Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8213008: Cipher with UNWRAP_MODE should support the generation of an AES key type
authorvaleriep
Mon, 11 Mar 2019 23:48:32 +0000
changeset 54062 62ab0859e7e5
parent 54060 53a95878619f
child 54063 b17caf731e27
8213008: Cipher with UNWRAP_MODE should support the generation of an AES key type Summary: Replaced CKK_GENERIC_SECRET with alorithm-specific key type in P11RSACipher unwrap impl Reviewed-by: ascarpino
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11RSACipher.java file | annotate | diff | comparison | revisions
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java file | annotate | diff | comparison | revisions 
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11RSACipher.java	Mon Mar 11 12:59:45 2019 -0700
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11RSACipher.java	Mon Mar 11 23:48:32 2019 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -550,13 +550,14 @@
             try {
                 try {
                     s = token.getObjSession();
-                    long keyType = CKK_GENERIC_SECRET;
+                    long p11KeyType =
+                        P11SecretKeyFactory.getPKCS11KeyType(algorithm);
                     CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
                             new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY),
-                            new CK_ATTRIBUTE(CKA_KEY_TYPE, keyType),
+                            new CK_ATTRIBUTE(CKA_KEY_TYPE, p11KeyType),
                         };
                     attributes = token.getAttributes(
-                            O_IMPORT, CKO_SECRET_KEY, keyType, attributes);
+                            O_IMPORT, CKO_SECRET_KEY, p11KeyType, attributes);
 
                     long keyID = token.p11.C_UnwrapKey(s.id(),
                                     new CK_MECHANISM(mechanism), p11KeyID,
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java	Mon Mar 11 12:59:45 2019 -0700
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java	Mon Mar 11 23:48:32 2019 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -86,6 +86,17 @@
         keyTypes.put(name.toUpperCase(Locale.ENGLISH), l);
     }
 
+    // returns the PKCS11 key type of the specified algorithm
+    // no psuedo KeyTypes
+    static long getPKCS11KeyType(String algorithm) {
+        long kt = getKeyType(algorithm);
+        if (kt == -1 || kt > PCKK_ANY) {
+            kt = CKK_GENERIC_SECRET;
+        }
+        return kt;
+    }
+
+    // returns direct lookup result of keyTypes using algorithm
     static long getKeyType(String algorithm) {
         Long l = keyTypes.get(algorithm);
         if (l == null) {
jdk-sandbox