• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2012 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package org.conscrypt;
18 
19 import java.security.InvalidAlgorithmParameterException;
20 import java.security.InvalidParameterException;
21 import java.security.KeyPair;
22 import java.security.KeyPairGenerator;
23 import java.security.SecureRandom;
24 import java.security.spec.AlgorithmParameterSpec;
25 import java.security.spec.ECGenParameterSpec;
26 import java.security.spec.ECParameterSpec;
27 import java.util.ArrayList;
28 import java.util.Arrays;
29 import java.util.HashMap;
30 import java.util.Map;
31 
32 /**
33  * An implementation of {@link KeyPairGenerator} for EC keys which uses BoringSSL to perform all the
34  * operations.
35  *
36  * @hide
37  */
38 @Internal
39 public final class OpenSSLECKeyPairGenerator extends KeyPairGenerator {
40     private static final String ALGORITHM = "EC";
41 
42     private static final int DEFAULT_KEY_SIZE = 256;
43 
44     private static final Map<Integer, String> SIZE_TO_CURVE_NAME = new HashMap<Integer, String>();
45 
46     static {
47         /* NIST curves */
48         SIZE_TO_CURVE_NAME.put(224, "secp224r1");
49         SIZE_TO_CURVE_NAME.put(256, "prime256v1");
50         SIZE_TO_CURVE_NAME.put(384, "secp384r1");
51         SIZE_TO_CURVE_NAME.put(521, "secp521r1");
52     }
53 
54     private OpenSSLECGroupContext group;
55 
OpenSSLECKeyPairGenerator()56     public OpenSSLECKeyPairGenerator() {
57         super(ALGORITHM);
58     }
59 
60     @Override
generateKeyPair()61     public KeyPair generateKeyPair() {
62         if (group == null) {
63             final String curveName = SIZE_TO_CURVE_NAME.get(DEFAULT_KEY_SIZE);
64             group = OpenSSLECGroupContext.getCurveByName(curveName);
65             if (group == null) {
66                 throw new RuntimeException("Curve not recognized: " + curveName);
67             }
68         }
69 
70         final OpenSSLKey key = new OpenSSLKey(
71                 NativeCrypto.EC_KEY_generate_key(group.getNativeRef()));
72         return new KeyPair(new OpenSSLECPublicKey(group, key), new OpenSSLECPrivateKey(group, key));
73     }
74 
75     @Override
initialize(int keysize, SecureRandom random)76     public void initialize(int keysize, SecureRandom random) {
77         final String name = SIZE_TO_CURVE_NAME.get(keysize);
78         if (name == null) {
79             throw new InvalidParameterException("unknown key size " + keysize);
80         }
81 
82         /*
83          * Store the group in a temporary variable until we know this is a valid
84          * group.
85          */
86         final OpenSSLECGroupContext possibleGroup = OpenSSLECGroupContext.getCurveByName(name);
87         if (possibleGroup == null) {
88             throw new InvalidParameterException("unknown curve " + name);
89         }
90 
91         group = possibleGroup;
92     }
93 
94     @Override
initialize(AlgorithmParameterSpec param, SecureRandom random)95     public void initialize(AlgorithmParameterSpec param, SecureRandom random)
96             throws InvalidAlgorithmParameterException {
97         if (param instanceof ECParameterSpec) {
98             ECParameterSpec ecParam = (ECParameterSpec) param;
99 
100             group = OpenSSLECGroupContext.getInstance(ecParam);
101         } else if (param instanceof ECGenParameterSpec) {
102             ECGenParameterSpec ecParam = (ECGenParameterSpec) param;
103 
104             final String curveName = ecParam.getName();
105 
106             /*
107              * Store the group in a temporary variable until we know this is a
108              * valid group.
109              */
110             final OpenSSLECGroupContext possibleGroup = OpenSSLECGroupContext
111                     .getCurveByName(curveName);
112             if (possibleGroup == null) {
113                 throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName);
114             }
115 
116             group = possibleGroup;
117         } else {
118             throw new InvalidAlgorithmParameterException(
119                     "parameter must be ECParameterSpec or ECGenParameterSpec");
120         }
121     }
122 
123     /** For testing. */
assertCurvesAreValid()124     public static void assertCurvesAreValid() {
125         ArrayList<String> invalidCurves = new ArrayList<>();
126         for (String curveName : SIZE_TO_CURVE_NAME.values()) {
127             if (OpenSSLECGroupContext.getCurveByName(curveName) == null) {
128                 invalidCurves.add(curveName);
129             }
130         }
131         if (invalidCurves.size() > 0) {
132             throw new AssertionError("Invalid curve names: "
133                     + Arrays.toString(invalidCurves.toArray()));
134         }
135     }
136 }
137