# HG changeset patch # User valeriep # Date 1298404895 28800 # Node ID 62c7b10ce177a806d7d0b6f3f7cb443b0f1fb8e9 # Parent 75bedadddefa6224f573832280973763d670fa2a 6604496: Support for CKM_AES_CTR (counter mode) Summary: Enhanced SunPKCS11 provider to support AES/CTR/NoPadding transformation. Reviewed-by: vinnie diff -r 75bedadddefa -r 62c7b10ce177 jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java --- a/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java Tue Feb 22 14:44:43 2011 +0000 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java Tue Feb 22 12:01:35 2011 -0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -42,14 +42,12 @@ * Cipher implementation class. This class currently supports * DES, DESede, AES, ARCFOUR, and Blowfish. * - * This class is designed to support ECB and CBC with NoPadding and - * PKCS5Padding for both. It will use its own padding impl if the - * native mechanism does not support padding. + * This class is designed to support ECB, CBC, CTR with NoPadding + * and ECB, CBC with PKCS5Padding. It will use its own padding impl + * if the native mechanism does not support padding. * - * Note that PKCS#11 current only supports ECB and CBC. There are no - * provisions for other modes such as CFB, OFB, PCBC, or CTR mode. - * However, CTR could be implemented relatively easily (and efficiently) - * on top of ECB mode in this class, if need be. + * Note that PKCS#11 currently only supports ECB, CBC, and CTR. + * There are no provisions for other modes such as CFB, OFB, and PCBC. * * @author Andreas Sterbenz * @since 1.5 @@ -60,6 +58,8 @@ private final static int MODE_ECB = 3; // mode constant for CBC mode private final static int MODE_CBC = 4; + // mode constant for CTR mode + private final static int MODE_CTR = 5; // padding constant for NoPadding private final static int PAD_NONE = 5; @@ -157,7 +157,7 @@ private byte[] padBuffer; private int padBufferLen; - // original IV, if in MODE_CBC + // original IV, if in MODE_CBC or MODE_CTR private byte[] iv; // number of bytes buffered internally by the native mechanism and padBuffer @@ -213,6 +213,8 @@ ("CBC mode not supported with stream ciphers"); } result = MODE_CBC; + } else if (mode.equals("CTR")) { + result = MODE_CTR; } else { throw new NoSuchAlgorithmException("Unsupported mode " + mode); } @@ -228,6 +230,10 @@ if (padding.equals("NOPADDING")) { paddingType = PAD_NONE; } else if (padding.equals("PKCS5PADDING")) { + if (this.blockMode == MODE_CTR) { + throw new NoSuchPaddingException + ("PKCS#5 padding not supported with CTR mode"); + } paddingType = PAD_PKCS5; if (mechanism != CKM_DES_CBC_PAD && mechanism != CKM_DES3_CBC_PAD && mechanism != CKM_AES_CBC_PAD) { @@ -348,11 +354,14 @@ ("IV not used in ECB mode"); } } - } else { // MODE_CBC + } else { // MODE_CBC or MODE_CTR if (iv == null) { if (encrypt == false) { - throw new InvalidAlgorithmParameterException - ("IV must be specified for decryption in CBC mode"); + String exMsg = + (blockMode == MODE_CBC ? + "IV must be specified for decryption in CBC mode" : + "IV must be specified for decryption in CTR mode"); + throw new InvalidAlgorithmParameterException(exMsg); } // generate random IV if (random == null) { @@ -410,13 +419,15 @@ if (session == null) { session = token.getOpSession(); } + CK_MECHANISM mechParams = (blockMode == MODE_CTR? + new CK_MECHANISM(mechanism, new CK_AES_CTR_PARAMS(iv)) : + new CK_MECHANISM(mechanism, iv)); + try { if (encrypt) { - token.p11.C_EncryptInit(session.id(), - new CK_MECHANISM(mechanism, iv), p11Key.keyID); + token.p11.C_EncryptInit(session.id(), mechParams, p11Key.keyID); } else { - token.p11.C_DecryptInit(session.id(), - new CK_MECHANISM(mechanism, iv), p11Key.keyID); + token.p11.C_DecryptInit(session.id(), mechParams, p11Key.keyID); } } catch (PKCS11Exception ex) { // release session when initialization failed diff -r 75bedadddefa -r 62c7b10ce177 jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java --- a/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java Tue Feb 22 14:44:43 2011 +0000 +++ b/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java Tue Feb 22 12:01:35 2011 -0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -621,6 +621,8 @@ m(CKM_AES_CBC_PAD, CKM_AES_CBC)); d(CIP, "AES/ECB", P11Cipher, s("AES"), m(CKM_AES_ECB)); + d(CIP, "AES/CTR/NoPadding", P11Cipher, + m(CKM_AES_CTR)); d(CIP, "Blowfish/CBC", P11Cipher, m(CKM_BLOWFISH_CBC)); diff -r 75bedadddefa -r 62c7b10ce177 jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_AES_CTR_PARAMS.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_AES_CTR_PARAMS.java Tue Feb 22 12:01:35 2011 -0800 @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.security.pkcs11.wrapper; + +/** + * This class represents the necessary parameters required by + * the CKM_AES_CTR mechanism as defined in CK_AES_CTR_PARAMS structure.

+ * PKCS#11 structure: + * 

+ * typedef struct CK_AES_CTR_PARAMS {
+ *   CK_ULONG ulCounterBits;
+ *   CK_BYTE cb[16];
+ * } CK_AES_CTR_PARAMS;
+ *
+ * + * @author Yu-Ching Valerie Peng + * @since 1.7 + */ +public class CK_AES_CTR_PARAMS { + + private final long ulCounterBits; + private final byte cb[]; + + public CK_AES_CTR_PARAMS(byte[] cb) { + ulCounterBits = 128; + this.cb = cb.clone(); + } + + public String toString() { + StringBuffer buffer = new StringBuffer(); + + buffer.append(Constants.INDENT); + buffer.append("ulCounterBits: "); + buffer.append(ulCounterBits); + buffer.append(Constants.NEWLINE); + + buffer.append(Constants.INDENT); + buffer.append("cb: "); + buffer.append(Functions.toHexString(cb)); + + return buffer.toString(); + } +} diff -r 75bedadddefa -r 62c7b10ce177 jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java --- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java Tue Feb 22 14:44:43 2011 +0000 +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java Tue Feb 22 12:01:35 2011 -0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. */ /* Copyright (c) 2002 Graz University of Technology. All rights reserved. @@ -48,6 +48,7 @@ package sun.security.pkcs11.wrapper; import java.math.BigInteger; +import static sun.security.pkcs11.wrapper.PKCS11Constants.*; /** * class CK_MECHANISM specifies a particular mechanism and any parameters it @@ -127,6 +128,10 @@ init(mechanism, params); } + public CK_MECHANISM(long mechanism, CK_AES_CTR_PARAMS params) { + init(mechanism, params); + } + private void init(long mechanism, Object pParameter) { this.mechanism = mechanism; this.pParameter = pParameter; diff -r 75bedadddefa -r 62c7b10ce177 jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java --- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java Tue Feb 22 14:44:43 2011 +0000 +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java Tue Feb 22 12:01:35 2011 -0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. */ /* Copyright (c) 2002 Graz University of Technology. All rights reserved. @@ -47,8 +47,6 @@ package sun.security.pkcs11.wrapper; - - /** * This interface holds constants of the PKCS#11 v2.11 standard. * This is mainly the content of the 'pkcs11t.h' header file. @@ -306,6 +304,10 @@ public static final long CKK_VENDOR_DEFINED = 0x80000000L; + // new for v2.20 amendment 3 + //public static final long CKK_CAMELLIA = 0x00000025L; + //public static final long CKK_ARIA = 0x00000026L; + // pseudo key type ANY (for template manager) public static final long PCKK_ANY = 0x7FFFFF22L; @@ -690,6 +692,34 @@ public static final long CKM_VENDOR_DEFINED = 0x80000000L; + // new for v2.20 amendment 3 + public static final long CKM_SHA224 = 0x00000255L; + public static final long CKM_SHA224_HMAC = 0x00000256L; + public static final long CKM_SHA224_HMAC_GENERAL = 0x00000257L; + public static final long CKM_SHA224_KEY_DERIVATION = 0x00000396L; + public static final long CKM_SHA224_RSA_PKCS = 0x00000046L; + public static final long CKM_SHA224_RSA_PKCS_PSS = 0x00000047L; + public static final long CKM_AES_CTR = 0x00001086L; + /* + public static final long CKM_CAMELLIA_KEY_GEN = 0x00000550L; + public static final long CKM_CAMELLIA_ECB = 0x00000551L; + public static final long CKM_CAMELLIA_CBC = 0x00000552L; + public static final long CKM_CAMELLIA_MAC = 0x00000553L; + public static final long CKM_CAMELLIA_MAC_GENERAL = 0x00000554L; + public static final long CKM_CAMELLIA_CBC_PAD = 0x00000555L; + public static final long CKM_CAMELLIA_ECB_ENCRYPT_DATA = 0x00000556L; + public static final long CKM_CAMELLIA_CBC_ENCRYPT_DATA = 0x00000557L; + public static final long CKM_CAMELLIA_CTR = 0x00000558L; + public static final long CKM_ARIA_KEY_GEN = 0x00000560L; + public static final long CKM_ARIA_ECB = 0x00000561L; + public static final long CKM_ARIA_CBC = 0x00000562L; + public static final long CKM_ARIA_MAC = 0x00000563L; + public static final long CKM_ARIA_MAC_GENERAL = 0x00000564L; + public static final long CKM_ARIA_CBC_PAD = 0x00000565L; + public static final long CKM_ARIA_ECB_ENCRYPT_DATA = 0x00000566L; + public static final long CKM_ARIA_CBC_ENCRYPT_DATA = 0x00000567L; + */ + // NSS private public static final long CKM_NSS_TLS_PRF_GENERAL = 0x80000373L; @@ -881,7 +911,8 @@ /* The following MGFs are defined */ public static final long CKG_MGF1_SHA1 = 0x00000001L; - + // new for v2.20 amendment 3 + public static final long CKG_MGF1_SHA224 = 0x00000005L; /* The following encoding parameter sources are defined */ public static final long CKZ_DATA_SPECIFIED = 0x00000001L; diff -r 75bedadddefa -r 62c7b10ce177 jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c --- a/jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c Tue Feb 22 14:44:43 2011 +0000 +++ b/jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c Tue Feb 22 12:01:35 2011 -0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. */ /* Copyright (c) 2002 Graz University of Technology. All rights reserved. @@ -695,6 +695,46 @@ } /* + * converts the Java CK_AES_CTR_PARAMS object to a CK_AES_CTR_PARAMS structure + * + * @param env - used to call JNI funktions to get the Java classes and objects + * @param jParam - the Java CK_AES_CTR_PARAMS object to convert + * @param ckpParam - pointer to the new CK_AES_CTR_PARAMS structure + */ +void jAesCtrParamsToCKAesCtrParam(JNIEnv *env, jobject jParam, + CK_AES_CTR_PARAMS_PTR ckpParam) { + jclass jAesCtrParamsClass; + jfieldID fieldID; + jlong jCounterBits; + jobject jCb; + CK_BYTE_PTR ckBytes; + CK_ULONG ckTemp; + + /* get ulCounterBits */ + jAesCtrParamsClass = (*env)->FindClass(env, CLASS_AES_CTR_PARAMS); + if (jAesCtrParamsClass == NULL) { return; } + fieldID = (*env)->GetFieldID(env, jAesCtrParamsClass, "ulCounterBits", "J"); + if (fieldID == NULL) { return; } + jCounterBits = (*env)->GetLongField(env, jParam, fieldID); + + /* get cb */ + fieldID = (*env)->GetFieldID(env, jAesCtrParamsClass, "cb", "[B"); + if (fieldID == NULL) { return; } + jCb = (*env)->GetObjectField(env, jParam, fieldID); + + /* populate java values */ + ckpParam->ulCounterBits = jLongToCKULong(jCounterBits); + jByteArrayToCKByteArray(env, jCb, &ckBytes, &ckTemp); + if ((*env)->ExceptionCheck(env)) { return; } + if (ckTemp != 16) { + TRACE1("ERROR: WRONG CTR IV LENGTH %d", ckTemp); + } else { + memcpy(ckpParam->cb, ckBytes, ckTemp); + free(ckBytes); + } +} + +/* * converts a Java CK_MECHANISM object into a CK_MECHANISM structure * * @param env - used to call JNI funktions to get the values out of the Java object @@ -937,12 +977,10 @@ { /* get all Java mechanism parameter classes */ jclass jVersionClass, jSsl3MasterKeyDeriveParamsClass, jSsl3KeyMatParamsClass; - jclass jTlsPrfParamsClass, jRsaPkcsOaepParamsClass, jPbeParamsClass; - jclass jPkcs5Pbkd2ParamsClass, jRsaPkcsPssParamsClass; + jclass jTlsPrfParamsClass, jAesCtrParamsClass, jRsaPkcsOaepParamsClass; + jclass jPbeParamsClass, jPkcs5Pbkd2ParamsClass, jRsaPkcsPssParamsClass; jclass jEcdh1DeriveParamsClass, jEcdh2DeriveParamsClass; jclass jX942Dh1DeriveParamsClass, jX942Dh2DeriveParamsClass; - - /* get all Java mechanism parameter classes */ TRACE0("\nDEBUG: jMechanismParameterToCKMechanismParameter"); /* most common cases, i.e. NULL/byte[]/long, are already handled by @@ -1046,6 +1084,33 @@ return; } + jAesCtrParamsClass = (*env)->FindClass(env, CLASS_AES_CTR_PARAMS); + if (jAesCtrParamsClass == NULL) { return; } + if ((*env)->IsInstanceOf(env, jParam, jAesCtrParamsClass)) { + /* + * CK_AES_CTR_PARAMS + */ + CK_AES_CTR_PARAMS_PTR ckpParam; + + ckpParam = (CK_AES_CTR_PARAMS_PTR) malloc(sizeof(CK_AES_CTR_PARAMS)); + if (ckpParam == NULL) { + JNU_ThrowOutOfMemoryError(env, 0); + return; + } + + /* convert jParameter to CKParameter */ + jAesCtrParamsToCKAesCtrParam(env, jParam, ckpParam); + if ((*env)->ExceptionCheck(env)) { + free(ckpParam); + return; + } + + /* get length and pointer of parameter */ + *ckpLength = sizeof(CK_AES_CTR_PARAMS); + *ckpParamPtr = ckpParam; + return; + } + jRsaPkcsOaepParamsClass = (*env)->FindClass(env, CLASS_RSA_PKCS_OAEP_PARAMS); if (jRsaPkcsOaepParamsClass == NULL) { return; } if ((*env)->IsInstanceOf(env, jParam, jRsaPkcsOaepParamsClass)) { diff -r 75bedadddefa -r 62c7b10ce177 jdk/src/share/native/sun/security/pkcs11/wrapper/pkcs-11v2-20a3.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/native/sun/security/pkcs11/wrapper/pkcs-11v2-20a3.h Tue Feb 22 12:01:35 2011 -0800 @@ -0,0 +1,124 @@ +/* pkcs-11v2-20a3.h include file for the PKCS #11 Version 2.20 Amendment 3 + document. */ + +/* $Revision: 1.4 $ */ + +/* License to copy and use this software is granted provided that it is + * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface + * (Cryptoki) Version 2.20 Amendment 3" in all material mentioning or + * referencing this software. + + * RSA Security Inc. makes no representations concerning either the + * merchantability of this software or the suitability of this software for + * any particular purpose. It is provided "as is" without express or implied + * warranty of any kind. + */ + +/* This file is preferably included after inclusion of pkcs11.h */ + +#ifndef _PKCS_11V2_20A3_H_ +#define _PKCS_11V2_20A3_H_ 1 + +/* Are the definitions of this file already included in pkcs11t.h ? */ +#ifndef CKK_CAMELLIA + +#ifdef __cplusplus +extern "C" { +#endif + +/* Key types */ + +/* Camellia is new for PKCS #11 v2.20 amendment 3 */ +#define CKK_CAMELLIA 0x00000025 +/* ARIA is new for PKCS #11 v2.20 amendment 3 */ +#define CKK_ARIA 0x00000026 + + +/* Mask-generating functions */ + +/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ +#define CKG_MGF1_SHA224 0x00000005 + + +/* Mechanism Identifiers */ + +/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_SHA224 0x00000255 +#define CKM_SHA224_HMAC 0x00000256 +#define CKM_SHA224_HMAC_GENERAL 0x00000257 + +/* SHA-224 key derivation is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_SHA224_KEY_DERIVATION 0x00000396 + +/* SHA-224 RSA mechanisms are new for PKCS #11 v2.20 amendment 3 */ +#define CKM_SHA224_RSA_PKCS 0x00000046 +#define CKM_SHA224_RSA_PKCS_PSS 0x00000047 + +/* AES counter mode is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_AES_CTR 0x00001086 + +/* Camellia is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_CAMELLIA_KEY_GEN 0x00000550 +#define CKM_CAMELLIA_ECB 0x00000551 +#define CKM_CAMELLIA_CBC 0x00000552 +#define CKM_CAMELLIA_MAC 0x00000553 +#define CKM_CAMELLIA_MAC_GENERAL 0x00000554 +#define CKM_CAMELLIA_CBC_PAD 0x00000555 +#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556 +#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557 +#define CKM_CAMELLIA_CTR 0x00000558 + +/* ARIA is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_ARIA_KEY_GEN 0x00000560 +#define CKM_ARIA_ECB 0x00000561 +#define CKM_ARIA_CBC 0x00000562 +#define CKM_ARIA_MAC 0x00000563 +#define CKM_ARIA_MAC_GENERAL 0x00000564 +#define CKM_ARIA_CBC_PAD 0x00000565 +#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566 +#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567 + + +/* Mechanism parameters */ + +/* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ +typedef struct CK_AES_CTR_PARAMS { + CK_ULONG ulCounterBits; + CK_BYTE cb[16]; +} CK_AES_CTR_PARAMS; + +typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; + +/* CK_CAMELLIA_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ +typedef struct CK_CAMELLIA_CTR_PARAMS { + CK_ULONG ulCounterBits; + CK_BYTE cb[16]; +} CK_CAMELLIA_CTR_PARAMS; + +typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR; + +/* CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ +typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS { + CK_BYTE iv[16]; + CK_BYTE_PTR pData; + CK_ULONG length; +} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; + +typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; + +/* CK_ARIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ +typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS { + CK_BYTE iv[16]; + CK_BYTE_PTR pData; + CK_ULONG length; +} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; + +typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; + +#ifdef __cplusplus +} +#endif + +#endif + +#endif diff -r 75bedadddefa -r 62c7b10ce177 jdk/src/share/native/sun/security/pkcs11/wrapper/pkcs11wrapper.h --- a/jdk/src/share/native/sun/security/pkcs11/wrapper/pkcs11wrapper.h Tue Feb 22 14:44:43 2011 +0000 +++ b/jdk/src/share/native/sun/security/pkcs11/wrapper/pkcs11wrapper.h Tue Feb 22 12:01:35 2011 -0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. */ /* Copyright (c) 2002 Graz University of Technology. All rights reserved. @@ -153,6 +153,7 @@ #include "p11_md.h" #include "pkcs11.h" +#include "pkcs-11v2-20a3.h" #include #include @@ -272,6 +273,7 @@ #define CLASS_SSL3_MASTER_KEY_DERIVE_PARAMS "sun/security/pkcs11/wrapper/CK_SSL3_MASTER_KEY_DERIVE_PARAMS" #define CLASS_SSL3_KEY_MAT_PARAMS "sun/security/pkcs11/wrapper/CK_SSL3_KEY_MAT_PARAMS" #define CLASS_TLS_PRF_PARAMS "sun/security/pkcs11/wrapper/CK_TLS_PRF_PARAMS" +#define CLASS_AES_CTR_PARAMS "sun/security/pkcs11/wrapper/CK_AES_CTR_PARAMS" /* function to convert a PKCS#11 return value other than CK_OK into a Java Exception * or to throw a PKCS11RuntimeException diff -r 75bedadddefa -r 62c7b10ce177 jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphers.java --- a/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphers.java Tue Feb 22 14:44:43 2011 +0000 +++ b/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphers.java Tue Feb 22 12:01:35 2011 -0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /** * @test %I% %E% - * @bug 4898461 + * @bug 4898461 6604496 * @summary basic test for symmetric ciphers with padding * @author Valerie Peng * @library .. @@ -70,9 +70,13 @@ new CI("DES/ECB/PKCS5Padding", "DES", 6400), new CI("DESede/ECB/PKCS5Padding", "DESede", 400), new CI("AES/ECB/PKCS5Padding", "AES", 64), + new CI("DES", "DES", 6400), new CI("DESede", "DESede", 408), - new CI("AES", "AES", 128) + new CI("AES", "AES", 128), + + new CI("AES/CTR/NoPadding", "AES", 3200) + }; private static StringBuffer debugBuf = new StringBuffer(); diff -r 75bedadddefa -r 62c7b10ce177 jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphersNoPad.java --- a/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphersNoPad.java Tue Feb 22 14:44:43 2011 +0000 +++ b/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphersNoPad.java Tue Feb 22 12:01:35 2011 -0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /** * @test - * @bug 4898484 + * @bug 4898484 6604496 * @summary basic test for symmetric ciphers with no padding * @author Valerie Peng * @library .. @@ -59,7 +59,8 @@ new CI("DES/CBC/NoPadding", "DES", 400), new CI("DESede/CBC/NoPadding", "DESede", 160), new CI("AES/CBC/NoPadding", "AES", 4800), - new CI("Blowfish/CBC/NoPadding", "Blowfish", 24) + new CI("Blowfish/CBC/NoPadding", "Blowfish", 24), + new CI("AES/CTR/NoPadding", "AES", 1600) }; private static StringBuffer debugBuf;