author | avstepan |
Thu, 28 Apr 2016 19:35:09 +0300 | |
changeset 38386 | d7e7d592d396 |
parent 36759 | 07dc1868fd1e |
child 40414 | 1f4a9da41c1f |
permissions | -rw-r--r-- |
2 | 1 |
/* |
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
2 |
* Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
//=--------------------------------------------------------------------------= |
|
27 |
// security.cpp by Stanley Man-Kit Ho |
|
28 |
//=--------------------------------------------------------------------------= |
|
29 |
// |
|
30 |
||
31 |
#include <jni.h> |
|
33653
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
32 |
#include "jni_util.h" |
2 | 33 |
#include <stdlib.h> |
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
34 |
#include <string.h> |
2 | 35 |
#include <windows.h> |
36 |
#include <BaseTsd.h> |
|
37 |
#include <wincrypt.h> |
|
38 |
#include <stdio.h> |
|
39 |
||
40 |
||
41 |
#define OID_EKU_ANY "2.5.29.37.0" |
|
42 |
||
43 |
#define CERTIFICATE_PARSING_EXCEPTION \ |
|
44 |
"java/security/cert/CertificateParsingException" |
|
9508
310b4f6c8e61
6732372: Some MSCAPI native methods not returning correct exceptions.
vinnie
parents:
5506
diff
changeset
|
45 |
#define INVALID_KEY_EXCEPTION \ |
310b4f6c8e61
6732372: Some MSCAPI native methods not returning correct exceptions.
vinnie
parents:
5506
diff
changeset
|
46 |
"java/security/InvalidKeyException" |
2 | 47 |
#define KEY_EXCEPTION "java/security/KeyException" |
48 |
#define KEYSTORE_EXCEPTION "java/security/KeyStoreException" |
|
49 |
#define PROVIDER_EXCEPTION "java/security/ProviderException" |
|
50 |
#define SIGNATURE_EXCEPTION "java/security/SignatureException" |
|
51 |
||
52 |
extern "C" { |
|
53 |
||
54 |
/* |
|
33653
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
55 |
* Declare library specific JNI_Onload entry if static build |
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
56 |
*/ |
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
57 |
DEF_STATIC_JNI_OnLoad |
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
58 |
|
c1ee09fe3274
8136556: Add the ability to perform static builds of MacOSX x64 binaries
bobv
parents:
31470
diff
changeset
|
59 |
/* |
2 | 60 |
* Throws an arbitrary Java exception. |
61 |
* The exception message is a Windows system error message. |
|
62 |
*/ |
|
63 |
void ThrowException(JNIEnv *env, char *exceptionName, DWORD dwError) |
|
64 |
{ |
|
65 |
char szMessage[1024]; |
|
66 |
szMessage[0] = '\0'; |
|
67 |
||
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
68 |
DWORD res = FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM, NULL, dwError, |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
69 |
NULL, szMessage, sizeof(szMessage), NULL); |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
70 |
if (res == 0) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
71 |
strcpy(szMessage, "Unknown error"); |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
72 |
} |
2 | 73 |
|
74 |
jclass exceptionClazz = env->FindClass(exceptionName); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
75 |
if (exceptionClazz != NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
76 |
env->ThrowNew(exceptionClazz, szMessage); |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
77 |
} |
2 | 78 |
} |
79 |
||
80 |
||
81 |
/* |
|
82 |
* Maps the name of a hash algorithm to an algorithm identifier. |
|
83 |
*/ |
|
84 |
ALG_ID MapHashAlgorithm(JNIEnv *env, jstring jHashAlgorithm) { |
|
85 |
||
86 |
const char* pszHashAlgorithm = NULL; |
|
87 |
ALG_ID algId = 0; |
|
88 |
||
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
89 |
if ((pszHashAlgorithm = env->GetStringUTFChars(jHashAlgorithm, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
90 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
91 |
return algId; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
92 |
} |
2 | 93 |
|
94 |
if ((strcmp("SHA", pszHashAlgorithm) == 0) || |
|
95 |
(strcmp("SHA1", pszHashAlgorithm) == 0) || |
|
96 |
(strcmp("SHA-1", pszHashAlgorithm) == 0)) { |
|
97 |
||
98 |
algId = CALG_SHA1; |
|
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
99 |
} else if (strcmp("SHA1+MD5", pszHashAlgorithm) == 0) { |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
100 |
algId = CALG_SSL3_SHAMD5; // a 36-byte concatenation of SHA-1 and MD5 |
2 | 101 |
} else if (strcmp("SHA-256", pszHashAlgorithm) == 0) { |
102 |
algId = CALG_SHA_256; |
|
103 |
} else if (strcmp("SHA-384", pszHashAlgorithm) == 0) { |
|
104 |
algId = CALG_SHA_384; |
|
105 |
} else if (strcmp("SHA-512", pszHashAlgorithm) == 0) { |
|
106 |
algId = CALG_SHA_512; |
|
107 |
} else if (strcmp("MD5", pszHashAlgorithm) == 0) { |
|
108 |
algId = CALG_MD5; |
|
109 |
} else if (strcmp("MD2", pszHashAlgorithm) == 0) { |
|
110 |
algId = CALG_MD2; |
|
111 |
} |
|
112 |
||
113 |
if (pszHashAlgorithm) |
|
114 |
env->ReleaseStringUTFChars(jHashAlgorithm, pszHashAlgorithm); |
|
115 |
||
116 |
return algId; |
|
117 |
} |
|
118 |
||
119 |
||
120 |
/* |
|
121 |
* Returns a certificate chain context given a certificate context and key |
|
122 |
* usage identifier. |
|
123 |
*/ |
|
124 |
bool GetCertificateChain(LPSTR lpszKeyUsageIdentifier, PCCERT_CONTEXT pCertContext, PCCERT_CHAIN_CONTEXT* ppChainContext) |
|
125 |
{ |
|
126 |
CERT_ENHKEY_USAGE EnhkeyUsage; |
|
127 |
CERT_USAGE_MATCH CertUsage; |
|
128 |
CERT_CHAIN_PARA ChainPara; |
|
129 |
DWORD dwFlags = 0; |
|
130 |
LPSTR szUsageIdentifierArray[1]; |
|
131 |
||
132 |
szUsageIdentifierArray[0] = lpszKeyUsageIdentifier; |
|
133 |
EnhkeyUsage.cUsageIdentifier = 1; |
|
134 |
EnhkeyUsage.rgpszUsageIdentifier = szUsageIdentifierArray; |
|
135 |
CertUsage.dwType = USAGE_MATCH_TYPE_AND; |
|
136 |
CertUsage.Usage = EnhkeyUsage; |
|
137 |
ChainPara.cbSize = sizeof(CERT_CHAIN_PARA); |
|
138 |
ChainPara.RequestedUsage=CertUsage; |
|
139 |
||
140 |
// Build a chain using CertGetCertificateChain |
|
141 |
// and the certificate retrieved. |
|
142 |
return (::CertGetCertificateChain(NULL, // use the default chain engine |
|
143 |
pCertContext, // pointer to the end certificate |
|
144 |
NULL, // use the default time |
|
145 |
NULL, // search no additional stores |
|
146 |
&ChainPara, // use AND logic and enhanced key usage |
|
147 |
// as indicated in the ChainPara |
|
148 |
// data structure |
|
149 |
dwFlags, |
|
150 |
NULL, // currently reserved |
|
151 |
ppChainContext) == TRUE); // return a pointer to the chain created |
|
152 |
} |
|
153 |
||
154 |
||
155 |
///////////////////////////////////////////////////////////////////////////// |
|
156 |
// |
|
157 |
||
158 |
/* |
|
159 |
* Class: sun_security_mscapi_PRNG |
|
160 |
* Method: generateSeed |
|
161 |
* Signature: (I[B)[B |
|
162 |
*/ |
|
163 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_PRNG_generateSeed |
|
164 |
(JNIEnv *env, jclass clazz, jint length, jbyteArray seed) |
|
165 |
{ |
|
166 |
||
167 |
HCRYPTPROV hCryptProv = NULL; |
|
168 |
BYTE* pbData = NULL; |
|
169 |
jbyte* reseedBytes = NULL; |
|
170 |
jbyte* seedBytes = NULL; |
|
171 |
jbyteArray result = NULL; |
|
172 |
||
173 |
__try |
|
174 |
{ |
|
175 |
// Acquire a CSP context. |
|
176 |
if(::CryptAcquireContext( |
|
177 |
&hCryptProv, |
|
178 |
NULL, |
|
179 |
NULL, |
|
180 |
PROV_RSA_FULL, |
|
181 |
CRYPT_VERIFYCONTEXT) == FALSE) |
|
182 |
{ |
|
183 |
ThrowException(env, PROVIDER_EXCEPTION, GetLastError()); |
|
184 |
__leave; |
|
185 |
} |
|
186 |
||
187 |
/* |
|
188 |
* If length is negative then use the supplied seed to re-seed the |
|
189 |
* generator and return null. |
|
190 |
* If length is non-zero then generate a new seed according to the |
|
191 |
* requested length and return the new seed. |
|
192 |
* If length is zero then overwrite the supplied seed with a new |
|
193 |
* seed of the same length and return the seed. |
|
194 |
*/ |
|
195 |
if (length < 0) { |
|
196 |
length = env->GetArrayLength(seed); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
197 |
if ((reseedBytes = env->GetByteArrayElements(seed, 0)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
198 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
199 |
} |
2 | 200 |
|
201 |
if (::CryptGenRandom( |
|
202 |
hCryptProv, |
|
203 |
length, |
|
204 |
(BYTE *) reseedBytes) == FALSE) { |
|
205 |
||
206 |
ThrowException(env, PROVIDER_EXCEPTION, GetLastError()); |
|
207 |
__leave; |
|
208 |
} |
|
209 |
||
210 |
result = NULL; |
|
211 |
||
212 |
} else if (length > 0) { |
|
213 |
||
214 |
pbData = new BYTE[length]; |
|
215 |
||
216 |
if (::CryptGenRandom( |
|
217 |
hCryptProv, |
|
218 |
length, |
|
219 |
pbData) == FALSE) { |
|
220 |
||
221 |
ThrowException(env, PROVIDER_EXCEPTION, GetLastError()); |
|
222 |
__leave; |
|
223 |
} |
|
224 |
||
225 |
result = env->NewByteArray(length); |
|
226 |
env->SetByteArrayRegion(result, 0, length, (jbyte*) pbData); |
|
227 |
||
228 |
} else { // length == 0 |
|
229 |
||
230 |
length = env->GetArrayLength(seed); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
231 |
if ((seedBytes = env->GetByteArrayElements(seed, 0)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
232 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
233 |
} |
2 | 234 |
|
235 |
if (::CryptGenRandom( |
|
236 |
hCryptProv, |
|
237 |
length, |
|
238 |
(BYTE *) seedBytes) == FALSE) { |
|
239 |
||
240 |
ThrowException(env, PROVIDER_EXCEPTION, GetLastError()); |
|
241 |
__leave; |
|
242 |
} |
|
243 |
||
244 |
result = seed; // seed will be updated when seedBytes gets released |
|
245 |
} |
|
246 |
} |
|
247 |
__finally |
|
248 |
{ |
|
249 |
//-------------------------------------------------------------------- |
|
250 |
// Clean up. |
|
251 |
||
252 |
if (reseedBytes) |
|
253 |
env->ReleaseByteArrayElements(seed, reseedBytes, JNI_ABORT); |
|
254 |
||
255 |
if (pbData) |
|
256 |
delete [] pbData; |
|
257 |
||
258 |
if (seedBytes) |
|
259 |
env->ReleaseByteArrayElements(seed, seedBytes, 0); // update orig |
|
260 |
||
261 |
if (hCryptProv) |
|
262 |
::CryptReleaseContext(hCryptProv, 0); |
|
263 |
} |
|
264 |
||
265 |
return result; |
|
266 |
} |
|
267 |
||
268 |
||
269 |
/* |
|
270 |
* Class: sun_security_mscapi_KeyStore |
|
271 |
* Method: loadKeysOrCertificateChains |
|
272 |
* Signature: (Ljava/lang/String;Ljava/util/Collection;)V |
|
273 |
*/ |
|
274 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_loadKeysOrCertificateChains |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
275 |
(JNIEnv *env, jobject obj, jstring jCertStoreName) |
2 | 276 |
{ |
277 |
/** |
|
278 |
* Certificate in cert store has enhanced key usage extension |
|
279 |
* property (or EKU property) that is not part of the certificate itself. To determine |
|
280 |
* if the certificate should be returned, both the enhanced key usage in certificate |
|
281 |
* extension block and the extension property stored along with the certificate in |
|
282 |
* certificate store should be examined. Otherwise, we won't be able to determine |
|
283 |
* the proper key usage from the Java side because the information is not stored as |
|
284 |
* part of the encoded certificate. |
|
285 |
*/ |
|
286 |
||
287 |
const char* pszCertStoreName = NULL; |
|
288 |
HCERTSTORE hCertStore = NULL; |
|
289 |
PCCERT_CONTEXT pCertContext = NULL; |
|
290 |
char* pszNameString = NULL; // certificate's friendly name |
|
291 |
DWORD cchNameString = 0; |
|
292 |
||
293 |
||
294 |
__try |
|
295 |
{ |
|
296 |
// Open a system certificate store. |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
297 |
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
298 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
299 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
300 |
} |
2 | 301 |
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) |
302 |
== NULL) { |
|
303 |
||
304 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
305 |
__leave; |
|
306 |
} |
|
307 |
||
308 |
// Determine clazz and method ID to generate certificate |
|
309 |
jclass clazzArrayList = env->FindClass("java/util/ArrayList"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
310 |
if (clazzArrayList == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
311 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
312 |
} |
2 | 313 |
|
314 |
jmethodID mNewArrayList = env->GetMethodID(clazzArrayList, "<init>", "()V"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
315 |
if (mNewArrayList == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
316 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
317 |
} |
2 | 318 |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
319 |
jclass clazzOfThis = env->GetObjectClass(obj); |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
320 |
if (clazzOfThis == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
321 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
322 |
} |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
323 |
|
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
324 |
jmethodID mGenCert = env->GetMethodID(clazzOfThis, |
2 | 325 |
"generateCertificate", |
326 |
"([BLjava/util/Collection;)V"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
327 |
if (mGenCert == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
328 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
329 |
} |
2 | 330 |
|
331 |
// Determine method ID to generate certificate chain |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
332 |
jmethodID mGenCertChain = env->GetMethodID(clazzOfThis, |
2 | 333 |
"generateCertificateChain", |
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
334 |
"(Ljava/lang/String;Ljava/util/Collection;)V"); |
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
335 |
if (mGenCertChain == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
336 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
337 |
} |
2 | 338 |
|
339 |
// Determine method ID to generate RSA certificate chain |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
340 |
jmethodID mGenRSAKeyAndCertChain = env->GetMethodID(clazzOfThis, |
2 | 341 |
"generateRSAKeyAndCertificateChain", |
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
342 |
"(Ljava/lang/String;JJILjava/util/Collection;)V"); |
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
343 |
if (mGenRSAKeyAndCertChain == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
344 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
345 |
} |
2 | 346 |
|
347 |
// Use CertEnumCertificatesInStore to get the certificates |
|
348 |
// from the open store. pCertContext must be reset to |
|
349 |
// NULL to retrieve the first certificate in the store. |
|
350 |
while (pCertContext = ::CertEnumCertificatesInStore(hCertStore, pCertContext)) |
|
351 |
{ |
|
352 |
// Check if private key available - client authentication certificate |
|
353 |
// must have private key available. |
|
354 |
HCRYPTPROV hCryptProv = NULL; |
|
355 |
DWORD dwKeySpec = 0; |
|
356 |
HCRYPTKEY hUserKey = NULL; |
|
357 |
BOOL bCallerFreeProv = FALSE; |
|
358 |
BOOL bHasNoPrivateKey = FALSE; |
|
359 |
DWORD dwPublicKeyLength = 0; |
|
360 |
||
361 |
if (::CryptAcquireCertificatePrivateKey(pCertContext, NULL, NULL, |
|
362 |
&hCryptProv, &dwKeySpec, &bCallerFreeProv) == FALSE) |
|
363 |
{ |
|
364 |
bHasNoPrivateKey = TRUE; |
|
365 |
||
366 |
} else { |
|
367 |
// Private key is available |
|
368 |
||
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
369 |
BOOL bGetUserKey = ::CryptGetUserKey(hCryptProv, dwKeySpec, &hUserKey); |
2 | 370 |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
371 |
// Skip certificate if cannot find private key |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
372 |
if (bGetUserKey == FALSE) |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
373 |
{ |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
374 |
if (bCallerFreeProv) |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
375 |
::CryptReleaseContext(hCryptProv, NULL); |
2 | 376 |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
377 |
continue; |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
378 |
} |
2 | 379 |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
380 |
// Set cipher mode to ECB |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
381 |
DWORD dwCipherMode = CRYPT_MODE_ECB; |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
382 |
::CryptSetKeyParam(hUserKey, KP_MODE, (BYTE*)&dwCipherMode, NULL); |
2 | 383 |
|
384 |
||
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
385 |
// If the private key is present in smart card, we may not be able to |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
386 |
// determine the key length by using the private key handle. However, |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
387 |
// since public/private key pairs must have the same length, we could |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
388 |
// determine the key length of the private key by using the public key |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
389 |
// in the certificate. |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
390 |
dwPublicKeyLength = ::CertGetPublicKeyLength(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
391 |
&(pCertContext->pCertInfo->SubjectPublicKeyInfo)); |
2 | 392 |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
393 |
} |
2 | 394 |
PCCERT_CHAIN_CONTEXT pCertChainContext = NULL; |
395 |
||
396 |
// Build certificate chain by using system certificate store. |
|
397 |
// Add cert chain into collection for any key usage. |
|
398 |
// |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
399 |
if (GetCertificateChain(OID_EKU_ANY, pCertContext, &pCertChainContext)) |
2 | 400 |
{ |
401 |
||
402 |
for (unsigned int i=0; i < pCertChainContext->cChain; i++) |
|
403 |
{ |
|
404 |
// Found cert chain |
|
405 |
PCERT_SIMPLE_CHAIN rgpChain = |
|
406 |
pCertChainContext->rgpChain[i]; |
|
407 |
||
408 |
// Create ArrayList to store certs in each chain |
|
409 |
jobject jArrayList = |
|
410 |
env->NewObject(clazzArrayList, mNewArrayList); |
|
411 |
||
412 |
for (unsigned int j=0; j < rgpChain->cElement; j++) |
|
413 |
{ |
|
414 |
PCERT_CHAIN_ELEMENT rgpElement = |
|
415 |
rgpChain->rgpElement[j]; |
|
416 |
PCCERT_CONTEXT pc = rgpElement->pCertContext; |
|
417 |
||
418 |
// Retrieve the friendly name of the first certificate |
|
419 |
// in the chain |
|
420 |
if (j == 0) { |
|
421 |
||
422 |
// If the cert's name cannot be retrieved then |
|
423 |
// pszNameString remains set to NULL. |
|
424 |
// (An alias name will be generated automatically |
|
425 |
// when storing this cert in the keystore.) |
|
426 |
||
427 |
// Get length of friendly name |
|
428 |
if ((cchNameString = CertGetNameString(pc, |
|
429 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, |
|
430 |
NULL, 0)) > 1) { |
|
431 |
||
432 |
// Found friendly name |
|
433 |
pszNameString = new char[cchNameString]; |
|
434 |
CertGetNameString(pc, |
|
435 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, |
|
436 |
pszNameString, cchNameString); |
|
437 |
} |
|
438 |
} |
|
439 |
||
440 |
BYTE* pbCertEncoded = pc->pbCertEncoded; |
|
441 |
DWORD cbCertEncoded = pc->cbCertEncoded; |
|
442 |
||
443 |
// Allocate and populate byte array |
|
444 |
jbyteArray byteArray = env->NewByteArray(cbCertEncoded); |
|
445 |
env->SetByteArrayRegion(byteArray, 0, cbCertEncoded, |
|
446 |
(jbyte*) pbCertEncoded); |
|
447 |
||
448 |
// Generate certificate from byte array and store into |
|
449 |
// cert collection |
|
450 |
env->CallVoidMethod(obj, mGenCert, byteArray, jArrayList); |
|
451 |
} |
|
452 |
if (bHasNoPrivateKey) |
|
453 |
{ |
|
454 |
// Generate certificate chain and store into cert chain |
|
455 |
// collection |
|
456 |
env->CallVoidMethod(obj, mGenCertChain, |
|
457 |
env->NewStringUTF(pszNameString), |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
458 |
jArrayList); |
2 | 459 |
} |
460 |
else |
|
461 |
{ |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
462 |
// Determine key type: RSA or DSA |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
463 |
DWORD dwData = CALG_RSA_KEYX; |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
464 |
DWORD dwSize = sizeof(DWORD); |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
465 |
::CryptGetKeyParam(hUserKey, KP_ALGID, (BYTE*)&dwData, |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
466 |
&dwSize, NULL); |
2 | 467 |
|
36759
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
468 |
if ((dwData & ALG_TYPE_RSA) == ALG_TYPE_RSA) |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
469 |
{ |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
470 |
// Generate RSA certificate chain and store into cert |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
471 |
// chain collection |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
472 |
env->CallVoidMethod(obj, mGenRSAKeyAndCertChain, |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
473 |
env->NewStringUTF(pszNameString), |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
474 |
(jlong) hCryptProv, (jlong) hUserKey, |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
475 |
dwPublicKeyLength, jArrayList); |
07dc1868fd1e
6483657: MSCAPI provider does not create unique alias names
igerasim
parents:
33653
diff
changeset
|
476 |
} |
2 | 477 |
} |
478 |
} |
|
479 |
||
480 |
// Free cert chain |
|
481 |
if (pCertChainContext) |
|
482 |
::CertFreeCertificateChain(pCertChainContext); |
|
483 |
} |
|
484 |
} |
|
485 |
} |
|
486 |
__finally |
|
487 |
{ |
|
488 |
if (hCertStore) |
|
489 |
::CertCloseStore(hCertStore, 0); |
|
490 |
||
491 |
if (pszCertStoreName) |
|
492 |
env->ReleaseStringUTFChars(jCertStoreName, pszCertStoreName); |
|
493 |
||
494 |
if (pszNameString) |
|
495 |
delete [] pszNameString; |
|
496 |
} |
|
497 |
} |
|
498 |
||
499 |
||
500 |
/* |
|
501 |
* Class: sun_security_mscapi_Key |
|
502 |
* Method: cleanUp |
|
503 |
* Signature: (JJ)V |
|
504 |
*/ |
|
505 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_Key_cleanUp |
|
506 |
(JNIEnv *env, jclass clazz, jlong hCryptProv, jlong hCryptKey) |
|
507 |
{ |
|
508 |
if (hCryptKey != NULL) |
|
509 |
::CryptDestroyKey((HCRYPTKEY) hCryptKey); |
|
510 |
||
511 |
if (hCryptProv != NULL) |
|
512 |
::CryptReleaseContext((HCRYPTPROV) hCryptProv, NULL); |
|
513 |
} |
|
514 |
||
515 |
||
516 |
/* |
|
517 |
* Class: sun_security_mscapi_RSASignature |
|
518 |
* Method: signHash |
|
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
519 |
* Signature: (Z[BILjava/lang/String;JJ)[B |
2 | 520 |
*/ |
521 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSASignature_signHash |
|
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
522 |
(JNIEnv *env, jclass clazz, jboolean noHashOID, jbyteArray jHash, |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
523 |
jint jHashSize, jstring jHashAlgorithm, jlong hCryptProv, |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
524 |
jlong hCryptKey) |
2 | 525 |
{ |
526 |
HCRYPTHASH hHash = NULL; |
|
527 |
jbyte* pHashBuffer = NULL; |
|
528 |
jbyte* pSignedHashBuffer = NULL; |
|
529 |
jbyteArray jSignedHash = NULL; |
|
9524 | 530 |
HCRYPTPROV hCryptProvAlt = NULL; |
2 | 531 |
|
532 |
__try |
|
533 |
{ |
|
534 |
// Map hash algorithm |
|
535 |
ALG_ID algId = MapHashAlgorithm(env, jHashAlgorithm); |
|
536 |
||
537 |
// Acquire a hash object handle. |
|
538 |
if (::CryptCreateHash(HCRYPTPROV(hCryptProv), algId, 0, 0, &hHash) == FALSE) |
|
539 |
{ |
|
9524 | 540 |
// Failover to using the PROV_RSA_AES CSP |
541 |
||
542 |
DWORD cbData = 256; |
|
543 |
BYTE pbData[256]; |
|
544 |
pbData[0] = '\0'; |
|
545 |
||
546 |
// Get name of the key container |
|
547 |
::CryptGetProvParam((HCRYPTPROV)hCryptProv, PP_CONTAINER, |
|
548 |
(BYTE *)pbData, &cbData, 0); |
|
549 |
||
550 |
// Acquire an alternative CSP handle |
|
551 |
if (::CryptAcquireContext(&hCryptProvAlt, LPCSTR(pbData), NULL, |
|
552 |
PROV_RSA_AES, 0) == FALSE) |
|
553 |
{ |
|
554 |
||
555 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
556 |
__leave; |
|
557 |
} |
|
558 |
||
559 |
// Acquire a hash object handle. |
|
560 |
if (::CryptCreateHash(HCRYPTPROV(hCryptProvAlt), algId, 0, 0, |
|
561 |
&hHash) == FALSE) |
|
562 |
{ |
|
563 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
564 |
__leave; |
|
565 |
} |
|
2 | 566 |
} |
567 |
||
568 |
// Copy hash from Java to native buffer |
|
569 |
pHashBuffer = new jbyte[jHashSize]; |
|
570 |
env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer); |
|
571 |
||
572 |
// Set hash value in the hash object |
|
573 |
if (::CryptSetHashParam(hHash, HP_HASHVAL, (BYTE*)pHashBuffer, NULL) == FALSE) |
|
574 |
{ |
|
575 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
576 |
__leave; |
|
577 |
} |
|
578 |
||
579 |
// Determine key spec. |
|
580 |
DWORD dwKeySpec = AT_SIGNATURE; |
|
581 |
ALG_ID dwAlgId; |
|
582 |
DWORD dwAlgIdLen = sizeof(ALG_ID); |
|
583 |
||
584 |
if (! ::CryptGetKeyParam((HCRYPTKEY) hCryptKey, KP_ALGID, (BYTE*)&dwAlgId, &dwAlgIdLen, 0)) { |
|
585 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
586 |
__leave; |
|
587 |
||
588 |
} |
|
589 |
if (CALG_RSA_KEYX == dwAlgId) { |
|
590 |
dwKeySpec = AT_KEYEXCHANGE; |
|
591 |
} |
|
592 |
||
593 |
// Determine size of buffer |
|
594 |
DWORD dwBufLen = 0; |
|
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
595 |
DWORD dwFlags = 0; |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
596 |
|
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
597 |
if (noHashOID == JNI_TRUE) { |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
598 |
dwFlags = CRYPT_NOHASHOID; // omit hash OID in NONEwithRSA signature |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
599 |
} |
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
600 |
|
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
601 |
if (::CryptSignHash(hHash, dwKeySpec, NULL, dwFlags, NULL, &dwBufLen) == FALSE) |
2 | 602 |
{ |
603 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
604 |
__leave; |
|
605 |
} |
|
606 |
||
607 |
pSignedHashBuffer = new jbyte[dwBufLen]; |
|
9533
13cc5e8eb9f1
6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
vinnie
parents:
9524
diff
changeset
|
608 |
if (::CryptSignHash(hHash, dwKeySpec, NULL, dwFlags, (BYTE*)pSignedHashBuffer, &dwBufLen) == FALSE) |
2 | 609 |
{ |
610 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
611 |
__leave; |
|
612 |
} |
|
613 |
||
614 |
// Create new byte array |
|
615 |
jbyteArray temp = env->NewByteArray(dwBufLen); |
|
616 |
||
617 |
// Copy data from native buffer |
|
618 |
env->SetByteArrayRegion(temp, 0, dwBufLen, pSignedHashBuffer); |
|
619 |
||
620 |
jSignedHash = temp; |
|
621 |
} |
|
622 |
__finally |
|
623 |
{ |
|
624 |
if (pSignedHashBuffer) |
|
625 |
delete [] pSignedHashBuffer; |
|
626 |
||
627 |
if (pHashBuffer) |
|
628 |
delete [] pHashBuffer; |
|
629 |
||
630 |
if (hHash) |
|
631 |
::CryptDestroyHash(hHash); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
632 |
|
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
633 |
if (hCryptProvAlt) |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
634 |
::CryptReleaseContext(hCryptProvAlt, 0); |
2 | 635 |
} |
636 |
||
637 |
return jSignedHash; |
|
638 |
} |
|
639 |
||
640 |
/* |
|
641 |
* Class: sun_security_mscapi_RSASignature |
|
642 |
* Method: verifySignedHash |
|
643 |
* Signature: ([BIL/java/lang/String;[BIJJ)Z |
|
644 |
*/ |
|
645 |
JNIEXPORT jboolean JNICALL Java_sun_security_mscapi_RSASignature_verifySignedHash |
|
646 |
(JNIEnv *env, jclass clazz, jbyteArray jHash, jint jHashSize, |
|
647 |
jstring jHashAlgorithm, jbyteArray jSignedHash, jint jSignedHashSize, |
|
648 |
jlong hCryptProv, jlong hCryptKey) |
|
649 |
{ |
|
650 |
HCRYPTHASH hHash = NULL; |
|
651 |
jbyte* pHashBuffer = NULL; |
|
652 |
jbyte* pSignedHashBuffer = NULL; |
|
653 |
DWORD dwSignedHashBufferLen = jSignedHashSize; |
|
654 |
jboolean result = JNI_FALSE; |
|
9524 | 655 |
HCRYPTPROV hCryptProvAlt = NULL; |
2 | 656 |
|
657 |
__try |
|
658 |
{ |
|
659 |
// Map hash algorithm |
|
660 |
ALG_ID algId = MapHashAlgorithm(env, jHashAlgorithm); |
|
661 |
||
662 |
// Acquire a hash object handle. |
|
663 |
if (::CryptCreateHash(HCRYPTPROV(hCryptProv), algId, 0, 0, &hHash) |
|
664 |
== FALSE) |
|
665 |
{ |
|
9524 | 666 |
// Failover to using the PROV_RSA_AES CSP |
667 |
||
668 |
DWORD cbData = 256; |
|
669 |
BYTE pbData[256]; |
|
670 |
pbData[0] = '\0'; |
|
671 |
||
672 |
// Get name of the key container |
|
673 |
::CryptGetProvParam((HCRYPTPROV)hCryptProv, PP_CONTAINER, |
|
674 |
(BYTE *)pbData, &cbData, 0); |
|
675 |
||
676 |
// Acquire an alternative CSP handle |
|
677 |
if (::CryptAcquireContext(&hCryptProvAlt, LPCSTR(pbData), NULL, |
|
678 |
PROV_RSA_AES, 0) == FALSE) |
|
679 |
{ |
|
680 |
||
681 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
682 |
__leave; |
|
683 |
} |
|
684 |
||
685 |
// Acquire a hash object handle. |
|
686 |
if (::CryptCreateHash(HCRYPTPROV(hCryptProvAlt), algId, 0, 0, |
|
687 |
&hHash) == FALSE) |
|
688 |
{ |
|
689 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
690 |
__leave; |
|
691 |
} |
|
2 | 692 |
} |
693 |
||
694 |
// Copy hash and signedHash from Java to native buffer |
|
695 |
pHashBuffer = new jbyte[jHashSize]; |
|
696 |
env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer); |
|
697 |
pSignedHashBuffer = new jbyte[jSignedHashSize]; |
|
698 |
env->GetByteArrayRegion(jSignedHash, 0, jSignedHashSize, |
|
699 |
pSignedHashBuffer); |
|
700 |
||
701 |
// Set hash value in the hash object |
|
702 |
if (::CryptSetHashParam(hHash, HP_HASHVAL, (BYTE*) pHashBuffer, NULL) |
|
703 |
== FALSE) |
|
704 |
{ |
|
705 |
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); |
|
706 |
__leave; |
|
707 |
} |
|
708 |
||
709 |
// For RSA, the hash encryption algorithm is normally the same as the |
|
710 |
// public key algorithm, so AT_SIGNATURE is used. |
|
711 |
||
712 |
// Verify the signature |
|
713 |
if (::CryptVerifySignatureA(hHash, (BYTE *) pSignedHashBuffer, |
|
714 |
dwSignedHashBufferLen, (HCRYPTKEY) hCryptKey, NULL, 0) == TRUE) |
|
715 |
{ |
|
716 |
result = JNI_TRUE; |
|
717 |
} |
|
718 |
} |
|
719 |
||
720 |
__finally |
|
721 |
{ |
|
722 |
if (pSignedHashBuffer) |
|
723 |
delete [] pSignedHashBuffer; |
|
724 |
||
725 |
if (pHashBuffer) |
|
726 |
delete [] pHashBuffer; |
|
727 |
||
728 |
if (hHash) |
|
729 |
::CryptDestroyHash(hHash); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
730 |
|
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
731 |
if (hCryptProvAlt) |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
732 |
::CryptReleaseContext(hCryptProvAlt, 0); |
2 | 733 |
} |
734 |
||
735 |
return result; |
|
736 |
} |
|
737 |
||
738 |
/* |
|
739 |
* Class: sun_security_mscapi_RSAKeyPairGenerator |
|
740 |
* Method: generateRSAKeyPair |
|
741 |
* Signature: (ILjava/lang/String;)Lsun/security/mscapi/RSAKeyPair; |
|
742 |
*/ |
|
743 |
JNIEXPORT jobject JNICALL Java_sun_security_mscapi_RSAKeyPairGenerator_generateRSAKeyPair |
|
744 |
(JNIEnv *env, jclass clazz, jint keySize, jstring keyContainerName) |
|
745 |
{ |
|
746 |
HCRYPTPROV hCryptProv = NULL; |
|
747 |
HCRYPTKEY hKeyPair; |
|
748 |
DWORD dwFlags = (keySize << 16) | CRYPT_EXPORTABLE; |
|
9674
5d8476e6e47a
6987652: VM crashed in sun.security.mscapi.RSAKeyPairGenerator.generateRSAKeyPair(...)
vinnie
parents:
9533
diff
changeset
|
749 |
jobject keypair = NULL; |
2 | 750 |
const char* pszKeyContainerName = NULL; // UUID |
751 |
||
752 |
__try |
|
753 |
{ |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
754 |
if ((pszKeyContainerName = |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
755 |
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
756 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
757 |
} |
2 | 758 |
|
759 |
// Acquire a CSP context (create a new key container). |
|
9524 | 760 |
// Prefer a PROV_RSA_AES CSP, when available, due to its support |
761 |
// for SHA-2-based signatures. |
|
2 | 762 |
if (::CryptAcquireContext( |
763 |
&hCryptProv, |
|
764 |
pszKeyContainerName, |
|
765 |
NULL, |
|
9524 | 766 |
PROV_RSA_AES, |
2 | 767 |
CRYPT_NEWKEYSET) == FALSE) |
768 |
{ |
|
9524 | 769 |
// Failover to using the default CSP (PROV_RSA_FULL) |
770 |
||
771 |
if (::CryptAcquireContext( |
|
772 |
&hCryptProv, |
|
773 |
pszKeyContainerName, |
|
774 |
NULL, |
|
775 |
PROV_RSA_FULL, |
|
776 |
CRYPT_NEWKEYSET) == FALSE) |
|
777 |
{ |
|
778 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
779 |
__leave; |
|
780 |
} |
|
2 | 781 |
} |
782 |
||
783 |
// Generate an RSA keypair |
|
784 |
if(::CryptGenKey( |
|
785 |
hCryptProv, |
|
786 |
AT_KEYEXCHANGE, |
|
787 |
dwFlags, |
|
788 |
&hKeyPair) == FALSE) |
|
789 |
{ |
|
790 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
791 |
__leave; |
|
792 |
} |
|
793 |
||
794 |
// Get the method ID for the RSAKeyPair constructor |
|
795 |
jclass clazzRSAKeyPair = |
|
796 |
env->FindClass("sun/security/mscapi/RSAKeyPair"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
797 |
if (clazzRSAKeyPair == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
798 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
799 |
} |
2 | 800 |
|
801 |
jmethodID mNewRSAKeyPair = |
|
802 |
env->GetMethodID(clazzRSAKeyPair, "<init>", "(JJI)V"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
803 |
if (mNewRSAKeyPair == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
804 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
805 |
} |
2 | 806 |
|
807 |
// Create a new RSA keypair |
|
808 |
keypair = env->NewObject(clazzRSAKeyPair, mNewRSAKeyPair, |
|
809 |
(jlong) hCryptProv, (jlong) hKeyPair, keySize); |
|
810 |
||
811 |
} |
|
812 |
__finally |
|
813 |
{ |
|
814 |
//-------------------------------------------------------------------- |
|
815 |
// Clean up. |
|
816 |
||
817 |
if (pszKeyContainerName) |
|
818 |
env->ReleaseStringUTFChars(keyContainerName, pszKeyContainerName); |
|
819 |
} |
|
820 |
||
821 |
return keypair; |
|
822 |
} |
|
823 |
||
824 |
/* |
|
825 |
* Class: sun_security_mscapi_Key |
|
826 |
* Method: getContainerName |
|
827 |
* Signature: (J)Ljava/lang/String; |
|
828 |
*/ |
|
829 |
JNIEXPORT jstring JNICALL Java_sun_security_mscapi_Key_getContainerName |
|
830 |
(JNIEnv *env, jclass jclazz, jlong hCryptProv) |
|
831 |
{ |
|
832 |
DWORD cbData = 256; |
|
833 |
BYTE pbData[256]; |
|
834 |
pbData[0] = '\0'; |
|
835 |
||
836 |
::CryptGetProvParam( |
|
837 |
(HCRYPTPROV)hCryptProv, |
|
838 |
PP_CONTAINER, |
|
839 |
(BYTE *)pbData, |
|
840 |
&cbData, |
|
841 |
0); |
|
842 |
||
843 |
return env->NewStringUTF((const char*)pbData); |
|
844 |
} |
|
845 |
||
846 |
/* |
|
847 |
* Class: sun_security_mscapi_Key |
|
848 |
* Method: getKeyType |
|
849 |
* Signature: (J)Ljava/lang/String; |
|
850 |
*/ |
|
851 |
JNIEXPORT jstring JNICALL Java_sun_security_mscapi_Key_getKeyType |
|
852 |
(JNIEnv *env, jclass jclazz, jlong hCryptKey) |
|
853 |
{ |
|
854 |
ALG_ID dwAlgId; |
|
855 |
DWORD dwAlgIdLen = sizeof(ALG_ID); |
|
856 |
||
857 |
if (::CryptGetKeyParam((HCRYPTKEY) hCryptKey, KP_ALGID, (BYTE*)&dwAlgId, &dwAlgIdLen, 0)) { |
|
858 |
||
859 |
if (CALG_RSA_SIGN == dwAlgId) { |
|
860 |
return env->NewStringUTF("Signature"); |
|
861 |
||
862 |
} else if (CALG_RSA_KEYX == dwAlgId) { |
|
863 |
return env->NewStringUTF("Exchange"); |
|
864 |
||
865 |
} else { |
|
866 |
char buffer[64]; |
|
867 |
if (sprintf(buffer, "%lu", dwAlgId)) { |
|
868 |
return env->NewStringUTF(buffer); |
|
869 |
} |
|
870 |
} |
|
871 |
} |
|
872 |
||
873 |
return env->NewStringUTF("<Unknown>"); |
|
874 |
} |
|
875 |
||
876 |
/* |
|
877 |
* Class: sun_security_mscapi_KeyStore |
|
878 |
* Method: storeCertificate |
|
879 |
* Signature: (Ljava/lang/String;Ljava/lang/String;[BIJJ)V |
|
880 |
*/ |
|
881 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_storeCertificate |
|
882 |
(JNIEnv *env, jobject obj, jstring jCertStoreName, jstring jCertAliasName, |
|
883 |
jbyteArray jCertEncoding, jint jCertEncodingSize, jlong hCryptProv, |
|
884 |
jlong hCryptKey) |
|
885 |
{ |
|
886 |
const char* pszCertStoreName = NULL; |
|
887 |
HCERTSTORE hCertStore = NULL; |
|
888 |
PCCERT_CONTEXT pCertContext = NULL; |
|
889 |
PWCHAR pszCertAliasName = NULL; |
|
890 |
jbyte* pbCertEncoding = NULL; |
|
891 |
const jchar* jCertAliasChars = NULL; |
|
892 |
const char* pszContainerName = NULL; |
|
893 |
const char* pszProviderName = NULL; |
|
894 |
WCHAR * pwszContainerName = NULL; |
|
895 |
WCHAR * pwszProviderName = NULL; |
|
896 |
||
897 |
__try |
|
898 |
{ |
|
899 |
// Open a system certificate store. |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
900 |
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
901 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
902 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
903 |
} |
2 | 904 |
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) == NULL) { |
905 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
906 |
__leave; |
|
907 |
} |
|
908 |
||
909 |
// Copy encoding from Java to native buffer |
|
910 |
pbCertEncoding = new jbyte[jCertEncodingSize]; |
|
911 |
env->GetByteArrayRegion(jCertEncoding, 0, jCertEncodingSize, pbCertEncoding); |
|
912 |
||
913 |
// Create a certificate context from the encoded cert |
|
914 |
if (!(pCertContext = ::CertCreateCertificateContext(X509_ASN_ENCODING, |
|
915 |
(BYTE*) pbCertEncoding, jCertEncodingSize))) { |
|
916 |
||
917 |
ThrowException(env, CERTIFICATE_PARSING_EXCEPTION, GetLastError()); |
|
918 |
__leave; |
|
919 |
} |
|
920 |
||
921 |
// Set the certificate's friendly name |
|
922 |
int size = env->GetStringLength(jCertAliasName); |
|
923 |
pszCertAliasName = new WCHAR[size + 1]; |
|
924 |
||
925 |
jCertAliasChars = env->GetStringChars(jCertAliasName, NULL); |
|
926 |
memcpy(pszCertAliasName, jCertAliasChars, size * sizeof(WCHAR)); |
|
927 |
pszCertAliasName[size] = 0; // append the string terminator |
|
928 |
||
929 |
CRYPT_DATA_BLOB friendlyName = { |
|
930 |
sizeof(WCHAR) * (size + 1), |
|
931 |
(BYTE *) pszCertAliasName |
|
932 |
}; |
|
933 |
||
934 |
env->ReleaseStringChars(jCertAliasName, jCertAliasChars); |
|
935 |
||
936 |
if (! ::CertSetCertificateContextProperty(pCertContext, |
|
937 |
CERT_FRIENDLY_NAME_PROP_ID, 0, &friendlyName)) { |
|
938 |
||
939 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
940 |
__leave; |
|
941 |
} |
|
942 |
||
943 |
// Attach the certificate's private key (if supplied) |
|
944 |
if (hCryptProv != 0 && hCryptKey != 0) { |
|
945 |
||
946 |
CRYPT_KEY_PROV_INFO keyProviderInfo; |
|
947 |
DWORD dwDataLen; |
|
948 |
||
949 |
// Get the name of the key container |
|
950 |
if (! ::CryptGetProvParam( |
|
951 |
(HCRYPTPROV) hCryptProv, |
|
952 |
PP_CONTAINER, |
|
953 |
NULL, |
|
954 |
&dwDataLen, |
|
955 |
0)) { |
|
956 |
||
957 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
958 |
__leave; |
|
959 |
} |
|
960 |
||
961 |
pszContainerName = new char[dwDataLen]; |
|
962 |
||
963 |
if (! ::CryptGetProvParam( |
|
964 |
(HCRYPTPROV) hCryptProv, |
|
965 |
PP_CONTAINER, |
|
966 |
(BYTE *) pszContainerName, |
|
967 |
&dwDataLen, |
|
968 |
0)) { |
|
969 |
||
970 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
971 |
__leave; |
|
972 |
} |
|
973 |
||
974 |
// Convert to a wide char string |
|
975 |
pwszContainerName = new WCHAR[dwDataLen]; |
|
976 |
||
977 |
if (mbstowcs(pwszContainerName, pszContainerName, dwDataLen) == 0) { |
|
978 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
979 |
__leave; |
|
980 |
} |
|
981 |
||
982 |
// Set the name of the key container |
|
983 |
keyProviderInfo.pwszContainerName = pwszContainerName; |
|
984 |
||
985 |
||
986 |
// Get the name of the provider |
|
987 |
if (! ::CryptGetProvParam( |
|
988 |
(HCRYPTPROV) hCryptProv, |
|
989 |
PP_NAME, |
|
990 |
NULL, |
|
991 |
&dwDataLen, |
|
992 |
0)) { |
|
993 |
||
994 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
995 |
__leave; |
|
996 |
} |
|
997 |
||
998 |
pszProviderName = new char[dwDataLen]; |
|
999 |
||
1000 |
if (! ::CryptGetProvParam( |
|
1001 |
(HCRYPTPROV) hCryptProv, |
|
1002 |
PP_NAME, |
|
1003 |
(BYTE *) pszProviderName, |
|
1004 |
&dwDataLen, |
|
1005 |
0)) { |
|
1006 |
||
1007 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1008 |
__leave; |
|
1009 |
} |
|
1010 |
||
1011 |
// Convert to a wide char string |
|
1012 |
pwszProviderName = new WCHAR[dwDataLen]; |
|
1013 |
||
1014 |
if (mbstowcs(pwszProviderName, pszProviderName, dwDataLen) == 0) { |
|
1015 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1016 |
__leave; |
|
1017 |
} |
|
1018 |
||
1019 |
// Set the name of the provider |
|
1020 |
keyProviderInfo.pwszProvName = pwszProviderName; |
|
1021 |
||
1022 |
// Get and set the type of the provider |
|
1023 |
if (! ::CryptGetProvParam( |
|
1024 |
(HCRYPTPROV) hCryptProv, |
|
1025 |
PP_PROVTYPE, |
|
1026 |
(LPBYTE) &keyProviderInfo.dwProvType, |
|
1027 |
&dwDataLen, |
|
1028 |
0)) { |
|
1029 |
||
1030 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1031 |
__leave; |
|
1032 |
} |
|
1033 |
||
1034 |
// Set no provider flags |
|
1035 |
keyProviderInfo.dwFlags = 0; |
|
1036 |
||
1037 |
// Set no provider parameters |
|
1038 |
keyProviderInfo.cProvParam = 0; |
|
1039 |
keyProviderInfo.rgProvParam = NULL; |
|
1040 |
||
1041 |
// Get the key's algorithm ID |
|
1042 |
if (! ::CryptGetKeyParam( |
|
1043 |
(HCRYPTKEY) hCryptKey, |
|
1044 |
KP_ALGID, |
|
1045 |
(LPBYTE) &keyProviderInfo.dwKeySpec, |
|
1046 |
&dwDataLen, |
|
1047 |
0)) { |
|
1048 |
||
1049 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1050 |
__leave; |
|
1051 |
} |
|
1052 |
// Set the key spec (using the algorithm ID). |
|
1053 |
switch (keyProviderInfo.dwKeySpec) { |
|
1054 |
case CALG_RSA_KEYX: |
|
1055 |
case CALG_DH_SF: |
|
1056 |
keyProviderInfo.dwKeySpec = AT_KEYEXCHANGE; |
|
1057 |
break; |
|
1058 |
||
1059 |
case CALG_RSA_SIGN: |
|
1060 |
case CALG_DSS_SIGN: |
|
1061 |
keyProviderInfo.dwKeySpec = AT_SIGNATURE; |
|
1062 |
break; |
|
1063 |
||
1064 |
default: |
|
1065 |
ThrowException(env, KEYSTORE_EXCEPTION, NTE_BAD_ALGID); |
|
1066 |
__leave; |
|
1067 |
} |
|
1068 |
||
1069 |
if (! ::CertSetCertificateContextProperty(pCertContext, |
|
1070 |
CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProviderInfo)) { |
|
1071 |
||
1072 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1073 |
__leave; |
|
1074 |
} |
|
1075 |
} |
|
1076 |
||
1077 |
// Import encoded certificate |
|
1078 |
if (!::CertAddCertificateContextToStore(hCertStore, pCertContext, |
|
1079 |
CERT_STORE_ADD_REPLACE_EXISTING, NULL)) |
|
1080 |
{ |
|
1081 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1082 |
__leave; |
|
1083 |
} |
|
1084 |
||
1085 |
} |
|
1086 |
__finally |
|
1087 |
{ |
|
1088 |
//-------------------------------------------------------------------- |
|
1089 |
// Clean up. |
|
1090 |
||
1091 |
if (hCertStore) |
|
1092 |
::CertCloseStore(hCertStore, 0); |
|
1093 |
||
1094 |
if (pszCertStoreName) |
|
1095 |
env->ReleaseStringUTFChars(jCertStoreName, pszCertStoreName); |
|
1096 |
||
1097 |
if (pbCertEncoding) |
|
1098 |
delete [] pbCertEncoding; |
|
1099 |
||
1100 |
if (pszCertAliasName) |
|
1101 |
delete [] pszCertAliasName; |
|
1102 |
||
1103 |
if (pszContainerName) |
|
1104 |
delete [] pszContainerName; |
|
1105 |
||
1106 |
if (pwszContainerName) |
|
1107 |
delete [] pwszContainerName; |
|
1108 |
||
1109 |
if (pszProviderName) |
|
1110 |
delete [] pszProviderName; |
|
1111 |
||
1112 |
if (pwszProviderName) |
|
1113 |
delete [] pwszProviderName; |
|
1114 |
||
1115 |
if (pCertContext) |
|
1116 |
::CertFreeCertificateContext(pCertContext); |
|
1117 |
} |
|
1118 |
} |
|
1119 |
||
1120 |
/* |
|
1121 |
* Class: sun_security_mscapi_KeyStore |
|
1122 |
* Method: removeCertificate |
|
1123 |
* Signature: (Ljava/lang/String;Ljava/lang/String;[BI)V |
|
1124 |
*/ |
|
1125 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_removeCertificate |
|
1126 |
(JNIEnv *env, jobject obj, jstring jCertStoreName, jstring jCertAliasName, |
|
1127 |
jbyteArray jCertEncoding, jint jCertEncodingSize) { |
|
1128 |
||
1129 |
const char* pszCertStoreName = NULL; |
|
1130 |
const char* pszCertAliasName = NULL; |
|
1131 |
HCERTSTORE hCertStore = NULL; |
|
1132 |
PCCERT_CONTEXT pCertContext = NULL; |
|
1133 |
PCCERT_CONTEXT pTBDCertContext = NULL; |
|
1134 |
jbyte* pbCertEncoding = NULL; |
|
1135 |
DWORD cchNameString = 0; |
|
1136 |
char* pszNameString = NULL; // certificate's friendly name |
|
1137 |
BOOL bDeleteAttempted = FALSE; |
|
1138 |
||
1139 |
__try |
|
1140 |
{ |
|
1141 |
// Open a system certificate store. |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1142 |
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1143 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1144 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1145 |
} |
2 | 1146 |
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) == NULL) { |
1147 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1148 |
__leave; |
|
1149 |
} |
|
1150 |
||
1151 |
// Copy encoding from Java to native buffer |
|
1152 |
pbCertEncoding = new jbyte[jCertEncodingSize]; |
|
1153 |
env->GetByteArrayRegion(jCertEncoding, 0, jCertEncodingSize, pbCertEncoding); |
|
1154 |
||
1155 |
// Create a certificate context from the encoded cert |
|
1156 |
if (!(pCertContext = ::CertCreateCertificateContext(X509_ASN_ENCODING, |
|
1157 |
(BYTE*) pbCertEncoding, jCertEncodingSize))) { |
|
1158 |
||
1159 |
ThrowException(env, CERTIFICATE_PARSING_EXCEPTION, GetLastError()); |
|
1160 |
__leave; |
|
1161 |
} |
|
1162 |
||
1163 |
// Find the certificate to be deleted |
|
1164 |
if (!(pTBDCertContext = ::CertFindCertificateInStore(hCertStore, |
|
1165 |
X509_ASN_ENCODING, 0, CERT_FIND_EXISTING, pCertContext, NULL))) { |
|
1166 |
||
1167 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1168 |
__leave; |
|
1169 |
} |
|
1170 |
||
1171 |
// Check that its friendly name matches the supplied alias |
|
1172 |
if ((cchNameString = ::CertGetNameString(pTBDCertContext, |
|
1173 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, NULL, 0)) > 1) { |
|
1174 |
||
1175 |
pszNameString = new char[cchNameString]; |
|
1176 |
||
1177 |
::CertGetNameString(pTBDCertContext, |
|
1178 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, pszNameString, |
|
1179 |
cchNameString); |
|
1180 |
||
1181 |
// Compare the certificate's friendly name with supplied alias name |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1182 |
if ((pszCertAliasName = env->GetStringUTFChars(jCertAliasName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1183 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1184 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1185 |
} |
2 | 1186 |
if (strcmp(pszCertAliasName, pszNameString) == 0) { |
1187 |
||
1188 |
// Only delete the certificate if the alias names matches |
|
1189 |
if (! ::CertDeleteCertificateFromStore(pTBDCertContext)) { |
|
1190 |
||
1191 |
// pTBDCertContext is always freed by the |
|
1192 |
// CertDeleteCertificateFromStore method |
|
1193 |
bDeleteAttempted = TRUE; |
|
1194 |
||
1195 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1196 |
__leave; |
|
1197 |
} |
|
1198 |
} |
|
1199 |
} |
|
1200 |
||
1201 |
} |
|
1202 |
__finally |
|
1203 |
{ |
|
1204 |
//-------------------------------------------------------------------- |
|
1205 |
// Clean up. |
|
1206 |
||
1207 |
if (hCertStore) |
|
1208 |
::CertCloseStore(hCertStore, 0); |
|
1209 |
||
1210 |
if (pszCertStoreName) |
|
1211 |
env->ReleaseStringUTFChars(jCertStoreName, pszCertStoreName); |
|
1212 |
||
1213 |
if (pszCertAliasName) |
|
1214 |
env->ReleaseStringUTFChars(jCertAliasName, pszCertAliasName); |
|
1215 |
||
1216 |
if (pbCertEncoding) |
|
1217 |
delete [] pbCertEncoding; |
|
1218 |
||
1219 |
if (pszNameString) |
|
1220 |
delete [] pszNameString; |
|
1221 |
||
1222 |
if (pCertContext) |
|
1223 |
::CertFreeCertificateContext(pCertContext); |
|
1224 |
||
1225 |
if (bDeleteAttempted && pTBDCertContext) |
|
1226 |
::CertFreeCertificateContext(pTBDCertContext); |
|
1227 |
} |
|
1228 |
} |
|
1229 |
||
1230 |
/* |
|
1231 |
* Class: sun_security_mscapi_KeyStore |
|
1232 |
* Method: destroyKeyContainer |
|
1233 |
* Signature: (Ljava/lang/String;)V |
|
1234 |
*/ |
|
1235 |
JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_destroyKeyContainer |
|
1236 |
(JNIEnv *env, jclass clazz, jstring keyContainerName) |
|
1237 |
{ |
|
1238 |
HCRYPTPROV hCryptProv = NULL; |
|
1239 |
const char* pszKeyContainerName = NULL; |
|
1240 |
||
1241 |
__try |
|
1242 |
{ |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1243 |
if ((pszKeyContainerName = |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1244 |
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1245 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1246 |
} |
2 | 1247 |
|
1248 |
// Destroying the default key container is not permitted |
|
1249 |
// (because it may contain more one keypair). |
|
1250 |
if (pszKeyContainerName == NULL) { |
|
1251 |
||
1252 |
ThrowException(env, KEYSTORE_EXCEPTION, NTE_BAD_KEYSET_PARAM); |
|
1253 |
__leave; |
|
1254 |
} |
|
1255 |
||
1256 |
// Acquire a CSP context (to the key container). |
|
1257 |
if (::CryptAcquireContext( |
|
1258 |
&hCryptProv, |
|
1259 |
pszKeyContainerName, |
|
1260 |
NULL, |
|
1261 |
PROV_RSA_FULL, |
|
1262 |
CRYPT_DELETEKEYSET) == FALSE) |
|
1263 |
{ |
|
1264 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1265 |
__leave; |
|
1266 |
} |
|
1267 |
||
1268 |
} |
|
1269 |
__finally |
|
1270 |
{ |
|
1271 |
//-------------------------------------------------------------------- |
|
1272 |
// Clean up. |
|
1273 |
||
1274 |
if (pszKeyContainerName) |
|
1275 |
env->ReleaseStringUTFChars(keyContainerName, pszKeyContainerName); |
|
1276 |
} |
|
1277 |
} |
|
1278 |
||
1279 |
||
1280 |
||
1281 |
||
1282 |
/* |
|
1283 |
* Class: sun_security_mscapi_RSACipher |
|
1284 |
* Method: findCertificateUsingAlias |
|
1285 |
* Signature: (Ljava/lang/String;Ljava/lang/String;)J |
|
1286 |
*/ |
|
1287 |
JNIEXPORT jlong JNICALL Java_sun_security_mscapi_RSACipher_findCertificateUsingAlias |
|
1288 |
(JNIEnv *env, jobject obj, jstring jCertStoreName, jstring jCertAliasName) |
|
1289 |
{ |
|
1290 |
const char* pszCertStoreName = NULL; |
|
1291 |
const char* pszCertAliasName = NULL; |
|
1292 |
HCERTSTORE hCertStore = NULL; |
|
1293 |
PCCERT_CONTEXT pCertContext = NULL; |
|
1294 |
char* pszNameString = NULL; // certificate's friendly name |
|
1295 |
DWORD cchNameString = 0; |
|
1296 |
||
1297 |
__try |
|
1298 |
{ |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1299 |
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1300 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1301 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1302 |
} |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1303 |
if ((pszCertAliasName = env->GetStringUTFChars(jCertAliasName, NULL)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1304 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1305 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1306 |
} |
2 | 1307 |
|
1308 |
// Open a system certificate store. |
|
1309 |
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) == NULL) { |
|
1310 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1311 |
__leave; |
|
1312 |
} |
|
1313 |
||
1314 |
// Use CertEnumCertificatesInStore to get the certificates |
|
1315 |
// from the open store. pCertContext must be reset to |
|
1316 |
// NULL to retrieve the first certificate in the store. |
|
1317 |
while (pCertContext = ::CertEnumCertificatesInStore(hCertStore, pCertContext)) |
|
1318 |
{ |
|
1319 |
if ((cchNameString = ::CertGetNameString(pCertContext, |
|
1320 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, NULL, 0)) == 1) { |
|
1321 |
||
1322 |
continue; // not found |
|
1323 |
} |
|
1324 |
||
1325 |
pszNameString = new char[cchNameString]; |
|
1326 |
||
1327 |
if (::CertGetNameString(pCertContext, |
|
1328 |
CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, pszNameString, |
|
1329 |
cchNameString) == 1) { |
|
1330 |
||
1331 |
continue; // not found |
|
1332 |
} |
|
1333 |
||
1334 |
// Compare the certificate's friendly name with supplied alias name |
|
1335 |
if (strcmp(pszCertAliasName, pszNameString) == 0) { |
|
1336 |
delete [] pszNameString; |
|
1337 |
break; |
|
1338 |
||
1339 |
} else { |
|
1340 |
delete [] pszNameString; |
|
1341 |
} |
|
1342 |
} |
|
1343 |
} |
|
1344 |
__finally |
|
1345 |
{ |
|
1346 |
if (hCertStore) |
|
1347 |
::CertCloseStore(hCertStore, 0); |
|
1348 |
||
1349 |
if (pszCertStoreName) |
|
1350 |
env->ReleaseStringUTFChars(jCertStoreName, pszCertStoreName); |
|
1351 |
||
1352 |
if (pszCertAliasName) |
|
1353 |
env->ReleaseStringUTFChars(jCertAliasName, pszCertAliasName); |
|
1354 |
} |
|
1355 |
||
1356 |
return (jlong) pCertContext; |
|
1357 |
} |
|
1358 |
||
1359 |
/* |
|
1360 |
* Class: sun_security_mscapi_RSACipher |
|
1361 |
* Method: getKeyFromCert |
|
1362 |
* Signature: (JZ)J |
|
1363 |
*/ |
|
1364 |
JNIEXPORT jlong JNICALL Java_sun_security_mscapi_RSACipher_getKeyFromCert |
|
1365 |
(JNIEnv *env, jobject obj, jlong pCertContext, jboolean usePrivateKey) |
|
1366 |
{ |
|
1367 |
HCRYPTPROV hCryptProv = NULL; |
|
1368 |
HCRYPTKEY hKey = NULL; |
|
1369 |
DWORD dwKeySpec; |
|
1370 |
||
1371 |
__try |
|
1372 |
{ |
|
1373 |
if (usePrivateKey == JNI_TRUE) { |
|
1374 |
// Locate the key container for the certificate's private key |
|
1375 |
if (!(::CryptAcquireCertificatePrivateKey( |
|
1376 |
(PCCERT_CONTEXT) pCertContext, 0, NULL, &hCryptProv, |
|
1377 |
&dwKeySpec, NULL))) { |
|
1378 |
||
1379 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1380 |
__leave; |
|
1381 |
} |
|
1382 |
||
1383 |
// Get a handle to the private key |
|
1384 |
if (!(::CryptGetUserKey(hCryptProv, dwKeySpec, &hKey))) { |
|
1385 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1386 |
__leave; |
|
1387 |
} |
|
1388 |
||
1389 |
} else { // use public key |
|
1390 |
||
1391 |
// Acquire a CSP context. |
|
1392 |
if(::CryptAcquireContext( |
|
1393 |
&hCryptProv, |
|
1394 |
"J2SE", |
|
1395 |
NULL, |
|
1396 |
PROV_RSA_FULL, |
|
1397 |
0) == FALSE) |
|
1398 |
{ |
|
1399 |
// If CSP context hasn't been created, create one. |
|
1400 |
// |
|
1401 |
if (::CryptAcquireContext( |
|
1402 |
&hCryptProv, |
|
1403 |
"J2SE", |
|
1404 |
NULL, |
|
1405 |
PROV_RSA_FULL, |
|
1406 |
CRYPT_NEWKEYSET) == FALSE) |
|
1407 |
{ |
|
1408 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1409 |
__leave; |
|
1410 |
} |
|
1411 |
} |
|
1412 |
||
1413 |
// Import the certificate's public key into the key container |
|
1414 |
if (!(::CryptImportPublicKeyInfo(hCryptProv, X509_ASN_ENCODING, |
|
1415 |
&(((PCCERT_CONTEXT) pCertContext)->pCertInfo->SubjectPublicKeyInfo), |
|
1416 |
&hKey))) { |
|
1417 |
||
1418 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1419 |
__leave; |
|
1420 |
} |
|
1421 |
} |
|
1422 |
} |
|
1423 |
__finally |
|
1424 |
{ |
|
1425 |
//-------------------------------------------------------------------- |
|
1426 |
// Clean up. |
|
1427 |
||
1428 |
if (hCryptProv) |
|
1429 |
::CryptReleaseContext(hCryptProv, 0); |
|
1430 |
} |
|
1431 |
||
1432 |
return hKey; // TODO - when finished with this key, call |
|
1433 |
// CryptDestroyKey(hKey) |
|
1434 |
} |
|
1435 |
||
1436 |
/* |
|
1437 |
* Class: sun_security_mscapi_KeyStore |
|
1438 |
* Method: getKeyLength |
|
1439 |
* Signature: (J)I |
|
1440 |
*/ |
|
1441 |
JNIEXPORT jint JNICALL Java_sun_security_mscapi_KeyStore_getKeyLength |
|
1442 |
(JNIEnv *env, jobject obj, jlong hKey) |
|
1443 |
{ |
|
1444 |
DWORD dwDataLen = sizeof(DWORD); |
|
1445 |
BYTE pbData[sizeof(DWORD)]; |
|
1446 |
DWORD length = 0; |
|
1447 |
||
1448 |
__try |
|
1449 |
{ |
|
1450 |
// Get key length (in bits) |
|
1451 |
//TODO - may need to use KP_BLOCKLEN instead? |
|
1452 |
if (!(::CryptGetKeyParam((HCRYPTKEY) hKey, KP_KEYLEN, (BYTE *)pbData, &dwDataLen, |
|
1453 |
0))) { |
|
1454 |
||
1455 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1456 |
__leave; |
|
1457 |
} |
|
1458 |
length = (DWORD) pbData; |
|
1459 |
} |
|
1460 |
__finally |
|
1461 |
{ |
|
1462 |
// no cleanup required |
|
1463 |
} |
|
1464 |
||
1465 |
return (jint) length; |
|
1466 |
} |
|
1467 |
||
1468 |
/* |
|
1469 |
* Class: sun_security_mscapi_RSACipher |
|
1470 |
* Method: encryptDecrypt |
|
1471 |
* Signature: ([BIJZ)[B |
|
1472 |
*/ |
|
1473 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSACipher_encryptDecrypt |
|
1474 |
(JNIEnv *env, jclass clazz, jbyteArray jData, jint jDataSize, jlong hKey, |
|
1475 |
jboolean doEncrypt) |
|
1476 |
{ |
|
1477 |
jbyteArray result = NULL; |
|
1478 |
jbyte* pData = NULL; |
|
1479 |
DWORD dwDataLen = jDataSize; |
|
1480 |
DWORD dwBufLen = env->GetArrayLength(jData); |
|
1481 |
DWORD i; |
|
1482 |
BYTE tmp; |
|
1483 |
||
1484 |
__try |
|
1485 |
{ |
|
1486 |
// Copy data from Java buffer to native buffer |
|
1487 |
pData = new jbyte[dwBufLen]; |
|
1488 |
env->GetByteArrayRegion(jData, 0, dwBufLen, pData); |
|
1489 |
||
1490 |
if (doEncrypt == JNI_TRUE) { |
|
1491 |
// encrypt |
|
1492 |
if (! ::CryptEncrypt((HCRYPTKEY) hKey, 0, TRUE, 0, (BYTE *)pData, |
|
1493 |
&dwDataLen, dwBufLen)) { |
|
1494 |
||
1495 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1496 |
__leave; |
|
1497 |
} |
|
1498 |
dwBufLen = dwDataLen; |
|
1499 |
||
1500 |
// convert from little-endian |
|
1501 |
for (i = 0; i < dwBufLen / 2; i++) { |
|
1502 |
tmp = pData[i]; |
|
1503 |
pData[i] = pData[dwBufLen - i -1]; |
|
1504 |
pData[dwBufLen - i - 1] = tmp; |
|
1505 |
} |
|
1506 |
} else { |
|
1507 |
// convert to little-endian |
|
1508 |
for (i = 0; i < dwBufLen / 2; i++) { |
|
1509 |
tmp = pData[i]; |
|
1510 |
pData[i] = pData[dwBufLen - i -1]; |
|
1511 |
pData[dwBufLen - i - 1] = tmp; |
|
1512 |
} |
|
1513 |
||
1514 |
// decrypt |
|
1515 |
if (! ::CryptDecrypt((HCRYPTKEY) hKey, 0, TRUE, 0, (BYTE *)pData, |
|
1516 |
&dwBufLen)) { |
|
1517 |
||
1518 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1519 |
__leave; |
|
1520 |
} |
|
1521 |
} |
|
1522 |
||
1523 |
// Create new byte array |
|
1524 |
result = env->NewByteArray(dwBufLen); |
|
1525 |
||
1526 |
// Copy data from native buffer to Java buffer |
|
1527 |
env->SetByteArrayRegion(result, 0, dwBufLen, (jbyte*) pData); |
|
1528 |
} |
|
1529 |
__finally |
|
1530 |
{ |
|
1531 |
if (pData) |
|
1532 |
delete [] pData; |
|
1533 |
} |
|
1534 |
||
1535 |
return result; |
|
1536 |
} |
|
1537 |
||
1538 |
/* |
|
1539 |
* Class: sun_security_mscapi_RSAPublicKey |
|
1540 |
* Method: getPublicKeyBlob |
|
1541 |
* Signature: (J)[B |
|
1542 |
*/ |
|
1543 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSAPublicKey_getPublicKeyBlob |
|
1544 |
(JNIEnv *env, jclass clazz, jlong hCryptKey) { |
|
1545 |
||
1546 |
jbyteArray blob = NULL; |
|
1547 |
DWORD dwBlobLen; |
|
9508
310b4f6c8e61
6732372: Some MSCAPI native methods not returning correct exceptions.
vinnie
parents:
5506
diff
changeset
|
1548 |
BYTE* pbKeyBlob = NULL; |
2 | 1549 |
|
1550 |
__try |
|
1551 |
{ |
|
1552 |
||
1553 |
// Determine the size of the blob |
|
1554 |
if (! ::CryptExportKey((HCRYPTKEY) hCryptKey, 0, PUBLICKEYBLOB, 0, NULL, |
|
1555 |
&dwBlobLen)) { |
|
1556 |
||
1557 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1558 |
__leave; |
|
1559 |
} |
|
1560 |
||
1561 |
pbKeyBlob = new BYTE[dwBlobLen]; |
|
1562 |
||
1563 |
// Generate key blob |
|
1564 |
if (! ::CryptExportKey((HCRYPTKEY) hCryptKey, 0, PUBLICKEYBLOB, 0, |
|
1565 |
pbKeyBlob, &dwBlobLen)) { |
|
1566 |
||
1567 |
ThrowException(env, KEY_EXCEPTION, GetLastError()); |
|
1568 |
__leave; |
|
1569 |
} |
|
1570 |
||
1571 |
// Create new byte array |
|
1572 |
blob = env->NewByteArray(dwBlobLen); |
|
1573 |
||
1574 |
// Copy data from native buffer to Java buffer |
|
1575 |
env->SetByteArrayRegion(blob, 0, dwBlobLen, (jbyte*) pbKeyBlob); |
|
1576 |
} |
|
1577 |
__finally |
|
1578 |
{ |
|
1579 |
if (pbKeyBlob) |
|
1580 |
delete [] pbKeyBlob; |
|
1581 |
} |
|
1582 |
||
1583 |
return blob; |
|
1584 |
} |
|
1585 |
||
1586 |
/* |
|
1587 |
* Class: sun_security_mscapi_RSAPublicKey |
|
1588 |
* Method: getExponent |
|
1589 |
* Signature: ([B)[B |
|
1590 |
*/ |
|
1591 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSAPublicKey_getExponent |
|
1592 |
(JNIEnv *env, jclass clazz, jbyteArray jKeyBlob) { |
|
1593 |
||
1594 |
jbyteArray exponent = NULL; |
|
1595 |
jbyte* exponentBytes = NULL; |
|
1596 |
jbyte* keyBlob = NULL; |
|
1597 |
||
1598 |
__try { |
|
1599 |
||
1600 |
jsize length = env->GetArrayLength(jKeyBlob); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1601 |
if ((keyBlob = env->GetByteArrayElements(jKeyBlob, 0)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1602 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1603 |
} |
2 | 1604 |
|
1605 |
PUBLICKEYSTRUC* pPublicKeyStruc = (PUBLICKEYSTRUC *) keyBlob; |
|
1606 |
||
1607 |
// Check BLOB type |
|
1608 |
if (pPublicKeyStruc->bType != PUBLICKEYBLOB) { |
|
1609 |
ThrowException(env, KEY_EXCEPTION, NTE_BAD_TYPE); |
|
1610 |
__leave; |
|
1611 |
} |
|
1612 |
||
1613 |
RSAPUBKEY* pRsaPubKey = |
|
1614 |
(RSAPUBKEY *) (keyBlob + sizeof(PUBLICKEYSTRUC)); |
|
1615 |
int len = sizeof(pRsaPubKey->pubexp); |
|
1616 |
exponentBytes = new jbyte[len]; |
|
1617 |
||
1618 |
// convert from little-endian while copying from blob |
|
1619 |
for (int i = 0, j = len - 1; i < len; i++, j--) { |
|
1620 |
exponentBytes[i] = ((BYTE*) &pRsaPubKey->pubexp)[j]; |
|
1621 |
} |
|
1622 |
||
1623 |
exponent = env->NewByteArray(len); |
|
1624 |
env->SetByteArrayRegion(exponent, 0, len, exponentBytes); |
|
1625 |
} |
|
1626 |
__finally |
|
1627 |
{ |
|
1628 |
if (keyBlob) |
|
1629 |
env->ReleaseByteArrayElements(jKeyBlob, keyBlob, JNI_ABORT); |
|
1630 |
||
1631 |
if (exponentBytes) |
|
1632 |
delete [] exponentBytes; |
|
1633 |
} |
|
1634 |
||
1635 |
return exponent; |
|
1636 |
} |
|
1637 |
||
1638 |
/* |
|
1639 |
* Class: sun_security_mscapi_RSAPublicKey |
|
1640 |
* Method: getModulus |
|
1641 |
* Signature: ([B)[B |
|
1642 |
*/ |
|
1643 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSAPublicKey_getModulus |
|
1644 |
(JNIEnv *env, jclass clazz, jbyteArray jKeyBlob) { |
|
1645 |
||
1646 |
jbyteArray modulus = NULL; |
|
1647 |
jbyte* modulusBytes = NULL; |
|
1648 |
jbyte* keyBlob = NULL; |
|
1649 |
||
1650 |
__try { |
|
1651 |
||
1652 |
jsize length = env->GetArrayLength(jKeyBlob); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1653 |
if ((keyBlob = env->GetByteArrayElements(jKeyBlob, 0)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1654 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1655 |
} |
2 | 1656 |
|
1657 |
PUBLICKEYSTRUC* pPublicKeyStruc = (PUBLICKEYSTRUC *) keyBlob; |
|
1658 |
||
1659 |
// Check BLOB type |
|
1660 |
if (pPublicKeyStruc->bType != PUBLICKEYBLOB) { |
|
1661 |
ThrowException(env, KEY_EXCEPTION, NTE_BAD_TYPE); |
|
1662 |
__leave; |
|
1663 |
} |
|
1664 |
||
1665 |
RSAPUBKEY* pRsaPubKey = |
|
1666 |
(RSAPUBKEY *) (keyBlob + sizeof(PUBLICKEYSTRUC)); |
|
1667 |
int len = pRsaPubKey->bitlen / 8; |
|
1668 |
||
1669 |
modulusBytes = new jbyte[len]; |
|
1670 |
BYTE * pbModulus = |
|
1671 |
(BYTE *) (keyBlob + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY)); |
|
1672 |
||
1673 |
// convert from little-endian while copying from blob |
|
1674 |
for (int i = 0, j = len - 1; i < len; i++, j--) { |
|
1675 |
modulusBytes[i] = pbModulus[j]; |
|
1676 |
} |
|
1677 |
||
1678 |
modulus = env->NewByteArray(len); |
|
1679 |
env->SetByteArrayRegion(modulus, 0, len, modulusBytes); |
|
1680 |
} |
|
1681 |
__finally |
|
1682 |
{ |
|
1683 |
if (keyBlob) |
|
1684 |
env->ReleaseByteArrayElements(jKeyBlob, keyBlob, JNI_ABORT); |
|
1685 |
||
1686 |
if (modulusBytes) |
|
1687 |
delete [] modulusBytes; |
|
1688 |
} |
|
1689 |
||
1690 |
return modulus; |
|
1691 |
} |
|
1692 |
||
1693 |
/* |
|
1694 |
* Convert an array in big-endian byte order into little-endian byte order. |
|
1695 |
*/ |
|
1696 |
int convertToLittleEndian(JNIEnv *env, jbyteArray source, jbyte* destination, |
|
1697 |
int destinationLength) { |
|
1698 |
||
1699 |
int sourceLength = env->GetArrayLength(source); |
|
1700 |
||
1701 |
jbyte* sourceBytes = env->GetByteArrayElements(source, 0); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1702 |
if (sourceBytes == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1703 |
return -1; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1704 |
} |
2 | 1705 |
|
31264
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1706 |
int copyLen = sourceLength; |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1707 |
if (sourceLength > destinationLength) { |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1708 |
// source might include an extra sign byte |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1709 |
if (sourceLength == destinationLength + 1 && sourceBytes[0] == 0) { |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1710 |
copyLen--; |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1711 |
} else { |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1712 |
return -1; |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1713 |
} |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1714 |
} |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1715 |
|
2 | 1716 |
// Copy bytes from the end of the source array to the beginning of the |
1717 |
// destination array (until the destination array is full). |
|
1718 |
// This ensures that the sign byte from the source array will be excluded. |
|
31264
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1719 |
for (int i = 0; i < copyLen; i++) { |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1720 |
destination[i] = sourceBytes[sourceLength - 1 - i]; |
2 | 1721 |
} |
31264
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1722 |
if (copyLen < destinationLength) { |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1723 |
memset(destination + copyLen, 0, destinationLength - copyLen); |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1724 |
} |
2 | 1725 |
|
31264
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1726 |
env->ReleaseByteArrayElements(source, sourceBytes, JNI_ABORT); |
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1727 |
|
896105040033
8023546: sun/security/mscapi/ShortRSAKey1024.sh fails intermittently
weijun
parents:
25859
diff
changeset
|
1728 |
return destinationLength; |
2 | 1729 |
} |
1730 |
||
1731 |
/* |
|
1732 |
* The Microsoft Base Cryptographic Provider supports public-key BLOBs |
|
1733 |
* that have the following format: |
|
1734 |
* |
|
1735 |
* PUBLICKEYSTRUC publickeystruc; |
|
1736 |
* RSAPUBKEY rsapubkey; |
|
1737 |
* BYTE modulus[rsapubkey.bitlen/8]; |
|
1738 |
* |
|
1739 |
* and private-key BLOBs that have the following format: |
|
1740 |
* |
|
1741 |
* PUBLICKEYSTRUC publickeystruc; |
|
1742 |
* RSAPUBKEY rsapubkey; |
|
1743 |
* BYTE modulus[rsapubkey.bitlen/8]; |
|
1744 |
* BYTE prime1[rsapubkey.bitlen/16]; |
|
1745 |
* BYTE prime2[rsapubkey.bitlen/16]; |
|
1746 |
* BYTE exponent1[rsapubkey.bitlen/16]; |
|
1747 |
* BYTE exponent2[rsapubkey.bitlen/16]; |
|
1748 |
* BYTE coefficient[rsapubkey.bitlen/16]; |
|
1749 |
* BYTE privateExponent[rsapubkey.bitlen/8]; |
|
1750 |
* |
|
1751 |
* This method generates such BLOBs from the key elements supplied. |
|
1752 |
*/ |
|
1753 |
jbyteArray generateKeyBlob( |
|
1754 |
JNIEnv *env, |
|
1755 |
jint jKeyBitLength, |
|
1756 |
jbyteArray jModulus, |
|
1757 |
jbyteArray jPublicExponent, |
|
1758 |
jbyteArray jPrivateExponent, |
|
1759 |
jbyteArray jPrimeP, |
|
1760 |
jbyteArray jPrimeQ, |
|
1761 |
jbyteArray jExponentP, |
|
1762 |
jbyteArray jExponentQ, |
|
1763 |
jbyteArray jCrtCoefficient) |
|
1764 |
{ |
|
1765 |
jsize jKeyByteLength = jKeyBitLength / 8; |
|
1766 |
jsize jBlobLength; |
|
1767 |
BOOL bGeneratePrivateKeyBlob; |
|
1768 |
||
1769 |
// Determine whether to generate a public-key or a private-key BLOB |
|
1770 |
if (jPrivateExponent != NULL && |
|
1771 |
jPrimeP != NULL && |
|
1772 |
jPrimeQ != NULL && |
|
1773 |
jExponentP != NULL && |
|
1774 |
jExponentQ != NULL && |
|
1775 |
jCrtCoefficient != NULL) { |
|
1776 |
||
1777 |
bGeneratePrivateKeyBlob = TRUE; |
|
1778 |
jBlobLength = sizeof(BLOBHEADER) + |
|
1779 |
sizeof(RSAPUBKEY) + |
|
1780 |
((jKeyBitLength / 8) * 4) + |
|
1781 |
(jKeyBitLength / 16); |
|
1782 |
||
1783 |
} else { |
|
1784 |
bGeneratePrivateKeyBlob = FALSE; |
|
1785 |
jBlobLength = sizeof(BLOBHEADER) + |
|
1786 |
sizeof(RSAPUBKEY) + |
|
1787 |
(jKeyBitLength / 8); |
|
1788 |
} |
|
1789 |
||
1790 |
jbyte* jBlobBytes = new jbyte[jBlobLength]; |
|
1791 |
jbyte* jBlobElement; |
|
1792 |
jbyteArray jBlob = NULL; |
|
1793 |
jsize jElementLength; |
|
1794 |
||
1795 |
__try { |
|
1796 |
||
1797 |
BLOBHEADER *pBlobHeader = (BLOBHEADER *) jBlobBytes; |
|
1798 |
if (bGeneratePrivateKeyBlob) { |
|
1799 |
pBlobHeader->bType = PRIVATEKEYBLOB; // 0x07 |
|
1800 |
} else { |
|
1801 |
pBlobHeader->bType = PUBLICKEYBLOB; // 0x06 |
|
1802 |
} |
|
1803 |
pBlobHeader->bVersion = CUR_BLOB_VERSION; // 0x02 |
|
1804 |
pBlobHeader->reserved = 0; // 0x0000 |
|
1805 |
pBlobHeader->aiKeyAlg = CALG_RSA_KEYX; // 0x0000a400 |
|
1806 |
||
1807 |
RSAPUBKEY *pRsaPubKey = |
|
1808 |
(RSAPUBKEY *) (jBlobBytes + sizeof(PUBLICKEYSTRUC)); |
|
1809 |
if (bGeneratePrivateKeyBlob) { |
|
1810 |
pRsaPubKey->magic = 0x32415352; // "RSA2" |
|
1811 |
} else { |
|
1812 |
pRsaPubKey->magic = 0x31415352; // "RSA1" |
|
1813 |
} |
|
1814 |
pRsaPubKey->bitlen = jKeyBitLength; |
|
1815 |
pRsaPubKey->pubexp = 0; // init |
|
1816 |
||
1817 |
// Sanity check |
|
1818 |
jsize jPublicExponentLength = env->GetArrayLength(jPublicExponent); |
|
1819 |
if (jPublicExponentLength > sizeof(pRsaPubKey->pubexp)) { |
|
9508
310b4f6c8e61
6732372: Some MSCAPI native methods not returning correct exceptions.
vinnie
parents:
5506
diff
changeset
|
1820 |
ThrowException(env, INVALID_KEY_EXCEPTION, NTE_BAD_TYPE); |
2 | 1821 |
__leave; |
1822 |
} |
|
1823 |
// The length argument must be the smaller of jPublicExponentLength |
|
1824 |
// and sizeof(pRsaPubKey->pubkey) |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1825 |
if ((jElementLength = convertToLittleEndian(env, jPublicExponent, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1826 |
(jbyte *) &(pRsaPubKey->pubexp), jPublicExponentLength)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1827 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1828 |
} |
2 | 1829 |
|
1830 |
// Modulus n |
|
1831 |
jBlobElement = |
|
1832 |
(jbyte *) (jBlobBytes + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY)); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1833 |
if ((jElementLength = convertToLittleEndian(env, jModulus, jBlobElement, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1834 |
jKeyByteLength)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1835 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1836 |
} |
2 | 1837 |
|
1838 |
if (bGeneratePrivateKeyBlob) { |
|
1839 |
// Prime p |
|
1840 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1841 |
if ((jElementLength = convertToLittleEndian(env, jPrimeP, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1842 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1843 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1844 |
} |
2 | 1845 |
|
1846 |
// Prime q |
|
1847 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1848 |
if ((jElementLength = convertToLittleEndian(env, jPrimeQ, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1849 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1850 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1851 |
} |
2 | 1852 |
|
1853 |
// Prime exponent p |
|
1854 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1855 |
if ((jElementLength = convertToLittleEndian(env, jExponentP, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1856 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1857 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1858 |
} |
2 | 1859 |
|
1860 |
// Prime exponent q |
|
1861 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1862 |
if ((jElementLength = convertToLittleEndian(env, jExponentQ, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1863 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1864 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1865 |
} |
2 | 1866 |
|
1867 |
// CRT coefficient |
|
1868 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1869 |
if ((jElementLength = convertToLittleEndian(env, jCrtCoefficient, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1870 |
jBlobElement, jKeyByteLength / 2)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1871 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1872 |
} |
2 | 1873 |
|
1874 |
// Private exponent |
|
1875 |
jBlobElement += jElementLength; |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1876 |
if ((jElementLength = convertToLittleEndian(env, jPrivateExponent, |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1877 |
jBlobElement, jKeyByteLength)) < 0) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1878 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1879 |
} |
2 | 1880 |
} |
1881 |
||
1882 |
jBlob = env->NewByteArray(jBlobLength); |
|
1883 |
env->SetByteArrayRegion(jBlob, 0, jBlobLength, jBlobBytes); |
|
1884 |
||
1885 |
} |
|
1886 |
__finally |
|
1887 |
{ |
|
1888 |
if (jBlobBytes) |
|
1889 |
delete [] jBlobBytes; |
|
1890 |
} |
|
1891 |
||
1892 |
return jBlob; |
|
1893 |
} |
|
1894 |
||
1895 |
/* |
|
1896 |
* Class: sun_security_mscapi_KeyStore |
|
1897 |
* Method: generatePrivateKeyBlob |
|
1898 |
* Signature: (I[B[B[B[B[B[B[B[B)[B |
|
1899 |
*/ |
|
1900 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_KeyStore_generatePrivateKeyBlob |
|
1901 |
(JNIEnv *env, jclass clazz, |
|
1902 |
jint jKeyBitLength, |
|
1903 |
jbyteArray jModulus, |
|
1904 |
jbyteArray jPublicExponent, |
|
1905 |
jbyteArray jPrivateExponent, |
|
1906 |
jbyteArray jPrimeP, |
|
1907 |
jbyteArray jPrimeQ, |
|
1908 |
jbyteArray jExponentP, |
|
1909 |
jbyteArray jExponentQ, |
|
1910 |
jbyteArray jCrtCoefficient) |
|
1911 |
{ |
|
1912 |
return generateKeyBlob(env, jKeyBitLength, jModulus, jPublicExponent, |
|
1913 |
jPrivateExponent, jPrimeP, jPrimeQ, jExponentP, jExponentQ, |
|
1914 |
jCrtCoefficient); |
|
1915 |
} |
|
1916 |
||
1917 |
/* |
|
1918 |
* Class: sun_security_mscapi_RSASignature |
|
1919 |
* Method: generatePublicKeyBlob |
|
1920 |
* Signature: (I[B[B)[B |
|
1921 |
*/ |
|
1922 |
JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSASignature_generatePublicKeyBlob |
|
1923 |
(JNIEnv *env, jclass clazz, |
|
1924 |
jint jKeyBitLength, |
|
1925 |
jbyteArray jModulus, |
|
1926 |
jbyteArray jPublicExponent) |
|
1927 |
{ |
|
1928 |
return generateKeyBlob(env, jKeyBitLength, jModulus, jPublicExponent, |
|
1929 |
NULL, NULL, NULL, NULL, NULL, NULL); |
|
1930 |
} |
|
1931 |
||
1932 |
/* |
|
1933 |
* Class: sun_security_mscapi_KeyStore |
|
1934 |
* Method: storePrivateKey |
|
1935 |
* Signature: ([BLjava/lang/String;I)Lsun/security/mscapi/RSAPrivateKey; |
|
1936 |
*/ |
|
1937 |
JNIEXPORT jobject JNICALL Java_sun_security_mscapi_KeyStore_storePrivateKey |
|
1938 |
(JNIEnv *env, jclass clazz, jbyteArray keyBlob, jstring keyContainerName, |
|
1939 |
jint keySize) |
|
1940 |
{ |
|
1941 |
HCRYPTPROV hCryptProv = NULL; |
|
1942 |
HCRYPTKEY hKey = NULL; |
|
1943 |
DWORD dwBlobLen; |
|
1944 |
BYTE * pbKeyBlob = NULL; |
|
1945 |
const char* pszKeyContainerName = NULL; // UUID |
|
1946 |
jobject privateKey = NULL; |
|
1947 |
||
1948 |
__try |
|
1949 |
{ |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1950 |
if ((pszKeyContainerName = |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1951 |
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1952 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1953 |
} |
2 | 1954 |
dwBlobLen = env->GetArrayLength(keyBlob); |
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1955 |
if ((pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1956 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1957 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
1958 |
} |
2 | 1959 |
|
1960 |
// Acquire a CSP context (create a new key container). |
|
1961 |
if (::CryptAcquireContext( |
|
1962 |
&hCryptProv, |
|
1963 |
pszKeyContainerName, |
|
1964 |
NULL, |
|
1965 |
PROV_RSA_FULL, |
|
1966 |
CRYPT_NEWKEYSET) == FALSE) |
|
1967 |
{ |
|
1968 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1969 |
__leave; |
|
1970 |
} |
|
1971 |
||
1972 |
// Import the private key |
|
1973 |
if (::CryptImportKey( |
|
1974 |
hCryptProv, |
|
1975 |
pbKeyBlob, |
|
1976 |
dwBlobLen, |
|
1977 |
0, |
|
1978 |
CRYPT_EXPORTABLE, |
|
1979 |
&hKey) == FALSE) |
|
1980 |
{ |
|
1981 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
1982 |
__leave; |
|
1983 |
} |
|
1984 |
||
1985 |
// Get the method ID for the RSAPrivateKey constructor |
|
1986 |
jclass clazzRSAPrivateKey = |
|
1987 |
env->FindClass("sun/security/mscapi/RSAPrivateKey"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1988 |
if (clazzRSAPrivateKey == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1989 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1990 |
} |
2 | 1991 |
|
1992 |
jmethodID mNewRSAPrivateKey = |
|
1993 |
env->GetMethodID(clazzRSAPrivateKey, "<init>", "(JJI)V"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1994 |
if (mNewRSAPrivateKey == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1995 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
1996 |
} |
2 | 1997 |
|
1998 |
// Create a new RSA private key |
|
1999 |
privateKey = env->NewObject(clazzRSAPrivateKey, mNewRSAPrivateKey, |
|
2000 |
(jlong) hCryptProv, (jlong) hKey, keySize); |
|
2001 |
||
2002 |
} |
|
2003 |
__finally |
|
2004 |
{ |
|
2005 |
//-------------------------------------------------------------------- |
|
2006 |
// Clean up. |
|
2007 |
||
2008 |
if (pszKeyContainerName) |
|
2009 |
env->ReleaseStringUTFChars(keyContainerName, pszKeyContainerName); |
|
2010 |
||
2011 |
if (pbKeyBlob) |
|
2012 |
env->ReleaseByteArrayElements(keyBlob, (jbyte *) pbKeyBlob, |
|
2013 |
JNI_ABORT); |
|
2014 |
} |
|
2015 |
||
2016 |
return privateKey; |
|
2017 |
} |
|
2018 |
||
2019 |
/* |
|
2020 |
* Class: sun_security_mscapi_RSASignature |
|
2021 |
* Method: importPublicKey |
|
2022 |
* Signature: ([BI)Lsun/security/mscapi/RSAPublicKey; |
|
2023 |
*/ |
|
2024 |
JNIEXPORT jobject JNICALL Java_sun_security_mscapi_RSASignature_importPublicKey |
|
2025 |
(JNIEnv *env, jclass clazz, jbyteArray keyBlob, jint keySize) |
|
2026 |
{ |
|
2027 |
HCRYPTPROV hCryptProv = NULL; |
|
2028 |
HCRYPTKEY hKey = NULL; |
|
2029 |
DWORD dwBlobLen; |
|
2030 |
BYTE * pbKeyBlob = NULL; |
|
2031 |
jobject publicKey = NULL; |
|
2032 |
||
2033 |
__try |
|
2034 |
{ |
|
2035 |
dwBlobLen = env->GetArrayLength(keyBlob); |
|
25812
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2036 |
if ((pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0)) |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2037 |
== NULL) { |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2038 |
__leave; |
5412629bed70
8036612: [parfait] JNI exception pending in jdk/src/windows/native/sun/security/mscapi/security.cpp
vinnie
parents:
9674
diff
changeset
|
2039 |
} |
2 | 2040 |
|
2041 |
// Acquire a CSP context (create a new key container). |
|
9524 | 2042 |
// Prefer a PROV_RSA_AES CSP, when available, due to its support |
2043 |
// for SHA-2-based signatures. |
|
2 | 2044 |
if (::CryptAcquireContext( |
2045 |
&hCryptProv, |
|
2046 |
NULL, |
|
2047 |
NULL, |
|
9524 | 2048 |
PROV_RSA_AES, |
2 | 2049 |
CRYPT_VERIFYCONTEXT) == FALSE) |
2050 |
{ |
|
9524 | 2051 |
// Failover to using the default CSP (PROV_RSA_FULL) |
2052 |
||
2053 |
if (::CryptAcquireContext( |
|
2054 |
&hCryptProv, |
|
2055 |
NULL, |
|
2056 |
NULL, |
|
2057 |
PROV_RSA_FULL, |
|
2058 |
CRYPT_VERIFYCONTEXT) == FALSE) |
|
2059 |
{ |
|
2060 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
2061 |
__leave; |
|
2062 |
} |
|
2 | 2063 |
} |
2064 |
||
2065 |
// Import the public key |
|
2066 |
if (::CryptImportKey( |
|
2067 |
hCryptProv, |
|
2068 |
pbKeyBlob, |
|
2069 |
dwBlobLen, |
|
2070 |
0, |
|
2071 |
CRYPT_EXPORTABLE, |
|
2072 |
&hKey) == FALSE) |
|
2073 |
{ |
|
2074 |
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); |
|
2075 |
__leave; |
|
2076 |
} |
|
2077 |
||
2078 |
// Get the method ID for the RSAPublicKey constructor |
|
2079 |
jclass clazzRSAPublicKey = |
|
2080 |
env->FindClass("sun/security/mscapi/RSAPublicKey"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2081 |
if (clazzRSAPublicKey == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2082 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2083 |
} |
2 | 2084 |
|
2085 |
jmethodID mNewRSAPublicKey = |
|
2086 |
env->GetMethodID(clazzRSAPublicKey, "<init>", "(JJI)V"); |
|
31470
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2087 |
if (mNewRSAPublicKey == NULL) { |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2088 |
__leave; |
93708c7917fc
8098854: Do cleanup in a proper order in sunmscapi code
igerasim
parents:
31264
diff
changeset
|
2089 |
} |
2 | 2090 |
|
2091 |
// Create a new RSA public key |
|
2092 |
publicKey = env->NewObject(clazzRSAPublicKey, mNewRSAPublicKey, |
|
2093 |
(jlong) hCryptProv, (jlong) hKey, keySize); |
|
2094 |
||
2095 |
} |
|
2096 |
__finally |
|
2097 |
{ |
|
2098 |
//-------------------------------------------------------------------- |
|
2099 |
// Clean up. |
|
2100 |
||
2101 |
if (pbKeyBlob) |
|
2102 |
env->ReleaseByteArrayElements(keyBlob, (jbyte *) pbKeyBlob, |
|
2103 |
JNI_ABORT); |
|
2104 |
} |
|
2105 |
||
2106 |
return publicKey; |
|
2107 |
} |
|
2108 |
||
2109 |
} /* extern "C" */ |