4589N/A * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * RSA Cipher implementation class. We currently only support 0N/A * PKCS#1 v1.5 padding on top of CKM_RSA_PKCS. 0N/A * @author Andreas Sterbenz 0N/A // minimum length of PKCS#1 v1.5 padding 0N/A // constant byte[] of length 0 0N/A private final static byte[]
B0 =
new byte[
0];
0N/A // mode constant for public key encryption 0N/A // mode constant for private key decryption 0N/A // mode constant for private key encryption (signing) 0N/A // mode constant for public key decryption (verifying) 3681N/A // padding type constant for NoPadding 3681N/A // padding type constant for PKCS1Padding 0N/A // algorithm name (always "RSA") 0N/A // associated session, if any 0N/A // mode, one of MODE_* above 3681N/A // padding, one of PAD_* above 0N/A // key, if init() was called 0N/A // flag indicating whether an operation is initialized 0N/A // maximum input data size allowed 0N/A // for decryption, this is the length of the key 0N/A // for encryption, length of the key minus minimum padding length 0N/A // maximum output size. this is the length of the key 0N/A // modes do not make sense for RSA, but allow ECB 0N/A // return 0 as block size, we are not a block cipher 0N/A // return the output size 0N/A // no IV, return null 0N/A // no parameters, return null 0N/A (
"Parameters not supported");
0N/A (
"Parameters not supported");
0N/A (
"Wrap has to be used with public keys");
150N/A // No further setup needed for C_Wrap(). We'll initialize later if 150N/A // we can't use C_Wrap(). 0N/A (
"Unwrap has to be used with private keys");
936N/A // No further setup needed for C_Unwrap(). We'll initialize later 936N/A // if we can't use C_Unwrap(). 0N/A // XXX ensure this always works, ignore error 0N/A byte[] t =
new byte[
2048];
150N/A // The conversion may fail, e.g. trying to wrap an AES key on 150N/A // a token that does not support AES, or when the key size is 150N/A // not within the range supported by the token. 150N/A (
"wrap() failed, no encoding available",
ike);
150N/A // Directly encrypt the key encoding when key conversion failed 150N/A // Restore original mode 0N/A // the instance variable "session" has been initialized for 0N/A // decrypt mode, so use a local variable instead. 0N/A // XXX implement unwrap using C_Unwrap() for all keys 0N/A // should not occur, handled with length check above 0N/A * Construct a public key from its encoding. 0N/A * @param encodedKey the encoding of a public key. 0N/A * @param encodedKeyAlgorithm the algorithm the encodedKey is for. 0N/A * @return a public key constructed from the encodedKey. 0N/A "can create keys for the " +
0N/A * Construct a private key from its encoding. 0N/A * @param encodedKey the encoding of a private key. 0N/A * @param encodedKeyAlgorithm the algorithm the wrapped key is for. 0N/A * @return a private key constructed from the encodedKey. 0N/A "can create keys for the " +
0N/A * Construct a secret key from its encoding. 0N/A * @param encodedKey the encoding of a secret key. 0N/A * @param encodedKeyAlgorithm the algorithm the secret key is for. 0N/A * @return a secret key constructed from the encodedKey.