private void initFromKey(Key key) throws InvalidKeyException {
if (agreement instanceof ECMQVBasicAgreement) {
if (!(key instanceof MQVPrivateKey)) {
throw new InvalidKeyException(
kaAlgorithm
+ " key agreement requires "
+ getSimpleName(MQVPrivateKey.class)
+ " for initialisation");
}
MQVPrivateKey mqvPrivKey = (MQVPrivateKey) key;
ECPrivateKeyParameters staticPrivKey =
(ECPrivateKeyParameters)
ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey());
ECPrivateKeyParameters ephemPrivKey =
(ECPrivateKeyParameters)
ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey());
ECPublicKeyParameters ephemPubKey = null;
if (mqvPrivKey.getEphemeralPublicKey() != null) {
ephemPubKey =
(ECPublicKeyParameters)
ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey());
}
MQVPrivateParameters localParams =
new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
this.parameters = staticPrivKey.getParameters();
// TODO Validate that all the keys are using the same parameters?
agreement.init(localParams);
} else {
if (!(key instanceof PrivateKey)) {
throw new InvalidKeyException(
kaAlgorithm
+ " key agreement requires "
+ getSimpleName(ECPrivateKey.class)
+ " for initialisation");
}
ECPrivateKeyParameters privKey =
(ECPrivateKeyParameters) ECUtil.generatePrivateKeyParameter((PrivateKey) key);
this.parameters = privKey.getParameters();
agreement.init(privKey);
}
}
protected Key engineDoPhase(Key key, boolean lastPhase)
throws InvalidKeyException, IllegalStateException {
if (parameters == null) {
throw new IllegalStateException(kaAlgorithm + " not initialised.");
}
if (!lastPhase) {
throw new IllegalStateException(kaAlgorithm + " can only be between two parties.");
}
CipherParameters pubKey;
if (agreement instanceof ECMQVBasicAgreement) {
if (!(key instanceof MQVPublicKey)) {
throw new InvalidKeyException(
kaAlgorithm
+ " key agreement requires "
+ getSimpleName(MQVPublicKey.class)
+ " for doPhase");
}
MQVPublicKey mqvPubKey = (MQVPublicKey) key;
ECPublicKeyParameters staticKey =
(ECPublicKeyParameters) ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey());
ECPublicKeyParameters ephemKey =
(ECPublicKeyParameters) ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey());
pubKey = new MQVPublicParameters(staticKey, ephemKey);
// TODO Validate that all the keys are using the same parameters?
} else {
if (!(key instanceof PublicKey)) {
throw new InvalidKeyException(
kaAlgorithm
+ " key agreement requires "
+ getSimpleName(ECPublicKey.class)
+ " for doPhase");
}
pubKey = ECUtil.generatePublicKeyParameter((PublicKey) key);
// TODO Validate that all the keys are using the same parameters?
}
result = agreement.calculateAgreement(pubKey);
return null;
}
protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException {
if (!(key instanceof IESKey)) {
throw new InvalidKeyException("must be passed IES key");
}
if (params == null && (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE)) {
//
// if nothing is specified we set up for a 128 bit mac, with
// 128 bit derivation vectors.
//
byte[] d = new byte[16];
byte[] e = new byte[16];
if (random == null) {
random = new SecureRandom();
}
random.nextBytes(d);
random.nextBytes(e);
params = new IESParameterSpec(d, e, 128);
} else if (!(params instanceof IESParameterSpec)) {
throw new InvalidAlgorithmParameterException("must be passed IES parameters");
}
IESKey ieKey = (IESKey) key;
CipherParameters pubKey;
CipherParameters privKey;
if (ieKey.getPublic() instanceof ECPublicKey) {
pubKey = ECUtil.generatePublicKeyParameter(ieKey.getPublic());
privKey = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate());
} else {
pubKey = DHUtil.generatePublicKeyParameter(ieKey.getPublic());
privKey = DHUtil.generatePrivateKeyParameter(ieKey.getPrivate());
}
this.engineParams = (IESParameterSpec) params;
IESParameters p =
new IESParameters(
engineParams.getDerivationV(),
engineParams.getEncodingV(),
engineParams.getMacKeySize());
this.state = opmode;
buffer.reset();
switch (opmode) {
case Cipher.ENCRYPT_MODE:
case Cipher.WRAP_MODE:
cipher.init(true, privKey, pubKey, p);
break;
case Cipher.DECRYPT_MODE:
case Cipher.UNWRAP_MODE:
cipher.init(false, privKey, pubKey, p);
break;
default:
System.out.println("eeek!");
}
}