< prev index next >
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyStore.java
Print this page
*** 1289,1299 ****
token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);
keyLength = (int)attrs[0].getLong();
}
}
! return P11Key.secretKey(session, oHandle, keyType, keyLength, null);
}
private PrivateKey loadPkey(Session session, long oHandle)
throws PKCS11Exception, KeyStoreException {
--- 1289,1299 ----
token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);
keyLength = (int)attrs[0].getLong();
}
}
! return P11Key.secretKey(session, oHandle, keyType, keyLength, null, false);
}
private PrivateKey loadPkey(Session session, long oHandle)
throws PKCS11Exception, KeyStoreException {
*** 1324,1334 ****
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null);
} else if (kType == CKK_DSA) {
keyType = "DSA";
--- 1324,1335 ----
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null,
! false);
} else if (kType == CKK_DSA) {
keyType = "DSA";
*** 1339,1349 ****
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null);
} else if (kType == CKK_DH) {
keyType = "DH";
--- 1340,1351 ----
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null,
! false);
} else if (kType == CKK_DH) {
keyType = "DH";
*** 1354,1364 ****
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null);
} else if (kType == CKK_EC) {
attrs = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_EC_PARAMS),
--- 1356,1367 ----
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null,
! false);
} else if (kType == CKK_EC) {
attrs = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_EC_PARAMS),
*** 1372,1382 ****
} catch (IOException e) {
// we do not want to accept key with unsupported parameters
throw new KeyStoreException("Unsupported parameters", e);
}
! return P11Key.privateKey(session, oHandle, "EC", keyLength, null);
} else {
if (debug != null) {
debug.println("unknown key type [" + kType + "]");
}
--- 1375,1385 ----
} catch (IOException e) {
// we do not want to accept key with unsupported parameters
throw new KeyStoreException("Unsupported parameters", e);
}
! return P11Key.privateKey(session, oHandle, "EC", keyLength, null, false);
} else {
if (debug != null) {
debug.println("unknown key type [" + kType + "]");
}
*** 1498,1507 ****
--- 1501,1511 ----
// token key - set new CKA_ID
CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_ID, alias) };
+ key.makeNativeKeyPersistent();
token.p11.C_SetAttributeValue
(session.id(), key.keyID, attrs);
if (debug != null) {
debug.println("updateP11Pkey set new alias [" +
alias +
*** 1516,1526 ****
--- 1520,1535 ----
new CK_ATTRIBUTE(CKA_ID, alias),
};
if (attribute != null) {
attrs = addAttribute(attrs, attribute);
}
+ key.incNativeKeyRef();
+ try {
token.p11.C_CopyObject(session.id(), key.keyID, attrs);
+ } finally {
+ key.decNativeKeyRef();
+ }
if (debug != null) {
debug.println("updateP11Pkey copied private session key " +
"for [" +
alias +
"] to token entry");
*** 1624,1634 ****
ATTR_SKEY_TOKEN_TRUE,
ATTR_PRIVATE_TRUE,
new CK_ATTRIBUTE(CKA_LABEL, alias),
};
try {
! P11SecretKeyFactory.convertKey(token, skey, null, attrs);
} catch (InvalidKeyException ike) {
// re-throw KeyStoreException to match javadoc
throw new KeyStoreException("Cannot convert to PKCS11 keys", ike);
}
--- 1633,1644 ----
ATTR_SKEY_TOKEN_TRUE,
ATTR_PRIVATE_TRUE,
new CK_ATTRIBUTE(CKA_LABEL, alias),
};
try {
! P11Key k = P11SecretKeyFactory.convertKey(token, skey, null, attrs);
! k.makeNativeKeyPersistent();
} catch (InvalidKeyException ike) {
// re-throw KeyStoreException to match javadoc
throw new KeyStoreException("Cannot convert to PKCS11 keys", ike);
}
< prev index next >