Пример #1
0
 private int implUpdate(byte[] in, int inOfs, int inLen, byte[] out, int outOfs, int outLen)
     throws ShortBufferException {
   if (outLen < updateLength(inLen)) {
     throw new ShortBufferException();
   }
   try {
     ensureInitialized();
     int k = 0;
     if (encrypt) {
       k = token.p11.C_EncryptUpdate(session.id(), 0, in, inOfs, inLen, 0, out, outOfs, outLen);
     } else {
       int newPadBufferLen = 0;
       if (paddingObj != null) {
         if (padBufferLen != 0) {
           // NSS throws up when called with data not in multiple
           // of blocks. Try to work around this by holding the
           // extra data in padBuffer.
           if (padBufferLen != padBuffer.length) {
             int bufCapacity = padBuffer.length - padBufferLen;
             if (inLen > bufCapacity) {
               bufferInputBytes(in, inOfs, bufCapacity);
               inOfs += bufCapacity;
               inLen -= bufCapacity;
             } else {
               bufferInputBytes(in, inOfs, inLen);
               return 0;
             }
           }
           k =
               token.p11.C_DecryptUpdate(
                   session.id(), 0, padBuffer, 0, padBufferLen, 0, out, outOfs, outLen);
           padBufferLen = 0;
         }
         newPadBufferLen = inLen & (blockSize - 1);
         if (newPadBufferLen == 0) {
           newPadBufferLen = padBuffer.length;
         }
         inLen -= newPadBufferLen;
       }
       if (inLen > 0) {
         k +=
             token.p11.C_DecryptUpdate(
                 session.id(), 0, in, inOfs, inLen, 0, out, (outOfs + k), (outLen - k));
       }
       // update 'padBuffer' if using our own padding impl.
       if (paddingObj != null) {
         bufferInputBytes(in, inOfs + inLen, newPadBufferLen);
       }
     }
     bytesBuffered += (inLen - k);
     return k;
   } catch (PKCS11Exception e) {
     if (e.getErrorCode() == CKR_BUFFER_TOO_SMALL) {
       throw (ShortBufferException) (new ShortBufferException().initCause(e));
     }
     reset();
     throw new ProviderException("update() failed", e);
   }
 }
Пример #2
0
 private void handleException(PKCS11Exception e)
     throws ShortBufferException, IllegalBlockSizeException {
   long errorCode = e.getErrorCode();
   if (errorCode == CKR_BUFFER_TOO_SMALL) {
     throw (ShortBufferException) (new ShortBufferException().initCause(e));
   } else if (errorCode == CKR_DATA_LEN_RANGE || errorCode == CKR_ENCRYPTED_DATA_LEN_RANGE) {
     throw (IllegalBlockSizeException) (new IllegalBlockSizeException(e.toString()).initCause(e));
   }
 }
Пример #3
0
  protected void loadCryptKeyFromVormetric(
      String sourceKeyName, String libPath, String pinString, byte retByte[], int nRetByteSize) {
    try {
      System.out.println("Start FindExportKey ...");
      Vpkcs11Session session = Helper.startUp(Helper.getPKCS11LibPath(libPath), pinString);

      long sourceKey = Helper.findKey(session, sourceKeyName);
      String wrappingKeyName = FindExportKey2.wrappingKeyName;
      String appName = FindExportKey2.appName;
      String keyValue = FindExportKey2.keyValue;

      if (sourceKey == 0) {
        System.out.println(
            "Source key ["
                + sourceKeyName
                + "] not found. File encryption required the cryptkey in DSM.");
        System.exit(4);
      }

      long wrappingKey = Helper.findKey(session, wrappingKeyName);
      if (wrappingKey == 0) {
        System.out.println("Wrapping key not found, creating it...");
        wrappingKey = Helper.createKeyObject(session, wrappingKeyName, appName, keyValue);
      }

      if (sourceKey != 0) {
        System.out.println("Successfully found source key. Handle = " + sourceKey);
        System.out.println("Successfully found wrapping key. Handle = " + wrappingKey);
        CK_MECHANISM mechanism = new CK_MECHANISM(CKM_AES_CBC_PAD, FindExportKey2.iv);

        byte[] wrappedKey =
            session.p11.C_WrapKey(session.sessionHandle, mechanism, wrappingKey, sourceKey);
        System.out.println("Successfully wrapped key. wrapped key length: " + wrappedKey.length);

        long keyID = Helper.findKey(session, wrappingKeyName);
        byte[] unwrappedKey = new byte[512];
        int wrappedKeyLen = wrappedKey.length;
        int unwrappedKeyLen = unwrappedKey.length;

        session.p11.C_DecryptInit(session.sessionHandle, mechanism, keyID);
        System.out.println("C_DecryptInit success");
        session.p11.C_Decrypt(
            session.sessionHandle,
            wrappedKey,
            0,
            wrappedKeyLen,
            unwrappedKey,
            0,
            unwrappedKey.length);
        System.out.println("C_Decrypt succeed.");

        retByte = new byte[nRetByteSize];
        System.arraycopy(unwrappedKey, 0, retByte, 0, nRetByteSize);
      } else {
        System.out.println("Source Key not found. No exporting");
      }

      Helper.closeDown(session);
      System.out.println("End FindExportKey.");

    } catch (PKCS11Exception pe) {
      pe.printStackTrace();
    } catch (Exception ex) {
      ex.printStackTrace();
    }
  }
Пример #4
0
  private int implUpdate(ByteBuffer inBuffer, ByteBuffer outBuffer) throws ShortBufferException {
    int inLen = inBuffer.remaining();
    if (inLen <= 0) {
      return 0;
    }

    int outLen = outBuffer.remaining();
    if (outLen < updateLength(inLen)) {
      throw new ShortBufferException();
    }
    int origPos = inBuffer.position();
    try {
      ensureInitialized();

      long inAddr = 0;
      int inOfs = 0;
      byte[] inArray = null;

      if (inBuffer instanceof DirectBuffer) {
        inAddr = ((DirectBuffer) inBuffer).address();
        inOfs = origPos;
      } else if (inBuffer.hasArray()) {
        inArray = inBuffer.array();
        inOfs = (origPos + inBuffer.arrayOffset());
      }

      long outAddr = 0;
      int outOfs = 0;
      byte[] outArray = null;
      if (outBuffer instanceof DirectBuffer) {
        outAddr = ((DirectBuffer) outBuffer).address();
        outOfs = outBuffer.position();
      } else {
        if (outBuffer.hasArray()) {
          outArray = outBuffer.array();
          outOfs = (outBuffer.position() + outBuffer.arrayOffset());
        } else {
          outArray = new byte[outLen];
        }
      }

      int k = 0;
      if (encrypt) {
        if (inAddr == 0 && inArray == null) {
          inArray = new byte[inLen];
          inBuffer.get(inArray);
        } else {
          inBuffer.position(origPos + inLen);
        }
        k =
            token.p11.C_EncryptUpdate(
                session.id(), inAddr, inArray, inOfs, inLen, outAddr, outArray, outOfs, outLen);
      } else {
        int newPadBufferLen = 0;
        if (paddingObj != null) {
          if (padBufferLen != 0) {
            // NSS throws up when called with data not in multiple
            // of blocks. Try to work around this by holding the
            // extra data in padBuffer.
            if (padBufferLen != padBuffer.length) {
              int bufCapacity = padBuffer.length - padBufferLen;
              if (inLen > bufCapacity) {
                bufferInputBytes(inBuffer, bufCapacity);
                inOfs += bufCapacity;
                inLen -= bufCapacity;
              } else {
                bufferInputBytes(inBuffer, inLen);
                return 0;
              }
            }
            k =
                token.p11.C_DecryptUpdate(
                    session.id(), 0, padBuffer, 0, padBufferLen, outAddr, outArray, outOfs, outLen);
            padBufferLen = 0;
          }
          newPadBufferLen = inLen & (blockSize - 1);
          if (newPadBufferLen == 0) {
            newPadBufferLen = padBuffer.length;
          }
          inLen -= newPadBufferLen;
        }
        if (inLen > 0) {
          if (inAddr == 0 && inArray == null) {
            inArray = new byte[inLen];
            inBuffer.get(inArray);
          } else {
            inBuffer.position(inBuffer.position() + inLen);
          }
          k +=
              token.p11.C_DecryptUpdate(
                  session.id(),
                  inAddr,
                  inArray,
                  inOfs,
                  inLen,
                  outAddr,
                  outArray,
                  (outOfs + k),
                  (outLen - k));
        }
        // update 'padBuffer' if using our own padding impl.
        if (paddingObj != null && newPadBufferLen != 0) {
          bufferInputBytes(inBuffer, newPadBufferLen);
        }
      }
      bytesBuffered += (inLen - k);
      if (!(outBuffer instanceof DirectBuffer) && !outBuffer.hasArray()) {
        outBuffer.put(outArray, outOfs, k);
      } else {
        outBuffer.position(outBuffer.position() + k);
      }
      return k;
    } catch (PKCS11Exception e) {
      // Reset input buffer to its original position for
      inBuffer.position(origPos);
      if (e.getErrorCode() == CKR_BUFFER_TOO_SMALL) {
        throw (ShortBufferException) (new ShortBufferException().initCause(e));
      }
      reset();
      throw new ProviderException("update() failed", e);
    }
  }