6604496: Support for CKM_AES_CTR (counter mode)
Summary: Enhanced SunPKCS11 provider to support AES/CTR/NoPadding transformation.
Reviewed-by: vinnie
--- a/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java Tue Feb 22 14:44:43 2011 +0000
+++ b/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java Tue Feb 22 12:01:35 2011 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -42,14 +42,12 @@
* Cipher implementation class. This class currently supports
* DES, DESede, AES, ARCFOUR, and Blowfish.
*
- * This class is designed to support ECB and CBC with NoPadding and
- * PKCS5Padding for both. It will use its own padding impl if the
- * native mechanism does not support padding.
+ * This class is designed to support ECB, CBC, CTR with NoPadding
+ * and ECB, CBC with PKCS5Padding. It will use its own padding impl
+ * if the native mechanism does not support padding.
*
- * Note that PKCS#11 current only supports ECB and CBC. There are no
- * provisions for other modes such as CFB, OFB, PCBC, or CTR mode.
- * However, CTR could be implemented relatively easily (and efficiently)
- * on top of ECB mode in this class, if need be.
+ * Note that PKCS#11 currently only supports ECB, CBC, and CTR.
+ * There are no provisions for other modes such as CFB, OFB, and PCBC.
*
* @author Andreas Sterbenz
* @since 1.5
@@ -60,6 +58,8 @@
private final static int MODE_ECB = 3;
// mode constant for CBC mode
private final static int MODE_CBC = 4;
+ // mode constant for CTR mode
+ private final static int MODE_CTR = 5;
// padding constant for NoPadding
private final static int PAD_NONE = 5;
@@ -157,7 +157,7 @@
private byte[] padBuffer;
private int padBufferLen;
- // original IV, if in MODE_CBC
+ // original IV, if in MODE_CBC or MODE_CTR
private byte[] iv;
// number of bytes buffered internally by the native mechanism and padBuffer
@@ -213,6 +213,8 @@
("CBC mode not supported with stream ciphers");
}
result = MODE_CBC;
+ } else if (mode.equals("CTR")) {
+ result = MODE_CTR;
} else {
throw new NoSuchAlgorithmException("Unsupported mode " + mode);
}
@@ -228,6 +230,10 @@
if (padding.equals("NOPADDING")) {
paddingType = PAD_NONE;
} else if (padding.equals("PKCS5PADDING")) {
+ if (this.blockMode == MODE_CTR) {
+ throw new NoSuchPaddingException
+ ("PKCS#5 padding not supported with CTR mode");
+ }
paddingType = PAD_PKCS5;
if (mechanism != CKM_DES_CBC_PAD && mechanism != CKM_DES3_CBC_PAD &&
mechanism != CKM_AES_CBC_PAD) {
@@ -348,11 +354,14 @@
("IV not used in ECB mode");
}
}
- } else { // MODE_CBC
+ } else { // MODE_CBC or MODE_CTR
if (iv == null) {
if (encrypt == false) {
- throw new InvalidAlgorithmParameterException
- ("IV must be specified for decryption in CBC mode");
+ String exMsg =
+ (blockMode == MODE_CBC ?
+ "IV must be specified for decryption in CBC mode" :
+ "IV must be specified for decryption in CTR mode");
+ throw new InvalidAlgorithmParameterException(exMsg);
}
// generate random IV
if (random == null) {
@@ -410,13 +419,15 @@
if (session == null) {
session = token.getOpSession();
}
+ CK_MECHANISM mechParams = (blockMode == MODE_CTR?
+ new CK_MECHANISM(mechanism, new CK_AES_CTR_PARAMS(iv)) :
+ new CK_MECHANISM(mechanism, iv));
+
try {
if (encrypt) {
- token.p11.C_EncryptInit(session.id(),
- new CK_MECHANISM(mechanism, iv), p11Key.keyID);
+ token.p11.C_EncryptInit(session.id(), mechParams, p11Key.keyID);
} else {
- token.p11.C_DecryptInit(session.id(),
- new CK_MECHANISM(mechanism, iv), p11Key.keyID);
+ token.p11.C_DecryptInit(session.id(), mechParams, p11Key.keyID);
}
} catch (PKCS11Exception ex) {
// release session when initialization failed
--- a/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java Tue Feb 22 14:44:43 2011 +0000
+++ b/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java Tue Feb 22 12:01:35 2011 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -621,6 +621,8 @@
m(CKM_AES_CBC_PAD, CKM_AES_CBC));
d(CIP, "AES/ECB", P11Cipher, s("AES"),
m(CKM_AES_ECB));
+ d(CIP, "AES/CTR/NoPadding", P11Cipher,
+ m(CKM_AES_CTR));
d(CIP, "Blowfish/CBC", P11Cipher,
m(CKM_BLOWFISH_CBC));
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_AES_CTR_PARAMS.java Tue Feb 22 12:01:35 2011 -0800
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.pkcs11.wrapper;
+
+/**
+ * This class represents the necessary parameters required by
+ * the CKM_AES_CTR mechanism as defined in CK_AES_CTR_PARAMS structure.<p>
+ * <B>PKCS#11 structure:</B>
+ * <PRE>
+ * typedef struct CK_AES_CTR_PARAMS {
+ * CK_ULONG ulCounterBits;
+ * CK_BYTE cb[16];
+ * } CK_AES_CTR_PARAMS;
+ * </PRE>
+ *
+ * @author Yu-Ching Valerie Peng
+ * @since 1.7
+ */
+public class CK_AES_CTR_PARAMS {
+
+ private final long ulCounterBits;
+ private final byte cb[];
+
+ public CK_AES_CTR_PARAMS(byte[] cb) {
+ ulCounterBits = 128;
+ this.cb = cb.clone();
+ }
+
+ public String toString() {
+ StringBuffer buffer = new StringBuffer();
+
+ buffer.append(Constants.INDENT);
+ buffer.append("ulCounterBits: ");
+ buffer.append(ulCounterBits);
+ buffer.append(Constants.NEWLINE);
+
+ buffer.append(Constants.INDENT);
+ buffer.append("cb: ");
+ buffer.append(Functions.toHexString(cb));
+
+ return buffer.toString();
+ }
+}
--- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java Tue Feb 22 14:44:43 2011 +0000
+++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java Tue Feb 22 12:01:35 2011 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
*/
/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -48,6 +48,7 @@
package sun.security.pkcs11.wrapper;
import java.math.BigInteger;
+import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
/**
* class CK_MECHANISM specifies a particular mechanism and any parameters it
@@ -127,6 +128,10 @@
init(mechanism, params);
}
+ public CK_MECHANISM(long mechanism, CK_AES_CTR_PARAMS params) {
+ init(mechanism, params);
+ }
+
private void init(long mechanism, Object pParameter) {
this.mechanism = mechanism;
this.pParameter = pParameter;
--- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java Tue Feb 22 14:44:43 2011 +0000
+++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java Tue Feb 22 12:01:35 2011 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
*/
/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -47,8 +47,6 @@
package sun.security.pkcs11.wrapper;
-
-
/**
* This interface holds constants of the PKCS#11 v2.11 standard.
* This is mainly the content of the 'pkcs11t.h' header file.
@@ -306,6 +304,10 @@
public static final long CKK_VENDOR_DEFINED = 0x80000000L;
+ // new for v2.20 amendment 3
+ //public static final long CKK_CAMELLIA = 0x00000025L;
+ //public static final long CKK_ARIA = 0x00000026L;
+
// pseudo key type ANY (for template manager)
public static final long PCKK_ANY = 0x7FFFFF22L;
@@ -690,6 +692,34 @@
public static final long CKM_VENDOR_DEFINED = 0x80000000L;
+ // new for v2.20 amendment 3
+ public static final long CKM_SHA224 = 0x00000255L;
+ public static final long CKM_SHA224_HMAC = 0x00000256L;
+ public static final long CKM_SHA224_HMAC_GENERAL = 0x00000257L;
+ public static final long CKM_SHA224_KEY_DERIVATION = 0x00000396L;
+ public static final long CKM_SHA224_RSA_PKCS = 0x00000046L;
+ public static final long CKM_SHA224_RSA_PKCS_PSS = 0x00000047L;
+ public static final long CKM_AES_CTR = 0x00001086L;
+ /*
+ public static final long CKM_CAMELLIA_KEY_GEN = 0x00000550L;
+ public static final long CKM_CAMELLIA_ECB = 0x00000551L;
+ public static final long CKM_CAMELLIA_CBC = 0x00000552L;
+ public static final long CKM_CAMELLIA_MAC = 0x00000553L;
+ public static final long CKM_CAMELLIA_MAC_GENERAL = 0x00000554L;
+ public static final long CKM_CAMELLIA_CBC_PAD = 0x00000555L;
+ public static final long CKM_CAMELLIA_ECB_ENCRYPT_DATA = 0x00000556L;
+ public static final long CKM_CAMELLIA_CBC_ENCRYPT_DATA = 0x00000557L;
+ public static final long CKM_CAMELLIA_CTR = 0x00000558L;
+ public static final long CKM_ARIA_KEY_GEN = 0x00000560L;
+ public static final long CKM_ARIA_ECB = 0x00000561L;
+ public static final long CKM_ARIA_CBC = 0x00000562L;
+ public static final long CKM_ARIA_MAC = 0x00000563L;
+ public static final long CKM_ARIA_MAC_GENERAL = 0x00000564L;
+ public static final long CKM_ARIA_CBC_PAD = 0x00000565L;
+ public static final long CKM_ARIA_ECB_ENCRYPT_DATA = 0x00000566L;
+ public static final long CKM_ARIA_CBC_ENCRYPT_DATA = 0x00000567L;
+ */
+
// NSS private
public static final long CKM_NSS_TLS_PRF_GENERAL = 0x80000373L;
@@ -881,7 +911,8 @@
/* The following MGFs are defined */
public static final long CKG_MGF1_SHA1 = 0x00000001L;
-
+ // new for v2.20 amendment 3
+ public static final long CKG_MGF1_SHA224 = 0x00000005L;
/* The following encoding parameter sources are defined */
public static final long CKZ_DATA_SPECIFIED = 0x00000001L;
--- a/jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c Tue Feb 22 14:44:43 2011 +0000
+++ b/jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c Tue Feb 22 12:01:35 2011 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
*/
/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -695,6 +695,46 @@
}
/*
+ * converts the Java CK_AES_CTR_PARAMS object to a CK_AES_CTR_PARAMS structure
+ *
+ * @param env - used to call JNI funktions to get the Java classes and objects
+ * @param jParam - the Java CK_AES_CTR_PARAMS object to convert
+ * @param ckpParam - pointer to the new CK_AES_CTR_PARAMS structure
+ */
+void jAesCtrParamsToCKAesCtrParam(JNIEnv *env, jobject jParam,
+ CK_AES_CTR_PARAMS_PTR ckpParam) {
+ jclass jAesCtrParamsClass;
+ jfieldID fieldID;
+ jlong jCounterBits;
+ jobject jCb;
+ CK_BYTE_PTR ckBytes;
+ CK_ULONG ckTemp;
+
+ /* get ulCounterBits */
+ jAesCtrParamsClass = (*env)->FindClass(env, CLASS_AES_CTR_PARAMS);
+ if (jAesCtrParamsClass == NULL) { return; }
+ fieldID = (*env)->GetFieldID(env, jAesCtrParamsClass, "ulCounterBits", "J");
+ if (fieldID == NULL) { return; }
+ jCounterBits = (*env)->GetLongField(env, jParam, fieldID);
+
+ /* get cb */
+ fieldID = (*env)->GetFieldID(env, jAesCtrParamsClass, "cb", "[B");
+ if (fieldID == NULL) { return; }
+ jCb = (*env)->GetObjectField(env, jParam, fieldID);
+
+ /* populate java values */
+ ckpParam->ulCounterBits = jLongToCKULong(jCounterBits);
+ jByteArrayToCKByteArray(env, jCb, &ckBytes, &ckTemp);
+ if ((*env)->ExceptionCheck(env)) { return; }
+ if (ckTemp != 16) {
+ TRACE1("ERROR: WRONG CTR IV LENGTH %d", ckTemp);
+ } else {
+ memcpy(ckpParam->cb, ckBytes, ckTemp);
+ free(ckBytes);
+ }
+}
+
+/*
* converts a Java CK_MECHANISM object into a CK_MECHANISM structure
*
* @param env - used to call JNI funktions to get the values out of the Java object
@@ -937,12 +977,10 @@
{
/* get all Java mechanism parameter classes */
jclass jVersionClass, jSsl3MasterKeyDeriveParamsClass, jSsl3KeyMatParamsClass;
- jclass jTlsPrfParamsClass, jRsaPkcsOaepParamsClass, jPbeParamsClass;
- jclass jPkcs5Pbkd2ParamsClass, jRsaPkcsPssParamsClass;
+ jclass jTlsPrfParamsClass, jAesCtrParamsClass, jRsaPkcsOaepParamsClass;
+ jclass jPbeParamsClass, jPkcs5Pbkd2ParamsClass, jRsaPkcsPssParamsClass;
jclass jEcdh1DeriveParamsClass, jEcdh2DeriveParamsClass;
jclass jX942Dh1DeriveParamsClass, jX942Dh2DeriveParamsClass;
-
- /* get all Java mechanism parameter classes */
TRACE0("\nDEBUG: jMechanismParameterToCKMechanismParameter");
/* most common cases, i.e. NULL/byte[]/long, are already handled by
@@ -1046,6 +1084,33 @@
return;
}
+ jAesCtrParamsClass = (*env)->FindClass(env, CLASS_AES_CTR_PARAMS);
+ if (jAesCtrParamsClass == NULL) { return; }
+ if ((*env)->IsInstanceOf(env, jParam, jAesCtrParamsClass)) {
+ /*
+ * CK_AES_CTR_PARAMS
+ */
+ CK_AES_CTR_PARAMS_PTR ckpParam;
+
+ ckpParam = (CK_AES_CTR_PARAMS_PTR) malloc(sizeof(CK_AES_CTR_PARAMS));
+ if (ckpParam == NULL) {
+ JNU_ThrowOutOfMemoryError(env, 0);
+ return;
+ }
+
+ /* convert jParameter to CKParameter */
+ jAesCtrParamsToCKAesCtrParam(env, jParam, ckpParam);
+ if ((*env)->ExceptionCheck(env)) {
+ free(ckpParam);
+ return;
+ }
+
+ /* get length and pointer of parameter */
+ *ckpLength = sizeof(CK_AES_CTR_PARAMS);
+ *ckpParamPtr = ckpParam;
+ return;
+ }
+
jRsaPkcsOaepParamsClass = (*env)->FindClass(env, CLASS_RSA_PKCS_OAEP_PARAMS);
if (jRsaPkcsOaepParamsClass == NULL) { return; }
if ((*env)->IsInstanceOf(env, jParam, jRsaPkcsOaepParamsClass)) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/native/sun/security/pkcs11/wrapper/pkcs-11v2-20a3.h Tue Feb 22 12:01:35 2011 -0800
@@ -0,0 +1,124 @@
+/* pkcs-11v2-20a3.h include file for the PKCS #11 Version 2.20 Amendment 3
+ document. */
+
+/* $Revision: 1.4 $ */
+
+/* License to copy and use this software is granted provided that it is
+ * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
+ * (Cryptoki) Version 2.20 Amendment 3" in all material mentioning or
+ * referencing this software.
+
+ * RSA Security Inc. makes no representations concerning either the
+ * merchantability of this software or the suitability of this software for
+ * any particular purpose. It is provided "as is" without express or implied
+ * warranty of any kind.
+ */
+
+/* This file is preferably included after inclusion of pkcs11.h */
+
+#ifndef _PKCS_11V2_20A3_H_
+#define _PKCS_11V2_20A3_H_ 1
+
+/* Are the definitions of this file already included in pkcs11t.h ? */
+#ifndef CKK_CAMELLIA
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Key types */
+
+/* Camellia is new for PKCS #11 v2.20 amendment 3 */
+#define CKK_CAMELLIA 0x00000025
+/* ARIA is new for PKCS #11 v2.20 amendment 3 */
+#define CKK_ARIA 0x00000026
+
+
+/* Mask-generating functions */
+
+/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */
+#define CKG_MGF1_SHA224 0x00000005
+
+
+/* Mechanism Identifiers */
+
+/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */
+#define CKM_SHA224 0x00000255
+#define CKM_SHA224_HMAC 0x00000256
+#define CKM_SHA224_HMAC_GENERAL 0x00000257
+
+/* SHA-224 key derivation is new for PKCS #11 v2.20 amendment 3 */
+#define CKM_SHA224_KEY_DERIVATION 0x00000396
+
+/* SHA-224 RSA mechanisms are new for PKCS #11 v2.20 amendment 3 */
+#define CKM_SHA224_RSA_PKCS 0x00000046
+#define CKM_SHA224_RSA_PKCS_PSS 0x00000047
+
+/* AES counter mode is new for PKCS #11 v2.20 amendment 3 */
+#define CKM_AES_CTR 0x00001086
+
+/* Camellia is new for PKCS #11 v2.20 amendment 3 */
+#define CKM_CAMELLIA_KEY_GEN 0x00000550
+#define CKM_CAMELLIA_ECB 0x00000551
+#define CKM_CAMELLIA_CBC 0x00000552
+#define CKM_CAMELLIA_MAC 0x00000553
+#define CKM_CAMELLIA_MAC_GENERAL 0x00000554
+#define CKM_CAMELLIA_CBC_PAD 0x00000555
+#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556
+#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557
+#define CKM_CAMELLIA_CTR 0x00000558
+
+/* ARIA is new for PKCS #11 v2.20 amendment 3 */
+#define CKM_ARIA_KEY_GEN 0x00000560
+#define CKM_ARIA_ECB 0x00000561
+#define CKM_ARIA_CBC 0x00000562
+#define CKM_ARIA_MAC 0x00000563
+#define CKM_ARIA_MAC_GENERAL 0x00000564
+#define CKM_ARIA_CBC_PAD 0x00000565
+#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566
+#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567
+
+
+/* Mechanism parameters */
+
+/* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */
+typedef struct CK_AES_CTR_PARAMS {
+ CK_ULONG ulCounterBits;
+ CK_BYTE cb[16];
+} CK_AES_CTR_PARAMS;
+
+typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR;
+
+/* CK_CAMELLIA_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */
+typedef struct CK_CAMELLIA_CTR_PARAMS {
+ CK_ULONG ulCounterBits;
+ CK_BYTE cb[16];
+} CK_CAMELLIA_CTR_PARAMS;
+
+typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR;
+
+/* CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */
+typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS {
+ CK_BYTE iv[16];
+ CK_BYTE_PTR pData;
+ CK_ULONG length;
+} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS;
+
+typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
+
+/* CK_ARIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */
+typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS {
+ CK_BYTE iv[16];
+ CK_BYTE_PTR pData;
+ CK_ULONG length;
+} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS;
+
+typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+#endif
--- a/jdk/src/share/native/sun/security/pkcs11/wrapper/pkcs11wrapper.h Tue Feb 22 14:44:43 2011 +0000
+++ b/jdk/src/share/native/sun/security/pkcs11/wrapper/pkcs11wrapper.h Tue Feb 22 12:01:35 2011 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
*/
/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -153,6 +153,7 @@
#include "p11_md.h"
#include "pkcs11.h"
+#include "pkcs-11v2-20a3.h"
#include <jni.h>
#include <jni_util.h>
@@ -272,6 +273,7 @@
#define CLASS_SSL3_MASTER_KEY_DERIVE_PARAMS "sun/security/pkcs11/wrapper/CK_SSL3_MASTER_KEY_DERIVE_PARAMS"
#define CLASS_SSL3_KEY_MAT_PARAMS "sun/security/pkcs11/wrapper/CK_SSL3_KEY_MAT_PARAMS"
#define CLASS_TLS_PRF_PARAMS "sun/security/pkcs11/wrapper/CK_TLS_PRF_PARAMS"
+#define CLASS_AES_CTR_PARAMS "sun/security/pkcs11/wrapper/CK_AES_CTR_PARAMS"
/* function to convert a PKCS#11 return value other than CK_OK into a Java Exception
* or to throw a PKCS11RuntimeException
--- a/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphers.java Tue Feb 22 14:44:43 2011 +0000
+++ b/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphers.java Tue Feb 22 12:01:35 2011 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
/**
* @test %I% %E%
- * @bug 4898461
+ * @bug 4898461 6604496
* @summary basic test for symmetric ciphers with padding
* @author Valerie Peng
* @library ..
@@ -70,9 +70,13 @@
new CI("DES/ECB/PKCS5Padding", "DES", 6400),
new CI("DESede/ECB/PKCS5Padding", "DESede", 400),
new CI("AES/ECB/PKCS5Padding", "AES", 64),
+
new CI("DES", "DES", 6400),
new CI("DESede", "DESede", 408),
- new CI("AES", "AES", 128)
+ new CI("AES", "AES", 128),
+
+ new CI("AES/CTR/NoPadding", "AES", 3200)
+
};
private static StringBuffer debugBuf = new StringBuffer();
--- a/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphersNoPad.java Tue Feb 22 14:44:43 2011 +0000
+++ b/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphersNoPad.java Tue Feb 22 12:01:35 2011 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
/**
* @test
- * @bug 4898484
+ * @bug 4898484 6604496
* @summary basic test for symmetric ciphers with no padding
* @author Valerie Peng
* @library ..
@@ -59,7 +59,8 @@
new CI("DES/CBC/NoPadding", "DES", 400),
new CI("DESede/CBC/NoPadding", "DESede", 160),
new CI("AES/CBC/NoPadding", "AES", 4800),
- new CI("Blowfish/CBC/NoPadding", "Blowfish", 24)
+ new CI("Blowfish/CBC/NoPadding", "Blowfish", 24),
+ new CI("AES/CTR/NoPadding", "AES", 1600)
};
private static StringBuffer debugBuf;