/*
 * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package com.sun.crypto.provider;

import java.security.Key;
import java.security.PublicKey;
import java.security.PrivateKey;
import java.security.KeyFactory;
import java.security.InvalidKeyException;
import java.security.NoSuchProviderException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.security.spec.InvalidKeySpecException;

import javax.crypto.Cipher;
import javax.crypto.CipherSpi;
import javax.crypto.SecretKey;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.BadPaddingException;
import javax.crypto.spec.SecretKeySpec;

This class entends the javax.crypto.CipherSpi class with a concrete implementation of the methods for wrapping and unwrapping keys.
Author:Sharon Liu
See Also:
/** * This class entends the javax.crypto.CipherSpi class with a concrete * implementation of the methods for wrapping and unwrapping * keys. * * @author Sharon Liu * * * @see javax.crypto.CipherSpi * @see BlowfishCipher * @see DESCipher * @see PBEWithMD5AndDESCipher */
public abstract class CipherWithWrappingSpi extends CipherSpi {
Wrap a key.
Params:
  • key – the key to be wrapped.
Throws:
  • IllegalBlockSizeException – if this cipher is a block cipher, no padding has been requested, and the length of the encoding of the key to be wrapped is not a multiple of the block size.
  • InvalidKeyException – if it is impossible or unsafe to wrap the key with this cipher (e.g., a hardware protected key is being passed to a software only cipher).
Returns:the wrapped key.
/** * Wrap a key. * * @param key the key to be wrapped. * * @return the wrapped key. * * @exception IllegalBlockSizeException if this cipher is a block * cipher, no padding has been requested, and the length of the * encoding of the key to be wrapped is not a * multiple of the block size. * * @exception InvalidKeyException if it is impossible or unsafe to * wrap the key with this cipher (e.g., a hardware protected key is * being passed to a software only cipher). */
protected final byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException { byte[] result = null; try { byte[] encodedKey = key.getEncoded(); if ((encodedKey == null) || (encodedKey.length == 0)) { throw new InvalidKeyException("Cannot get an encoding of " + "the key to be wrapped"); } result = engineDoFinal(encodedKey, 0, encodedKey.length); } catch (BadPaddingException e) { // Should never happen } return result; }
Unwrap a previously wrapped key.
Params:
  • wrappedKey – the key to be unwrapped.
  • wrappedKeyAlgorithm – the algorithm the wrapped key is for.
  • wrappedKeyType – the type of the wrapped key. This is one of Cipher.SECRET_KEY, Cipher.PRIVATE_KEY, or Cipher.PUBLIC_KEY.
Throws:
  • InvalidKeyException – if wrappedKey does not represent a wrapped key, or if the algorithm associated with the wrapped key is different from wrappedKeyAlgorithm and/or its key type is different from wrappedKeyType.
  • NoSuchAlgorithmException – if no installed providers can create keys for the wrappedKeyAlgorithm.
Returns:the unwrapped key.
/** * Unwrap a previously wrapped key. * * @param wrappedKey the key to be unwrapped. * * @param wrappedKeyAlgorithm the algorithm the wrapped key is for. * * @param wrappedKeyType the type of the wrapped key. * This is one of <code>Cipher.SECRET_KEY</code>, * <code>Cipher.PRIVATE_KEY</code>, or <code>Cipher.PUBLIC_KEY</code>. * * @return the unwrapped key. * * @exception InvalidKeyException if <code>wrappedKey</code> does not * represent a wrapped key, or if the algorithm associated with the * wrapped key is different from <code>wrappedKeyAlgorithm</code> * and/or its key type is different from <code>wrappedKeyType</code>. * * @exception NoSuchAlgorithmException if no installed providers * can create keys for the <code>wrappedKeyAlgorithm</code>. */
protected final Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType) throws InvalidKeyException, NoSuchAlgorithmException { byte[] encodedKey; Key result = null; try { encodedKey = engineDoFinal(wrappedKey, 0, wrappedKey.length); } catch (BadPaddingException ePadding) { throw new InvalidKeyException(); } catch (IllegalBlockSizeException eBlockSize) { throw new InvalidKeyException(); } switch (wrappedKeyType) { case Cipher.SECRET_KEY: result = constructSecretKey(encodedKey, wrappedKeyAlgorithm); break; case Cipher.PRIVATE_KEY: result = constructPrivateKey(encodedKey, wrappedKeyAlgorithm); break; case Cipher.PUBLIC_KEY: result = constructPublicKey(encodedKey, wrappedKeyAlgorithm); break; } return result; }
Construct a public key from its encoding.
Params:
  • encodedKey – the encoding of a public key.
  • encodedKeyAlgorithm – the algorithm the encodedKey is for.
Returns:a public key constructed from the encodedKey.
/** * Construct a public key from its encoding. * * @param encodedKey the encoding of a public key. * * @param encodedKeyAlgorithm the algorithm the encodedKey is for. * * @return a public key constructed from the encodedKey. */
private final PublicKey constructPublicKey(byte[] encodedKey, String encodedKeyAlgorithm) throws InvalidKeyException, NoSuchAlgorithmException { PublicKey key = null; try { KeyFactory keyFactory = KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE"); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey); key = keyFactory.generatePublic(keySpec); } catch (NoSuchAlgorithmException nsae) { // Try to see whether there is another // provider which supports this algorithm try { KeyFactory keyFactory = KeyFactory.getInstance(encodedKeyAlgorithm); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey); key = keyFactory.generatePublic(keySpec); } catch (NoSuchAlgorithmException nsae2) { throw new NoSuchAlgorithmException("No installed providers " + "can create keys for the " + encodedKeyAlgorithm + "algorithm"); } catch (InvalidKeySpecException ikse2) { // Should never happen. } } catch (InvalidKeySpecException ikse) { // Should never happen. } catch (NoSuchProviderException nspe) { // Should never happen. } return key; }
Construct a private key from its encoding.
Params:
  • encodedKey – the encoding of a private key.
  • encodedKeyAlgorithm – the algorithm the wrapped key is for.
Returns:a private key constructed from the encodedKey.
/** * Construct a private key from its encoding. * * @param encodedKey the encoding of a private key. * * @param encodedKeyAlgorithm the algorithm the wrapped key is for. * * @return a private key constructed from the encodedKey. */
private final PrivateKey constructPrivateKey(byte[] encodedKey, String encodedKeyAlgorithm) throws InvalidKeyException, NoSuchAlgorithmException { PrivateKey key = null; try { KeyFactory keyFactory = KeyFactory.getInstance(encodedKeyAlgorithm, "SunJCE"); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey); return keyFactory.generatePrivate(keySpec); } catch (NoSuchAlgorithmException nsae) { // Try to see whether there is another // provider which supports this algorithm try { KeyFactory keyFactory = KeyFactory.getInstance(encodedKeyAlgorithm); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey); key = keyFactory.generatePrivate(keySpec); } catch (NoSuchAlgorithmException nsae2) { throw new NoSuchAlgorithmException("No installed providers " + "can create keys for the " + encodedKeyAlgorithm + "algorithm"); } catch (InvalidKeySpecException ikse2) { // Should never happen. } } catch (InvalidKeySpecException ikse) { // Should never happen. } catch (NoSuchProviderException nspe) { // Should never happen. } return key; }
Construct a secret key from its encoding.
Params:
  • encodedKey – the encoding of a secret key.
  • encodedKeyAlgorithm – the algorithm the secret key is for.
Returns:a secret key constructed from the encodedKey.
/** * Construct a secret key from its encoding. * * @param encodedKey the encoding of a secret key. * * @param encodedKeyAlgorithm the algorithm the secret key is for. * * @return a secret key constructed from the encodedKey. */
private final SecretKey constructSecretKey(byte[] encodedKey, String encodedKeyAlgorithm) { return (new SecretKeySpec(encodedKey, encodedKeyAlgorithm)); } }