pkcs11/wrapper/p11_keymgmt.c

	p11_keymgmt.c revision 936
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Portions Copyright 2003-2009 Sun Microsystems, Inc.  All Rights Reserved.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/* Copyright  (c) 2002 Graz University of Technology. All rights reserved.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Redistribution and use in  source and binary forms, with or without
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * modification, are permitted  provided that the following conditions are met:
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac *
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac * 1. Redistributions of  source code must retain the above copyright notice,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *    this list of conditions and the following disclaimer.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * 2. Redistributions in  binary form must reproduce the above copyright notice,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *    this list of conditions and the following disclaimer in the documentation
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac *    and/or other materials provided with the distribution.
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac *
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac * 3. The end-user documentation included with the redistribution, if any, must
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac *    include the following acknowledgment:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *    "This product includes software developed by IAIK of Graz University of
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *     Technology."
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *    Alternately, this acknowledgment may appear in the software itself, if
5c0458978ad34eff4a1842e3d25070c0ce6f509eludovicp *    and wherever such third-party acknowledgments normally appear.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * 4. The names "Graz University of Technology" and "IAIK of Graz University of
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *    Technology" must not be used to endorse or promote products derived from
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *    this software without prior written permission.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * 5. Products derived from this software may not be called
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *    "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *    written permission of Graz University of Technology.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara *  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
098e548e58d50f922236182f793a0ce65e56a247jvergara *  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
d5dbc9797a212745805c9c2aa52230064dcf2880jvergara *  OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *  POSSIBILITY  OF SUCH DAMAGE.
e212f8366b401e776c8561e8ea3837c95d23c884jvergara */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#include "pkcs11wrapper.h"
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#include <stdio.h>
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#include <stdlib.h>
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#include <string.h>
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#include <assert.h>
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#include "sun_security_pkcs11_wrapper_PKCS11.h"
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#ifdef P11_ENABLE_C_GENERATEKEY
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Class:     sun_security_pkcs11_wrapper_PKCS11
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Method:    C_GenerateKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Parametermapping:                    *PKCS11*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jSessionHandle        CK_SESSION_HANDLE hSession
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jobject jMechanism          CK_MECHANISM_PTR pMechanism
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jobjectArray jTemplate      CK_ATTRIBUTE_PTR pTemplate
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *                                      CK_ULONG ulCount
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @return  jlong jKeyHandle            CK_OBJECT_HANDLE_PTR phKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffJNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jobjectArray jTemplate)
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff{
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_SESSION_HANDLE ckSessionHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_MECHANISM ckMechanism;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG ckAttributesLength;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE ckKeyHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jlong jKeyHandle = 0L;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG i;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_RV rv;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckpFunctions == NULL) { return 0L; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckSessionHandle = jLongToCKULong(jSessionHandle);
22bb0f3726256f60efcce6106b05e76847ca38f6jvergara    jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) { return 0L ; }
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    if ((*env)->ExceptionCheck(env)) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return 0L;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    rv = (*ckpFunctions->C_GenerateKey)(ckSessionHandle, &ckMechanism, ckpAttributes, ckAttributesLength, &ckKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jKeyHandle = ckULongToJLong(ckKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* cheack, if we must give a initialization vector back to Java */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        switch (ckMechanism.mechanism) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        case CKM_PBE_MD2_DES_CBC:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        case CKM_PBE_MD5_DES_CBC:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        case CKM_PBE_MD5_CAST_CBC:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        case CKM_PBE_MD5_CAST3_CBC:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        case CKM_PBE_MD5_CAST128_CBC:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* case CKM_PBE_MD5_CAST5_CBC:  the same as CKM_PBE_MD5_CAST128_CBC */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        case CKM_PBE_SHA1_CAST128_CBC:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* case CKM_PBE_SHA1_CAST5_CBC: the same as CKM_PBE_SHA1_CAST128_CBC */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            /* we must copy back the initialization vector to the jMechanism object */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            copyBackPBEInitializationVector(env, &ckMechanism, jMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            break;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara    if (ckMechanism.pParameter != NULL_PTR) {
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara        free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    freeCKAttributeArray(ckpAttributes, ckAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    return jKeyHandle ;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#endif
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#ifdef P11_ENABLE_C_GENERATEKEYPAIR
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Class:     sun_security_pkcs11_wrapper_PKCS11
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Method:    C_GenerateKeyPair
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)[J
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Parametermapping:                          *PKCS11*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jSessionHandle              CK_SESSION_HANDLE hSession
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jobject jMechanism                CK_MECHANISM_PTR pMechanism
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jobjectArray jPublicKeyTemplate   CK_ATTRIBUTE_PTR pPublicKeyTemplate
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *                                            CK_ULONG ulPublicKeyAttributeCount
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jobjectArray jPrivateKeyTemplate  CK_ATTRIBUTE_PTR pPrivateKeyTemplate
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *                                            CK_ULONG ulPrivateKeyAttributeCount
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @return  jlongArray jKeyHandles            CK_OBJECT_HANDLE_PTR phPublicKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *                                            CK_OBJECT_HANDLE_PTR phPublicKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffJNIEXPORT jlongArray JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKeyPair
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff     jobjectArray jPublicKeyTemplate, jobjectArray jPrivateKeyTemplate)
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff{
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_SESSION_HANDLE ckSessionHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_MECHANISM ckMechanism;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ATTRIBUTE_PTR ckpPublicKeyAttributes = NULL_PTR;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ATTRIBUTE_PTR ckpPrivateKeyAttributes = NULL_PTR;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG ckPublicKeyAttributesLength;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG ckPrivateKeyAttributesLength;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE_PTR ckpPublicKeyHandle;  /* pointer to Public Key */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE_PTR ckpPrivateKeyHandle; /* pointer to Private Key */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE_PTR ckpKeyHandles;     /* pointer to array with Public and Private Key */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jlongArray jKeyHandles;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG i;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_RV rv;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckpFunctions == NULL) { return NULL; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckSessionHandle = jLongToCKULong(jSessionHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) { return NULL; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckpKeyHandles = (CK_OBJECT_HANDLE_PTR) malloc(2 * sizeof(CK_OBJECT_HANDLE));
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckpKeyHandles == NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        JNU_ThrowOutOfMemoryError(env, 0);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return NULL;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckpPublicKeyHandle = ckpKeyHandles;   /* first element of array is Public Key */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckpPrivateKeyHandle = (ckpKeyHandles + 1);  /* second element of array is Private Key */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jAttributeArrayToCKAttributeArray(env, jPublicKeyTemplate, &ckpPublicKeyAttributes, &ckPublicKeyAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckpKeyHandles);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return NULL;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jAttributeArrayToCKAttributeArray(env, jPrivateKeyTemplate, &ckpPrivateKeyAttributes, &ckPrivateKeyAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            free(ckMechanism.pParameter);
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckpKeyHandles);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        freeCKAttributeArray(ckpPublicKeyAttributes, ckPublicKeyAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return NULL;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    rv = (*ckpFunctions->C_GenerateKeyPair)(ckSessionHandle, &ckMechanism,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff                     ckpPublicKeyAttributes, ckPublicKeyAttributesLength,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff                     ckpPrivateKeyAttributes, ckPrivateKeyAttributesLength,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff                     ckpPublicKeyHandle, ckpPrivateKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jKeyHandles = ckULongArrayToJLongArray(env, ckpKeyHandles, 2);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift    if(ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    free(ckpKeyHandles);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    freeCKAttributeArray(ckpPublicKeyAttributes, ckPublicKeyAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    freeCKAttributeArray(ckpPrivateKeyAttributes, ckPrivateKeyAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    return jKeyHandles ;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift#endif
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#ifdef P11_ENABLE_C_WRAPKEY
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Class:     sun_security_pkcs11_wrapper_PKCS11
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Method:    C_WrapKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;JJ)[B
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Parametermapping:                    *PKCS11*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jSessionHandle        CK_SESSION_HANDLE hSession
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift * @param   jobject jMechanism          CK_MECHANISM_PTR pMechanism
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jWrappingKeyHandle    CK_OBJECT_HANDLE hWrappingKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jKeyHandle            CK_OBJECT_HANDLE hKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @return  jbyteArray jWrappedKey      CK_BYTE_PTR pWrappedKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *                                      CK_ULONG_PTR pulWrappedKeyLen
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffJNIEXPORT jbyteArray JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1WrapKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jWrappingKeyHandle, jlong jKeyHandle)
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff{
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift    CK_SESSION_HANDLE ckSessionHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_MECHANISM ckMechanism;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE ckWrappingKeyHandle;
098e548e58d50f922236182f793a0ce65e56a247jvergara    CK_OBJECT_HANDLE ckKeyHandle;
098e548e58d50f922236182f793a0ce65e56a247jvergara    jbyteArray jWrappedKey = NULL;
098e548e58d50f922236182f793a0ce65e56a247jvergara    CK_RV rv;
098e548e58d50f922236182f793a0ce65e56a247jvergara    CK_BYTE BUF[MAX_STACK_BUFFER_LEN];
098e548e58d50f922236182f793a0ce65e56a247jvergara    CK_BYTE_PTR ckpWrappedKey = BUF;
098e548e58d50f922236182f793a0ce65e56a247jvergara    CK_ULONG ckWrappedKeyLength = MAX_STACK_BUFFER_LEN;
098e548e58d50f922236182f793a0ce65e56a247jvergara
098e548e58d50f922236182f793a0ce65e56a247jvergara    CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
098e548e58d50f922236182f793a0ce65e56a247jvergara    if (ckpFunctions == NULL) { return NULL; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckSessionHandle = jLongToCKULong(jSessionHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) { return NULL; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckWrappingKeyHandle = jLongToCKULong(jWrappingKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckKeyHandle = jLongToCKULong(jKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism, ckWrappingKeyHandle, ckKeyHandle, ckpWrappedKey, &ckWrappedKeyLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (rv == CKR_BUFFER_TOO_SMALL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        ckpWrappedKey = (CK_BYTE_PTR) malloc(ckWrappedKeyLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckpWrappedKey == NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff                free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            JNU_ThrowOutOfMemoryError(env, 0);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            return NULL;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        rv = (*ckpFunctions->C_WrapKey)(ckSessionHandle, &ckMechanism, ckWrappingKeyHandle, ckKeyHandle, ckpWrappedKey, &ckWrappedKeyLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jWrappedKey = ckByteArrayToJByteArray(env, ckpWrappedKey, ckWrappedKeyLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckpWrappedKey != BUF) { free(ckpWrappedKey); }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    return jWrappedKey ;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#endif
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#ifdef P11_ENABLE_C_UNWRAPKEY
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Class:     sun_security_pkcs11_wrapper_PKCS11
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Method:    C_UnwrapKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J[B[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Parametermapping:                    *PKCS11*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jSessionHandle        CK_SESSION_HANDLE hSession
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jobject jMechanism          CK_MECHANISM_PTR pMechanism
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jUnwrappingKeyHandle  CK_OBJECT_HANDLE hUnwrappingKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jbyteArray jWrappedKey      CK_BYTE_PTR pWrappedKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *                                      CK_ULONG_PTR pulWrappedKeyLen
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jobjectArray jTemplate      CK_ATTRIBUTE_PTR pTemplate
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *                                      CK_ULONG ulCount
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @return  jlong jKeyHandle            CK_OBJECT_HANDLE_PTR phKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffJNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1UnwrapKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jUnwrappingKeyHandle,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff     jbyteArray jWrappedKey, jobjectArray jTemplate)
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff{
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_SESSION_HANDLE ckSessionHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_MECHANISM ckMechanism;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE ckUnwrappingKeyHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_BYTE_PTR ckpWrappedKey = NULL_PTR;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG ckWrappedKeyLength;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG ckAttributesLength;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE ckKeyHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jlong jKeyHandle = 0L;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG i;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_RV rv;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckpFunctions == NULL) { return 0L; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckSessionHandle = jLongToCKULong(jSessionHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) { return 0L; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckUnwrappingKeyHandle = jLongToCKULong(jUnwrappingKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jByteArrayToCKByteArray(env, jWrappedKey, &ckpWrappedKey, &ckWrappedKeyLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return 0L;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckpWrappedKey);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return 0L;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    rv = (*ckpFunctions->C_UnwrapKey)(ckSessionHandle, &ckMechanism, ckUnwrappingKeyHandle,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff                 ckpWrappedKey, ckWrappedKeyLength,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff                 ckpAttributes, ckAttributesLength, &ckKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK) {
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara        jKeyHandle = ckLongToJLong(ckKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#if 0
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* cheack, if we must give a initialization vector back to Java */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckMechanism.mechanism == CKM_KEY_WRAP_SET_OAEP) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            /* we must copy back the unwrapped key info to the jMechanism object */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            copyBackSetUnwrappedKey(env, &ckMechanism, jMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#endif
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckMechanism.pParameter != NULL_PTR) {
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara        free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    freeCKAttributeArray(ckpAttributes, ckAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    free(ckpWrappedKey);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    return jKeyHandle ;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#endif
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#ifdef P11_ENABLE_C_DERIVEKEY
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffvoid freeMasterKeyDeriveParams(CK_MECHANISM_PTR ckMechanism) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_SSL3_MASTER_KEY_DERIVE_PARAMS *params = (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *) ckMechanism->pParameter;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (params == NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (params->RandomInfo.pClientRandom != NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(params->RandomInfo.pClientRandom);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (params->RandomInfo.pServerRandom != NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(params->RandomInfo.pServerRandom);
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (params->pVersion != NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(params->pVersion);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffvoid freeEcdh1DeriveParams(CK_MECHANISM_PTR ckMechanism) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ECDH1_DERIVE_PARAMS *params = (CK_ECDH1_DERIVE_PARAMS *) ckMechanism->pParameter;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (params == NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (params->pSharedData != NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(params->pSharedData);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (params->pPublicData != NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(params->pPublicData);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Copy back the PRF output to Java.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffvoid copyBackTLSPrfParams(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism)
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff{
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jclass jMechanismClass, jTLSPrfParamsClass;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_TLS_PRF_PARAMS *ckTLSPrfParams;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jobject jTLSPrfParams;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jfieldID fieldID;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_MECHANISM_TYPE ckMechanismType;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jlong jMechanismType;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_BYTE_PTR output;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jobject jOutput;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jint jLength;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jbyte* jBytes;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    int i;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    /* get mechanism */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jMechanismClass = (*env)->FindClass(env, CLASS_MECHANISM);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (jMechanismClass == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    fieldID = (*env)->GetFieldID(env, jMechanismClass, "mechanism", "J");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jMechanismType = (*env)->GetLongField(env, jMechanism, fieldID);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckMechanismType = jLongToCKULong(jMechanismType);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckMechanismType != ckMechanism->mechanism) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* we do not have maching types, this should not occur */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    /* get the native CK_TLS_PRF_PARAMS */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckTLSPrfParams = (CK_TLS_PRF_PARAMS *) ckMechanism->pParameter;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckTLSPrfParams != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* get the Java CK_TLS_PRF_PARAMS object (pParameter) */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        fieldID = (*env)->GetFieldID(env, jMechanismClass, "pParameter", "Ljava/lang/Object;");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jTLSPrfParams = (*env)->GetObjectField(env, jMechanism, fieldID);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* copy back the client IV */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jTLSPrfParamsClass = (*env)->FindClass(env, CLASS_TLS_PRF_PARAMS);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (jTLSPrfParamsClass == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        fieldID = (*env)->GetFieldID(env, jTLSPrfParamsClass, "pOutput", "[B");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jOutput = (*env)->GetObjectField(env, jTLSPrfParams, fieldID);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        output = ckTLSPrfParams->pOutput;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        // Note: we assume that the token returned exactly as many bytes as we
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift        // requested. Anything else would not make sense.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (jOutput != NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            jLength = (*env)->GetArrayLength(env, jOutput);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            jBytes = (*env)->GetByteArrayElements(env, jOutput, NULL);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            if (jBytes == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            /* copy the bytes to the Java buffer */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            for (i=0; i < jLength; i++) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff                jBytes[i] = ckByteToJByte(output[i]);
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift            }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            /* copy back the Java buffer to the object */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            (*env)->ReleaseByteArrayElements(env, jOutput, jBytes, 0);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        // free malloc'd data
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckTLSPrfParams->pSeed);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckTLSPrfParams->pLabel);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckTLSPrfParams->pulOutputLen);
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift        free(ckTLSPrfParams->pOutput);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Class:     sun_security_pkcs11_wrapper_PKCS11
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Method:    C_DeriveKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Signature: (JLsun/security/pkcs11/wrapper/CK_MECHANISM;J[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Parametermapping:                    *PKCS11*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jSessionHandle        CK_SESSION_HANDLE hSession
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift * @param   jobject jMechanism          CK_MECHANISM_PTR pMechanism
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jlong jBaseKeyHandle        CK_OBJECT_HANDLE hBaseKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @param   jobjectArray jTemplate      CK_ATTRIBUTE_PTR pTemplate
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *                                      CK_ULONG ulCount
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * @return  jlong jKeyHandle            CK_OBJECT_HANDLE_PTR phKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffJNIEXPORT jlong JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1DeriveKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    (JNIEnv *env, jobject obj, jlong jSessionHandle, jobject jMechanism, jlong jBaseKeyHandle, jobjectArray jTemplate)
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff{
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swift    CK_SESSION_HANDLE ckSessionHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_MECHANISM ckMechanism;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE ckBaseKeyHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ATTRIBUTE_PTR ckpAttributes = NULL_PTR;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG ckAttributesLength;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE ckKeyHandle = 0;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jlong jKeyHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_ULONG i;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_RV rv;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_OBJECT_HANDLE_PTR phKey = &ckKeyHandle;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    CK_FUNCTION_LIST_PTR ckpFunctions = getFunctionList(env, obj);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckpFunctions == NULL) { return 0L; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckSessionHandle = jLongToCKULong(jSessionHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jMechanismToCKMechanism(env, jMechanism, &ckMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) { return 0L; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckBaseKeyHandle = jLongToCKULong(jBaseKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jAttributeArrayToCKAttributeArray(env, jTemplate, &ckpAttributes, &ckAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if ((*env)->ExceptionCheck(env)) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff            free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        return 0L;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    switch (ckMechanism.mechanism) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    case CKM_SSL3_KEY_AND_MAC_DERIVE:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    case CKM_TLS_KEY_AND_MAC_DERIVE:
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara    case CKM_TLS_PRF:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        // these mechanism do not return a key handle via phKey
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        // set to NULL in case pedantic implementations check for it
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        phKey = NULL;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        break;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    default:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        // empty
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        break;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    rv = (*ckpFunctions->C_DeriveKey)(ckSessionHandle, &ckMechanism, ckBaseKeyHandle,
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff                 ckpAttributes, ckAttributesLength, phKey);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    jKeyHandle = ckLongToJLong(ckKeyHandle);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    freeCKAttributeArray(ckpAttributes, ckAttributesLength);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    switch (ckMechanism.mechanism) {
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    case CKM_SSL3_MASTER_KEY_DERIVE:
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    case CKM_TLS_MASTER_KEY_DERIVE:
e212f8366b401e776c8561e8ea3837c95d23c884jvergara        /* we must copy back the client version */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara        copyBackClientVersion(env, &ckMechanism, jMechanism);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara        freeMasterKeyDeriveParams(&ckMechanism);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara        break;
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    case CKM_SSL3_MASTER_KEY_DERIVE_DH:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    case CKM_TLS_MASTER_KEY_DERIVE_DH:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        freeMasterKeyDeriveParams(&ckMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        break;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    case CKM_SSL3_KEY_AND_MAC_DERIVE:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    case CKM_TLS_KEY_AND_MAC_DERIVE:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* we must copy back the unwrapped key info to the jMechanism object */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        copyBackSSLKeyMatParams(env, &ckMechanism, jMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        break;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    case CKM_TLS_PRF:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        copyBackTLSPrfParams(env, &ckMechanism, jMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        break;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    case CKM_ECDH1_DERIVE:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        freeEcdh1DeriveParams(&ckMechanism);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        break;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    default:
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        // empty
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        break;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckMechanism.pParameter != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        free(ckMechanism.pParameter);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return 0L ; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    return jKeyHandle ;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Copy back the client version information from the native
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * structure to the Java object. This is only used for the
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * CKM_SSL3_MASTER_KEY_DERIVE mechanism when used for deriving a key.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduffvoid copyBackClientVersion(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism)
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff{
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jclass jMechanismClass, jSSL3MasterKeyDeriveParamsClass, jVersionClass;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  CK_SSL3_MASTER_KEY_DERIVE_PARAMS *ckSSL3MasterKeyDeriveParams;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  CK_VERSION *ckVersion;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jfieldID fieldID;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  CK_MECHANISM_TYPE ckMechanismType;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jlong jMechanismType;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jobject jSSL3MasterKeyDeriveParams;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jobject jVersion;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  /* get mechanism */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jMechanismClass = (*env)->FindClass(env, CLASS_MECHANISM);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  if (jMechanismClass == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  fieldID = (*env)->GetFieldID(env, jMechanismClass, "mechanism", "J");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jMechanismType = (*env)->GetLongField(env, jMechanism, fieldID);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  ckMechanismType = jLongToCKULong(jMechanismType);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  if (ckMechanismType != ckMechanism->mechanism) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    /* we do not have maching types, this should not occur */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    return;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  /* get the native CK_SSL3_MASTER_KEY_DERIVE_PARAMS */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  ckSSL3MasterKeyDeriveParams = (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *) ckMechanism->pParameter;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  if (ckSSL3MasterKeyDeriveParams != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    /* get the native CK_VERSION */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    ckVersion = ckSSL3MasterKeyDeriveParams->pVersion;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    if (ckVersion != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* get the Java CK_SSL3_MASTER_KEY_DERIVE_PARAMS (pParameter) */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jMechanismClass, "pParameter", "Ljava/lang/Object;");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      jSSL3MasterKeyDeriveParams = (*env)->GetObjectField(env, jMechanism, fieldID);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* get the Java CK_VERSION */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      jSSL3MasterKeyDeriveParamsClass = (*env)->FindClass(env, CLASS_SSL3_MASTER_KEY_DERIVE_PARAMS);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (jSSL3MasterKeyDeriveParamsClass == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jSSL3MasterKeyDeriveParamsClass, "pVersion", "L"CLASS_VERSION";");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      jVersion = (*env)->GetObjectField(env, jSSL3MasterKeyDeriveParams, fieldID);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* now copy back the version from the native structure to the Java structure */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* copy back the major version */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      jVersionClass = (*env)->FindClass(env, CLASS_VERSION);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (jVersionClass == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jVersionClass, "major", "B");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      (*env)->SetByteField(env, jVersion, fieldID, ckByteToJByte(ckVersion->major));
3ed5d8e2539b455f1f0aec1b798fc561e4d95ea6jvergara
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* copy back the minor version */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jVersionClass, "minor", "B");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      (*env)->SetByteField(env, jVersion, fieldID, ckByteToJByte(ckVersion->minor));
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff/*
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * Copy back the derived keys and initialization vectors from the native
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * structure to the Java object. This is only used for the
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff * CKM_SSL3_KEY_AND_MAC_DERIVE mechanism when used for deriving a key.
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff *
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff */
e57b14f6c2ff0b3b27690e32d32f4dec3f80d021matthew_swiftvoid copyBackSSLKeyMatParams(JNIEnv *env, CK_MECHANISM *ckMechanism, jobject jMechanism)
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff{
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jclass jMechanismClass, jSSL3KeyMatParamsClass, jSSL3KeyMatOutClass;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  CK_SSL3_KEY_MAT_PARAMS *ckSSL3KeyMatParam;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  CK_SSL3_KEY_MAT_OUT *ckSSL3KeyMatOut;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jfieldID fieldID;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  CK_MECHANISM_TYPE ckMechanismType;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jlong jMechanismType;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  CK_BYTE_PTR iv;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jobject jSSL3KeyMatParam;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jobject jSSL3KeyMatOut;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jobject jIV;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jint jLength;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  jbyte* jBytes;
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara  int i;
e212f8366b401e776c8561e8ea3837c95d23c884jvergara
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  /* get mechanism */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  jMechanismClass= (*env)->FindClass(env, CLASS_MECHANISM);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  if (jMechanismClass == NULL) { return; }
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  fieldID = (*env)->GetFieldID(env, jMechanismClass, "mechanism", "J");
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  if (fieldID == NULL) { return; }
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  jMechanismType = (*env)->GetLongField(env, jMechanism, fieldID);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  ckMechanismType = jLongToCKULong(jMechanismType);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  if (ckMechanismType != ckMechanism->mechanism) {
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    /* we do not have maching types, this should not occur */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    return;
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  }
e212f8366b401e776c8561e8ea3837c95d23c884jvergara
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  /* get the native CK_SSL3_KEY_MAT_PARAMS */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  ckSSL3KeyMatParam = (CK_SSL3_KEY_MAT_PARAMS *) ckMechanism->pParameter;
e212f8366b401e776c8561e8ea3837c95d23c884jvergara  if (ckSSL3KeyMatParam != NULL_PTR) {
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    // free malloc'd data
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    if (ckSSL3KeyMatParam->RandomInfo.pClientRandom != NULL) {
e212f8366b401e776c8561e8ea3837c95d23c884jvergara        free(ckSSL3KeyMatParam->RandomInfo.pClientRandom);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    if (ckSSL3KeyMatParam->RandomInfo.pServerRandom != NULL) {
e212f8366b401e776c8561e8ea3837c95d23c884jvergara        free(ckSSL3KeyMatParam->RandomInfo.pServerRandom);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
e212f8366b401e776c8561e8ea3837c95d23c884jvergara
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    /* get the native CK_SSL3_KEY_MAT_OUT */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    ckSSL3KeyMatOut = ckSSL3KeyMatParam->pReturnedKeyMaterial;
e212f8366b401e776c8561e8ea3837c95d23c884jvergara    if (ckSSL3KeyMatOut != NULL_PTR) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* get the Java CK_SSL3_KEY_MAT_PARAMS (pParameter) */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      fieldID = (*env)->GetFieldID(env, jMechanismClass, "pParameter", "Ljava/lang/Object;");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      jSSL3KeyMatParam = (*env)->GetObjectField(env, jMechanism, fieldID);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      /* get the Java CK_SSL3_KEY_MAT_OUT */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      jSSL3KeyMatParamsClass = (*env)->FindClass(env, CLASS_SSL3_KEY_MAT_PARAMS);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      if (jSSL3KeyMatParamsClass == NULL) { return; }
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      fieldID = (*env)->GetFieldID(env, jSSL3KeyMatParamsClass, "pReturnedKeyMaterial", "L"CLASS_SSL3_KEY_MAT_OUT";");
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      if (fieldID == NULL) { return; }
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      jSSL3KeyMatOut = (*env)->GetObjectField(env, jSSL3KeyMatParam, fieldID);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      /* now copy back all the key handles and the initialization vectors */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      /* copy back client MAC secret handle */
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      jSSL3KeyMatOutClass = (*env)->FindClass(env, CLASS_SSL3_KEY_MAT_OUT);
e212f8366b401e776c8561e8ea3837c95d23c884jvergara      if (jSSL3KeyMatOutClass == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "hClientMacSecret", "J");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      (*env)->SetLongField(env, jSSL3KeyMatOut, fieldID, ckULongToJLong(ckSSL3KeyMatOut->hClientMacSecret));
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* copy back server MAC secret handle */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "hServerMacSecret", "J");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      (*env)->SetLongField(env, jSSL3KeyMatOut, fieldID, ckULongToJLong(ckSSL3KeyMatOut->hServerMacSecret));
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* copy back client secret key handle */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "hClientKey", "J");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      (*env)->SetLongField(env, jSSL3KeyMatOut, fieldID, ckULongToJLong(ckSSL3KeyMatOut->hClientKey));
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* copy back server secret key handle */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "hServerKey", "J");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      (*env)->SetLongField(env, jSSL3KeyMatOut, fieldID, ckULongToJLong(ckSSL3KeyMatOut->hServerKey));
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* copy back the client IV */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "pIVClient", "[B");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      jIV = (*env)->GetObjectField(env, jSSL3KeyMatOut, fieldID);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      iv = ckSSL3KeyMatOut->pIVClient;
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (jIV != NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jLength = (*env)->GetArrayLength(env, jIV);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jBytes = (*env)->GetByteArrayElements(env, jIV, NULL);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (jBytes == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* copy the bytes to the Java buffer */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        for (i=0; i < jLength; i++) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff          jBytes[i] = ckByteToJByte(iv[i]);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* copy back the Java buffer to the object */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        (*env)->ReleaseByteArrayElements(env, jIV, jBytes, 0);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      // free malloc'd data
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      free(ckSSL3KeyMatOut->pIVClient);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      /* copy back the server IV */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      fieldID = (*env)->GetFieldID(env, jSSL3KeyMatOutClass, "pIVServer", "[B");
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (fieldID == NULL) { return; }
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara      jIV = (*env)->GetObjectField(env, jSSL3KeyMatOut, fieldID);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      iv = ckSSL3KeyMatOut->pIVServer;
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      if (jIV != NULL) {
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jLength = (*env)->GetArrayLength(env, jIV);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        jBytes = (*env)->GetByteArrayElements(env, jIV, NULL);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        if (jBytes == NULL) { return; }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        /* copy the bytes to the Java buffer */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        for (i=0; i < jLength; i++) {
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara          jBytes[i] = ckByteToJByte(iv[i]);
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara        }
ed7e459ce3ee2b94960a3530a58f31a83ec8af9djvergara        /* copy back the Java buffer to the object */
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff        (*env)->ReleaseByteArrayElements(env, jIV, jBytes, 0);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      // free malloc'd data
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      free(ckSSL3KeyMatOut->pIVServer);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff      free(ckSSL3KeyMatOut);
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff    }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff  }
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff}
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff
d25372dc8e65a9ed019a88fdf659ca61313f1b31jcduff#endif
22bb0f3726256f60efcce6106b05e76847ca38f6jvergara