376 |
376 |
377 byte[] aad = (aadBuffer.size() > 0? aadBuffer.toByteArray() : null); |
377 byte[] aad = (aadBuffer.size() > 0? aadBuffer.toByteArray() : null); |
378 |
378 |
379 long p11KeyID = p11Key.getKeyID(); |
379 long p11KeyID = p11Key.getKeyID(); |
380 try { |
380 try { |
381 if (session == null) { |
|
382 session = token.getOpSession(); |
|
383 } |
|
384 CK_MECHANISM mechWithParams; |
381 CK_MECHANISM mechWithParams; |
385 switch (blockMode) { |
382 switch (blockMode) { |
386 case MODE_GCM: |
383 case MODE_GCM: |
387 mechWithParams = new CK_MECHANISM(mechanism, |
384 mechWithParams = new CK_MECHANISM(mechanism, |
388 new CK_GCM_PARAMS(tagLen << 3, iv, aad)); |
385 new CK_GCM_PARAMS(tagLen << 3, iv, aad)); |
389 break; |
386 break; |
390 default: |
387 default: |
391 throw new ProviderException("Unsupported mode: " + blockMode); |
388 throw new ProviderException("Unsupported mode: " + blockMode); |
392 } |
389 } |
|
390 if (session == null) { |
|
391 session = token.getOpSession(); |
|
392 } |
393 if (encrypt) { |
393 if (encrypt) { |
394 token.p11.C_EncryptInit(session.id(), mechWithParams, |
394 token.p11.C_EncryptInit(session.id(), mechWithParams, |
395 p11KeyID); |
395 p11KeyID); |
396 } else { |
396 } else { |
397 token.p11.C_DecryptInit(session.id(), mechWithParams, |
397 token.p11.C_DecryptInit(session.id(), mechWithParams, |
398 p11KeyID); |
398 p11KeyID); |
399 } |
399 } |
400 } catch (PKCS11Exception e) { |
400 } catch (PKCS11Exception e) { |
401 //e.printStackTrace(); |
|
402 p11Key.releaseKeyID(); |
401 p11Key.releaseKeyID(); |
403 session = token.releaseSession(session); |
402 session = token.releaseSession(session); |
404 throw e; |
403 throw e; |
405 } finally { |
404 } finally { |
406 dataBuffer.reset(); |
405 dataBuffer.reset(); |
716 (new ShortBufferException().initCause(e)); |
715 (new ShortBufferException().initCause(e)); |
717 } else if (errorCode == CKR_DATA_LEN_RANGE || |
716 } else if (errorCode == CKR_DATA_LEN_RANGE || |
718 errorCode == CKR_ENCRYPTED_DATA_LEN_RANGE) { |
717 errorCode == CKR_ENCRYPTED_DATA_LEN_RANGE) { |
719 throw (IllegalBlockSizeException) |
718 throw (IllegalBlockSizeException) |
720 (new IllegalBlockSizeException(e.toString()).initCause(e)); |
719 (new IllegalBlockSizeException(e.toString()).initCause(e)); |
721 } else if (errorCode == CKR_ENCRYPTED_DATA_INVALID) { |
720 } else if (errorCode == CKR_ENCRYPTED_DATA_INVALID || |
|
721 // Solaris-specific |
|
722 errorCode == CKR_GENERAL_ERROR) { |
722 throw (BadPaddingException) |
723 throw (BadPaddingException) |
723 (new BadPaddingException(e.toString()).initCause(e)); |
724 (new BadPaddingException(e.toString()).initCause(e)); |
724 } |
725 } |
725 } |
726 } |
726 |
727 |