/* * Class: sun_security_pkcs11_wrapper_PKCS11 * Method: C_VerifyRecoverInit * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J)V * Parametermapping: *PKCS11* * @param jlong jSessionHandle CK_SESSION_HANDLE hSession * @param jobject jMechanism CK_MECHANISM_PTR pMechanism * @return jlong jKeyHandle CK_OBJECT_HANDLE hKey */ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecoverInit (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jKeyHandle) { CK_SESSION_HANDLE ckSessionHandle; CK_MECHANISM ckMechanism; CK_OBJECT_HANDLE ckKeyHandle; CK_RV rv; CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); if (ckpFunctions == NULL) { return; } ckSessionHandle = jLongToCKULong(jSessionHandle); jMechanismToCKMechanism(env, jMechanism, &ckMechanism); if ((*env)->ExceptionCheck(env)) { return; } ckKeyHandle = jLongToCKULong(jKeyHandle); rv = (*ckpFunctions->C_VerifyRecoverInit)(ckSessionHandle, &ckMechanism, ckKeyHandle); if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; } }
/* * Class: sun_security_pkcs11_wrapper_PKCS11 * Method: C_GenerateKey * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J * Parametermapping: *PKCS11* * @param jlong jSessionHandle CK_SESSION_HANDLE hSession * @param jobject jMechanism CK_MECHANISM_PTR pMechanism * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate * CK_ULONG ulCount * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey */ JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jobjectArray jTemplate) { CK_SESSION_HANDLE ckSessionHandle; CK_MECHANISM ckMechanism; CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR; CK_ULONG ckAttributesLength; CK_OBJECT_HANDLE ckKeyHandle = 0; jlong jKeyHandle = 0L; CK_RV rv; CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); if (ckpFunctions == NULL) { return 0L; } ckSessionHandle = jLongToCKULong(jSessionHandle); jMechanismToCKMechanism(env, jMechanism, &ckMechanism); if ((*env)->ExceptionCheck(env)) { return 0L ; } jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength); if ((*env)->ExceptionCheck(env)) { if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } return 0L; } rv = (*ckpFunctions->C_GenerateKey)(ckSessionHandle, &ckMechanism, ckpAttributes, ckAttributesLength, &ckKeyHandle); if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) { jKeyHandle = ckULongToJLong(ckKeyHandle); /* cheack, if we must give a initialization vector back to Java */ switch (ckMechanism.mechanism) { case CKM_PBE_MD2_DES_CBC: case CKM_PBE_MD5_DES_CBC: case CKM_PBE_MD5_CAST_CBC: case CKM_PBE_MD5_CAST3_CBC: case CKM_PBE_MD5_CAST128_CBC: /* case CKM_PBE_MD5_CAST5_CBC: the same as CKM_PBE_MD5_CAST128_CBC */ case CKM_PBE_SHA1_CAST128_CBC: /* case CKM_PBE_SHA1_CAST5_CBC: the same as CKM_PBE_SHA1_CAST128_CBC */ /* we must copy back the initialization vector to the jMechanism object */ copyBackPBEInitializationVector(env, &ckMechanism, jMechanism); break; } } if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } freeCKAttributeArray(ckpAttributes, ckAttributesLength); return jKeyHandle ; }
/* * Class: sun_security_pkcs11_wrapper_PKCS11 * Method: C_Digest * Signature: (J[BII[BII)I * Parametermapping: *PKCS11* * @param jlong jSessionHandle CK_SESSION_HANDLE hSession * @param jbyteArray jData CK_BYTE_PTR pData * CK_ULONG ulDataLen * @return jbyteArray jDigest CK_BYTE_PTR pDigest * CK_ULONG_PTR pulDigestLen */ JNIEXPORT jint JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestSingle (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jbyteArray jIn, jint jInOfs, jint jInLen, jbyteArray jDigest, jint jDigestOfs, jint jDigestLen) { CK_SESSION_HANDLE ckSessionHandle; CK_RV rv; CK_BYTE_PTR bufP; CK_BYTE BUF[MAX_STACK_BUFFER_LEN]; CK_BYTE DIGESTBUF[MAX_DIGEST_LEN]; CK_ULONG ckDigestLength = min(MAX_DIGEST_LEN, jDigestLen); CK_MECHANISM ckMechanism; CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); if (ckpFunctions == NULL) { return 0; } ckSessionHandle = jLongToCKULong(jSessionHandle); jMechanismToCKMechanism(env, jMechanism, &ckMechanism); if ((*env)->ExceptionCheck(env)) { return 0; } rv = (*ckpFunctions->C_DigestInit)(ckSessionHandle, &ckMechanism); if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return 0; } if (jInLen <= MAX_STACK_BUFFER_LEN) { bufP = BUF; } else { /* always use single part op, even for large data */ bufP = (CK_BYTE_PTR) malloc((size_t)jInLen); if (bufP == NULL) { JNU_ThrowOutOfMemoryError(env, 0); return 0; } } (*env)->GetByteArrayRegion(env, jIn, jInOfs, jInLen, (jbyte *)bufP); if ((*env)->ExceptionCheck(env)) { if (bufP != BUF) { free(bufP); } return 0; } rv = (*ckpFunctions->C_Digest)(ckSessionHandle, bufP, jInLen, DIGESTBUF, &ckDigestLength); if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) { (*env)->SetByteArrayRegion(env, jDigest, jDigestOfs, ckDigestLength, (jbyte *)DIGESTBUF); } if (bufP != BUF) { free(bufP); } return ckDigestLength; }
/* * Class: sun_security_pkcs11_wrapper_PKCS11 * Method: C_WrapKey * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;JJ)[B * Parametermapping: *PKCS11* * @param jlong jSessionHandle CK_SESSION_HANDLE hSession * @param jobject jMechanism CK_MECHANISM_PTR pMechanism * @param jlong jWrappingKeyHandle CK_OBJECT_HANDLE hWrappingKey * @param jlong jKeyHandle CK_OBJECT_HANDLE hKey * @return jbyteArray jWrappedKey CK_BYTE_PTR pWrappedKey * CK_ULONG_PTR pulWrappedKeyLen */ JNIEXPORT jbyteArray JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1WrapKey (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jWrappingKeyHandle, jlong jKeyHandle) { CK_SESSION_HANDLE ckSessionHandle; CK_MECHANISM ckMechanism; CK_OBJECT_HANDLE ckWrappingKeyHandle; CK_OBJECT_HANDLE ckKeyHandle; jbyteArray jWrappedKey = NULL; CK_RV rv; CK_BYTE BUF[MAX_STACK_BUFFER_LEN]; CK_BYTE_PTR ckpWrappedKey = BUF; CK_ULONG ckWrappedKeyLength = MAX_STACK_BUFFER_LEN; CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); if (ckpFunctions == NULL) { return NULL; } ckSessionHandle = jLongToCKULong(jSessionHandle); jMechanismToCKMechanism(env, jMechanism, &ckMechanism); if ((*env)->ExceptionCheck(env)) { return NULL; } ckWrappingKeyHandle = jLongToCKULong(jWrappingKeyHandle); ckKeyHandle = jLongToCKULong(jKeyHandle); rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism, ckWrappingKeyHandle, ckKeyHandle, ckpWrappedKey, &ckWrappedKeyLength); if (rv == CKR_BUFFER_TOO_SMALL) { ckpWrappedKey = (CK_BYTE_PTR) malloc(ckWrappedKeyLength); if (ckpWrappedKey == NULL) { if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } throwOutOfMemoryError(env, 0); return NULL; } rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism, ckWrappingKeyHandle, ckKeyHandle, ckpWrappedKey, &ckWrappedKeyLength); } if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) { jWrappedKey = ckByteArrayToJByteArray(env, ckpWrappedKey, ckWrappedKeyLength); } if (ckpWrappedKey != BUF) { free(ckpWrappedKey); } if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } return jWrappedKey ; }
/* * Class: sun_security_pkcs11_wrapper_PKCS11 * Method: C_DeriveKey * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J * Parametermapping: *PKCS11* * @param jlong jSessionHandle CK_SESSION_HANDLE hSession * @param jobject jMechanism CK_MECHANISM_PTR pMechanism * @param jlong jBaseKeyHandle CK_OBJECT_HANDLE hBaseKey * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate * CK_ULONG ulCount * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey */ JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1DeriveKey (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jBaseKeyHandle, jobjectArray jTemplate) { CK_SESSION_HANDLE ckSessionHandle; CK_MECHANISM ckMechanism; CK_OBJECT_HANDLE ckBaseKeyHandle; CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR; CK_ULONG ckAttributesLength; CK_OBJECT_HANDLE ckKeyHandle = 0; jlong jKeyHandle = 0L; CK_RV rv; CK_OBJECT_HANDLE_PTR phKey = &ckKeyHandle; CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); if (ckpFunctions == NULL) { return 0L; } ckSessionHandle = jLongToCKULong(jSessionHandle); jMechanismToCKMechanism(env, jMechanism, &ckMechanism); if ((*env)->ExceptionCheck(env)) { return 0L; } ckBaseKeyHandle = jLongToCKULong(jBaseKeyHandle); jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength); if ((*env)->ExceptionCheck(env)) { if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } return 0L; } switch (ckMechanism.mechanism) { case CKM_SSL3_KEY_AND_MAC_DERIVE: case CKM_TLS_KEY_AND_MAC_DERIVE: case CKM_TLS_PRF: // these mechanism do not return a key handle via phKey // set to NULL in case pedantic implementations check for it phKey = NULL; break; default: // empty break; } rv = (*ckpFunctions->C_DeriveKey)(ckSessionHandle, &ckMechanism, ckBaseKeyHandle, ckpAttributes, ckAttributesLength, phKey); jKeyHandle = ckLongToJLong(ckKeyHandle); freeCKAttributeArray(ckpAttributes, ckAttributesLength); switch (ckMechanism.mechanism) { case CKM_SSL3_MASTER_KEY_DERIVE: case CKM_TLS_MASTER_KEY_DERIVE: /* we must copy back the client version */ copyBackClientVersion(env, &ckMechanism, jMechanism); freeMasterKeyDeriveParams(&ckMechanism); break; case CKM_SSL3_MASTER_KEY_DERIVE_DH: case CKM_TLS_MASTER_KEY_DERIVE_DH: freeMasterKeyDeriveParams(&ckMechanism); break; case CKM_SSL3_KEY_AND_MAC_DERIVE: case CKM_TLS_KEY_AND_MAC_DERIVE: /* we must copy back the unwrapped key info to the jMechanism object */ copyBackSSLKeyMatParams(env, &ckMechanism, jMechanism); break; case CKM_TLS_PRF: copyBackTLSPrfParams(env, &ckMechanism, jMechanism); break; case CKM_ECDH1_DERIVE: freeEcdh1DeriveParams(&ckMechanism); break; default: // empty break; } if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return 0L ; } return jKeyHandle ; }
/* * Class: sun_security_pkcs11_wrapper_PKCS11 * Method: C_UnwrapKey * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J[B[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J * Parametermapping: *PKCS11* * @param jlong jSessionHandle CK_SESSION_HANDLE hSession * @param jobject jMechanism CK_MECHANISM_PTR pMechanism * @param jlong jUnwrappingKeyHandle CK_OBJECT_HANDLE hUnwrappingKey * @param jbyteArray jWrappedKey CK_BYTE_PTR pWrappedKey * CK_ULONG_PTR pulWrappedKeyLen * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate * CK_ULONG ulCount * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey */ JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1UnwrapKey (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jUnwrappingKeyHandle, jbyteArray jWrappedKey, jobjectArray jTemplate) { CK_SESSION_HANDLE ckSessionHandle; CK_MECHANISM ckMechanism; CK_OBJECT_HANDLE ckUnwrappingKeyHandle; CK_BYTE_PTR ckpWrappedKey = NULL_PTR; CK_ULONG ckWrappedKeyLength; CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR; CK_ULONG ckAttributesLength; CK_OBJECT_HANDLE ckKeyHandle = 0; jlong jKeyHandle = 0L; CK_RV rv; CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); if (ckpFunctions == NULL) { return 0L; } ckSessionHandle = jLongToCKULong(jSessionHandle); jMechanismToCKMechanism(env, jMechanism, &ckMechanism); if ((*env)->ExceptionCheck(env)) { return 0L; } ckUnwrappingKeyHandle = jLongToCKULong(jUnwrappingKeyHandle); jByteArrayToCKByteArray(env, jWrappedKey, &ckpWrappedKey, &ckWrappedKeyLength); if ((*env)->ExceptionCheck(env)) { if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } return 0L; } jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength); if ((*env)->ExceptionCheck(env)) { if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } free(ckpWrappedKey); return 0L; } rv = (*ckpFunctions->C_UnwrapKey)(ckSessionHandle, &ckMechanism, ckUnwrappingKeyHandle, ckpWrappedKey, ckWrappedKeyLength, ckpAttributes, ckAttributesLength, &ckKeyHandle); if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) { jKeyHandle = ckLongToJLong(ckKeyHandle); #if 0 /* cheack, if we must give a initialization vector back to Java */ if (ckMechanism.mechanism == CKM_KEY_WRAP_SET_OAEP) { /* we must copy back the unwrapped key info to the jMechanism object */ copyBackSetUnwrappedKey(env, &ckMechanism, jMechanism); } #endif } if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } freeCKAttributeArray(ckpAttributes, ckAttributesLength); free(ckpWrappedKey); return jKeyHandle ; }
/* * Class: sun_security_pkcs11_wrapper_PKCS11 * Method: C_GenerateKeyPair * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)[J * Parametermapping: *PKCS11* * @param jlong jSessionHandle CK_SESSION_HANDLE hSession * @param jobject jMechanism CK_MECHANISM_PTR pMechanism * @param jobjectArray jPublicKeyTemplate CK_ATTRIBUTE_PTR pPublicKeyTemplate * CK_ULONG ulPublicKeyAttributeCount * @param jobjectArray jPrivateKeyTemplate CK_ATTRIBUTE_PTR pPrivateKeyTemplate * CK_ULONG ulPrivateKeyAttributeCount * @return jlongArray jKeyHandles CK_OBJECT_HANDLE_PTR phPublicKey * CK_OBJECT_HANDLE_PTR phPublicKey */ JNIEXPORT jlongArray JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKeyPair (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jobjectArray jPublicKeyTemplate, jobjectArray jPrivateKeyTemplate) { CK_SESSION_HANDLE ckSessionHandle; CK_MECHANISM ckMechanism; CK_ATTRIBUTE_PTR ckpPublicKeyAttributes = NULL_PTR; CK_ATTRIBUTE_PTR ckpPrivateKeyAttributes = NULL_PTR; CK_ULONG ckPublicKeyAttributesLength; CK_ULONG ckPrivateKeyAttributesLength; CK_OBJECT_HANDLE_PTR ckpPublicKeyHandle; /* pointer to Public Key */ CK_OBJECT_HANDLE_PTR ckpPrivateKeyHandle; /* pointer to Private Key */ CK_OBJECT_HANDLE_PTR ckpKeyHandles; /* pointer to array with Public and Private Key */ jlongArray jKeyHandles = NULL; CK_RV rv; CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); if (ckpFunctions == NULL) { return NULL; } ckSessionHandle = jLongToCKULong(jSessionHandle); jMechanismToCKMechanism(env, jMechanism, &ckMechanism); if ((*env)->ExceptionCheck(env)) { return NULL; } ckpKeyHandles = (CK_OBJECT_HANDLE_PTR) malloc(2 * sizeof(CK_OBJECT_HANDLE)); if (ckpKeyHandles == NULL) { if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } throwOutOfMemoryError(env, 0); return NULL; } ckpPublicKeyHandle = ckpKeyHandles; /* first element of array is Public Key */ ckpPrivateKeyHandle = (ckpKeyHandles + 1); /* second element of array is Private Key */ jAttributeArrayToCKAttributeArray(env, jPublicKeyTemplate, &ckpPublicKeyAttributes, &ckPublicKeyAttributesLength); if ((*env)->ExceptionCheck(env)) { if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } free(ckpKeyHandles); return NULL; } jAttributeArrayToCKAttributeArray(env, jPrivateKeyTemplate, &ckpPrivateKeyAttributes, &ckPrivateKeyAttributesLength); if ((*env)->ExceptionCheck(env)) { if (ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } free(ckpKeyHandles); freeCKAttributeArray(ckpPublicKeyAttributes, ckPublicKeyAttributesLength); return NULL; } rv = (*ckpFunctions->C_GenerateKeyPair)(ckSessionHandle, &ckMechanism, ckpPublicKeyAttributes, ckPublicKeyAttributesLength, ckpPrivateKeyAttributes, ckPrivateKeyAttributesLength, ckpPublicKeyHandle, ckpPrivateKeyHandle); if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) { jKeyHandles = ckULongArrayToJLongArray(env, ckpKeyHandles, 2); } if(ckMechanism.pParameter != NULL_PTR) { free(ckMechanism.pParameter); } free(ckpKeyHandles); freeCKAttributeArray(ckpPublicKeyAttributes, ckPublicKeyAttributesLength); freeCKAttributeArray(ckpPrivateKeyAttributes, ckPrivateKeyAttributesLength); return jKeyHandles ; }