< prev index next >
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyStore.java
Print this page
*** 1289,1299 ****
token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);
keyLength = (int)attrs[0].getLong();
}
}
! return P11Key.secretKey(session, oHandle, keyType, keyLength, null);
}
private PrivateKey loadPkey(Session session, long oHandle)
throws PKCS11Exception, KeyStoreException {
--- 1289,1300 ----
token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);
keyLength = (int)attrs[0].getLong();
}
}
! return P11Key.secretKey(session, oHandle, keyType, keyLength, null,
! false);
}
private PrivateKey loadPkey(Session session, long oHandle)
throws PKCS11Exception, KeyStoreException {
*** 1324,1334 ****
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null);
} else if (kType == CKK_DSA) {
keyType = "DSA";
--- 1325,1336 ----
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null,
! false);
} else if (kType == CKK_DSA) {
keyType = "DSA";
*** 1339,1349 ****
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null);
} else if (kType == CKK_DH) {
keyType = "DH";
--- 1341,1352 ----
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null,
! false);
} else if (kType == CKK_DH) {
keyType = "DH";
*** 1354,1364 ****
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null);
} else if (kType == CKK_EC) {
attrs = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_EC_PARAMS),
--- 1357,1368 ----
return P11Key.privateKey(session,
oHandle,
keyType,
keyLength,
! null,
! false);
} else if (kType == CKK_EC) {
attrs = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_EC_PARAMS),
*** 1372,1382 ****
} catch (IOException e) {
// we do not want to accept key with unsupported parameters
throw new KeyStoreException("Unsupported parameters", e);
}
! return P11Key.privateKey(session, oHandle, "EC", keyLength, null);
} else {
if (debug != null) {
debug.println("unknown key type [" + kType + "]");
}
--- 1376,1387 ----
} catch (IOException e) {
// we do not want to accept key with unsupported parameters
throw new KeyStoreException("Unsupported parameters", e);
}
! return P11Key.privateKey(session, oHandle, "EC", keyLength, null,
! false);
} else {
if (debug != null) {
debug.println("unknown key type [" + kType + "]");
}
*** 1498,1507 ****
--- 1503,1513 ----
// token key - set new CKA_ID
CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_ID, alias) };
+ key.makeNativeKeyPersistent();
token.p11.C_SetAttributeValue
(session.id(), key.keyID, attrs);
if (debug != null) {
debug.println("updateP11Pkey set new alias [" +
alias +
*** 1516,1526 ****
--- 1522,1537 ----
new CK_ATTRIBUTE(CKA_ID, alias),
};
if (attribute != null) {
attrs = addAttribute(attrs, attribute);
}
+ key.incNativeKeyRef();
+ try {
token.p11.C_CopyObject(session.id(), key.keyID, attrs);
+ } finally {
+ key.decNativeKeyRef();
+ }
if (debug != null) {
debug.println("updateP11Pkey copied private session key " +
"for [" +
alias +
"] to token entry");
*** 1624,1634 ****
ATTR_SKEY_TOKEN_TRUE,
ATTR_PRIVATE_TRUE,
new CK_ATTRIBUTE(CKA_LABEL, alias),
};
try {
! P11SecretKeyFactory.convertKey(token, skey, null, attrs);
} catch (InvalidKeyException ike) {
// re-throw KeyStoreException to match javadoc
throw new KeyStoreException("Cannot convert to PKCS11 keys", ike);
}
--- 1635,1646 ----
ATTR_SKEY_TOKEN_TRUE,
ATTR_PRIVATE_TRUE,
new CK_ATTRIBUTE(CKA_LABEL, alias),
};
try {
! P11Key k = P11SecretKeyFactory.convertKey(token, skey, null, attrs);
! k.makeNativeKeyPersistent();
} catch (InvalidKeyException ike) {
// re-throw KeyStoreException to match javadoc
throw new KeyStoreException("Cannot convert to PKCS11 keys", ike);
}
*** 1892,1905 ****
CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[2];
if ((id || netscapeDb) == false) {
return attrs;
}
String alg = privateKey.getAlgorithm();
! if (id && alg.equals("RSA") && (publicKey instanceof RSAPublicKey)) {
! // CKA_NETSCAPE_DB not needed for RSA public keys
BigInteger n = ((RSAPublicKey)publicKey).getModulus();
attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(getMagnitude(n)));
} else if (alg.equals("DSA") && (publicKey instanceof DSAPublicKey)) {
BigInteger y = ((DSAPublicKey)publicKey).getY();
if (id) {
attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(getMagnitude(y)));
}
--- 1904,1919 ----
CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[2];
if ((id || netscapeDb) == false) {
return attrs;
}
String alg = privateKey.getAlgorithm();
! if (alg.equals("RSA") && (publicKey instanceof RSAPublicKey)) {
! if (id) {
BigInteger n = ((RSAPublicKey)publicKey).getModulus();
attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(getMagnitude(n)));
+ }
+ // CKA_NETSCAPE_DB not needed for RSA public keys
} else if (alg.equals("DSA") && (publicKey instanceof DSAPublicKey)) {
BigInteger y = ((DSAPublicKey)publicKey).getY();
if (id) {
attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(getMagnitude(y)));
}
< prev index next >