/hg/icedtea6: 6414899: Support cloning on P11Digest so the TestD...
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Wed Aug 8 12:36:19 PDT 2012
changeset ef9ac7b86cd8 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=ef9ac7b86cd8
author: Andrew John Hughes <ahughes at redhat.com>
date: Wed Aug 08 20:36:12 2012 +0100
6414899: Support cloning on P11Digest so the TestDigest ucrypto test passes on NSS.
2012-08-08 Andrew John Hughes <ahughes at redhat.com>
* Makefile.am: Add new patch.
* patches/openjdk/p11cipher-6414899-p11digest_should_support_cloning.patch:
Backport of OpenJDK patch to make
com.oracle.security.ucrypto.TestDigest test
work on NSS.
diffstat:
ChangeLog | 8 +
Makefile.am | 3 +-
patches/openjdk/p11cipher-6414899-p11digest_should_support_cloning.patch | 1511 ++++++++++
3 files changed, 1521 insertions(+), 1 deletions(-)
diffs (truncated from 1543 to 500 lines):
diff -r e77ff9c25f68 -r ef9ac7b86cd8 ChangeLog
--- a/ChangeLog Thu Jun 28 20:14:46 2012 -0400
+++ b/ChangeLog Wed Aug 08 20:36:12 2012 +0100
@@ -1,3 +1,11 @@
+2012-08-08 Andrew John Hughes <ahughes at redhat.com>
+
+ * Makefile.am: Add new patch.
+ * patches/openjdk/p11cipher-6414899-p11digest_should_support_cloning.patch:
+ Backport of OpenJDK patch to make
+ com.oracle.security.ucrypto.TestDigest test
+ work on NSS.
+
2012-06-28 Omair Majid <omajid at redhat.com>
* pulseaudio/src/java/org/classpath/icedtea/pulseaudio/PulseAudioClip.java
diff -r e77ff9c25f68 -r ef9ac7b86cd8 Makefile.am
--- a/Makefile.am Thu Jun 28 20:14:46 2012 -0400
+++ b/Makefile.am Wed Aug 08 20:36:12 2012 +0100
@@ -429,7 +429,8 @@
patches/openjdk/p11cipher-6867345-turkish_regional_options_cause_npe_in_algoid.patch \
patches/openjdk/p11cipher-6687725-throw_illegalblocksizeexception.patch \
patches/openjdk/p11cipher-6924489-ckr_operation_not_initialized.patch \
- patches/openjdk/p11cipher-6604496-support_ckm_aes_ctr.patch
+ patches/openjdk/p11cipher-6604496-support_ckm_aes_ctr.patch \
+ patches/openjdk/p11cipher-6414899-p11digest_should_support_cloning.patch
if WITH_RHINO
ICEDTEA_PATCHES += \
diff -r e77ff9c25f68 -r ef9ac7b86cd8 patches/openjdk/p11cipher-6414899-p11digest_should_support_cloning.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/p11cipher-6414899-p11digest_should_support_cloning.patch Wed Aug 08 20:36:12 2012 +0100
@@ -0,0 +1,1511 @@
+diff -Nru openjdk.orig/jdk/make/sun/security/pkcs11/mapfile-vers openjdk/jdk/make/sun/security/pkcs11/mapfile-vers
+--- openjdk.orig/jdk/make/sun/security/pkcs11/mapfile-vers 2012-05-01 22:18:01.000000000 +0100
++++ openjdk/jdk/make/sun/security/pkcs11/mapfile-vers 2012-08-08 18:42:13.064667047 +0100
+@@ -1,5 +1,5 @@
+ #
+-# Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
++# Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ #
+ # This code is free software; you can redistribute it and/or modify it
+@@ -47,8 +47,8 @@
+ Java_sun_security_pkcs11_wrapper_PKCS11_C_1CloseSession;
+ # Java_sun_security_pkcs11_wrapper_PKCS11_C_1CloseAllSessions;
+ Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetSessionInfo;
+-# Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetOperationState;
+-# Java_sun_security_pkcs11_wrapper_PKCS11_C_1SetOperationState;
++ Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetOperationState;
++ Java_sun_security_pkcs11_wrapper_PKCS11_C_1SetOperationState;
+ Java_sun_security_pkcs11_wrapper_PKCS11_C_1Login;
+ Java_sun_security_pkcs11_wrapper_PKCS11_C_1Logout;
+ Java_sun_security_pkcs11_wrapper_PKCS11_C_1CreateObject;
+diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/P11Digest.java openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Digest.java
+--- openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/P11Digest.java 2012-05-01 22:18:26.000000000 +0100
++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Digest.java 2012-08-08 18:42:13.076667253 +0100
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -49,13 +49,12 @@
+ * @author Andreas Sterbenz
+ * @since 1.5
+ */
+-final class P11Digest extends MessageDigestSpi {
++final class P11Digest extends MessageDigestSpi implements Cloneable {
+
+- /* unitialized, fields uninitialized, no session acquired */
++ /* fields initialized, no session acquired */
+ private final static int S_BLANK = 1;
+
+- // data in buffer, all fields valid, session acquired
+- // but digest not initialized
++ /* data in buffer, session acquired, but digest not initialized */
+ private final static int S_BUFFERED = 2;
+
+ /* session initialized for digesting */
+@@ -69,8 +68,8 @@
+ // algorithm name
+ private final String algorithm;
+
+- // mechanism id
+- private final long mechanism;
++ // mechanism id object
++ private final CK_MECHANISM mechanism;
+
+ // length of the digest in bytes
+ private final int digestLength;
+@@ -81,11 +80,8 @@
+ // current state, one of S_* above
+ private int state;
+
+- // one byte buffer for the update(byte) method, initialized on demand
+- private byte[] oneByte;
+-
+ // buffer to reduce number of JNI calls
+- private final byte[] buffer;
++ private byte[] buffer;
+
+ // offset into the buffer
+ private int bufOfs;
+@@ -94,7 +90,7 @@
+ super();
+ this.token = token;
+ this.algorithm = algorithm;
+- this.mechanism = mechanism;
++ this.mechanism = new CK_MECHANISM(mechanism);
+ switch ((int)mechanism) {
+ case (int)CKM_MD2:
+ case (int)CKM_MD5:
+@@ -117,7 +113,6 @@
+ }
+ buffer = new byte[BUFFER_SIZE];
+ state = S_BLANK;
+- engineReset();
+ }
+
+ // see JCA spec
+@@ -125,44 +120,31 @@
+ return digestLength;
+ }
+
+- private void cancelOperation() {
+- token.ensureValid();
+- if (session == null) {
+- return;
+- }
+- if ((state != S_INIT) || (token.explicitCancel == false)) {
+- return;
+- }
+- // need to explicitly "cancel" active op by finishing it
+- try {
+- token.p11.C_DigestFinal(session.id(), buffer, 0, buffer.length);
+- } catch (PKCS11Exception e) {
+- throw new ProviderException("cancel() failed", e);
+- } finally {
+- state = S_BUFFERED;
+- }
+- }
+-
+ private void fetchSession() {
+ token.ensureValid();
+ if (state == S_BLANK) {
+- engineReset();
++ try {
++ session = token.getOpSession();
++ state = S_BUFFERED;
++ } catch (PKCS11Exception e) {
++ throw new ProviderException("No more session available", e);
++ }
+ }
+ }
+
+ // see JCA spec
+ protected void engineReset() {
+- try {
+- cancelOperation();
+- bufOfs = 0;
+- if (session == null) {
+- session = token.getOpSession();
++ token.ensureValid();
++
++ if (session != null) {
++ if (state == S_INIT && token.explicitCancel == true) {
++ session = token.killSession(session);
++ } else {
++ session = token.releaseSession(session);
+ }
+- state = S_BUFFERED;
+- } catch (PKCS11Exception e) {
+- state = S_BLANK;
+- throw new ProviderException("reset() failed, ", e);
+ }
++ state = S_BLANK;
++ bufOfs = 0;
+ }
+
+ // see JCA spec
+@@ -180,18 +162,22 @@
+ protected int engineDigest(byte[] digest, int ofs, int len)
+ throws DigestException {
+ if (len < digestLength) {
+- throw new DigestException("Length must be at least " + digestLength);
++ throw new DigestException("Length must be at least " +
++ digestLength);
+ }
++
+ fetchSession();
+ try {
+ int n;
+ if (state == S_BUFFERED) {
+- n = token.p11.C_DigestSingle(session.id(),
+- new CK_MECHANISM(mechanism),
+- buffer, 0, bufOfs, digest, ofs, len);
++ n = token.p11.C_DigestSingle(session.id(), mechanism, buffer, 0,
++ bufOfs, digest, ofs, len);
++ bufOfs = 0;
+ } else {
+ if (bufOfs != 0) {
+- doUpdate(buffer, 0, bufOfs);
++ token.p11.C_DigestUpdate(session.id(), 0, buffer, 0,
++ bufOfs);
++ bufOfs = 0;
+ }
+ n = token.p11.C_DigestFinal(session.id(), digest, ofs, len);
+ }
+@@ -202,36 +188,44 @@
+ } catch (PKCS11Exception e) {
+ throw new ProviderException("digest() failed", e);
+ } finally {
+- state = S_BLANK;
+- bufOfs = 0;
+- session = token.releaseSession(session);
++ engineReset();
+ }
+ }
+
+ // see JCA spec
+ protected void engineUpdate(byte in) {
+- if (oneByte == null) {
+- oneByte = new byte[1];
+- }
+- oneByte[0] = in;
+- engineUpdate(oneByte, 0, 1);
++ byte[] temp = { in };
++ engineUpdate(temp, 0, 1);
+ }
+
+ // see JCA spec
+ protected void engineUpdate(byte[] in, int ofs, int len) {
+- fetchSession();
+ if (len <= 0) {
+ return;
+ }
+- if ((bufOfs != 0) && (bufOfs + len > buffer.length)) {
+- doUpdate(buffer, 0, bufOfs);
+- bufOfs = 0;
+- }
+- if (bufOfs + len > buffer.length) {
+- doUpdate(in, ofs, len);
+- } else {
+- System.arraycopy(in, ofs, buffer, bufOfs, len);
+- bufOfs += len;
++
++ fetchSession();
++ try {
++ if (state == S_BUFFERED) {
++ token.p11.C_DigestInit(session.id(), mechanism);
++ state = S_INIT;
++ }
++ if ((bufOfs != 0) && (bufOfs + len > buffer.length)) {
++ // process the buffered data
++ token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs);
++ bufOfs = 0;
++ }
++ if (bufOfs + len > buffer.length) {
++ // process the new data
++ token.p11.C_DigestUpdate(session.id(), 0, in, ofs, len);
++ } else {
++ // buffer the new data
++ System.arraycopy(in, ofs, buffer, bufOfs, len);
++ bufOfs += len;
++ }
++ } catch (PKCS11Exception e) {
++ engineReset();
++ throw new ProviderException("update() failed", e);
+ }
+ }
+
+@@ -239,11 +233,7 @@
+ // the master secret is sensitive. We may want to consider making this
+ // method public in a future release.
+ protected void implUpdate(SecretKey key) throws InvalidKeyException {
+- fetchSession();
+- if (bufOfs != 0) {
+- doUpdate(buffer, 0, bufOfs);
+- bufOfs = 0;
+- }
++
+ // SunJSSE calls this method only if the key does not have a RAW
+ // encoding, i.e. if it is sensitive. Therefore, no point in calling
+ // SecretKeyFactory to try to convert it. Just verify it ourselves.
+@@ -252,60 +242,77 @@
+ }
+ P11Key p11Key = (P11Key)key;
+ if (p11Key.token != token) {
+- throw new InvalidKeyException("Not a P11Key of this provider: " + key);
++ throw new InvalidKeyException("Not a P11Key of this provider: " +
++ key);
+ }
++
++ fetchSession();
+ try {
+ if (state == S_BUFFERED) {
+- token.p11.C_DigestInit(session.id(), new CK_MECHANISM(mechanism));
++ token.p11.C_DigestInit(session.id(), mechanism);
+ state = S_INIT;
+ }
++
++ if (bufOfs != 0) {
++ token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs);
++ bufOfs = 0;
++ }
+ token.p11.C_DigestKey(session.id(), p11Key.keyID);
+ } catch (PKCS11Exception e) {
++ engineReset();
+ throw new ProviderException("update(SecretKey) failed", e);
+ }
+ }
+
+ // see JCA spec
+ protected void engineUpdate(ByteBuffer byteBuffer) {
+- fetchSession();
+ int len = byteBuffer.remaining();
+ if (len <= 0) {
+ return;
+ }
++
+ if (byteBuffer instanceof DirectBuffer == false) {
+ super.engineUpdate(byteBuffer);
+ return;
+ }
++
++ fetchSession();
+ long addr = ((DirectBuffer)byteBuffer).address();
+ int ofs = byteBuffer.position();
+ try {
+ if (state == S_BUFFERED) {
+- token.p11.C_DigestInit(session.id(), new CK_MECHANISM(mechanism));
++ token.p11.C_DigestInit(session.id(), mechanism);
+ state = S_INIT;
+- if (bufOfs != 0) {
+- doUpdate(buffer, 0, bufOfs);
+- bufOfs = 0;
+- }
++ }
++ if (bufOfs != 0) {
++ token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs);
++ bufOfs = 0;
+ }
+ token.p11.C_DigestUpdate(session.id(), addr + ofs, null, 0, len);
+ byteBuffer.position(ofs + len);
+ } catch (PKCS11Exception e) {
++ engineReset();
+ throw new ProviderException("update() failed", e);
+ }
+ }
+
+- private void doUpdate(byte[] in, int ofs, int len) {
+- if (len <= 0) {
+- return;
+- }
++ public Object clone() throws CloneNotSupportedException {
++ P11Digest copy = (P11Digest) super.clone();
++ copy.buffer = buffer.clone();
+ try {
+- if (state == S_BUFFERED) {
+- token.p11.C_DigestInit(session.id(), new CK_MECHANISM(mechanism));
+- state = S_INIT;
++ if (session != null) {
++ copy.session = copy.token.getOpSession();
++ }
++ if (state == S_INIT) {
++ byte[] stateValues =
++ token.p11.C_GetOperationState(session.id());
++ token.p11.C_SetOperationState(copy.session.id(),
++ stateValues, 0, 0);
+ }
+- token.p11.C_DigestUpdate(session.id(), 0, in, ofs, len);
+ } catch (PKCS11Exception e) {
+- throw new ProviderException("update() failed", e);
++ throw (CloneNotSupportedException)
++ (new CloneNotSupportedException(algorithm).initCause(e));
+ }
++ return copy;
+ }
+ }
+diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11.java openjdk/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
+--- openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11.java 2012-05-01 22:18:26.000000000 +0100
++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11.java 2012-08-08 18:42:13.080667322 +0100
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ */
+
+ /* Copyright (c) 2002 Graz University of Technology. All rights reserved.
+@@ -133,14 +133,15 @@
+ * @preconditions (pkcs11ModulePath <> null)
+ * @postconditions
+ */
+- PKCS11(String pkcs11ModulePath, String functionListName) throws IOException {
++ PKCS11(String pkcs11ModulePath, String functionListName)
++ throws IOException {
+ connect(pkcs11ModulePath, functionListName);
+ this.pkcs11ModulePath = pkcs11ModulePath;
+ }
+
+- public static synchronized PKCS11 getInstance(String pkcs11ModulePath, String functionList,
+- CK_C_INITIALIZE_ARGS pInitArgs, boolean omitInitialize)
+- throws IOException, PKCS11Exception {
++ public static synchronized PKCS11 getInstance(String pkcs11ModulePath,
++ String functionList, CK_C_INITIALIZE_ARGS pInitArgs,
++ boolean omitInitialize) throws IOException, PKCS11Exception {
+ // we may only call C_Initialize once per native .so/.dll
+ // so keep a cache using the (non-canonicalized!) path
+ PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath);
+@@ -177,7 +178,8 @@
+ * @preconditions (pkcs11ModulePath <> null)
+ * @postconditions
+ */
+- private native void connect(String pkcs11ModulePath, String functionListName) throws IOException;
++ private native void connect(String pkcs11ModulePath, String functionListName)
++ throws IOException;
+
+ /**
+ * Disconnects the PKCS#11 library from this object. After calling this
+@@ -255,7 +257,8 @@
+ * @preconditions
+ * @postconditions (result <> null)
+ */
+- public native long[] C_GetSlotList(boolean tokenPresent) throws PKCS11Exception;
++ public native long[] C_GetSlotList(boolean tokenPresent)
++ throws PKCS11Exception;
+
+
+ /**
+@@ -287,7 +290,8 @@
+ * @preconditions
+ * @postconditions (result <> null)
+ */
+- public native CK_TOKEN_INFO C_GetTokenInfo(long slotID) throws PKCS11Exception;
++ public native CK_TOKEN_INFO C_GetTokenInfo(long slotID)
++ throws PKCS11Exception;
+
+
+ /**
+@@ -322,7 +326,8 @@
+ * @preconditions
+ * @postconditions (result <> null)
+ */
+- public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type) throws PKCS11Exception;
++ public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type)
++ throws PKCS11Exception;
+
+
+ /**
+@@ -339,7 +344,8 @@
+ * @preconditions
+ * @postconditions
+ */
+-// public native void C_InitToken(long slotID, char[] pPin, char[] pLabel) throws PKCS11Exception;
++// public native void C_InitToken(long slotID, char[] pPin, char[] pLabel)
++// throws PKCS11Exception;
+
+
+ /**
+@@ -354,7 +360,8 @@
+ * @preconditions
+ * @postconditions
+ */
+-// public native void C_InitPIN(long hSession, char[] pPin) throws PKCS11Exception;
++// public native void C_InitPIN(long hSession, char[] pPin)
++// throws PKCS11Exception;
+
+
+ /**
+@@ -371,7 +378,8 @@
+ * @preconditions
+ * @postconditions
+ */
+-// public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin) throws PKCS11Exception;
++// public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin)
++// throws PKCS11Exception;
+
+
+
+@@ -398,7 +406,8 @@
+ * @preconditions
+ * @postconditions
+ */
+- public native long C_OpenSession(long slotID, long flags, Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception;
++ public native long C_OpenSession(long slotID, long flags,
++ Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception;
+
+
+ /**
+@@ -440,7 +449,8 @@
+ * @preconditions
+ * @postconditions (result <> null)
+ */
+- public native CK_SESSION_INFO C_GetSessionInfo(long hSession) throws PKCS11Exception;
++ public native CK_SESSION_INFO C_GetSessionInfo(long hSession)
++ throws PKCS11Exception;
+
+
+ /**
More information about the distro-pkg-dev
mailing list