use of org.xipki.security.pkcs11.provider.P11PrivateKey in project xipki by xipki.
the class AbstractP11ECDSASignatureSpi method engineInitSign.
@Override
protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
if (!(privateKey instanceof P11PrivateKey)) {
throw new InvalidKeyException("privateKey is not instanceof " + P11PrivateKey.class.getName());
}
String algo = privateKey.getAlgorithm();
if (!("EC".equals(algo) || "ECDSA".equals(algo))) {
throw new InvalidKeyException("privateKey is not an EC private key: " + algo);
}
this.signingKey = (P11PrivateKey) privateKey;
if (signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA)) {
mechanism = PKCS11Constants.CKM_ECDSA;
if (hashAlgo == null) {
outputStream = new ByteArrayOutputStream();
} else {
outputStream = new DigestOutputStream(hashAlgo.createDigest());
}
} else {
if (hashAlgo == HashAlgo.SHA1 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA1)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA1;
} else if (hashAlgo == HashAlgo.SHA224 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA224)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA224;
} else if (hashAlgo == HashAlgo.SHA256 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA256)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA256;
} else if (hashAlgo == HashAlgo.SHA384 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA384)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA384;
} else if (hashAlgo == HashAlgo.SHA512 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA512)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA512;
} else if (hashAlgo == HashAlgo.SHA3_224 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA3_224)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA3_224;
} else if (hashAlgo == HashAlgo.SHA3_256 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA3_256)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA3_256;
} else if (hashAlgo == HashAlgo.SHA3_384 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA3_384)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA3_384;
} else if (hashAlgo == HashAlgo.SHA3_512 && signingKey.supportsMechanism(PKCS11Constants.CKM_ECDSA_SHA3_512)) {
mechanism = PKCS11Constants.CKM_ECDSA_SHA3_512;
} else {
throw new InvalidKeyException("privateKey and algorithm does not match");
}
outputStream = new ByteArrayOutputStream();
}
this.signingKey = (P11PrivateKey) privateKey;
}
Aggregations