1 /*
2 * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
3 */
4
5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright notice,
14 * this list of conditions and the following disclaimer in the documentation
15 * and/or other materials provided with the distribution.
16 *
17 * 3. The end-user documentation included with the redistribution, if any, must
18 * include the following acknowledgment:
19 *
20 * "This product includes software developed by IAIK of Graz University of
21 * Technology."
22 *
23 * Alternately, this acknowledgment may appear in the software itself, if
24 * and wherever such third-party acknowledgments normally appear.
25 *
26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of
27 * Technology" must not be used to endorse or promote products derived from
28 * this software without prior written permission.
29 *
30 * 5. Products derived from this software may not be called
31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
32 * written permission of Graz University of Technology.
33 *
34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45 * POSSIBILITY OF SUCH DAMAGE.
46 */
47
48 #include "pkcs11wrapper.h"
49
50 #include <stdio.h>
51 #include <stdlib.h>
52 #include <string.h>
53 #include <assert.h>
54
55 #include "sun_security_pkcs11_wrapper_PKCS11.h"
56
57 #ifdef P11_ENABLE_C_GENERATEKEY
58 /*
59 * Class: sun_security_pkcs11_wrapper_PKCS11
60 * Method: C_GenerateKey
61 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J
62 * Parametermapping: *PKCS11*
63 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
64 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
65 * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate
66 * CK_ULONG ulCount
67 * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey
68 */
69 JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey
70 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jobjectArray jTemplate)
71 {
72 CK_SESSION_HANDLE ckSessionHandle;
73 CK_MECHANISM ckMechanism;
74 CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR;
75 CK_ULONG ckAttributesLength;
76 CK_OBJECT_HANDLE ckKeyHandle = 0;
77 jlong jKeyHandle = 0L;
78 CK_RV rv;
79
80 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
81 if (ckpFunctions == NULL) { return 0L; }
82
83 ckSessionHandle = jLongToCKULong(jSessionHandle);
84 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
85 if ((*env)->ExceptionCheck(env)) { return 0L ; }
86
87 jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength);
88 if ((*env)->ExceptionCheck(env)) {
89 if (ckMechanism.pParameter != NULL_PTR) {
90 free(ckMechanism.pParameter);
91 }
92 return 0L;
93 }
94
95 rv = (*ckpFunctions->C_GenerateKey)(ckSessionHandle, &ckMechanism, ckpAttributes, ckAttributesLength, &ckKeyHandle);
96
97 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
98 jKeyHandle = ckULongToJLong(ckKeyHandle);
99
100 /* cheack, if we must give a initialization vector back to Java */
101 switch (ckMechanism.mechanism) {
102 case CKM_PBE_MD2_DES_CBC:
103 case CKM_PBE_MD5_DES_CBC:
104 case CKM_PBE_MD5_CAST_CBC:
105 case CKM_PBE_MD5_CAST3_CBC:
106 case CKM_PBE_MD5_CAST128_CBC:
107 /* case CKM_PBE_MD5_CAST5_CBC: the same as CKM_PBE_MD5_CAST128_CBC */
108 case CKM_PBE_SHA1_CAST128_CBC:
109 /* case CKM_PBE_SHA1_CAST5_CBC: the same as CKM_PBE_SHA1_CAST128_CBC */
110 /* we must copy back the initialization vector to the jMechanism object */
111 copyBackPBEInitializationVector(env, &ckMechanism, jMechanism);
112 break;
113 }
114 }
115
116 if (ckMechanism.pParameter != NULL_PTR) {
117 free(ckMechanism.pParameter);
118 }
119 freeCKAttributeArray(ckpAttributes, ckAttributesLength);
120
121 return jKeyHandle ;
122 }
123 #endif
124
125 #ifdef P11_ENABLE_C_GENERATEKEYPAIR
126 /*
127 * Class: sun_security_pkcs11_wrapper_PKCS11
128 * Method: C_GenerateKeyPair
129 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)[J
130 * Parametermapping: *PKCS11*
131 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
132 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
133 * @param jobjectArray jPublicKeyTemplate CK_ATTRIBUTE_PTR pPublicKeyTemplate
134 * CK_ULONG ulPublicKeyAttributeCount
135 * @param jobjectArray jPrivateKeyTemplate CK_ATTRIBUTE_PTR pPrivateKeyTemplate
136 * CK_ULONG ulPrivateKeyAttributeCount
137 * @return jlongArray jKeyHandles CK_OBJECT_HANDLE_PTR phPublicKey
138 * CK_OBJECT_HANDLE_PTR phPublicKey
139 */
140 JNIEXPORT jlongArray JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKeyPair
141 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism,
142 jobjectArray jPublicKeyTemplate, jobjectArray jPrivateKeyTemplate)
143 {
144 CK_SESSION_HANDLE ckSessionHandle;
145 CK_MECHANISM ckMechanism;
146 CK_ATTRIBUTE_PTR ckpPublicKeyAttributes = NULL_PTR;
147 CK_ATTRIBUTE_PTR ckpPrivateKeyAttributes = NULL_PTR;
148 CK_ULONG ckPublicKeyAttributesLength;
149 CK_ULONG ckPrivateKeyAttributesLength;
150 CK_OBJECT_HANDLE_PTR ckpPublicKeyHandle; /* pointer to Public Key */
151 CK_OBJECT_HANDLE_PTR ckpPrivateKeyHandle; /* pointer to Private Key */
152 CK_OBJECT_HANDLE_PTR ckpKeyHandles; /* pointer to array with Public and Private Key */
153 jlongArray jKeyHandles = NULL;
154 CK_RV rv;
155 int attempts;
156 const int MAX_ATTEMPTS = 3;
157
158 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
159 if (ckpFunctions == NULL) { return NULL; }
160
161 ckSessionHandle = jLongToCKULong(jSessionHandle);
162 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
163 if ((*env)->ExceptionCheck(env)) { return NULL; }
164
165 ckpKeyHandles = (CK_OBJECT_HANDLE_PTR) malloc(2 * sizeof(CK_OBJECT_HANDLE));
166 if (ckpKeyHandles == NULL) {
167 if (ckMechanism.pParameter != NULL_PTR) {
168 free(ckMechanism.pParameter);
169 }
170 throwOutOfMemoryError(env, 0);
171 return NULL;
172 }
173 ckpPublicKeyHandle = ckpKeyHandles; /* first element of array is Public Key */
174 ckpPrivateKeyHandle = (ckpKeyHandles + 1); /* second element of array is Private Key */
175
176 jAttributeArrayToCKAttributeArray(env, jPublicKeyTemplate, &ckpPublicKeyAttributes, &ckPublicKeyAttributesLength);
177 if ((*env)->ExceptionCheck(env)) {
178 if (ckMechanism.pParameter != NULL_PTR) {
179 free(ckMechanism.pParameter);
180 }
181 free(ckpKeyHandles);
182 return NULL;
183 }
184
185 jAttributeArrayToCKAttributeArray(env, jPrivateKeyTemplate, &ckpPrivateKeyAttributes, &ckPrivateKeyAttributesLength);
186 if ((*env)->ExceptionCheck(env)) {
187 if (ckMechanism.pParameter != NULL_PTR) {
188 free(ckMechanism.pParameter);
189 }
190 free(ckpKeyHandles);
191 freeCKAttributeArray(ckpPublicKeyAttributes, ckPublicKeyAttributesLength);
192 return NULL;
193 }
194
195 /*
196 * Workaround for NSS bug 1012786:
197 *
198 * Key generation may fail with CKR_FUNCTION_FAILED error
199 * if there is insufficient entropy to generate a random key.
200 *
201 * PKCS11 spec says the following about CKR_FUNCTION_FAILED error
202 * (see section 11.1.1):
203 *
204 * ... In any event, although the function call failed, the situation
205 * is not necessarily totally hopeless, as it is likely to be
206 * when CKR_GENERAL_ERROR is returned. Depending on what the root cause of
207 * the error actually was, it is possible that an attempt
208 * to make the exact same function call again would succeed.
209 *
210 * Call C_GenerateKeyPair() several times if CKR_FUNCTION_FAILED occurs.
211 */
212 for (attempts = 0; attempts < MAX_ATTEMPTS; attempts++) {
213 rv = (*ckpFunctions->C_GenerateKeyPair)(ckSessionHandle, &ckMechanism,
214 ckpPublicKeyAttributes, ckPublicKeyAttributesLength,
215 ckpPrivateKeyAttributes, ckPrivateKeyAttributesLength,
216 ckpPublicKeyHandle, ckpPrivateKeyHandle);
217 if (rv == CKR_FUNCTION_FAILED) {
218 printDebug("C_1GenerateKeyPair(): C_GenerateKeyPair() failed \
219 with CKR_FUNCTION_FAILED error, try again\n");
220 } else {
221 break;
222 }
223 }
224
225 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
226 jKeyHandles = ckULongArrayToJLongArray(env, ckpKeyHandles, 2);
227 }
228
229 if(ckMechanism.pParameter != NULL_PTR) {
230 free(ckMechanism.pParameter);
231 }
232 free(ckpKeyHandles);
233 freeCKAttributeArray(ckpPublicKeyAttributes, ckPublicKeyAttributesLength);
234 freeCKAttributeArray(ckpPrivateKeyAttributes, ckPrivateKeyAttributesLength);
235
236 return jKeyHandles ;
237 }
238 #endif
239
240 #ifdef P11_ENABLE_C_WRAPKEY
241 /*
242 * Class: sun_security_pkcs11_wrapper_PKCS11
243 * Method: C_WrapKey
244 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;JJ)[B
245 * Parametermapping: *PKCS11*
246 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
247 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
248 * @param jlong jWrappingKeyHandle CK_OBJECT_HANDLE hWrappingKey
249 * @param jlong jKeyHandle CK_OBJECT_HANDLE hKey
250 * @return jbyteArray jWrappedKey CK_BYTE_PTR pWrappedKey
251 * CK_ULONG_PTR pulWrappedKeyLen
252 */
253 JNIEXPORT jbyteArray JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1WrapKey
254 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jWrappingKeyHandle, jlong jKeyHandle)
255 {
256 CK_SESSION_HANDLE ckSessionHandle;
257 CK_MECHANISM ckMechanism;
258 CK_OBJECT_HANDLE ckWrappingKeyHandle;
259 CK_OBJECT_HANDLE ckKeyHandle;
260 jbyteArray jWrappedKey = NULL;
261 CK_RV rv;
262 CK_BYTE BUF[MAX_STACK_BUFFER_LEN];
263 CK_BYTE_PTR ckpWrappedKey = BUF;
264 CK_ULONG ckWrappedKeyLength = MAX_STACK_BUFFER_LEN;
265
266 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
267 if (ckpFunctions == NULL) { return NULL; }
268
269 ckSessionHandle = jLongToCKULong(jSessionHandle);
270 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
271 if ((*env)->ExceptionCheck(env)) { return NULL; }
272
273 ckWrappingKeyHandle = jLongToCKULong(jWrappingKeyHandle);
274 ckKeyHandle = jLongToCKULong(jKeyHandle);
275
276 rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism, ckWrappingKeyHandle, ckKeyHandle, ckpWrappedKey, &ckWrappedKeyLength);
277 if (rv == CKR_BUFFER_TOO_SMALL) {
278 ckpWrappedKey = (CK_BYTE_PTR) malloc(ckWrappedKeyLength);
279 if (ckpWrappedKey == NULL) {
280 if (ckMechanism.pParameter != NULL_PTR) {
281 free(ckMechanism.pParameter);
282 }
283 throwOutOfMemoryError(env, 0);
284 return NULL;
285 }
286
287 rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism, ckWrappingKeyHandle, ckKeyHandle, ckpWrappedKey, &ckWrappedKeyLength);
288 }
289 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
290 jWrappedKey = ckByteArrayToJByteArray(env, ckpWrappedKey, ckWrappedKeyLength);
291 }
292
293 if (ckpWrappedKey != BUF) { free(ckpWrappedKey); }
294 if (ckMechanism.pParameter != NULL_PTR) {
295 free(ckMechanism.pParameter);
296 }
297 return jWrappedKey ;
298 }
299 #endif
300
301 #ifdef P11_ENABLE_C_UNWRAPKEY
302 /*
303 * Class: sun_security_pkcs11_wrapper_PKCS11
304 * Method: C_UnwrapKey
305 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J[B[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J
306 * Parametermapping: *PKCS11*
307 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
308 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
309 * @param jlong jUnwrappingKeyHandle CK_OBJECT_HANDLE hUnwrappingKey
310 * @param jbyteArray jWrappedKey CK_BYTE_PTR pWrappedKey
311 * CK_ULONG_PTR pulWrappedKeyLen
312 * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate
313 * CK_ULONG ulCount
314 * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey
315 */
316 JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1UnwrapKey
317 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jUnwrappingKeyHandle,
318 jbyteArray jWrappedKey, jobjectArray jTemplate)
319 {
320 CK_SESSION_HANDLE ckSessionHandle;
321 CK_MECHANISM ckMechanism;
322 CK_OBJECT_HANDLE ckUnwrappingKeyHandle;
323 CK_BYTE_PTR ckpWrappedKey = NULL_PTR;
324 CK_ULONG ckWrappedKeyLength;
325 CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR;
326 CK_ULONG ckAttributesLength;
327 CK_OBJECT_HANDLE ckKeyHandle = 0;
328 jlong jKeyHandle = 0L;
329 CK_RV rv;
330
331 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
332 if (ckpFunctions == NULL) { return 0L; }
333
334 ckSessionHandle = jLongToCKULong(jSessionHandle);
335 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
336 if ((*env)->ExceptionCheck(env)) { return 0L; }
337
338 ckUnwrappingKeyHandle = jLongToCKULong(jUnwrappingKeyHandle);
339 jByteArrayToCKByteArray(env, jWrappedKey, &ckpWrappedKey, &ckWrappedKeyLength);
340 if ((*env)->ExceptionCheck(env)) {
341 if (ckMechanism.pParameter != NULL_PTR) {
342 free(ckMechanism.pParameter);
343 }
344 return 0L;
345 }
346
347 jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength);
348 if ((*env)->ExceptionCheck(env)) {
349 if (ckMechanism.pParameter != NULL_PTR) {
350 free(ckMechanism.pParameter);
351 }
352 free(ckpWrappedKey);
353 return 0L;
354 }
355
356
357 rv = (*ckpFunctions->C_UnwrapKey)(ckSessionHandle, &ckMechanism, ckUnwrappingKeyHandle,
358 ckpWrappedKey, ckWrappedKeyLength,
359 ckpAttributes, ckAttributesLength, &ckKeyHandle);
360
361 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
362 jKeyHandle = ckLongToJLong(ckKeyHandle);
363
364 #if 0
365 /* cheack, if we must give a initialization vector back to Java */
366 if (ckMechanism.mechanism == CKM_KEY_WRAP_SET_OAEP) {
367 /* we must copy back the unwrapped key info to the jMechanism object */
368 copyBackSetUnwrappedKey(env, &ckMechanism, jMechanism);
369 }
370 #endif
371 }
372
373 if (ckMechanism.pParameter != NULL_PTR) {
374 free(ckMechanism.pParameter);
375 }
376 freeCKAttributeArray(ckpAttributes, ckAttributesLength);
377 free(ckpWrappedKey);
378
379 return jKeyHandle ;
380 }
381 #endif
382
383 #ifdef P11_ENABLE_C_DERIVEKEY
384
385 static void freeMasterKeyDeriveParams(CK_SSL3_RANDOM_DATA *RandomInfo, CK_VERSION_PTR pVersion) {
386 if (RandomInfo->pClientRandom != NULL) {
387 free(RandomInfo->pClientRandom);
388 }
389 if (RandomInfo->pServerRandom != NULL) {
390 free(RandomInfo->pServerRandom);
391 }
392 if (pVersion != NULL) {
393 free(pVersion);
394 }
395 }
396
397 void ssl3FreeMasterKeyDeriveParams(CK_MECHANISM_PTR ckMechanism) {
398 CK_SSL3_MASTER_KEY_DERIVE_PARAMS *params = (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *) ckMechanism->pParameter;
399 if (params == NULL) {
400 return;
401 }
402 freeMasterKeyDeriveParams(&(params->RandomInfo), params->pVersion);
403 }
404
405 void tls12FreeMasterKeyDeriveParams(CK_MECHANISM_PTR ckMechanism) {
406 CK_TLS12_MASTER_KEY_DERIVE_PARAMS *params = (CK_TLS12_MASTER_KEY_DERIVE_PARAMS *) ckMechanism->pParameter;
407 if (params == NULL) {
408 return;
409 }
410 freeMasterKeyDeriveParams(&(params->RandomInfo), params->pVersion);
411 }
412
413 void freeEcdh1DeriveParams(CK_MECHANISM_PTR ckMechanism) {
414 CK_ECDH1_DERIVE_PARAMS *params = (CK_ECDH1_DERIVE_PARAMS *) ckMechanism->pParameter;
415 if (params == NULL) {
416 return;
417 }
418
419 if (params->pSharedData != NULL) {
420 free(params->pSharedData);
421 }
422 if (params->pPublicData != NULL) {
423 free(params->pPublicData);
424 }
425 }
426
427 /*
428 * Copy back the PRF output to Java.
429 */
430 void copyBackTLSPrfParams(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism)
431 {
432 jclass jMechanismClass, jTLSPrfParamsClass;
433 CK_TLS_PRF_PARAMS *ckTLSPrfParams;
434 jobject jTLSPrfParams;
435 jfieldID fieldID;
436 CK_MECHANISM_TYPE ckMechanismType;
437 jlong jMechanismType;
438 CK_BYTE_PTR output;
439 jobject jOutput;
440 jint jLength;
441 jbyte* jBytes;
442 int i;
443
444 /* get mechanism */
445 jMechanismClass = (*env)->FindClass(env, CLASS_MECHANISM);
446 if (jMechanismClass == NULL) { return; }
447 fieldID = (*env)->GetFieldID(env, jMechanismClass, "mechanism", "J");
448 if (fieldID == NULL) { return; }
449 jMechanismType = (*env)->GetLongField(env, jMechanism, fieldID);
450 ckMechanismType = jLongToCKULong(jMechanismType);
451 if (ckMechanismType != ckMechanism->mechanism) {
452 /* we do not have maching types, this should not occur */
453 return;
454 }
455
456 /* get the native CK_TLS_PRF_PARAMS */
457 ckTLSPrfParams = (CK_TLS_PRF_PARAMS *) ckMechanism->pParameter;
458 if (ckTLSPrfParams != NULL_PTR) {
459 /* get the Java CK_TLS_PRF_PARAMS object (pParameter) */
460 fieldID = (*env)->GetFieldID(env, jMechanismClass, "pParameter", "Ljava/lang/Object;");
461 if (fieldID == NULL) { return; }
462 jTLSPrfParams = (*env)->GetObjectField(env, jMechanism, fieldID);
463
464 /* copy back the client IV */
465 jTLSPrfParamsClass = (*env)->FindClass(env, CLASS_TLS_PRF_PARAMS);
466 if (jTLSPrfParamsClass == NULL) { return; }
467 fieldID = (*env)->GetFieldID(env, jTLSPrfParamsClass, "pOutput", "[B");
468 if (fieldID == NULL) { return; }
469 jOutput = (*env)->GetObjectField(env, jTLSPrfParams, fieldID);
470 output = ckTLSPrfParams->pOutput;
471
472 // Note: we assume that the token returned exactly as many bytes as we
473 // requested. Anything else would not make sense.
474 if (jOutput != NULL) {
475 jLength = (*env)->GetArrayLength(env, jOutput);
476 jBytes = (*env)->GetByteArrayElements(env, jOutput, NULL);
477 if (jBytes == NULL) { return; }
478
479 /* copy the bytes to the Java buffer */
480 for (i=0; i < jLength; i++) {
481 jBytes[i] = ckByteToJByte(output[i]);
482 }
483 /* copy back the Java buffer to the object */
484 (*env)->ReleaseByteArrayElements(env, jOutput, jBytes, 0);
485 }
486
487 // free malloc'd data
488 free(ckTLSPrfParams->pSeed);
489 free(ckTLSPrfParams->pLabel);
490 free(ckTLSPrfParams->pulOutputLen);
491 free(ckTLSPrfParams->pOutput);
492 }
493 }
494
495 /*
496 * Class: sun_security_pkcs11_wrapper_PKCS11
497 * Method: C_DeriveKey
498 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J
499 * Parametermapping: *PKCS11*
500 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
501 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
502 * @param jlong jBaseKeyHandle CK_OBJECT_HANDLE hBaseKey
503 * @param jobjectArray jTemplate CK_ATTRIBUTE_PTR pTemplate
504 * CK_ULONG ulCount
505 * @return jlong jKeyHandle CK_OBJECT_HANDLE_PTR phKey
506 */
507 JNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1DeriveKey
508 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jBaseKeyHandle, jobjectArray jTemplate)
509 {
510 CK_SESSION_HANDLE ckSessionHandle;
511 CK_MECHANISM ckMechanism;
512 CK_OBJECT_HANDLE ckBaseKeyHandle;
513 CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR;
514 CK_ULONG ckAttributesLength;
515 CK_OBJECT_HANDLE ckKeyHandle = 0;
516 jlong jKeyHandle = 0L;
517 CK_RV rv;
518 CK_OBJECT_HANDLE_PTR phKey = &ckKeyHandle;
519
520 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
521 if (ckpFunctions == NULL) { return 0L; }
522
523 ckSessionHandle = jLongToCKULong(jSessionHandle);
524 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
525 if ((*env)->ExceptionCheck(env)) { return 0L; }
526
527 ckBaseKeyHandle = jLongToCKULong(jBaseKeyHandle);
528 jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength);
529 if ((*env)->ExceptionCheck(env)) {
530 if (ckMechanism.pParameter != NULL_PTR) {
531 free(ckMechanism.pParameter);
532 }
533 return 0L;
534 }
535
536 switch (ckMechanism.mechanism) {
537 case CKM_SSL3_KEY_AND_MAC_DERIVE:
538 case CKM_TLS_KEY_AND_MAC_DERIVE:
539 case CKM_TLS12_KEY_AND_MAC_DERIVE:
540 case CKM_TLS_PRF:
541 // these mechanism do not return a key handle via phKey
542 // set to NULL in case pedantic implementations check for it
543 phKey = NULL;
544 break;
545 default:
546 // empty
547 break;
548 }
549
550 rv = (*ckpFunctions->C_DeriveKey)(ckSessionHandle, &ckMechanism, ckBaseKeyHandle,
551 ckpAttributes, ckAttributesLength, phKey);
552
553 jKeyHandle = ckLongToJLong(ckKeyHandle);
554
555 freeCKAttributeArray(ckpAttributes, ckAttributesLength);
556
557 switch (ckMechanism.mechanism) {
558 case CKM_SSL3_MASTER_KEY_DERIVE:
559 case CKM_TLS_MASTER_KEY_DERIVE:
560 /* we must copy back the client version */
561 ssl3CopyBackClientVersion(env, &ckMechanism, jMechanism);
562 ssl3FreeMasterKeyDeriveParams(&ckMechanism);
563 break;
564 case CKM_TLS12_MASTER_KEY_DERIVE:
565 tls12CopyBackClientVersion(env, &ckMechanism, jMechanism);
566 tls12FreeMasterKeyDeriveParams(&ckMechanism);
567 break;
568 case CKM_SSL3_MASTER_KEY_DERIVE_DH:
569 case CKM_TLS_MASTER_KEY_DERIVE_DH:
570 ssl3FreeMasterKeyDeriveParams(&ckMechanism);
571 break;
572 case CKM_TLS12_MASTER_KEY_DERIVE_DH:
573 tls12FreeMasterKeyDeriveParams(&ckMechanism);
574 break;
575 case CKM_SSL3_KEY_AND_MAC_DERIVE:
576 case CKM_TLS_KEY_AND_MAC_DERIVE:
577 /* we must copy back the unwrapped key info to the jMechanism object */
578 ssl3CopyBackKeyMatParams(env, &ckMechanism, jMechanism);
579 break;
580 case CKM_TLS12_KEY_AND_MAC_DERIVE:
581 /* we must copy back the unwrapped key info to the jMechanism object */
582 tls12CopyBackKeyMatParams(env, &ckMechanism, jMechanism);
583 break;
584 case CKM_TLS_PRF:
585 copyBackTLSPrfParams(env, &ckMechanism, jMechanism);
586 break;
587 case CKM_ECDH1_DERIVE:
588 freeEcdh1DeriveParams(&ckMechanism);
589 break;
590 default:
591 // empty
592 break;
593 }
594
595 if (ckMechanism.pParameter != NULL_PTR) {
596 free(ckMechanism.pParameter);
597 }
598 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return 0L ; }
599
600 return jKeyHandle ;
601 }
602
603 static void copyBackClientVersion(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism,
604 CK_VERSION *ckVersion, const char *class_master_key_derive_params)
605 {
606 jclass jMasterKeyDeriveParamsClass, jMechanismClass, jVersionClass;
607 jobject jMasterKeyDeriveParams;
608 jfieldID fieldID;
609 CK_MECHANISM_TYPE ckMechanismType;
610 jlong jMechanismType;
611 jobject jVersion;
612
613 /* get mechanism */
614 jMechanismClass = (*env)->FindClass(env, CLASS_MECHANISM);
615 if (jMechanismClass == NULL) { return; }
616 fieldID = (*env)->GetFieldID(env, jMechanismClass, "mechanism", "J");
617 if (fieldID == NULL) { return; }
618 jMechanismType = (*env)->GetLongField(env, jMechanism, fieldID);
619 ckMechanismType = jLongToCKULong(jMechanismType);
620 if (ckMechanismType != ckMechanism->mechanism) {
621 /* we do not have maching types, this should not occur */
622 return;
623 }
624
625 if (ckVersion != NULL_PTR) {
626 /* get the Java CK_SSL3_MASTER_KEY_DERIVE_PARAMS (pParameter) */
627 fieldID = (*env)->GetFieldID(env, jMechanismClass, "pParameter", "Ljava/lang/Object;");
628 if (fieldID == NULL) { return; }
629
630 jMasterKeyDeriveParams = (*env)->GetObjectField(env, jMechanism, fieldID);
631
632 /* get the Java CK_VERSION */
633 jMasterKeyDeriveParamsClass = (*env)->FindClass(env, class_master_key_derive_params);
634 if (jMasterKeyDeriveParamsClass == NULL) { return; }
635 fieldID = (*env)->GetFieldID(env, jMasterKeyDeriveParamsClass, "pVersion", "L"CLASS_VERSION";");
636 if (fieldID == NULL) { return; }
637 jVersion = (*env)->GetObjectField(env, jMasterKeyDeriveParams, fieldID);
638
639 /* now copy back the version from the native structure to the Java structure */
640
641 /* copy back the major version */
642 jVersionClass = (*env)->FindClass(env, CLASS_VERSION);
643 if (jVersionClass == NULL) { return; }
644 fieldID = (*env)->GetFieldID(env, jVersionClass, "major", "B");
645 if (fieldID == NULL) { return; }
646 (*env)->SetByteField(env, jVersion, fieldID, ckByteToJByte(ckVersion->major));
647
648 /* copy back the minor version */
649 fieldID = (*env)->GetFieldID(env, jVersionClass, "minor", "B");
650 if (fieldID == NULL) { return; }
651 (*env)->SetByteField(env, jVersion, fieldID, ckByteToJByte(ckVersion->minor));
652 }
653 }
654
655 /*
656 * Copy back the client version information from the native
657 * structure to the Java object. This is only used for
658 * CKM_SSL3_MASTER_KEY_DERIVE and CKM_TLS_MASTER_KEY_DERIVE
659 * mechanisms when used for deriving a key.
660 *
661 */
662 void ssl3CopyBackClientVersion(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism)
663 {
664 CK_SSL3_MASTER_KEY_DERIVE_PARAMS *ckSSL3MasterKeyDeriveParams;
665 ckSSL3MasterKeyDeriveParams = (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *) ckMechanism->pParameter;
666 if (ckSSL3MasterKeyDeriveParams != NULL_PTR) {
667 copyBackClientVersion(env, ckMechanism, jMechanism, ckSSL3MasterKeyDeriveParams->pVersion,
668 CLASS_SSL3_MASTER_KEY_DERIVE_PARAMS);
669 }
670 }
671
672 /*
673 * Copy back the client version information from the native
674 * structure to the Java object. This is only used for
675 * CKM_TLS12_MASTER_KEY_DERIVE mechanism when used for deriving a key.
676 *
677 */
678 void tls12CopyBackClientVersion(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism)
679 {
680 CK_TLS12_MASTER_KEY_DERIVE_PARAMS *ckTLS12MasterKeyDeriveParams;
681 ckTLS12MasterKeyDeriveParams = (CK_TLS12_MASTER_KEY_DERIVE_PARAMS *) ckMechanism->pParameter;
682 if (ckTLS12MasterKeyDeriveParams != NULL_PTR) {
683 copyBackClientVersion(env, ckMechanism, jMechanism, ckTLS12MasterKeyDeriveParams->pVersion,
684 CLASS_TLS12_MASTER_KEY_DERIVE_PARAMS);
685 }
686 }
687
688 static void copyBackKeyMatParams(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism,
689 CK_SSL3_RANDOM_DATA *RandomInfo, CK_SSL3_KEY_MAT_OUT_PTR ckSSL3KeyMatOut,
690 const char *class_key_mat_params)
691 {
692 jclass jMechanismClass, jKeyMatParamsClass, jSSL3KeyMatOutClass;
693 jfieldID fieldID;
694 CK_MECHANISM_TYPE ckMechanismType;
695 jlong jMechanismType;
696 CK_BYTE_PTR iv;
697 jobject jKeyMatParam;
698 jobject jSSL3KeyMatOut;
699 jobject jIV;
700 jint jLength;
701 jbyte* jBytes;
702 int i;
703
704 /* get mechanism */
705 jMechanismClass= (*env)->FindClass(env, CLASS_MECHANISM);
706 if (jMechanismClass == NULL) { return; }
707 fieldID = (*env)->GetFieldID(env, jMechanismClass, "mechanism", "J");
708 if (fieldID == NULL) { return; }
709 jMechanismType = (*env)->GetLongField(env, jMechanism, fieldID);
710 ckMechanismType = jLongToCKULong(jMechanismType);
711 if (ckMechanismType != ckMechanism->mechanism) {
712 /* we do not have maching types, this should not occur */
713 return;
714 }
715
716 // free malloc'd data
717 if (RandomInfo->pClientRandom != NULL) {
718 free(RandomInfo->pClientRandom);
719 }
720 if (RandomInfo->pServerRandom != NULL) {
721 free(RandomInfo->pServerRandom);
722 }
723
724 if (ckSSL3KeyMatOut != NULL_PTR) {
725 /* get the Java params object (pParameter) */
726 fieldID = (*env)->GetFieldID(env, jMechanismClass, "pParameter", "Ljava/lang/Object;");
727 if (fieldID == NULL) { return; }
728 jKeyMatParam = (*env)->GetObjectField(env, jMechanism, fieldID);
729
730 /* get the Java CK_SSL3_KEY_MAT_OUT */
731 jKeyMatParamsClass = (*env)->FindClass(env, class_key_mat_params);
732 if (jKeyMatParamsClass == NULL) { return; }
733 fieldID = (*env)->GetFieldID(env, jKeyMatParamsClass, "pReturnedKeyMaterial", "L"CLASS_SSL3_KEY_MAT_OUT";");
734 if (fieldID == NULL) { return; }
735 jSSL3KeyMatOut = (*env)->GetObjectField(env, jKeyMatParam, fieldID);
736
737 /* now copy back all the key handles and the initialization vectors */
738 /* copy back client MAC secret handle */
739 jSSL3KeyMatOutClass = (*env)->FindClass(env, CLASS_SSL3_KEY_MAT_OUT);
740 if (jSSL3KeyMatOutClass == NULL) { return; }
741 fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "hClientMacSecret", "J");
742 if (fieldID == NULL) { return; }
743 (*env)->SetLongField(env, jSSL3KeyMatOut, fieldID, ckULongToJLong(ckSSL3KeyMatOut->hClientMacSecret));
744
745 /* copy back server MAC secret handle */
746 fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "hServerMacSecret", "J");
747 if (fieldID == NULL) { return; }
748 (*env)->SetLongField(env, jSSL3KeyMatOut, fieldID, ckULongToJLong(ckSSL3KeyMatOut->hServerMacSecret));
749
750 /* copy back client secret key handle */
751 fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "hClientKey", "J");
752 if (fieldID == NULL) { return; }
753 (*env)->SetLongField(env, jSSL3KeyMatOut, fieldID, ckULongToJLong(ckSSL3KeyMatOut->hClientKey));
754
755 /* copy back server secret key handle */
756 fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "hServerKey", "J");
757 if (fieldID == NULL) { return; }
758 (*env)->SetLongField(env, jSSL3KeyMatOut, fieldID, ckULongToJLong(ckSSL3KeyMatOut->hServerKey));
759
760 /* copy back the client IV */
761 fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "pIVClient", "[B");
762 if (fieldID == NULL) { return; }
763 jIV = (*env)->GetObjectField(env, jSSL3KeyMatOut, fieldID);
764 iv = ckSSL3KeyMatOut->pIVClient;
765
766 if (jIV != NULL) {
767 jLength = (*env)->GetArrayLength(env, jIV);
768 jBytes = (*env)->GetByteArrayElements(env, jIV, NULL);
769 if (jBytes == NULL) { return; }
770 /* copy the bytes to the Java buffer */
771 for (i=0; i < jLength; i++) {
772 jBytes[i] = ckByteToJByte(iv[i]);
773 }
774 /* copy back the Java buffer to the object */
775 (*env)->ReleaseByteArrayElements(env, jIV, jBytes, 0);
776 }
777 // free malloc'd data
778 free(ckSSL3KeyMatOut->pIVClient);
779
780 /* copy back the server IV */
781 fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "pIVServer", "[B");
782 if (fieldID == NULL) { return; }
783 jIV = (*env)->GetObjectField(env, jSSL3KeyMatOut, fieldID);
784 iv = ckSSL3KeyMatOut->pIVServer;
785
786 if (jIV != NULL) {
787 jLength = (*env)->GetArrayLength(env, jIV);
788 jBytes = (*env)->GetByteArrayElements(env, jIV, NULL);
789 if (jBytes == NULL) { return; }
790 /* copy the bytes to the Java buffer */
791 for (i=0; i < jLength; i++) {
792 jBytes[i] = ckByteToJByte(iv[i]);
793 }
794 /* copy back the Java buffer to the object */
795 (*env)->ReleaseByteArrayElements(env, jIV, jBytes, 0);
796 }
797 // free malloc'd data
798 free(ckSSL3KeyMatOut->pIVServer);
799 free(ckSSL3KeyMatOut);
800 }
801 }
802
803 /*
804 * Copy back the derived keys and initialization vectors from the native
805 * structure to the Java object. This is only used for
806 * CKM_SSL3_KEY_AND_MAC_DERIVE and CKM_TLS_KEY_AND_MAC_DERIVE mechanisms
807 * when used for deriving a key.
808 *
809 */
810 void ssl3CopyBackKeyMatParams(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism)
811 {
812 CK_SSL3_KEY_MAT_PARAMS *ckSSL3KeyMatParam;
813 ckSSL3KeyMatParam = (CK_SSL3_KEY_MAT_PARAMS *) ckMechanism->pParameter;
814 if (ckSSL3KeyMatParam != NULL_PTR) {
815 copyBackKeyMatParams(env, ckMechanism, jMechanism, &(ckSSL3KeyMatParam->RandomInfo),
816 ckSSL3KeyMatParam->pReturnedKeyMaterial, CLASS_SSL3_KEY_MAT_PARAMS);
817 }
818 }
819
820 /*
821 * Copy back the derived keys and initialization vectors from the native
822 * structure to the Java object. This is only used for
823 * CKM_TLS12_KEY_AND_MAC_DERIVE mechanism when used for deriving a key.
824 *
825 */
826 void tls12CopyBackKeyMatParams(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism)
827 {
828 CK_TLS12_KEY_MAT_PARAMS *ckTLS12KeyMatParam;
829 ckTLS12KeyMatParam = (CK_TLS12_KEY_MAT_PARAMS *) ckMechanism->pParameter;
830 if (ckTLS12KeyMatParam != NULL_PTR) {
831 copyBackKeyMatParams(env, ckMechanism, jMechanism, &(ckTLS12KeyMatParam->RandomInfo),
832 ckTLS12KeyMatParam->pReturnedKeyMaterial, CLASS_TLS12_KEY_MAT_PARAMS);
833 }
834 }
835
836 #endif