Example #1
0
 private int implDoFinal(byte[] out, int outOfs, int outLen)
     throws BadPaddingException, IllegalBlockSizeException {
   if (bufOfs > maxInputSize) {
     throw new IllegalBlockSizeException(
         "Data must not be longer " + "than " + maxInputSize + " bytes");
   }
   try {
     ensureInitialized();
     PKCS11 p11 = token.p11;
     int n;
     switch (mode) {
       case MODE_ENCRYPT:
         n = p11.C_Encrypt(session.id(), buffer, 0, bufOfs, out, outOfs, outLen);
         break;
       case MODE_DECRYPT:
         n = p11.C_Decrypt(session.id(), buffer, 0, bufOfs, out, outOfs, outLen);
         break;
       case MODE_SIGN:
         byte[] tmpBuffer = new byte[bufOfs];
         System.arraycopy(buffer, 0, tmpBuffer, 0, bufOfs);
         tmpBuffer = p11.C_Sign(session.id(), tmpBuffer);
         if (tmpBuffer.length > outLen) {
           throw new BadPaddingException("Output buffer too small");
         }
         System.arraycopy(tmpBuffer, 0, out, outOfs, tmpBuffer.length);
         n = tmpBuffer.length;
         break;
       case MODE_VERIFY:
         n = p11.C_VerifyRecover(session.id(), buffer, 0, bufOfs, out, outOfs, outLen);
         break;
       default:
         throw new ProviderException("internal error");
     }
     return n;
   } catch (PKCS11Exception e) {
     throw (BadPaddingException) new BadPaddingException("doFinal() failed").initCause(e);
   } finally {
     initialized = false;
     session = token.releaseSession(session);
   }
 }
Example #2
0
 // see JCE spec
 protected byte[] engineWrap(Key key) throws InvalidKeyException, IllegalBlockSizeException {
   String keyAlg = key.getAlgorithm();
   P11Key sKey = null;
   try {
     // The conversion may fail, e.g. trying to wrap an AES key on
     // a token that does not support AES, or when the key size is
     // not within the range supported by the token.
     sKey = P11SecretKeyFactory.convertKey(token, key, keyAlg);
   } catch (InvalidKeyException ike) {
     byte[] toBeWrappedKey = key.getEncoded();
     if (toBeWrappedKey == null) {
       throw new InvalidKeyException("wrap() failed, no encoding available", ike);
     }
     // Directly encrypt the key encoding when key conversion failed
     implInit(Cipher.ENCRYPT_MODE, p11Key);
     implUpdate(toBeWrappedKey, 0, toBeWrappedKey.length);
     try {
       return doFinal();
     } catch (BadPaddingException bpe) {
       // should not occur
       throw new InvalidKeyException("wrap() failed", bpe);
     } finally {
       // Restore original mode
       implInit(Cipher.WRAP_MODE, p11Key);
     }
   }
   Session s = null;
   try {
     s = token.getOpSession();
     return token.p11.C_WrapKey(s.id(), new CK_MECHANISM(mechanism), p11Key.keyID, sKey.keyID);
   } catch (PKCS11Exception e) {
     throw new InvalidKeyException("wrap() failed", e);
   } finally {
     token.releaseSession(s);
   }
 }