1 /*
2 * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
3 */
4
5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright notice,
14 * this list of conditions and the following disclaimer in the documentation
15 * and/or other materials provided with the distribution.
16 *
17 * 3. The end-user documentation included with the redistribution, if any, must
18 * include the following acknowledgment:
19 *
20 * "This product includes software developed by IAIK of Graz University of
21 * Technology."
22 *
23 * Alternately, this acknowledgment may appear in the software itself, if
24 * and wherever such third-party acknowledgments normally appear.
25 *
26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of
27 * Technology" must not be used to endorse or promote products derived from
28 * this software without prior written permission.
29 *
30 * 5. Products derived from this software may not be called
31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
32 * written permission of Graz University of Technology.
33 *
34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45 * POSSIBILITY OF SUCH DAMAGE.
46 */
47
48 #include "pkcs11wrapper.h"
49
50 #include <stdio.h>
51 #include <stdlib.h>
52 #include <string.h>
53 #include <assert.h>
54 #include "jlong.h"
55
56 #include "sun_security_pkcs11_wrapper_PKCS11.h"
57
58 #ifdef P11_ENABLE_C_SIGNINIT
59 /*
60 * Class: sun_security_pkcs11_wrapper_PKCS11
61 * Method: C_SignInit
62 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J)V
63 * Parametermapping: *PKCS11*
64 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
65 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
66 * @return jlong jKeyHandle CK_OBJECT_HANDLE hKey
67 */
68 JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignInit
69 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jKeyHandle)
70 {
71 CK_SESSION_HANDLE ckSessionHandle;
72 CK_MECHANISM ckMechanism;
73 CK_OBJECT_HANDLE ckKeyHandle;
74 CK_RV rv;
75
76 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
77 if (ckpFunctions == NULL) { return; }
78
79 ckSessionHandle = jLongToCKULong(jSessionHandle);
80 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
81 if ((*env)->ExceptionCheck(env)) { return; }
82 ckKeyHandle = jLongToCKULong(jKeyHandle);
83
84 rv = (*ckpFunctions->C_SignInit)(ckSessionHandle, &ckMechanism, ckKeyHandle);
85
86 if (ckMechanism.pParameter != NULL_PTR) {
87 free(ckMechanism.pParameter);
88 }
89
90 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; }
91 }
92 #endif
93
94 #ifdef P11_ENABLE_C_SIGN
95 /*
96 * Class: sun_security_pkcs11_wrapper_PKCS11
97 * Method: C_Sign
98 * Signature: (J[B)[B
99 * Parametermapping: *PKCS11*
100 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
101 * @param jbyteArray jData CK_BYTE_PTR pData
102 * CK_ULONG ulDataLen
103 * @return jbyteArray jSignature CK_BYTE_PTR pSignature
104 * CK_ULONG_PTR pulSignatureLen
105 */
106 JNIEXPORT jbyteArray JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1Sign
107 (JNIEnv *env, jobject obj, jlong jSessionHandle, jbyteArray jData)
108 {
109 CK_SESSION_HANDLE ckSessionHandle;
110 CK_BYTE_PTR ckpData = NULL_PTR;
111 CK_BYTE_PTR ckpSignature;
112 CK_ULONG ckDataLength;
113 CK_ULONG ckSignatureLength = 0;
114 jbyteArray jSignature = NULL;
115 CK_RV rv;
116
117 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
118 if (ckpFunctions == NULL) { return NULL; }
119
120 ckSessionHandle = jLongToCKULong(jSessionHandle);
121 jByteArrayToCKByteArray(env, jData, &ckpData, &ckDataLength);
122 if ((*env)->ExceptionCheck(env)) { return NULL; }
123
124 /* START standard code */
125
126 /* first determine the length of the signature */
127 rv = (*ckpFunctions->C_Sign)(ckSessionHandle, ckpData, ckDataLength, NULL_PTR, &ckSignatureLength);
128 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) {
129 free(ckpData);
130 return NULL;
131 }
132
133 ckpSignature = (CK_BYTE_PTR) malloc(ckSignatureLength * sizeof(CK_BYTE));
134 if (ckpSignature == NULL) {
135 free(ckpData);
136 throwOutOfMemoryError(env, 0);
137 return NULL;
138 }
139
140 /* now get the signature */
141 rv = (*ckpFunctions->C_Sign)(ckSessionHandle, ckpData, ckDataLength, ckpSignature, &ckSignatureLength);
142 /* END standard code */
143
144
145 /* START workaround code for operation abort bug in pkcs#11 of Datakey and iButton */
146 /*
147 ckpSignature = (CK_BYTE_PTR) malloc(256 * sizeof(CK_BYTE));
148 if (ckpSignature == NULL) {
149 free(ckpData);
150 throwOutOfMemoryError(env, 0);
151 return NULL;
152 }
153 rv = (*ckpFunctions->C_Sign)(ckSessionHandle, ckpData, ckDataLength, ckpSignature, &ckSignatureLength);
154
155 if (rv == CKR_BUFFER_TOO_SMALL) {
156 free(ckpSignature);
157 ckpSignature = (CK_BYTE_PTR) malloc(ckSignatureLength * sizeof(CK_BYTE));
158 if (ckpSignature == NULL) {
159 free(ckpData);
160 throwOutOfMemoryError(env, 0);
161 return NULL;
162 }
163 rv = (*ckpFunctions->C_Sign)(ckSessionHandle, ckpData, ckDataLength, ckpSignature, &ckSignatureLength);
164 }
165 */
166 /* END workaround code */
167 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
168 jSignature = ckByteArrayToJByteArray(env, ckpSignature, ckSignatureLength);
169 }
170 free(ckpData);
171 free(ckpSignature);
172
173 return jSignature ;
174 }
175 #endif
176
177 #ifdef P11_ENABLE_C_SIGNUPDATE
178 /*
179 * Class: sun_security_pkcs11_wrapper_PKCS11
180 * Method: C_SignUpdate
181 * Signature: (J[BII)V
182 * Parametermapping: *PKCS11*
183 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
184 * @param jbyteArray jPart CK_BYTE_PTR pPart
185 * CK_ULONG ulPartLen
186 */
187 JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignUpdate
188 (JNIEnv *env, jobject obj, jlong jSessionHandle, jlong directIn, jbyteArray jIn, jint jInOfs, jint jInLen)
189 {
190 CK_SESSION_HANDLE ckSessionHandle;
191 CK_RV rv;
192 CK_BYTE_PTR bufP;
193 CK_BYTE BUF[MAX_STACK_BUFFER_LEN];
194 jsize bufLen;
195
196 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
197 if (ckpFunctions == NULL) { return; }
198
199 ckSessionHandle = jLongToCKULong(jSessionHandle);
200
201 if (directIn != 0) {
202 rv = (*ckpFunctions->C_SignUpdate)(ckSessionHandle, (CK_BYTE_PTR) jlong_to_ptr(directIn), jInLen);
203 ckAssertReturnValueOK(env, rv);
204 return;
205 }
206
207 if (jInLen <= MAX_STACK_BUFFER_LEN) {
208 bufLen = MAX_STACK_BUFFER_LEN;
209 bufP = BUF;
210 } else {
211 bufLen = min(MAX_HEAP_BUFFER_LEN, jInLen);
212 bufP = (CK_BYTE_PTR) malloc((size_t)bufLen);
213 if (bufP == NULL) {
214 throwOutOfMemoryError(env, 0);
215 return;
216 }
217 }
218
219 while (jInLen > 0) {
220 jsize chunkLen = min(bufLen, jInLen);
221 (*env)->GetByteArrayRegion(env, jIn, jInOfs, chunkLen, (jbyte *)bufP);
222 if ((*env)->ExceptionCheck(env)) {
223 if (bufP != BUF) { free(bufP); }
224 return;
225 }
226 rv = (*ckpFunctions->C_SignUpdate)(ckSessionHandle, bufP, chunkLen);
227 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) {
228 if (bufP != BUF) {
229 free(bufP);
230 }
231 return;
232 }
233 jInOfs += chunkLen;
234 jInLen -= chunkLen;
235 }
236
237 if (bufP != BUF) { free(bufP); }
238 }
239 #endif
240
241 #ifdef P11_ENABLE_C_SIGNFINAL
242 /*
243 * Class: sun_security_pkcs11_wrapper_PKCS11
244 * Method: C_SignFinal
245 * Signature: (J)[B
246 * Parametermapping: *PKCS11*
247 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
248 * @return jbyteArray jSignature CK_BYTE_PTR pSignature
249 * CK_ULONG_PTR pulSignatureLen
250 */
251 JNIEXPORT jbyteArray JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignFinal
252 (JNIEnv *env, jobject obj, jlong jSessionHandle, jint jExpectedLength)
253 {
254 CK_SESSION_HANDLE ckSessionHandle;
255 jbyteArray jSignature = NULL;
256 CK_RV rv;
257 CK_BYTE BUF[MAX_STACK_BUFFER_LEN];
258 CK_BYTE_PTR bufP = BUF;
259 CK_ULONG ckSignatureLength = MAX_STACK_BUFFER_LEN;
260
261 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
262 if (ckpFunctions == NULL) { return NULL; }
263
264 ckSessionHandle = jLongToCKULong(jSessionHandle);
265
266 if ((jExpectedLength > 0) && ((CK_ULONG)jExpectedLength < ckSignatureLength)) {
267 ckSignatureLength = jExpectedLength;
268 }
269
270 rv = (*ckpFunctions->C_SignFinal)(ckSessionHandle, bufP, &ckSignatureLength);
271 if (rv == CKR_BUFFER_TOO_SMALL) {
272 bufP = (CK_BYTE_PTR) malloc(ckSignatureLength);
273 if (bufP == NULL) {
274 throwOutOfMemoryError(env, 0);
275 return NULL;
276 }
277 rv = (*ckpFunctions->C_SignFinal)(ckSessionHandle, bufP, &ckSignatureLength);
278 }
279 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
280 jSignature = ckByteArrayToJByteArray(env, bufP, ckSignatureLength);
281 }
282
283 if (bufP != BUF) { free(bufP); }
284
285 return jSignature;
286 }
287 #endif
288
289 #ifdef P11_ENABLE_C_SIGNRECOVERINIT
290 /*
291 * Class: sun_security_pkcs11_wrapper_PKCS11
292 * Method: C_SignRecoverInit
293 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J)V
294 * Parametermapping: *PKCS11*
295 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
296 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
297 * @return jlong jKeyHandle CK_OBJECT_HANDLE hKey
298 */
299 JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignRecoverInit
300 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jKeyHandle)
301 {
302 CK_SESSION_HANDLE ckSessionHandle;
303 CK_MECHANISM ckMechanism;
304 CK_OBJECT_HANDLE ckKeyHandle;
305 CK_RV rv;
306
307 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
308 if (ckpFunctions == NULL) { return; }
309
310 ckSessionHandle = jLongToCKULong(jSessionHandle);
311 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
312 if ((*env)->ExceptionCheck(env)) { return; }
313
314 ckKeyHandle = jLongToCKULong(jKeyHandle);
315
316 rv = (*ckpFunctions->C_SignRecoverInit)(ckSessionHandle, &ckMechanism, ckKeyHandle);
317
318 if (ckMechanism.pParameter != NULL_PTR) {
319 free(ckMechanism.pParameter);
320 }
321
322 if(ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; }
323 }
324 #endif
325
326 #ifdef P11_ENABLE_C_SIGNRECOVER
327 /*
328 * Class: sun_security_pkcs11_wrapper_PKCS11
329 * Method: C_SignRecover
330 * Signature: (J[BII[BII)I
331 * Parametermapping: *PKCS11*
332 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
333 * @param jbyteArray jData CK_BYTE_PTR pData
334 * CK_ULONG ulDataLen
335 * @return jbyteArray jSignature CK_BYTE_PTR pSignature
336 * CK_ULONG_PTR pulSignatureLen
337 */
338 JNIEXPORT jint JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignRecover
339 (JNIEnv *env, jobject obj, jlong jSessionHandle, jbyteArray jIn, jint jInOfs, jint jInLen, jbyteArray jOut, jint jOutOfs, jint jOutLen)
340 {
341 CK_SESSION_HANDLE ckSessionHandle;
342 CK_RV rv;
343 CK_BYTE INBUF[MAX_STACK_BUFFER_LEN];
344 CK_BYTE OUTBUF[MAX_STACK_BUFFER_LEN];
345 CK_BYTE_PTR inBufP;
346 CK_BYTE_PTR outBufP = OUTBUF;
347 CK_ULONG ckSignatureLength = MAX_STACK_BUFFER_LEN;
348
349 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
350 if (ckpFunctions == NULL) { return 0; }
351
352 ckSessionHandle = jLongToCKULong(jSessionHandle);
353
354 if (jInLen <= MAX_STACK_BUFFER_LEN) {
355 inBufP = INBUF;
356 } else {
357 inBufP = (CK_BYTE_PTR) malloc((size_t)jInLen);
358 if (inBufP == NULL) {
359 throwOutOfMemoryError(env, 0);
360 return 0;
361 }
362 }
363
364 (*env)->GetByteArrayRegion(env, jIn, jInOfs, jInLen, (jbyte *)inBufP);
365 if ((*env)->ExceptionCheck(env)) {
366 if (inBufP != INBUF) { free(inBufP); }
367 return 0;
368 }
369 rv = (*ckpFunctions->C_SignRecover)(ckSessionHandle, inBufP, jInLen, outBufP, &ckSignatureLength);
370 /* re-alloc larger buffer if it fits into our Java buffer */
371 if ((rv == CKR_BUFFER_TOO_SMALL) && (ckSignatureLength <= jIntToCKULong(jOutLen))) {
372 outBufP = (CK_BYTE_PTR) malloc(ckSignatureLength);
373 if (outBufP == NULL) {
374 if (inBufP != INBUF) {
375 free(inBufP);
376 }
377 throwOutOfMemoryError(env, 0);
378 return 0;
379 }
380 rv = (*ckpFunctions->C_SignRecover)(ckSessionHandle, inBufP, jInLen, outBufP, &ckSignatureLength);
381 }
382 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
383 (*env)->SetByteArrayRegion(env, jOut, jOutOfs, ckSignatureLength, (jbyte *)outBufP);
384 }
385
386 if (inBufP != INBUF) { free(inBufP); }
387 if (outBufP != OUTBUF) { free(outBufP); }
388
389 return ckSignatureLength;
390 }
391 #endif
392
393 #ifdef P11_ENABLE_C_VERIFYINIT
394 /*
395 * Class: sun_security_pkcs11_wrapper_PKCS11
396 * Method: C_VerifyInit
397 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J)V
398 * Parametermapping: *PKCS11*
399 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
400 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
401 * @return jlong jKeyHandle CK_OBJECT_HANDLE hKey
402 */
403 JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyInit
404 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jKeyHandle)
405 {
406 CK_SESSION_HANDLE ckSessionHandle;
407 CK_MECHANISM ckMechanism;
408 CK_OBJECT_HANDLE ckKeyHandle;
409 CK_RV rv;
410
411 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
412 if (ckpFunctions == NULL) { return; }
413
414 ckSessionHandle = jLongToCKULong(jSessionHandle);
415 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
416 if ((*env)->ExceptionCheck(env)) { return; }
417
418 ckKeyHandle = jLongToCKULong(jKeyHandle);
419
420 rv = (*ckpFunctions->C_VerifyInit)(ckSessionHandle, &ckMechanism, ckKeyHandle);
421
422 if(ckMechanism.pParameter != NULL_PTR) {
423 free(ckMechanism.pParameter);
424 }
425
426 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; }
427 }
428 #endif
429
430 #ifdef P11_ENABLE_C_VERIFY
431 /*
432 * Class: sun_security_pkcs11_wrapper_PKCS11
433 * Method: C_Verify
434 * Signature: (J[B[B)V
435 * Parametermapping: *PKCS11*
436 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
437 * @param jbyteArray jData CK_BYTE_PTR pData
438 * CK_ULONG ulDataLen
439 * @param jbyteArray jSignature CK_BYTE_PTR pSignature
440 * CK_ULONG_PTR pulSignatureLen
441 */
442 JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1Verify
443 (JNIEnv *env, jobject obj, jlong jSessionHandle, jbyteArray jData, jbyteArray jSignature)
444 {
445 CK_SESSION_HANDLE ckSessionHandle;
446 CK_BYTE_PTR ckpData = NULL_PTR;
447 CK_BYTE_PTR ckpSignature = NULL_PTR;
448 CK_ULONG ckDataLength;
449 CK_ULONG ckSignatureLength;
450 CK_RV rv;
451
452 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
453 if (ckpFunctions == NULL) { return; }
454
455 ckSessionHandle = jLongToCKULong(jSessionHandle);
456 jByteArrayToCKByteArray(env, jData, &ckpData, &ckDataLength);
457 if ((*env)->ExceptionCheck(env)) { return; }
458
459 jByteArrayToCKByteArray(env, jSignature, &ckpSignature, &ckSignatureLength);
460 if ((*env)->ExceptionCheck(env)) {
461 free(ckpData);
462 return;
463 }
464
465 /* verify the signature */
466 rv = (*ckpFunctions->C_Verify)(ckSessionHandle, ckpData, ckDataLength, ckpSignature, ckSignatureLength);
467
468 free(ckpData);
469 free(ckpSignature);
470
471 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; }
472 }
473 #endif
474
475 #ifdef P11_ENABLE_C_VERIFYUPDATE
476 /*
477 * Class: sun_security_pkcs11_wrapper_PKCS11
478 * Method: C_VerifyUpdate
479 * Signature: (J[BII)V
480 * Parametermapping: *PKCS11*
481 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
482 * @param jbyteArray jPart CK_BYTE_PTR pPart
483 * CK_ULONG ulPartLen
484 */
485 JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyUpdate
486 (JNIEnv *env, jobject obj, jlong jSessionHandle, jlong directIn, jbyteArray jIn, jint jInOfs, jint jInLen)
487 {
488 CK_SESSION_HANDLE ckSessionHandle;
489 CK_RV rv;
490 CK_BYTE_PTR bufP;
491 CK_BYTE BUF[MAX_STACK_BUFFER_LEN];
492 jsize bufLen;
493
494 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
495 if (ckpFunctions == NULL) { return; }
496
497 ckSessionHandle = jLongToCKULong(jSessionHandle);
498
499 if (directIn != 0) {
500 rv = (*ckpFunctions->C_VerifyUpdate)(ckSessionHandle, (CK_BYTE_PTR)jlong_to_ptr(directIn), jInLen);
501 ckAssertReturnValueOK(env, rv);
502 return;
503 }
504
505 if (jInLen <= MAX_STACK_BUFFER_LEN) {
506 bufLen = MAX_STACK_BUFFER_LEN;
507 bufP = BUF;
508 } else {
509 bufLen = min(MAX_HEAP_BUFFER_LEN, jInLen);
510 bufP = (CK_BYTE_PTR) malloc((size_t)bufLen);
511 if (bufP == NULL) {
512 throwOutOfMemoryError(env, 0);
513 return;
514 }
515 }
516
517 while (jInLen > 0) {
518 jsize chunkLen = min(bufLen, jInLen);
519 (*env)->GetByteArrayRegion(env, jIn, jInOfs, chunkLen, (jbyte *)bufP);
520 if ((*env)->ExceptionCheck(env)) {
521 if (bufP != BUF) { free(bufP); }
522 return;
523 }
524
525 rv = (*ckpFunctions->C_VerifyUpdate)(ckSessionHandle, bufP, chunkLen);
526 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) {
527 if (bufP != BUF) { free(bufP); }
528 return;
529 }
530 jInOfs += chunkLen;
531 jInLen -= chunkLen;
532 }
533
534 if (bufP != BUF) { free(bufP); }
535 }
536 #endif
537
538 #ifdef P11_ENABLE_C_VERIFYFINAL
539 /*
540 * Class: sun_security_pkcs11_wrapper_PKCS11
541 * Method: C_VerifyFinal
542 * Signature: (J[B)V
543 * Parametermapping: *PKCS11*
544 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
545 * @param jbyteArray jSignature CK_BYTE_PTR pSignature
546 * CK_ULONG ulSignatureLen
547 */
548 JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyFinal
549 (JNIEnv *env, jobject obj, jlong jSessionHandle, jbyteArray jSignature)
550 {
551 CK_SESSION_HANDLE ckSessionHandle;
552 CK_BYTE_PTR ckpSignature = NULL_PTR;
553 CK_ULONG ckSignatureLength;
554 CK_RV rv;
555
556 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
557 if (ckpFunctions == NULL) { return; }
558
559 ckSessionHandle = jLongToCKULong(jSessionHandle);
560 jByteArrayToCKByteArray(env, jSignature, &ckpSignature, &ckSignatureLength);
561 if ((*env)->ExceptionCheck(env)) { return; }
562
563 /* verify the signature */
564 rv = (*ckpFunctions->C_VerifyFinal)(ckSessionHandle, ckpSignature, ckSignatureLength);
565
566 free(ckpSignature);
567
568 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; }
569 }
570 #endif
571
572 #ifdef P11_ENABLE_C_VERIFYRECOVERINIT
573 /*
574 * Class: sun_security_pkcs11_wrapper_PKCS11
575 * Method: C_VerifyRecoverInit
576 * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J)V
577 * Parametermapping: *PKCS11*
578 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
579 * @param jobject jMechanism CK_MECHANISM_PTR pMechanism
580 * @return jlong jKeyHandle CK_OBJECT_HANDLE hKey
581 */
582 JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecoverInit
583 (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jKeyHandle)
584 {
585 CK_SESSION_HANDLE ckSessionHandle;
586 CK_MECHANISM ckMechanism;
587 CK_OBJECT_HANDLE ckKeyHandle;
588 CK_RV rv;
589
590 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
591 if (ckpFunctions == NULL) { return; }
592
593 ckSessionHandle = jLongToCKULong(jSessionHandle);
594 jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
595 if ((*env)->ExceptionCheck(env)) { return; }
596
597 ckKeyHandle = jLongToCKULong(jKeyHandle);
598
599 rv = (*ckpFunctions->C_VerifyRecoverInit)(ckSessionHandle, &ckMechanism, ckKeyHandle);
600
601 if (ckMechanism.pParameter != NULL_PTR) {
602 free(ckMechanism.pParameter);
603 }
604
605 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; }
606 }
607 #endif
608
609 #ifdef P11_ENABLE_C_VERIFYRECOVER
610 /*
611 * Class: sun_security_pkcs11_wrapper_PKCS11
612 * Method: C_VerifyRecover
613 * Signature: (J[BII[BII)I
614 * Parametermapping: *PKCS11*
615 * @param jlong jSessionHandle CK_SESSION_HANDLE hSession
616 * @param jbyteArray jSignature CK_BYTE_PTR pSignature
617 * CK_ULONG ulSignatureLen
618 * @return jbyteArray jData CK_BYTE_PTR pData
619 * CK_ULONG_PTR pulDataLen
620 */
621 JNIEXPORT jint JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecover
622 (JNIEnv *env, jobject obj, jlong jSessionHandle, jbyteArray jIn, jint jInOfs, jint jInLen, jbyteArray jOut, jint jOutOfs, jint jOutLen)
623 {
624 CK_SESSION_HANDLE ckSessionHandle;
625 CK_RV rv;
626 CK_BYTE INBUF[MAX_STACK_BUFFER_LEN];
627 CK_BYTE OUTBUF[MAX_STACK_BUFFER_LEN];
628 CK_BYTE_PTR inBufP;
629 CK_BYTE_PTR outBufP = OUTBUF;
630 CK_ULONG ckDataLength = MAX_STACK_BUFFER_LEN;
631
632 CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
633 if (ckpFunctions == NULL) { return 0; }
634
635 ckSessionHandle = jLongToCKULong(jSessionHandle);
636
637 if (jInLen <= MAX_STACK_BUFFER_LEN) {
638 inBufP = INBUF;
639 } else {
640 inBufP = (CK_BYTE_PTR) malloc((size_t)jInLen);
641 if (inBufP == NULL) {
642 throwOutOfMemoryError(env, 0);
643 return 0;
644 }
645 }
646
647 (*env)->GetByteArrayRegion(env, jIn, jInOfs, jInLen, (jbyte *)inBufP);
648 if ((*env)->ExceptionCheck(env)) {
649 if (inBufP != INBUF) { free(inBufP); }
650 return 0;
651 }
652
653 rv = (*ckpFunctions->C_VerifyRecover)(ckSessionHandle, inBufP, jInLen, outBufP, &ckDataLength);
654
655 /* re-alloc larger buffer if it fits into our Java buffer */
656 if ((rv == CKR_BUFFER_TOO_SMALL) && (ckDataLength <= jIntToCKULong(jOutLen))) {
657 outBufP = (CK_BYTE_PTR) malloc(ckDataLength);
658 if (outBufP == NULL) {
659 if (inBufP != INBUF) { free(inBufP); }
660 throwOutOfMemoryError(env, 0);
661 return 0;
662 }
663 rv = (*ckpFunctions->C_VerifyRecover)(ckSessionHandle, inBufP, jInLen, outBufP, &ckDataLength);
664 }
665 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
666 (*env)->SetByteArrayRegion(env, jOut, jOutOfs, ckDataLength, (jbyte *)outBufP);
667 }
668
669 if (inBufP != INBUF) { free(inBufP); }
670 if (outBufP != OUTBUF) { free(outBufP); }
671
672 return ckDataLength;
673 }
674 #endif