1
/*
2
 * Copyright (c) 2005, 2020, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.  Oracle designates this
8
 * particular file as subject to the "Classpath" exception as provided
9
 * by Oracle in the LICENSE file that accompanied this code.
10
 *
11
 * This code is distributed in the hope that it will be useful, but WITHOUT
12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
 * version 2 for more details (a copy is included in the LICENSE file that
15
 * accompanied this code).
16
 *
17
 * You should have received a copy of the GNU General Public License version
18
 * 2 along with this work; if not, write to the Free Software Foundation,
19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20
 *
21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22
 * or visit www.oracle.com if you need additional information or have any
23
 * questions.
24
 */
25

26
package sun.security.mscapi;
27

28
import sun.security.util.KeyUtil;
29
import sun.security.util.Length;
30

31
import java.math.BigInteger;
32
import java.security.Key;
33
import java.security.interfaces.ECPrivateKey;
34
import java.security.interfaces.ECPublicKey;
35

36
/**
37
 * The handle for a key using the Microsoft Crypto API.
38
 *
39
 * @see CPrivateKey
40
 * @see CPublicKey
41
 *
42
 * @since 1.6
43
 * @author  Stanley Man-Kit Ho
44
 */
45
abstract class CKey implements Key, Length {
46
    private static final long serialVersionUID = -1088859394025049194L;
47

48
    static class NativeHandles {
49

50
        long hCryptProv = 0;
51
        long hCryptKey = 0;
52

53
        public NativeHandles(long hCryptProv, long hCryptKey) {
54
            this.hCryptProv = hCryptProv;
55
            this.hCryptKey = hCryptKey;
56
        }
57

58
        @SuppressWarnings("deprecation")
59
        protected void finalize() throws Throwable {
60
            try {
61
                synchronized(this) {
62
                    cleanUp(hCryptProv, hCryptKey);
63
                    hCryptProv = 0;
64
                    hCryptKey = 0;
65
                }
66

67
            } finally {
68
                super.finalize();
69
            }
70
        }
71
    }
72

73
    protected final NativeHandles handles;
74

75
    protected final int keyLength;
76

77
    protected final String algorithm;
78

79
    protected CKey(String algorithm, NativeHandles handles, int keyLength) {
80
        this.algorithm = algorithm;
81
        this.handles = handles;
82
        this.keyLength = keyLength;
83
    }
84

85
    // Native method to cleanup the key handle.
86
    private native static void cleanUp(long hCryptProv, long hCryptKey);
87

88
    @Override
89
    public int length() {
90
        return keyLength;
91
    }
92

93
    public long getHCryptKey() {
94
        return handles.hCryptKey;
95
    }
96

97
    public long getHCryptProvider() {
98
        return handles.hCryptProv;
99
    }
100

101
    public String getAlgorithm() {
102
        return algorithm;
103
    }
104

105
    protected native static String getContainerName(long hCryptProv);
106

107
    protected native static String getKeyType(long hCryptKey);
108

109
    // This java method generates EC BLOBs for public key or private key.
110
    // See https://docs.microsoft.com/en-us/windows/desktop/api/bcrypt/ns-bcrypt-_bcrypt_ecckey_blob
111
    static byte[] generateECBlob(Key k) {
112

113
        int keyBitLength = KeyUtil.getKeySize(k);
114
        int keyLen = (keyBitLength + 7) / 8;
115
        boolean isPrivate = k instanceof ECPrivateKey;
116

117
        byte[] keyBlob = new byte[8 + keyLen * (isPrivate ? 3 : 2)];
118
        keyBlob[0] = 'E';
119
        keyBlob[1] = 'C';
120
        keyBlob[2] = 'S';
121
        if (isPrivate) {
122
            keyBlob[3] = (byte) (keyBitLength == 256 ? '2'
123
                    : (keyBitLength == 384 ? '4' : '6'));
124
        } else {
125
            keyBlob[3] = (byte) (keyBitLength == 256 ? '1'
126
                    : (keyBitLength == 384 ? '3' : '5'));
127
        }
128
        BigInteger x;
129
        BigInteger y;
130
        // Fill the array in reverse order (s -> y -> x -> len) in case
131
        // one BigInteger encoding has an extra 0 at the beginning
132
        if (isPrivate) {
133
            // We can keep X and Y zero and it still works
134
            ECPrivateKey prk = (ECPrivateKey)k;
135
            BigInteger s = prk.getS();
136
            byte[] bs = s.toByteArray();
137
            System.arraycopy(
138
                    bs, 0,
139
                    keyBlob, 8 + keyLen + keyLen + keyLen - bs.length,
140
                    bs.length);
141
        } else {
142
            ECPublicKey puk = (ECPublicKey)k;
143
            x = puk.getW().getAffineX();
144
            y = puk.getW().getAffineY();
145
            byte[] by = y.toByteArray();
146
            System.arraycopy(by, 0, keyBlob, 8 + keyLen + keyLen - by.length,
147
                    by.length);
148
            byte[] bx = x.toByteArray();
149
            System.arraycopy(bx, 0, keyBlob, 8 + keyLen - bx.length, bx.length);
150
        }
151
        keyBlob[4] = (byte) keyLen;
152
        keyBlob[5] = keyBlob[6] = keyBlob[7] = 0;
153
        return keyBlob;
154
    }
155
}
156

157