PKCS11KeyPairGeneratorSpi.java

/***********************************************************
 * $Id: PKCS11KeyPairGeneratorSpi.java 40 2007-01-27 17:41:06Z wolfgang.glas $
 * 
 * PKCS11 provider of the OpenSC project http://www.opensc-project.org
 *
 * Copyright (C) 2002-2006 ev-i Informationstechnologie GmbH
 *
 * Created: Jan 24, 2007
 *
 *  This library is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public
 *  License as published by the Free Software Foundation; either
 *  version 2.1 of the License, or (at your option) any later version.
 *
 *  This library is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  Lesser General Public License for more details.
 *
 *  You should have received a copy of the GNU Lesser General Public
 *  License along with this library; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
 * 
 ***********************************************************/

package org.opensc.pkcs11.spi;

import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGeneratorSpi;
import java.security.SecureRandom;
import java.security.KeyStore.LoadStoreParameter;
import java.security.spec.AlgorithmParameterSpec;

import org.opensc.pkcs11.PKCS11Provider;
import org.opensc.pkcs11.PKCS11SessionStore;
import org.opensc.pkcs11.spec.PKCS11DSAKeyPairGenParameterSpec;
import org.opensc.pkcs11.spec.PKCS11RSAKeyPairGenParameterSpec;
import org.opensc.pkcs11.wrap.PKCS11DSAKeyPairGenerator;
import org.opensc.pkcs11.wrap.PKCS11Exception;
import org.opensc.pkcs11.wrap.PKCS11KeyPairGenerator;
import org.opensc.pkcs11.wrap.PKCS11RSAKeyPairGenerator;

import de.kp.logging.Log;
import de.kp.logging.LogFactory;

/**
 * This is the PKCS11 implementation of the JCE KeyPairGenerator
 * facility.
 * 
 * @author wglas
 */
public class PKCS11KeyPairGeneratorSpi extends KeyPairGeneratorSpi
{
    static Log log = LogFactory.getLog(PKCS11KeyPairGeneratorSpi.class);

    private PKCS11Provider provider;
    private String algorithm;
    private PKCS11SessionStore sessionStore;
    private boolean needToCloseSesionStore;
    private PKCS11KeyPairGenerator generator;
    
    /**
     * @param provider
     * @param algorithm
     */
    public PKCS11KeyPairGeneratorSpi(PKCS11Provider provider, String algorithm)
    {
        this.provider = provider;
        this.algorithm = algorithm;
        this.generator = null;
        this.sessionStore = null;
        this.needToCloseSesionStore = false;
    }
    
    /* (non-Javadoc)
     * @see java.security.KeyPairGeneratorSpi#initialize(int, java.security.SecureRandom)
     */
    @Override
    public void initialize(int arg0, SecureRandom arg1)
    {
        throw new UnsupportedOperationException("PKCS11KeyPairGeneratorSpi.initialize(int,SecureRandeom) is not supported.");
    }

    /* (non-Javadoc)
     * @see java.security.KeyPairGeneratorSpi#initialize(java.security.spec.AlgorithmParameterSpec, java.security.SecureRandom)
     */
    @Override
    public void initialize(AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException
    {
        LoadStoreParameter loadStoreParameter;
        
        if ("RSA".equals(this.algorithm))
        {
            if (!(params instanceof PKCS11RSAKeyPairGenParameterSpec))
                throw new InvalidAlgorithmParameterException("RSA AlgorithmParameterSpec must be of type PKCS11RSAKeyPairGenParameterSpec.");
     
            PKCS11RSAKeyPairGenParameterSpec rsaSpec =(PKCS11RSAKeyPairGenParameterSpec)params;
            
            this.generator = new PKCS11RSAKeyPairGenerator(rsaSpec);
            loadStoreParameter = rsaSpec.getLoadStoreParameter();
        }
        else if ("DSA".equals(this.algorithm))
        {
            if (!(params instanceof PKCS11DSAKeyPairGenParameterSpec))
                throw new InvalidAlgorithmParameterException("DSA AlgorithmParameterSpec must be of type PKCS11DSAKeyPairGenParameterSpec.");
                   
            PKCS11DSAKeyPairGenParameterSpec dsaSpec = (PKCS11DSAKeyPairGenParameterSpec)params;
            this.generator = new PKCS11DSAKeyPairGenerator(dsaSpec);
            loadStoreParameter = dsaSpec.getLoadStoreParameter();
        }
        else
            throw new InvalidAlgorithmParameterException("Algorithm "+this.algorithm+" is not supported.");
        
        try{
            if (this.sessionStore != null)
            {
                if (this.needToCloseSesionStore)
                    this.sessionStore.close();
            }
                
            if (loadStoreParameter instanceof PKCS11SessionStore)
            {
                this.sessionStore = (PKCS11SessionStore)loadStoreParameter;
                this.needToCloseSesionStore = false;
            }
            else
            {
                this.sessionStore = new PKCS11SessionStore();
                this.needToCloseSesionStore = true;
                this.sessionStore.open(this.provider, loadStoreParameter);
            }

        } catch (PKCS11Exception e) {
            throw new RuntimeException(e);
        } catch (IOException e)
        {
            throw new RuntimeException(e);
        }
        
     }

    /* (non-Javadoc)
     * @see java.security.KeyPairGeneratorSpi#generateKeyPair()
     */
    @Override
    public KeyPair generateKeyPair()
    {
        try
        {
            return this.generator.generateKeyPair(this.sessionStore.getSession());
            
        } catch (PKCS11Exception e)
        {
            throw new RuntimeException(e);
        }
    }
}