stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8229243: SunPKCS11-Solaris provider tests failing on Solaris 11.4

Browse Source 
For CK_GCM_PARAMS, try the spec definition first before falling back to the header file definition

Reviewed-by: xuelei
This commit is contained in:
Valerie Peng 2019-10-08 00:01:20 +00:00
parent f3df804e24
commit 381e90eb6b
12 changed files with 211 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java
View File

@ -378,9 +378,6 @@ final class P11AEADCipher extends CipherSpi {
long p11KeyID = p11Key.getKeyID(); long p11KeyID = p11Key.getKeyID();
try { try {
if (session == null) {
session = token.getOpSession();
}
CK_MECHANISM mechWithParams; CK_MECHANISM mechWithParams;
switch (blockMode) { switch (blockMode) {
case MODE_GCM: case MODE_GCM:
@ -390,6 +387,9 @@ final class P11AEADCipher extends CipherSpi {
default: default:
throw new ProviderException("Unsupported mode: " + blockMode); throw new ProviderException("Unsupported mode: " + blockMode);
} }
if (session == null) {
session = token.getOpSession();
}
if (encrypt) { if (encrypt) {
token.p11.C_EncryptInit(session.id(), mechWithParams, token.p11.C_EncryptInit(session.id(), mechWithParams,
p11KeyID); p11KeyID);
@ -398,7 +398,6 @@ final class P11AEADCipher extends CipherSpi {
p11KeyID); p11KeyID);
} }
} catch (PKCS11Exception e) { } catch (PKCS11Exception e) {
//e.printStackTrace();
p11Key.releaseKeyID(); p11Key.releaseKeyID();
session = token.releaseSession(session); session = token.releaseSession(session);
throw e; throw e;
@ -718,7 +717,9 @@ final class P11AEADCipher extends CipherSpi {
errorCode == CKR_ENCRYPTED_DATA_LEN_RANGE) { errorCode == CKR_ENCRYPTED_DATA_LEN_RANGE) {
throw (IllegalBlockSizeException) throw (IllegalBlockSizeException)
(new IllegalBlockSizeException(e.toString()).initCause(e)); (new IllegalBlockSizeException(e.toString()).initCause(e));
} else if (errorCode == CKR_ENCRYPTED_DATA_INVALID) { } else if (errorCode == CKR_ENCRYPTED_DATA_INVALID ||
// Solaris-specific
errorCode == CKR_GENERAL_ERROR) {
throw (BadPaddingException) throw (BadPaddingException)
(new BadPaddingException(e.toString()).initCause(e)); (new BadPaddingException(e.toString()).initCause(e));
} }

4
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Digest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -103,9 +103,11 @@ final class P11Digest extends MessageDigestSpi implements Cloneable,
digestLength = 20; digestLength = 20;
break; break;
case (int)CKM_SHA224: case (int)CKM_SHA224:
case (int)CKM_SHA512_224:
digestLength = 28; digestLength = 28;
break; break;
case (int)CKM_SHA256: case (int)CKM_SHA256:
case (int)CKM_SHA512_256:
digestLength = 32; digestLength = 32;
break; break;
case (int)CKM_SHA384: case (int)CKM_SHA384:

4
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Mac.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -91,9 +91,11 @@ final class P11Mac extends MacSpi {
macLength = 20; macLength = 20;
break; break;
case (int)CKM_SHA224_HMAC: case (int)CKM_SHA224_HMAC:
case (int)CKM_SHA512_224_HMAC:
macLength = 28; macLength = 28;
break; break;
case (int)CKM_SHA256_HMAC: case (int)CKM_SHA256_HMAC:
case (int)CKM_SHA512_256_HMAC:
macLength = 32; macLength = 32;
break; break;
case (int)CKM_SHA384_HMAC: case (int)CKM_SHA384_HMAC:

20
src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_convert.c
View File

@ -721,7 +721,7 @@ jTlsMacParamsToCKTlsMacParamPtr(JNIEnv *env, jobject jParam, CK_ULONG *pLength)
} }
// populate using java values // populate using java values
ckParamPtr->prfMechanism = jLongToCKULong(jPrfMechanism); ckParamPtr->prfHashMechanism = jLongToCKULong(jPrfMechanism);
ckParamPtr->ulMacLength = jLongToCKULong(jUlMacLength); ckParamPtr->ulMacLength = jLongToCKULong(jUlMacLength);
ckParamPtr->ulServerOrClient = jLongToCKULong(jUlServerOrClient); ckParamPtr->ulServerOrClient = jLongToCKULong(jUlServerOrClient);
@ -1014,17 +1014,18 @@ cleanup:
} }
/* /*
* converts the Java CK_GCM_PARAMS object to a CK_GCM_PARAMS pointer * converts the Java CK_GCM_PARAMS object to a CK_GCM_PARAMS_NO_IVBITS pointer
* Note: Need to try NSS definition first to avoid SIGSEGV.
* *
* @param env - used to call JNI funktions to get the Java classes and objects * @param env - used to call JNI funktions to get the Java classes and objects
* @param jParam - the Java CK_GCM_PARAMS object to convert * @param jParam - the Java CK_GCM_PARAMS object to convert
* @param pLength - length of the allocated memory of the returned pointer * @param pLength - length of the allocated memory of the returned pointer
* @return pointer to the new CK_GCM_PARAMS structure * @return pointer to the new CK_GCM_PARAMS_NO_IVBITS structure
*/ */
CK_GCM_PARAMS_PTR CK_GCM_PARAMS_NO_IVBITS_PTR
jGCMParamsToCKGCMParamPtr(JNIEnv *env, jobject jParam, CK_ULONG *pLength) jGCMParamsToCKGCMParamPtr(JNIEnv *env, jobject jParam, CK_ULONG *pLength)
{ {
CK_GCM_PARAMS_PTR ckParamPtr; CK_GCM_PARAMS_NO_IVBITS_PTR ckParamPtr;
jclass jGcmParamsClass; jclass jGcmParamsClass;
jfieldID fieldID; jfieldID fieldID;
jobject jIv, jAad; jobject jIv, jAad;
@ -1052,8 +1053,8 @@ jGCMParamsToCKGCMParamPtr(JNIEnv *env, jobject jParam, CK_ULONG *pLength)
if (fieldID == NULL) { return NULL; } if (fieldID == NULL) { return NULL; }
jTagLen = (*env)->GetLongField(env, jParam, fieldID); jTagLen = (*env)->GetLongField(env, jParam, fieldID);
// allocate memory for CK_GCM_PARAMS pointer // allocate memory for CK_GCM_PARAMS_NO_IVBITS pointer
ckParamPtr = calloc(1, sizeof(CK_GCM_PARAMS)); ckParamPtr = calloc(1, sizeof(CK_GCM_PARAMS_NO_IVBITS));
if (ckParamPtr == NULL) { if (ckParamPtr == NULL) {
throwOutOfMemoryError(env, 0); throwOutOfMemoryError(env, 0);
return NULL; return NULL;
@ -1073,16 +1074,15 @@ jGCMParamsToCKGCMParamPtr(JNIEnv *env, jobject jParam, CK_ULONG *pLength)
ckParamPtr->ulTagBits = jLongToCKULong(jTagLen); ckParamPtr->ulTagBits = jLongToCKULong(jTagLen);
if (pLength != NULL) { if (pLength != NULL) {
*pLength = sizeof(CK_GCM_PARAMS); *pLength = sizeof(CK_GCM_PARAMS_NO_IVBITS);
} }
TRACE1("Created inner GCM_PARAMS PTR %lX\n", ptr_to_jlong(ckParamPtr)); TRACE1("Created inner GCM_PARAMS PTR w/o ulIvBits %p\n", ckParamPtr);
return ckParamPtr; return ckParamPtr;
cleanup: cleanup:
free(ckParamPtr->pIv); free(ckParamPtr->pIv);
free(ckParamPtr->pAAD); free(ckParamPtr->pAAD);
free(ckParamPtr); free(ckParamPtr);
return NULL; return NULL;
} }
/* /*

44
src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_crypt.c
View File

@ -72,6 +72,7 @@ Java_sun_security_pkcs11_wrapper_PKCS11_C_1EncryptInit
{ {
CK_SESSION_HANDLE ckSessionHandle; CK_SESSION_HANDLE ckSessionHandle;
CK_MECHANISM_PTR ckpMechanism = NULL; CK_MECHANISM_PTR ckpMechanism = NULL;
CK_MECHANISM_PTR ckpTemp;
CK_OBJECT_HANDLE ckKeyHandle; CK_OBJECT_HANDLE ckKeyHandle;
CK_RV rv; CK_RV rv;
@ -81,15 +82,32 @@ Java_sun_security_pkcs11_wrapper_PKCS11_C_1EncryptInit
ckSessionHandle = jLongToCKULong(jSessionHandle); ckSessionHandle = jLongToCKULong(jSessionHandle);
ckKeyHandle = jLongToCKULong(jKeyHandle); ckKeyHandle = jLongToCKULong(jKeyHandle);
ckpMechanism = jMechanismToCKMechanismPtr(env, jMechanism); ckpMechanism = jMechanismToCKMechanismPtr(env, jMechanism);
TRACE1("DEBUG C_EncryptInit: created pMech = %p\n",
ckpMechanism);
if ((*env)->ExceptionCheck(env)) { return; } if ((*env)->ExceptionCheck(env)) { return; }
rv = (*ckpFunctions->C_EncryptInit)(ckSessionHandle, ckpMechanism, rv = (*ckpFunctions->C_EncryptInit)(ckSessionHandle, ckpMechanism,
ckKeyHandle); ckKeyHandle);
// if OAEP, then cannot free here if (ckpMechanism->mechanism == CKM_AES_GCM) {
freeCKMechanismPtr(ckpMechanism); if (rv == CKR_ARGUMENTS_BAD || rv == CKR_MECHANISM_PARAM_INVALID) {
// retry with CKM_GCM_PARAMS structure in pkcs11t.h
TRACE0("DEBUG C_EncryptInit: retry with CK_GCM_PARAMS\n");
ckpTemp = updateGCMParams(env, ckpMechanism);
if (ckpTemp != NULL) { // only re-call if conversion succeeds
ckpMechanism = ckpTemp;
rv = (*ckpFunctions->C_EncryptInit)(ckSessionHandle, ckpMechanism,
ckKeyHandle);
}
}
}
TRACE1("DEBUG C_EncryptInit: freed pMech = %p\n", ckpMechanism);
freeCKMechanismPtr(ckpMechanism);
if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; } if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; }
TRACE0("FINISHED\n");
} }
#endif #endif
@ -292,6 +310,7 @@ Java_sun_security_pkcs11_wrapper_PKCS11_C_1DecryptInit
{ {
CK_SESSION_HANDLE ckSessionHandle; CK_SESSION_HANDLE ckSessionHandle;
CK_MECHANISM_PTR ckpMechanism = NULL; CK_MECHANISM_PTR ckpMechanism = NULL;
CK_MECHANISM_PTR ckpTemp;
CK_OBJECT_HANDLE ckKeyHandle; CK_OBJECT_HANDLE ckKeyHandle;
CK_RV rv; CK_RV rv;
@ -301,15 +320,32 @@ Java_sun_security_pkcs11_wrapper_PKCS11_C_1DecryptInit
ckSessionHandle = jLongToCKULong(jSessionHandle); ckSessionHandle = jLongToCKULong(jSessionHandle);
ckKeyHandle = jLongToCKULong(jKeyHandle); ckKeyHandle = jLongToCKULong(jKeyHandle);
ckpMechanism = jMechanismToCKMechanismPtr(env, jMechanism); ckpMechanism = jMechanismToCKMechanismPtr(env, jMechanism);
TRACE1("DEBUG C_DecryptInit: created pMech = %p\n",
ckpMechanism);
if ((*env)->ExceptionCheck(env)) { return; } if ((*env)->ExceptionCheck(env)) { return; }
rv = (*ckpFunctions->C_DecryptInit)(ckSessionHandle, ckpMechanism, rv = (*ckpFunctions->C_DecryptInit)(ckSessionHandle, ckpMechanism,
ckKeyHandle); ckKeyHandle);
// if OAEP, then cannot free here if (ckpMechanism->mechanism == CKM_AES_GCM) {
freeCKMechanismPtr(ckpMechanism); if (rv == CKR_ARGUMENTS_BAD || rv == CKR_MECHANISM_PARAM_INVALID) {
// retry with CKM_GCM_PARAMS structure in pkcs11t.h
TRACE0("DEBUG C_DecryptInit: retry with CK_GCM_PARAMS\n");
ckpTemp = updateGCMParams(env, ckpMechanism);
if (ckpTemp != NULL) { // only re-call if conversion succeeds
ckpMechanism = ckpTemp;
rv = (*ckpFunctions->C_DecryptInit)(ckSessionHandle, ckpMechanism,
ckKeyHandle);
}
}
}
TRACE1("DEBUG C_DecryptInit: freed pMech = %p\n", ckpMechanism);
freeCKMechanismPtr(ckpMechanism);
if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; } if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK) { return; }
TRACE0("FINISHED\n");
} }
#endif #endif

96
src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_util.c
View File

@ -302,29 +302,30 @@ void freeCKMechanismPtr(CK_MECHANISM_PTR mechPtr) {
CK_TLS12_KEY_MAT_PARAMS* tlsKmTmp; CK_TLS12_KEY_MAT_PARAMS* tlsKmTmp;
if (mechPtr != NULL) { if (mechPtr != NULL) {
TRACE2("DEBUG: free mech %lX (mech id = 0x%lX)\n", TRACE2("DEBUG freeCKMechanismPtr: free pMech %p (mech 0x%lX)\n",
ptr_to_jlong(mechPtr), mechPtr->mechanism); mechPtr, mechPtr->mechanism);
if (mechPtr->pParameter != NULL) { if (mechPtr->pParameter != NULL) {
tmp = mechPtr->pParameter;
switch (mechPtr->mechanism) { switch (mechPtr->mechanism) {
case CKM_AES_GCM: case CKM_AES_GCM:
tmp = mechPtr->pParameter; if (mechPtr->ulParameterLen == sizeof(CK_GCM_PARAMS_NO_IVBITS)) {
TRACE1("\t=> free GCM_PARAMS %lX\n", TRACE0("[ GCM_PARAMS w/o ulIvBits ]\n");
ptr_to_jlong(tmp)); free(((CK_GCM_PARAMS_NO_IVBITS*)tmp)->pIv);
free(((CK_GCM_PARAMS_NO_IVBITS*)tmp)->pAAD);
} else if (mechPtr->ulParameterLen == sizeof(CK_GCM_PARAMS)) {
TRACE0("[ GCM_PARAMS ]\n");
free(((CK_GCM_PARAMS*)tmp)->pIv); free(((CK_GCM_PARAMS*)tmp)->pIv);
free(((CK_GCM_PARAMS*)tmp)->pAAD); free(((CK_GCM_PARAMS*)tmp)->pAAD);
}
break; break;
case CKM_AES_CCM: case CKM_AES_CCM:
tmp = mechPtr->pParameter; TRACE0("[ CK_CCM_PARAMS ]\n");
TRACE1("\t=> free CK_CCM_PARAMS %lX\n",
ptr_to_jlong(tmp));
free(((CK_CCM_PARAMS*)tmp)->pNonce); free(((CK_CCM_PARAMS*)tmp)->pNonce);
free(((CK_CCM_PARAMS*)tmp)->pAAD); free(((CK_CCM_PARAMS*)tmp)->pAAD);
break; break;
case CKM_TLS_PRF: case CKM_TLS_PRF:
case CKM_NSS_TLS_PRF_GENERAL: case CKM_NSS_TLS_PRF_GENERAL:
tmp = mechPtr->pParameter; TRACE0("[ CK_TLS_PRF_PARAMS ]\n");
TRACE1("\t=> free CK_TLS_PRF_PARAMS %lX\n",
ptr_to_jlong(tmp));
free(((CK_TLS_PRF_PARAMS*)tmp)->pSeed); free(((CK_TLS_PRF_PARAMS*)tmp)->pSeed);
free(((CK_TLS_PRF_PARAMS*)tmp)->pLabel); free(((CK_TLS_PRF_PARAMS*)tmp)->pLabel);
free(((CK_TLS_PRF_PARAMS*)tmp)->pulOutputLen); free(((CK_TLS_PRF_PARAMS*)tmp)->pulOutputLen);
@ -334,18 +335,16 @@ void freeCKMechanismPtr(CK_MECHANISM_PTR mechPtr) {
case CKM_TLS_MASTER_KEY_DERIVE: case CKM_TLS_MASTER_KEY_DERIVE:
case CKM_SSL3_MASTER_KEY_DERIVE_DH: case CKM_SSL3_MASTER_KEY_DERIVE_DH:
case CKM_TLS_MASTER_KEY_DERIVE_DH: case CKM_TLS_MASTER_KEY_DERIVE_DH:
sslMkdTmp = mechPtr->pParameter; sslMkdTmp = tmp;
TRACE1("\t=> free CK_SSL3_MASTER_KEY_DERIVE_PARAMS %lX\n", TRACE0("[ CK_SSL3_MASTER_KEY_DERIVE_PARAMS ]\n");
ptr_to_jlong(sslMkdTmp));
free(sslMkdTmp->RandomInfo.pClientRandom); free(sslMkdTmp->RandomInfo.pClientRandom);
free(sslMkdTmp->RandomInfo.pServerRandom); free(sslMkdTmp->RandomInfo.pServerRandom);
free(sslMkdTmp->pVersion); free(sslMkdTmp->pVersion);
break; break;
case CKM_SSL3_KEY_AND_MAC_DERIVE: case CKM_SSL3_KEY_AND_MAC_DERIVE:
case CKM_TLS_KEY_AND_MAC_DERIVE: case CKM_TLS_KEY_AND_MAC_DERIVE:
sslKmTmp = mechPtr->pParameter; sslKmTmp = tmp;
TRACE1("\t=> free CK_SSL3_KEY_MAT_PARAMS %lX\n", TRACE0("[ CK_SSL3_KEY_MAT_PARAMS ]\n");
ptr_to_jlong(sslKmTmp));
free(sslKmTmp->RandomInfo.pClientRandom); free(sslKmTmp->RandomInfo.pClientRandom);
free(sslKmTmp->RandomInfo.pServerRandom); free(sslKmTmp->RandomInfo.pServerRandom);
if (sslKmTmp->pReturnedKeyMaterial != NULL) { if (sslKmTmp->pReturnedKeyMaterial != NULL) {
@ -356,17 +355,15 @@ void freeCKMechanismPtr(CK_MECHANISM_PTR mechPtr) {
break; break;
case CKM_TLS12_MASTER_KEY_DERIVE: case CKM_TLS12_MASTER_KEY_DERIVE:
case CKM_TLS12_MASTER_KEY_DERIVE_DH: case CKM_TLS12_MASTER_KEY_DERIVE_DH:
tlsMkdTmp = mechPtr->pParameter; tlsMkdTmp = tmp;
TRACE1("\t=> CK_TLS12_MASTER_KEY_DERIVE_PARAMS %lX\n", TRACE0("[ CK_TLS12_MASTER_KEY_DERIVE_PARAMS ]\n");
ptr_to_jlong(tlsMkdTmp));
free(tlsMkdTmp->RandomInfo.pClientRandom); free(tlsMkdTmp->RandomInfo.pClientRandom);
free(tlsMkdTmp->RandomInfo.pServerRandom); free(tlsMkdTmp->RandomInfo.pServerRandom);
free(tlsMkdTmp->pVersion); free(tlsMkdTmp->pVersion);
break; break;
case CKM_TLS12_KEY_AND_MAC_DERIVE: case CKM_TLS12_KEY_AND_MAC_DERIVE:
tlsKmTmp = mechPtr->pParameter; tlsKmTmp = tmp;
TRACE1("\t=> free CK_TLS12_KEY_MAT_PARAMS %lX\n", TRACE0("[ CK_TLS12_KEY_MAT_PARAMS ]\n");
ptr_to_jlong(tlsKmTmp));
free(tlsKmTmp->RandomInfo.pClientRandom); free(tlsKmTmp->RandomInfo.pClientRandom);
free(tlsKmTmp->RandomInfo.pServerRandom); free(tlsKmTmp->RandomInfo.pServerRandom);
if (tlsKmTmp->pReturnedKeyMaterial != NULL) { if (tlsKmTmp->pReturnedKeyMaterial != NULL) {
@ -377,9 +374,7 @@ void freeCKMechanismPtr(CK_MECHANISM_PTR mechPtr) {
break; break;
case CKM_ECDH1_DERIVE: case CKM_ECDH1_DERIVE:
case CKM_ECDH1_COFACTOR_DERIVE: case CKM_ECDH1_COFACTOR_DERIVE:
tmp = mechPtr->pParameter; TRACE0("[ CK_ECDH1_DERIVE_PARAMS ]\n");
TRACE1("\t=> free CK_ECDH1_DERIVE_PARAMS %lX\n",
ptr_to_jlong(tmp));
free(((CK_ECDH1_DERIVE_PARAMS *)tmp)->pSharedData); free(((CK_ECDH1_DERIVE_PARAMS *)tmp)->pSharedData);
free(((CK_ECDH1_DERIVE_PARAMS *)tmp)->pPublicData); free(((CK_ECDH1_DERIVE_PARAMS *)tmp)->pPublicData);
break; break;
@ -387,7 +382,6 @@ void freeCKMechanismPtr(CK_MECHANISM_PTR mechPtr) {
case CKM_AES_CTR: case CKM_AES_CTR:
case CKM_RSA_PKCS_PSS: case CKM_RSA_PKCS_PSS:
case CKM_CAMELLIA_CTR: case CKM_CAMELLIA_CTR:
TRACE0("\t=> NO OP\n");
// params do not contain pointers // params do not contain pointers
break; break;
default: default:
@ -399,17 +393,59 @@ void freeCKMechanismPtr(CK_MECHANISM_PTR mechPtr) {
// CKM_EXTRACT_KEY_FROM_KEY, CKM_OTP, CKM_KIP, // CKM_EXTRACT_KEY_FROM_KEY, CKM_OTP, CKM_KIP,
// CKM_DSA_PARAMETER_GEN?, CKM_GOSTR3410_* // CKM_DSA_PARAMETER_GEN?, CKM_GOSTR3410_*
// CK_any_CBC_ENCRYPT_DATA? // CK_any_CBC_ENCRYPT_DATA?
TRACE0("\t=> ERROR UNSUPPORTED CK PARAMS\n"); TRACE0("ERROR: UNSUPPORTED CK_MECHANISM\n");
break; break;
} }
free(mechPtr->pParameter); TRACE1("\t=> freed param %p\n", tmp);
free(tmp);
} else { } else {
TRACE0("DEBUG => Parameter NULL\n"); TRACE0("\t=> param NULL\n");
} }
free(mechPtr); free(mechPtr);
TRACE0("FINISHED\n");
} }
} }
/* This function replaces the CK_GCM_PARAMS_NO_IVBITS structure associated
* with the specified CK_MECHANISM structure with CK_GCM_PARAMS
* structure.
*
* @param mechPtr pointer to the CK_MECHANISM structure containing
* the to-be-converted CK_GCM_PARAMS_NO_IVBITS structure.
* @return pointer to the CK_MECHANISM structure containing the
* converted CK_GCM_PARAMS structure or NULL if no conversion took place.
*/
CK_MECHANISM_PTR updateGCMParams(JNIEnv *env, CK_MECHANISM_PTR mechPtr) {
CK_GCM_PARAMS* pGcmParams2 = NULL;
CK_GCM_PARAMS_NO_IVBITS* pParams = NULL;
if ((mechPtr->mechanism == CKM_AES_GCM) &&
(mechPtr->pParameter != NULL_PTR) &&
(mechPtr->ulParameterLen == sizeof(CK_GCM_PARAMS_NO_IVBITS))) {
pGcmParams2 = calloc(1, sizeof(CK_GCM_PARAMS));
if (pGcmParams2 == NULL) {
throwOutOfMemoryError(env, 0);
return NULL;
}
pParams = (CK_GCM_PARAMS_NO_IVBITS*) mechPtr->pParameter;
pGcmParams2->pIv = pParams->pIv;
pGcmParams2->ulIvLen = pParams->ulIvLen;
pGcmParams2->ulIvBits = (pGcmParams2->ulIvLen << 3);
pGcmParams2->pAAD = pParams->pAAD;
pGcmParams2->ulAADLen = pParams->ulAADLen;
pGcmParams2->ulTagBits = pParams->ulTagBits;
TRACE1("DEBUG updateGCMParams: pMech %p\n", mechPtr);
TRACE2("\t=> GCM param w/o ulIvBits %p => GCM param %p\n", pParams,
pGcmParams2);
free(pParams);
mechPtr->pParameter = pGcmParams2;
mechPtr->ulParameterLen = sizeof(CK_GCM_PARAMS);
return mechPtr;
} else {
TRACE0("DEBUG updateGCMParams: no conversion done\n");
}
return NULL;
}
/* /*
* the following functions convert Java arrays to PKCS#11 array pointers and * the following functions convert Java arrays to PKCS#11 array pointers and
* their array length and vice versa * their array length and vice versa

55
src/jdk.crypto.cryptoki/share/native/libj2pkcs11/pkcs11gcm2.h Normal file
View File

@ -0,0 +1,55 @@
/*
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/* There is a known incompatibility for CK_GCM_PARAMS structure.
* PKCS#11 v2.40 standard mechanisms specification specifies
* CK_GCM_PARAMS as
* typedef struct CK_GCM_PARAMS {
* CK_BYTE_PTR pIv;
* CK_ULONG ulIvLen;
* CK_BYTE_PTR pAAD;
* CK_ULONG ulAADLen;
* CK_ULONG ulTagBits;
* } CK_GCM_PARAMS;
* However, the official header file of PKCS#11 v2.40 defines the
* CK_GCM_PARAMS with an extra "ulIvBits" field (type CK_ULONG).
* NSS uses the spec version while Solaris and SoftHSM2 use the header
* version. In order to work with both sides, SunPKCS11 provider defines
* the spec version of CK_GCM_PARAMS as CK_GCM_PARAMS_NO_IVBITS (as in this
* file) and uses it first before failing over to the header version.
*/
#ifndef _PKCS11GCM2_H_
#define _PKCS11GCM2_H_ 1
/* include the platform dependent part of the header */
typedef struct CK_GCM_PARAMS_NO_IVBITS {
CK_BYTE_PTR pIv;
CK_ULONG ulIvLen;
CK_BYTE_PTR pAAD;
CK_ULONG ulAADLen;
CK_ULONG ulTagBits;
} CK_GCM_PARAMS_NO_IVBITS;
typedef CK_GCM_PARAMS_NO_IVBITS CK_PTR CK_GCM_PARAMS_NO_IVBITS_PTR;
#endif /* _PKCS11GCM2_H_ */

4
src/jdk.crypto.cryptoki/share/native/libj2pkcs11/pkcs11t.h
View File

@ -1833,6 +1833,7 @@ typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR;
typedef struct CK_GCM_PARAMS { typedef struct CK_GCM_PARAMS {
CK_BYTE_PTR pIv; CK_BYTE_PTR pIv;
CK_ULONG ulIvLen; CK_ULONG ulIvLen;
CK_ULONG ulIvBits;
CK_BYTE_PTR pAAD; CK_BYTE_PTR pAAD;
CK_ULONG ulAADLen; CK_ULONG ulAADLen;
CK_ULONG ulTagBits; CK_ULONG ulTagBits;
@ -1962,7 +1963,7 @@ typedef struct CK_TLS_KDF_PARAMS {
typedef CK_TLS_KDF_PARAMS CK_PTR CK_TLS_KDF_PARAMS_PTR; typedef CK_TLS_KDF_PARAMS CK_PTR CK_TLS_KDF_PARAMS_PTR;
typedef struct CK_TLS_MAC_PARAMS { typedef struct CK_TLS_MAC_PARAMS {
CK_MECHANISM_TYPE prfMechanism; CK_MECHANISM_TYPE prfHashMechanism;
CK_ULONG ulMacLength; CK_ULONG ulMacLength;
CK_ULONG ulServerOrClient; CK_ULONG ulServerOrClient;
} CK_TLS_MAC_PARAMS; } CK_TLS_MAC_PARAMS;
@ -2000,3 +2001,4 @@ typedef CK_SEED_CBC_ENCRYPT_DATA_PARAMS CK_PTR \
#endif /* _PKCS11T_H_ */ #endif /* _PKCS11T_H_ */

5
src/jdk.crypto.cryptoki/share/native/libj2pkcs11/pkcs11wrapper.h
View File

@ -159,7 +159,6 @@
/* include the platform dependent part of the header */ /* include the platform dependent part of the header */
#include "p11_md.h" #include "p11_md.h"
#include "pkcs11.h"
#include <jni.h> #include <jni.h>
#include <jni_util.h> #include <jni_util.h>
#include <stdarg.h> #include <stdarg.h>
@ -296,6 +295,10 @@ void printDebug(const char *format, ...);
#define CLASS_TLS_PRF_PARAMS "sun/security/pkcs11/wrapper/CK_TLS_PRF_PARAMS" #define CLASS_TLS_PRF_PARAMS "sun/security/pkcs11/wrapper/CK_TLS_PRF_PARAMS"
#define CLASS_TLS_MAC_PARAMS "sun/security/pkcs11/wrapper/CK_TLS_MAC_PARAMS" #define CLASS_TLS_MAC_PARAMS "sun/security/pkcs11/wrapper/CK_TLS_MAC_PARAMS"
/* function to update the CK_NSS_GCM_PARAMS in mechanism pointer with
* CK_GCM_PARAMS
*/
CK_MECHANISM_PTR updateGCMParams(JNIEnv *env, CK_MECHANISM_PTR mechPtr);
/* function to convert a PKCS#11 return value other than CK_OK into a Java Exception /* function to convert a PKCS#11 return value other than CK_OK into a Java Exception
* or to throw a PKCS11RuntimeException * or to throw a PKCS11RuntimeException

5
src/jdk.crypto.cryptoki/unix/native/libj2pkcs11/p11_md.h
View File

@ -1,3 +1,7 @@
/*
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
*/
/* /*
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
@ -69,6 +73,7 @@
#endif #endif
#include "pkcs11.h" #include "pkcs11.h"
#include "pkcs11gcm2.h"
#include "jni.h" #include "jni.h"

5
src/jdk.crypto.cryptoki/windows/native/libj2pkcs11/p11_md.h
View File

@ -1,3 +1,7 @@
/*
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
*/
/* /*
* reserved comment block * reserved comment block
* DO NOT REMOVE OR ALTER! * DO NOT REMOVE OR ALTER!
@ -77,6 +81,7 @@
#endif /* CreateMutex */ #endif /* CreateMutex */
#include "pkcs11.h" #include "pkcs11.h"
#include "pkcs11gcm2.h"
/* statement according to PKCS11 docu */ /* statement according to PKCS11 docu */
#pragma pack(pop, cryptoki) #pragma pack(pop, cryptoki)

14
test/jdk/sun/security/pkcs11/Cipher/TestGCMKeyAndIvCheck.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -23,7 +23,7 @@
/* /*
* @test * @test
* @bug 8080462 * @bug 8080462 8229243
* @library /test/lib .. * @library /test/lib ..
* @modules jdk.crypto.cryptoki * @modules jdk.crypto.cryptoki
* @run main TestGCMKeyAndIvCheck * @run main TestGCMKeyAndIvCheck
@ -81,6 +81,7 @@ public class TestGCMKeyAndIvCheck extends PKCS11Test {
", no support for " + mode); ", no support for " + mode);
return; return;
} }
System.out.println("Testing against " + p.getName());
SecretKey key = new SecretKeySpec(new byte[16], "AES"); SecretKey key = new SecretKeySpec(new byte[16], "AES");
// First try parameter-less init. // First try parameter-less init.
c.init(Cipher.ENCRYPT_MODE, key); c.init(Cipher.ENCRYPT_MODE, key);
@ -111,12 +112,11 @@ public class TestGCMKeyAndIvCheck extends PKCS11Test {
throw new Exception("Parameters contains incorrect IV value"); throw new Exception("Parameters contains incorrect IV value");
} }
// Should be ok to use the same key+iv for decryption
c.init(Cipher.DECRYPT_MODE, key, params); c.init(Cipher.DECRYPT_MODE, key, params);
c.updateAAD(AAD); c.updateAAD(AAD);
byte[] recovered = c.doFinal(ctPlusTag); byte[] recovered = c.doFinal(ctPlusTag);
if (!Arrays.equals(recovered, PT)) { if (!Arrays.equals(recovered, PT)) {
throw new Exception("decryption result mismatch"); throw new Exception("Decryption result mismatch");
} }
// Now try to encrypt again using the same key+iv; should fail also // Now try to encrypt again using the same key+iv; should fail also
@ -125,6 +125,7 @@ public class TestGCMKeyAndIvCheck extends PKCS11Test {
throw new Exception("Should throw exception when same key+iv is used"); throw new Exception("Should throw exception when same key+iv is used");
} catch (InvalidAlgorithmParameterException iape) { } catch (InvalidAlgorithmParameterException iape) {
// expected // expected
System.out.println("Expected IAPE thrown");
} }
// Now try to encrypt again using parameter-less init; should work // Now try to encrypt again using parameter-less init; should work
@ -138,7 +139,8 @@ public class TestGCMKeyAndIvCheck extends PKCS11Test {
} }
// Now try to encrypt again using a different parameter; should work // Now try to encrypt again using a different parameter; should work
AlgorithmParameterSpec spec2 = new GCMParameterSpec(128, new byte[30]); AlgorithmParameterSpec spec2 = new GCMParameterSpec(128,
"Solaris PKCS11 lib does not allow all-zero IV".getBytes());
c.init(Cipher.ENCRYPT_MODE, key, spec2); c.init(Cipher.ENCRYPT_MODE, key, spec2);
c.updateAAD(AAD); c.updateAAD(AAD);
c.doFinal(PT); c.doFinal(PT);
@ -154,7 +156,7 @@ public class TestGCMKeyAndIvCheck extends PKCS11Test {
c.updateAAD(AAD); c.updateAAD(AAD);
recovered = c.doFinal(ctPlusTag); recovered = c.doFinal(ctPlusTag);
if (!Arrays.equals(recovered, PT)) { if (!Arrays.equals(recovered, PT)) {
throw new Exception("decryption result mismatch"); throw new Exception("Decryption result mismatch");
} }
// Now try decryption again and re-init using the same parameters // Now try decryption again and re-init using the same parameters