JDK 11 jdk.crypto.cryptoki.jmod - Crypto KI Module

JDK 11 jdk.crypto.cryptoki.jmod is the JMOD file for JDK 11 Crypto Cryptoki module.

JDK 11 Crypto KI module compiled class files are stored in \fyicenter\jdk-11.0.1\jmods\jdk.crypto.cryptoki.jmod.

JDK 11 Crypto KI module compiled class files are also linked and stored in the \fyicenter\jdk-11.0.1\lib\modules JImage file.

JDK 11 Crypto KI module source code files are stored in \fyicenter\jdk-11.0.1\lib\src.zip\jdk.crypto.cryptoki.

You can click and view the content of each source code file in the list below.

✍: FYIcenter

sun/security/pkcs11/P11Digest.java

/*
 * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
 * ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 */

package sun.security.pkcs11;

import java.util.*;
import java.nio.ByteBuffer;

import java.security.*;

import javax.crypto.SecretKey;

import sun.nio.ch.DirectBuffer;

import sun.security.util.MessageDigestSpi2;

import sun.security.pkcs11.wrapper.*;
import static sun.security.pkcs11.wrapper.PKCS11Constants.*;

/**
 * MessageDigest implementation class. This class currently supports
 * MD2, MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
 *
 * Note that many digest operations are on fairly small amounts of data
 * (less than 100 bytes total). For example, the 2nd hashing in HMAC or
 * the PRF in TLS. In order to speed those up, we use some buffering to
 * minimize number of the Java->native transitions.
 *
 * @author  Andreas Sterbenz
 * @since   1.5
 */
final class P11Digest extends MessageDigestSpi implements Cloneable,
    MessageDigestSpi2 {

    /* fields initialized, no session acquired */
    private final static int S_BLANK    = 1;

    /* data in buffer, session acquired, but digest not initialized */
    private final static int S_BUFFERED = 2;

    /* session initialized for digesting */
    private final static int S_INIT     = 3;

    private final static int BUFFER_SIZE = 96;

    // token instance
    private final Token token;

    // algorithm name
    private final String algorithm;

    // mechanism id object
    private final CK_MECHANISM mechanism;

    // length of the digest in bytes
    private final int digestLength;

    // associated session, if any
    private Session session;

    // current state, one of S_* above
    private int state;

    // buffer to reduce number of JNI calls
    private byte[] buffer;

    // offset into the buffer
    private int bufOfs;

    P11Digest(Token token, String algorithm, long mechanism) {
        super();
        this.token = token;
        this.algorithm = algorithm;
        this.mechanism = new CK_MECHANISM(mechanism);
        switch ((int)mechanism) {
        case (int)CKM_MD2:
        case (int)CKM_MD5:
            digestLength = 16;
            break;
        case (int)CKM_SHA_1:
            digestLength = 20;
            break;
        case (int)CKM_SHA224:
            digestLength = 28;
            break;
        case (int)CKM_SHA256:
            digestLength = 32;
            break;
        case (int)CKM_SHA384:
            digestLength = 48;
            break;
        case (int)CKM_SHA512:
            digestLength = 64;
            break;
        default:
            throw new ProviderException("Unknown mechanism: " + mechanism);
        }
        buffer = new byte[BUFFER_SIZE];
        state = S_BLANK;
    }

    // see JCA spec
    protected int engineGetDigestLength() {
        return digestLength;
    }

    private void fetchSession() {
        token.ensureValid();
        if (state == S_BLANK) {
            try {
                session = token.getOpSession();
                state = S_BUFFERED;
            } catch (PKCS11Exception e) {
                throw new ProviderException("No more session available", e);
            }
        }
    }

    // see JCA spec
    protected void engineReset() {
        token.ensureValid();

        if (session != null) {
            if (state == S_INIT && token.explicitCancel == true) {
                session = token.killSession(session);
            } else {
                session = token.releaseSession(session);
            }
        }
        state = S_BLANK;
        bufOfs = 0;
    }

    // see JCA spec
    protected byte[] engineDigest() {
        try {
            byte[] digest = new byte[digestLength];
            int n = engineDigest(digest, 0, digestLength);
            return digest;
        } catch (DigestException e) {
            throw new ProviderException("internal error", e);
        }
    }

    // see JCA spec
    protected int engineDigest(byte[] digest, int ofs, int len)
            throws DigestException {
        if (len < digestLength) {
            throw new DigestException("Length must be at least " +
                    digestLength);
        }

        fetchSession();
        try {
            int n;
            if (state == S_BUFFERED) {
                n = token.p11.C_DigestSingle(session.id(), mechanism, buffer, 0,
                        bufOfs, digest, ofs, len);
                bufOfs = 0;
            } else {
                if (bufOfs != 0) {
                    token.p11.C_DigestUpdate(session.id(), 0, buffer, 0,
                            bufOfs);
                    bufOfs = 0;
                }
                n = token.p11.C_DigestFinal(session.id(), digest, ofs, len);
            }
            if (n != digestLength) {
                throw new ProviderException("internal digest length error");
            }
            return n;
        } catch (PKCS11Exception e) {
            throw new ProviderException("digest() failed", e);
        } finally {
            engineReset();
        }
    }

    // see JCA spec
    protected void engineUpdate(byte in) {
        byte[] temp = { in };
        engineUpdate(temp, 0, 1);
    }

    // see JCA spec
    protected void engineUpdate(byte[] in, int ofs, int len) {
        if (len <= 0) {
            return;
        }

        fetchSession();
        try {
            if (state == S_BUFFERED) {
                token.p11.C_DigestInit(session.id(), mechanism);
                state = S_INIT;
            }
            if ((bufOfs != 0) && (bufOfs + len > buffer.length)) {
                // process the buffered data
                token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs);
                bufOfs = 0;
            }
            if (bufOfs + len > buffer.length) {
                // process the new data
                token.p11.C_DigestUpdate(session.id(), 0, in, ofs, len);
             } else {
                // buffer the new data
                System.arraycopy(in, ofs, buffer, bufOfs, len);
                bufOfs += len;
            }
        } catch (PKCS11Exception e) {
            engineReset();
            throw new ProviderException("update() failed", e);
        }
    }

    // Called by SunJSSE via reflection during the SSL 3.0 handshake if
    // the master secret is sensitive.
    // Note: Change to protected after this method is moved from
    // sun.security.util.MessageSpi2 interface to
    // java.security.MessageDigestSpi class
    public void engineUpdate(SecretKey key) throws InvalidKeyException {
        // SunJSSE calls this method only if the key does not have a RAW
        // encoding, i.e. if it is sensitive. Therefore, no point in calling
        // SecretKeyFactory to try to convert it. Just verify it ourselves.
        if (key instanceof P11Key == false) {
            throw new InvalidKeyException("Not a P11Key: " + key);
        }
        P11Key p11Key = (P11Key)key;
        if (p11Key.token != token) {
            throw new InvalidKeyException("Not a P11Key of this provider: " +
                    key);
        }

        fetchSession();
        try {
            if (state == S_BUFFERED) {
                token.p11.C_DigestInit(session.id(), mechanism);
                state = S_INIT;
            }

            if (bufOfs != 0) {
                token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs);
                bufOfs = 0;
            }
            token.p11.C_DigestKey(session.id(), p11Key.keyID);
        } catch (PKCS11Exception e) {
            engineReset();
            throw new ProviderException("update(SecretKey) failed", e);
        }
    }

    // see JCA spec
    protected void engineUpdate(ByteBuffer byteBuffer) {
        int len = byteBuffer.remaining();
        if (len <= 0) {
            return;
        }

        if (byteBuffer instanceof DirectBuffer == false) {
            super.engineUpdate(byteBuffer);
            return;
        }

        fetchSession();
        long addr = ((DirectBuffer)byteBuffer).address();
        int ofs = byteBuffer.position();
        try {
            if (state == S_BUFFERED) {
                token.p11.C_DigestInit(session.id(), mechanism);
                state = S_INIT;
            }
            if (bufOfs != 0) {
                token.p11.C_DigestUpdate(session.id(), 0, buffer, 0, bufOfs);
                bufOfs = 0;
            }
            token.p11.C_DigestUpdate(session.id(), addr + ofs, null, 0, len);
            byteBuffer.position(ofs + len);
        } catch (PKCS11Exception e) {
            engineReset();
            throw new ProviderException("update() failed", e);
        }
    }

    public Object clone() throws CloneNotSupportedException {
        P11Digest copy = (P11Digest) super.clone();
        copy.buffer = buffer.clone();
        try {
            if (session != null) {
                copy.session = copy.token.getOpSession();
            }
            if (state == S_INIT) {
                byte[] stateValues =
                    token.p11.C_GetOperationState(session.id());
                token.p11.C_SetOperationState(copy.session.id(),
                                              stateValues, 0, 0);
            }
        } catch (PKCS11Exception e) {
            throw (CloneNotSupportedException)
                (new CloneNotSupportedException(algorithm).initCause(e));
        }
        return copy;
    }
}

sun/security/pkcs11/P11Digest.java

 

JDK 11 jdk.crypto.ec.jmod - Crypto EC Module

JDK 11 jdk.compiler.jmod - Compiler Tool

Download and Use JDK 11

⇑⇑ FAQ for JDK (Java Development Kit)

2020-08-13, 7657👍, 0💬