Skip to content
Permalink
Browse files
8255410: Add ChaCha20 and Poly1305 support to SunPKCS11 provider
Reviewed-by: jnimeh
  • Loading branch information
Valerie Peng committed Apr 29, 2021
1 parent 46b4a14 commit 5d8c1cc8a05e0d9aedd6d54b8147d374c2290024
Showing 15 changed files with 1,561 additions and 116 deletions.

Large diffs are not rendered by default.

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -236,6 +236,10 @@ private void setDefault() {
keySize = adjustKeySize(128, range);
keyType = CKK_BLOWFISH;
break;
case (int)CKM_CHACHA20_KEY_GEN:
keySize = 256;
keyType = CKK_CHACHA20;
break;
case (int)CKM_SHA_1_KEY_GEN:
keySize = adjustKeySize(160, range);
keyType = CKK_SHA_1_HMAC;
@@ -68,6 +68,7 @@ final class P11SecretKeyFactory extends SecretKeyFactorySpi {
addKeyType("DESede", CKK_DES3);
addKeyType("AES", CKK_AES);
addKeyType("Blowfish", CKK_BLOWFISH);
addKeyType("ChaCha20", CKK_CHACHA20);

// we don't implement RC2 or IDEA, but we want to be able to generate
// keys for those SSL/TLS ciphersuites.
@@ -237,6 +238,10 @@ private static P11Key createKey(Token token, byte[] encoded,
P11KeyGenerator.checkKeySize(CKM_BLOWFISH_KEY_GEN, n,
token);
break;
case (int)CKK_CHACHA20:
keyLength = P11KeyGenerator.checkKeySize(
CKM_CHACHA20_KEY_GEN, n, token);
break;
case (int)CKK_GENERIC_SECRET:
case (int)PCKK_TLSPREMASTER:
case (int)PCKK_TLSRSAPREMASTER:
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -42,6 +42,8 @@
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextOutputCallback;

import com.sun.crypto.provider.ChaCha20Poly1305Parameters;

import sun.security.util.Debug;
import sun.security.util.ResourcesMgr;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
@@ -606,6 +608,8 @@ private static void register(Descriptor d) {
m(CKM_AES_KEY_GEN));
d(KG, "Blowfish", P11KeyGenerator,
m(CKM_BLOWFISH_KEY_GEN));
d(KG, "ChaCha20", P11KeyGenerator,
m(CKM_CHACHA20_KEY_GEN));
d(KG, "HmacMD5", P11KeyGenerator, // 1.3.6.1.5.5.8.1.1
m(CKM_GENERIC_SECRET_KEY_GEN));
dA(KG, "HmacSHA1", P11KeyGenerator,
@@ -655,6 +659,10 @@ private static void register(Descriptor d) {
d(AGP, "GCM", "sun.security.util.GCMParameters",
m(CKM_AES_GCM));

dA(AGP, "ChaCha20-Poly1305",
"com.sun.crypto.provider.ChaCha20Poly1305Parameters",
m(CKM_CHACHA20_POLY1305));

d(KA, "DH", P11KeyAgreement,
dhAlias,
m(CKM_DH_PKCS_DERIVE));
@@ -671,6 +679,8 @@ private static void register(Descriptor d) {
m(CKM_AES_CBC));
d(SKF, "Blowfish", P11SecretKeyFactory,
m(CKM_BLOWFISH_CBC));
d(SKF, "ChaCha20", P11SecretKeyFactory,
m(CKM_CHACHA20_POLY1305));

// XXX attributes for Ciphers (supported modes, padding)
dA(CIP, "ARCFOUR", P11Cipher,
@@ -732,6 +742,9 @@ private static void register(Descriptor d) {
d(CIP, "Blowfish/CBC/PKCS5Padding", P11Cipher,
m(CKM_BLOWFISH_CBC));

dA(CIP, "ChaCha20-Poly1305", P11AEADCipher,
m(CKM_CHACHA20_POLY1305));

d(CIP, "RSA/ECB/PKCS1Padding", P11RSACipher,
List.of("RSA"),
m(CKM_RSA_PKCS));
@@ -1156,7 +1169,8 @@ public Object newInstance0(Object param) throws
} else if (type == CIP) {
if (algorithm.startsWith("RSA")) {
return new P11RSACipher(token, algorithm, mechanism);
} else if (algorithm.endsWith("GCM/NoPadding")) {
} else if (algorithm.endsWith("GCM/NoPadding") ||
algorithm.startsWith("ChaCha20-Poly1305")) {
return new P11AEADCipher(token, algorithm, mechanism);
} else {
return new P11Cipher(token, algorithm, mechanism);
@@ -1209,6 +1223,8 @@ public Object newInstance0(Object param) throws
return new sun.security.util.ECParameters();
} else if (algorithm == "GCM") {
return new sun.security.util.GCMParameters();
} else if (algorithm == "ChaCha20-Poly1305") {
return new ChaCha20Poly1305Parameters(); // from SunJCE
} else {
throw new NoSuchAlgorithmException("Unsupported algorithm: "
+ algorithm);
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
*/

/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -155,6 +155,11 @@ public CK_MECHANISM(long mechanism, CK_CCM_PARAMS params) {
init(mechanism, params);
}

public CK_MECHANISM(long mechanism,
CK_SALSA20_CHACHA20_POLY1305_PARAMS params) {
init(mechanism, params);
}

// For PSS. the parameter may be set multiple times, use the
// CK_MECHANISM(long) constructor and setParameter(CK_RSA_PKCS_PSS_PARAMS)
// methods instead of creating yet another constructor
@@ -0,0 +1,69 @@
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/

package sun.security.pkcs11.wrapper;

import java.util.HexFormat;

/**
* This class represents the necessary parameters required by the
* CKM_CHACHA20_POLY1305 and CKM_SALSA20_POLY1305 mechanisms as defined in
* CK_SALSA20_CHACHA20_POLY1305_PARAMS structure.<p>
* <B>PKCS#11 structure:</B>
* <PRE>
* typedef struct CK_SALSA20_CHACHA20_POLY1305_PARAMS {
* CK_BYTE_PTR pNonce;
* CK_ULONG ulNonceLen;
* CK_BYTE_PTR pAAD;
* CK_ULONG ulAADLen;
* } CK_SALSA20_CHACHA20_POLY1305_PARAMS;
* </PRE>
*
* @since 17
*/
public class CK_SALSA20_CHACHA20_POLY1305_PARAMS {

private final byte[] nonce;
private final byte[] aad;

public CK_SALSA20_CHACHA20_POLY1305_PARAMS(byte[] nonce, byte[] aad) {
this.nonce = nonce;
this.aad = aad;
}

public String toString() {
StringBuilder sb = new StringBuilder();

sb.append(Constants.INDENT);
sb.append("Nonce: ");
sb.append((nonce == null? "null" :
"0x" + HexFormat.of().formatHex(nonce)));
sb.append(Constants.NEWLINE);
sb.append(Constants.INDENT);
sb.append("AAD: ");
sb.append((aad == null? "null" : "0x" + HexFormat.of().formatHex(aad)));
return sb.toString();
}
}
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
*/

/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -1159,6 +1159,73 @@ jCCMParamsToCKCCMParamPtr(JNIEnv *env, jobject jParam, CK_ULONG *pLength)
return NULL;
}

/*
* converts the Java CK_SALSA20_CHACHA20_POLY1305_PARAMS object to a
* CK_SALSA20_CHACHA20_POLY1305_PARAMS pointer
*
* @param env - used to call JNI functions to get the Java classes and objects
* @param jParam - the Java CK_SALSA20_CHACHA20_POLY1305_PARAMS object to
* convert
* @param pLength - length of the allocated memory of the returned pointer
* @return pointer to the new CK_SALSA20_CHACHA20_POLY1305_PARAMS structure
*/
CK_SALSA20_CHACHA20_POLY1305_PARAMS_PTR
jSalsaChaChaPolyParamsToCKSalsaChaChaPolyParamPtr(
JNIEnv *env, jobject jParam, CK_ULONG *pLength)
{
CK_SALSA20_CHACHA20_POLY1305_PARAMS_PTR ckParamPtr;
jclass jParamsClass;
jfieldID fieldID;
jobject jNonce, jAad;

if (pLength != NULL) {
*pLength = 0;
}

// retrieve java values
jParamsClass = (*env)->FindClass(env,
CLASS_SALSA20_CHACHA20_POLY1305_PARAMS);
if (jParamsClass == NULL) { return NULL; }
if (!(*env)->IsInstanceOf(env, jParam, jParamsClass)) {
return NULL;
}
fieldID = (*env)->GetFieldID(env, jParamsClass, "nonce", "[B");
if (fieldID == NULL) { return NULL; }
jNonce = (*env)->GetObjectField(env, jParam, fieldID);
fieldID = (*env)->GetFieldID(env, jParamsClass, "aad", "[B");
if (fieldID == NULL) { return NULL; }
jAad = (*env)->GetObjectField(env, jParam, fieldID);
// allocate memory for CK_SALSA20_CHACHA20_POLY1305_PARAMS pointer
ckParamPtr = calloc(1, sizeof(CK_SALSA20_CHACHA20_POLY1305_PARAMS));
if (ckParamPtr == NULL) {
throwOutOfMemoryError(env, 0);
return NULL;
}

// populate using java values
jByteArrayToCKByteArray(env, jNonce, &(ckParamPtr->pNonce),
&(ckParamPtr->ulNonceLen));
if ((*env)->ExceptionCheck(env)) {
goto cleanup;
}

jByteArrayToCKByteArray(env, jAad, &(ckParamPtr->pAAD),
&(ckParamPtr->ulAADLen));
if ((*env)->ExceptionCheck(env)) {
goto cleanup;
}

if (pLength != NULL) {
*pLength = sizeof(CK_SALSA20_CHACHA20_POLY1305_PARAMS);
}
return ckParamPtr;
cleanup:
free(ckParamPtr->pNonce);
free(ckParamPtr->pAAD);
free(ckParamPtr);
return NULL;
}

/*
* converts a Java CK_MECHANISM object into a CK_MECHANISM pointer
* pointer.
@@ -1437,6 +1504,11 @@ CK_VOID_PTR jMechParamToCKMechParamPtrSlow(JNIEnv *env, jobject jParam,
case CKM_AES_CCM:
ckpParamPtr = jCCMParamsToCKCCMParamPtr(env, jParam, ckpLength);
break;
case CKM_CHACHA20_POLY1305:
ckpParamPtr =
jSalsaChaChaPolyParamsToCKSalsaChaChaPolyParamPtr(env,
jParam, ckpLength);
break;
case CKM_RSA_PKCS_OAEP:
ckpParamPtr = jRsaPkcsOaepParamToCKRsaPkcsOaepParamPtr(env, jParam, ckpLength);
break;
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
*/

/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -323,6 +323,11 @@ void freeCKMechanismPtr(CK_MECHANISM_PTR mechPtr) {
free(((CK_CCM_PARAMS*)tmp)->pNonce);
free(((CK_CCM_PARAMS*)tmp)->pAAD);
break;
case CKM_CHACHA20_POLY1305:
TRACE0("[ CK_SALSA20_CHACHA20_POLY1305_PARAMS ]\n");
free(((CK_SALSA20_CHACHA20_POLY1305_PARAMS*)tmp)->pNonce);
free(((CK_SALSA20_CHACHA20_POLY1305_PARAMS*)tmp)->pAAD);
break;
case CKM_TLS_PRF:
case CKM_NSS_TLS_PRF_GENERAL:
TRACE0("[ CK_TLS_PRF_PARAMS ]\n");
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
*/

/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -256,6 +256,8 @@ void printDebug(const char *format, ...);
#define CLASS_AES_CTR_PARAMS "sun/security/pkcs11/wrapper/CK_AES_CTR_PARAMS"
#define CLASS_GCM_PARAMS "sun/security/pkcs11/wrapper/CK_GCM_PARAMS"
#define CLASS_CCM_PARAMS "sun/security/pkcs11/wrapper/CK_CCM_PARAMS"
#define CLASS_SALSA20_CHACHA20_POLY1305_PARAMS \
"sun/security/pkcs11/wrapper/CK_SALSA20_CHACHA20_POLY1305_PARAMS"
#define CLASS_RSA_PKCS_PSS_PARAMS "sun/security/pkcs11/wrapper/CK_RSA_PKCS_PSS_PARAMS"
#define CLASS_RSA_PKCS_OAEP_PARAMS "sun/security/pkcs11/wrapper/CK_RSA_PKCS_OAEP_PARAMS"

1 comment on commit 5d8c1cc

@openjdk-notifier
Copy link

@openjdk-notifier openjdk-notifier bot commented on 5d8c1cc Apr 29, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.