196 // the extracted buffer. |
196 // the extracted buffer. |
197 netscapeAttributeValueNeeded = CK_TRUE; |
197 netscapeAttributeValueNeeded = CK_TRUE; |
198 TRACE0("DEBUG: override CKA_NETSCAPE_DB attr value to TRUE\n"); |
198 TRACE0("DEBUG: override CKA_NETSCAPE_DB attr value to TRUE\n"); |
199 } |
199 } |
200 |
200 |
201 ckpAttributes = (CK_ATTRIBUTE_PTR)malloc( |
201 ckpAttributes = (CK_ATTRIBUTE_PTR) calloc( |
202 CK_ATTRIBUTES_TEMPLATE_LENGTH * sizeof(CK_ATTRIBUTE)); |
202 CK_ATTRIBUTES_TEMPLATE_LENGTH, sizeof(CK_ATTRIBUTE)); |
203 if (ckpAttributes == NULL) { |
203 if (ckpAttributes == NULL) { |
204 throwOutOfMemoryError(env, 0); |
204 throwOutOfMemoryError(env, 0); |
205 goto cleanup; |
205 goto cleanup; |
206 } |
206 } |
207 memcpy(ckpAttributes, ckpAttributesTemplate, |
207 memcpy(ckpAttributes, ckpAttributesTemplate, |
597 |
597 |
598 ckSessionHandle = jLongToCKULong(jSessionHandle); |
598 ckSessionHandle = jLongToCKULong(jSessionHandle); |
599 ckpMechanism = jMechanismToCKMechanismPtr(env, jMechanism); |
599 ckpMechanism = jMechanismToCKMechanismPtr(env, jMechanism); |
600 if ((*env)->ExceptionCheck(env)) { return NULL; } |
600 if ((*env)->ExceptionCheck(env)) { return NULL; } |
601 |
601 |
602 ckpKeyHandles = (CK_OBJECT_HANDLE_PTR) malloc(2 * sizeof(CK_OBJECT_HANDLE)); |
602 ckpKeyHandles = (CK_OBJECT_HANDLE_PTR) calloc(2, sizeof(CK_OBJECT_HANDLE)); |
603 if (ckpKeyHandles == NULL) { |
603 if (ckpKeyHandles == NULL) { |
604 throwOutOfMemoryError(env, 0); |
604 throwOutOfMemoryError(env, 0); |
605 goto cleanup; |
605 goto cleanup; |
606 } |
606 } |
607 ckpPublicKeyHandle = ckpKeyHandles; /* first element of array is Public Key */ |
607 ckpPublicKeyHandle = ckpKeyHandles; /* first element of array is Public Key */ |
696 ckWrappingKeyHandle = jLongToCKULong(jWrappingKeyHandle); |
696 ckWrappingKeyHandle = jLongToCKULong(jWrappingKeyHandle); |
697 ckKeyHandle = jLongToCKULong(jKeyHandle); |
697 ckKeyHandle = jLongToCKULong(jKeyHandle); |
698 |
698 |
699 rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, ckpMechanism, ckWrappingKeyHandle, ckKeyHandle, ckpWrappedKey, &ckWrappedKeyLength); |
699 rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, ckpMechanism, ckWrappingKeyHandle, ckKeyHandle, ckpWrappedKey, &ckWrappedKeyLength); |
700 if (rv == CKR_BUFFER_TOO_SMALL) { |
700 if (rv == CKR_BUFFER_TOO_SMALL) { |
701 ckpWrappedKey = (CK_BYTE_PTR) malloc(ckWrappedKeyLength); |
701 ckpWrappedKey = (CK_BYTE_PTR) |
|
702 calloc(ckWrappedKeyLength, sizeof(CK_BYTE)); |
702 if (ckpWrappedKey == NULL) { |
703 if (ckpWrappedKey == NULL) { |
703 throwOutOfMemoryError(env, 0); |
704 throwOutOfMemoryError(env, 0); |
704 goto cleanup; |
705 goto cleanup; |
705 } |
706 } |
706 |
707 |
791 } |
792 } |
792 #endif |
793 #endif |
793 |
794 |
794 #ifdef P11_ENABLE_C_DERIVEKEY |
795 #ifdef P11_ENABLE_C_DERIVEKEY |
795 |
796 |
796 static void freeMasterKeyDeriveParams(CK_SSL3_RANDOM_DATA *RandomInfo, CK_VERSION_PTR pVersion) { |
|
797 if (RandomInfo->pClientRandom != NULL) { |
|
798 free(RandomInfo->pClientRandom); |
|
799 } |
|
800 if (RandomInfo->pServerRandom != NULL) { |
|
801 free(RandomInfo->pServerRandom); |
|
802 } |
|
803 if (pVersion != NULL) { |
|
804 free(pVersion); |
|
805 } |
|
806 } |
|
807 |
|
808 void ssl3FreeMasterKeyDeriveParams(CK_MECHANISM_PTR ckpMechanism) { |
|
809 CK_SSL3_MASTER_KEY_DERIVE_PARAMS *params = |
|
810 (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *) ckpMechanism->pParameter; |
|
811 if (params == NULL) { |
|
812 return; |
|
813 } |
|
814 freeMasterKeyDeriveParams(&(params->RandomInfo), params->pVersion); |
|
815 } |
|
816 |
|
817 void tls12FreeMasterKeyDeriveParams(CK_MECHANISM_PTR ckpMechanism) { |
|
818 CK_TLS12_MASTER_KEY_DERIVE_PARAMS *params = |
|
819 (CK_TLS12_MASTER_KEY_DERIVE_PARAMS *)ckpMechanism->pParameter; |
|
820 if (params == NULL) { |
|
821 return; |
|
822 } |
|
823 freeMasterKeyDeriveParams(&(params->RandomInfo), params->pVersion); |
|
824 } |
|
825 |
|
826 void freeEcdh1DeriveParams(CK_MECHANISM_PTR ckpMechanism) { |
|
827 CK_ECDH1_DERIVE_PARAMS *params = |
|
828 (CK_ECDH1_DERIVE_PARAMS *)ckpMechanism->pParameter; |
|
829 if (params == NULL) { |
|
830 return; |
|
831 } |
|
832 |
|
833 if (params->pSharedData != NULL) { |
|
834 free(params->pSharedData); |
|
835 } |
|
836 if (params->pPublicData != NULL) { |
|
837 free(params->pPublicData); |
|
838 } |
|
839 } |
|
840 |
|
841 /* |
797 /* |
842 * Copy back the PRF output to Java. |
798 * Copy back the PRF output to Java. |
843 */ |
799 */ |
844 void copyBackTLSPrfParams(JNIEnv *env, CK_MECHANISM_PTR ckpMechanism, jobject jMechanism) |
800 void copyBackTLSPrfParams(JNIEnv *env, CK_MECHANISM_PTR ckpMechanism, jobject jMechanism) |
845 { |
801 { |
895 jBytes[i] = ckByteToJByte(output[i]); |
851 jBytes[i] = ckByteToJByte(output[i]); |
896 } |
852 } |
897 /* copy back the Java buffer to the object */ |
853 /* copy back the Java buffer to the object */ |
898 (*env)->ReleaseByteArrayElements(env, jOutput, jBytes, 0); |
854 (*env)->ReleaseByteArrayElements(env, jOutput, jBytes, 0); |
899 } |
855 } |
900 |
|
901 // free malloc'd data |
|
902 free(ckTLSPrfParams->pSeed); |
|
903 free(ckTLSPrfParams->pLabel); |
|
904 free(ckTLSPrfParams->pulOutputLen); |
|
905 free(ckTLSPrfParams->pOutput); |
|
906 } |
856 } |
907 } |
857 } |
908 |
858 |
909 /* |
859 /* |
910 * Class: sun_security_pkcs11_wrapper_PKCS11 |
860 * Class: sun_security_pkcs11_wrapper_PKCS11 |
966 switch (ckpMechanism->mechanism) { |
916 switch (ckpMechanism->mechanism) { |
967 case CKM_SSL3_MASTER_KEY_DERIVE: |
917 case CKM_SSL3_MASTER_KEY_DERIVE: |
968 case CKM_TLS_MASTER_KEY_DERIVE: |
918 case CKM_TLS_MASTER_KEY_DERIVE: |
969 /* we must copy back the client version */ |
919 /* we must copy back the client version */ |
970 ssl3CopyBackClientVersion(env, ckpMechanism, jMechanism); |
920 ssl3CopyBackClientVersion(env, ckpMechanism, jMechanism); |
971 ssl3FreeMasterKeyDeriveParams(ckpMechanism); |
|
972 break; |
921 break; |
973 case CKM_TLS12_MASTER_KEY_DERIVE: |
922 case CKM_TLS12_MASTER_KEY_DERIVE: |
974 tls12CopyBackClientVersion(env, ckpMechanism, jMechanism); |
923 tls12CopyBackClientVersion(env, ckpMechanism, jMechanism); |
975 tls12FreeMasterKeyDeriveParams(ckpMechanism); |
|
976 break; |
|
977 case CKM_SSL3_MASTER_KEY_DERIVE_DH: |
|
978 case CKM_TLS_MASTER_KEY_DERIVE_DH: |
|
979 ssl3FreeMasterKeyDeriveParams(ckpMechanism); |
|
980 break; |
|
981 case CKM_TLS12_MASTER_KEY_DERIVE_DH: |
|
982 tls12FreeMasterKeyDeriveParams(ckpMechanism); |
|
983 break; |
924 break; |
984 case CKM_SSL3_KEY_AND_MAC_DERIVE: |
925 case CKM_SSL3_KEY_AND_MAC_DERIVE: |
985 case CKM_TLS_KEY_AND_MAC_DERIVE: |
926 case CKM_TLS_KEY_AND_MAC_DERIVE: |
986 /* we must copy back the unwrapped key info to the jMechanism object */ |
927 /* we must copy back the unwrapped key info to the jMechanism object */ |
987 ssl3CopyBackKeyMatParams(env, ckpMechanism, jMechanism); |
928 ssl3CopyBackKeyMatParams(env, ckpMechanism, jMechanism); |
991 tls12CopyBackKeyMatParams(env, ckpMechanism, jMechanism); |
932 tls12CopyBackKeyMatParams(env, ckpMechanism, jMechanism); |
992 break; |
933 break; |
993 case CKM_TLS_PRF: |
934 case CKM_TLS_PRF: |
994 copyBackTLSPrfParams(env, ckpMechanism, jMechanism); |
935 copyBackTLSPrfParams(env, ckpMechanism, jMechanism); |
995 break; |
936 break; |
996 case CKM_ECDH1_DERIVE: |
|
997 freeEcdh1DeriveParams(ckpMechanism); |
|
998 break; |
|
999 default: |
937 default: |
1000 // empty |
938 // empty |
1001 break; |
939 break; |
1002 } |
940 } |
1003 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { |
941 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { |
1129 if (ckMechanismType != ckpMechanism->mechanism) { |
1067 if (ckMechanismType != ckpMechanism->mechanism) { |
1130 /* we do not have maching types, this should not occur */ |
1068 /* we do not have maching types, this should not occur */ |
1131 return; |
1069 return; |
1132 } |
1070 } |
1133 |
1071 |
1134 // free malloc'd data |
|
1135 if (RandomInfo->pClientRandom != NULL) { |
|
1136 free(RandomInfo->pClientRandom); |
|
1137 } |
|
1138 if (RandomInfo->pServerRandom != NULL) { |
|
1139 free(RandomInfo->pServerRandom); |
|
1140 } |
|
1141 |
|
1142 if (ckSSL3KeyMatOut != NULL_PTR) { |
1072 if (ckSSL3KeyMatOut != NULL_PTR) { |
1143 /* get the Java params object (pParameter) */ |
1073 /* get the Java params object (pParameter) */ |
1144 fieldID = (*env)->GetFieldID(env, jMechanismClass, "pParameter", |
1074 fieldID = (*env)->GetFieldID(env, jMechanismClass, "pParameter", |
1145 "Ljava/lang/Object;"); |
1075 "Ljava/lang/Object;"); |
1146 if (fieldID == NULL) { return; } |
1076 if (fieldID == NULL) { return; } |
1198 jBytes[i] = ckByteToJByte(iv[i]); |
1128 jBytes[i] = ckByteToJByte(iv[i]); |
1199 } |
1129 } |
1200 /* copy back the Java buffer to the object */ |
1130 /* copy back the Java buffer to the object */ |
1201 (*env)->ReleaseByteArrayElements(env, jIV, jBytes, 0); |
1131 (*env)->ReleaseByteArrayElements(env, jIV, jBytes, 0); |
1202 } |
1132 } |
1203 // free malloc'd data |
|
1204 free(ckSSL3KeyMatOut->pIVClient); |
|
1205 |
1133 |
1206 /* copy back the server IV */ |
1134 /* copy back the server IV */ |
1207 fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "pIVServer", "[B"); |
1135 fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "pIVServer", "[B"); |
1208 if (fieldID == NULL) { return; } |
1136 if (fieldID == NULL) { return; } |
1209 jIV = (*env)->GetObjectField(env, jSSL3KeyMatOut, fieldID); |
1137 jIV = (*env)->GetObjectField(env, jSSL3KeyMatOut, fieldID); |
1218 jBytes[i] = ckByteToJByte(iv[i]); |
1146 jBytes[i] = ckByteToJByte(iv[i]); |
1219 } |
1147 } |
1220 /* copy back the Java buffer to the object */ |
1148 /* copy back the Java buffer to the object */ |
1221 (*env)->ReleaseByteArrayElements(env, jIV, jBytes, 0); |
1149 (*env)->ReleaseByteArrayElements(env, jIV, jBytes, 0); |
1222 } |
1150 } |
1223 // free malloc'd data |
|
1224 free(ckSSL3KeyMatOut->pIVServer); |
|
1225 free(ckSSL3KeyMatOut); |
|
1226 } |
1151 } |
1227 } |
1152 } |
1228 |
1153 |
1229 /* |
1154 /* |
1230 * Copy back the derived keys and initialization vectors from the native |
1155 * Copy back the derived keys and initialization vectors from the native |