Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/share/classes/sun/security/pkcs11/P11TlsKeyMaterialGenerator.java
changeset 16067 36055e4b5305
parent 16045 9d08c3b9a6a0
child 16913 a6f4d1626ad9
equal deleted inserted replaced
16066:b9fb0d9c58ec 16067:36055e4b5305 
     1 /*
 
     1 /*
 
     2  * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
 
     2  * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     4  *
 
     4  *
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     7  * published by the Free Software Foundation.  Oracle designates this
 
     7  * published by the Free Software Foundation.  Oracle designates this
 
   166 
   166 
   167             CK_SSL3_KEY_MAT_OUT out = params.pReturnedKeyMaterial;
 
   167             CK_SSL3_KEY_MAT_OUT out = params.pReturnedKeyMaterial;
 
   168             // Note that the MAC keys do not inherit all attributes from the
 
   168             // Note that the MAC keys do not inherit all attributes from the
 
   169             // template, but they do inherit the sensitive/extractable/token
 
   169             // template, but they do inherit the sensitive/extractable/token
 
   170             // flags, which is all P11Key cares about.
 
   170             // flags, which is all P11Key cares about.
 
   171             SecretKey clientMacKey, serverMacKey;
 
   171             SecretKey clientMacKey = P11Key.secretKey
 
   172 
       
   173             // The MAC size may be zero for GCM mode.
 
       
   174             //
 
       
   175             // PKCS11 does not support GCM mode as the author made the comment,
 
       
   176             // so the macBits is unlikely to be zero. It's only a place holder.
 
       
   177             if (macBits != 0) {
 
       
   178                 clientMacKey = P11Key.secretKey
 
       
   179                     (session, out.hClientMacSecret, "MAC", macBits, attributes);
 
   172                     (session, out.hClientMacSecret, "MAC", macBits, attributes);
 
   180                 serverMacKey = P11Key.secretKey
 
   173             SecretKey serverMacKey = P11Key.secretKey
 
   181                     (session, out.hServerMacSecret, "MAC", macBits, attributes);
 
   174                     (session, out.hServerMacSecret, "MAC", macBits, attributes);
 
   182             } else {
 
       
   183                 clientMacKey = null;
 
       
   184                 serverMacKey = null;
 
       
   185             }
 
       
   186 
       
   187             SecretKey clientCipherKey, serverCipherKey;
 
   175             SecretKey clientCipherKey, serverCipherKey;
 
   188             if (keyBits != 0) {
 
   176             if (keyBits != 0) {
 
   189                 clientCipherKey = P11Key.secretKey(session, out.hClientKey,
 
   177                 clientCipherKey = P11Key.secretKey(session, out.hClientKey,
 
   190                         cipherAlgorithm, expandedKeyBits, attributes);
 
   178                         cipherAlgorithm, expandedKeyBits, attributes);
 
   191                 serverCipherKey = P11Key.secretKey(session, out.hServerKey,
 
   179                 serverCipherKey = P11Key.secretKey(session, out.hServerKey,
jdk-sandbox