37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45 * POSSIBILITY OF SUCH DAMAGE.
46 */
47
48 #include "pkcs11wrapper.h"
49
50 #include <stdio.h>
51 #include <stdlib.h>
52 #include <string.h>
53 #include <assert.h>
54
55 #include "sun_security_pkcs11_wrapper_PKCS11.h"
56
57 #ifdef P11_ENABLE_C_GENERATEKEY
58 /*
59 * Class: sun_security_pkcs11_wrapper_PKCS11
60 * Method: C_GenerateKey
61 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J
62 * Parametermapping: *PKCS11*
63 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
64 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
65 * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate
66 * CK_ULONG ulCount
67 * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey
68 */
69 JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey
70 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jobjectArray jTemplate)
71 {
72 CK_SESSION_HANDLE ckSessionHandle;
73 CK_MECHANISM ckMechanism;
74 CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR;
75 CK_ULONG ckAttributesLength;
76 CK_OBJECT_HANDLE ckKeyHandle = 0;
|
37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45 * POSSIBILITY OF SUCH DAMAGE.
46 */
47
48 #include "pkcs11wrapper.h"
49
50 #include <stdio.h>
51 #include <stdlib.h>
52 #include <string.h>
53 #include <assert.h>
54
55 #include "sun_security_pkcs11_wrapper_PKCS11.h"
56
57 #ifdef P11_ENABLE_GETNATIVEKEYINFO
58
59 #define CK_ATTRIBUTES_TEMPLATE_LENGTH (CK_ULONG)61U
60
61 static CK_ATTRIBUTE ckpAttributesTemplate[CK_ATTRIBUTES_TEMPLATE_LENGTH] = {
62 {CKA_CLASS, 0, 0},
63 {CKA_TOKEN, 0, 0},
64 {CKA_PRIVATE, 0, 0},
65 {CKA_LABEL, 0, 0},
66 {CKA_APPLICATION, 0, 0},
67 {CKA_VALUE, 0, 0},
68 {CKA_OBJECT_ID, 0, 0},
69 {CKA_CERTIFICATE_TYPE, 0, 0},
70 {CKA_ISSUER, 0, 0},
71 {CKA_SERIAL_NUMBER, 0, 0},
72 {CKA_AC_ISSUER, 0, 0},
73 {CKA_OWNER, 0, 0},
74 {CKA_ATTR_TYPES, 0, 0},
75 {CKA_TRUSTED, 0, 0},
76 {CKA_KEY_TYPE, 0, 0},
77 {CKA_SUBJECT, 0, 0},
78 {CKA_ID, 0, 0},
79 {CKA_SENSITIVE, 0, 0},
80 {CKA_ENCRYPT, 0, 0},
81 {CKA_DECRYPT, 0, 0},
82 {CKA_WRAP, 0, 0},
83 {CKA_UNWRAP, 0, 0},
84 {CKA_SIGN, 0, 0},
85 {CKA_SIGN_RECOVER, 0, 0},
86 {CKA_VERIFY, 0, 0},
87 {CKA_VERIFY_RECOVER, 0, 0},
88 {CKA_DERIVE, 0, 0},
89 {CKA_START_DATE, 0, 0},
90 {CKA_END_DATE, 0, 0},
91 {CKA_MODULUS, 0, 0},
92 {CKA_MODULUS_BITS, 0, 0},
93 {CKA_PUBLIC_EXPONENT, 0, 0},
94 {CKA_PRIVATE_EXPONENT, 0, 0},
95 {CKA_PRIME_1, 0, 0},
96 {CKA_PRIME_2, 0, 0},
97 {CKA_EXPONENT_1, 0, 0},
98 {CKA_EXPONENT_2, 0, 0},
99 {CKA_COEFFICIENT, 0, 0},
100 {CKA_PRIME, 0, 0},
101 {CKA_SUBPRIME, 0, 0},
102 {CKA_BASE, 0, 0},
103 {CKA_PRIME_BITS, 0, 0},
104 {CKA_SUB_PRIME_BITS, 0, 0},
105 {CKA_VALUE_BITS, 0, 0},
106 {CKA_VALUE_LEN, 0, 0},
107 {CKA_EXTRACTABLE, 0, 0},
108 {CKA_LOCAL, 0, 0},
109 {CKA_NEVER_EXTRACTABLE, 0, 0},
110 {CKA_ALWAYS_SENSITIVE, 0, 0},
111 {CKA_KEY_GEN_MECHANISM, 0, 0},
112 {CKA_MODIFIABLE, 0, 0},
113 {CKA_ECDSA_PARAMS, 0, 0},
114 {CKA_EC_PARAMS, 0, 0},
115 {CKA_EC_POINT, 0, 0},
116 {CKA_SECONDARY_AUTH, 0, 0},
117 {CKA_AUTH_PIN_FLAGS, 0, 0},
118 {CKA_HW_FEATURE_TYPE, 0, 0},
119 {CKA_RESET_ON_INIT, 0, 0},
120 {CKA_HAS_RESET, 0, 0},
121 {CKA_VENDOR_DEFINED, 0, 0},
122 {CKA_NETSCAPE_DB, 0, 0},
123 };
124
125 /*
126 * Class: sun_security_pkcs11_wrapper_PKCS11
127 * Method: getNativeKeyInfo
128 * Signature: (JJJ)[B
129 * Parametermapping: *PKCS11*
130 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
131 * @param jlong jKeyHandle CK_OBJECT_HANDLE hObject
132 * @param jlong jWrappingKeyHandle CK_OBJECT_HANDLE hObject
133 * @return jbyteArray jNativeKeyInfo -
134 */
135 JNIEXPORT jbyteArray JNICALL
136 Java_sun_security_pkcs11_wrapper_PKCS11_getNativeKeyInfo
137 (JNIEnv *env, jobject obj, jlong jSessionHandle, jlong jKeyHandle,
138 jlong jWrappingKeyHandle)
139 {
140 jbyteArray returnValue = NULL;
141 CK_SESSION_HANDLE ckSessionHandle = jLongToCKULong(jSessionHandle);
142 CK_OBJECT_HANDLE ckObjectHandle = jLongToCKULong(jKeyHandle);
143 CK_ATTRIBUTE_PTR ckpAttributes = NULL;
144 CK_RV rv;
145 jbyteArray nativeKeyInfoArray = NULL;
146 jbyteArray nativeKeyInfoWrappedKeyArray = NULL;
147 jbyte* nativeKeyInfoArrayRaw = NULL;
148 jbyte* nativeKeyInfoWrappedKeyArrayRaw = NULL;
149 unsigned int sensitiveAttributePosition = (unsigned int)-1;
150 unsigned int i = 0U, totalDataSize = 0U, attributesCount = 0U;
151 unsigned int totalCkAttributesSize = 0U, totalNativeKeyInfoArraySize = 0U;
152 unsigned long* wrappedKeySizePtr = NULL;
153 jbyte* nativeKeyInfoArrayRawCkAttributes = NULL;
154 jbyte* nativeKeyInfoArrayRawCkAttributesPtr = NULL;
155 jbyte* nativeKeyInfoArrayRawDataPtr = NULL;
156 CK_OBJECT_CLASS class;
157 CK_KEY_TYPE keyType;
158 CK_BBOOL sensitive;
159 CK_BBOOL netscapeAttributeValueNeeded = CK_FALSE;
160 CK_ATTRIBUTE ckNetscapeAttributesTemplate[] = {
161 {CKA_CLASS, &class, sizeof(class)},
162 {CKA_KEY_TYPE, &keyType, sizeof(keyType)},
163 {CKA_SENSITIVE, &sensitive, sizeof(sensitive)},
164 {CKA_NETSCAPE_DB, 0, 0},
165 };
166 CK_MECHANISM ckMechanism = {0x0};
167 char iv[16] = {0x0};
168 CK_ULONG ckWrappedKeyLength = 0U;
169 unsigned long* wrappedKeySizeWrappedKeyArrayPtr = NULL;
170 CK_BYTE_PTR wrappedKeyBufferPtr = NULL;
171 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
172
173 if (ckpFunctions == NULL) { goto cleanup; }
174
175 // If key is private and of DSA or EC type, NSS requires CKA_NETSCAPE_DB
176 // attribute to unwrap it.
177 (*ckpFunctions->C_GetAttributeValue)(ckSessionHandle, ckObjectHandle,
178 ckNetscapeAttributesTemplate,
179 sizeof(ckNetscapeAttributesTemplate)/sizeof(CK_ATTRIBUTE));
180 if (class == CKO_PRIVATE_KEY && (keyType == CKK_EC || keyType == CKK_DSA) &&
181 sensitive == CK_TRUE &&
182 ckNetscapeAttributesTemplate[3].ulValueLen == (CK_ULONG)-1) {
183 // We cannot set the attribute through C_SetAttributeValue here
184 // because it might be read-only. However, we can add it to
185 // the extracted buffer.
186 netscapeAttributeValueNeeded = CK_TRUE;
187 }
188
189 ckpAttributes = (CK_ATTRIBUTE_PTR)malloc(
190 CK_ATTRIBUTES_TEMPLATE_LENGTH * sizeof(CK_ATTRIBUTE));
191 if (ckpAttributes == NULL) {
192 throwOutOfMemoryError(env, 0);
193 goto cleanup;
194 }
195 memcpy(ckpAttributes, ckpAttributesTemplate,
196 CK_ATTRIBUTES_TEMPLATE_LENGTH * sizeof(CK_ATTRIBUTE));
197
198 // Get sizes for value buffers
199 (*ckpFunctions->C_GetAttributeValue)(ckSessionHandle, ckObjectHandle,
200 ckpAttributes, CK_ATTRIBUTES_TEMPLATE_LENGTH);
201
202 for (i = 0; i < CK_ATTRIBUTES_TEMPLATE_LENGTH; i++) {
203 if ((ckpAttributes+i)->ulValueLen != (unsigned long)-1) {
204 totalDataSize += (ckpAttributes+i)->ulValueLen;
205 if ((ckpAttributes+i)->type == CKA_SENSITIVE) {
206 sensitiveAttributePosition = attributesCount;
207 }
208 attributesCount++;
209 }
210 }
211
212 if (netscapeAttributeValueNeeded) {
213 attributesCount++;
214 }
215
216 // Allocate a single buffer to hold valid attributes and attribute's values
217 // Buffer structure: [ attributes-size, [ ... attributes ... ],
218 // values-size, [ ... values ... ], wrapped-key-size,
219 // [ ... wrapped-key ... ] ]
220 // * sizes are expressed in bytes and data type is unsigned long
221 totalCkAttributesSize = attributesCount * sizeof(CK_ATTRIBUTE);
222 totalNativeKeyInfoArraySize =
223 totalCkAttributesSize + sizeof(unsigned long) * 3 + totalDataSize;
224
225 nativeKeyInfoArray = (*env)->NewByteArray(env, totalNativeKeyInfoArraySize);
226 if (nativeKeyInfoArray == NULL) {
227 goto cleanup;
228 }
229
230 nativeKeyInfoArrayRaw = (*env)->GetByteArrayElements(env, nativeKeyInfoArray,
231 NULL);
232 if (nativeKeyInfoArrayRaw == NULL) {
233 goto cleanup;
234 }
235
236 wrappedKeySizePtr = (unsigned long*)(nativeKeyInfoArrayRaw +
237 sizeof(unsigned long)*2 + totalCkAttributesSize + totalDataSize);
238 (*(unsigned long*)nativeKeyInfoArrayRaw) = totalCkAttributesSize;
239 (*(unsigned long*)(nativeKeyInfoArrayRaw + sizeof(unsigned long) +
240 totalCkAttributesSize)) = totalDataSize;
241 *wrappedKeySizePtr = 0;
242
243 nativeKeyInfoArrayRawCkAttributes = nativeKeyInfoArrayRaw +
244 sizeof(unsigned long);
245 nativeKeyInfoArrayRawCkAttributesPtr = nativeKeyInfoArrayRawCkAttributes;
246 nativeKeyInfoArrayRawDataPtr = nativeKeyInfoArrayRaw +
247 totalCkAttributesSize + sizeof(unsigned long) * 2;
248
249 for (i = 0; i < CK_ATTRIBUTES_TEMPLATE_LENGTH; i++) {
250 if ((ckpAttributes+i)->ulValueLen != (unsigned long)-1) {
251 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).type =
252 (ckpAttributes+i)->type;
253 if ((ckpAttributes+i)->ulValueLen != 0) {
254 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).pValue =
255 nativeKeyInfoArrayRawDataPtr;
256 } else {
257 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).pValue = 0;
258 }
259 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).ulValueLen =
260 (ckpAttributes+i)->ulValueLen;
261 nativeKeyInfoArrayRawDataPtr +=
262 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).ulValueLen;
263 nativeKeyInfoArrayRawCkAttributesPtr += sizeof(CK_ATTRIBUTE);
264 }
265 }
266
267 // Get attribute's values
268 rv = (*ckpFunctions->C_GetAttributeValue)(ckSessionHandle, ckObjectHandle,
269 (CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributes,
270 attributesCount);
271 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) {
272 goto cleanup;
273 }
274
275 if (netscapeAttributeValueNeeded) {
276 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).type = CKA_NETSCAPE_DB;
277 // Value is not needed, public key is not used
278 }
279
280 if ((sensitiveAttributePosition != (unsigned int)-1) &&
281 *(CK_BBOOL*)(((CK_ATTRIBUTE_PTR)(((CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributes)
282 +sensitiveAttributePosition))->pValue) == CK_TRUE) {
283 // Key is sensitive. Need to extract it wrapped.
284 if (jWrappingKeyHandle != -1) {
285 ckMechanism.mechanism = CKM_AES_CBC_PAD;
286 ckMechanism.pParameter = &iv;
287 ckMechanism.ulParameterLen = 16;
288 rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism,
289 jLongToCKULong(jWrappingKeyHandle), ckObjectHandle,
290 NULL_PTR, &ckWrappedKeyLength);
291 if (ckWrappedKeyLength != 0) {
292 // Allocate space for getting the wrapped key
293 nativeKeyInfoWrappedKeyArray = (*env)->NewByteArray(env,
294 totalNativeKeyInfoArraySize + ckWrappedKeyLength);
295 if (nativeKeyInfoWrappedKeyArray == NULL) {
296 goto cleanup;
297 }
298 nativeKeyInfoWrappedKeyArrayRaw =
299 (*env)->GetByteArrayElements(env,
300 nativeKeyInfoWrappedKeyArray, NULL);
301 if (nativeKeyInfoWrappedKeyArrayRaw == NULL) {
302 goto cleanup;
303 }
304 memcpy(nativeKeyInfoWrappedKeyArrayRaw, nativeKeyInfoArrayRaw,
305 totalNativeKeyInfoArraySize);
306 wrappedKeySizeWrappedKeyArrayPtr =
307 (unsigned long*)(nativeKeyInfoWrappedKeyArrayRaw +
308 sizeof(unsigned long)*2 + totalCkAttributesSize +
309 totalDataSize);
310 *wrappedKeySizeWrappedKeyArrayPtr =
311 (unsigned long)ckWrappedKeyLength;
312 wrappedKeyBufferPtr =
313 (unsigned char*)wrappedKeySizeWrappedKeyArrayPtr +
314 sizeof(unsigned long);
315 rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism,
316 jLongToCKULong(jWrappingKeyHandle),ckObjectHandle,
317 wrappedKeyBufferPtr, &ckWrappedKeyLength);
318 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) {
319 goto cleanup;
320 }
321 *wrappedKeySizeWrappedKeyArrayPtr =
322 (unsigned long)ckWrappedKeyLength;
323 } else {
324 goto cleanup;
325 }
326 } else {
327 goto cleanup;
328 }
329 returnValue = nativeKeyInfoWrappedKeyArray;
330 } else {
331 returnValue = nativeKeyInfoArray;
332 }
333
334 cleanup:
335 if (ckpAttributes != NULL) {
336 free(ckpAttributes);
337 }
338
339 if (nativeKeyInfoArrayRaw != NULL) {
340 (*env)->ReleaseByteArrayElements(env, nativeKeyInfoArray,
341 nativeKeyInfoArrayRaw, 0);
342 }
343
344 if (nativeKeyInfoWrappedKeyArrayRaw != NULL) {
345 (*env)->ReleaseByteArrayElements(env, nativeKeyInfoWrappedKeyArray,
346 nativeKeyInfoWrappedKeyArrayRaw, 0);
347 }
348
349 if (nativeKeyInfoArray != NULL && returnValue != nativeKeyInfoArray) {
350 (*env)->DeleteLocalRef(env, nativeKeyInfoArray);
351 }
352
353 if (nativeKeyInfoWrappedKeyArray != NULL
354 && returnValue != nativeKeyInfoWrappedKeyArray) {
355 (*env)->DeleteLocalRef(env, nativeKeyInfoWrappedKeyArray);
356 }
357
358 return returnValue;
359 }
360 #endif
361
362 #ifdef P11_ENABLE_CREATENATIVEKEY
363 /*
364 * Class: sun_security_pkcs11_wrapper_PKCS11
365 * Method: createNativeKey
366 * Signature: (J[BJ)J
367 * Parametermapping: *PKCS11*
368 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
369 * @param jbyteArray jNativeKeyInfo -
370 * @param jlong jWrappingKeyHandle CK_OBJECT_HANDLE hObject
371 * @return jlong jKeyHandle CK_OBJECT_HANDLE hObject
372 */
373 JNIEXPORT jlong JNICALL
374 Java_sun_security_pkcs11_wrapper_PKCS11_createNativeKey
375 (JNIEnv *env, jobject obj, jlong jSessionHandle, jbyteArray jNativeKeyInfo,
376 jlong jWrappingKeyHandle)
377 {
378 CK_OBJECT_HANDLE ckObjectHandle;
379 CK_RV rv;
380 CK_SESSION_HANDLE ckSessionHandle = jLongToCKULong(jSessionHandle);
381 jbyte* nativeKeyInfoArrayRaw = NULL;
382 jlong jObjectHandle = 0L;
383 unsigned long totalCkAttributesSize = 0UL;
384 unsigned long nativeKeyInfoCkAttributesCount = 0UL;
385 jbyte* nativeKeyInfoArrayRawCkAttributes = NULL;
386 jbyte* nativeKeyInfoArrayRawCkAttributesPtr = NULL;
387 jbyte* nativeKeyInfoArrayRawDataPtr = NULL;
388 unsigned long totalDataSize = 0UL;
389 unsigned long* wrappedKeySizePtr = NULL;
390 unsigned int i = 0U;
391 CK_MECHANISM ckMechanism = {0x0};
392 char iv[16] = {0x0};
393 CK_ULONG ckWrappedKeyLength = 0UL;
394 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
395
396 if (ckpFunctions == NULL) { goto cleanup; }
397
398 nativeKeyInfoArrayRaw =
399 (*env)->GetByteArrayElements(env, jNativeKeyInfo, NULL);
400 if (nativeKeyInfoArrayRaw == NULL) {
401 goto cleanup;
402 }
403
404 totalCkAttributesSize = *(unsigned long*)nativeKeyInfoArrayRaw;
405 nativeKeyInfoCkAttributesCount = totalCkAttributesSize/sizeof(CK_ATTRIBUTE);
406 nativeKeyInfoArrayRawCkAttributes = nativeKeyInfoArrayRaw +
407 sizeof(unsigned long);
408 nativeKeyInfoArrayRawCkAttributesPtr = nativeKeyInfoArrayRawCkAttributes;
409 nativeKeyInfoArrayRawDataPtr = nativeKeyInfoArrayRaw +
410 totalCkAttributesSize + sizeof(unsigned long) * 2;
411 totalDataSize = *(unsigned long*)(nativeKeyInfoArrayRaw +
412 totalCkAttributesSize + sizeof(unsigned long));
413 wrappedKeySizePtr = (unsigned long*)(nativeKeyInfoArrayRaw +
414 sizeof(unsigned long)*2 + totalCkAttributesSize + totalDataSize);
415
416 for (i = 0; i < nativeKeyInfoCkAttributesCount; i++) {
417 if ((*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).ulValueLen
418 > 0) {
419 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).pValue =
420 nativeKeyInfoArrayRawDataPtr;
421 }
422 nativeKeyInfoArrayRawDataPtr +=
423 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).ulValueLen;
424 nativeKeyInfoArrayRawCkAttributesPtr += sizeof(CK_ATTRIBUTE);
425 }
426
427 if (*wrappedKeySizePtr == 0) {
428 // Not a wrapped key
429 rv = (*ckpFunctions->C_CreateObject)(ckSessionHandle,
430 (CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributes,
431 jLongToCKULong(nativeKeyInfoCkAttributesCount), &ckObjectHandle);
432 } else {
433 // Wrapped key
434 ckMechanism.mechanism = CKM_AES_CBC_PAD;
435 ckMechanism.pParameter = &iv;
436 ckMechanism.ulParameterLen = 16;
437 rv = (*ckpFunctions->C_UnwrapKey)(ckSessionHandle, &ckMechanism,
438 jLongToCKULong(jWrappingKeyHandle),
439 (CK_BYTE_PTR)(wrappedKeySizePtr + 1), *wrappedKeySizePtr,
440 (CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributes,
441 jLongToCKULong(nativeKeyInfoCkAttributesCount),
442 &ckObjectHandle);
443 }
444 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) {
445 goto cleanup;
446 }
447
448 jObjectHandle = ckULongToJLong(ckObjectHandle);
449
450 cleanup:
451
452 if (nativeKeyInfoArrayRaw != NULL) {
453 (*env)->ReleaseByteArrayElements(env, jNativeKeyInfo,
454 nativeKeyInfoArrayRaw, JNI_ABORT);
455 }
456
457 return jObjectHandle;
458 }
459 #endif
460
461 #ifdef P11_ENABLE_C_GENERATEKEY
462 /*
463 * Class: sun_security_pkcs11_wrapper_PKCS11
464 * Method: C_GenerateKey
465 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J
466 * Parametermapping: *PKCS11*
467 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
468 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
469 * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate
470 * CK_ULONG ulCount
471 * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey
472 */
473 JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey
474 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jobjectArray jTemplate)
475 {
476 CK_SESSION_HANDLE ckSessionHandle;
477 CK_MECHANISM ckMechanism;
478 CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR;
479 CK_ULONG ckAttributesLength;
480 CK_OBJECT_HANDLE ckKeyHandle = 0;
|