Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java
changeset 12201 d77ed23f4992
parent 10336 0bb1999251f8
child 16080 0e6266b88242
equal deleted inserted replaced
12200:d935c2f4aeae 12201:d77ed23f4992 
     1 /*
 
     1 /*
 
     2  * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
 
     2  * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     4  *
 
     4  *
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     7  * published by the Free Software Foundation.  Oracle designates this
 
     7  * published by the Free Software Foundation.  Oracle designates this
 
   196                 new CK_ATTRIBUTE(CKA_VALUE)
 
   196                 new CK_ATTRIBUTE(CKA_VALUE)
 
   197             };
 
   197             };
 
   198             token.p11.C_GetAttributeValue(session.id(), keyID, attributes);
 
   198             token.p11.C_GetAttributeValue(session.id(), keyID, attributes);
 
   199             byte[] secret = attributes[0].getByteArray();
 
   199             byte[] secret = attributes[0].getByteArray();
 
   200             token.p11.C_DestroyObject(session.id(), keyID);
 
   200             token.p11.C_DestroyObject(session.id(), keyID);
 
   201             // trim leading 0x00 bytes per JCE convention
 
   201             // Some vendors, e.g. NSS, trim off the leading 0x00 byte(s) from
 
   202             return P11Util.trimZeroes(secret);
 
   202             // the generated secret. Thus, we need to check the secret length
 
       
   203             // and trim/pad it so the returned value has the same length as
 
       
   204             // the modulus size
 
       
   205             if (secret.length == secretLen) {
 
       
   206                 return secret;
 
       
   207             } else {
 
       
   208                 if (secret.length > secretLen) {
 
       
   209                     // Shouldn't happen; but check just in case
 
       
   210                     throw new ProviderException("generated secret is out-of-range");
 
       
   211                 }
 
       
   212                 byte[] newSecret = new byte[secretLen];
 
       
   213                 System.arraycopy(secret, 0, newSecret, secretLen - secret.length,
 
       
   214                     secret.length);
 
       
   215                 return newSecret;
 
       
   216             }
 
   203         } catch (PKCS11Exception e) {
 
   217         } catch (PKCS11Exception e) {
 
   204             throw new ProviderException("Could not derive key", e);
 
   218             throw new ProviderException("Could not derive key", e);
 
   205         } finally {
 
   219         } finally {
 
   206             publicValue = null;
 
   220             publicValue = null;
 
   207             token.releaseSession(session);
 
   221             token.releaseSession(session);
jdk-sandbox