< prev index next >

src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java

Print this page

        

@@ -398,65 +398,88 @@
         } catch (PKCS11Exception e) {
             throw new InvalidKeyException("Could not initialize cipher", e);
         }
     }
 
-    private void cancelOperation() {
-        if (initialized == false) {
+    // reset the states to the pre-initialized values
+    private void reset(boolean doCancel) {
+        if (!initialized) {
             return;
         }
-
-        if ((session == null) || (token.explicitCancel == false)) {
+        initialized = false;
+        try {
+            if (session == null) {
             return;
         }
-        try {
+            if (doCancel && token.explicitCancel) {
+                cancelOperation();
+            }
+        } finally {
+            p11Key.decNativeKeyRef();
+            session = token.releaseSession(session);
+            bytesBuffered = 0;
+            padBufferLen = 0;
+        }
+    }
+
+    private void cancelOperation() {
+        token.ensureValid();
             if (session.hasObjects() == false) {
                 session = token.killSession(session);
                 return;
             } else {
+            try {
                 // cancel operation by finishing it
                 int bufLen = doFinalLength(0);
                 byte[] buffer = new byte[bufLen];
                 if (encrypt) {
                     token.p11.C_EncryptFinal(session.id(), 0, buffer, 0, bufLen);
                 } else {
                     token.p11.C_DecryptFinal(session.id(), 0, buffer, 0, bufLen);
                 }
-            }
         } catch (PKCS11Exception e) {
             throw new ProviderException("Cancel failed", e);
         }
     }
+    }
 
     private void ensureInitialized() throws PKCS11Exception {
         if (initialized == false) {
             initialize();
         }
     }
 
     private void initialize() throws PKCS11Exception {
+        if (p11Key == null) {
+            initialized = false;
+            throw new ProviderException(
+                    "Operation cannot be performed without"
+                    + " calling engineInit first");
+        }
+        token.ensureValid();
+        p11Key.incNativeKeyRef();
+        try {
         if (session == null) {
             session = token.getOpSession();
         }
         CK_MECHANISM mechParams = (blockMode == MODE_CTR?
             new CK_MECHANISM(mechanism, new CK_AES_CTR_PARAMS(iv)) :
             new CK_MECHANISM(mechanism, iv));
-
-        try {
             if (encrypt) {
                 token.p11.C_EncryptInit(session.id(), mechParams, p11Key.keyID);
             } else {
                 token.p11.C_DecryptInit(session.id(), mechParams, p11Key.keyID);
             }
-        } catch (PKCS11Exception ex) {
-            // release session when initialization failed
+        } catch (PKCS11Exception e) {
+            p11Key.decNativeKeyRef();
             session = token.releaseSession(session);
-            throw ex;
+            initialized = false;
+            throw e;
         }
+        initialized = true;
         bytesBuffered = 0;
         padBufferLen = 0;
-        initialized = true;
     }
 
     // if update(inLen) is called, how big does the output buffer have to be?
     private int updateLength(int inLen) {
         if (inLen <= 0) {

@@ -483,22 +506,10 @@
             result += (blockSize - (result & (blockSize - 1)));
         }
         return result;
     }
 
-    // reset the states to the pre-initialized values
-    private void reset(boolean doCancel) {
-        if (doCancel) cancelOperation();
-
-        initialized = false;
-        bytesBuffered = 0;
-        padBufferLen = 0;
-        if (session != null) {
-            session = token.releaseSession(session);
-        }
-    }
-
     // see JCE spec
     protected byte[] engineUpdate(byte[] in, int inOfs, int inLen) {
         try {
             byte[] out = new byte[updateLength(inLen)];
             int n = engineUpdate(in, inOfs, inLen, out, 0);
< prev index next >