--- a/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_util.c Mon Oct 07 18:44:53 2019 -0400
+++ b/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_util.c Tue Oct 08 00:01:20 2019 +0000
@@ -302,29 +302,30 @@
CK_TLS12_KEY_MAT_PARAMS* tlsKmTmp;
if (mechPtr != NULL) {
- TRACE2("DEBUG: free mech %lX (mech id = 0x%lX)\n",
- ptr_to_jlong(mechPtr), mechPtr->mechanism);
+ TRACE2("DEBUG freeCKMechanismPtr: free pMech %p (mech 0x%lX)\n",
+ mechPtr, mechPtr->mechanism);
if (mechPtr->pParameter != NULL) {
+ tmp = mechPtr->pParameter;
switch (mechPtr->mechanism) {
case CKM_AES_GCM:
- tmp = mechPtr->pParameter;
- TRACE1("\t=> free GCM_PARAMS %lX\n",
- ptr_to_jlong(tmp));
- free(((CK_GCM_PARAMS*)tmp)->pIv);
- free(((CK_GCM_PARAMS*)tmp)->pAAD);
+ if (mechPtr->ulParameterLen == sizeof(CK_GCM_PARAMS_NO_IVBITS)) {
+ TRACE0("[ GCM_PARAMS w/o ulIvBits ]\n");
+ free(((CK_GCM_PARAMS_NO_IVBITS*)tmp)->pIv);
+ free(((CK_GCM_PARAMS_NO_IVBITS*)tmp)->pAAD);
+ } else if (mechPtr->ulParameterLen == sizeof(CK_GCM_PARAMS)) {
+ TRACE0("[ GCM_PARAMS ]\n");
+ free(((CK_GCM_PARAMS*)tmp)->pIv);
+ free(((CK_GCM_PARAMS*)tmp)->pAAD);
+ }
break;
case CKM_AES_CCM:
- tmp = mechPtr->pParameter;
- TRACE1("\t=> free CK_CCM_PARAMS %lX\n",
- ptr_to_jlong(tmp));
+ TRACE0("[ CK_CCM_PARAMS ]\n");
free(((CK_CCM_PARAMS*)tmp)->pNonce);
free(((CK_CCM_PARAMS*)tmp)->pAAD);
break;
case CKM_TLS_PRF:
case CKM_NSS_TLS_PRF_GENERAL:
- tmp = mechPtr->pParameter;
- TRACE1("\t=> free CK_TLS_PRF_PARAMS %lX\n",
- ptr_to_jlong(tmp));
+ TRACE0("[ CK_TLS_PRF_PARAMS ]\n");
free(((CK_TLS_PRF_PARAMS*)tmp)->pSeed);
free(((CK_TLS_PRF_PARAMS*)tmp)->pLabel);
free(((CK_TLS_PRF_PARAMS*)tmp)->pulOutputLen);
@@ -334,18 +335,16 @@
case CKM_TLS_MASTER_KEY_DERIVE:
case CKM_SSL3_MASTER_KEY_DERIVE_DH:
case CKM_TLS_MASTER_KEY_DERIVE_DH:
- sslMkdTmp = mechPtr->pParameter;
- TRACE1("\t=> free CK_SSL3_MASTER_KEY_DERIVE_PARAMS %lX\n",
- ptr_to_jlong(sslMkdTmp));
+ sslMkdTmp = tmp;
+ TRACE0("[ CK_SSL3_MASTER_KEY_DERIVE_PARAMS ]\n");
free(sslMkdTmp->RandomInfo.pClientRandom);
free(sslMkdTmp->RandomInfo.pServerRandom);
free(sslMkdTmp->pVersion);
break;
case CKM_SSL3_KEY_AND_MAC_DERIVE:
case CKM_TLS_KEY_AND_MAC_DERIVE:
- sslKmTmp = mechPtr->pParameter;
- TRACE1("\t=> free CK_SSL3_KEY_MAT_PARAMS %lX\n",
- ptr_to_jlong(sslKmTmp));
+ sslKmTmp = tmp;
+ TRACE0("[ CK_SSL3_KEY_MAT_PARAMS ]\n");
free(sslKmTmp->RandomInfo.pClientRandom);
free(sslKmTmp->RandomInfo.pServerRandom);
if (sslKmTmp->pReturnedKeyMaterial != NULL) {
@@ -356,17 +355,15 @@
break;
case CKM_TLS12_MASTER_KEY_DERIVE:
case CKM_TLS12_MASTER_KEY_DERIVE_DH:
- tlsMkdTmp = mechPtr->pParameter;
- TRACE1("\t=> CK_TLS12_MASTER_KEY_DERIVE_PARAMS %lX\n",
- ptr_to_jlong(tlsMkdTmp));
+ tlsMkdTmp = tmp;
+ TRACE0("[ CK_TLS12_MASTER_KEY_DERIVE_PARAMS ]\n");
free(tlsMkdTmp->RandomInfo.pClientRandom);
free(tlsMkdTmp->RandomInfo.pServerRandom);
free(tlsMkdTmp->pVersion);
break;
case CKM_TLS12_KEY_AND_MAC_DERIVE:
- tlsKmTmp = mechPtr->pParameter;
- TRACE1("\t=> free CK_TLS12_KEY_MAT_PARAMS %lX\n",
- ptr_to_jlong(tlsKmTmp));
+ tlsKmTmp = tmp;
+ TRACE0("[ CK_TLS12_KEY_MAT_PARAMS ]\n");
free(tlsKmTmp->RandomInfo.pClientRandom);
free(tlsKmTmp->RandomInfo.pServerRandom);
if (tlsKmTmp->pReturnedKeyMaterial != NULL) {
@@ -377,9 +374,7 @@
break;
case CKM_ECDH1_DERIVE:
case CKM_ECDH1_COFACTOR_DERIVE:
- tmp = mechPtr->pParameter;
- TRACE1("\t=> free CK_ECDH1_DERIVE_PARAMS %lX\n",
- ptr_to_jlong(tmp));
+ TRACE0("[ CK_ECDH1_DERIVE_PARAMS ]\n");
free(((CK_ECDH1_DERIVE_PARAMS *)tmp)->pSharedData);
free(((CK_ECDH1_DERIVE_PARAMS *)tmp)->pPublicData);
break;
@@ -387,7 +382,6 @@
case CKM_AES_CTR:
case CKM_RSA_PKCS_PSS:
case CKM_CAMELLIA_CTR:
- TRACE0("\t=> NO OP\n");
// params do not contain pointers
break;
default:
@@ -399,17 +393,59 @@
// CKM_EXTRACT_KEY_FROM_KEY, CKM_OTP, CKM_KIP,
// CKM_DSA_PARAMETER_GEN?, CKM_GOSTR3410_*
// CK_any_CBC_ENCRYPT_DATA?
- TRACE0("\t=> ERROR UNSUPPORTED CK PARAMS\n");
+ TRACE0("ERROR: UNSUPPORTED CK_MECHANISM\n");
break;
}
- free(mechPtr->pParameter);
+ TRACE1("\t=> freed param %p\n", tmp);
+ free(tmp);
} else {
- TRACE0("DEBUG => Parameter NULL\n");
+ TRACE0("\t=> param NULL\n");
}
free(mechPtr);
+ TRACE0("FINISHED\n");
}
}
+/* This function replaces the CK_GCM_PARAMS_NO_IVBITS structure associated
+ * with the specified CK_MECHANISM structure with CK_GCM_PARAMS
+ * structure.
+ *
+ * @param mechPtr pointer to the CK_MECHANISM structure containing
+ * the to-be-converted CK_GCM_PARAMS_NO_IVBITS structure.
+ * @return pointer to the CK_MECHANISM structure containing the
+ * converted CK_GCM_PARAMS structure or NULL if no conversion took place.
+ */
+CK_MECHANISM_PTR updateGCMParams(JNIEnv *env, CK_MECHANISM_PTR mechPtr) {
+ CK_GCM_PARAMS* pGcmParams2 = NULL;
+ CK_GCM_PARAMS_NO_IVBITS* pParams = NULL;
+ if ((mechPtr->mechanism == CKM_AES_GCM) &&
+ (mechPtr->pParameter != NULL_PTR) &&
+ (mechPtr->ulParameterLen == sizeof(CK_GCM_PARAMS_NO_IVBITS))) {
+ pGcmParams2 = calloc(1, sizeof(CK_GCM_PARAMS));
+ if (pGcmParams2 == NULL) {
+ throwOutOfMemoryError(env, 0);
+ return NULL;
+ }
+ pParams = (CK_GCM_PARAMS_NO_IVBITS*) mechPtr->pParameter;
+ pGcmParams2->pIv = pParams->pIv;
+ pGcmParams2->ulIvLen = pParams->ulIvLen;
+ pGcmParams2->ulIvBits = (pGcmParams2->ulIvLen << 3);
+ pGcmParams2->pAAD = pParams->pAAD;
+ pGcmParams2->ulAADLen = pParams->ulAADLen;
+ pGcmParams2->ulTagBits = pParams->ulTagBits;
+ TRACE1("DEBUG updateGCMParams: pMech %p\n", mechPtr);
+ TRACE2("\t=> GCM param w/o ulIvBits %p => GCM param %p\n", pParams,
+ pGcmParams2);
+ free(pParams);
+ mechPtr->pParameter = pGcmParams2;
+ mechPtr->ulParameterLen = sizeof(CK_GCM_PARAMS);
+ return mechPtr;
+ } else {
+ TRACE0("DEBUG updateGCMParams: no conversion done\n");
+ }
+ return NULL;
+}
+
/*
* the following functions convert Java arrays to PKCS#11 array pointers and
* their array length and vice versa