infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-04-14 08:58:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Sean Mullan 2014-08-05 10:01:38 -04:00
commit 24475b6d8c
2 changed files with 106 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
jdk/src/windows/native/sun/security/mscapi/security.cpp
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -74,7 +74,10 @@ ALG_ID MapHashAlgorithm(JNIEnv *env, jstring jHashAlgorithm) {
const char* pszHashAlgorithm = NULL;
ALG_ID algId = 0;
pszHashAlgorithm = env->GetStringUTFChars(jHashAlgorithm, NULL);
if ((pszHashAlgorithm = env->GetStringUTFChars(jHashAlgorithm, NULL))
== NULL) {
return algId;
}
if ((strcmp("SHA", pszHashAlgorithm) == 0) ||
(strcmp("SHA1", pszHashAlgorithm) == 0) ||
@ -179,7 +182,9 @@ JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_PRNG_generateSeed
*/
if (length < 0) {
length = env->GetArrayLength(seed);
reseedBytes = env->GetByteArrayElements(seed, 0);
if ((reseedBytes = env->GetByteArrayElements(seed, 0)) == NULL) {
__leave;
}
if (::CryptGenRandom(
hCryptProv,
@ -211,7 +216,9 @@ JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_PRNG_generateSeed
} else { // length == 0
length = env->GetArrayLength(seed);
seedBytes = env->GetByteArrayElements(seed, 0);
if ((seedBytes = env->GetByteArrayElements(seed, 0)) == NULL) {
__leave;
}
if (::CryptGenRandom(
hCryptProv,
@ -275,7 +282,10 @@ JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_loadKeysOrCertificateCh
__try
{
// Open a system certificate store.
pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL);
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL))
== NULL) {
__leave;
}
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName))
== NULL) {
@ -710,7 +720,10 @@ JNIEXPORT jobject JNICALL Java_sun_security_mscapi_RSAKeyPairGenerator_generateR
__try
{
pszKeyContainerName = env->GetStringUTFChars(keyContainerName, NULL);
if ((pszKeyContainerName =
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) {
__leave;
}
// Acquire a CSP context (create a new key container).
// Prefer a PROV_RSA_AES CSP, when available, due to its support
@ -847,7 +860,10 @@ JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_storeCertificate
__try
{
// Open a system certificate store.
pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL);
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL))
== NULL) {
__leave;
}
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) == NULL) {
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError());
__leave;
@ -1086,7 +1102,10 @@ JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_removeCertificate
__try
{
// Open a system certificate store.
pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL);
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL))
== NULL) {
__leave;
}
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) == NULL) {
ThrowException(env, KEYSTORE_EXCEPTION, GetLastError());
__leave;
@ -1123,7 +1142,10 @@ JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_removeCertificate
cchNameString);
// Compare the certificate's friendly name with supplied alias name
pszCertAliasName = env->GetStringUTFChars(jCertAliasName, NULL);
if ((pszCertAliasName = env->GetStringUTFChars(jCertAliasName, NULL))
== NULL) {
__leave;
}
if (strcmp(pszCertAliasName, pszNameString) == 0) {
// Only delete the certificate if the alias names matches
@ -1181,7 +1203,10 @@ JNIEXPORT void JNICALL Java_sun_security_mscapi_KeyStore_destroyKeyContainer
__try
{
pszKeyContainerName = env->GetStringUTFChars(keyContainerName, NULL);
if ((pszKeyContainerName =
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) {
__leave;
}
// Destroying the default key container is not permitted
// (because it may contain more one keypair).
@ -1234,8 +1259,14 @@ JNIEXPORT jlong JNICALL Java_sun_security_mscapi_RSACipher_findCertificateUsingA
__try
{
pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL);
pszCertAliasName = env->GetStringUTFChars(jCertAliasName, NULL);
if ((pszCertStoreName = env->GetStringUTFChars(jCertStoreName, NULL))
== NULL) {
__leave;
}
if ((pszCertAliasName = env->GetStringUTFChars(jCertAliasName, NULL))
== NULL) {
__leave;
}
// Open a system certificate store.
if ((hCertStore = ::CertOpenSystemStore(NULL, pszCertStoreName)) == NULL) {
@ -1530,7 +1561,9 @@ JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSAPublicKey_getExponent
__try {
jsize length = env->GetArrayLength(jKeyBlob);
keyBlob = env->GetByteArrayElements(jKeyBlob, 0);
if ((keyBlob = env->GetByteArrayElements(jKeyBlob, 0)) == NULL) {
__leave;
}
PUBLICKEYSTRUC* pPublicKeyStruc = (PUBLICKEYSTRUC *) keyBlob;
@ -1580,7 +1613,9 @@ JNIEXPORT jbyteArray JNICALL Java_sun_security_mscapi_RSAPublicKey_getModulus
__try {
jsize length = env->GetArrayLength(jKeyBlob);
keyBlob = env->GetByteArrayElements(jKeyBlob, 0);
if ((keyBlob = env->GetByteArrayElements(jKeyBlob, 0)) == NULL) {
__leave;
}
PUBLICKEYSTRUC* pPublicKeyStruc = (PUBLICKEYSTRUC *) keyBlob;
@ -1632,6 +1667,9 @@ int convertToLittleEndian(JNIEnv *env, jbyteArray source, jbyte* destination,
}
jbyte* sourceBytes = env->GetByteArrayElements(source, 0);
if (sourceBytes == NULL) {
return -1;
}
// Copy bytes from the end of the source array to the beginning of the
// destination array (until the destination array is full).
@ -1740,45 +1778,61 @@ jbyteArray generateKeyBlob(
}
// The length argument must be the smaller of jPublicExponentLength
// and sizeof(pRsaPubKey->pubkey)
convertToLittleEndian(env, jPublicExponent,
(jbyte *) &(pRsaPubKey->pubexp), jPublicExponentLength);
if ((jElementLength = convertToLittleEndian(env, jPublicExponent,
(jbyte *) &(pRsaPubKey->pubexp), jPublicExponentLength)) < 0) {
__leave;
}
// Modulus n
jBlobElement =
(jbyte *) (jBlobBytes + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY));
jElementLength = convertToLittleEndian(env, jModulus, jBlobElement,
jKeyByteLength);
if ((jElementLength = convertToLittleEndian(env, jModulus, jBlobElement,
jKeyByteLength)) < 0) {
__leave;
}
if (bGeneratePrivateKeyBlob) {
// Prime p
jBlobElement += jElementLength;
jElementLength = convertToLittleEndian(env, jPrimeP, jBlobElement,
jKeyByteLength / 2);
if ((jElementLength = convertToLittleEndian(env, jPrimeP,
jBlobElement, jKeyByteLength / 2)) < 0) {
__leave;
}
// Prime q
jBlobElement += jElementLength;
jElementLength = convertToLittleEndian(env, jPrimeQ, jBlobElement,
jKeyByteLength / 2);
if ((jElementLength = convertToLittleEndian(env, jPrimeQ,
jBlobElement, jKeyByteLength / 2)) < 0) {
__leave;
}
// Prime exponent p
jBlobElement += jElementLength;
jElementLength = convertToLittleEndian(env, jExponentP,
jBlobElement, jKeyByteLength / 2);
if ((jElementLength = convertToLittleEndian(env, jExponentP,
jBlobElement, jKeyByteLength / 2)) < 0) {
__leave;
}
// Prime exponent q
jBlobElement += jElementLength;
jElementLength = convertToLittleEndian(env, jExponentQ,
jBlobElement, jKeyByteLength / 2);
if ((jElementLength = convertToLittleEndian(env, jExponentQ,
jBlobElement, jKeyByteLength / 2)) < 0) {
__leave;
}
// CRT coefficient
jBlobElement += jElementLength;
jElementLength = convertToLittleEndian(env, jCrtCoefficient,
jBlobElement, jKeyByteLength / 2);
if ((jElementLength = convertToLittleEndian(env, jCrtCoefficient,
jBlobElement, jKeyByteLength / 2)) < 0) {
__leave;
}
// Private exponent
jBlobElement += jElementLength;
convertToLittleEndian(env, jPrivateExponent, jBlobElement,
jKeyByteLength);
if ((jElementLength = convertToLittleEndian(env, jPrivateExponent,
jBlobElement, jKeyByteLength)) < 0) {
__leave;
}
}
jBlob = env->NewByteArray(jBlobLength);
@ -1849,9 +1903,15 @@ JNIEXPORT jobject JNICALL Java_sun_security_mscapi_KeyStore_storePrivateKey
__try
{
pszKeyContainerName = env->GetStringUTFChars(keyContainerName, NULL);
if ((pszKeyContainerName =
env->GetStringUTFChars(keyContainerName, NULL)) == NULL) {
__leave;
}
dwBlobLen = env->GetArrayLength(keyBlob);
pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0);
if ((pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0))
== NULL) {
__leave;
}
// Acquire a CSP context (create a new key container).
if (::CryptAcquireContext(
@ -1923,7 +1983,10 @@ JNIEXPORT jobject JNICALL Java_sun_security_mscapi_RSASignature_importPublicKey
__try
{
dwBlobLen = env->GetArrayLength(keyBlob);
pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0);
if ((pbKeyBlob = (BYTE *) env->GetByteArrayElements(keyBlob, 0))
== NULL) {
__leave;
}
// Acquire a CSP context (create a new key container).
// Prefer a PROV_RSA_AES CSP, when available, due to its support

14
jdk/test/sun/security/pkcs11/ec/ReadCertificates.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -23,7 +23,7 @@
/**
* @test
* @bug 6405536 6414980
* @bug 6405536 6414980 8051972
* @summary Make sure that we can parse certificates using various named curves
* and verify their signatures
* @author Andreas Sterbenz
@ -153,8 +153,14 @@ public class ReadCertificates extends PKCS11Test {
signer = getRandomCert(certList);
} while (cert.getIssuerX500Principal().equals(signer.getSubjectX500Principal()));
try {
cert.verify(signer.getPublicKey());
throw new Exception("Verified invalid signature");
PublicKey signerPublicKey = signer.getPublicKey();
cert.verify(signerPublicKey);
// Ignore false positives
if (cert.getPublicKey().equals(signerPublicKey)) {
System.out.println("OK: self-signed certificate detected");
} else {
throw new Exception("Verified invalid signature");
}
} catch (SignatureException e) {
System.out.println("OK: " + e);
} catch (InvalidKeyException e) {