< prev index next >
src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m
Print this page
rev 54093 : 8257858: [macOS]: Remove JNF dependency from libosxsecurity/KeystoreImpl.m
8257860: [macOS]: Remove JNF dependency from libosxkrb5/SCDynamicStoreConfig.m
@@ -1,7 +1,7 @@
/*
- * Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
@@ -23,20 +23,14 @@
* questions.
*/
#import "apple_security_KeychainStore.h"
#import "jni_util.h"
-
#import <Security/Security.h>
#import <Security/SecImportExport.h>
#import <CoreServices/CoreServices.h> // (for require() macros)
-#import <JavaNativeFoundation/JavaNativeFoundation.h>
-
-
-static JNF_CLASS_CACHE(jc_KeychainStore, "apple/security/KeychainStore");
-static JNF_MEMBER_CACHE(jm_createTrustedCertEntry, jc_KeychainStore, "createTrustedCertEntry", "(Ljava/lang/String;JJ[B)V");
-static JNF_MEMBER_CACHE(jm_createKeyEntry, jc_KeychainStore, "createKeyEntry", "(Ljava/lang/String;JJ[J[[B)V");
+#import <Cocoa/Cocoa.h>
static jstring getLabelFromItem(JNIEnv *env, SecKeychainItemRef inItem)
{
OSStatus status;
jstring returnValue = NULL;
@@ -288,10 +282,14 @@
// Pass 0 if you want all identities returned by this search
OSStatus err = SecIdentitySearchCreate(NULL, 0, &identitySearch);
SecIdentityRef theIdentity = NULL;
OSErr searchResult = noErr;
+ jclass jc_KeychainStore = (*env)->FindClass(env, "apple/security/KeychainStore");
+ CHECK_NULL(jc_KeychainStore);
+ jmethodID jm_createKeyEntry = (*env)->GetMethodID(env, jc_KeychainStore, "createKeyEntry", "(Ljava/lang/String;JJ[J[[B)V");
+ CHECK_NULL(jm_createKeyEntry);
do {
searchResult = SecIdentitySearchCopyNext(identitySearch, &theIdentity);
if (searchResult == noErr) {
// Get the cert from the identity, then generate a chain.
@@ -357,11 +355,12 @@
// Find the creation date.
jlong creationDate = getModDateFromItem(env, (SecKeychainItemRef)certificate);
// Call back to the Java object to create Java objects corresponding to this security object.
jlong nativeKeyRef = ptr_to_jlong(privateKeyRef);
- JNFCallVoidMethod(env, keyStore, jm_createKeyEntry, alias, creationDate, nativeKeyRef, certRefArray, javaCertArray);
+ (*env)->CallVoidMethod(env, keyStore, jm_createKeyEntry, alias, creationDate, nativeKeyRef, certRefArray, javaCertArray);
+ JNU_CHECK_EXCEPTION(env);
}
} while (searchResult == noErr);
errOut:
if (identitySearch != NULL) {
@@ -375,10 +374,15 @@
SecKeychainSearchRef keychainItemSearch = NULL;
OSStatus err = SecKeychainSearchCreateFromAttributes(NULL, kSecCertificateItemClass, NULL, &keychainItemSearch);
SecKeychainItemRef theItem = NULL;
OSErr searchResult = noErr;
+ jclass jc_KeychainStore = (*env)->FindClass(env, "apple/security/KeychainStore");
+ CHECK_NULL(jc_KeychainStore);
+ jmethodID jm_createTrustedCertEntry = (*env)->GetMethodID(
+ env, jc_KeychainStore, "createTrustedCertEntry", "(Ljava/lang/String;JJ[B)V");
+ CHECK_NULL(jm_createTrustedCertEntry);
do {
searchResult = SecKeychainSearchCopyNext(keychainItemSearch, &theItem);
if (searchResult == noErr) {
// Make a byte array with the DER-encoded contents of the certificate.
@@ -400,11 +404,12 @@
// Find the creation date.
jlong creationDate = getModDateFromItem(env, theItem);
// Call back to the Java object to create Java objects corresponding to this security object.
jlong nativeRef = ptr_to_jlong(certRef);
- JNFCallVoidMethod(env, keyStore, jm_createTrustedCertEntry, alias, nativeRef, creationDate, certData);
+ (*env)->CallVoidMethod(env, keyStore, jm_createTrustedCertEntry, alias, nativeRef, creationDate, certData);
+ JNU_CHECK_EXCEPTION(env);
}
} while (searchResult == noErr);
errOut:
if (keychainItemSearch != NULL) {
@@ -498,10 +503,24 @@
// Scan current keychain for trusted certificates.
addCertificatesToKeystore(env, this);
}
+NSString* JavaStringToNSString(JNIEnv *env, jstring jstr) {
+ if (jstr == NULL) {
+ return NULL;
+ }
+ jsize len = (*env)->GetStringLength(env, jstr);
+ const jchar *chars = (*env)->GetStringChars(env, jstr, NULL);
+ if (chars == NULL) {
+ return NULL;
+ }
+ NSString *result = [NSString stringWithCharacters:(UniChar *)chars length:len];
+ (*env)->ReleaseStringChars(env, jstr, chars);
+ return result;
+}
+
/*
* Class: apple_security_KeychainStore
* Method: _addItemToKeychain
* Signature: (Ljava/lang/String;[B)I
*/
@@ -509,12 +528,12 @@
(JNIEnv *env, jobject this, jstring alias, jboolean isCertificate, jbyteArray rawDataObj, jcharArray passwordObj)
{
OSStatus err;
jlong returnValue = 0;
-JNF_COCOA_ENTER(env);
-
+ NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init]; \
+ @try {
jsize dataSize = (*env)->GetArrayLength(env, rawDataObj);
jbyte *rawData = (*env)->GetByteArrayElements(env, rawDataObj, NULL);
if (rawData == NULL) {
goto errOut;
}
@@ -569,11 +588,11 @@
if (err == noErr) {
SecKeychainItemRef anItem = (SecKeychainItemRef)CFArrayGetValueAtIndex(createdItems, 0);
// Don't bother labeling keys. They become part of an identity, and are not an accessible part of the keychain.
if (CFGetTypeID(anItem) == SecCertificateGetTypeID()) {
- setLabelForItem(JNFJavaToNSString(env, alias), anItem);
+ setLabelForItem(JavaStringToNSString(env, alias), anItem);
}
// Retain the item, since it will be released once when the array holding it gets released.
CFRetain(anItem);
returnValue = ptr_to_jlong(anItem);
@@ -583,11 +602,11 @@
if (createdItems != NULL) {
CFRelease(createdItems);
}
-errOut:
+ errOut:
if (rawData) {
(*env)->ReleaseByteArrayElements(env, rawDataObj, rawData, JNI_ABORT);
}
if (passwordStrRef) CFRelease(passwordStrRef);
@@ -595,13 +614,15 @@
// clear the password and release
memset(passwordChars, 0, passwordLen);
(*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
JNI_ABORT);
}
-
-JNF_COCOA_EXIT(env);
-
+ } @catch (NSException *e) {
+ NSLog(@"%@", [e callStackSymbols]);
+ } @finally {
+ [pool drain];
+ }
return returnValue;
}
/*
* Class: apple_security_KeychainStore
< prev index next >