author | coffeys |
Mon, 29 Jul 2019 08:17:26 +0000 | |
changeset 57563 | 2116221e2dde |
parent 54827 | 01fa7f06f806 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
54639 | 2 |
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
//=--------------------------------------------------------------------------= |
|
27 |
// security.cpp by Stanley Man-Kit Ho |
|
28 |
//=--------------------------------------------------------------------------= |
|
29 |
// |
|
30 |
||
31 |
#include <jni.h> |
|
33653
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
32 |
#include "jni_util.h" |
2 | 33 |
#include <stdlib.h> |
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
34 |
#include <string.h> |
2 | 35 |
#include <windows.h> |
36 |
#include <BaseTsd.h> |
|
37 |
#include <wincrypt.h> |
|
38 |
#include <stdio.h> |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
39 |
#include <memory> |
53006 | 40 |
#include "sun_security_mscapi_CKey.h" |
41 |
#include "sun_security_mscapi_CKeyStore.h" |
|
50471
f0aeede1b855
8204572: SetupJdkLibrary should setup SRC and -I flags automatically
ihse
parents:
49151
diff
changeset
|
42 |
#include "sun_security_mscapi_PRNG.h" |
53006 | 43 |
#include "sun_security_mscapi_CRSACipher.h" |
44 |
#include "sun_security_mscapi_CKeyPairGenerator_RSA.h" |
|
45 |
#include "sun_security_mscapi_CPublicKey.h" |
|
46 |
#include "sun_security_mscapi_CPublicKey_CRSAPublicKey.h" |
|
47 |
#include "sun_security_mscapi_CSignature.h" |
|
48 |
#include "sun_security_mscapi_CSignature_RSA.h" |
|
2 | 49 |
|
50 |
#define OID_EKU_ANY "2.5.29.37.0" |
|
51 |
||
52 |
#define CERTIFICATE_PARSING_EXCEPTION \ |
|
53 |
"java/security/cert/CertificateParsingException" |
|
9508
310b4f6c8e61
6732372: Some MSCAPI native methods not returning correct exceptions.
vinnie
parents:
5506
diff
changeset
|
54 |
#define INVALID_KEY_EXCEPTION \ |
310b4f6c8e61
6732372: Some MSCAPI native methods not returning correct exceptions.
vinnie
parents:
5506
diff
changeset
|
55 |
"java/security/InvalidKeyException" |
2 | 56 |
#define KEY_EXCEPTION "java/security/KeyException" |
57 |
#define KEYSTORE_EXCEPTION "java/security/KeyStoreException" |
|
58 |
#define PROVIDER_EXCEPTION "java/security/ProviderException" |
|
59 |
#define SIGNATURE_EXCEPTION "java/security/SignatureException" |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
60 |
#define OUT_OF_MEMORY_ERROR "java/lang/OutOfMemoryError" |
2 | 61 |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
62 |
#define SS_CHECK(Status) \ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
63 |
if (Status != ERROR_SUCCESS) { \ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
64 |
ThrowException(env, SIGNATURE_EXCEPTION, Status); \ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
65 |
__leave; \ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
66 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
67 |
|
53007 | 68 |
#define PP(fmt, ...) \ |
69 |
if (trace) { \ |
|
70 |
fprintf(stdout, "MSCAPI (%ld): ", __LINE__); \ |
|
71 |
fprintf(stdout, fmt, ##__VA_ARGS__); \ |
|
72 |
fprintf(stdout, "\n"); \ |
|
73 |
fflush(stdout); \ |
|
74 |
} |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
75 |
|
2 | 76 |
extern "C" { |
77 |
||
53007 | 78 |
char* trace = getenv("CAPI_TRACE"); |
79 |
||
2 | 80 |
/* |
33653
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
81 |
* Declare library specific JNI_Onload entry if static build |
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
82 |
*/ |
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
83 |
DEF_STATIC_JNI_OnLoad |
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
84 |
|
53007 | 85 |
void showProperty(NCRYPT_HANDLE hKey); |
86 |
||
87 |
void dump(LPSTR title, PBYTE data, DWORD len) |
|
88 |
{ |
|
89 |
if (trace) { |
|
90 |
printf("==== %s ====\n", title); |
|
91 |
for (DWORD i = 0; i < len; i+=16) { |
|
92 |
printf("%04x: ", i); |
|
93 |
for (int j = 0; j < 16; j++) { |
|
94 |
if (j == 8) { |
|
95 |
printf(" "); |
|
96 |
} |
|
97 |
if (i + j < len) { |
|
98 |
printf("%02X ", *(data + i + j) & 0xff); |
|
99 |
} else { |
|
100 |
printf(" "); |
|
101 |
} |
|
102 |
} |
|
103 |
for (int j = 0; j < 16; j++) { |
|
104 |
if (i + j < len) { |
|
105 |
int k = *(data + i + j) & 0xff; |
|
106 |
if (k < 32 || k > 127) printf("."); |
|
107 |
else printf("%c", (char)k); |
|
108 |
} |
|
109 |
} |
|
110 |
printf("\n"); |
|
111 |
} |
|
112 |
fflush(stdout); |
|
113 |
} |
|
114 |
} |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
115 |
|
33653
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
116 |
/* |
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
117 |
* Throws an arbitrary Java exception with the given message. |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
118 |
*/ |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
119 |
void ThrowExceptionWithMessage(JNIEnv *env, const char *exceptionName, |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
120 |
const char *szMessage) |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
121 |
{ |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
122 |
jclass exceptionClazz = env->FindClass(exceptionName); |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
123 |
if (exceptionClazz != NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
124 |
env->ThrowNew(exceptionClazz, szMessage); |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
125 |
} |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
126 |
} |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
127 |
|
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
128 |
/* |
2 | 129 |
* Throws an arbitrary Java exception. |
130 |
* The exception message is a Windows system error message. |
|
131 |
*/ |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
132 |
void ThrowException(JNIEnv *env, const char *exceptionName, DWORD dwError) |
2 | 133 |
{ |
134 |
char szMessage[1024]; |
|
135 |
szMessage[0] = '\0'; |
|
136 |
||
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
137 |
DWORD res = FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM, NULL, dwError, |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
138 |
NULL, szMessage, sizeof(szMessage), NULL); |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
139 |
if (res == 0) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
140 |
strcpy(szMessage, "Unknown error"); |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
141 |
} |
2 | 142 |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
143 |
ThrowExceptionWithMessage(env, exceptionName, szMessage); |
2 | 144 |
} |
145 |
||
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
146 |
/* |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
147 |
* Overloaded 'operator new[]' variant, which will raise Java's |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
148 |
* OutOfMemoryError in the case of a failure. |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
149 |
*/ |
49149
217780dff1bf
8198898: Compilation errors in jdk.crypto.mscapi with VS 2017
weijun
parents:
49148
diff
changeset
|
150 |
void* operator new[](std::size_t size, JNIEnv *env) |
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
151 |
{ |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
152 |
void* buf = ::operator new[](size, std::nothrow); |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
153 |
if (buf == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
154 |
ThrowExceptionWithMessage(env, OUT_OF_MEMORY_ERROR, |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
155 |
"Native memory allocation failed"); |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
156 |
} |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
157 |
return buf; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
158 |
} |
2 | 159 |
|
160 |
/* |
|
161 |
* Maps the name of a hash algorithm to an algorithm identifier. |
|
162 |
*/ |
|
163 |
ALG_ID MapHashAlgorithm(JNIEnv *env, jstring jHashAlgorithm) { |
|
164 |
||
165 |
const char* pszHashAlgorithm = NULL; |
|
166 |
ALG_ID algId = 0; |
|
167 |
||
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
168 |
if ((pszHashAlgorithm = env->GetStringUTFChars(jHashAlgorithm, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
169 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
170 |
return algId; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
171 |
} |
2 | 172 |
|
173 |
if ((strcmp("SHA", pszHashAlgorithm) == 0) || |
|
174 |
(strcmp("SHA1", pszHashAlgorithm) == 0) || |
|
175 |
(strcmp("SHA-1", pszHashAlgorithm) == 0)) { |
|
176 |
||
177 |
algId = CALG_SHA1; |
|
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
178 |
} else if (strcmp("SHA1+MD5", pszHashAlgorithm) == 0) { |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
179 |
algId = CALG_SSL3_SHAMD5; // a 36-byte concatenation of SHA-1 and MD5 |
2 | 180 |
} else if (strcmp("SHA-256", pszHashAlgorithm) == 0) { |
181 |
algId = CALG_SHA_256; |
|
182 |
} else if (strcmp("SHA-384", pszHashAlgorithm) == 0) { |
|
183 |
algId = CALG_SHA_384; |
|
184 |
} else if (strcmp("SHA-512", pszHashAlgorithm) == 0) { |
|
185 |
algId = CALG_SHA_512; |
|
186 |
} else if (strcmp("MD5", pszHashAlgorithm) == 0) { |
|
187 |
algId = CALG_MD5; |
|
188 |
} else if (strcmp("MD2", pszHashAlgorithm) == 0) { |
|
189 |
algId = CALG_MD2; |
|
190 |
} |
|
191 |
||
192 |
if (pszHashAlgorithm) |
|
193 |
env->ReleaseStringUTFChars(jHashAlgorithm, pszHashAlgorithm); |
|
194 |
||
195 |
return algId; |
|
196 |
} |
|
197 |
||
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
198 |
/* |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
199 |
* Maps the name of a hash algorithm to a CNG Algorithm Identifier. |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
200 |
*/ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
201 |
LPCWSTR MapHashIdentifier(JNIEnv *env, jstring jHashAlgorithm) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
202 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
203 |
const char* pszHashAlgorithm = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
204 |
LPCWSTR id = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
205 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
206 |
if ((pszHashAlgorithm = env->GetStringUTFChars(jHashAlgorithm, NULL)) |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
207 |
== NULL) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
208 |
return id; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
209 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
210 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
211 |
if ((strcmp("SHA", pszHashAlgorithm) == 0) || |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
212 |
(strcmp("SHA1", pszHashAlgorithm) == 0) || |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
213 |
(strcmp("SHA-1", pszHashAlgorithm) == 0)) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
214 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
215 |
id = BCRYPT_SHA1_ALGORITHM; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
216 |
} else if (strcmp("SHA-256", pszHashAlgorithm) == 0) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
217 |
id = BCRYPT_SHA256_ALGORITHM; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
218 |
} else if (strcmp("SHA-384", pszHashAlgorithm) == 0) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
219 |
id = BCRYPT_SHA384_ALGORITHM; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
220 |
} else if (strcmp("SHA-512", pszHashAlgorithm) == 0) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
221 |
id = BCRYPT_SHA512_ALGORITHM; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
222 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
223 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
224 |
if (pszHashAlgorithm) |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
225 |
env->ReleaseStringUTFChars(jHashAlgorithm, pszHashAlgorithm); |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
226 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
227 |
return id; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
228 |
} |
2 | 229 |
|
230 |
/* |
|
231 |
* Returns a certificate chain context given a certificate context and key |
|
232 |
* usage identifier. |
|
233 |
*/ |
|
234 |
bool GetCertificateChain(LPSTR lpszKeyUsageIdentifier, PCCERT_CONTEXT pCertContext, PCCERT_CHAIN_CONTEXT* ppChainContext) |
|
235 |
{ |
|
236 |
CERT_ENHKEY_USAGE EnhkeyUsage; |
|
237 |
CERT_USAGE_MATCH CertUsage; |
|
238 |
CERT_CHAIN_PARA ChainPara; |
|
239 |
DWORD dwFlags = 0; |
|
240 |
LPSTR szUsageIdentifierArray[1]; |
|
241 |
||
242 |
szUsageIdentifierArray[0] = lpszKeyUsageIdentifier; |
|
243 |
EnhkeyUsage.cUsageIdentifier = 1; |
|
244 |
EnhkeyUsage.rgpszUsageIdentifier = szUsageIdentifierArray; |
|
245 |
CertUsage.dwType = USAGE_MATCH_TYPE_AND; |
|
246 |
CertUsage.Usage = EnhkeyUsage; |
|
247 |
ChainPara.cbSize = sizeof(CERT_CHAIN_PARA); |
|
248 |
ChainPara.RequestedUsage=CertUsage; |
|
249 |
||
250 |
// Build a chain using CertGetCertificateChain |
|
251 |
// and the certificate retrieved. |
|
252 |
return (::CertGetCertificateChain(NULL, // use the default chain engine |
|
253 |
pCertContext, // pointer to the end certificate |
|
254 |
NULL, // use the default time |
|
255 |
NULL, // search no additional stores |
|
256 |
&ChainPara, // use AND logic and enhanced key usage |
|
257 |
// as indicated in the ChainPara |
|
258 |
// data structure |
|
259 |
dwFlags, |
|
260 |
NULL, // currently reserved |
|
261 |
ppChainContext) == TRUE); // return a pointer to the chain created |
|
262 |
} |
|
263 |
||
264 |
||
265 |
///////////////////////////////////////////////////////////////////////////// |
|
266 |
// |
|
267 |
||
268 |
/* |
|
269 |
* Class: sun_security_mscapi_PRNG |
|
52801
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
270 |
* Method: getContext |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
271 |
* Signature: ()J |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
272 |
*/ |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
273 |
JNIEXPORT jlong JNICALL Java_sun_security_mscapi_PRNG_getContext |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
274 |
(JNIEnv *env, jclass clazz) { |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
275 |
HCRYPTPROV hCryptProv = NULL; |
53006 | 276 |
if(::CryptAcquireContext( //deprecated |
52801
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
277 |
&hCryptProv, |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
278 |
NULL, |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
279 |
NULL, |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
280 |
PROV_RSA_FULL, |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
281 |
CRYPT_VERIFYCONTEXT) == FALSE) |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
282 |
{ |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
283 |
ThrowException(env, PROVIDER_EXCEPTION, GetLastError()); |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
284 |
} |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
285 |
return hCryptProv; |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
286 |
} |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
287 |
|
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
288 |
|
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
289 |
/* |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
290 |
* Class: sun_security_mscapi_PRNG |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
291 |
* Method: releaseContext |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
292 |
* Signature: (J)V |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
293 |
*/ |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
294 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_PRNG_releaseContext |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
295 |
(JNIEnv *env, jclass clazz, jlong ctxt) { |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
296 |
if (ctxt) { |
53006 | 297 |
::CryptReleaseContext((HCRYPTPROV)ctxt, 0); //deprecated |
52801
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
298 |
} |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
299 |
} |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
300 |
|
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
301 |
|
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
302 |
/* |
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
303 |
* Class: sun_security_mscapi_PRNG |
2 | 304 |
* Method: generateSeed |
52801
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
305 |
* Signature: (JI[B)[B |
2 | 306 |
*/ |
307 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_PRNG_generateSeed |
|
52801
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
308 |
(JNIEnv *env, jclass clazz, jlong ctxt, jint length, jbyteArray seed) |
2 | 309 |
{ |
310 |
||
52801
0baf34792a27
8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
weijun
parents:
52193
diff
changeset
|
311 |
HCRYPTPROV hCryptProv = (HCRYPTPROV)ctxt; |
2 | 312 |
jbyte* reseedBytes = NULL; |
313 |
jbyte* seedBytes = NULL; |
|
314 |
jbyteArray result = NULL; |
|
315 |
||
316 |
__try |
|
317 |
{ |
|
318 |
/* |
|
319 |
* If length is negative then use the supplied seed to re-seed the |
|
320 |
* generator and return null. |
|
321 |
* If length is non-zero then generate a new seed according to the |
|
322 |
* requested length and return the new seed. |
|
323 |
* If length is zero then overwrite the supplied seed with a new |
|
324 |
* seed of the same length and return the seed. |
|
325 |
*/ |
|
326 |
if (length < 0) { |
|
327 |
length = env->GetArrayLength(seed); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
328 |
if ((reseedBytes = env->GetByteArrayElements(seed, 0)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
329 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
330 |
} |
2 | 331 |
|
53006 | 332 |
if (::CryptGenRandom( //deprecated |
2 | 333 |
hCryptProv, |
334 |
length, |
|
335 |
(BYTE *) reseedBytes) == FALSE) { |
|
336 |
||
337 |
ThrowException(env, PROVIDER_EXCEPTION, GetLastError()); |
|
338 |
__leave; |
|
339 |
} |
|
340 |
||
341 |
result = NULL; |
|
342 |
||
52193
a3cab5d26ef8
8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
igerasim
parents:
52155
diff
changeset
|
343 |
} else { |
2 | 344 |
|
52193
a3cab5d26ef8
8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
igerasim
parents:
52155
diff
changeset
|
345 |
if (length > 0) { |
a3cab5d26ef8
8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
igerasim
parents:
52155
diff
changeset
|
346 |
seed = env->NewByteArray(length); |
a3cab5d26ef8
8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
igerasim
parents:
52155
diff
changeset
|
347 |
if (seed == NULL) { |
a3cab5d26ef8
8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
igerasim
parents:
52155
diff
changeset
|
348 |
__leave; |
a3cab5d26ef8
8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
igerasim
parents:
52155
diff
changeset
|
349 |
} |
a3cab5d26ef8
8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
igerasim
parents:
52155
diff
changeset
|
350 |
} else { |
a3cab5d26ef8
8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
igerasim
parents:
52155
diff
changeset
|
351 |
length = env->GetArrayLength(seed); |
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
352 |
} |
2 | 353 |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
354 |
if ((seedBytes = env->GetByteArrayElements(seed, 0)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
355 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
356 |
} |
2 | 357 |
|
53006 | 358 |
if (::CryptGenRandom( //deprecated |
2 | 359 |
hCryptProv, |
360 |
length, |
|
361 |
(BYTE *) seedBytes) == FALSE) { |
|
362 |
||
363 |
ThrowException(env, PROVIDER_EXCEPTION, GetLastError()); |
|
364 |
__leave; |
|
365 |
} |
|
366 |
||
367 |
result = seed; // seed will be updated when seedBytes gets released |
|
368 |
} |
|
369 |
} |
|
370 |
__finally |
|
371 |
{ |
|
372 |
//-------------------------------------------------------------------- |
|
373 |
// Clean up. |
|
374 |
||
375 |
if (reseedBytes) |
|
376 |
env->ReleaseByteArrayElements(seed, reseedBytes, JNI_ABORT); |
|
377 |
||
378 |
if (seedBytes) |
|
379 |
env->ReleaseByteArrayElements(seed, seedBytes, 0); // update orig |
|
380 |
} |
|
381 |
||
382 |
return result; |
|
383 |
} |
|
384 |
||
385 |
||
386 |
/* |
|
53006 | 387 |
* Class: sun_security_mscapi_CKeyStore |
2 | 388 |
* Method: loadKeysOrCertificateChains |
53006 | 389 |
* Signature: (Ljava/lang/String;)V |
2 | 390 |
*/ |
53006 | 391 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_CKeyStore_loadKeysOrCertificateChains |
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
392 |
(JNIEnv *env, jobject obj, jstring jCertStoreName) |
2 | 393 |
{ |
394 |
/** |
|
395 |
* Certificate in cert store has enhanced key usage extension |
|
396 |
* property (or EKU property) that is not part of the certificate itself. To determine |
|
397 |
* if the certificate should be returned, both the enhanced key usage in certificate |
|
398 |
* extension block and the extension property stored along with the certificate in |
|
399 |
* certificate store should be examined. Otherwise, we won't be able to determine |
|
400 |
* the proper key usage from the Java side because the information is not stored as |
|
401 |
* part of the encoded certificate. |
|
402 |
*/ |
|
403 |
||
404 |
const char* pszCertStoreName = NULL; |
|
405 |
HCERTSTORE hCertStore = NULL; |
|
406 |
PCCERT_CONTEXT pCertContext = NULL; |
|
407 |
char* pszNameString = NULL; // certificate's friendly name |
|
408 |
DWORD cchNameString = 0; |
|
409 |
||
410 |
||
411 |
__try |
|
412 |
{ |
|
413 |
// Open a system certificate store. |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
414 |
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
415 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
416 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
417 |
} |
2 | 418 |
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) |
419 |
== NULL) { |
|
420 |
||
421 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
422 |
__leave; |
|
423 |
} |
|
424 |
||
425 |
// Determine clazz and method ID to generate certificate |
|
426 |
jclass clazzArrayList = env->FindClass("java/util/ArrayList"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
427 |
if (clazzArrayList == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
428 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
429 |
} |
2 | 430 |
|
431 |
jmethodID mNewArrayList = env->GetMethodID(clazzArrayList, "<init>", "()V"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
432 |
if (mNewArrayList == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
433 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
434 |
} |
2 | 435 |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
436 |
jclass clazzOfThis = env->GetObjectClass(obj); |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
437 |
if (clazzOfThis == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
438 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
439 |
} |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
440 |
|
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
441 |
jmethodID mGenCert = env->GetMethodID(clazzOfThis, |
2 | 442 |
"generateCertificate", |
443 |
"([BLjava/util/Collection;)V"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
444 |
if (mGenCert == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
445 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
446 |
} |
2 | 447 |
|
448 |
// Determine method ID to generate certificate chain |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
449 |
jmethodID mGenCertChain = env->GetMethodID(clazzOfThis, |
2 | 450 |
"generateCertificateChain", |
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
451 |
"(Ljava/lang/String;Ljava/util/Collection;)V"); |
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
452 |
if (mGenCertChain == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
453 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
454 |
} |
2 | 455 |
|
456 |
// Determine method ID to generate RSA certificate chain |
|
53007 | 457 |
jmethodID mGenKeyAndCertChain = env->GetMethodID(clazzOfThis, |
458 |
"generateKeyAndCertificateChain", |
|
459 |
"(ZLjava/lang/String;JJILjava/util/Collection;)V"); |
|
460 |
if (mGenKeyAndCertChain == NULL) { |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
461 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
462 |
} |
2 | 463 |
|
464 |
// Use CertEnumCertificatesInStore to get the certificates |
|
465 |
// from the open store. pCertContext must be reset to |
|
466 |
// NULL to retrieve the first certificate in the store. |
|
467 |
while (pCertContext = ::CertEnumCertificatesInStore(hCertStore, pCertContext)) |
|
468 |
{ |
|
53007 | 469 |
PP("--------------------------"); |
2 | 470 |
// Check if private key available - client authentication certificate |
471 |
// must have private key available. |
|
472 |
HCRYPTPROV hCryptProv = NULL; |
|
473 |
DWORD dwKeySpec = 0; |
|
474 |
HCRYPTKEY hUserKey = NULL; |
|
475 |
BOOL bCallerFreeProv = FALSE; |
|
476 |
BOOL bHasNoPrivateKey = FALSE; |
|
477 |
DWORD dwPublicKeyLength = 0; |
|
478 |
||
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
479 |
// First, probe it silently |
53007 | 480 |
if (::CryptAcquireCertificatePrivateKey(pCertContext, |
481 |
CRYPT_ACQUIRE_ALLOW_NCRYPT_KEY_FLAG | CRYPT_ACQUIRE_SILENT_FLAG, NULL, |
|
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
482 |
&hCryptProv, &dwKeySpec, &bCallerFreeProv) == FALSE |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
483 |
&& GetLastError() != NTE_SILENT_CONTEXT) |
2 | 484 |
{ |
53007 | 485 |
PP("bHasNoPrivateKey = TRUE!"); |
2 | 486 |
bHasNoPrivateKey = TRUE; |
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
487 |
} |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
488 |
else |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
489 |
{ |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
490 |
if (bCallerFreeProv == TRUE) { |
53006 | 491 |
::CryptReleaseContext(hCryptProv, NULL); // deprecated |
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
492 |
bCallerFreeProv = FALSE; |
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
493 |
} |
2 | 494 |
|
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
495 |
// Second, acquire the key normally (not silently) |
53007 | 496 |
if (::CryptAcquireCertificatePrivateKey(pCertContext, CRYPT_ACQUIRE_ALLOW_NCRYPT_KEY_FLAG, NULL, |
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
497 |
&hCryptProv, &dwKeySpec, &bCallerFreeProv) == FALSE) |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
498 |
{ |
53007 | 499 |
PP("bHasNoPrivateKey = TRUE!!"); |
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
500 |
bHasNoPrivateKey = TRUE; |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
501 |
} |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
502 |
else |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
503 |
{ |
53007 | 504 |
if ((dwKeySpec & CERT_NCRYPT_KEY_SPEC) == CERT_NCRYPT_KEY_SPEC) { |
54287
c02b8d6384ab
8221407: Windows 32bit build error in libsunmscapi/security.cpp
stuefe
parents:
53333
diff
changeset
|
505 |
PP("CNG %I64d", (__int64)hCryptProv); |
53007 | 506 |
} else { |
507 |
// Private key is available |
|
508 |
BOOL bGetUserKey = ::CryptGetUserKey(hCryptProv, dwKeySpec, &hUserKey); //deprecated |
|
2 | 509 |
|
53007 | 510 |
// Skip certificate if cannot find private key |
511 |
if (bGetUserKey == FALSE) { |
|
512 |
if (bCallerFreeProv) |
|
513 |
::CryptReleaseContext(hCryptProv, NULL); // deprecated |
|
514 |
continue; |
|
515 |
} |
|
516 |
||
517 |
// Set cipher mode to ECB |
|
518 |
DWORD dwCipherMode = CRYPT_MODE_ECB; |
|
519 |
::CryptSetKeyParam(hUserKey, KP_MODE, (BYTE*)&dwCipherMode, NULL); //deprecated |
|
54287
c02b8d6384ab
8221407: Windows 32bit build error in libsunmscapi/security.cpp
stuefe
parents:
53333
diff
changeset
|
520 |
PP("CAPI %I64d %I64d", (__int64)hCryptProv, (__int64)hUserKey); |
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
521 |
} |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
522 |
// If the private key is present in smart card, we may not be able to |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
523 |
// determine the key length by using the private key handle. However, |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
524 |
// since public/private key pairs must have the same length, we could |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
525 |
// determine the key length of the private key by using the public key |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
526 |
// in the certificate. |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
527 |
dwPublicKeyLength = ::CertGetPublicKeyLength(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
528 |
&(pCertContext->pCertInfo->SubjectPublicKeyInfo)); |
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
529 |
} |
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
530 |
} |
2 | 531 |
PCCERT_CHAIN_CONTEXT pCertChainContext = NULL; |
532 |
||
533 |
// Build certificate chain by using system certificate store. |
|
534 |
// Add cert chain into collection for any key usage. |
|
535 |
// |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
536 |
if (GetCertificateChain(OID_EKU_ANY, pCertContext, &pCertChainContext)) |
2 | 537 |
{ |
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
538 |
for (DWORD i = 0; i < pCertChainContext->cChain; i++) |
2 | 539 |
{ |
540 |
// Found cert chain |
|
541 |
PCERT_SIMPLE_CHAIN rgpChain = |
|
542 |
pCertChainContext->rgpChain[i]; |
|
543 |
||
544 |
// Create ArrayList to store certs in each chain |
|
545 |
jobject jArrayList = |
|
546 |
env->NewObject(clazzArrayList, mNewArrayList); |
|
53330 | 547 |
if (jArrayList == NULL) { |
548 |
__leave; |
|
549 |
} |
|
550 |
||
551 |
// Cleanup the previous allocated name |
|
552 |
if (pszNameString) { |
|
553 |
delete [] pszNameString; |
|
554 |
pszNameString = NULL; |
|
555 |
} |
|
2 | 556 |
|
557 |
for (unsigned int j=0; j < rgpChain->cElement; j++) |
|
558 |
{ |
|
559 |
PCERT_CHAIN_ELEMENT rgpElement = |
|
560 |
rgpChain->rgpElement[j]; |
|
561 |
PCCERT_CONTEXT pc = rgpElement->pCertContext; |
|
562 |
||
563 |
// Retrieve the friendly name of the first certificate |
|
564 |
// in the chain |
|
565 |
if (j == 0) { |
|
566 |
||
567 |
// If the cert's name cannot be retrieved then |
|
568 |
// pszNameString remains set to NULL. |
|
569 |
// (An alias name will be generated automatically |
|
570 |
// when storing this cert in the keystore.) |
|
571 |
||
572 |
// Get length of friendly name |
|
573 |
if ((cchNameString = CertGetNameString(pc, |
|
574 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, |
|
575 |
NULL, 0)) > 1) { |
|
576 |
||
577 |
// Found friendly name |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
578 |
pszNameString = new (env) char[cchNameString]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
579 |
if (pszNameString == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
580 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
581 |
} |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
582 |
|
2 | 583 |
CertGetNameString(pc, |
584 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, |
|
585 |
pszNameString, cchNameString); |
|
586 |
} |
|
587 |
} |
|
588 |
||
589 |
BYTE* pbCertEncoded = pc->pbCertEncoded; |
|
590 |
DWORD cbCertEncoded = pc->cbCertEncoded; |
|
591 |
||
592 |
// Allocate and populate byte array |
|
593 |
jbyteArray byteArray = env->NewByteArray(cbCertEncoded); |
|
53330 | 594 |
if (byteArray == NULL) { |
595 |
__leave; |
|
596 |
} |
|
2 | 597 |
env->SetByteArrayRegion(byteArray, 0, cbCertEncoded, |
598 |
(jbyte*) pbCertEncoded); |
|
599 |
||
600 |
// Generate certificate from byte array and store into |
|
601 |
// cert collection |
|
602 |
env->CallVoidMethod(obj, mGenCert, byteArray, jArrayList); |
|
603 |
} |
|
40414
1f4a9da41c1f
8153438: Avoid repeated "Please insert a smart card" popup windows
igerasim
parents:
36759
diff
changeset
|
604 |
|
53330 | 605 |
// Usually pszNameString should be non-NULL. It's either |
606 |
// the friendly name or an element from the subject name |
|
607 |
// or SAN. |
|
608 |
if (pszNameString) |
|
2 | 609 |
{ |
53333 | 610 |
PP("%s: %s", pszNameString, pCertContext->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId); |
53330 | 611 |
if (bHasNoPrivateKey) |
612 |
{ |
|
613 |
// Generate certificate chain and store into cert chain |
|
614 |
// collection |
|
615 |
jstring name = env->NewStringUTF(pszNameString); |
|
616 |
if (name == NULL) { |
|
617 |
__leave; |
|
53007 | 618 |
} |
53330 | 619 |
env->CallVoidMethod(obj, mGenCertChain, |
620 |
name, |
|
621 |
jArrayList); |
|
622 |
} |
|
623 |
else |
|
624 |
{ |
|
53333 | 625 |
if (hUserKey) { |
626 |
// Only accept RSA for CAPI |
|
627 |
DWORD dwData = CALG_RSA_KEYX; |
|
628 |
DWORD dwSize = sizeof(DWORD); |
|
629 |
::CryptGetKeyParam(hUserKey, KP_ALGID, (BYTE*)&dwData, //deprecated |
|
630 |
&dwSize, NULL); |
|
631 |
if ((dwData & ALG_TYPE_RSA) == ALG_TYPE_RSA) |
|
632 |
{ |
|
633 |
// Generate RSA certificate chain and store into cert |
|
634 |
// chain collection |
|
635 |
jstring name = env->NewStringUTF(pszNameString); |
|
636 |
if (name == NULL) { |
|
637 |
__leave; |
|
638 |
} |
|
53007 | 639 |
env->CallVoidMethod(obj, mGenKeyAndCertChain, |
53333 | 640 |
1, |
641 |
name, |
|
642 |
(jlong) hCryptProv, (jlong) hUserKey, |
|
643 |
dwPublicKeyLength, jArrayList); |
|
53330 | 644 |
} |
53333 | 645 |
} else { |
646 |
// Only accept EC for CNG |
|
647 |
BYTE buffer[32]; |
|
648 |
DWORD len = 0; |
|
649 |
if (::NCryptGetProperty( |
|
650 |
hCryptProv, NCRYPT_ALGORITHM_PROPERTY, |
|
651 |
(PBYTE)buffer, 32, &len, NCRYPT_SILENT_FLAG) == ERROR_SUCCESS) { |
|
54827 | 652 |
jstring name = env->NewStringUTF(pszNameString); |
653 |
if (name == NULL) { |
|
654 |
__leave; |
|
655 |
} |
|
53333 | 656 |
if (buffer[0] == 'E' && buffer[2] == 'C' |
657 |
&& (dwPublicKeyLength == 256 |
|
658 |
|| dwPublicKeyLength == 384 |
|
659 |
|| dwPublicKeyLength == 521)) { |
|
660 |
env->CallVoidMethod(obj, mGenKeyAndCertChain, |
|
661 |
0, |
|
662 |
name, |
|
663 |
(jlong) hCryptProv, 0, |
|
664 |
dwPublicKeyLength, jArrayList); |
|
54827 | 665 |
} else if (buffer[0] == 'R' && buffer[2] == 'S' |
666 |
&& buffer[4] == 'A') { |
|
667 |
env->CallVoidMethod(obj, mGenKeyAndCertChain, |
|
668 |
1, |
|
669 |
name, |
|
670 |
(jlong) hCryptProv, 0, |
|
671 |
dwPublicKeyLength, jArrayList); |
|
672 |
} else { |
|
673 |
dump("Unknown NCRYPT_ALGORITHM_PROPERTY", buffer, len); |
|
53333 | 674 |
} |
53007 | 675 |
} |
676 |
} |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
677 |
} |
2 | 678 |
} |
679 |
} |
|
680 |
||
681 |
// Free cert chain |
|
682 |
if (pCertChainContext) |
|
683 |
::CertFreeCertificateChain(pCertChainContext); |
|
53007 | 684 |
} else { |
685 |
PP("GetCertificateChain failed %d", GetLastError()); |
|
2 | 686 |
} |
687 |
} |
|
688 |
} |
|
689 |
__finally |
|
690 |
{ |
|
691 |
if (hCertStore) |
|
692 |
::CertCloseStore(hCertStore, 0); |
|
693 |
||
694 |
if (pszCertStoreName) |
|
695 |
env->ReleaseStringUTFChars(jCertStoreName, pszCertStoreName); |
|
696 |
||
697 |
if (pszNameString) |
|
698 |
delete [] pszNameString; |
|
699 |
} |
|
700 |
} |
|
701 |
||
702 |
||
703 |
/* |
|
54639 | 704 |
* Class: sun_security_mscapi_CKey |
2 | 705 |
* Method: cleanUp |
706 |
* Signature: (JJ)V |
|
707 |
*/ |
|
54639 | 708 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_CKey_cleanUp |
2 | 709 |
(JNIEnv *env, jclass clazz, jlong hCryptProv, jlong hCryptKey) |
710 |
{ |
|
54639 | 711 |
if (hCryptKey == NULL && hCryptProv != NULL) { |
712 |
NCryptFreeObject((NCRYPT_HANDLE)hCryptProv); |
|
713 |
} else { |
|
714 |
if (hCryptKey != NULL) |
|
715 |
::CryptDestroyKey((HCRYPTKEY) hCryptKey); // deprecated |
|
2 | 716 |
|
54639 | 717 |
if (hCryptProv != NULL) |
718 |
::CryptReleaseContext((HCRYPTPROV) hCryptProv, NULL); // deprecated |
|
719 |
} |
|
2 | 720 |
} |
721 |
||
722 |
/* |
|
53006 | 723 |
* Class: sun_security_mscapi_CSignature |
2 | 724 |
* Method: signHash |
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
725 |
* Signature: (Z[BILjava/lang/String;JJ)[B |
2 | 726 |
*/ |
53006 | 727 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_CSignature_signHash |
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
728 |
(JNIEnv *env, jclass clazz, jboolean noHashOID, jbyteArray jHash, |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
729 |
jint jHashSize, jstring jHashAlgorithm, jlong hCryptProv, |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
730 |
jlong hCryptKey) |
2 | 731 |
{ |
732 |
HCRYPTHASH hHash = NULL; |
|
733 |
jbyte* pHashBuffer = NULL; |
|
734 |
jbyte* pSignedHashBuffer = NULL; |
|
735 |
jbyteArray jSignedHash = NULL; |
|
9524 | 736 |
HCRYPTPROV hCryptProvAlt = NULL; |
2 | 737 |
|
738 |
__try |
|
739 |
{ |
|
740 |
// Map hash algorithm |
|
741 |
ALG_ID algId = MapHashAlgorithm(env, jHashAlgorithm); |
|
742 |
||
743 |
// Acquire a hash object handle. |
|
53006 | 744 |
if (::CryptCreateHash(HCRYPTPROV(hCryptProv), algId, 0, 0, &hHash) == FALSE) //deprecated |
2 | 745 |
{ |
9524 | 746 |
// Failover to using the PROV_RSA_AES CSP |
747 |
||
748 |
DWORD cbData = 256; |
|
749 |
BYTE pbData[256]; |
|
750 |
pbData[0] = '\0'; |
|
751 |
||
752 |
// Get name of the key container |
|
53006 | 753 |
::CryptGetProvParam((HCRYPTPROV)hCryptProv, PP_CONTAINER, //deprecated |
9524 | 754 |
(BYTE *)pbData, &cbData, 0); |
755 |
||
756 |
// Acquire an alternative CSP handle |
|
53006 | 757 |
if (::CryptAcquireContext(&hCryptProvAlt, LPCSTR(pbData), NULL, //deprecated |
9524 | 758 |
PROV_RSA_AES, 0) == FALSE) |
759 |
{ |
|
760 |
||
761 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
762 |
__leave; |
|
763 |
} |
|
764 |
||
765 |
// Acquire a hash object handle. |
|
53006 | 766 |
if (::CryptCreateHash(HCRYPTPROV(hCryptProvAlt), algId, 0, 0, //deprecated |
9524 | 767 |
&hHash) == FALSE) |
768 |
{ |
|
769 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
770 |
__leave; |
|
771 |
} |
|
2 | 772 |
} |
773 |
||
774 |
// Copy hash from Java to native buffer |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
775 |
pHashBuffer = new (env) jbyte[jHashSize]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
776 |
if (pHashBuffer == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
777 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
778 |
} |
2 | 779 |
env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer); |
780 |
||
781 |
// Set hash value in the hash object |
|
53006 | 782 |
if (::CryptSetHashParam(hHash, HP_HASHVAL, (BYTE*)pHashBuffer, NULL) == FALSE) //deprecated |
2 | 783 |
{ |
784 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
785 |
__leave; |
|
786 |
} |
|
787 |
||
788 |
// Determine key spec. |
|
789 |
DWORD dwKeySpec = AT_SIGNATURE; |
|
790 |
ALG_ID dwAlgId; |
|
791 |
DWORD dwAlgIdLen = sizeof(ALG_ID); |
|
792 |
||
53006 | 793 |
if (! ::CryptGetKeyParam((HCRYPTKEY) hCryptKey, KP_ALGID, (BYTE*)&dwAlgId, &dwAlgIdLen, 0)) { //deprecated |
2 | 794 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
795 |
__leave; |
|
796 |
||
797 |
} |
|
798 |
if (CALG_RSA_KEYX == dwAlgId) { |
|
799 |
dwKeySpec = AT_KEYEXCHANGE; |
|
800 |
} |
|
801 |
||
802 |
// Determine size of buffer |
|
803 |
DWORD dwBufLen = 0; |
|
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
804 |
DWORD dwFlags = 0; |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
805 |
|
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
806 |
if (noHashOID == JNI_TRUE) { |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
807 |
dwFlags = CRYPT_NOHASHOID; // omit hash OID in NONEwithRSA signature |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
808 |
} |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
809 |
|
53006 | 810 |
if (::CryptSignHash(hHash, dwKeySpec, NULL, dwFlags, NULL, &dwBufLen) == FALSE) //deprecated |
2 | 811 |
{ |
812 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
813 |
__leave; |
|
814 |
} |
|
815 |
||
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
816 |
pSignedHashBuffer = new (env) jbyte[dwBufLen]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
817 |
if (pSignedHashBuffer == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
818 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
819 |
} |
53006 | 820 |
if (::CryptSignHash(hHash, dwKeySpec, NULL, dwFlags, (BYTE*)pSignedHashBuffer, &dwBufLen) == FALSE) //deprecated |
2 | 821 |
{ |
822 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
823 |
__leave; |
|
824 |
} |
|
825 |
||
826 |
// Create new byte array |
|
827 |
jbyteArray temp = env->NewByteArray(dwBufLen); |
|
53330 | 828 |
if (temp == NULL) { |
829 |
__leave; |
|
830 |
} |
|
2 | 831 |
|
832 |
// Copy data from native buffer |
|
833 |
env->SetByteArrayRegion(temp, 0, dwBufLen, pSignedHashBuffer); |
|
834 |
||
835 |
jSignedHash = temp; |
|
836 |
} |
|
837 |
__finally |
|
838 |
{ |
|
839 |
if (pSignedHashBuffer) |
|
840 |
delete [] pSignedHashBuffer; |
|
841 |
||
842 |
if (pHashBuffer) |
|
843 |
delete [] pHashBuffer; |
|
844 |
||
845 |
if (hHash) |
|
53006 | 846 |
::CryptDestroyHash(hHash); //deprecated |
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
847 |
|
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
848 |
if (hCryptProvAlt) |
53006 | 849 |
::CryptReleaseContext(hCryptProvAlt, 0); // deprecated |
2 | 850 |
} |
851 |
||
852 |
return jSignedHash; |
|
853 |
} |
|
854 |
||
855 |
/* |
|
53006 | 856 |
* Class: sun_security_mscapi_CSignature |
857 |
* Method: signCngHash |
|
53007 | 858 |
* Signature: (I[BIILjava/lang/String;JJ)[B |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
859 |
*/ |
53006 | 860 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_CSignature_signCngHash |
53007 | 861 |
(JNIEnv *env, jclass clazz, jint type, jbyteArray jHash, |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
862 |
jint jHashSize, jint saltLen, jstring jHashAlgorithm, jlong hCryptProv, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
863 |
jlong hCryptKey) |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
864 |
{ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
865 |
jbyteArray jSignedHash = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
866 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
867 |
jbyte* pHashBuffer = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
868 |
jbyte* pSignedHashBuffer = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
869 |
NCRYPT_KEY_HANDLE hk = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
870 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
871 |
__try |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
872 |
{ |
53007 | 873 |
if (hCryptKey == 0) { |
874 |
hk = (NCRYPT_KEY_HANDLE)hCryptProv; |
|
875 |
} else { |
|
876 |
SS_CHECK(::NCryptTranslateHandle( |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
877 |
NULL, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
878 |
&hk, |
54287
c02b8d6384ab
8221407: Windows 32bit build error in libsunmscapi/security.cpp
stuefe
parents:
53333
diff
changeset
|
879 |
(HCRYPTPROV)hCryptProv, |
c02b8d6384ab
8221407: Windows 32bit build error in libsunmscapi/security.cpp
stuefe
parents:
53333
diff
changeset
|
880 |
(HCRYPTKEY)hCryptKey, |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
881 |
NULL, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
882 |
0)); |
53007 | 883 |
} |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
884 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
885 |
// Copy hash from Java to native buffer |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
886 |
pHashBuffer = new (env) jbyte[jHashSize]; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
887 |
if (pHashBuffer == NULL) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
888 |
__leave; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
889 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
890 |
env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer); |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
891 |
|
53007 | 892 |
VOID* param; |
893 |
DWORD dwFlags; |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
894 |
|
53007 | 895 |
switch (type) { |
896 |
case 0: |
|
897 |
param = NULL; |
|
898 |
dwFlags = 0; |
|
899 |
break; |
|
900 |
case 1: |
|
901 |
BCRYPT_PKCS1_PADDING_INFO pkcs1Info; |
|
54827 | 902 |
if (jHashAlgorithm) { |
903 |
pkcs1Info.pszAlgId = MapHashIdentifier(env, jHashAlgorithm); |
|
904 |
if (pkcs1Info.pszAlgId == NULL) { |
|
905 |
ThrowExceptionWithMessage(env, SIGNATURE_EXCEPTION, |
|
906 |
"Unrecognised hash algorithm"); |
|
907 |
__leave; |
|
908 |
} |
|
909 |
} else { |
|
910 |
pkcs1Info.pszAlgId = NULL; |
|
53007 | 911 |
} |
912 |
param = &pkcs1Info; |
|
913 |
dwFlags = BCRYPT_PAD_PKCS1; |
|
914 |
break; |
|
915 |
case 2: |
|
916 |
BCRYPT_PSS_PADDING_INFO pssInfo; |
|
917 |
pssInfo.pszAlgId = MapHashIdentifier(env, jHashAlgorithm); |
|
918 |
pssInfo.cbSalt = saltLen; |
|
919 |
if (pssInfo.pszAlgId == NULL) { |
|
920 |
ThrowExceptionWithMessage(env, SIGNATURE_EXCEPTION, |
|
921 |
"Unrecognised hash algorithm"); |
|
922 |
__leave; |
|
923 |
} |
|
924 |
param = &pssInfo; |
|
925 |
dwFlags = BCRYPT_PAD_PSS; |
|
926 |
break; |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
927 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
928 |
|
53007 | 929 |
DWORD jSignedHashSize = 0; |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
930 |
SS_CHECK(::NCryptSignHash( |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
931 |
hk, |
53007 | 932 |
param, |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
933 |
(BYTE*)pHashBuffer, jHashSize, |
53007 | 934 |
NULL, 0, &jSignedHashSize, |
935 |
dwFlags |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
936 |
)); |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
937 |
|
53007 | 938 |
pSignedHashBuffer = new (env) jbyte[jSignedHashSize]; |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
939 |
if (pSignedHashBuffer == NULL) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
940 |
__leave; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
941 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
942 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
943 |
SS_CHECK(::NCryptSignHash( |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
944 |
hk, |
53007 | 945 |
param, |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
946 |
(BYTE*)pHashBuffer, jHashSize, |
53007 | 947 |
(BYTE*)pSignedHashBuffer, jSignedHashSize, &jSignedHashSize, |
948 |
dwFlags |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
949 |
)); |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
950 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
951 |
// Create new byte array |
53007 | 952 |
jbyteArray temp = env->NewByteArray(jSignedHashSize); |
53330 | 953 |
if (temp == NULL) { |
954 |
__leave; |
|
955 |
} |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
956 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
957 |
// Copy data from native buffer |
53007 | 958 |
env->SetByteArrayRegion(temp, 0, jSignedHashSize, pSignedHashBuffer); |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
959 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
960 |
jSignedHash = temp; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
961 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
962 |
__finally |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
963 |
{ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
964 |
if (pSignedHashBuffer) |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
965 |
delete [] pSignedHashBuffer; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
966 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
967 |
if (pHashBuffer) |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
968 |
delete [] pHashBuffer; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
969 |
|
53007 | 970 |
if (hCryptKey != 0 && hk != NULL) |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
971 |
::NCryptFreeObject(hk); |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
972 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
973 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
974 |
return jSignedHash; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
975 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
976 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
977 |
/* |
53006 | 978 |
* Class: sun_security_mscapi_CSignature |
2 | 979 |
* Method: verifySignedHash |
980 |
* Signature: ([BIL/java/lang/String;[BIJJ)Z |
|
981 |
*/ |
|
53006 | 982 |
JNIEXPORT jboolean JNICALL Java_sun_security_mscapi_CSignature_verifySignedHash |
2 | 983 |
(JNIEnv *env, jclass clazz, jbyteArray jHash, jint jHashSize, |
984 |
jstring jHashAlgorithm, jbyteArray jSignedHash, jint jSignedHashSize, |
|
985 |
jlong hCryptProv, jlong hCryptKey) |
|
986 |
{ |
|
987 |
HCRYPTHASH hHash = NULL; |
|
988 |
jbyte* pHashBuffer = NULL; |
|
989 |
jbyte* pSignedHashBuffer = NULL; |
|
990 |
DWORD dwSignedHashBufferLen = jSignedHashSize; |
|
991 |
jboolean result = JNI_FALSE; |
|
9524 | 992 |
HCRYPTPROV hCryptProvAlt = NULL; |
2 | 993 |
|
994 |
__try |
|
995 |
{ |
|
996 |
// Map hash algorithm |
|
997 |
ALG_ID algId = MapHashAlgorithm(env, jHashAlgorithm); |
|
998 |
||
999 |
// Acquire a hash object handle. |
|
1000 |
if (::CryptCreateHash(HCRYPTPROV(hCryptProv), algId, 0, 0, &hHash) |
|
1001 |
== FALSE) |
|
1002 |
{ |
|
9524 | 1003 |
// Failover to using the PROV_RSA_AES CSP |
1004 |
||
1005 |
DWORD cbData = 256; |
|
1006 |
BYTE pbData[256]; |
|
1007 |
pbData[0] = '\0'; |
|
1008 |
||
1009 |
// Get name of the key container |
|
53006 | 1010 |
::CryptGetProvParam((HCRYPTPROV)hCryptProv, PP_CONTAINER, //deprecated |
9524 | 1011 |
(BYTE *)pbData, &cbData, 0); |
1012 |
||
1013 |
// Acquire an alternative CSP handle |
|
53006 | 1014 |
if (::CryptAcquireContext(&hCryptProvAlt, LPCSTR(pbData), NULL, //deprecated |
9524 | 1015 |
PROV_RSA_AES, 0) == FALSE) |
1016 |
{ |
|
1017 |
||
1018 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
1019 |
__leave; |
|
1020 |
} |
|
1021 |
||
1022 |
// Acquire a hash object handle. |
|
1023 |
if (::CryptCreateHash(HCRYPTPROV(hCryptProvAlt), algId, 0, 0, |
|
1024 |
&hHash) == FALSE) |
|
1025 |
{ |
|
1026 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
1027 |
__leave; |
|
1028 |
} |
|
2 | 1029 |
} |
1030 |
||
1031 |
// Copy hash and signedHash from Java to native buffer |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1032 |
pHashBuffer = new (env) jbyte[jHashSize]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1033 |
if (pHashBuffer == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1034 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1035 |
} |
2 | 1036 |
env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer); |
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1037 |
|
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1038 |
pSignedHashBuffer = new (env) jbyte[jSignedHashSize]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1039 |
if (pSignedHashBuffer == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1040 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1041 |
} |
2 | 1042 |
env->GetByteArrayRegion(jSignedHash, 0, jSignedHashSize, |
1043 |
pSignedHashBuffer); |
|
1044 |
||
1045 |
// Set hash value in the hash object |
|
53006 | 1046 |
if (::CryptSetHashParam(hHash, HP_HASHVAL, (BYTE*) pHashBuffer, NULL) //deprecated |
2 | 1047 |
== FALSE) |
1048 |
{ |
|
1049 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
1050 |
__leave; |
|
1051 |
} |
|
1052 |
||
1053 |
// For RSA, the hash encryption algorithm is normally the same as the |
|
1054 |
// public key algorithm, so AT_SIGNATURE is used. |
|
1055 |
||
1056 |
// Verify the signature |
|
53006 | 1057 |
if (::CryptVerifySignatureA(hHash, (BYTE *) pSignedHashBuffer, //deprecated |
2 | 1058 |
dwSignedHashBufferLen, (HCRYPTKEY) hCryptKey, NULL, 0) == TRUE) |
1059 |
{ |
|
1060 |
result = JNI_TRUE; |
|
1061 |
} |
|
1062 |
} |
|
1063 |
||
1064 |
__finally |
|
1065 |
{ |
|
1066 |
if (pSignedHashBuffer) |
|
1067 |
delete [] pSignedHashBuffer; |
|
1068 |
||
1069 |
if (pHashBuffer) |
|
1070 |
delete [] pHashBuffer; |
|
1071 |
||
1072 |
if (hHash) |
|
53006 | 1073 |
::CryptDestroyHash(hHash); //deprecated |
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1074 |
|
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1075 |
if (hCryptProvAlt) |
53006 | 1076 |
::CryptReleaseContext(hCryptProvAlt, 0); // deprecated |
2 | 1077 |
} |
1078 |
||
1079 |
return result; |
|
1080 |
} |
|
1081 |
||
1082 |
/* |
|
53006 | 1083 |
* Class: sun_security_mscapi_CSignature |
1084 |
* Method: verifyCngSignedHash |
|
53007 | 1085 |
* Signature: (I[BI[BIILjava/lang/String;JJ)Z |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1086 |
*/ |
53006 | 1087 |
JNIEXPORT jboolean JNICALL Java_sun_security_mscapi_CSignature_verifyCngSignedHash |
53007 | 1088 |
(JNIEnv *env, jclass clazz, jint type, |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1089 |
jbyteArray jHash, jint jHashSize, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1090 |
jbyteArray jSignedHash, jint jSignedHashSize, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1091 |
jint saltLen, jstring jHashAlgorithm, |
53006 | 1092 |
jlong hCryptProv, jlong hCryptKey) |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1093 |
{ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1094 |
jbyte* pHashBuffer = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1095 |
jbyte* pSignedHashBuffer = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1096 |
jboolean result = JNI_FALSE; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1097 |
NCRYPT_KEY_HANDLE hk = NULL; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1098 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1099 |
__try |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1100 |
{ |
53007 | 1101 |
if (hCryptKey == 0) { |
1102 |
hk = (NCRYPT_KEY_HANDLE)hCryptProv; |
|
1103 |
} else { |
|
1104 |
SS_CHECK(::NCryptTranslateHandle( |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1105 |
NULL, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1106 |
&hk, |
54287
c02b8d6384ab
8221407: Windows 32bit build error in libsunmscapi/security.cpp
stuefe
parents:
53333
diff
changeset
|
1107 |
(HCRYPTPROV)hCryptProv, |
c02b8d6384ab
8221407: Windows 32bit build error in libsunmscapi/security.cpp
stuefe
parents:
53333
diff
changeset
|
1108 |
(HCRYPTKEY)hCryptKey, |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1109 |
NULL, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1110 |
0)); |
53007 | 1111 |
} |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1112 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1113 |
// Copy hash and signedHash from Java to native buffer |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1114 |
pHashBuffer = new (env) jbyte[jHashSize]; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1115 |
if (pHashBuffer == NULL) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1116 |
__leave; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1117 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1118 |
env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer); |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1119 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1120 |
pSignedHashBuffer = new (env) jbyte[jSignedHashSize]; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1121 |
if (pSignedHashBuffer == NULL) { |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1122 |
__leave; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1123 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1124 |
env->GetByteArrayRegion(jSignedHash, 0, jSignedHashSize, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1125 |
pSignedHashBuffer); |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1126 |
|
53007 | 1127 |
VOID* param; |
1128 |
DWORD dwFlags; |
|
1129 |
||
1130 |
switch (type) { |
|
1131 |
case 0: |
|
1132 |
param = NULL; |
|
1133 |
dwFlags = 0; |
|
1134 |
break; |
|
1135 |
case 1: |
|
1136 |
BCRYPT_PKCS1_PADDING_INFO pkcs1Info; |
|
54827 | 1137 |
if (jHashAlgorithm) { |
1138 |
pkcs1Info.pszAlgId = MapHashIdentifier(env, jHashAlgorithm); |
|
1139 |
if (pkcs1Info.pszAlgId == NULL) { |
|
1140 |
ThrowExceptionWithMessage(env, SIGNATURE_EXCEPTION, |
|
1141 |
"Unrecognised hash algorithm"); |
|
1142 |
__leave; |
|
1143 |
} |
|
1144 |
} else { |
|
1145 |
pkcs1Info.pszAlgId = NULL; |
|
53007 | 1146 |
} |
1147 |
param = &pkcs1Info; |
|
1148 |
dwFlags = NCRYPT_PAD_PKCS1_FLAG; |
|
1149 |
break; |
|
1150 |
case 2: |
|
1151 |
BCRYPT_PSS_PADDING_INFO pssInfo; |
|
1152 |
pssInfo.pszAlgId = MapHashIdentifier(env, jHashAlgorithm); |
|
1153 |
pssInfo.cbSalt = saltLen; |
|
1154 |
if (pssInfo.pszAlgId == NULL) { |
|
1155 |
ThrowExceptionWithMessage(env, SIGNATURE_EXCEPTION, |
|
1156 |
"Unrecognised hash algorithm"); |
|
1157 |
__leave; |
|
1158 |
} |
|
1159 |
param = &pssInfo; |
|
1160 |
dwFlags = NCRYPT_PAD_PSS_FLAG; |
|
1161 |
break; |
|
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1162 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1163 |
|
53007 | 1164 |
if (::NCryptVerifySignature(hk, param, |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1165 |
(BYTE *) pHashBuffer, jHashSize, |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1166 |
(BYTE *) pSignedHashBuffer, jSignedHashSize, |
53007 | 1167 |
dwFlags) == ERROR_SUCCESS) |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1168 |
{ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1169 |
result = JNI_TRUE; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1170 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1171 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1172 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1173 |
__finally |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1174 |
{ |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1175 |
if (pSignedHashBuffer) |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1176 |
delete [] pSignedHashBuffer; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1177 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1178 |
if (pHashBuffer) |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1179 |
delete [] pHashBuffer; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1180 |
|
53007 | 1181 |
if (hCryptKey != 0 && hk != NULL) |
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1182 |
::NCryptFreeObject(hk); |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1183 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1184 |
|
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1185 |
return result; |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1186 |
} |
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1187 |
|
53007 | 1188 |
#define DUMP_PROP(p) \ |
1189 |
if (::NCryptGetProperty(hKey, p, (PBYTE)buffer, 8192, &len, NCRYPT_SILENT_FLAG) == ERROR_SUCCESS) { \ |
|
1190 |
sprintf(header, "%s %ls", #p, p); \ |
|
1191 |
dump(header, buffer, len); \ |
|
1192 |
} |
|
1193 |
||
1194 |
#define EXPORT_BLOB(p) \ |
|
1195 |
desc.cBuffers = 0; \ |
|
1196 |
if (::NCryptExportKey(hKey, NULL, p, &desc, (PBYTE)buffer, 8192, &len, NCRYPT_SILENT_FLAG) == ERROR_SUCCESS) { \ |
|
1197 |
sprintf(header, "%s %ls (%ld)", #p, p, desc.cBuffers); \ |
|
1198 |
dump(header, buffer, len); \ |
|
1199 |
for (int i = 0; i < (int)desc.cBuffers; i++) { \ |
|
1200 |
sprintf(header, "desc %ld", desc.pBuffers[i].BufferType); \ |
|
1201 |
dump(header, (PBYTE)desc.pBuffers[i].pvBuffer, desc.pBuffers[i].cbBuffer); \ |
|
1202 |
} \ |
|
1203 |
} |
|
1204 |
||
1205 |
void showProperty(NCRYPT_HANDLE hKey) { |
|
1206 |
char header[100]; |
|
1207 |
BYTE buffer[8192]; |
|
1208 |
DWORD len = 9; |
|
1209 |
NCryptBufferDesc desc; |
|
1210 |
DUMP_PROP(NCRYPT_ALGORITHM_GROUP_PROPERTY); |
|
1211 |
DUMP_PROP(NCRYPT_ALGORITHM_PROPERTY); |
|
1212 |
DUMP_PROP(NCRYPT_ASSOCIATED_ECDH_KEY); |
|
1213 |
DUMP_PROP(NCRYPT_BLOCK_LENGTH_PROPERTY); |
|
1214 |
DUMP_PROP(NCRYPT_CERTIFICATE_PROPERTY); |
|
1215 |
DUMP_PROP(NCRYPT_DH_PARAMETERS_PROPERTY); |
|
1216 |
DUMP_PROP(NCRYPT_EXPORT_POLICY_PROPERTY); |
|
1217 |
DUMP_PROP(NCRYPT_IMPL_TYPE_PROPERTY); |
|
1218 |
DUMP_PROP(NCRYPT_KEY_TYPE_PROPERTY); |
|
1219 |
DUMP_PROP(NCRYPT_KEY_USAGE_PROPERTY); |
|
1220 |
DUMP_PROP(NCRYPT_LAST_MODIFIED_PROPERTY); |
|
1221 |
DUMP_PROP(NCRYPT_LENGTH_PROPERTY); |
|
1222 |
DUMP_PROP(NCRYPT_LENGTHS_PROPERTY); |
|
1223 |
DUMP_PROP(NCRYPT_MAX_NAME_LENGTH_PROPERTY); |
|
1224 |
DUMP_PROP(NCRYPT_NAME_PROPERTY); |
|
1225 |
DUMP_PROP(NCRYPT_PIN_PROMPT_PROPERTY); |
|
1226 |
DUMP_PROP(NCRYPT_PIN_PROPERTY); |
|
1227 |
DUMP_PROP(NCRYPT_PROVIDER_HANDLE_PROPERTY); |
|
1228 |
DUMP_PROP(NCRYPT_READER_PROPERTY); |
|
1229 |
DUMP_PROP(NCRYPT_ROOT_CERTSTORE_PROPERTY); |
|
1230 |
DUMP_PROP(NCRYPT_SCARD_PIN_ID); |
|
1231 |
DUMP_PROP(NCRYPT_SCARD_PIN_INFO); |
|
1232 |
DUMP_PROP(NCRYPT_SECURE_PIN_PROPERTY); |
|
1233 |
DUMP_PROP(NCRYPT_SECURITY_DESCR_PROPERTY); |
|
1234 |
DUMP_PROP(NCRYPT_SECURITY_DESCR_SUPPORT_PROPERTY); |
|
1235 |
DUMP_PROP(NCRYPT_SMARTCARD_GUID_PROPERTY); |
|
1236 |
DUMP_PROP(NCRYPT_UI_POLICY_PROPERTY); |
|
1237 |
DUMP_PROP(NCRYPT_UNIQUE_NAME_PROPERTY); |
|
1238 |
DUMP_PROP(NCRYPT_USE_CONTEXT_PROPERTY); |
|
1239 |
DUMP_PROP(NCRYPT_USE_COUNT_ENABLED_PROPERTY); |
|
1240 |
DUMP_PROP(NCRYPT_USE_COUNT_PROPERTY); |
|
1241 |
DUMP_PROP(NCRYPT_USER_CERTSTORE_PROPERTY); |
|
1242 |
DUMP_PROP(NCRYPT_VERSION_PROPERTY); |
|
1243 |
DUMP_PROP(NCRYPT_WINDOW_HANDLE_PROPERTY); |
|
1244 |
||
1245 |
EXPORT_BLOB(BCRYPT_DH_PRIVATE_BLOB); |
|
1246 |
EXPORT_BLOB(BCRYPT_DH_PUBLIC_BLOB); |
|
1247 |
EXPORT_BLOB(BCRYPT_DSA_PRIVATE_BLOB); |
|
1248 |
EXPORT_BLOB(BCRYPT_DSA_PUBLIC_BLOB); |
|
1249 |
EXPORT_BLOB(BCRYPT_ECCPRIVATE_BLOB); |
|
1250 |
EXPORT_BLOB(BCRYPT_ECCPUBLIC_BLOB); |
|
1251 |
EXPORT_BLOB(BCRYPT_PUBLIC_KEY_BLOB); |
|
1252 |
EXPORT_BLOB(BCRYPT_PRIVATE_KEY_BLOB); |
|
1253 |
EXPORT_BLOB(BCRYPT_RSAFULLPRIVATE_BLOB); |
|
1254 |
EXPORT_BLOB(BCRYPT_RSAPRIVATE_BLOB); |
|
1255 |
EXPORT_BLOB(BCRYPT_RSAPUBLIC_BLOB); |
|
1256 |
EXPORT_BLOB(LEGACY_DH_PRIVATE_BLOB); |
|
1257 |
EXPORT_BLOB(LEGACY_DH_PUBLIC_BLOB); |
|
1258 |
EXPORT_BLOB(LEGACY_DSA_PRIVATE_BLOB); |
|
1259 |
EXPORT_BLOB(LEGACY_DSA_PUBLIC_BLOB); |
|
1260 |
EXPORT_BLOB(LEGACY_RSAPRIVATE_BLOB); |
|
1261 |
EXPORT_BLOB(LEGACY_RSAPUBLIC_BLOB); |
|
1262 |
EXPORT_BLOB(NCRYPT_CIPHER_KEY_BLOB); |
|
1263 |
EXPORT_BLOB(NCRYPT_OPAQUETRANSPORT_BLOB); |
|
1264 |
EXPORT_BLOB(NCRYPT_PKCS7_ENVELOPE_BLOB); |
|
1265 |
//EXPORT_BLOB(NCRYPTBUFFER_CERT_BLOB); |
|
1266 |
//EXPORT_BLOB(NCRYPT_PKCS8_PRIVATE_KEY_BLOB); |
|
1267 |
BCryptBuffer bb; |
|
1268 |
bb.BufferType = NCRYPTBUFFER_PKCS_SECRET; |
|
1269 |
bb.cbBuffer = 18; |
|
1270 |
bb.pvBuffer = L"changeit"; |
|
1271 |
BCryptBufferDesc bbd; |
|
1272 |
bbd.ulVersion = 0; |
|
1273 |
bbd.cBuffers = 1; |
|
1274 |
bbd.pBuffers = &bb; |
|
1275 |
if(::NCryptExportKey(hKey, NULL, NCRYPT_PKCS8_PRIVATE_KEY_BLOB, NULL, |
|
1276 |
(PBYTE)buffer, 8192, &len, NCRYPT_SILENT_FLAG) == ERROR_SUCCESS) { |
|
1277 |
sprintf(header, "NCRYPT_PKCS8_PRIVATE_KEY_BLOB %ls", NCRYPT_PKCS8_PRIVATE_KEY_BLOB); |
|
1278 |
dump(header, buffer, len); |
|
1279 |
} |
|
1280 |
EXPORT_BLOB(NCRYPT_PROTECTED_KEY_BLOB); |
|
1281 |
} |
|
1282 |
||
50715
46492a773912
8205445: Add RSASSA-PSS Signature support to SunMSCAPI
weijun
parents:
50471
diff
changeset
|
1283 |
/* |
53006 | 1284 |
* Class: sun_security_mscapi_CKeyPairGenerator_RSA |
1285 |
* Method: generateCKeyPair |
|
1286 |
* Signature: (Ljava/lang/String;ILjava/lang/String;)Lsun/security/mscapi/CKeyPair; |
|
2 | 1287 |
*/ |
53006 | 1288 |
JNIEXPORT jobject JNICALL Java_sun_security_mscapi_CKeyPairGenerator_00024RSA_generateCKeyPair |
1289 |
(JNIEnv *env, jclass clazz, jstring alg, jint keySize, jstring keyContainerName) |
|
2 | 1290 |
{ |
1291 |
HCRYPTPROV hCryptProv = NULL; |
|
1292 |
HCRYPTKEY hKeyPair; |
|
1293 |
DWORD dwFlags = (keySize << 16) | CRYPT_EXPORTABLE; |
|
9674
5d8476e6e47a
6987652: VM crashed in sun.security.mscapi.RSAKeyPairGenerator.generateRSAKeyPair(...)
vinnie
parents:
9533
diff
changeset
|
1294 |
jobject keypair = NULL; |
2 | 1295 |
const char* pszKeyContainerName = NULL; // UUID |
1296 |
||
1297 |
__try |
|
1298 |
{ |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1299 |
if ((pszKeyContainerName = |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1300 |
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1301 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1302 |
} |
2 | 1303 |
|
1304 |
// Acquire a CSP context (create a new key container). |
|
9524 | 1305 |
// Prefer a PROV_RSA_AES CSP, when available, due to its support |
1306 |
// for SHA-2-based signatures. |
|
53006 | 1307 |
if (::CryptAcquireContext( //deprecated |
2 | 1308 |
&hCryptProv, |
1309 |
pszKeyContainerName, |
|
1310 |
NULL, |
|
9524 | 1311 |
PROV_RSA_AES, |
2 | 1312 |
CRYPT_NEWKEYSET) == FALSE) |
1313 |
{ |
|
9524 | 1314 |
// Failover to using the default CSP (PROV_RSA_FULL) |
1315 |
||
53006 | 1316 |
if (::CryptAcquireContext( //deprecated |
9524 | 1317 |
&hCryptProv, |
1318 |
pszKeyContainerName, |
|
1319 |
NULL, |
|
1320 |
PROV_RSA_FULL, |
|
1321 |
CRYPT_NEWKEYSET) == FALSE) |
|
1322 |
{ |
|
1323 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1324 |
__leave; |
|
1325 |
} |
|
2 | 1326 |
} |
1327 |
||
53006 | 1328 |
// Generate an keypair |
1329 |
if(::CryptGenKey( //deprecated |
|
2 | 1330 |
hCryptProv, |
1331 |
AT_KEYEXCHANGE, |
|
1332 |
dwFlags, |
|
1333 |
&hKeyPair) == FALSE) |
|
1334 |
{ |
|
1335 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1336 |
__leave; |
|
1337 |
} |
|
1338 |
||
53006 | 1339 |
// Get the method ID for the CKeyPair constructor |
1340 |
jclass clazzCKeyPair = |
|
1341 |
env->FindClass("sun/security/mscapi/CKeyPair"); |
|
1342 |
if (clazzCKeyPair == NULL) { |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1343 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1344 |
} |
2 | 1345 |
|
53006 | 1346 |
jmethodID mNewCKeyPair = |
1347 |
env->GetMethodID(clazzCKeyPair, "<init>", "(Ljava/lang/String;JJI)V"); |
|
1348 |
if (mNewCKeyPair == NULL) { |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1349 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1350 |
} |
2 | 1351 |
|
53006 | 1352 |
// Create a new keypair |
1353 |
keypair = env->NewObject(clazzCKeyPair, mNewCKeyPair, |
|
1354 |
alg, (jlong) hCryptProv, (jlong) hKeyPair, keySize); |
|
2 | 1355 |
|
1356 |
} |
|
1357 |
__finally |
|
1358 |
{ |
|
1359 |
//-------------------------------------------------------------------- |
|
1360 |
// Clean up. |
|
1361 |
||
1362 |
if (pszKeyContainerName) |
|
1363 |
env->ReleaseStringUTFChars(keyContainerName, pszKeyContainerName); |
|
1364 |
} |
|
1365 |
||
1366 |
return keypair; |
|
1367 |
} |
|
1368 |
||
1369 |
/* |
|
53006 | 1370 |
* Class: sun_security_mscapi_CKey |
2 | 1371 |
* Method: getContainerName |
1372 |
* Signature: (J)Ljava/lang/String; |
|
1373 |
*/ |
|
53006 | 1374 |
JNIEXPORT jstring JNICALL Java_sun_security_mscapi_CKey_getContainerName |
2 | 1375 |
(JNIEnv *env, jclass jclazz, jlong hCryptProv) |
1376 |
{ |
|
1377 |
DWORD cbData = 256; |
|
1378 |
BYTE pbData[256]; |
|
1379 |
pbData[0] = '\0'; |
|
1380 |
||
53006 | 1381 |
::CryptGetProvParam( //deprecated |
2 | 1382 |
(HCRYPTPROV)hCryptProv, |
1383 |
PP_CONTAINER, |
|
1384 |
(BYTE *)pbData, |
|
1385 |
&cbData, |
|
1386 |
0); |
|
1387 |
||
1388 |
return env->NewStringUTF((const char*)pbData); |
|
1389 |
} |
|
1390 |
||
1391 |
/* |
|
53006 | 1392 |
* Class: sun_security_mscapi_CKey |
2 | 1393 |
* Method: getKeyType |
1394 |
* Signature: (J)Ljava/lang/String; |
|
1395 |
*/ |
|
53006 | 1396 |
JNIEXPORT jstring JNICALL Java_sun_security_mscapi_CKey_getKeyType |
2 | 1397 |
(JNIEnv *env, jclass jclazz, jlong hCryptKey) |
1398 |
{ |
|
1399 |
ALG_ID dwAlgId; |
|
1400 |
DWORD dwAlgIdLen = sizeof(ALG_ID); |
|
1401 |
||
53006 | 1402 |
if (::CryptGetKeyParam((HCRYPTKEY) hCryptKey, KP_ALGID, (BYTE*)&dwAlgId, &dwAlgIdLen, 0)) { //deprecated |
2 | 1403 |
|
1404 |
if (CALG_RSA_SIGN == dwAlgId) { |
|
1405 |
return env->NewStringUTF("Signature"); |
|
1406 |
||
1407 |
} else if (CALG_RSA_KEYX == dwAlgId) { |
|
1408 |
return env->NewStringUTF("Exchange"); |
|
1409 |
||
1410 |
} else { |
|
1411 |
char buffer[64]; |
|
1412 |
if (sprintf(buffer, "%lu", dwAlgId)) { |
|
1413 |
return env->NewStringUTF(buffer); |
|
1414 |
} |
|
1415 |
} |
|
1416 |
} |
|
1417 |
||
1418 |
return env->NewStringUTF("<Unknown>"); |
|
1419 |
} |
|
1420 |
||
1421 |
/* |
|
53006 | 1422 |
* Class: sun_security_mscapi_CKeyStore |
2 | 1423 |
* Method: storeCertificate |
1424 |
* Signature: (Ljava/lang/String;Ljava/lang/String;[BIJJ)V |
|
1425 |
*/ |
|
53006 | 1426 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_CKeyStore_storeCertificate |
2 | 1427 |
(JNIEnv *env, jobject obj, jstring jCertStoreName, jstring jCertAliasName, |
1428 |
jbyteArray jCertEncoding, jint jCertEncodingSize, jlong hCryptProv, |
|
1429 |
jlong hCryptKey) |
|
1430 |
{ |
|
1431 |
const char* pszCertStoreName = NULL; |
|
1432 |
HCERTSTORE hCertStore = NULL; |
|
1433 |
PCCERT_CONTEXT pCertContext = NULL; |
|
1434 |
PWCHAR pszCertAliasName = NULL; |
|
1435 |
jbyte* pbCertEncoding = NULL; |
|
1436 |
const jchar* jCertAliasChars = NULL; |
|
1437 |
const char* pszContainerName = NULL; |
|
1438 |
const char* pszProviderName = NULL; |
|
1439 |
WCHAR * pwszContainerName = NULL; |
|
1440 |
WCHAR * pwszProviderName = NULL; |
|
1441 |
||
1442 |
__try |
|
1443 |
{ |
|
1444 |
// Open a system certificate store. |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1445 |
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1446 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1447 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1448 |
} |
2 | 1449 |
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) == NULL) { |
1450 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1451 |
__leave; |
|
1452 |
} |
|
1453 |
||
1454 |
// Copy encoding from Java to native buffer |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1455 |
pbCertEncoding = new (env) jbyte[jCertEncodingSize]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1456 |
if (pbCertEncoding == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1457 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1458 |
} |
2 | 1459 |
env->GetByteArrayRegion(jCertEncoding, 0, jCertEncodingSize, pbCertEncoding); |
1460 |
||
1461 |
// Create a certificate context from the encoded cert |
|
1462 |
if (!(pCertContext = ::CertCreateCertificateContext(X509_ASN_ENCODING, |
|
1463 |
(BYTE*) pbCertEncoding, jCertEncodingSize))) { |
|
1464 |
||
1465 |
ThrowException(env, CERTIFICATE_PARSING_EXCEPTION, GetLastError()); |
|
1466 |
__leave; |
|
1467 |
} |
|
1468 |
||
1469 |
// Set the certificate's friendly name |
|
1470 |
int size = env->GetStringLength(jCertAliasName); |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1471 |
pszCertAliasName = new (env) WCHAR[size + 1]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1472 |
if (pszCertAliasName == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1473 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1474 |
} |
2 | 1475 |
|
1476 |
jCertAliasChars = env->GetStringChars(jCertAliasName, NULL); |
|
53330 | 1477 |
if (jCertAliasChars == NULL) { |
1478 |
__leave; |
|
1479 |
} |
|
2 | 1480 |
memcpy(pszCertAliasName, jCertAliasChars, size * sizeof(WCHAR)); |
1481 |
pszCertAliasName[size] = 0; // append the string terminator |
|
1482 |
||
1483 |
CRYPT_DATA_BLOB friendlyName = { |
|
1484 |
sizeof(WCHAR) * (size + 1), |
|
1485 |
(BYTE *) pszCertAliasName |
|
1486 |
}; |
|
1487 |
||
1488 |
env->ReleaseStringChars(jCertAliasName, jCertAliasChars); |
|
1489 |
||
1490 |
if (! ::CertSetCertificateContextProperty(pCertContext, |
|
1491 |
CERT_FRIENDLY_NAME_PROP_ID, 0, &friendlyName)) { |
|
1492 |
||
1493 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1494 |
__leave; |
|
1495 |
} |
|
1496 |
||
1497 |
// Attach the certificate's private key (if supplied) |
|
1498 |
if (hCryptProv != 0 && hCryptKey != 0) { |
|
1499 |
||
1500 |
CRYPT_KEY_PROV_INFO keyProviderInfo; |
|
1501 |
DWORD dwDataLen; |
|
1502 |
||
1503 |
// Get the name of the key container |
|
53006 | 1504 |
if (! ::CryptGetProvParam( //deprecated |
2 | 1505 |
(HCRYPTPROV) hCryptProv, |
1506 |
PP_CONTAINER, |
|
1507 |
NULL, |
|
1508 |
&dwDataLen, |
|
1509 |
0)) { |
|
1510 |
||
1511 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1512 |
__leave; |
|
1513 |
} |
|
1514 |
||
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1515 |
pszContainerName = new (env) char[dwDataLen]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1516 |
if (pszContainerName == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1517 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1518 |
} |
2 | 1519 |
|
53006 | 1520 |
if (! ::CryptGetProvParam( //deprecated |
2 | 1521 |
(HCRYPTPROV) hCryptProv, |
1522 |
PP_CONTAINER, |
|
1523 |
(BYTE *) pszContainerName, |
|
1524 |
&dwDataLen, |
|
1525 |
0)) { |
|
1526 |
||
1527 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1528 |
__leave; |
|
1529 |
} |
|
1530 |
||
1531 |
// Convert to a wide char string |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1532 |
pwszContainerName = new (env) WCHAR[dwDataLen]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1533 |
if (pwszContainerName == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1534 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1535 |
} |
2 | 1536 |
|
1537 |
if (mbstowcs(pwszContainerName, pszContainerName, dwDataLen) == 0) { |
|
1538 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1539 |
__leave; |
|
1540 |
} |
|
1541 |
||
1542 |
// Set the name of the key container |
|
1543 |
keyProviderInfo.pwszContainerName = pwszContainerName; |
|
1544 |
||
1545 |
||
1546 |
// Get the name of the provider |
|
53006 | 1547 |
if (! ::CryptGetProvParam( //deprecated |
2 | 1548 |
(HCRYPTPROV) hCryptProv, |
1549 |
PP_NAME, |
|
1550 |
NULL, |
|
1551 |
&dwDataLen, |
|
1552 |
0)) { |
|
1553 |
||
1554 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1555 |
__leave; |
|
1556 |
} |
|
1557 |
||
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1558 |
pszProviderName = new (env) char[dwDataLen]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1559 |
if (pszProviderName == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1560 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1561 |
} |
2 | 1562 |
|
53006 | 1563 |
if (! ::CryptGetProvParam( //deprecated |
2 | 1564 |
(HCRYPTPROV) hCryptProv, |
1565 |
PP_NAME, |
|
1566 |
(BYTE *) pszProviderName, |
|
1567 |
&dwDataLen, |
|
1568 |
0)) { |
|
1569 |
||
1570 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1571 |
__leave; |
|
1572 |
} |
|
1573 |
||
1574 |
// Convert to a wide char string |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1575 |
pwszProviderName = new (env) WCHAR[dwDataLen]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1576 |
if (pwszProviderName == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1577 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1578 |
} |
2 | 1579 |
|
1580 |
if (mbstowcs(pwszProviderName, pszProviderName, dwDataLen) == 0) { |
|
1581 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1582 |
__leave; |
|
1583 |
} |
|
1584 |
||
1585 |
// Set the name of the provider |
|
1586 |
keyProviderInfo.pwszProvName = pwszProviderName; |
|
1587 |
||
1588 |
// Get and set the type of the provider |
|
53006 | 1589 |
if (! ::CryptGetProvParam( //deprecated |
2 | 1590 |
(HCRYPTPROV) hCryptProv, |
1591 |
PP_PROVTYPE, |
|
1592 |
(LPBYTE) &keyProviderInfo.dwProvType, |
|
1593 |
&dwDataLen, |
|
1594 |
0)) { |
|
1595 |
||
1596 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1597 |
__leave; |
|
1598 |
} |
|
1599 |
||
1600 |
// Set no provider flags |
|
1601 |
keyProviderInfo.dwFlags = 0; |
|
1602 |
||
1603 |
// Set no provider parameters |
|
1604 |
keyProviderInfo.cProvParam = 0; |
|
1605 |
keyProviderInfo.rgProvParam = NULL; |
|
1606 |
||
1607 |
// Get the key's algorithm ID |
|
53006 | 1608 |
if (! ::CryptGetKeyParam( //deprecated |
2 | 1609 |
(HCRYPTKEY) hCryptKey, |
1610 |
KP_ALGID, |
|
1611 |
(LPBYTE) &keyProviderInfo.dwKeySpec, |
|
1612 |
&dwDataLen, |
|
1613 |
0)) { |
|
1614 |
||
1615 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1616 |
__leave; |
|
1617 |
} |
|
1618 |
// Set the key spec (using the algorithm ID). |
|
1619 |
switch (keyProviderInfo.dwKeySpec) { |
|
1620 |
case CALG_RSA_KEYX: |
|
1621 |
case CALG_DH_SF: |
|
1622 |
keyProviderInfo.dwKeySpec = AT_KEYEXCHANGE; |
|
1623 |
break; |
|
1624 |
||
1625 |
case CALG_RSA_SIGN: |
|
1626 |
case CALG_DSS_SIGN: |
|
1627 |
keyProviderInfo.dwKeySpec = AT_SIGNATURE; |
|
1628 |
break; |
|
1629 |
||
1630 |
default: |
|
1631 |
ThrowException(env, KEYSTORE_EXCEPTION, NTE_BAD_ALGID); |
|
1632 |
__leave; |
|
1633 |
} |
|
1634 |
||
1635 |
if (! ::CertSetCertificateContextProperty(pCertContext, |
|
1636 |
CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProviderInfo)) { |
|
1637 |
||
1638 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1639 |
__leave; |
|
1640 |
} |
|
1641 |
} |
|
1642 |
||
1643 |
// Import encoded certificate |
|
1644 |
if (!::CertAddCertificateContextToStore(hCertStore, pCertContext, |
|
1645 |
CERT_STORE_ADD_REPLACE_EXISTING, NULL)) |
|
1646 |
{ |
|
1647 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1648 |
__leave; |
|
1649 |
} |
|
1650 |
||
1651 |
} |
|
1652 |
__finally |
|
1653 |
{ |
|
1654 |
//-------------------------------------------------------------------- |
|
1655 |
// Clean up. |
|
1656 |
||
1657 |
if (hCertStore) |
|
1658 |
::CertCloseStore(hCertStore, 0); |
|
1659 |
||
1660 |
if (pszCertStoreName) |
|
1661 |
env->ReleaseStringUTFChars(jCertStoreName, pszCertStoreName); |
|
1662 |
||
1663 |
if (pbCertEncoding) |
|
1664 |
delete [] pbCertEncoding; |
|
1665 |
||
1666 |
if (pszCertAliasName) |
|
1667 |
delete [] pszCertAliasName; |
|
1668 |
||
1669 |
if (pszContainerName) |
|
1670 |
delete [] pszContainerName; |
|
1671 |
||
1672 |
if (pwszContainerName) |
|
1673 |
delete [] pwszContainerName; |
|
1674 |
||
1675 |
if (pszProviderName) |
|
1676 |
delete [] pszProviderName; |
|
1677 |
||
1678 |
if (pwszProviderName) |
|
1679 |
delete [] pwszProviderName; |
|
1680 |
||
1681 |
if (pCertContext) |
|
1682 |
::CertFreeCertificateContext(pCertContext); |
|
1683 |
} |
|
1684 |
} |
|
1685 |
||
1686 |
/* |
|
53006 | 1687 |
* Class: sun_security_mscapi_CKeyStore |
2 | 1688 |
* Method: removeCertificate |
1689 |
* Signature: (Ljava/lang/String;Ljava/lang/String;[BI)V |
|
1690 |
*/ |
|
53006 | 1691 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_CKeyStore_removeCertificate |
2 | 1692 |
(JNIEnv *env, jobject obj, jstring jCertStoreName, jstring jCertAliasName, |
1693 |
jbyteArray jCertEncoding, jint jCertEncodingSize) { |
|
1694 |
||
1695 |
const char* pszCertStoreName = NULL; |
|
1696 |
const char* pszCertAliasName = NULL; |
|
1697 |
HCERTSTORE hCertStore = NULL; |
|
1698 |
PCCERT_CONTEXT pCertContext = NULL; |
|
1699 |
PCCERT_CONTEXT pTBDCertContext = NULL; |
|
1700 |
jbyte* pbCertEncoding = NULL; |
|
1701 |
DWORD cchNameString = 0; |
|
1702 |
char* pszNameString = NULL; // certificate's friendly name |
|
1703 |
BOOL bDeleteAttempted = FALSE; |
|
1704 |
||
1705 |
__try |
|
1706 |
{ |
|
1707 |
// Open a system certificate store. |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1708 |
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1709 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1710 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1711 |
} |
2 | 1712 |
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) == NULL) { |
1713 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1714 |
__leave; |
|
1715 |
} |
|
1716 |
||
1717 |
// Copy encoding from Java to native buffer |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1718 |
pbCertEncoding = new (env) jbyte[jCertEncodingSize]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1719 |
if (pbCertEncoding == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1720 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1721 |
} |
2 | 1722 |
env->GetByteArrayRegion(jCertEncoding, 0, jCertEncodingSize, pbCertEncoding); |
1723 |
||
1724 |
// Create a certificate context from the encoded cert |
|
1725 |
if (!(pCertContext = ::CertCreateCertificateContext(X509_ASN_ENCODING, |
|
1726 |
(BYTE*) pbCertEncoding, jCertEncodingSize))) { |
|
1727 |
||
1728 |
ThrowException(env, CERTIFICATE_PARSING_EXCEPTION, GetLastError()); |
|
1729 |
__leave; |
|
1730 |
} |
|
1731 |
||
1732 |
// Find the certificate to be deleted |
|
1733 |
if (!(pTBDCertContext = ::CertFindCertificateInStore(hCertStore, |
|
1734 |
X509_ASN_ENCODING, 0, CERT_FIND_EXISTING, pCertContext, NULL))) { |
|
1735 |
||
1736 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1737 |
__leave; |
|
1738 |
} |
|
1739 |
||
1740 |
// Check that its friendly name matches the supplied alias |
|
1741 |
if ((cchNameString = ::CertGetNameString(pTBDCertContext, |
|
1742 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, NULL, 0)) > 1) { |
|
1743 |
||
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1744 |
pszNameString = new (env) char[cchNameString]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1745 |
if (pszNameString == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1746 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1747 |
} |
2 | 1748 |
|
1749 |
::CertGetNameString(pTBDCertContext, |
|
1750 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, pszNameString, |
|
1751 |
cchNameString); |
|
1752 |
||
1753 |
// Compare the certificate's friendly name with supplied alias name |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1754 |
if ((pszCertAliasName = env->GetStringUTFChars(jCertAliasName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1755 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1756 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1757 |
} |
2 | 1758 |
if (strcmp(pszCertAliasName, pszNameString) == 0) { |
1759 |
||
1760 |
// Only delete the certificate if the alias names matches |
|
1761 |
if (! ::CertDeleteCertificateFromStore(pTBDCertContext)) { |
|
1762 |
||
1763 |
// pTBDCertContext is always freed by the |
|
1764 |
// CertDeleteCertificateFromStore method |
|
1765 |
bDeleteAttempted = TRUE; |
|
1766 |
||
1767 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1768 |
__leave; |
|
1769 |
} |
|
1770 |
} |
|
1771 |
} |
|
1772 |
||
1773 |
} |
|
1774 |
__finally |
|
1775 |
{ |
|
1776 |
//-------------------------------------------------------------------- |
|
1777 |
// Clean up. |
|
1778 |
||
1779 |
if (hCertStore) |
|
1780 |
::CertCloseStore(hCertStore, 0); |
|
1781 |
||
1782 |
if (pszCertStoreName) |
|
1783 |
env->ReleaseStringUTFChars(jCertStoreName, pszCertStoreName); |
|
1784 |
||
1785 |
if (pszCertAliasName) |
|
1786 |
env->ReleaseStringUTFChars(jCertAliasName, pszCertAliasName); |
|
1787 |
||
1788 |
if (pbCertEncoding) |
|
1789 |
delete [] pbCertEncoding; |
|
1790 |
||
1791 |
if (pszNameString) |
|
1792 |
delete [] pszNameString; |
|
1793 |
||
1794 |
if (pCertContext) |
|
1795 |
::CertFreeCertificateContext(pCertContext); |
|
1796 |
||
1797 |
if (bDeleteAttempted && pTBDCertContext) |
|
1798 |
::CertFreeCertificateContext(pTBDCertContext); |
|
1799 |
} |
|
1800 |
} |
|
1801 |
||
1802 |
/* |
|
53006 | 1803 |
* Class: sun_security_mscapi_CKeyStore |
2 | 1804 |
* Method: destroyKeyContainer |
1805 |
* Signature: (Ljava/lang/String;)V |
|
1806 |
*/ |
|
53006 | 1807 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_CKeyStore_destroyKeyContainer |
50471
f0aeede1b855
8204572: SetupJdkLibrary should setup SRC and -I flags automatically
ihse
parents:
49151
diff
changeset
|
1808 |
(JNIEnv *env, jobject clazz, jstring keyContainerName) |
2 | 1809 |
{ |
1810 |
HCRYPTPROV hCryptProv = NULL; |
|
1811 |
const char* pszKeyContainerName = NULL; |
|
1812 |
||
1813 |
__try |
|
1814 |
{ |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1815 |
if ((pszKeyContainerName = |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1816 |
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1817 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1818 |
} |
2 | 1819 |
|
1820 |
// Destroying the default key container is not permitted |
|
1821 |
// (because it may contain more one keypair). |
|
1822 |
if (pszKeyContainerName == NULL) { |
|
1823 |
||
1824 |
ThrowException(env, KEYSTORE_EXCEPTION, NTE_BAD_KEYSET_PARAM); |
|
1825 |
__leave; |
|
1826 |
} |
|
1827 |
||
1828 |
// Acquire a CSP context (to the key container). |
|
53006 | 1829 |
if (::CryptAcquireContext( //deprecated |
2 | 1830 |
&hCryptProv, |
1831 |
pszKeyContainerName, |
|
1832 |
NULL, |
|
1833 |
PROV_RSA_FULL, |
|
1834 |
CRYPT_DELETEKEYSET) == FALSE) |
|
1835 |
{ |
|
1836 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1837 |
__leave; |
|
1838 |
} |
|
1839 |
||
1840 |
} |
|
1841 |
__finally |
|
1842 |
{ |
|
1843 |
//-------------------------------------------------------------------- |
|
1844 |
// Clean up. |
|
1845 |
||
1846 |
if (pszKeyContainerName) |
|
1847 |
env->ReleaseStringUTFChars(keyContainerName, pszKeyContainerName); |
|
1848 |
} |
|
1849 |
} |
|
1850 |
||
1851 |
/* |
|
53006 | 1852 |
* Class: sun_security_mscapi_CRSACipher |
2 | 1853 |
* Method: encryptDecrypt |
1854 |
* Signature: ([BIJZ)[B |
|
1855 |
*/ |
|
53006 | 1856 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_CRSACipher_encryptDecrypt |
2 | 1857 |
(JNIEnv *env, jclass clazz, jbyteArray jData, jint jDataSize, jlong hKey, |
1858 |
jboolean doEncrypt) |
|
1859 |
{ |
|
1860 |
jbyteArray result = NULL; |
|
1861 |
jbyte* pData = NULL; |
|
1862 |
DWORD dwDataLen = jDataSize; |
|
1863 |
DWORD dwBufLen = env->GetArrayLength(jData); |
|
1864 |
DWORD i; |
|
1865 |
BYTE tmp; |
|
1866 |
||
1867 |
__try |
|
1868 |
{ |
|
1869 |
// Copy data from Java buffer to native buffer |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1870 |
pData = new (env) jbyte[dwBufLen]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1871 |
if (pData == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1872 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1873 |
} |
2 | 1874 |
env->GetByteArrayRegion(jData, 0, dwBufLen, pData); |
1875 |
||
1876 |
if (doEncrypt == JNI_TRUE) { |
|
1877 |
// encrypt |
|
53006 | 1878 |
if (! ::CryptEncrypt((HCRYPTKEY) hKey, 0, TRUE, 0, (BYTE *)pData, //deprecated |
2 | 1879 |
&dwDataLen, dwBufLen)) { |
1880 |
||
1881 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1882 |
__leave; |
|
1883 |
} |
|
1884 |
dwBufLen = dwDataLen; |
|
1885 |
||
1886 |
// convert from little-endian |
|
1887 |
for (i = 0; i < dwBufLen / 2; i++) { |
|
1888 |
tmp = pData[i]; |
|
1889 |
pData[i] = pData[dwBufLen - i -1]; |
|
1890 |
pData[dwBufLen - i - 1] = tmp; |
|
1891 |
} |
|
1892 |
} else { |
|
1893 |
// convert to little-endian |
|
1894 |
for (i = 0; i < dwBufLen / 2; i++) { |
|
1895 |
tmp = pData[i]; |
|
1896 |
pData[i] = pData[dwBufLen - i -1]; |
|
1897 |
pData[dwBufLen - i - 1] = tmp; |
|
1898 |
} |
|
1899 |
||
1900 |
// decrypt |
|
53006 | 1901 |
if (! ::CryptDecrypt((HCRYPTKEY) hKey, 0, TRUE, 0, (BYTE *)pData, //deprecated |
2 | 1902 |
&dwBufLen)) { |
1903 |
||
1904 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1905 |
__leave; |
|
1906 |
} |
|
1907 |
} |
|
1908 |
||
1909 |
// Create new byte array |
|
53330 | 1910 |
if ((result = env->NewByteArray(dwBufLen)) == NULL) { |
1911 |
__leave; |
|
1912 |
} |
|
2 | 1913 |
|
1914 |
// Copy data from native buffer to Java buffer |
|
1915 |
env->SetByteArrayRegion(result, 0, dwBufLen, (jbyte*) pData); |
|
1916 |
} |
|
1917 |
__finally |
|
1918 |
{ |
|
1919 |
if (pData) |
|
1920 |
delete [] pData; |
|
1921 |
} |
|
1922 |
||
1923 |
return result; |
|
1924 |
} |
|
1925 |
||
1926 |
/* |
|
53006 | 1927 |
* Class: sun_security_mscapi_CPublicKey |
2 | 1928 |
* Method: getPublicKeyBlob |
53007 | 1929 |
* Signature: (JJ)[B |
2 | 1930 |
*/ |
53006 | 1931 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_CPublicKey_getPublicKeyBlob |
53007 | 1932 |
(JNIEnv *env, jobject clazz, jlong hCryptProv, jlong hCryptKey) { |
2 | 1933 |
|
1934 |
jbyteArray blob = NULL; |
|
1935 |
DWORD dwBlobLen; |
|
9508
310b4f6c8e61
6732372: Some MSCAPI native methods not returning correct exceptions.
vinnie
parents:
5506
diff
changeset
|
1936 |
BYTE* pbKeyBlob = NULL; |
2 | 1937 |
|
1938 |
__try |
|
1939 |
{ |
|
1940 |
||
1941 |
// Determine the size of the blob |
|
53007 | 1942 |
if (hCryptKey == 0) { |
1943 |
SS_CHECK(::NCryptExportKey( |
|
54287
c02b8d6384ab
8221407: Windows 32bit build error in libsunmscapi/security.cpp
stuefe
parents:
53333
diff
changeset
|
1944 |
(NCRYPT_KEY_HANDLE)hCryptProv, NULL, BCRYPT_ECCPUBLIC_BLOB, |
53007 | 1945 |
NULL, NULL, 0, &dwBlobLen, NCRYPT_SILENT_FLAG)); |
1946 |
} else { |
|
1947 |
if (! ::CryptExportKey((HCRYPTKEY) hCryptKey, 0, PUBLICKEYBLOB, 0, NULL, //deprecated |
|
1948 |
&dwBlobLen)) { |
|
2 | 1949 |
|
53007 | 1950 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
1951 |
__leave; |
|
1952 |
} |
|
2 | 1953 |
} |
1954 |
||
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1955 |
pbKeyBlob = new (env) BYTE[dwBlobLen]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1956 |
if (pbKeyBlob == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1957 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
1958 |
} |
2 | 1959 |
|
1960 |
// Generate key blob |
|
53007 | 1961 |
if (hCryptKey == 0) { |
1962 |
SS_CHECK(::NCryptExportKey( |
|
54287
c02b8d6384ab
8221407: Windows 32bit build error in libsunmscapi/security.cpp
stuefe
parents:
53333
diff
changeset
|
1963 |
(NCRYPT_KEY_HANDLE)hCryptProv, NULL, BCRYPT_ECCPUBLIC_BLOB, |
53007 | 1964 |
NULL, pbKeyBlob, dwBlobLen, &dwBlobLen, NCRYPT_SILENT_FLAG)); |
1965 |
} else { |
|
1966 |
if (! ::CryptExportKey((HCRYPTKEY) hCryptKey, 0, PUBLICKEYBLOB, 0, //deprecated |
|
1967 |
pbKeyBlob, &dwBlobLen)) { |
|
2 | 1968 |
|
53007 | 1969 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
1970 |
__leave; |
|
1971 |
} |
|
2 | 1972 |
} |
1973 |
||
1974 |
// Create new byte array |
|
53330 | 1975 |
if ((blob = env->NewByteArray(dwBlobLen)) == NULL) { |
1976 |
__leave; |
|
1977 |
} |
|
2 | 1978 |
|
1979 |
// Copy data from native buffer to Java buffer |
|
1980 |
env->SetByteArrayRegion(blob, 0, dwBlobLen, (jbyte*) pbKeyBlob); |
|
1981 |
} |
|
1982 |
__finally |
|
1983 |
{ |
|
1984 |
if (pbKeyBlob) |
|
1985 |
delete [] pbKeyBlob; |
|
1986 |
} |
|
1987 |
||
1988 |
return blob; |
|
1989 |
} |
|
1990 |
||
1991 |
/* |
|
53006 | 1992 |
* Class: sun_security_mscapi_CPublicKey_CRSAPublicKey |
2 | 1993 |
* Method: getExponent |
1994 |
* Signature: ([B)[B |
|
1995 |
*/ |
|
53006 | 1996 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_CPublicKey_00024CRSAPublicKey_getExponent |
50471
f0aeede1b855
8204572: SetupJdkLibrary should setup SRC and -I flags automatically
ihse
parents:
49151
diff
changeset
|
1997 |
(JNIEnv *env, jobject clazz, jbyteArray jKeyBlob) { |
2 | 1998 |
|
1999 |
jbyteArray exponent = NULL; |
|
2000 |
jbyte* exponentBytes = NULL; |
|
2001 |
jbyte* keyBlob = NULL; |
|
2002 |
||
2003 |
__try { |
|
2004 |
||
2005 |
jsize length = env->GetArrayLength(jKeyBlob); |
|
53330 | 2006 |
jsize headerLength = sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY); |
2007 |
||
2008 |
if (length < headerLength) { |
|
2009 |
ThrowExceptionWithMessage(env, KEY_EXCEPTION, "Invalid BLOB"); |
|
2010 |
__leave; |
|
2011 |
} |
|
2012 |
||
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2013 |
if ((keyBlob = env->GetByteArrayElements(jKeyBlob, 0)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2014 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2015 |
} |
2 | 2016 |
|
2017 |
PUBLICKEYSTRUC* pPublicKeyStruc = (PUBLICKEYSTRUC *) keyBlob; |
|
2018 |
||
2019 |
// Check BLOB type |
|
2020 |
if (pPublicKeyStruc->bType != PUBLICKEYBLOB) { |
|
2021 |
ThrowException(env, KEY_EXCEPTION, NTE_BAD_TYPE); |
|
2022 |
__leave; |
|
2023 |
} |
|
2024 |
||
2025 |
RSAPUBKEY* pRsaPubKey = |
|
2026 |
(RSAPUBKEY *) (keyBlob + sizeof(PUBLICKEYSTRUC)); |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2027 |
|
2 | 2028 |
int len = sizeof(pRsaPubKey->pubexp); |
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2029 |
exponentBytes = new (env) jbyte[len]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2030 |
if (exponentBytes == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2031 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2032 |
} |
2 | 2033 |
|
2034 |
// convert from little-endian while copying from blob |
|
2035 |
for (int i = 0, j = len - 1; i < len; i++, j--) { |
|
2036 |
exponentBytes[i] = ((BYTE*) &pRsaPubKey->pubexp)[j]; |
|
2037 |
} |
|
2038 |
||
53330 | 2039 |
if ((exponent = env->NewByteArray(len)) == NULL) { |
2040 |
__leave; |
|
2041 |
} |
|
2 | 2042 |
env->SetByteArrayRegion(exponent, 0, len, exponentBytes); |
2043 |
} |
|
2044 |
__finally |
|
2045 |
{ |
|
2046 |
if (keyBlob) |
|
2047 |
env->ReleaseByteArrayElements(jKeyBlob, keyBlob, JNI_ABORT); |
|
2048 |
||
2049 |
if (exponentBytes) |
|
2050 |
delete [] exponentBytes; |
|
2051 |
} |
|
2052 |
||
2053 |
return exponent; |
|
2054 |
} |
|
2055 |
||
2056 |
/* |
|
53006 | 2057 |
* Class: sun_security_mscapi_CPublicKey_CRSAPublicKey |
2 | 2058 |
* Method: getModulus |
2059 |
* Signature: ([B)[B |
|
2060 |
*/ |
|
53006 | 2061 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_CPublicKey_00024CRSAPublicKey_getModulus |
50471
f0aeede1b855
8204572: SetupJdkLibrary should setup SRC and -I flags automatically
ihse
parents:
49151
diff
changeset
|
2062 |
(JNIEnv *env, jobject clazz, jbyteArray jKeyBlob) { |
2 | 2063 |
|
2064 |
jbyteArray modulus = NULL; |
|
2065 |
jbyte* modulusBytes = NULL; |
|
2066 |
jbyte* keyBlob = NULL; |
|
2067 |
||
2068 |
__try { |
|
2069 |
||
2070 |
jsize length = env->GetArrayLength(jKeyBlob); |
|
53330 | 2071 |
jsize headerLength = sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY); |
2072 |
||
2073 |
if (length < headerLength) { |
|
2074 |
ThrowExceptionWithMessage(env, KEY_EXCEPTION, "Invalid BLOB"); |
|
2075 |
__leave; |
|
2076 |
} |
|
2077 |
||
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2078 |
if ((keyBlob = env->GetByteArrayElements(jKeyBlob, 0)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2079 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2080 |
} |
2 | 2081 |
|
2082 |
PUBLICKEYSTRUC* pPublicKeyStruc = (PUBLICKEYSTRUC *) keyBlob; |
|
2083 |
||
2084 |
// Check BLOB type |
|
2085 |
if (pPublicKeyStruc->bType != PUBLICKEYBLOB) { |
|
2086 |
ThrowException(env, KEY_EXCEPTION, NTE_BAD_TYPE); |
|
2087 |
__leave; |
|
2088 |
} |
|
2089 |
||
2090 |
RSAPUBKEY* pRsaPubKey = |
|
2091 |
(RSAPUBKEY *) (keyBlob + sizeof(PUBLICKEYSTRUC)); |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2092 |
|
2 | 2093 |
int len = pRsaPubKey->bitlen / 8; |
53330 | 2094 |
if (len < 0 || len > length - headerLength) { |
2095 |
ThrowExceptionWithMessage(env, KEY_EXCEPTION, "Invalid key length"); |
|
2096 |
__leave; |
|
2097 |
} |
|
2098 |
||
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2099 |
modulusBytes = new (env) jbyte[len]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2100 |
if (modulusBytes == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2101 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2102 |
} |
53330 | 2103 |
BYTE * pbModulus = (BYTE *) (keyBlob + headerLength); |
2 | 2104 |
|
2105 |
// convert from little-endian while copying from blob |
|
2106 |
for (int i = 0, j = len - 1; i < len; i++, j--) { |
|
2107 |
modulusBytes[i] = pbModulus[j]; |
|
2108 |
} |
|
2109 |
||
53330 | 2110 |
if ((modulus = env->NewByteArray(len)) == NULL) { |
2111 |
__leave; |
|
2112 |
} |
|
2 | 2113 |
env->SetByteArrayRegion(modulus, 0, len, modulusBytes); |
2114 |
} |
|
2115 |
__finally |
|
2116 |
{ |
|
2117 |
if (keyBlob) |
|
2118 |
env->ReleaseByteArrayElements(jKeyBlob, keyBlob, JNI_ABORT); |
|
2119 |
||
2120 |
if (modulusBytes) |
|
2121 |
delete [] modulusBytes; |
|
2122 |
} |
|
2123 |
||
2124 |
return modulus; |
|
2125 |
} |
|
2126 |
||
2127 |
/* |
|
2128 |
* Convert an array in big-endian byte order into little-endian byte order. |
|
2129 |
*/ |
|
2130 |
int convertToLittleEndian(JNIEnv *env, jbyteArray source, jbyte* destination, |
|
49151
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2131 |
int destinationLength) { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2132 |
|
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2133 |
int result = -1; |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2134 |
jbyte* sourceBytes = NULL; |
2 | 2135 |
|
49151
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2136 |
__try { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2137 |
int sourceLength = env->GetArrayLength(source); |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2138 |
|
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2139 |
sourceBytes = env->GetByteArrayElements(source, 0); |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2140 |
if (sourceBytes == NULL) { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2141 |
__leave; |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2142 |
} |
2 | 2143 |
|
49151
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2144 |
int copyLen = sourceLength; |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2145 |
if (sourceLength > destinationLength) { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2146 |
// source might include an extra sign byte |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2147 |
if (sourceLength == destinationLength + 1 && sourceBytes[0] == 0) { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2148 |
copyLen--; |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2149 |
} else { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2150 |
__leave; |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2151 |
} |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2152 |
} |
2 | 2153 |
|
49151
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2154 |
// Copy bytes from the end of the source array to the beginning of the |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2155 |
// destination array (until the destination array is full). |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2156 |
// This ensures that the sign byte from the source array will be excluded. |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2157 |
for (int i = 0; i < copyLen; i++) { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2158 |
destination[i] = sourceBytes[sourceLength - 1 - i]; |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2159 |
} |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2160 |
if (copyLen < destinationLength) { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2161 |
memset(destination + copyLen, 0, destinationLength - copyLen); |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2162 |
} |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2163 |
result = destinationLength; |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2164 |
} __finally { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2165 |
// Clean up. |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2166 |
if (sourceBytes) { |
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2167 |
env->ReleaseByteArrayElements(source, sourceBytes, JNI_ABORT); |
31264
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
2168 |
} |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
2169 |
} |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
2170 |
|
49151
a7d2f0dd9c1f
8193262: JNI array not released in libsunmscapi convertToLittleEndian
weijun
parents:
49149
diff
changeset
|
2171 |
return result; |
2 | 2172 |
} |
2173 |
||
2174 |
/* |
|
2175 |
* The Microsoft Base Cryptographic Provider supports public-key BLOBs |
|
2176 |
* that have the following format: |
|
2177 |
* |
|
2178 |
* PUBLICKEYSTRUC publickeystruc; |
|
2179 |
* RSAPUBKEY rsapubkey; |
|
2180 |
* BYTE modulus[rsapubkey.bitlen/8]; |
|
2181 |
* |
|
2182 |
* and private-key BLOBs that have the following format: |
|
2183 |
* |
|
2184 |
* PUBLICKEYSTRUC publickeystruc; |
|
2185 |
* RSAPUBKEY rsapubkey; |
|
2186 |
* BYTE modulus[rsapubkey.bitlen/8]; |
|
2187 |
* BYTE prime1[rsapubkey.bitlen/16]; |
|
2188 |
* BYTE prime2[rsapubkey.bitlen/16]; |
|
2189 |
* BYTE exponent1[rsapubkey.bitlen/16]; |
|
2190 |
* BYTE exponent2[rsapubkey.bitlen/16]; |
|
2191 |
* BYTE coefficient[rsapubkey.bitlen/16]; |
|
2192 |
* BYTE privateExponent[rsapubkey.bitlen/8]; |
|
2193 |
* |
|
2194 |
* This method generates such BLOBs from the key elements supplied. |
|
2195 |
*/ |
|
2196 |
jbyteArray generateKeyBlob( |
|
2197 |
JNIEnv *env, |
|
2198 |
jint jKeyBitLength, |
|
2199 |
jbyteArray jModulus, |
|
2200 |
jbyteArray jPublicExponent, |
|
2201 |
jbyteArray jPrivateExponent, |
|
2202 |
jbyteArray jPrimeP, |
|
2203 |
jbyteArray jPrimeQ, |
|
2204 |
jbyteArray jExponentP, |
|
2205 |
jbyteArray jExponentQ, |
|
2206 |
jbyteArray jCrtCoefficient) |
|
2207 |
{ |
|
2208 |
jsize jKeyByteLength = jKeyBitLength / 8; |
|
2209 |
jsize jBlobLength; |
|
2210 |
BOOL bGeneratePrivateKeyBlob; |
|
2211 |
||
2212 |
// Determine whether to generate a public-key or a private-key BLOB |
|
2213 |
if (jPrivateExponent != NULL && |
|
2214 |
jPrimeP != NULL && |
|
2215 |
jPrimeQ != NULL && |
|
2216 |
jExponentP != NULL && |
|
2217 |
jExponentQ != NULL && |
|
2218 |
jCrtCoefficient != NULL) { |
|
2219 |
||
2220 |
bGeneratePrivateKeyBlob = TRUE; |
|
2221 |
jBlobLength = sizeof(BLOBHEADER) + |
|
2222 |
sizeof(RSAPUBKEY) + |
|
2223 |
((jKeyBitLength / 8) * 4) + |
|
2224 |
(jKeyBitLength / 16); |
|
2225 |
||
2226 |
} else { |
|
2227 |
bGeneratePrivateKeyBlob = FALSE; |
|
2228 |
jBlobLength = sizeof(BLOBHEADER) + |
|
2229 |
sizeof(RSAPUBKEY) + |
|
2230 |
(jKeyBitLength / 8); |
|
2231 |
} |
|
2232 |
||
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2233 |
jbyte* jBlobBytes = NULL; |
2 | 2234 |
jbyte* jBlobElement; |
2235 |
jbyteArray jBlob = NULL; |
|
2236 |
jsize jElementLength; |
|
2237 |
||
2238 |
__try { |
|
41605
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2239 |
jBlobBytes = new (env) jbyte[jBlobLength]; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2240 |
if (jBlobBytes == NULL) { |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2241 |
__leave; |
290923d3b566
8165463: Native implementation of sunmscapi should use operator new (nothrow) for allocations
igerasim
parents:
40414
diff
changeset
|
2242 |
} |
2 | 2243 |
|
2244 |
BLOBHEADER *pBlobHeader = (BLOBHEADER *) jBlobBytes; |
|
2245 |
if (bGeneratePrivateKeyBlob) { |
|
2246 |
pBlobHeader->bType = PRIVATEKEYBLOB; // 0x07 |
|
2247 |
} else { |
|
2248 |
pBlobHeader->bType = PUBLICKEYBLOB; // 0x06 |
|
2249 |
} |
|
2250 |
pBlobHeader->bVersion = CUR_BLOB_VERSION; // 0x02 |
|
2251 |
pBlobHeader->reserved = 0; // 0x0000 |
|
2252 |
pBlobHeader->aiKeyAlg = CALG_RSA_KEYX; // 0x0000a400 |
|
2253 |
||
2254 |
RSAPUBKEY *pRsaPubKey = |
|
2255 |
(RSAPUBKEY *) (jBlobBytes + sizeof(PUBLICKEYSTRUC)); |
|
2256 |
if (bGeneratePrivateKeyBlob) { |
|
2257 |
pRsaPubKey->magic = 0x32415352; // "RSA2" |
|
2258 |
} else { |
|
2259 |
pRsaPubKey->magic = 0x31415352; // "RSA1" |
|
2260 |
} |
|
2261 |
pRsaPubKey->bitlen = jKeyBitLength; |
|
2262 |
pRsaPubKey->pubexp = 0; // init |
|
2263 |
||
2264 |
// Sanity check |
|
2265 |
jsize jPublicExponentLength = env->GetArrayLength(jPublicExponent); |
|
2266 |
if (jPublicExponentLength > sizeof(pRsaPubKey->pubexp)) { |
|
9508
310b4f6c8e61
6732372: Some MSCAPI native methods not returning correct exceptions.
vinnie
parents:
5506
diff
changeset
|
2267 |
ThrowException(env, INVALID_KEY_EXCEPTION, NTE_BAD_TYPE); |
2 | 2268 |
__leave; |
2269 |
} |
|
2270 |
// The length argument must be the smaller of jPublicExponentLength |
|
2271 |
// and sizeof(pRsaPubKey->pubkey) |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2272 |
if ((jElementLength = convertToLittleEndian(env, jPublicExponent, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2273 |
(jbyte *) &(pRsaPubKey->pubexp), jPublicExponentLength)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2274 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2275 |
} |
2 | 2276 |
|
2277 |
// Modulus n |
|
2278 |
jBlobElement = |
|
2279 |
(jbyte *) (jBlobBytes + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY)); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2280 |
if ((jElementLength = convertToLittleEndian(env, jModulus, jBlobElement, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2281 |
jKeyByteLength)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2282 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2283 |
} |
2 | 2284 |
|
2285 |
if (bGeneratePrivateKeyBlob) { |
|
2286 |
// Prime p |
|
2287 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2288 |
if ((jElementLength = convertToLittleEndian(env, jPrimeP, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2289 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2290 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2291 |
} |
2 | 2292 |
|
2293 |
// Prime q |
|
2294 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2295 |
if ((jElementLength = convertToLittleEndian(env, jPrimeQ, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2296 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2297 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2298 |
} |
2 | 2299 |
|
2300 |
// Prime exponent p |
|
2301 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2302 |
if ((jElementLength = convertToLittleEndian(env, jExponentP, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2303 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2304 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2305 |
} |
2 | 2306 |
|
2307 |
// Prime exponent q |
|
2308 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2309 |
if ((jElementLength = convertToLittleEndian(env, jExponentQ, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2310 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2311 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2312 |
} |
2 | 2313 |
|
2314 |
// CRT coefficient |
|
2315 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2316 |
if ((jElementLength = convertToLittleEndian(env, jCrtCoefficient, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2317 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2318 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2319 |
} |
2 | 2320 |
|
2321 |
// Private exponent |
|
2322 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2323 |
if ((jElementLength = convertToLittleEndian(env, jPrivateExponent, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2324 |
jBlobElement, jKeyByteLength)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2325 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2326 |
} |
2 | 2327 |
} |
2328 |
||
53330 | 2329 |
if ((jBlob = env->NewByteArray(jBlobLength)) == NULL) { |
2330 |
__leave; |
|
2331 |
} |
|
2 | 2332 |
env->SetByteArrayRegion(jBlob, 0, jBlobLength, jBlobBytes); |
2333 |
||
2334 |
} |
|
2335 |
__finally |
|
2336 |
{ |
|
2337 |
if (jBlobBytes) |
|
2338 |
delete [] jBlobBytes; |
|
2339 |
} |
|
2340 |
||
2341 |
return jBlob; |
|
2342 |
} |
|
2343 |
||
2344 |
/* |
|
53006 | 2345 |
* Class: sun_security_mscapi_CKeyStore |
2346 |
* Method: generateRSAPrivateKeyBlob |
|
2 | 2347 |
* Signature: (I[B[B[B[B[B[B[B[B)[B |
2348 |
*/ |
|
53006 | 2349 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_CKeyStore_generateRSAPrivateKeyBlob |
50471
f0aeede1b855
8204572: SetupJdkLibrary should setup SRC and -I flags automatically
ihse
parents:
49151
diff
changeset
|
2350 |
(JNIEnv *env, jobject clazz, |
2 | 2351 |
jint jKeyBitLength, |
2352 |
jbyteArray jModulus, |
|
2353 |
jbyteArray jPublicExponent, |
|
2354 |
jbyteArray jPrivateExponent, |
|
2355 |
jbyteArray jPrimeP, |
|
2356 |
jbyteArray jPrimeQ, |
|
2357 |
jbyteArray jExponentP, |
|
2358 |
jbyteArray jExponentQ, |
|
2359 |
jbyteArray jCrtCoefficient) |
|
2360 |
{ |
|
2361 |
return generateKeyBlob(env, jKeyBitLength, jModulus, jPublicExponent, |
|
2362 |
jPrivateExponent, jPrimeP, jPrimeQ, jExponentP, jExponentQ, |
|
2363 |
jCrtCoefficient); |
|
2364 |
} |
|
2365 |
||
2366 |
/* |
|
53006 | 2367 |
* Class: sun_security_mscapi_CSignature_RSA |
2 | 2368 |
* Method: generatePublicKeyBlob |
2369 |
* Signature: (I[B[B)[B |
|
2370 |
*/ |
|
53006 | 2371 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_CSignature_00024RSA_generatePublicKeyBlob |
2 | 2372 |
(JNIEnv *env, jclass clazz, |
2373 |
jint jKeyBitLength, |
|
2374 |
jbyteArray jModulus, |
|
2375 |
jbyteArray jPublicExponent) |
|
2376 |
{ |
|
2377 |
return generateKeyBlob(env, jKeyBitLength, jModulus, jPublicExponent, |
|
2378 |
NULL, NULL, NULL, NULL, NULL, NULL); |
|
2379 |
} |
|
2380 |
||
2381 |
/* |
|
53006 | 2382 |
* Class: sun_security_mscapi_CKeyStore |
2 | 2383 |
* Method: storePrivateKey |
53006 | 2384 |
* Signature: (Ljava/lang/String;[BLjava/lang/String;I)Lsun/security/mscapi/CPrivateKey; |
2 | 2385 |
*/ |
53006 | 2386 |
JNIEXPORT jobject JNICALL Java_sun_security_mscapi_CKeyStore_storePrivateKey |
2387 |
(JNIEnv *env, jobject clazz, jstring alg, jbyteArray keyBlob, |
|
2388 |
jstring keyContainerName, jint keySize) |
|
2 | 2389 |
{ |
2390 |
HCRYPTPROV hCryptProv = NULL; |
|
2391 |
HCRYPTKEY hKey = NULL; |
|
2392 |
DWORD dwBlobLen; |
|
2393 |
BYTE * pbKeyBlob = NULL; |
|
2394 |
const char* pszKeyContainerName = NULL; // UUID |
|
2395 |
jobject privateKey = NULL; |
|
2396 |
||
2397 |
__try |
|
2398 |
{ |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2399 |
if ((pszKeyContainerName = |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2400 |
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2401 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2402 |
} |
2 | 2403 |
dwBlobLen = env->GetArrayLength(keyBlob); |
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2404 |
if ((pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2405 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2406 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2407 |
} |
2 | 2408 |
|
2409 |
// Acquire a CSP context (create a new key container). |
|
53006 | 2410 |
if (::CryptAcquireContext( //deprecated |
2 | 2411 |
&hCryptProv, |
2412 |
pszKeyContainerName, |
|
2413 |
NULL, |
|
2414 |
PROV_RSA_FULL, |
|
2415 |
CRYPT_NEWKEYSET) == FALSE) |
|
2416 |
{ |
|
2417 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
2418 |
__leave; |
|
2419 |
} |
|
2420 |
||
2421 |
// Import the private key |
|
53006 | 2422 |
if (::CryptImportKey( //deprecated |
2 | 2423 |
hCryptProv, |
2424 |
pbKeyBlob, |
|
2425 |
dwBlobLen, |
|
2426 |
0, |
|
2427 |
CRYPT_EXPORTABLE, |
|
2428 |
&hKey) == FALSE) |
|
2429 |
{ |
|
2430 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
2431 |
__leave; |
|
2432 |
} |
|
2433 |
||
53006 | 2434 |
// Get the method ID for the CPrivateKey constructor |
2435 |
jclass clazzCPrivateKey = |
|
2436 |
env->FindClass("sun/security/mscapi/CPrivateKey"); |
|
2437 |
if (clazzCPrivateKey == NULL) { |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2438 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2439 |
} |
2 | 2440 |
|
53006 | 2441 |
jmethodID mNewCPrivateKey = |
2442 |
env->GetStaticMethodID(clazzCPrivateKey, "of", |
|
2443 |
"(Ljava/lang/String;JJI)Lsun/security/mscapi/CPrivateKey;"); |
|
2444 |
if (mNewCPrivateKey == NULL) { |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2445 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2446 |
} |
2 | 2447 |
|
53006 | 2448 |
// Create a new private key |
2449 |
privateKey = env->CallStaticObjectMethod(clazzCPrivateKey, mNewCPrivateKey, |
|
2450 |
alg, (jlong) hCryptProv, (jlong) hKey, keySize); |
|
2 | 2451 |
|
2452 |
} |
|
2453 |
__finally |
|
2454 |
{ |
|
2455 |
//-------------------------------------------------------------------- |
|
2456 |
// Clean up. |
|
2457 |
||
2458 |
if (pszKeyContainerName) |
|
2459 |
env->ReleaseStringUTFChars(keyContainerName, pszKeyContainerName); |
|
2460 |
||
2461 |
if (pbKeyBlob) |
|
2462 |
env->ReleaseByteArrayElements(keyBlob, (jbyte *) pbKeyBlob, |
|
2463 |
JNI_ABORT); |
|
2464 |
} |
|
2465 |
||
2466 |
return privateKey; |
|
2467 |
} |
|
2468 |
||
2469 |
/* |
|
53006 | 2470 |
* Class: sun_security_mscapi_CSignature |
53007 | 2471 |
* Method: importECPublicKey |
2472 |
* Signature: (Ljava/lang/String;[BI)Lsun/security/mscapi/CPublicKey; |
|
2473 |
*/ |
|
2474 |
JNIEXPORT jobject JNICALL Java_sun_security_mscapi_CSignature_importECPublicKey |
|
2475 |
(JNIEnv *env, jclass clazz, jstring alg, jbyteArray keyBlob, jint keySize) |
|
2476 |
{ |
|
2477 |
BCRYPT_ALG_HANDLE hSignAlg = NULL; |
|
2478 |
NCRYPT_KEY_HANDLE hTmpKey = NULL; |
|
2479 |
DWORD dwBlobLen; |
|
2480 |
BYTE * pbKeyBlob = NULL; |
|
2481 |
jobject publicKey = NULL; |
|
2482 |
||
2483 |
__try |
|
2484 |
{ |
|
2485 |
dwBlobLen = env->GetArrayLength(keyBlob); |
|
2486 |
if ((pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0)) |
|
2487 |
== NULL) { |
|
2488 |
__leave; |
|
2489 |
} |
|
2490 |
dump("NCryptImportKey", pbKeyBlob, dwBlobLen); |
|
2491 |
NCRYPT_PROV_HANDLE hProv; |
|
2492 |
SS_CHECK(NCryptOpenStorageProvider( |
|
2493 |
&hProv, L"Microsoft Software Key Storage Provider", 0 )); |
|
2494 |
SS_CHECK(NCryptImportKey( |
|
2495 |
hProv, |
|
2496 |
NULL, |
|
2497 |
BCRYPT_ECCPUBLIC_BLOB, |
|
2498 |
NULL, |
|
2499 |
&hTmpKey, |
|
2500 |
pbKeyBlob, |
|
2501 |
dwBlobLen, |
|
2502 |
0)); |
|
2503 |
NCryptFreeObject( hProv ); |
|
2504 |
// Get the method ID for the CPublicKey constructor |
|
2505 |
jclass clazzCPublicKey = |
|
2506 |
env->FindClass("sun/security/mscapi/CPublicKey"); |
|
2507 |
if (clazzCPublicKey == NULL) { |
|
2508 |
__leave; |
|
2509 |
} |
|
2510 |
||
2511 |
jmethodID mNewCPublicKey = |
|
2512 |
env->GetStaticMethodID(clazzCPublicKey, "of", |
|
2513 |
"(Ljava/lang/String;JJI)Lsun/security/mscapi/CPublicKey;"); |
|
2514 |
if (mNewCPublicKey == NULL) { |
|
2515 |
__leave; |
|
2516 |
} |
|
2517 |
||
2518 |
// Create a new public key |
|
2519 |
publicKey = env->CallStaticObjectMethod(clazzCPublicKey, mNewCPublicKey, |
|
2520 |
alg, (jlong) hTmpKey, (jlong) 0, keySize); |
|
2521 |
} |
|
2522 |
__finally |
|
2523 |
{ |
|
2524 |
} |
|
2525 |
||
2526 |
return publicKey; |
|
2527 |
} |
|
2528 |
||
2529 |
/* |
|
2530 |
* Class: sun_security_mscapi_CSignature |
|
2 | 2531 |
* Method: importPublicKey |
53006 | 2532 |
* Signature: (Ljava/lang/String;[BI)Lsun/security/mscapi/CPublicKey; |
2 | 2533 |
*/ |
53006 | 2534 |
JNIEXPORT jobject JNICALL Java_sun_security_mscapi_CSignature_importPublicKey |
2535 |
(JNIEnv *env, jclass clazz, jstring alg, jbyteArray keyBlob, jint keySize) |
|
2 | 2536 |
{ |
2537 |
HCRYPTPROV hCryptProv = NULL; |
|
2538 |
HCRYPTKEY hKey = NULL; |
|
2539 |
DWORD dwBlobLen; |
|
2540 |
BYTE * pbKeyBlob = NULL; |
|
2541 |
jobject publicKey = NULL; |
|
2542 |
||
2543 |
__try |
|
2544 |
{ |
|
2545 |
dwBlobLen = env->GetArrayLength(keyBlob); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2546 |
if ((pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2547 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2548 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2549 |
} |
2 | 2550 |
|
2551 |
// Acquire a CSP context (create a new key container). |
|
9524 | 2552 |
// Prefer a PROV_RSA_AES CSP, when available, due to its support |
2553 |
// for SHA-2-based signatures. |
|
53006 | 2554 |
if (::CryptAcquireContext( //deprecated |
2 | 2555 |
&hCryptProv, |
2556 |
NULL, |
|
2557 |
NULL, |
|
9524 | 2558 |
PROV_RSA_AES, |
2 | 2559 |
CRYPT_VERIFYCONTEXT) == FALSE) |
2560 |
{ |
|
9524 | 2561 |
// Failover to using the default CSP (PROV_RSA_FULL) |
2562 |
||
53006 | 2563 |
if (::CryptAcquireContext( //deprecated |
9524 | 2564 |
&hCryptProv, |
2565 |
NULL, |
|
2566 |
NULL, |
|
2567 |
PROV_RSA_FULL, |
|
2568 |
CRYPT_VERIFYCONTEXT) == FALSE) |
|
2569 |
{ |
|
2570 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
2571 |
__leave; |
|
2572 |
} |
|
2 | 2573 |
} |
2574 |
||
2575 |
// Import the public key |
|
53006 | 2576 |
if (::CryptImportKey( //deprecated |
2 | 2577 |
hCryptProv, |
2578 |
pbKeyBlob, |
|
2579 |
dwBlobLen, |
|
2580 |
0, |
|
2581 |
CRYPT_EXPORTABLE, |
|
2582 |
&hKey) == FALSE) |
|
2583 |
{ |
|
2584 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
2585 |
__leave; |
|
2586 |
} |
|
2587 |
||
53006 | 2588 |
// Get the method ID for the CPublicKey constructor |
2589 |
jclass clazzCPublicKey = |
|
2590 |
env->FindClass("sun/security/mscapi/CPublicKey"); |
|
2591 |
if (clazzCPublicKey == NULL) { |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2592 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2593 |
} |
2 | 2594 |
|
53006 | 2595 |
jmethodID mNewCPublicKey = |
2596 |
env->GetStaticMethodID(clazzCPublicKey, "of", |
|
2597 |
"(Ljava/lang/String;JJI)Lsun/security/mscapi/CPublicKey;"); |
|
2598 |
if (mNewCPublicKey == NULL) { |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2599 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2600 |
} |
2 | 2601 |
|
53006 | 2602 |
// Create a new public key |
2603 |
publicKey = env->CallStaticObjectMethod(clazzCPublicKey, mNewCPublicKey, |
|
2604 |
alg, (jlong) hCryptProv, (jlong) hKey, keySize); |
|
2 | 2605 |
|
2606 |
} |
|
2607 |
__finally |
|
2608 |
{ |
|
2609 |
//-------------------------------------------------------------------- |
|
2610 |
// Clean up. |
|
2611 |
||
2612 |
if (pbKeyBlob) |
|
2613 |
env->ReleaseByteArrayElements(keyBlob, (jbyte *) pbKeyBlob, |
|
2614 |
JNI_ABORT); |
|
2615 |
} |
|
2616 |
||
2617 |
return publicKey; |
|
2618 |
} |
|
2619 |
||
2620 |
} /* extern "C" */ |