
*/
pqgParams = PK11_GetPQGParamsFromPrivateKey(key);
if( pqgParams == NULL ) {
JSS_throwMsg(env, TOKEN_EXCEPTION,
"Unable to extract PQG parameters from private key");
goto finish;
}
if( PK11_PQG_GetPrimeFromParams( pqgParams, &P) ||
PK11_PQG_GetSubPrimeFromParams( pqgParams, &Q) ||
PK11_PQG_GetBaseFromParams( pqgParams, &G) )
{
JSS_throwMsg(env, TOKEN_EXCEPTION,
"Unable to extract PQG parameters from private key");
goto finish;
}
/*
* Now turn them into byte arrays
*/
if( !(jP = JSS_OctetStringToByteArray(env, &P)) ||
!(jQ = JSS_OctetStringToByteArray(env, &Q)) ||
!(jG = JSS_OctetStringToByteArray(env, &G)) )
{
goto finish;
}
/*
* Stash the byte arrays into an array of arrays.
*/
pqgArray = (*env)->NewObjectArray( env,
3,
(*env)->GetObjectClass(env, jP),
NULL);
if( pqgArray == NULL ) {
ASSERT_OUTOFMEM(env);
goto finish;
}
(*env)->SetObjectArrayElement(env, pqgArray, 0, jP);
(*env)->SetObjectArrayElement(env, pqgArray, 1, jQ);
(*env)->SetObjectArrayElement(env, pqgArray, 2, jG);
finish:
if(pqgParams!=NULL) {
PK11_PQG_DestroyParams(pqgParams);
}
SECITEM_FreeItem(&P, PR_FALSE /*don't free P itself*/);
SECITEM_FreeItem(&Q, PR_FALSE);
SECITEM_FreeItem(&G, PR_FALSE);
return pqgArray;
}

View File

@ -38,7 +38,10 @@ import org.mozilla.jss.crypto.PrivateKey;
import org.mozilla.jss.crypto.CryptoToken;
import org.mozilla.jss.crypto.TokenException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.DSAParameterSpec;
import java.security.interfaces.DSAParams;
import org.mozilla.jss.util.*;
import java.math.BigInteger;
public class PK11PrivKey extends org.mozilla.jss.pkcs11.PK11Key
implements PrivateKey {
@ -106,6 +109,22 @@ public class PK11PrivKey extends org.mozilla.jss.pkcs11.PK11Key
*/
public static native PK11PrivKey
fromPrivateKeyInfo(byte[] pki, CryptoToken token);
protected DSAParameterSpec
getDSAParams() throws TokenException {
byte[][] pqgArray = getDSAParamsNative();
return new DSAParameterSpec(
new BigInteger(pqgArray[0]),
new BigInteger(pqgArray[1]),
new BigInteger(pqgArray[2])
);
}
private native byte[][]
getDSAParamsNative() throws TokenException;
}
class PrivateKeyProxy extends KeyProxy {