001    /**
002     *  Licensed to the Apache Software Foundation (ASF) under one or more
003     *  contributor license agreements.  See the NOTICE file distributed with
004     *  this work for additional information regarding copyright ownership.
005     *  The ASF licenses this file to You under the Apache License, Version 2.0
006     *  (the "License"); you may not use this file except in compliance with
007     *  the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     *  Unless required by applicable law or agreed to in writing, software
012     *  distributed under the License is distributed on an "AS IS" BASIS,
013     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     *  See the License for the specific language governing permissions and
015     *  limitations under the License.
016     */
017    
018    package org.apache.geronimo.crypto.jce.provider;
019    
020    import java.io.ByteArrayInputStream;
021    import java.io.IOException;
022    import java.io.InputStream;
023    import java.security.InvalidKeyException;
024    import java.security.Key;
025    import java.security.KeyFactorySpi;
026    import java.security.PrivateKey;
027    import java.security.PublicKey;
028    import java.security.interfaces.DSAPrivateKey;
029    import java.security.interfaces.DSAPublicKey;
030    import java.security.interfaces.RSAPrivateCrtKey;
031    import java.security.interfaces.RSAPrivateKey;
032    import java.security.interfaces.RSAPublicKey;
033    import java.security.spec.DSAPrivateKeySpec;
034    import java.security.spec.DSAPublicKeySpec;
035    import java.security.spec.InvalidKeySpecException;
036    import java.security.spec.KeySpec;
037    import java.security.spec.PKCS8EncodedKeySpec;
038    import java.security.spec.RSAPrivateCrtKeySpec;
039    import java.security.spec.RSAPrivateKeySpec;
040    import java.security.spec.RSAPublicKeySpec;
041    import java.security.spec.X509EncodedKeySpec;
042    
043    import javax.crypto.interfaces.DHPrivateKey;
044    import javax.crypto.interfaces.DHPublicKey;
045    import javax.crypto.spec.DHPrivateKeySpec;
046    import javax.crypto.spec.DHPublicKeySpec;
047    
048    import org.apache.geronimo.crypto.asn1.ASN1InputStream;
049    import org.apache.geronimo.crypto.asn1.ASN1Sequence;
050    import org.apache.geronimo.crypto.asn1.cryptopro.CryptoProObjectIdentifiers;
051    import org.apache.geronimo.crypto.asn1.oiw.OIWObjectIdentifiers;
052    import org.apache.geronimo.crypto.asn1.pkcs.PKCSObjectIdentifiers;
053    import org.apache.geronimo.crypto.asn1.pkcs.PrivateKeyInfo;
054    import org.apache.geronimo.crypto.asn1.pkcs.RSAPrivateKeyStructure;
055    import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
056    import org.apache.geronimo.crypto.asn1.x509.SubjectPublicKeyInfo;
057    import org.apache.geronimo.crypto.asn1.x509.X509ObjectIdentifiers;
058    import org.apache.geronimo.crypto.asn1.x9.X9ObjectIdentifiers;
059    import org.apache.geronimo.crypto.jce.provider.JCEDHPrivateKey;
060    import org.apache.geronimo.crypto.jce.provider.JCEDHPublicKey;
061    
062    public abstract class JDKKeyFactory
063        extends KeyFactorySpi
064    {
065        public JDKKeyFactory()
066        {
067        }
068    
069        protected KeySpec engineGetKeySpec(
070            Key    key,
071            Class    spec)
072        throws InvalidKeySpecException
073        {
074           if (spec.isAssignableFrom(PKCS8EncodedKeySpec.class) && key.getFormat().equals("PKCS#8"))
075           {
076                   return new PKCS8EncodedKeySpec(key.getEncoded());
077           }
078           else if (spec.isAssignableFrom(X509EncodedKeySpec.class) && key.getFormat().equals("X.509"))
079           {
080                   return new X509EncodedKeySpec(key.getEncoded());
081           }
082           else if (spec.isAssignableFrom(RSAPublicKeySpec.class) && key instanceof RSAPublicKey)
083           {
084                RSAPublicKey    k = (RSAPublicKey)key;
085    
086                return new RSAPublicKeySpec(k.getModulus(), k.getPublicExponent());
087           }
088           else if (spec.isAssignableFrom(RSAPrivateKeySpec.class) && key instanceof RSAPrivateKey)
089           {
090                RSAPrivateKey    k = (RSAPrivateKey)key;
091    
092                return new RSAPrivateKeySpec(k.getModulus(), k.getPrivateExponent());
093           }
094           else if (spec.isAssignableFrom(RSAPrivateCrtKeySpec.class) && key instanceof RSAPrivateCrtKey)
095           {
096                RSAPrivateCrtKey    k = (RSAPrivateCrtKey)key;
097    
098                return new RSAPrivateCrtKeySpec(
099                                k.getModulus(), k.getPublicExponent(),
100                                k.getPrivateExponent(),
101                                k.getPrimeP(), k.getPrimeQ(),
102                                k.getPrimeExponentP(), k.getPrimeExponentQ(),
103                                k.getCrtCoefficient());
104           }
105           else if (spec.isAssignableFrom(DHPrivateKeySpec.class) && key instanceof DHPrivateKey)
106           {
107               DHPrivateKey k = (DHPrivateKey)key;
108    
109               return new DHPrivateKeySpec(k.getX(), k.getParams().getP(), k.getParams().getG());
110           }
111           else if (spec.isAssignableFrom(DHPublicKeySpec.class) && key instanceof DHPublicKey)
112           {
113               DHPublicKey k = (DHPublicKey)key;
114    
115               return new DHPublicKeySpec(k.getY(), k.getParams().getP(), k.getParams().getG());
116           }
117    
118            throw new RuntimeException("not implemented yet " + key + " " + spec);
119        }
120    
121        protected Key engineTranslateKey(
122            Key    key)
123            throws InvalidKeyException
124        {
125            if (key instanceof RSAPublicKey)
126            {
127                return new JCERSAPublicKey((RSAPublicKey)key);
128            }
129            else if (key instanceof RSAPrivateCrtKey)
130            {
131                return new JCERSAPrivateCrtKey((RSAPrivateCrtKey)key);
132            }
133            else if (key instanceof RSAPrivateKey)
134            {
135                return new JCERSAPrivateKey((RSAPrivateKey)key);
136            }
137            else if (key instanceof DHPublicKey)
138            {
139                return new JCEDHPublicKey((DHPublicKey)key);
140            }
141            else if (key instanceof DHPrivateKey)
142            {
143                return new JCEDHPrivateKey((DHPrivateKey)key);
144            }
145            else if (key instanceof DSAPublicKey)
146            {
147                return new JDKDSAPublicKey((DSAPublicKey)key);
148            }
149            else if (key instanceof DSAPrivateKey)
150            {
151                return new JDKDSAPrivateKey((DSAPrivateKey)key);
152            }
153            throw new InvalidKeyException("key type unknown");
154        }
155    
156        /**
157         * create a public key from the given DER encoded input stream.
158         */
159        static PublicKey createPublicKeyFromDERStream(
160            InputStream         in)
161            throws IOException
162        {
163            return createPublicKeyFromPublicKeyInfo(
164                    new SubjectPublicKeyInfo((ASN1Sequence)(new ASN1InputStream(in).readObject())));
165        }
166    
167        /**
168         * create a public key from the given public key info object.
169         */
170        static PublicKey createPublicKeyFromPublicKeyInfo(
171            SubjectPublicKeyInfo         info)
172        {
173            AlgorithmIdentifier     algId = info.getAlgorithmId();
174    
175            if (algId.getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption)
176                || algId.getObjectId().equals(X509ObjectIdentifiers.id_ea_rsa))
177            {
178                  return new JCERSAPublicKey(info);
179            }
180            else if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement))
181            {
182                  return new JCEDHPublicKey(info);
183            }
184            else if (algId.getObjectId().equals(X9ObjectIdentifiers.dhpublicnumber))
185            {
186                  return new JCEDHPublicKey(info);
187            }
188            else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa))
189            {
190                  return new JDKDSAPublicKey(info);
191            }
192            else if (algId.getObjectId().equals(OIWObjectIdentifiers.dsaWithSHA1))
193            {
194                  return new JDKDSAPublicKey(info);
195            }
196            else
197            {
198                throw new RuntimeException("algorithm identifier in key not recognised");
199            }
200        }
201    
202        /**
203         * create a private key from the given DER encoded input stream.
204         */
205        static PrivateKey createPrivateKeyFromDERStream(
206            InputStream         in)
207            throws IOException
208        {
209            return createPrivateKeyFromPrivateKeyInfo(
210                    new PrivateKeyInfo((ASN1Sequence)(new ASN1InputStream(in).readObject())));
211        }
212    
213        /**
214         * create a private key from the given public key info object.
215         */
216        static PrivateKey createPrivateKeyFromPrivateKeyInfo(
217            PrivateKeyInfo      info)
218        {
219            AlgorithmIdentifier     algId = info.getAlgorithmId();
220    
221            if (algId.getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption))
222            {
223                  return new JCERSAPrivateCrtKey(info);
224            }
225            else if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement))
226            {
227                  return new JCEDHPrivateKey(info);
228            }
229            else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa))
230            {
231                  return new JDKDSAPrivateKey(info);
232            }
233            else
234            {
235                throw new RuntimeException("algorithm identifier in key not recognised");
236            }
237        }
238    
239        public static class RSA
240            extends JDKKeyFactory
241        {
242            public RSA()
243            {
244            }
245    
246            protected PrivateKey engineGeneratePrivate(
247                KeySpec    keySpec)
248                throws InvalidKeySpecException
249            {
250                if (keySpec instanceof PKCS8EncodedKeySpec)
251                {
252                    try
253                    {
254                        return JDKKeyFactory.createPrivateKeyFromDERStream(
255                                    new ByteArrayInputStream(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
256                    }
257                    catch (Exception e)
258                    {
259                        //
260                        // in case it's just a RSAPrivateKey object...
261                        //
262                        try
263                        {
264                            return new JCERSAPrivateCrtKey(
265                                new RSAPrivateKeyStructure(
266                                    (ASN1Sequence)new ASN1InputStream(new ByteArrayInputStream(((PKCS8EncodedKeySpec)keySpec).getEncoded())).readObject()));
267                        }
268                        catch (Exception ex)
269                        {
270                            throw (InvalidKeySpecException)new InvalidKeySpecException(ex.getMessage()).initCause(ex);
271                        }
272                    }
273                }
274                else if (keySpec instanceof RSAPrivateCrtKeySpec)
275                {
276                    return new JCERSAPrivateCrtKey((RSAPrivateCrtKeySpec)keySpec);
277                }
278                else if (keySpec instanceof RSAPrivateKeySpec)
279                {
280                    return new JCERSAPrivateKey((RSAPrivateKeySpec)keySpec);
281                }
282    
283                throw new InvalidKeySpecException("Unknown KeySpec type.");
284            }
285    
286            protected PublicKey engineGeneratePublic(
287                KeySpec    keySpec)
288                throws InvalidKeySpecException
289            {
290                if (keySpec instanceof X509EncodedKeySpec)
291                {
292                    try
293                    {
294                        return JDKKeyFactory.createPublicKeyFromDERStream(
295                                    new ByteArrayInputStream(((X509EncodedKeySpec)keySpec).getEncoded()));
296                    }
297                    catch (Exception e)
298                    {
299                        throw (InvalidKeySpecException)new InvalidKeySpecException(e.getMessage()).initCause(e);
300                    }
301                }
302                else if (keySpec instanceof RSAPublicKeySpec)
303                {
304                    return new JCERSAPublicKey((RSAPublicKeySpec)keySpec);
305                }
306    
307                throw new InvalidKeySpecException("Unknown KeySpec type.");
308            }
309        }
310    
311        public static class DH
312            extends JDKKeyFactory
313        {
314            public DH()
315            {
316            }
317    
318            protected PrivateKey engineGeneratePrivate(
319                KeySpec    keySpec)
320                throws InvalidKeySpecException
321            {
322                if (keySpec instanceof PKCS8EncodedKeySpec)
323                {
324                    try
325                    {
326                        return JDKKeyFactory.createPrivateKeyFromDERStream(
327                                    new ByteArrayInputStream(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
328                    }
329                    catch (Exception e)
330                    {
331                        throw (InvalidKeySpecException)new InvalidKeySpecException(e.getMessage()).initCause(e);
332                    }
333                }
334                else if (keySpec instanceof DHPrivateKeySpec)
335                {
336                    return new JCEDHPrivateKey((DHPrivateKeySpec)keySpec);
337                }
338    
339                throw new InvalidKeySpecException("Unknown KeySpec type.");
340            }
341    
342            protected PublicKey engineGeneratePublic(
343                KeySpec    keySpec)
344                throws InvalidKeySpecException
345            {
346                if (keySpec instanceof X509EncodedKeySpec)
347                {
348                    try
349                    {
350                        return JDKKeyFactory.createPublicKeyFromDERStream(
351                                    new ByteArrayInputStream(((X509EncodedKeySpec)keySpec).getEncoded()));
352                    }
353                    catch (Exception e)
354                    {
355                        throw (InvalidKeySpecException)new InvalidKeySpecException(e.getMessage()).initCause(e);
356                    }
357                }
358                else if (keySpec instanceof DHPublicKeySpec)
359                {
360                    return new JCEDHPublicKey((DHPublicKeySpec)keySpec);
361                }
362    
363                throw new InvalidKeySpecException("Unknown KeySpec type.");
364            }
365        }
366    
367        public static class DSA
368            extends JDKKeyFactory
369        {
370            public DSA()
371            {
372            }
373    
374            protected PrivateKey engineGeneratePrivate(
375                KeySpec    keySpec)
376                throws InvalidKeySpecException
377            {
378                if (keySpec instanceof PKCS8EncodedKeySpec)
379                {
380                    try
381                    {
382                        return JDKKeyFactory.createPrivateKeyFromDERStream(
383                                    new ByteArrayInputStream(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
384                    }
385                    catch (Exception e)
386                    {
387                        throw (InvalidKeySpecException)new InvalidKeySpecException(e.getMessage()).initCause(e);
388                    }
389                }
390                else if (keySpec instanceof DSAPrivateKeySpec)
391                {
392                    return new JDKDSAPrivateKey((DSAPrivateKeySpec)keySpec);
393                }
394    
395                throw new InvalidKeySpecException("Unknown KeySpec type.");
396            }
397    
398            protected PublicKey engineGeneratePublic(
399                KeySpec    keySpec)
400                throws InvalidKeySpecException
401            {
402                if (keySpec instanceof X509EncodedKeySpec)
403                {
404                    try
405                    {
406                        return JDKKeyFactory.createPublicKeyFromDERStream(
407                                    new ByteArrayInputStream(((X509EncodedKeySpec)keySpec).getEncoded()));
408                    }
409                    catch (Exception e)
410                    {
411                        throw (InvalidKeySpecException)new InvalidKeySpecException(e.getMessage()).initCause(e);
412                    }
413                }
414                else if (keySpec instanceof DSAPublicKeySpec)
415                {
416                    return new JDKDSAPublicKey((DSAPublicKeySpec)keySpec);
417                }
418    
419                throw new InvalidKeySpecException("Unknown KeySpec type.");
420            }
421        }
422    
423    
424        public static class EC
425            extends JDKKeyFactory
426        {
427            String  algorithm;
428    
429            public EC()
430            {
431                this("EC");
432            }
433    
434            public EC(
435                String  algorithm)
436            {
437                this.algorithm = algorithm;
438            }
439    
440            protected PrivateKey engineGeneratePrivate(
441                KeySpec    keySpec)
442                throws InvalidKeySpecException
443            {
444                if (keySpec instanceof PKCS8EncodedKeySpec)
445                {
446                    try
447                    {
448                        return JDKKeyFactory.createPrivateKeyFromDERStream(
449                                    new ByteArrayInputStream(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
450                    }
451                    catch (Exception e)
452                    {
453                        throw (InvalidKeySpecException)new InvalidKeySpecException(e.getMessage()).initCause(e);
454                    }
455                }
456    
457                throw new InvalidKeySpecException("Unknown KeySpec type.");
458            }
459    
460            protected PublicKey engineGeneratePublic(
461                KeySpec    keySpec)
462                throws InvalidKeySpecException
463            {
464                if (keySpec instanceof X509EncodedKeySpec)
465                {
466                    try
467                    {
468                        return JDKKeyFactory.createPublicKeyFromDERStream(
469                                    new ByteArrayInputStream(((X509EncodedKeySpec)keySpec).getEncoded()));
470                    }
471                    catch (Exception e)
472                    {
473                        throw (InvalidKeySpecException)new InvalidKeySpecException(e.getMessage()).initCause(e);
474                    }
475                }
476    
477                throw new InvalidKeySpecException("Unknown KeySpec type.");
478            }
479        }
480    }