37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 45 * POSSIBILITY OF SUCH DAMAGE. 46 */ 47 48 #include "pkcs11wrapper.h" 49 50 #include <stdio.h> 51 #include <stdlib.h> 52 #include <string.h> 53 #include <assert.h> 54 55 #include "sun_security_pkcs11_wrapper_PKCS11.h" 56 57 #ifdef P11_ENABLE_C_GENERATEKEY 58 /* 59 * Class: sun_security_pkcs11_wrapper_PKCS11 60 * Method: C_GenerateKey 61 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J 62 * Parametermapping: *PKCS11* 63 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession 64 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism 65 * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate 66 * CK_ULONG ulCount 67 * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey 68 */ 69 JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey 70 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jobjectArray jTemplate) 71 { 72 CK_SESSION_HANDLE ckSessionHandle; 73 CK_MECHANISM ckMechanism; 74 CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR; 75 CK_ULONG ckAttributesLength; 76 CK_OBJECT_HANDLE ckKeyHandle = 0; | 37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 45 * POSSIBILITY OF SUCH DAMAGE. 46 */ 47 48 #include "pkcs11wrapper.h" 49 50 #include <stdio.h> 51 #include <stdlib.h> 52 #include <string.h> 53 #include <assert.h> 54 55 #include "sun_security_pkcs11_wrapper_PKCS11.h" 56 57 #ifdef P11_ENABLE_GETNATIVEKEYINFO 58 59 #define CK_ATTRIBUTES_TEMPLATE_LENGTH (CK_ULONG)61U 60 61 static CK_ATTRIBUTE ckpAttributesTemplate[CK_ATTRIBUTES_TEMPLATE_LENGTH] = { 62 {CKA_CLASS, 0, 0}, 63 {CKA_TOKEN, 0, 0}, 64 {CKA_PRIVATE, 0, 0}, 65 {CKA_LABEL, 0, 0}, 66 {CKA_APPLICATION, 0, 0}, 67 {CKA_VALUE, 0, 0}, 68 {CKA_OBJECT_ID, 0, 0}, 69 {CKA_CERTIFICATE_TYPE, 0, 0}, 70 {CKA_ISSUER, 0, 0}, 71 {CKA_SERIAL_NUMBER, 0, 0}, 72 {CKA_AC_ISSUER, 0, 0}, 73 {CKA_OWNER, 0, 0}, 74 {CKA_ATTR_TYPES, 0, 0}, 75 {CKA_TRUSTED, 0, 0}, 76 {CKA_KEY_TYPE, 0, 0}, 77 {CKA_SUBJECT, 0, 0}, 78 {CKA_ID, 0, 0}, 79 {CKA_SENSITIVE, 0, 0}, 80 {CKA_ENCRYPT, 0, 0}, 81 {CKA_DECRYPT, 0, 0}, 82 {CKA_WRAP, 0, 0}, 83 {CKA_UNWRAP, 0, 0}, 84 {CKA_SIGN, 0, 0}, 85 {CKA_SIGN_RECOVER, 0, 0}, 86 {CKA_VERIFY, 0, 0}, 87 {CKA_VERIFY_RECOVER, 0, 0}, 88 {CKA_DERIVE, 0, 0}, 89 {CKA_START_DATE, 0, 0}, 90 {CKA_END_DATE, 0, 0}, 91 {CKA_MODULUS, 0, 0}, 92 {CKA_MODULUS_BITS, 0, 0}, 93 {CKA_PUBLIC_EXPONENT, 0, 0}, 94 {CKA_PRIVATE_EXPONENT, 0, 0}, 95 {CKA_PRIME_1, 0, 0}, 96 {CKA_PRIME_2, 0, 0}, 97 {CKA_EXPONENT_1, 0, 0}, 98 {CKA_EXPONENT_2, 0, 0}, 99 {CKA_COEFFICIENT, 0, 0}, 100 {CKA_PRIME, 0, 0}, 101 {CKA_SUBPRIME, 0, 0}, 102 {CKA_BASE, 0, 0}, 103 {CKA_PRIME_BITS, 0, 0}, 104 {CKA_SUB_PRIME_BITS, 0, 0}, 105 {CKA_VALUE_BITS, 0, 0}, 106 {CKA_VALUE_LEN, 0, 0}, 107 {CKA_EXTRACTABLE, 0, 0}, 108 {CKA_LOCAL, 0, 0}, 109 {CKA_NEVER_EXTRACTABLE, 0, 0}, 110 {CKA_ALWAYS_SENSITIVE, 0, 0}, 111 {CKA_KEY_GEN_MECHANISM, 0, 0}, 112 {CKA_MODIFIABLE, 0, 0}, 113 {CKA_ECDSA_PARAMS, 0, 0}, 114 {CKA_EC_PARAMS, 0, 0}, 115 {CKA_EC_POINT, 0, 0}, 116 {CKA_SECONDARY_AUTH, 0, 0}, 117 {CKA_AUTH_PIN_FLAGS, 0, 0}, 118 {CKA_HW_FEATURE_TYPE, 0, 0}, 119 {CKA_RESET_ON_INIT, 0, 0}, 120 {CKA_HAS_RESET, 0, 0}, 121 {CKA_VENDOR_DEFINED, 0, 0}, 122 {CKA_NETSCAPE_DB, 0, 0}, 123 }; 124 125 /* 126 * Class: sun_security_pkcs11_wrapper_PKCS11 127 * Method: getNativeKeyInfo 128 * Signature: (JJJ)[B 129 * Parametermapping: *PKCS11* 130 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession 131 * @param jlong jKeyHandle CK_OBJECT_HANDLE hObject 132 * @param jlong jWrappingKeyHandle CK_OBJECT_HANDLE hObject 133 * @return jbyteArray jNativeKeyInfo - 134 */ 135 JNIEXPORT jbyteArray JNICALL 136 Java_sun_security_pkcs11_wrapper_PKCS11_getNativeKeyInfo 137 (JNIEnv *env, jobject obj, jlong jSessionHandle, jlong jKeyHandle, 138 jlong jWrappingKeyHandle) 139 { 140 jbyteArray returnValue = NULL; 141 CK_SESSION_HANDLE ckSessionHandle = jLongToCKULong(jSessionHandle); 142 CK_OBJECT_HANDLE ckObjectHandle = jLongToCKULong(jKeyHandle); 143 CK_ATTRIBUTE_PTR ckpAttributes = NULL; 144 CK_RV rv; 145 jbyteArray nativeKeyInfoArray = NULL; 146 jbyteArray nativeKeyInfoWrappedKeyArray = NULL; 147 jbyte* nativeKeyInfoArrayRaw = NULL; 148 jbyte* nativeKeyInfoWrappedKeyArrayRaw = NULL; 149 unsigned int sensitiveAttributePosition = (unsigned int)-1; 150 unsigned int i = 0U, totalDataSize = 0U, attributesCount = 0U; 151 unsigned int totalCkAttributesSize = 0U, totalNativeKeyInfoArraySize = 0U; 152 unsigned long* wrappedKeySizePtr = NULL; 153 jbyte* nativeKeyInfoArrayRawCkAttributes = NULL; 154 jbyte* nativeKeyInfoArrayRawCkAttributesPtr = NULL; 155 jbyte* nativeKeyInfoArrayRawDataPtr = NULL; 156 CK_OBJECT_CLASS class; 157 CK_KEY_TYPE keyType; 158 CK_BBOOL sensitive; 159 CK_BBOOL netscapeAttributeValueNeeded = CK_FALSE; 160 CK_ATTRIBUTE ckNetscapeAttributesTemplate[] = { 161 {CKA_CLASS, &class, sizeof(class)}, 162 {CKA_KEY_TYPE, &keyType, sizeof(keyType)}, 163 {CKA_SENSITIVE, &sensitive, sizeof(sensitive)}, 164 {CKA_NETSCAPE_DB, 0, 0}, 165 }; 166 CK_MECHANISM ckMechanism = {0x0}; 167 char iv[16] = {0x0}; 168 CK_ULONG ckWrappedKeyLength = 0U; 169 unsigned long* wrappedKeySizeWrappedKeyArrayPtr = NULL; 170 CK_BYTE_PTR wrappedKeyBufferPtr = NULL; 171 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); 172 173 if (ckpFunctions == NULL) { goto cleanup; } 174 175 // If key is private and of DSA or EC type, NSS requires CKA_NETSCAPE_DB 176 // attribute to unwrap it. 177 (*ckpFunctions->C_GetAttributeValue)(ckSessionHandle, ckObjectHandle, 178 ckNetscapeAttributesTemplate, 179 sizeof(ckNetscapeAttributesTemplate)/sizeof(CK_ATTRIBUTE)); 180 if (class == CKO_PRIVATE_KEY && (keyType == CKK_EC || keyType == CKK_DSA) && 181 sensitive == CK_TRUE && 182 ckNetscapeAttributesTemplate[3].ulValueLen == (CK_ULONG)-1) { 183 // We cannot set the attribute through C_SetAttributeValue here 184 // because it might be read-only. However, we can add it to 185 // the extracted buffer. 186 netscapeAttributeValueNeeded = CK_TRUE; 187 } 188 189 ckpAttributes = (CK_ATTRIBUTE_PTR)malloc( 190 CK_ATTRIBUTES_TEMPLATE_LENGTH * sizeof(CK_ATTRIBUTE)); 191 if (ckpAttributes == NULL) { 192 throwOutOfMemoryError(env, 0); 193 goto cleanup; 194 } 195 memcpy(ckpAttributes, ckpAttributesTemplate, 196 CK_ATTRIBUTES_TEMPLATE_LENGTH * sizeof(CK_ATTRIBUTE)); 197 198 // Get sizes for value buffers 199 (*ckpFunctions->C_GetAttributeValue)(ckSessionHandle, ckObjectHandle, 200 ckpAttributes, CK_ATTRIBUTES_TEMPLATE_LENGTH); 201 202 for (i = 0; i < CK_ATTRIBUTES_TEMPLATE_LENGTH; i++) { 203 if ((ckpAttributes+i)->ulValueLen != (unsigned long)-1) { 204 totalDataSize += (ckpAttributes+i)->ulValueLen; 205 if ((ckpAttributes+i)->type == CKA_SENSITIVE) { 206 sensitiveAttributePosition = attributesCount; 207 } 208 attributesCount++; 209 } 210 } 211 212 if (netscapeAttributeValueNeeded) { 213 attributesCount++; 214 } 215 216 // Allocate a single buffer to hold valid attributes and attribute's values 217 // Buffer structure: [ attributes-size, [ ... attributes ... ], 218 // values-size, [ ... values ... ], wrapped-key-size, 219 // [ ... wrapped-key ... ] ] 220 // * sizes are expressed in bytes and data type is unsigned long 221 totalCkAttributesSize = attributesCount * sizeof(CK_ATTRIBUTE); 222 totalNativeKeyInfoArraySize = 223 totalCkAttributesSize + sizeof(unsigned long) * 3 + totalDataSize; 224 225 nativeKeyInfoArray = (*env)->NewByteArray(env, totalNativeKeyInfoArraySize); 226 if (nativeKeyInfoArray == NULL) { 227 goto cleanup; 228 } 229 230 nativeKeyInfoArrayRaw = (*env)->GetByteArrayElements(env, nativeKeyInfoArray, 231 NULL); 232 if (nativeKeyInfoArrayRaw == NULL) { 233 goto cleanup; 234 } 235 236 wrappedKeySizePtr = (unsigned long*)(nativeKeyInfoArrayRaw + 237 sizeof(unsigned long)*2 + totalCkAttributesSize + totalDataSize); 238 (*(unsigned long*)nativeKeyInfoArrayRaw) = totalCkAttributesSize; 239 (*(unsigned long*)(nativeKeyInfoArrayRaw + sizeof(unsigned long) + 240 totalCkAttributesSize)) = totalDataSize; 241 *wrappedKeySizePtr = 0; 242 243 nativeKeyInfoArrayRawCkAttributes = nativeKeyInfoArrayRaw + 244 sizeof(unsigned long); 245 nativeKeyInfoArrayRawCkAttributesPtr = nativeKeyInfoArrayRawCkAttributes; 246 nativeKeyInfoArrayRawDataPtr = nativeKeyInfoArrayRaw + 247 totalCkAttributesSize + sizeof(unsigned long) * 2; 248 249 for (i = 0; i < CK_ATTRIBUTES_TEMPLATE_LENGTH; i++) { 250 if ((ckpAttributes+i)->ulValueLen != (unsigned long)-1) { 251 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).type = 252 (ckpAttributes+i)->type; 253 if ((ckpAttributes+i)->ulValueLen != 0) { 254 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).pValue = 255 nativeKeyInfoArrayRawDataPtr; 256 } else { 257 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).pValue = 0; 258 } 259 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).ulValueLen = 260 (ckpAttributes+i)->ulValueLen; 261 nativeKeyInfoArrayRawDataPtr += 262 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).ulValueLen; 263 nativeKeyInfoArrayRawCkAttributesPtr += sizeof(CK_ATTRIBUTE); 264 } 265 } 266 267 // Get attribute's values 268 rv = (*ckpFunctions->C_GetAttributeValue)(ckSessionHandle, ckObjectHandle, 269 (CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributes, 270 attributesCount); 271 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { 272 goto cleanup; 273 } 274 275 if (netscapeAttributeValueNeeded) { 276 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).type = CKA_NETSCAPE_DB; 277 // Value is not needed, public key is not used 278 } 279 280 if ((sensitiveAttributePosition != (unsigned int)-1) && 281 *(CK_BBOOL*)(((CK_ATTRIBUTE_PTR)(((CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributes) 282 +sensitiveAttributePosition))->pValue) == CK_TRUE) { 283 // Key is sensitive. Need to extract it wrapped. 284 if (jWrappingKeyHandle != -1) { 285 ckMechanism.mechanism = CKM_AES_CBC_PAD; 286 ckMechanism.pParameter = &iv; 287 ckMechanism.ulParameterLen = 16; 288 rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism, 289 jLongToCKULong(jWrappingKeyHandle), ckObjectHandle, 290 NULL_PTR, &ckWrappedKeyLength); 291 if (ckWrappedKeyLength != 0) { 292 // Allocate space for getting the wrapped key 293 nativeKeyInfoWrappedKeyArray = (*env)->NewByteArray(env, 294 totalNativeKeyInfoArraySize + ckWrappedKeyLength); 295 if (nativeKeyInfoWrappedKeyArray == NULL) { 296 goto cleanup; 297 } 298 nativeKeyInfoWrappedKeyArrayRaw = 299 (*env)->GetByteArrayElements(env, 300 nativeKeyInfoWrappedKeyArray, NULL); 301 if (nativeKeyInfoWrappedKeyArrayRaw == NULL) { 302 goto cleanup; 303 } 304 memcpy(nativeKeyInfoWrappedKeyArrayRaw, nativeKeyInfoArrayRaw, 305 totalNativeKeyInfoArraySize); 306 wrappedKeySizeWrappedKeyArrayPtr = 307 (unsigned long*)(nativeKeyInfoWrappedKeyArrayRaw + 308 sizeof(unsigned long)*2 + totalCkAttributesSize + 309 totalDataSize); 310 *wrappedKeySizeWrappedKeyArrayPtr = 311 (unsigned long)ckWrappedKeyLength; 312 wrappedKeyBufferPtr = 313 (unsigned char*)wrappedKeySizeWrappedKeyArrayPtr + 314 sizeof(unsigned long); 315 rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism, 316 jLongToCKULong(jWrappingKeyHandle),ckObjectHandle, 317 wrappedKeyBufferPtr, &ckWrappedKeyLength); 318 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { 319 goto cleanup; 320 } 321 *wrappedKeySizeWrappedKeyArrayPtr = 322 (unsigned long)ckWrappedKeyLength; 323 } else { 324 goto cleanup; 325 } 326 } else { 327 goto cleanup; 328 } 329 returnValue = nativeKeyInfoWrappedKeyArray; 330 } else { 331 returnValue = nativeKeyInfoArray; 332 } 333 334 cleanup: 335 if (ckpAttributes != NULL) { 336 free(ckpAttributes); 337 } 338 339 if (nativeKeyInfoArrayRaw != NULL) { 340 (*env)->ReleaseByteArrayElements(env, nativeKeyInfoArray, 341 nativeKeyInfoArrayRaw, 0); 342 } 343 344 if (nativeKeyInfoWrappedKeyArrayRaw != NULL) { 345 (*env)->ReleaseByteArrayElements(env, nativeKeyInfoWrappedKeyArray, 346 nativeKeyInfoWrappedKeyArrayRaw, 0); 347 } 348 349 if (nativeKeyInfoArray != NULL && returnValue != nativeKeyInfoArray) { 350 (*env)->DeleteLocalRef(env, nativeKeyInfoArray); 351 } 352 353 if (nativeKeyInfoWrappedKeyArray != NULL 354 && returnValue != nativeKeyInfoWrappedKeyArray) { 355 (*env)->DeleteLocalRef(env, nativeKeyInfoWrappedKeyArray); 356 } 357 358 return returnValue; 359 } 360 #endif 361 362 #ifdef P11_ENABLE_CREATENATIVEKEY 363 /* 364 * Class: sun_security_pkcs11_wrapper_PKCS11 365 * Method: createNativeKey 366 * Signature: (J[BJ)J 367 * Parametermapping: *PKCS11* 368 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession 369 * @param jbyteArray jNativeKeyInfo - 370 * @param jlong jWrappingKeyHandle CK_OBJECT_HANDLE hObject 371 * @return jlong jKeyHandle CK_OBJECT_HANDLE hObject 372 */ 373 JNIEXPORT jlong JNICALL 374 Java_sun_security_pkcs11_wrapper_PKCS11_createNativeKey 375 (JNIEnv *env, jobject obj, jlong jSessionHandle, jbyteArray jNativeKeyInfo, 376 jlong jWrappingKeyHandle) 377 { 378 CK_OBJECT_HANDLE ckObjectHandle; 379 CK_RV rv; 380 CK_SESSION_HANDLE ckSessionHandle = jLongToCKULong(jSessionHandle); 381 jbyte* nativeKeyInfoArrayRaw = NULL; 382 jlong jObjectHandle = 0L; 383 unsigned long totalCkAttributesSize = 0UL; 384 unsigned long nativeKeyInfoCkAttributesCount = 0UL; 385 jbyte* nativeKeyInfoArrayRawCkAttributes = NULL; 386 jbyte* nativeKeyInfoArrayRawCkAttributesPtr = NULL; 387 jbyte* nativeKeyInfoArrayRawDataPtr = NULL; 388 unsigned long totalDataSize = 0UL; 389 unsigned long* wrappedKeySizePtr = NULL; 390 unsigned int i = 0U; 391 CK_MECHANISM ckMechanism = {0x0}; 392 char iv[16] = {0x0}; 393 CK_ULONG ckWrappedKeyLength = 0UL; 394 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj); 395 396 if (ckpFunctions == NULL) { goto cleanup; } 397 398 nativeKeyInfoArrayRaw = 399 (*env)->GetByteArrayElements(env, jNativeKeyInfo, NULL); 400 if (nativeKeyInfoArrayRaw == NULL) { 401 goto cleanup; 402 } 403 404 totalCkAttributesSize = *(unsigned long*)nativeKeyInfoArrayRaw; 405 nativeKeyInfoCkAttributesCount = totalCkAttributesSize/sizeof(CK_ATTRIBUTE); 406 nativeKeyInfoArrayRawCkAttributes = nativeKeyInfoArrayRaw + 407 sizeof(unsigned long); 408 nativeKeyInfoArrayRawCkAttributesPtr = nativeKeyInfoArrayRawCkAttributes; 409 nativeKeyInfoArrayRawDataPtr = nativeKeyInfoArrayRaw + 410 totalCkAttributesSize + sizeof(unsigned long) * 2; 411 totalDataSize = *(unsigned long*)(nativeKeyInfoArrayRaw + 412 totalCkAttributesSize + sizeof(unsigned long)); 413 wrappedKeySizePtr = (unsigned long*)(nativeKeyInfoArrayRaw + 414 sizeof(unsigned long)*2 + totalCkAttributesSize + totalDataSize); 415 416 for (i = 0; i < nativeKeyInfoCkAttributesCount; i++) { 417 if ((*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).ulValueLen 418 > 0) { 419 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).pValue = 420 nativeKeyInfoArrayRawDataPtr; 421 } 422 nativeKeyInfoArrayRawDataPtr += 423 (*(CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributesPtr).ulValueLen; 424 nativeKeyInfoArrayRawCkAttributesPtr += sizeof(CK_ATTRIBUTE); 425 } 426 427 if (*wrappedKeySizePtr == 0) { 428 // Not a wrapped key 429 rv = (*ckpFunctions->C_CreateObject)(ckSessionHandle, 430 (CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributes, 431 jLongToCKULong(nativeKeyInfoCkAttributesCount), &ckObjectHandle); 432 } else { 433 // Wrapped key 434 ckMechanism.mechanism = CKM_AES_CBC_PAD; 435 ckMechanism.pParameter = &iv; 436 ckMechanism.ulParameterLen = 16; 437 rv = (*ckpFunctions->C_UnwrapKey)(ckSessionHandle, &ckMechanism, 438 jLongToCKULong(jWrappingKeyHandle), 439 (CK_BYTE_PTR)(wrappedKeySizePtr + 1), *wrappedKeySizePtr, 440 (CK_ATTRIBUTE_PTR)nativeKeyInfoArrayRawCkAttributes, 441 jLongToCKULong(nativeKeyInfoCkAttributesCount), 442 &ckObjectHandle); 443 } 444 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { 445 goto cleanup; 446 } 447 448 jObjectHandle = ckULongToJLong(ckObjectHandle); 449 450 cleanup: 451 452 if (nativeKeyInfoArrayRaw != NULL) { 453 (*env)->ReleaseByteArrayElements(env, jNativeKeyInfo, 454 nativeKeyInfoArrayRaw, JNI_ABORT); 455 } 456 457 return jObjectHandle; 458 } 459 #endif 460 461 #ifdef P11_ENABLE_C_GENERATEKEY 462 /* 463 * Class: sun_security_pkcs11_wrapper_PKCS11 464 * Method: C_GenerateKey 465 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J 466 * Parametermapping: *PKCS11* 467 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession 468 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism 469 * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate 470 * CK_ULONG ulCount 471 * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey 472 */ 473 JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey 474 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jobjectArray jTemplate) 475 { 476 CK_SESSION_HANDLE ckSessionHandle; 477 CK_MECHANISM ckMechanism; 478 CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR; 479 CK_ULONG ckAttributesLength; 480 CK_OBJECT_HANDLE ckKeyHandle = 0; |