/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* MessageDigest implementation class. This class currently supports
* MD2, MD5, SHA-1, SHA-256, SHA-384, and SHA-512.
*
* Note that many digest operations are on fairly small amounts of data
* (less than 100 bytes total). For example, the 2nd hashing in HMAC or
* the PRF in TLS. In order to speed those up, we use some buffering to
* minimize number of the Java->native transitions.
*
* @author Andreas Sterbenz
* @since 1.5
*/
/* unitialized, fields uninitialized, no session acquired */
// data in buffer, all fields valid, session acquired
// but digest not initialized
/* session initialized for digesting */
// token instance
// algorithm name
// mechanism id
private final long mechanism;
// length of the digest in bytes
private final int digestLength;
// associated session, if any
// current state, one of S_* above
private int state;
// one byte buffer for the update(byte) method, initialized on demand
private byte[] oneByte;
// buffer to reduce number of JNI calls
private final byte[] buffer;
// offset into the buffer
private int bufOfs;
super();
switch ((int)mechanism) {
case (int)CKM_MD2:
case (int)CKM_MD5:
digestLength = 16;
break;
case (int)CKM_SHA_1:
digestLength = 20;
break;
case (int)CKM_SHA256:
digestLength = 32;
break;
case (int)CKM_SHA384:
digestLength = 48;
break;
case (int)CKM_SHA512:
digestLength = 64;
break;
default:
}
buffer = new byte[BUFFER_SIZE];
engineReset();
}
// see JCA spec
protected int engineGetDigestLength() {
return digestLength;
}
private void cancelOperation() {
token.ensureValid();
return;
}
return;
}
// need to explicitly "cancel" active op by finishing it
try {
} catch (PKCS11Exception e) {
throw new ProviderException("cancel() failed", e);
} finally {
state = S_BUFFERED;
}
}
private void fetchSession() {
token.ensureValid();
engineReset();
}
}
// see JCA spec
protected void engineReset() {
try {
bufOfs = 0;
}
state = S_BUFFERED;
} catch (PKCS11Exception e) {
throw new ProviderException("reset() failed, ", e);
}
}
// see JCA spec
protected byte[] engineDigest() {
try {
byte[] digest = new byte[digestLength];
return digest;
} catch (DigestException e) {
throw new ProviderException("internal error", e);
}
}
// see JCA spec
throws DigestException {
if (len < digestLength) {
}
fetchSession();
try {
int n;
if (state == S_BUFFERED) {
new CK_MECHANISM(mechanism),
} else {
if (bufOfs != 0) {
}
}
if (n != digestLength) {
throw new ProviderException("internal digest length error");
}
return n;
} catch (PKCS11Exception e) {
throw new ProviderException("digest() failed", e);
} finally {
bufOfs = 0;
}
}
// see JCA spec
oneByte = new byte[1];
}
}
// see JCA spec
fetchSession();
if (len <= 0) {
return;
}
bufOfs = 0;
}
} else {
}
}
// Called by SunJSSE via reflection during the SSL 3.0 handshake if
// the master secret is sensitive. We may want to consider making this
// method public in a future release.
fetchSession();
if (bufOfs != 0) {
bufOfs = 0;
}
// SunJSSE calls this method only if the key does not have a RAW
// encoding, i.e. if it is sensitive. Therefore, no point in calling
// SecretKeyFactory to try to convert it. Just verify it ourselves.
}
}
try {
if (state == S_BUFFERED) {
}
} catch (PKCS11Exception e) {
throw new ProviderException("update(SecretKey) failed", e);
}
}
// see JCA spec
fetchSession();
if (len <= 0) {
return;
}
if (byteBuffer instanceof DirectBuffer == false) {
super.engineUpdate(byteBuffer);
return;
}
try {
if (state == S_BUFFERED) {
if (bufOfs != 0) {
bufOfs = 0;
}
}
} catch (PKCS11Exception e) {
throw new ProviderException("update() failed", e);
}
}
if (len <= 0) {
return;
}
try {
if (state == S_BUFFERED) {
}
} catch (PKCS11Exception e) {
throw new ProviderException("update() failed", e);
}
}
}