diff options
author | Dana Dahlstrom <dahlstrom@google.com> | 2020-01-30 12:00:00 -0800 |
---|---|---|
committer | Dana Dahlstrom <dahlstrom@google.com> | 2020-02-10 12:00:00 -0800 |
commit | 48adcc45b3935045b1ff2013ecfd05e6f3bdb1cc (patch) | |
tree | 7e47ce0d2a402a9e765541e514aa969ef8325928 /src/share/classes/sun/security/pkcs11/P11KeyStore.java | |
parent | e5752ae568d3c43497ae4f33d731fadf4ef165d4 (diff) | |
parent | 5b42bd7c94ffa67028549cac0264d79e24b2febd (diff) | |
download | jdk8u_jdk-48adcc45b3935045b1ff2013ecfd05e6f3bdb1cc.tar.gz |
Merge tag jb8u232-b1638.6
Change-Id: I5b42bd7c94ffa67028549cac0264d79e24b2febd
Diffstat (limited to 'src/share/classes/sun/security/pkcs11/P11KeyStore.java')
-rw-r--r-- | src/share/classes/sun/security/pkcs11/P11KeyStore.java | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/src/share/classes/sun/security/pkcs11/P11KeyStore.java b/src/share/classes/sun/security/pkcs11/P11KeyStore.java index e5b8fa8d80..aee9542537 100644 --- a/src/share/classes/sun/security/pkcs11/P11KeyStore.java +++ b/src/share/classes/sun/security/pkcs11/P11KeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1486,6 +1486,7 @@ final class P11KeyStore extends KeyStoreSpi { } } + // retrieves the native key handle and either update it directly or make a copy private void updateP11Pkey(String alias, CK_ATTRIBUTE attribute, P11Key key) throws PKCS11Exception { @@ -1493,23 +1494,22 @@ final class P11KeyStore extends KeyStoreSpi { // if session key, convert to token key. Session session = null; + long keyID = key.getKeyID(); try { session = token.getOpSession(); if (key.tokenObject == true) { - // token key - set new CKA_ID CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[] { new CK_ATTRIBUTE(CKA_ID, alias) }; token.p11.C_SetAttributeValue - (session.id(), key.keyID, attrs); + (session.id(), keyID, attrs); if (debug != null) { debug.println("updateP11Pkey set new alias [" + alias + "] for key entry"); } } else { - // session key - convert to token key and set CKA_ID CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[] { @@ -1519,7 +1519,8 @@ final class P11KeyStore extends KeyStoreSpi { if (attribute != null) { attrs = addAttribute(attrs, attribute); } - token.p11.C_CopyObject(session.id(), key.keyID, attrs); + // creates a new token key with the desired CKA_ID + token.p11.C_CopyObject(session.id(), keyID, attrs); if (debug != null) { debug.println("updateP11Pkey copied private session key " + "for [" + @@ -1529,6 +1530,7 @@ final class P11KeyStore extends KeyStoreSpi { } } finally { token.releaseSession(session); + key.releaseKeyID(); } } @@ -1895,10 +1897,12 @@ final class P11KeyStore extends KeyStoreSpi { return attrs; } String alg = privateKey.getAlgorithm(); - if (id && alg.equals("RSA") && (publicKey instanceof RSAPublicKey)) { + if (alg.equals("RSA") && (publicKey instanceof RSAPublicKey)) { + if (id) { + BigInteger n = ((RSAPublicKey)publicKey).getModulus(); + attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(getMagnitude(n))); + } // CKA_NETSCAPE_DB not needed for RSA public keys - BigInteger n = ((RSAPublicKey)publicKey).getModulus(); - attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(getMagnitude(n))); } else if (alg.equals("DSA") && (publicKey instanceof DSAPublicKey)) { BigInteger y = ((DSAPublicKey)publicKey).getY(); if (id) { |