| /* |
| * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package sun.security.pkcs11; |
| |
| import java.util.*; |
| import java.nio.ByteBuffer; |
| |
| import java.security.*; |
| |
| import javax.crypto.SecretKey; |
| |
| import sun.nio.ch.DirectBuffer; |
| |
| import sun.security.util.MessageDigestSpi2; |
| |
| import sun.security.pkcs11.wrapper.*; |
| import static sun.security.pkcs11.wrapper.PKCS11Constants.*; |
| |
| /** |
| * MessageDigest implementation class. This class currently supports |
| * MD2, MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. |
| * |
| * Note that many digest operations are on fairly small amounts of data |
| * (less than 100 bytes total). For example, the 2nd hashing in HMAC or |
| * the PRF in TLS. In order to speed those up, we use some buffering to |
| * minimize number of the Java->native transitions. |
| * |
| * @author Andreas Sterbenz |
| * @since 1.5 |
| */ |
| final class P11Digest extends MessageDigestSpi implements Cloneable, |
| MessageDigestSpi2 { |
| |
| /* fields initialized, no session acquired */ |
| private final static int S_BLANK = 1; |
| |
| /* data in buffer, session acquired, but digest not initialized */ |
| private final static int S_BUFFERED = 2; |
| |
| /* session initialized for digesting */ |
| private final static int S_INIT = 3; |
| |
| private final static int BUFFER_SIZE = 96; |
| |
| // token instance |
| private final Token token; |
| |
| // algorithm name |
| private final String algorithm; |
| |
| // mechanism id object |
| private final CK_MECHANISM mechanism; |
| |
| // length of the digest in bytes |
| private final int digestLength; |
| |
| // associated session, if any |
| private Session session; |
| |
| // current state, one of S_* above |
| private int state; |
| |
| // buffer to reduce number of JNI calls |
| private byte[] buffer; |
| |
| // offset into the buffer |
| private int bufOfs; |
| |
| P11Digest(Token token, String algorithm, long mechanism) { |
| super(); |
| this.token = token; |
| this.algorithm = algorithm; |
| this.mechanism = new CK_MECHANISM(mechanism); |
| switch ((int)mechanism) { |
| case (int)CKM_MD2: |
| case (int)CKM_MD5: |
| digestLength = 16; |
| break; |
| case (int)CKM_SHA_1: |
| digestLength = 20; |
| break; |
| case (int)CKM_SHA224: |
| digestLength = 28; |
| break; |
| case (int)CKM_SHA256: |
| digestLength = 32; |
| break; |
| case (int)CKM_SHA384: |
| digestLength = 48; |
| break; |
| case (int)CKM_SHA512: |
| digestLength = 64; |
| break; |
| default: |
| throw new ProviderException("Unknown mechanism: " + mechanism); |
| } |
| buffer = new byte[BUFFER_SIZE]; |
| state = S_BLANK; |
| } |
| |
| // see JCA spec |
| protected int engineGetDigestLength() { |
| return digestLength; |
| } |
| |
| private void fetchSession() { |
| token.ensureValid(); |
| if (state == S_BLANK) { |
| try { |
| session = token.getOpSession(); |
| state = S_BUFFERED; |
| } catch (PKCS11Exception e) { |
| throw new ProviderException("No more session available", e); |
| } |
| } |
| } |
| |
| // see JCA spec |
| protected void engineReset() { |
| token.ensureValid(); |
| |
| if (session != null) { |
| if (state == S_INIT && token.explicitCancel == true) { |
| session = token.killSession(session); |
| } else { |
| session = token.releaseSession(session); |
| } |
| } |
| state = S_BLANK; |
| bufOfs = 0; |
| } |
| |
| // see JCA spec |
| protected byte[] engineDigest() { |
| try { |
| byte[] digest = new byte[digestLength]; |
| int n = engineDigest(digest, 0, digestLength); |
| return digest; |
| } catch (DigestException e) { |
| throw new ProviderException("internal error", e); |
| } |
| } |
| |
| // see JCA spec |
| protected int engineDigest(byte[] digest, int ofs, int len) |
| throws DigestException { |
| if (len < digestLength) { |
| throw new DigestException("Length must be at least " + |
| digestLength); |
| } |
| |
| fetchSession(); |
| try { |
| int n; |
| if (state == S_BUFFERED) { |
| n = token.p11.C_DigestSingle(session.id(), mechanism, buffer, 0, |
| bufOfs, digest, ofs, len); |
| bufOfs = 0; |
| } else { |
| if (bufOfs != 0) { |
| token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, |
| bufOfs); |
| bufOfs = 0; |
| } |
| n = token.p11.C_DigestFinal(session.id(), digest, ofs, len); |
| } |
| if (n != digestLength) { |
| throw new ProviderException("internal digest length error"); |
| } |
| return n; |
| } catch (PKCS11Exception e) { |
| throw new ProviderException("digest() failed", e); |
| } finally { |
| engineReset(); |
| } |
| } |
| |
| // see JCA spec |
| protected void engineUpdate(byte in) { |
| byte[] temp = { in }; |
| engineUpdate(temp, 0, 1); |
| } |
| |
| // see JCA spec |
| protected void engineUpdate(byte[] in, int ofs, int len) { |
| if (len <= 0) { |
| return; |
| } |
| |
| fetchSession(); |
| try { |
| if (state == S_BUFFERED) { |
| token.p11.C_DigestInit(session.id(), mechanism); |
| state = S_INIT; |
| } |
| if ((bufOfs != 0) && (bufOfs + len > buffer.length)) { |
| // process the buffered data |
| token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs); |
| bufOfs = 0; |
| } |
| if (bufOfs + len > buffer.length) { |
| // process the new data |
| token.p11.C_DigestUpdate(session.id(), 0, in, ofs, len); |
| } else { |
| // buffer the new data |
| System.arraycopy(in, ofs, buffer, bufOfs, len); |
| bufOfs += len; |
| } |
| } catch (PKCS11Exception e) { |
| engineReset(); |
| throw new ProviderException("update() failed", e); |
| } |
| } |
| |
| // Called by SunJSSE via reflection during the SSL 3.0 handshake if |
| // the master secret is sensitive. |
| // Note: Change to protected after this method is moved from |
| // sun.security.util.MessageSpi2 interface to |
| // java.security.MessageDigestSpi class |
| public void engineUpdate(SecretKey key) throws InvalidKeyException { |
| // SunJSSE calls this method only if the key does not have a RAW |
| // encoding, i.e. if it is sensitive. Therefore, no point in calling |
| // SecretKeyFactory to try to convert it. Just verify it ourselves. |
| if (key instanceof P11Key == false) { |
| throw new InvalidKeyException("Not a P11Key: " + key); |
| } |
| P11Key p11Key = (P11Key)key; |
| if (p11Key.token != token) { |
| throw new InvalidKeyException("Not a P11Key of this provider: " + |
| key); |
| } |
| |
| fetchSession(); |
| try { |
| if (state == S_BUFFERED) { |
| token.p11.C_DigestInit(session.id(), mechanism); |
| state = S_INIT; |
| } |
| |
| if (bufOfs != 0) { |
| token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs); |
| bufOfs = 0; |
| } |
| token.p11.C_DigestKey(session.id(), p11Key.keyID); |
| } catch (PKCS11Exception e) { |
| engineReset(); |
| throw new ProviderException("update(SecretKey) failed", e); |
| } |
| } |
| |
| // see JCA spec |
| protected void engineUpdate(ByteBuffer byteBuffer) { |
| int len = byteBuffer.remaining(); |
| if (len <= 0) { |
| return; |
| } |
| |
| if (byteBuffer instanceof DirectBuffer == false) { |
| super.engineUpdate(byteBuffer); |
| return; |
| } |
| |
| fetchSession(); |
| long addr = ((DirectBuffer)byteBuffer).address(); |
| int ofs = byteBuffer.position(); |
| try { |
| if (state == S_BUFFERED) { |
| token.p11.C_DigestInit(session.id(), mechanism); |
| state = S_INIT; |
| } |
| if (bufOfs != 0) { |
| token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs); |
| bufOfs = 0; |
| } |
| token.p11.C_DigestUpdate(session.id(), addr + ofs, null, 0, len); |
| byteBuffer.position(ofs + len); |
| } catch (PKCS11Exception e) { |
| engineReset(); |
| throw new ProviderException("update() failed", e); |
| } |
| } |
| |
| public Object clone() throws CloneNotSupportedException { |
| P11Digest copy = (P11Digest) super.clone(); |
| copy.buffer = buffer.clone(); |
| try { |
| if (session != null) { |
| copy.session = copy.token.getOpSession(); |
| } |
| if (state == S_INIT) { |
| byte[] stateValues = |
| token.p11.C_GetOperationState(session.id()); |
| token.p11.C_SetOperationState(copy.session.id(), |
| stateValues, 0, 0); |
| } |
| } catch (PKCS11Exception e) { |
| throw (CloneNotSupportedException) |
| (new CloneNotSupportedException(algorithm).initCause(e)); |
| } |
| return copy; |
| } |
| } |