stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Mike Duigou 2011-04-27 14:18:26 -07:00
commit ed2f711c6d
11 changed files with 473 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jdk/make/java/nio/mapfile-linux
View File

@ -44,7 +44,6 @@ SUNWprivate_1.1 {
Java_sun_nio_ch_EPollArrayWrapper_interrupt; Java_sun_nio_ch_EPollArrayWrapper_interrupt;
Java_sun_nio_ch_EPollArrayWrapper_offsetofData; Java_sun_nio_ch_EPollArrayWrapper_offsetofData;
Java_sun_nio_ch_EPollArrayWrapper_sizeofEPollEvent; Java_sun_nio_ch_EPollArrayWrapper_sizeofEPollEvent;
Java_sun_nio_ch_EPoll_init;
Java_sun_nio_ch_EPoll_eventSize; Java_sun_nio_ch_EPoll_eventSize;
Java_sun_nio_ch_EPoll_eventsOffset; Java_sun_nio_ch_EPoll_eventsOffset;
Java_sun_nio_ch_EPoll_dataOffset; Java_sun_nio_ch_EPoll_dataOffset;
@ -129,7 +128,6 @@ SUNWprivate_1.1 {
Java_sun_nio_fs_GnomeFileTypeDetector_probeUsingGio; Java_sun_nio_fs_GnomeFileTypeDetector_probeUsingGio;
Java_sun_nio_fs_GnomeFileTypeDetector_initializeGnomeVfs; Java_sun_nio_fs_GnomeFileTypeDetector_initializeGnomeVfs;
Java_sun_nio_fs_GnomeFileTypeDetector_probeUsingGnomeVfs; Java_sun_nio_fs_GnomeFileTypeDetector_probeUsingGnomeVfs;
Java_sun_nio_fs_LinuxWatchService_init;
Java_sun_nio_fs_LinuxWatchService_eventSize; Java_sun_nio_fs_LinuxWatchService_eventSize;
Java_sun_nio_fs_LinuxWatchService_eventOffsets; Java_sun_nio_fs_LinuxWatchService_eventOffsets;
Java_sun_nio_fs_LinuxWatchService_inotifyInit; Java_sun_nio_fs_LinuxWatchService_inotifyInit;

3
jdk/src/solaris/classes/sun/nio/ch/EPoll.java
View File

@ -99,8 +99,6 @@ class EPoll {
// -- Native methods -- // -- Native methods --
private static native void init();
private static native int eventSize(); private static native int eventSize();
private static native int eventsOffset(); private static native int eventsOffset();
@ -116,6 +114,5 @@ class EPoll {
static { static {
Util.load(); Util.load();
init();
} }
} }

3
jdk/src/solaris/classes/sun/nio/fs/LinuxWatchService.java
View File

@ -432,8 +432,6 @@ class LinuxWatchService
// -- native methods -- // -- native methods --
private static native void init();
// sizeof inotify_event // sizeof inotify_event
private static native int eventSize(); private static native int eventSize();
@ -461,6 +459,5 @@ class LinuxWatchService
System.loadLibrary("nio"); System.loadLibrary("nio");
return null; return null;
}}); }});
init();
} }
} }

56
jdk/src/solaris/native/sun/nio/ch/EPoll.c
View File

@ -34,55 +34,7 @@
#include <dlfcn.h> #include <dlfcn.h>
#include <unistd.h> #include <unistd.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/epoll.h>
#ifdef __cplusplus
extern "C" {
#endif
/* epoll_wait(2) man page */
typedef union epoll_data {
void *ptr;
int fd;
__uint32_t u32;
__uint64_t u64;
} epoll_data_t;
struct epoll_event {
__uint32_t events; /* Epoll events */
epoll_data_t data; /* User data variable */
} __attribute__ ((__packed__));
#ifdef __cplusplus
}
#endif
/*
* epoll event notification is new in 2.6 kernel. As the offical build
* platform for the JDK is on a 2.4-based distribution then we must
* obtain the addresses of the epoll functions dynamically.
*/
typedef int (*epoll_create_t)(int size);
typedef int (*epoll_ctl_t) (int epfd, int op, int fd, struct epoll_event *event);
typedef int (*epoll_wait_t) (int epfd, struct epoll_event *events, int maxevents, int timeout);
static epoll_create_t epoll_create_func;
static epoll_ctl_t epoll_ctl_func;
static epoll_wait_t epoll_wait_func;
JNIEXPORT void JNICALL
Java_sun_nio_ch_EPoll_init(JNIEnv *env, jclass this)
{
epoll_create_func = (epoll_create_t) dlsym(RTLD_DEFAULT, "epoll_create");
epoll_ctl_func = (epoll_ctl_t) dlsym(RTLD_DEFAULT, "epoll_ctl");
epoll_wait_func = (epoll_wait_t) dlsym(RTLD_DEFAULT, "epoll_wait");
if ((epoll_create_func == NULL) || (epoll_ctl_func == NULL) ||
(epoll_wait_func == NULL)) {
JNU_ThrowInternalError(env, "unable to get address of epoll functions, pre-2.6 kernel?");
}
}
JNIEXPORT jint JNICALL JNIEXPORT jint JNICALL
Java_sun_nio_ch_EPoll_eventSize(JNIEnv* env, jclass this) Java_sun_nio_ch_EPoll_eventSize(JNIEnv* env, jclass this)
@ -108,7 +60,7 @@ Java_sun_nio_ch_EPoll_epollCreate(JNIEnv *env, jclass c) {
* epoll_create expects a size as a hint to the kernel about how to * epoll_create expects a size as a hint to the kernel about how to
* dimension internal structures. We can't predict the size in advance. * dimension internal structures. We can't predict the size in advance.
*/ */
int epfd = (*epoll_create_func)(256); int epfd = epoll_create(256);
if (epfd < 0) { if (epfd < 0) {
JNU_ThrowIOExceptionWithLastError(env, "epoll_create failed"); JNU_ThrowIOExceptionWithLastError(env, "epoll_create failed");
} }
@ -125,7 +77,7 @@ Java_sun_nio_ch_EPoll_epollCtl(JNIEnv *env, jclass c, jint epfd,
event.events = events; event.events = events;
event.data.fd = fd; event.data.fd = fd;
RESTARTABLE((*epoll_ctl_func)(epfd, (int)opcode, (int)fd, &event), res); RESTARTABLE(epoll_ctl(epfd, (int)opcode, (int)fd, &event), res);
return (res == 0) ? 0 : errno; return (res == 0) ? 0 : errno;
} }
@ -137,7 +89,7 @@ Java_sun_nio_ch_EPoll_epollWait(JNIEnv *env, jclass c,
struct epoll_event *events = jlong_to_ptr(address); struct epoll_event *events = jlong_to_ptr(address);
int res; int res;
RESTARTABLE((*epoll_wait_func)(epfd, events, numfds, -1), res); RESTARTABLE(epoll_wait(epfd, events, numfds, -1), res);
if (res < 0) { if (res < 0) {
JNU_ThrowIOExceptionWithLastError(env, "epoll_wait failed"); JNU_ThrowIOExceptionWithLastError(env, "epoll_wait failed");
} }

50
jdk/src/solaris/native/sun/nio/fs/LinuxWatchService.c
View File

@ -33,33 +33,10 @@
#include <sys/types.h> #include <sys/types.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/poll.h> #include <sys/poll.h>
#include <sys/inotify.h>
#include "sun_nio_fs_LinuxWatchService.h" #include "sun_nio_fs_LinuxWatchService.h"
/* inotify.h may not be available at build time */
#ifdef __cplusplus
extern "C" {
#endif
struct inotify_event
{
int wd;
uint32_t mask;
uint32_t cookie;
uint32_t len;
char name __flexarr;
};
#ifdef __cplusplus
}
#endif
typedef int inotify_init_func(void);
typedef int inotify_add_watch_func(int fd, const char* path, uint32_t mask);
typedef int inotify_rm_watch_func(int fd, uint32_t wd);
inotify_init_func* my_inotify_init_func = NULL;
inotify_add_watch_func* my_inotify_add_watch_func = NULL;
inotify_rm_watch_func* my_inotify_rm_watch_func = NULL;
static void throwUnixException(JNIEnv* env, int errnum) { static void throwUnixException(JNIEnv* env, int errnum) {
jobject x = JNU_NewObjectByName(env, "sun/nio/fs/UnixException", jobject x = JNU_NewObjectByName(env, "sun/nio/fs/UnixException",
"(I)V", errnum); "(I)V", errnum);
@ -68,22 +45,6 @@ static void throwUnixException(JNIEnv* env, int errnum) {
} }
} }
JNIEXPORT void JNICALL
Java_sun_nio_fs_LinuxWatchService_init(JNIEnv *env, jclass clazz)
{
my_inotify_init_func = (inotify_init_func*)
dlsym(RTLD_DEFAULT, "inotify_init");
my_inotify_add_watch_func =
(inotify_add_watch_func*) dlsym(RTLD_DEFAULT, "inotify_add_watch");
my_inotify_rm_watch_func =
(inotify_rm_watch_func*) dlsym(RTLD_DEFAULT, "inotify_rm_watch");
if ((my_inotify_init_func == NULL) || (my_inotify_add_watch_func == NULL) ||
(my_inotify_rm_watch_func == NULL)) {
JNU_ThrowInternalError(env, "unable to get address of inotify functions");
}
}
JNIEXPORT jint JNICALL JNIEXPORT jint JNICALL
Java_sun_nio_fs_LinuxWatchService_eventSize(JNIEnv *env, jclass clazz) Java_sun_nio_fs_LinuxWatchService_eventSize(JNIEnv *env, jclass clazz)
{ {
@ -111,7 +72,7 @@ JNIEXPORT jint JNICALL
Java_sun_nio_fs_LinuxWatchService_inotifyInit Java_sun_nio_fs_LinuxWatchService_inotifyInit
(JNIEnv* env, jclass clazz) (JNIEnv* env, jclass clazz)
{ {
int ifd = (*my_inotify_init_func)(); int ifd = inotify_init();
if (ifd == -1) { if (ifd == -1) {
throwUnixException(env, errno); throwUnixException(env, errno);
} }
@ -125,7 +86,7 @@ Java_sun_nio_fs_LinuxWatchService_inotifyAddWatch
int wfd = -1; int wfd = -1;
const char* path = (const char*)jlong_to_ptr(address); const char* path = (const char*)jlong_to_ptr(address);
wfd = (*my_inotify_add_watch_func)((int)fd, path, mask); wfd = inotify_add_watch((int)fd, path, mask);
if (wfd == -1) { if (wfd == -1) {
throwUnixException(env, errno); throwUnixException(env, errno);
} }
@ -136,7 +97,7 @@ JNIEXPORT void JNICALL
Java_sun_nio_fs_LinuxWatchService_inotifyRmWatch Java_sun_nio_fs_LinuxWatchService_inotifyRmWatch
(JNIEnv* env, jclass clazz, jint fd, jint wd) (JNIEnv* env, jclass clazz, jint fd, jint wd)
{ {
int err = (*my_inotify_rm_watch_func)((int)fd, (int)wd); int err = inotify_rm_watch((int)fd, (int)wd);
if (err == -1) if (err == -1)
throwUnixException(env, errno); throwUnixException(env, errno);
} }
@ -166,7 +127,6 @@ Java_sun_nio_fs_LinuxWatchService_socketpair
res[1] = (jint)sp[1]; res[1] = (jint)sp[1];
(*env)->SetIntArrayRegion(env, sv, 0, 2, &res[0]); (*env)->SetIntArrayRegion(env, sv, 0, 2, &res[0]);
} }
} }
JNIEXPORT jint JNICALL JNIEXPORT jint JNICALL
@ -190,6 +150,4 @@ Java_sun_nio_fs_LinuxWatchService_poll
} }
} }
return (jint)n; return (jint)n;
} }

85
jdk/src/windows/classes/sun/security/mscapi/RSASignature.java
View File

@ -50,6 +50,9 @@ import sun.security.rsa.RSAKeyFactory;
* following algorithm names: * following algorithm names:
* *
* . "SHA1withRSA" * . "SHA1withRSA"
* . "SHA256withRSA"
* . "SHA384withRSA"
* . "SHA512withRSA"
* . "MD5withRSA" * . "MD5withRSA"
* . "MD2withRSA" * . "MD2withRSA"
* *
@ -63,7 +66,10 @@ abstract class RSASignature extends java.security.SignatureSpi
// message digest implementation we use // message digest implementation we use
private final MessageDigest messageDigest; private final MessageDigest messageDigest;
// flag indicating whether the digest is reset // message digest name
private final String messageDigestAlgorithm;
// flag indicating whether the digest has been reset
private boolean needsReset; private boolean needsReset;
// the signing key // the signing key
@ -73,10 +79,15 @@ abstract class RSASignature extends java.security.SignatureSpi
private Key publicKey = null; private Key publicKey = null;
/**
* Constructs a new RSASignature. Used by subclasses.
*/
RSASignature(String digestName) { RSASignature(String digestName) {
try { try {
messageDigest = MessageDigest.getInstance(digestName); messageDigest = MessageDigest.getInstance(digestName);
// Get the digest's canonical name
messageDigestAlgorithm = messageDigest.getAlgorithm();
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
throw new ProviderException(e); throw new ProviderException(e);
@ -91,6 +102,24 @@ abstract class RSASignature extends java.security.SignatureSpi
} }
} }
public static final class SHA256 extends RSASignature {
public SHA256() {
super("SHA-256");
}
}
public static final class SHA384 extends RSASignature {
public SHA384() {
super("SHA-384");
}
}
public static final class SHA512 extends RSASignature {
public SHA512() {
super("SHA-512");
}
}
public static final class MD5 extends RSASignature { public static final class MD5 extends RSASignature {
public MD5() { public MD5() {
super("MD5"); super("MD5");
@ -103,16 +132,7 @@ abstract class RSASignature extends java.security.SignatureSpi
} }
} }
/** // initialize for signing. See JCA doc
* Initializes this signature object with the specified
* public key for verification operations.
*
* @param publicKey the public key of the identity whose signature is
* going to be verified.
*
* @exception InvalidKeyException if the key is improperly
* encoded, parameters are missing, and so on.
*/
protected void engineInitVerify(PublicKey key) protected void engineInitVerify(PublicKey key)
throws InvalidKeyException throws InvalidKeyException
{ {
@ -158,24 +178,12 @@ abstract class RSASignature extends java.security.SignatureSpi
publicKey = (sun.security.mscapi.RSAPublicKey) key; publicKey = (sun.security.mscapi.RSAPublicKey) key;
} }
if (needsReset) { this.privateKey = null;
messageDigest.reset(); resetDigest();
needsReset = false;
}
} }
/** // initialize for signing. See JCA doc
* Initializes this signature object with the specified protected void engineInitSign(PrivateKey key) throws InvalidKeyException
* private key for signing operations.
*
* @param privateKey the private key of the identity whose signature
* will be generated.
*
* @exception InvalidKeyException if the key is improperly
* encoded, parameters are missing, and so on.
*/
protected void engineInitSign(PrivateKey key)
throws InvalidKeyException
{ {
// This signature accepts only RSAPrivateKey // This signature accepts only RSAPrivateKey
if ((key instanceof sun.security.mscapi.RSAPrivateKey) == false) { if ((key instanceof sun.security.mscapi.RSAPrivateKey) == false) {
@ -189,12 +197,25 @@ abstract class RSASignature extends java.security.SignatureSpi
null, RSAKeyPairGenerator.KEY_SIZE_MIN, null, RSAKeyPairGenerator.KEY_SIZE_MIN,
RSAKeyPairGenerator.KEY_SIZE_MAX); RSAKeyPairGenerator.KEY_SIZE_MAX);
this.publicKey = null;
resetDigest();
}
/**
* Resets the message digest if needed.
*/
private void resetDigest() {
if (needsReset) { if (needsReset) {
messageDigest.reset(); messageDigest.reset();
needsReset = false; needsReset = false;
} }
} }
private byte[] getDigestValue() {
needsReset = false;
return messageDigest.digest();
}
/** /**
* Updates the data to be signed or verified * Updates the data to be signed or verified
* using the specified byte. * using the specified byte.
@ -254,13 +275,12 @@ abstract class RSASignature extends java.security.SignatureSpi
*/ */
protected byte[] engineSign() throws SignatureException { protected byte[] engineSign() throws SignatureException {
byte[] hash = messageDigest.digest(); byte[] hash = getDigestValue();
needsReset = false;
// Sign hash using MS Crypto APIs // Sign hash using MS Crypto APIs
byte[] result = signHash(hash, hash.length, byte[] result = signHash(hash, hash.length,
messageDigest.getAlgorithm(), privateKey.getHCryptProvider(), messageDigestAlgorithm, privateKey.getHCryptProvider(),
privateKey.getHCryptKey()); privateKey.getHCryptKey());
// Convert signature array from little endian to big endian // Convert signature array from little endian to big endian
@ -314,11 +334,10 @@ abstract class RSASignature extends java.security.SignatureSpi
protected boolean engineVerify(byte[] sigBytes) protected boolean engineVerify(byte[] sigBytes)
throws SignatureException throws SignatureException
{ {
byte[] hash = messageDigest.digest(); byte[] hash = getDigestValue();
needsReset = false;
return verifySignedHash(hash, hash.length, return verifySignedHash(hash, hash.length,
messageDigest.getAlgorithm(), convertEndianArray(sigBytes), messageDigestAlgorithm, convertEndianArray(sigBytes),
sigBytes.length, publicKey.getHCryptProvider(), sigBytes.length, publicKey.getHCryptProvider(),
publicKey.getHCryptKey()); publicKey.getHCryptKey());
} }

16
jdk/src/windows/classes/sun/security/mscapi/SunMSCAPI.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -81,6 +81,12 @@ public final class SunMSCAPI extends Provider {
*/ */
map.put("Signature.SHA1withRSA", map.put("Signature.SHA1withRSA",
"sun.security.mscapi.RSASignature$SHA1"); "sun.security.mscapi.RSASignature$SHA1");
map.put("Signature.SHA256withRSA",
"sun.security.mscapi.RSASignature$SHA256");
map.put("Signature.SHA384withRSA",
"sun.security.mscapi.RSASignature$SHA384");
map.put("Signature.SHA512withRSA",
"sun.security.mscapi.RSASignature$SHA512");
map.put("Signature.MD5withRSA", map.put("Signature.MD5withRSA",
"sun.security.mscapi.RSASignature$MD5"); "sun.security.mscapi.RSASignature$MD5");
map.put("Signature.MD2withRSA", map.put("Signature.MD2withRSA",
@ -89,12 +95,16 @@ public final class SunMSCAPI extends Provider {
// supported key classes // supported key classes
map.put("Signature.SHA1withRSA SupportedKeyClasses", map.put("Signature.SHA1withRSA SupportedKeyClasses",
"sun.security.mscapi.Key"); "sun.security.mscapi.Key");
map.put("Signature.SHA256withRSA SupportedKeyClasses",
"sun.security.mscapi.Key");
map.put("Signature.SHA384withRSA SupportedKeyClasses",
"sun.security.mscapi.Key");
map.put("Signature.SHA512withRSA SupportedKeyClasses",
"sun.security.mscapi.Key");
map.put("Signature.MD5withRSA SupportedKeyClasses", map.put("Signature.MD5withRSA SupportedKeyClasses",
"sun.security.mscapi.Key"); "sun.security.mscapi.Key");
map.put("Signature.MD2withRSA SupportedKeyClasses", map.put("Signature.MD2withRSA SupportedKeyClasses",
"sun.security.mscapi.Key"); "sun.security.mscapi.Key");
map.put("Signature.NONEwithRSA SupportedKeyClasses",
"sun.security.mscapi.Key");
/* /*
* Key Pair Generator engines * Key Pair Generator engines

80
jdk/src/windows/native/sun/security/mscapi/security.cpp
View File

@ -483,6 +483,7 @@ JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSASignature_signHash
jbyte* pHashBuffer = NULL; jbyte* pHashBuffer = NULL;
jbyte* pSignedHashBuffer = NULL; jbyte* pSignedHashBuffer = NULL;
jbyteArray jSignedHash = NULL; jbyteArray jSignedHash = NULL;
HCRYPTPROV hCryptProvAlt = NULL;
__try __try
{ {
@ -492,10 +493,34 @@ JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSASignature_signHash
// Acquire a hash object handle. // Acquire a hash object handle.
if (::CryptCreateHash(HCRYPTPROV(hCryptProv), algId, 0, 0, &hHash) == FALSE) if (::CryptCreateHash(HCRYPTPROV(hCryptProv), algId, 0, 0, &hHash) == FALSE)
{ {
// Failover to using the PROV_RSA_AES CSP
DWORD cbData = 256;
BYTE pbData[256];
pbData[0] = '\0';
// Get name of the key container
::CryptGetProvParam((HCRYPTPROV)hCryptProv, PP_CONTAINER,
(BYTE *)pbData, &cbData, 0);
// Acquire an alternative CSP handle
if (::CryptAcquireContext(&hCryptProvAlt, LPCSTR(pbData), NULL,
PROV_RSA_AES, 0) == FALSE)
{
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); ThrowException(env, SIGNATURE_EXCEPTION, GetLastError());
__leave; __leave;
} }
// Acquire a hash object handle.
if (::CryptCreateHash(HCRYPTPROV(hCryptProvAlt), algId, 0, 0,
&hHash) == FALSE)
{
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError());
__leave;
}
}
// Copy hash from Java to native buffer // Copy hash from Java to native buffer
pHashBuffer = new jbyte[jHashSize]; pHashBuffer = new jbyte[jHashSize];
env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer); env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer);
@ -546,6 +571,9 @@ JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSASignature_signHash
} }
__finally __finally
{ {
if (hCryptProvAlt)
::CryptReleaseContext(hCryptProvAlt, 0);
if (pSignedHashBuffer) if (pSignedHashBuffer)
delete [] pSignedHashBuffer; delete [] pSignedHashBuffer;
@ -574,6 +602,7 @@ JNIEXPORT jboolean JNICALL Java_sun_security_mscapi_RSASignature_verifySignedHas
jbyte* pSignedHashBuffer = NULL; jbyte* pSignedHashBuffer = NULL;
DWORD dwSignedHashBufferLen = jSignedHashSize; DWORD dwSignedHashBufferLen = jSignedHashSize;
jboolean result = JNI_FALSE; jboolean result = JNI_FALSE;
HCRYPTPROV hCryptProvAlt = NULL;
__try __try
{ {
@ -584,10 +613,34 @@ JNIEXPORT jboolean JNICALL Java_sun_security_mscapi_RSASignature_verifySignedHas
if (::CryptCreateHash(HCRYPTPROV(hCryptProv), algId, 0, 0, &hHash) if (::CryptCreateHash(HCRYPTPROV(hCryptProv), algId, 0, 0, &hHash)
== FALSE) == FALSE)
{ {
// Failover to using the PROV_RSA_AES CSP
DWORD cbData = 256;
BYTE pbData[256];
pbData[0] = '\0';
// Get name of the key container
::CryptGetProvParam((HCRYPTPROV)hCryptProv, PP_CONTAINER,
(BYTE *)pbData, &cbData, 0);
// Acquire an alternative CSP handle
if (::CryptAcquireContext(&hCryptProvAlt, LPCSTR(pbData), NULL,
PROV_RSA_AES, 0) == FALSE)
{
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError()); ThrowException(env, SIGNATURE_EXCEPTION, GetLastError());
__leave; __leave;
} }
// Acquire a hash object handle.
if (::CryptCreateHash(HCRYPTPROV(hCryptProvAlt), algId, 0, 0,
&hHash) == FALSE)
{
ThrowException(env, SIGNATURE_EXCEPTION, GetLastError());
__leave;
}
}
// Copy hash and signedHash from Java to native buffer // Copy hash and signedHash from Java to native buffer
pHashBuffer = new jbyte[jHashSize]; pHashBuffer = new jbyte[jHashSize];
env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer); env->GetByteArrayRegion(jHash, 0, jHashSize, pHashBuffer);
@ -616,6 +669,9 @@ JNIEXPORT jboolean JNICALL Java_sun_security_mscapi_RSASignature_verifySignedHas
__finally __finally
{ {
if (hCryptProvAlt)
::CryptReleaseContext(hCryptProvAlt, 0);
if (pSignedHashBuffer) if (pSignedHashBuffer)
delete [] pSignedHashBuffer; delete [] pSignedHashBuffer;
@ -648,6 +704,17 @@ JNIEXPORT jobject JNICALL Java_sun_security_mscapi_RSAKeyPairGenerator_generateR
pszKeyContainerName = env->GetStringUTFChars(keyContainerName, NULL); pszKeyContainerName = env->GetStringUTFChars(keyContainerName, NULL);
// Acquire a CSP context (create a new key container). // Acquire a CSP context (create a new key container).
// Prefer a PROV_RSA_AES CSP, when available, due to its support
// for SHA-2-based signatures.
if (::CryptAcquireContext(
&hCryptProv,
pszKeyContainerName,
NULL,
PROV_RSA_AES,
CRYPT_NEWKEYSET) == FALSE)
{
// Failover to using the default CSP (PROV_RSA_FULL)
if (::CryptAcquireContext( if (::CryptAcquireContext(
&hCryptProv, &hCryptProv,
pszKeyContainerName, pszKeyContainerName,
@ -658,6 +725,7 @@ JNIEXPORT jobject JNICALL Java_sun_security_mscapi_RSAKeyPairGenerator_generateR
ThrowException(env, KEY_EXCEPTION, GetLastError()); ThrowException(env, KEY_EXCEPTION, GetLastError());
__leave; __leave;
} }
}
// Generate an RSA keypair // Generate an RSA keypair
if(::CryptGenKey( if(::CryptGenKey(
@ -1849,6 +1917,17 @@ JNIEXPORT jobject JNICALL Java_sun_security_mscapi_RSASignature_importPublicKey
pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0); pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0);
// Acquire a CSP context (create a new key container). // Acquire a CSP context (create a new key container).
// Prefer a PROV_RSA_AES CSP, when available, due to its support
// for SHA-2-based signatures.
if (::CryptAcquireContext(
&hCryptProv,
NULL,
NULL,
PROV_RSA_AES,
CRYPT_VERIFYCONTEXT) == FALSE)
{
// Failover to using the default CSP (PROV_RSA_FULL)
if (::CryptAcquireContext( if (::CryptAcquireContext(
&hCryptProv, &hCryptProv,
NULL, NULL,
@ -1859,6 +1938,7 @@ JNIEXPORT jobject JNICALL Java_sun_security_mscapi_RSASignature_importPublicKey
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError()); ThrowException(env, KEYSTORE_EXCEPTION, GetLastError());
__leave; __leave;
} }
}
// Import the public key // Import the public key
if (::CryptImportKey( if (::CryptImportKey(

78
jdk/test/sun/security/krb5/auto/BadKdc.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -22,8 +22,14 @@
*/ */
import java.io.*; import java.io.*;
import java.net.BindException;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.InetAddress;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import javax.security.auth.login.LoginException;
import sun.security.krb5.Asn1Exception;
import sun.security.krb5.Config; import sun.security.krb5.Config;
public class BadKdc { public class BadKdc {
@ -34,8 +40,51 @@ public class BadKdc {
static final Pattern re = Pattern.compile( static final Pattern re = Pattern.compile(
">>> KDCCommunication: kdc=kdc.rabbit.hole UDP:(\\d)...., " + ">>> KDCCommunication: kdc=kdc.rabbit.hole UDP:(\\d)...., " +
"timeout=(\\d)000,"); "timeout=(\\d)000,");
/*
* There are several cases this test fails:
*
* 1. The random selected port is used by another process. No good way to
* prevent this happening, coz krb5.conf must be written before KDC starts.
* There are two different outcomes:
*
* a. Cannot start the KDC. A BindException thrown.
* b. When trying to access a non-existing KDC, a response is received!
* Most likely a Asn1Exception thrown
*
* 2. Even if a KDC is started, and more than 20 seconds pass by, a timeout
* can still happens for the first UDP request. In fact, the KDC did not
* received it at all. This happens on almost all platforms, especially
* solaris-i586 and solaris-x64.
*
* To avoid them:
*
* 1. Catch those exceptions and ignore
*
* 2. a. Make the timeout longer? useless
* b. Read the output carefully, if there is a timeout, it's OK.
* Just make sure the retries times and KDCs are correct.
* This is tough.
* c. Feed the KDC a UDP packet first. The current "solution".
*/
public static void go(int[]... expected) public static void go(int[]... expected)
throws Exception { throws Exception {
try {
go0(expected);
} catch (BindException be) {
System.out.println("The random port is used by another process");
} catch (LoginException le) {
Throwable cause = le.getCause();
if (cause instanceof Asn1Exception) {
System.out.println("Bad packet possibly from another process");
return;
}
throw le;
}
}
public static void go0(int[]... expected)
throws Exception {
System.setProperty("sun.security.krb5.debug", "true"); System.setProperty("sun.security.krb5.debug", "true");
// Make sure KDCs' ports starts with 1 and 2 and 3, // Make sure KDCs' ports starts with 1 and 2 and 3,
@ -78,20 +127,39 @@ public class BadKdc {
KDC k = new KDC(OneKDC.REALM, OneKDC.KDCHOST, p, true); KDC k = new KDC(OneKDC.REALM, OneKDC.KDCHOST, p, true);
k.addPrincipal(OneKDC.USER, OneKDC.PASS); k.addPrincipal(OneKDC.USER, OneKDC.PASS);
k.addPrincipalRandKey("krbtgt/" + OneKDC.REALM); k.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
// Feed a packet to newly started KDC to warm it up
System.err.println("-------- IGNORE THIS ERROR MESSAGE --------");
new DatagramSocket().send(
new DatagramPacket("Hello".getBytes(), 5,
InetAddress.getByName(OneKDC.KDCHOST), p));
return k; return k;
} }
private static void test(int... expected) throws Exception {
ByteArrayOutputStream bo = new ByteArrayOutputStream();
try {
test0(bo, expected);
} catch (Exception e) {
System.out.println("----------------- ERROR -----------------");
System.out.println(new String(bo.toByteArray()));
System.out.println("--------------- ERROR END ---------------");
throw e;
}
}
/** /**
* One round of test for max_retries and timeout. * One round of test for max_retries and timeout.
* @param timeout the expected timeout
* @param expected the expected kdc# timeout kdc# timeout... * @param expected the expected kdc# timeout kdc# timeout...
*/ */
private static void test(int... expected) throws Exception { private static void test0(ByteArrayOutputStream bo, int... expected)
ByteArrayOutputStream bo = new ByteArrayOutputStream(); throws Exception {
PrintStream oldout = System.out; PrintStream oldout = System.out;
System.setOut(new PrintStream(bo)); System.setOut(new PrintStream(bo));
Context c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false); try {
Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
} finally {
System.setOut(oldout); System.setOut(oldout);
}
String[] lines = new String(bo.toByteArray()).split("\n"); String[] lines = new String(bo.toByteArray()).split("\n");
System.out.println("----------------- TEST -----------------"); System.out.println("----------------- TEST -----------------");

153
jdk/test/sun/security/mscapi/SignUsingSHA2withRSA.java Normal file
View File

@ -0,0 +1,153 @@
/*
* Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* @see SignUsingSHA2withRSA.sh
*/
import java.security.*;
import java.util.*;
public class SignUsingSHA2withRSA {
private static final byte[] toBeSigned = new byte[] {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10
};
private static List<byte[]> generatedSignatures = new ArrayList<>();
public static void main(String[] args) throws Exception {
Provider[] providers = Security.getProviders("Signature.SHA256withRSA");
if (providers == null) {
System.out.println("No JCE providers support the " +
"'Signature.SHA256withRSA' algorithm");
System.out.println("Skipping this test...");
return;
} else {
System.out.println("The following JCE providers support the " +
"'Signature.SHA256withRSA' algorithm: ");
for (Provider provider : providers) {
System.out.println(" " + provider.getName());
}
}
System.out.println("-------------------------------------------------");
KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
ks.load(null, null);
System.out.println("Loaded keystore: Windows-MY");
Enumeration e = ks.aliases();
PrivateKey privateKey = null;
PublicKey publicKey = null;
while (e.hasMoreElements()) {
String alias = (String) e.nextElement();
if (alias.equals("6753664")) {
System.out.println("Loaded entry: " + alias);
privateKey = (PrivateKey) ks.getKey(alias, null);
publicKey = (PublicKey) ks.getCertificate(alias).getPublicKey();
}
}
if (privateKey == null || publicKey == null) {
throw new Exception("Cannot load the keys need to run this test");
}
System.out.println("-------------------------------------------------");
generatedSignatures.add(signUsing("SHA256withRSA", privateKey));
generatedSignatures.add(signUsing("SHA384withRSA", privateKey));
generatedSignatures.add(signUsing("SHA512withRSA", privateKey));
System.out.println("-------------------------------------------------");
verifyUsing("SHA256withRSA", publicKey, generatedSignatures.get(0));
verifyUsing("SHA384withRSA", publicKey, generatedSignatures.get(1));
verifyUsing("SHA512withRSA", publicKey, generatedSignatures.get(2));
System.out.println("-------------------------------------------------");
}
private static byte[] signUsing(String signAlgorithm,
PrivateKey privateKey) throws Exception {
// Must explicitly specify the SunMSCAPI JCE provider
// (otherwise SunJCE is chosen because it appears earlier in the list)
Signature sig1 = Signature.getInstance(signAlgorithm, "SunMSCAPI");
if (sig1 == null) {
throw new Exception("'" + signAlgorithm + "' is not supported");
}
System.out.println("Using " + signAlgorithm + " signer from the " +
sig1.getProvider().getName() + " JCE provider");
System.out.println("Using key: " + privateKey);
sig1.initSign(privateKey);
sig1.update(toBeSigned);
byte [] sigBytes = null;
try {
sigBytes = sig1.sign();
System.out.println("Generated RSA signature over a " +
toBeSigned.length + "-byte data (signature length: " +
sigBytes.length * 8 + " bits)");
System.out.println(String.format("0x%0" +
(sigBytes.length * 2) + "x",
new java.math.BigInteger(1, sigBytes)));
} catch (SignatureException se) {
System.out.println("Error generating RSA signature: " + se);
}
return sigBytes;
}
private static void verifyUsing(String signAlgorithm, PublicKey publicKey,
byte[] signature) throws Exception {
// Must explicitly specify the SunMSCAPI JCE provider
// (otherwise SunJCE is chosen because it appears earlier in the list)
Signature sig1 = Signature.getInstance(signAlgorithm, "SunMSCAPI");
if (sig1 == null) {
throw new Exception("'" + signAlgorithm + "' is not supported");
}
System.out.println("Using " + signAlgorithm + " verifier from the "
+ sig1.getProvider().getName() + " JCE provider");
System.out.println("Using key: " + publicKey);
System.out.println("\nVerifying RSA Signature over a " +
toBeSigned.length + "-byte data (signature length: " +
signature.length * 8 + " bits)");
System.out.println(String.format("0x%0" + (signature.length * 2) +
"x", new java.math.BigInteger(1, signature)));
sig1.initVerify(publicKey);
sig1.update(toBeSigned);
if (sig1.verify(signature)) {
System.out.println("Verify PASSED\n");
} else {
throw new Exception("Verify FAILED");
}
}
}

83
jdk/test/sun/security/mscapi/SignUsingSHA2withRSA.sh Normal file
View File

@ -0,0 +1,83 @@
#!/bin/sh
#
# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 6753664
# @run shell SignUsingSHA2withRSA.sh
# @summary Support SHA256 (and higher) in SunMSCAPI
# set a few environment variables so that the shell-script can run stand-alone
# in the source directory
if [ "${TESTSRC}" = "" ] ; then
TESTSRC="."
fi
if [ "${TESTCLASSES}" = "" ] ; then
TESTCLASSES="."
fi
if [ "${TESTJAVA}" = "" ] ; then
echo "TESTJAVA not set. Test cannot execute."
echo "FAILED!!!"
exit 1
fi
OS=`uname -s`
case "$OS" in
Windows* | CYGWIN* )
echo "Creating a temporary RSA keypair in the Windows-My store..."
${TESTJAVA}/bin/keytool \
-genkeypair \
-storetype Windows-My \
-keyalg RSA \
-alias 6753664 \
-dname "cn=6753664,c=US" \
-noprompt
echo
echo "Running the test..."
${TESTJAVA}/bin/javac -d . ${TESTSRC}\\SignUsingSHA2withRSA.java
${TESTJAVA}/bin/java SignUsingSHA2withRSA
rc=$?
echo
echo "Removing the temporary RSA keypair from the Windows-My store..."
${TESTJAVA}/bin/keytool \
-delete \
-storetype Windows-My \
-alias 6753664
echo done.
exit $rc
;;
* )
echo "This test is not intended for '$OS' - passing test"
exit 0
;;
esac