< prev index next >
src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m
Print this page
rev 54093 : 8257858: [macOS]: Remove JNF dependency from libosxsecurity/KeystoreImpl.m
8257860: [macOS]: Remove JNF dependency from libosxkrb5/SCDynamicStoreConfig.m
*** 1,7 ****
/*
! * Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 23,42 ****
* questions.
*/
#import "apple_security_KeychainStore.h"
#import "jni_util.h"
-
#import <Security/Security.h>
#import <Security/SecImportExport.h>
#import <CoreServices/CoreServices.h> // (for require() macros)
! #import <JavaNativeFoundation/JavaNativeFoundation.h>
!
!
! static JNF_CLASS_CACHE(jc_KeychainStore, "apple/security/KeychainStore");
! static JNF_MEMBER_CACHE(jm_createTrustedCertEntry, jc_KeychainStore, "createTrustedCertEntry", "(Ljava/lang/String;JJ[B)V");
! static JNF_MEMBER_CACHE(jm_createKeyEntry, jc_KeychainStore, "createKeyEntry", "(Ljava/lang/String;JJ[J[[B)V");
static jstring getLabelFromItem(JNIEnv *env, SecKeychainItemRef inItem)
{
OSStatus status;
jstring returnValue = NULL;
--- 23,36 ----
* questions.
*/
#import "apple_security_KeychainStore.h"
#import "jni_util.h"
#import <Security/Security.h>
#import <Security/SecImportExport.h>
#import <CoreServices/CoreServices.h> // (for require() macros)
! #import <Cocoa/Cocoa.h>
static jstring getLabelFromItem(JNIEnv *env, SecKeychainItemRef inItem)
{
OSStatus status;
jstring returnValue = NULL;
*** 288,297 ****
--- 282,295 ----
// Pass 0 if you want all identities returned by this search
OSStatus err = SecIdentitySearchCreate(NULL, 0, &identitySearch);
SecIdentityRef theIdentity = NULL;
OSErr searchResult = noErr;
+ jclass jc_KeychainStore = (*env)->FindClass(env, "apple/security/KeychainStore");
+ CHECK_NULL(jc_KeychainStore);
+ jmethodID jm_createKeyEntry = (*env)->GetMethodID(env, jc_KeychainStore, "createKeyEntry", "(Ljava/lang/String;JJ[J[[B)V");
+ CHECK_NULL(jm_createKeyEntry);
do {
searchResult = SecIdentitySearchCopyNext(identitySearch, &theIdentity);
if (searchResult == noErr) {
// Get the cert from the identity, then generate a chain.
*** 357,367 ****
// Find the creation date.
jlong creationDate = getModDateFromItem(env, (SecKeychainItemRef)certificate);
// Call back to the Java object to create Java objects corresponding to this security object.
jlong nativeKeyRef = ptr_to_jlong(privateKeyRef);
! JNFCallVoidMethod(env, keyStore, jm_createKeyEntry, alias, creationDate, nativeKeyRef, certRefArray, javaCertArray);
}
} while (searchResult == noErr);
errOut:
if (identitySearch != NULL) {
--- 355,366 ----
// Find the creation date.
jlong creationDate = getModDateFromItem(env, (SecKeychainItemRef)certificate);
// Call back to the Java object to create Java objects corresponding to this security object.
jlong nativeKeyRef = ptr_to_jlong(privateKeyRef);
! (*env)->CallVoidMethod(env, keyStore, jm_createKeyEntry, alias, creationDate, nativeKeyRef, certRefArray, javaCertArray);
! JNU_CHECK_EXCEPTION(env);
}
} while (searchResult == noErr);
errOut:
if (identitySearch != NULL) {
*** 375,384 ****
--- 374,388 ----
SecKeychainSearchRef keychainItemSearch = NULL;
OSStatus err = SecKeychainSearchCreateFromAttributes(NULL, kSecCertificateItemClass, NULL, &keychainItemSearch);
SecKeychainItemRef theItem = NULL;
OSErr searchResult = noErr;
+ jclass jc_KeychainStore = (*env)->FindClass(env, "apple/security/KeychainStore");
+ CHECK_NULL(jc_KeychainStore);
+ jmethodID jm_createTrustedCertEntry = (*env)->GetMethodID(
+ env, jc_KeychainStore, "createTrustedCertEntry", "(Ljava/lang/String;JJ[B)V");
+ CHECK_NULL(jm_createTrustedCertEntry);
do {
searchResult = SecKeychainSearchCopyNext(keychainItemSearch, &theItem);
if (searchResult == noErr) {
// Make a byte array with the DER-encoded contents of the certificate.
*** 400,410 ****
// Find the creation date.
jlong creationDate = getModDateFromItem(env, theItem);
// Call back to the Java object to create Java objects corresponding to this security object.
jlong nativeRef = ptr_to_jlong(certRef);
! JNFCallVoidMethod(env, keyStore, jm_createTrustedCertEntry, alias, nativeRef, creationDate, certData);
}
} while (searchResult == noErr);
errOut:
if (keychainItemSearch != NULL) {
--- 404,415 ----
// Find the creation date.
jlong creationDate = getModDateFromItem(env, theItem);
// Call back to the Java object to create Java objects corresponding to this security object.
jlong nativeRef = ptr_to_jlong(certRef);
! (*env)->CallVoidMethod(env, keyStore, jm_createTrustedCertEntry, alias, nativeRef, creationDate, certData);
! JNU_CHECK_EXCEPTION(env);
}
} while (searchResult == noErr);
errOut:
if (keychainItemSearch != NULL) {
*** 498,507 ****
--- 503,526 ----
// Scan current keychain for trusted certificates.
addCertificatesToKeystore(env, this);
}
+ NSString* JavaStringToNSString(JNIEnv *env, jstring jstr) {
+ if (jstr == NULL) {
+ return NULL;
+ }
+ jsize len = (*env)->GetStringLength(env, jstr);
+ const jchar *chars = (*env)->GetStringChars(env, jstr, NULL);
+ if (chars == NULL) {
+ return NULL;
+ }
+ NSString *result = [NSString stringWithCharacters:(UniChar *)chars length:len];
+ (*env)->ReleaseStringChars(env, jstr, chars);
+ return result;
+ }
+
/*
* Class: apple_security_KeychainStore
* Method: _addItemToKeychain
* Signature: (Ljava/lang/String;[B)I
*/
*** 509,520 ****
(JNIEnv *env, jobject this, jstring alias, jboolean isCertificate, jbyteArray rawDataObj, jcharArray passwordObj)
{
OSStatus err;
jlong returnValue = 0;
! JNF_COCOA_ENTER(env);
!
jsize dataSize = (*env)->GetArrayLength(env, rawDataObj);
jbyte *rawData = (*env)->GetByteArrayElements(env, rawDataObj, NULL);
if (rawData == NULL) {
goto errOut;
}
--- 528,539 ----
(JNIEnv *env, jobject this, jstring alias, jboolean isCertificate, jbyteArray rawDataObj, jcharArray passwordObj)
{
OSStatus err;
jlong returnValue = 0;
! NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init]; \
! @try {
jsize dataSize = (*env)->GetArrayLength(env, rawDataObj);
jbyte *rawData = (*env)->GetByteArrayElements(env, rawDataObj, NULL);
if (rawData == NULL) {
goto errOut;
}
*** 569,579 ****
if (err == noErr) {
SecKeychainItemRef anItem = (SecKeychainItemRef)CFArrayGetValueAtIndex(createdItems, 0);
// Don't bother labeling keys. They become part of an identity, and are not an accessible part of the keychain.
if (CFGetTypeID(anItem) == SecCertificateGetTypeID()) {
! setLabelForItem(JNFJavaToNSString(env, alias), anItem);
}
// Retain the item, since it will be released once when the array holding it gets released.
CFRetain(anItem);
returnValue = ptr_to_jlong(anItem);
--- 588,598 ----
if (err == noErr) {
SecKeychainItemRef anItem = (SecKeychainItemRef)CFArrayGetValueAtIndex(createdItems, 0);
// Don't bother labeling keys. They become part of an identity, and are not an accessible part of the keychain.
if (CFGetTypeID(anItem) == SecCertificateGetTypeID()) {
! setLabelForItem(JavaStringToNSString(env, alias), anItem);
}
// Retain the item, since it will be released once when the array holding it gets released.
CFRetain(anItem);
returnValue = ptr_to_jlong(anItem);
*** 583,593 ****
if (createdItems != NULL) {
CFRelease(createdItems);
}
! errOut:
if (rawData) {
(*env)->ReleaseByteArrayElements(env, rawDataObj, rawData, JNI_ABORT);
}
if (passwordStrRef) CFRelease(passwordStrRef);
--- 602,612 ----
if (createdItems != NULL) {
CFRelease(createdItems);
}
! errOut:
if (rawData) {
(*env)->ReleaseByteArrayElements(env, rawDataObj, rawData, JNI_ABORT);
}
if (passwordStrRef) CFRelease(passwordStrRef);
*** 595,607 ****
// clear the password and release
memset(passwordChars, 0, passwordLen);
(*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
JNI_ABORT);
}
!
! JNF_COCOA_EXIT(env);
!
return returnValue;
}
/*
* Class: apple_security_KeychainStore
--- 614,628 ----
// clear the password and release
memset(passwordChars, 0, passwordLen);
(*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
JNI_ABORT);
}
! } @catch (NSException *e) {
! NSLog(@"%@", [e callStackSymbols]);
! } @finally {
! [pool drain];
! }
return returnValue;
}
/*
* Class: apple_security_KeychainStore
< prev index next >