diff --git a/docs/proj_agile.rst b/docs/proj_agile.rst index d18ace5..860cc48 100644 --- a/docs/proj_agile.rst +++ b/docs/proj_agile.rst @@ -3,27 +3,16 @@ CCC Agile ========= -FEATURES --------- -* ndk cmake builds (C++, LLVM support, ABI) -* .aar library packaging, includes java .class files (and other resources) - - - - WORKING -------- +======= +* NC: add more JNI crypto features: SHA, RSA, CHACHA +* UI: adding encrypt screen * l@@k at Android Weekly emails -Milestone -^^^^^^^^^ -* WolfSSL validate with JNI - - BACKLOG -------- +======= Tasks ^^^^^ @@ -50,9 +39,6 @@ Tasks Milestones ^^^^^^^^^^ -* JNI wrapper tests - - RSA Public Key Generation - - AES crypt * normalizedcrypto - maybe wrap nextcrypto with a *VERY* simple API @@ -64,7 +50,8 @@ Milestones COMPLETED ---------- +========= + * TEST: add test code for JNI calls - tested AES, everything else should work accordingly * combine wolfssl-lib + wolfssl-jni == ccc-ndk-jni (not ccc-jni which would be for java) @@ -76,5 +63,15 @@ COMPLETED - discover which gradle to target --> wolfssl was main gradle app target +Milestones +^^^^^^^^^^ +* JNI wrapper tests + - RSA Public Key Generation + - AES crypt +* X Android application skeleton +* X WolfSSL validate with JNI + + + diff --git a/docs/proj_nc b/docs/proj_nc deleted file mode 100644 index 9cc9fac..0000000 --- a/docs/proj_nc +++ /dev/null @@ -1,6 +0,0 @@ -============= -Project Notes -============= - - - diff --git a/docs/proj_nc.rst b/docs/proj_nc.rst new file mode 100644 index 0000000..368a6dc --- /dev/null +++ b/docs/proj_nc.rst @@ -0,0 +1,14 @@ +========================= +Next Crypto Project Notes +========================= + + +FEATURES +-------- +* ndk cmake builds (C++, LLVM support, ABI) +* .aar library packaging, includes java .class files (and other resources) + + + + + diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar index 3baa851..87b738c 100644 Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index feae331..44e7c4d 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,5 @@ -#Sun Feb 26 23:05:09 PST 2017 distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-5.2.1-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-all.zip diff --git a/gradlew b/gradlew index 27309d9..af6708f 100755 --- a/gradlew +++ b/gradlew @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/usr/bin/env sh ############################################################################## ## @@ -28,16 +28,16 @@ APP_NAME="Gradle" APP_BASE_NAME=`basename "$0"` # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS="" +DEFAULT_JVM_OPTS='"-Xmx64m"' # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD="maximum" -warn ( ) { +warn () { echo "$*" } -die ( ) { +die () { echo echo "$*" echo @@ -154,11 +154,19 @@ if $cygwin ; then esac fi -# Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules -function splitJvmOpts() { - JVM_OPTS=("$@") +# Escape application args +save () { + for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done + echo " " } -eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS -JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME" +APP_ARGS=$(save "$@") -exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@" +# Collect all arguments for the java command, following the shell quoting and substitution rules +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" + +# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong +if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then + cd "$(dirname "$0")" +fi + +exec "$JAVACMD" "$@" diff --git a/gradlew.bat b/gradlew.bat new file mode 100644 index 0000000..0f8d593 --- /dev/null +++ b/gradlew.bat @@ -0,0 +1,84 @@ +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/settings.gradle b/settings.gradle index 69ce2c6..53852da 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,4 +1,4 @@ // include this at the top, for shared libraries -include ':wolfssl-lib' +// include ':wolfssl-lib' // include ':wolfssl-jni' include ':ccc-jni' diff --git a/wolfssl-jni/build.gradle b/wolfssl-jni/build.gradle index 5d07fb2..8d99335 100644 --- a/wolfssl-jni/build.gradle +++ b/wolfssl-jni/build.gradle @@ -46,5 +46,5 @@ task copyLibs(type: Copy) { dependencies { - // testImplementation 'junit:junit:4.12' + testImplementation 'junit:junit:4.12' } diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Asn.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Asn.java new file mode 100644 index 0000000..92d0a7f --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Asn.java @@ -0,0 +1,43 @@ +/* Asn.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Asn implementation. + * + * @author Moisés Guimarães + * @version 1.0, March 2015 + */ +public class Asn extends WolfObject { + + public static final int MAX_ENCODED_SIG_SIZE = 512; + + public static native void encodeSignature(ByteBuffer encoded, + ByteBuffer hash, long hashSize, int hashOID); + + public static native long encodeSignature(byte[] encoded, + byte[] hash, long hashSize, int hashOID); + + public static native int getCTC_HashOID(int type); +} diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Chacha.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Chacha.java new file mode 100644 index 0000000..e300e81 --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Chacha.java @@ -0,0 +1,101 @@ +/* Chacha.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.security.InvalidAlgorithmParameterException; + +/** + * Wrapper for the native WolfCrypt Chacha implementation. + * + * @author Daniele Lacamera + * @version 1.0, March 2018 + */ +public class Chacha extends NativeStruct { + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + public Chacha() { + init(); + } + + @Override + public void releaseNativeStruct() { + free(); + + super.releaseNativeStruct(); + } + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + private native void wc_Chacha_init(); + + private native void wc_Chacha_free(); + + private native byte[] wc_Chacha_process(byte in[]); + + private native void wc_Chacha_setKey(byte[] Key); + + private native void wc_Chacha_setIV(byte[] IV); + + + + + protected void init() { + if (state == WolfCryptState.UNINITIALIZED) { + wc_Chacha_init(); + state = WolfCryptState.INITIALIZED; + } else { + throw new IllegalStateException( + "Native resources already initialized."); + } + } + + protected void free() { + if (state != WolfCryptState.UNINITIALIZED) { + wc_Chacha_free(); + state = WolfCryptState.UNINITIALIZED; + } + } + + public void setKey(byte[] Key) { + if (state == WolfCryptState.INITIALIZED) { + wc_Chacha_setKey(Key); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void setIV(byte[] IV) { + wc_Chacha_setIV(IV); + } + + public byte[] process(byte[] in) { + if (state == WolfCryptState.READY) { + return wc_Chacha_process(in); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } +} + diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Curve25519.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Curve25519.java new file mode 100644 index 0000000..0e766ca --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Curve25519.java @@ -0,0 +1,172 @@ +/* Curve25519.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.security.InvalidAlgorithmParameterException; +import java.security.spec.EllipticCurve; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECFieldFp; + +/** + * Wrapper for the native WolfCrypt curve25519 implementation. + * + * @author Daniele Lacamera + * @version 1.0, March 2018 + */ +public class Curve25519 extends NativeStruct { + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + public Curve25519() { + init(); + } + + @Override + public void releaseNativeStruct() { + free(); + + super.releaseNativeStruct(); + } + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + private native void wc_curve25519_init(); + + private native void wc_curve25519_free(); + + private native void wc_curve25519_make_key(Rng rng, int size); + + private native void wc_curve25519_make_key_ex(Rng rng, int size, int endian); + + private native void wc_curve25519_check_key(); + + private native byte[] wc_curve25519_make_shared_secret(Curve25519 pubKey); + + private native void wc_curve25519_import_private(byte[] privKey, byte[] key); + private native void wc_curve25519_import_private_only(byte[] privKey); + private native void wc_curve25519_import_public(byte[] pubKey); + + + private native byte[] wc_curve25519_export_private(); + private native byte[] wc_curve25519_export_public(); + + + protected void init() { + if (state == WolfCryptState.UNINITIALIZED) { + wc_curve25519_init(); + state = WolfCryptState.INITIALIZED; + } else { + throw new IllegalStateException( + "Native resources already initialized."); + } + } + + protected void free() { + if (state != WolfCryptState.UNINITIALIZED) { + wc_curve25519_free(); + state = WolfCryptState.UNINITIALIZED; + } + } + + public void makeKey(Rng rng, int size) { + if (state == WolfCryptState.INITIALIZED) { + wc_curve25519_make_key(rng, size); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void makeKeyWithEndian(Rng rng, int size, int endian) { + if (state == WolfCryptState.INITIALIZED) { + wc_curve25519_make_key_ex(rng, size, endian); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void checkKey() { + if (state == WolfCryptState.READY) { + wc_curve25519_check_key(); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + + public void importPrivate(byte[] privKey, byte[] xKey) { + if (state == WolfCryptState.INITIALIZED) { + wc_curve25519_import_private(privKey, xKey); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void importPrivateOnly(byte[] privKey) { + if (state == WolfCryptState.INITIALIZED) { + wc_curve25519_import_private_only(privKey); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void importPublic(byte[] pubKey) { + if (state == WolfCryptState.INITIALIZED) { + wc_curve25519_import_public(pubKey); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public byte[] exportPrivate() { + if (state == WolfCryptState.READY) { + return wc_curve25519_export_private(); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + + public byte[] exportPublic() { + if (state == WolfCryptState.READY) { + return wc_curve25519_export_public(); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + + public byte[] makeSharedSecret(Curve25519 pubKey) { + if (state == WolfCryptState.READY) { + return wc_curve25519_make_shared_secret(pubKey); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + +} + diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Des3.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Des3.java new file mode 100644 index 0000000..f720e1d --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Des3.java @@ -0,0 +1,59 @@ +/* Des3.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Des3 implementation. + * + * @author Moisés Guimarães + * @version 1.0, February 2015 + */ +public class Des3 extends BlockCipher { + + public static final int KEY_SIZE = 24; + public static final int BLOCK_SIZE = 8; + public static final int ENCRYPT_MODE = 0; + public static final int DECRYPT_MODE = 1; + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + private int opmode; + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + protected native void native_set_key(byte[] key, byte[] iv, int opmode); + + protected native int native_update(int opmode, byte[] input, int offset, + int length, byte[] output, int outputOffset); + + protected native int native_update(int opmode, ByteBuffer input, + int offset, int length, ByteBuffer output, int outputOffset); + + public Des3() { + } + + public Des3(byte[] key, byte[] iv, int opmode) { + setKey(key, iv, opmode); + } +} \ No newline at end of file diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Dh.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Dh.java new file mode 100644 index 0000000..5e430e0 --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Dh.java @@ -0,0 +1,150 @@ +/* Dh.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +/** + * Wrapper for the native WolfCrypt DH implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Dh extends NativeStruct { + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + private byte[] privateKey = null; + private byte[] publicKey = null; + private int pSize = 0; + + public Dh() { + init(); + } + + public Dh(byte[] p, byte[] g) { + init(); + setParams(p, g); + } + + @Override + public void releaseNativeStruct() { + free(); + + super.releaseNativeStruct(); + } + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + private native void wc_InitDhKey(); + + private native void wc_FreeDhKey(); + + private native void wc_DhSetKey(byte[] p, byte[] g); + + private native void wc_DhGenerateKeyPair(Rng rng, int pSize); + + private native byte[] wc_DhAgree(byte[] priv, byte[] pub); + + protected void init() { + if (state == WolfCryptState.UNINITIALIZED) { + wc_InitDhKey(); + state = WolfCryptState.INITIALIZED; + } else { + throw new IllegalStateException( + "Native resources already initialized."); + } + } + + protected void free() { + if (state != WolfCryptState.UNINITIALIZED) { + wc_FreeDhKey(); + + setPrivateKey(new byte[0]); + setPublicKey(new byte[0]); + + state = WolfCryptState.UNINITIALIZED; + } + } + + public void setPrivateKey(byte[] priv) { + if (state != WolfCryptState.UNINITIALIZED) { + if (privateKey != null) + for (int i = 0; i < privateKey.length; i++) + privateKey[i] = 0; + + privateKey = priv.clone(); + } else { + throw new IllegalStateException( + "No available parameters to perform opetarion."); + } + } + + public void setPublicKey(byte[] pub) { + if (state != WolfCryptState.UNINITIALIZED) { + if (publicKey != null) + for (int i = 0; i < publicKey.length; i++) + publicKey[i] = 0; + + publicKey = pub.clone(); + } else { + throw new IllegalStateException( + "No available parameters to perform opetarion."); + } + } + + public byte[] getPublicKey() { + return publicKey; + } + + public byte[] getPrivateKey() { + return privateKey; + } + + public void setParams(byte[] p, byte[] g) { + if (state == WolfCryptState.INITIALIZED) { + wc_DhSetKey(p, g); + this.pSize = p.length; + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has parameters."); + } + } + + public void makeKey(Rng rng) { + if (privateKey == null) { + /* use size of P to allocate key buffer size */ + wc_DhGenerateKeyPair(rng, this.pSize); + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public byte[] makeSharedSecret(Dh pubKey) { + byte[] publicKey = pubKey.getPublicKey(); + + if (privateKey != null || publicKey != null) { + return wc_DhAgree(privateKey, publicKey); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } +} + diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Ecc.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Ecc.java new file mode 100644 index 0000000..718516b --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Ecc.java @@ -0,0 +1,296 @@ +/* Ecc.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.security.InvalidAlgorithmParameterException; +import java.security.spec.EllipticCurve; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECFieldFp; + +/** + * Wrapper for the native WolfCrypt ecc implementation. + * + * @author Moisés Guimarães + * @version 2.0, February 2017 + */ +public class Ecc extends NativeStruct { + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + public Ecc() { + init(); + } + + @Override + public void releaseNativeStruct() { + free(); + + super.releaseNativeStruct(); + } + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + private native void wc_ecc_init(); + + private native void wc_ecc_free(); + + private native void wc_ecc_make_key(Rng rng, int size); + + private native void wc_ecc_make_key_ex(Rng rng, int size, String curveName); + + private native void wc_ecc_check_key(); + + private native byte[] wc_ecc_shared_secret(Ecc pubKey); + + private native void wc_ecc_import_private(byte[] privKey, byte[] x963Key, + String curveName); + + private native byte[] wc_ecc_export_private(); + + private native void wc_ecc_import_x963(byte[] key); + + private native byte[] wc_ecc_export_x963(); + + private native void wc_EccPrivateKeyDecode(byte[] key); + + private native byte[] wc_EccKeyToDer(); + + private native void wc_EccPublicKeyDecode(byte[] key); + + private native byte[] wc_EccPublicKeyToDer(); + + private native byte[] wc_ecc_sign_hash(byte[] hash, Rng rng); + + private native boolean wc_ecc_verify_hash(byte[] hash, byte[] signature); + + private static native int wc_ecc_get_curve_size_from_name(String name); + + private native byte[] wc_ecc_private_key_to_pkcs8(); + + private static native String wc_ecc_get_curve_name_from_id(int curve_id); + + private static native int wc_ecc_get_curve_id_from_params(int fieldSize, + byte[] prime, byte[] Af, byte[] Bf, byte[] order, + byte[] Gx, byte[] Gy, int cofactor); + + protected void init() { + if (state == WolfCryptState.UNINITIALIZED) { + wc_ecc_init(); + state = WolfCryptState.INITIALIZED; + } else { + throw new IllegalStateException( + "Native resources already initialized."); + } + } + + protected void free() { + if (state != WolfCryptState.UNINITIALIZED) { + wc_ecc_free(); + state = WolfCryptState.UNINITIALIZED; + } + } + + public void makeKey(Rng rng, int size) { + if (state == WolfCryptState.INITIALIZED) { + wc_ecc_make_key(rng, size); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void makeKeyOnCurve(Rng rng, int size, String curveName) { + if (state == WolfCryptState.INITIALIZED) { + wc_ecc_make_key_ex(rng, size, curveName.toUpperCase()); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void checkKey() { + if (state == WolfCryptState.READY) { + wc_ecc_check_key(); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public void importPrivate(byte[] privKey, byte[] x963Key) { + if (state == WolfCryptState.INITIALIZED) { + wc_ecc_import_private(privKey, x963Key, null); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void importPrivateOnCurve(byte[] privKey, byte[] x963Key, + String curveName) { + if (state == WolfCryptState.INITIALIZED) { + wc_ecc_import_private(privKey, x963Key, curveName); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public byte[] exportPrivate() { + if (state == WolfCryptState.READY) { + return wc_ecc_export_private(); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public void importX963(byte[] key) { + if (state == WolfCryptState.INITIALIZED) { + wc_ecc_import_x963(key); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public byte[] exportX963() { + if (state == WolfCryptState.READY) { + return wc_ecc_export_x963(); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public void privateKeyDecode(byte[] key) { + if (state == WolfCryptState.INITIALIZED) { + wc_EccPrivateKeyDecode(key); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public byte[] privateKeyEncode() { + if (state == WolfCryptState.READY) { + return wc_EccKeyToDer(); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public void publicKeyDecode(byte[] key) { + if (state == WolfCryptState.INITIALIZED) { + wc_EccPublicKeyDecode(key); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public byte[] publicKeyEncode() { + if (state == WolfCryptState.READY) { + return wc_EccPublicKeyToDer(); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public byte[] makeSharedSecret(Ecc pubKey) { + if (state == WolfCryptState.READY) { + return wc_ecc_shared_secret(pubKey); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public byte[] sign(byte[] hash, Rng rng) { + byte[] signature = new byte[0]; + + if (state == WolfCryptState.READY) { + signature = wc_ecc_sign_hash(hash, rng); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + + return signature; + } + + public boolean verify(byte[] hash, byte[] signature) { + boolean result = false; + + if (state == WolfCryptState.READY) { + result = wc_ecc_verify_hash(hash, signature); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + + return result; + } + + public static int getCurveSizeFromName(String curveName) { + /* Ecc object doesn't need to be initialied before call */ + return wc_ecc_get_curve_size_from_name(curveName); + } + + public byte[] privateKeyEncodePKCS8() { + if (state == WolfCryptState.READY) { + return wc_ecc_private_key_to_pkcs8(); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + + public static String getCurveName(ECParameterSpec spec) + throws InvalidAlgorithmParameterException + { + int curve_id; + + /* Ecc object doesn't need to be initialied before call */ + if (!(spec.getCurve().getField() instanceof ECFieldFp)) { + throw new InvalidAlgorithmParameterException( + "Currently only ECFieldFp fields supported"); + } + ECFieldFp field = (ECFieldFp)spec.getCurve().getField(); + EllipticCurve curve = spec.getCurve(); + + curve_id = wc_ecc_get_curve_id_from_params( + field.getFieldSize(), + field.getP().toByteArray(), + curve.getA().toByteArray(), + curve.getB().toByteArray(), + spec.getOrder().toByteArray(), + spec.getGenerator().getAffineX().toByteArray(), + spec.getGenerator().getAffineY().toByteArray(), + spec.getCofactor()); + + return wc_ecc_get_curve_name_from_id(curve_id); + } +} + diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Ed25519.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Ed25519.java new file mode 100644 index 0000000..62bf75f --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Ed25519.java @@ -0,0 +1,183 @@ +/* Ed25519.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.security.InvalidAlgorithmParameterException; + +/** + * Wrapper for the native WolfCrypt ed25519 implementation. + * + * @author Daniele Lacamera + * @version 1.0, March 2018 + */ +public class Ed25519 extends NativeStruct { + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + public Ed25519() { + init(); + } + + @Override + public void releaseNativeStruct() { + free(); + + super.releaseNativeStruct(); + } + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + private native void wc_ed25519_init(); + + private native void wc_ed25519_free(); + + private native void wc_ed25519_make_key(Rng rng, int size); + + private native void wc_ed25519_check_key(); + + private native void wc_ed25519_import_private(byte[] privKey, byte[] key); + private native void wc_ed25519_import_private_only(byte[] privKey); + private native void wc_ed25519_import_public(byte[] privKey); + + private native byte[] wc_ed25519_sign_msg(byte[] msg); + private native boolean wc_ed25519_verify_msg(byte[] sig, byte[] msg); + + private native byte[] wc_ed25519_export_private(); + private native byte[] wc_ed25519_export_private_only(); + private native byte[] wc_ed25519_export_public(); + + protected void init() { + if (state == WolfCryptState.UNINITIALIZED) { + wc_ed25519_init(); + state = WolfCryptState.INITIALIZED; + } else { + throw new IllegalStateException( + "Native resources already initialized."); + } + } + + protected void free() { + if (state != WolfCryptState.UNINITIALIZED) { + wc_ed25519_free(); + state = WolfCryptState.UNINITIALIZED; + } + } + + public void makeKey(Rng rng, int size) { + if (state == WolfCryptState.INITIALIZED) { + wc_ed25519_make_key(rng, size); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void checkKey() { + if (state == WolfCryptState.READY) { + wc_ed25519_check_key(); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + + public void importPrivate(byte[] privKey, byte[] Key) { + if (state == WolfCryptState.INITIALIZED) { + wc_ed25519_import_private(privKey, Key); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void importPrivateOnly(byte[] privKey) { + if (state == WolfCryptState.INITIALIZED) { + wc_ed25519_import_private_only(privKey); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public void importPublic(byte[] Key) { + if (state == WolfCryptState.INITIALIZED) { + wc_ed25519_import_public(Key); + state = WolfCryptState.READY; + } else { + throw new IllegalStateException("Object already has a key."); + } + } + + public byte[] exportPrivate() { + if (state == WolfCryptState.READY) { + return wc_ed25519_export_private(); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + + public byte[] exportPrivateOnly() { + if (state == WolfCryptState.READY) { + return wc_ed25519_export_private_only(); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + + public byte[] exportPublic() { + if (state == WolfCryptState.READY) { + return wc_ed25519_export_public(); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + } + + public byte[] sign_msg(byte[] msg_in) { + + byte[] msg_out = null; + if (state == WolfCryptState.READY) { + msg_out = wc_ed25519_sign_msg(msg_in); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + + return msg_out; + } + + public boolean verify_msg(byte[] msg, byte[] signature) { + boolean result = false; + + if (state == WolfCryptState.READY) { + result = wc_ed25519_verify_msg(signature, msg); + } else { + throw new IllegalStateException( + "No available key to perform the operation."); + } + + return result; + } +} + diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Fips.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Fips.java new file mode 100644 index 0000000..02a67a7 --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Fips.java @@ -0,0 +1,1690 @@ +/* Fips.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +import com.wolfssl.wolfcrypt.Aes; + +/** + * Main wrapper for the native WolfCrypt implementation. + * + * @author Moisés Guimarães + * @version 1.0, February 2015 + */ +public class Fips extends WolfObject { + + public static final boolean enabled = Fips.enabled(); + + public static final int fipsVersion = Fips.getFipsVersion(); + + private Fips() { + } + + public interface ErrorCallback { + public void errorCallback(int ok, int err, String hash); + } + + /** + * Sets an callback class for handling fips errors. + * + * @param callback + * the callback class. + */ + public static native void wolfCrypt_SetCb_fips(ErrorCallback callback); + + /** + * The current inCore hash of the wolfCrypt fips code. + * + * @return current inCore hash. + */ + public static native String wolfCrypt_GetCoreHash_fips(); + + /** + * Polls the underlying wolfCrypt library to see if HAVE_FIPS is defined. + * + * @return true if HAVE_FIPS has been defined and FIPS mode is enabled, + * otherwise false. + */ + private static native boolean enabled(); + + private static native int getFipsVersion(); + + /* + * ### FIPS Aprooved Security Methods ###################################### + */ + + /* + * wolfCrypt FIPS API - Symmetric encrypt/decrypt Service + */ + + /* AES */ + + /** + * Initializes Aes object for CBC mode with key and iv. + * + * @param aes + * the Aes object. + * @param userKey + * the key to be set. + * @param keylen + * the key length. + * @param iv + * the initialization vector (optional). + * @param dir + * the direction (encryption|decryption). + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesSetKey_fips(Aes aes, ByteBuffer userKey, + long keylen, ByteBuffer iv, int dir); + + /** + * Initializes Aes object for CBC mode with key and iv. + * + * @param aes + * the Aes object. + * @param userKey + * the key to be set. + * @param keylen + * the key length. + * @param iv + * the initialization vector (optional). + * @param dir + * the direction (encryption|decryption). + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesSetKey_fips(Aes aes, byte[] userKey, + long keylen, byte[] iv, int dir); + + /** + * Initializes Aes object with iv. + * + * @param aes + * the Aes object. + * @param iv + * the initialization vector. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesSetIV_fips(Aes aes, ByteBuffer iv); + + /** + * Initializes Aes object with iv. + * + * @param aes + * the Aes object. + * @param iv + * the initialization vector. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesSetIV_fips(Aes aes, byte[] iv); + + /** + * Performs Aes Cbc Encryption. + * + * @param aes + * the Aes object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesCbcEncrypt_fips(Aes aes, ByteBuffer out, + ByteBuffer in, long sz); + + /** + * Performs Aes Cbc Encryption. + * + * @param aes + * the Aes object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesCbcEncrypt_fips(Aes aes, byte[] out, byte[] in, + long sz); + + /** + * Performs Aes Cbc Decryption. + * + * @param aes + * the Aes object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesCbcDecrypt_fips(Aes aes, ByteBuffer out, + ByteBuffer in, long sz); + + /** + * Performs Aes Cbc Decryption. + * + * @param aes + * the Aes object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesCbcDecrypt_fips(Aes aes, byte[] out, byte[] in, + long sz); + + /** + * Initializes Aes object for GCM mode with key. + * + * @param aes + * the Aes object. + * @param userKey + * the key to be set. + * @param keylen + * the key length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesGcmSetKey_fips(Aes aes, ByteBuffer userKey, + long keylen); + + /** + * Initializes Aes object for GCM mode with key. + * + * @param aes + * the Aes object. + * @param userKey + * the key to be set. + * @param keylen + * the key length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesGcmSetKey_fips(Aes aes, byte[] userKey, + long keylen); + + /** + * Performs aes GCM Encryption. + * + * @param aes + * the Aes object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * @param iv + * the initialization vector buffer. + * @param ivSz + * the initialization vector length. + * @param authTag + * the authTag buffer. + * @param authTagSz + * the authTag length. + * @param authIn + * the authIn buffer. + * @param authInSz + * the authIn length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesGcmEncrypt_fips(Aes aes, ByteBuffer out, + ByteBuffer in, long sz, ByteBuffer iv, long ivSz, + ByteBuffer authTag, long authTagSz, ByteBuffer authIn, long authInSz); + + /** + * Performs aes GCM Encryption. + * + * @param aes + * the Aes object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * @param iv + * the initialization vector buffer. + * @param ivSz + * the initialization vector length. + * @param authTag + * the authTag buffer. + * @param authTagSz + * the authTag length. + * @param authIn + * the authIn buffer. + * @param authInSz + * the authIn length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesGcmEncrypt_fips(Aes aes, byte[] out, + byte[] in, long sz, byte[] iv, long ivSz, + byte[] authTag, long authTagSz, byte[] authIn, long authInSz); + + /** + * Performs aes GCM Decryption. + * + * @param aes + * the Aes object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * @param iv + * the initialization vector buffer. + * @param ivSz + * the initialization vector length. + * @param authTag + * the authTag buffer. + * @param authTagSz + * the authTag length. + * @param authIn + * the authIn buffer. + * @param authInSz + * the authIn length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesGcmDecrypt_fips(Aes aes, ByteBuffer out, + ByteBuffer in, long sz, ByteBuffer iv, long ivSz, + ByteBuffer authTag, long authTagSz, ByteBuffer authIn, long authInSz); + + /** + * Performs aes GCM Decryption. + * + * @param aes + * the Aes object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * @param iv + * the initialization vector buffer. + * @param ivSz + * the initialization vector length. + * @param authTag + * the authTag buffer. + * @param authTagSz + * the authTag length. + * @param authIn + * the authIn buffer. + * @param authInSz + * the authIn length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int AesGcmDecrypt_fips(Aes aes, byte[] out, + byte[] in, long sz, byte[] iv, long ivSz, + byte[] authTag, long authTagSz, byte[] authIn, long authInSz); + + /* DES3 */ + + /** + * Initializes Des3 object for CBC mode with key and iv. + * + * @param des + * the Des3 object. + * @param userKey + * the key to be set. + * @param iv + * the initialization vector (optional). + * @param dir + * the direction (encryption|decryption). + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Des3_SetKey_fips(Des3 des, ByteBuffer userKey, + ByteBuffer iv, int dir); + + /** + * Initializes Des3 object for CBC mode with key and iv. + * + * @param des + * the Des3 object. + * @param userKey + * the key to be set. + * @param iv + * the initialization vector (optional). + * @param dir + * the direction (encryption|decryption). + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Des3_SetKey_fips(Des3 des, byte[] userKey, + byte[] iv, int dir); + + /** + * Initializes Des3 object with iv. + * + * @param des + * the Des3 object. + * @param iv + * the initialization vector. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Des3_SetIV_fips(Des3 des, ByteBuffer iv); + + /** + * Initializes Des3 object with iv. + * + * @param des + * the Des3 object. + * @param iv + * the initialization vector. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Des3_SetIV_fips(Des3 des, byte[] iv); + + /** + * Performs Des3 CBC Encryption. + * + * @param des + * the Des3 object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Des3_CbcEncrypt_fips(Des3 des, ByteBuffer out, + ByteBuffer in, long sz); + + /** + * Performs Des3 CBC Encryption. + * + * @param des + * the Des3 object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Des3_CbcEncrypt_fips(Des3 des, byte[] out, + byte[] in, long sz); + + /** + * Performs des3 CBC Decryption. + * + * @param des + * the Des3 object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Des3_CbcDecrypt_fips(Des3 des, ByteBuffer out, + ByteBuffer in, long sz); + + /** + * Performs des3 CBC Decryption. + * + * @param des + * the Des3 object. + * @param out + * the output buffer. + * @param in + * the input buffer. + * @param sz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Des3_CbcDecrypt_fips(Des3 des, byte[] out, + byte[] in, long sz); + + /* + * wolfCrypt FIPS API - Keyed hash Service + */ + + /* HMAC */ + + /** + * Initializes Hmac object with type and key. + * + * @param hmac + * the Hmac object. + * @param type + * the digest id. + * @param key + * the key buffer. + * @param keySz + * the key length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int HmacSetKey_fips(Hmac hmac, int type, + ByteBuffer key, long keySz); + + /** + * Initializes Hmac object with type and key. + * + * @param hmac + * the Hmac object. + * @param type + * the digest id. + * @param key + * the key buffer. + * @param keySz + * the key length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int HmacSetKey_fips(Hmac hmac, int type, + byte[] key, long keySz); + + /** + * Updates Hmac object with data. + * + * @param hmac + * the Hmac object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int HmacUpdate_fips(Hmac hmac, ByteBuffer data, + long len); + + /** + * Updates Hmac object with data. + * + * @param hmac + * the Hmac object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int HmacUpdate_fips(Hmac hmac, byte[] data, + long len); + + /** + * Outputs Hmac digest to hash. + * + * @param hmac + * the Hmac object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int HmacFinal_fips(Hmac hmac, ByteBuffer hash); + + /** + * Outputs Hmac digest to hash. + * + * @param hmac + * the Hmac object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int HmacFinal_fips(Hmac hmac, byte[] hash); + + /* + * wolfCrypt FIPS API - Random number generation Service + */ + + /* RNG */ + + /** + * Initializes RNG object's resources and state. FreeRng_fips must be called + * for resources deallocation. + * + * @param rng + * the RNG object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int InitRng_fips(Rng rng); + + /** + * Releases RNG object's resources and zeros out state. + * + * @param rng + * the RNG object. + * + * @return 0 on success, {@literal <} 0 on error. Also part of Zeroize + * Service. + */ + public static native int FreeRng_fips(Rng rng); + + /** + * Outputs block of random data from RNG object. + * + * @param rng + * the RNG object. + * @param buf + * the output buffer. + * @param bufSz + * the output length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RNG_GenerateBlock_fips(Rng rng, ByteBuffer buf, + long bufSz); + + /** + * Outputs block of random data from RNG object. + * + * @param rng + * the RNG object. + * @param buf + * the output buffer. + * @param bufSz + * the output length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RNG_GenerateBlock_fips(Rng rng, byte[] buf, + long bufSz); + + /** + * When reseed is 0, tests the output of a temporary instance of an RNG + * against the expected output of size in bytes outputSz using the seed + * buffer entropyA of size in bytes entropyASz, where entropyB and + * entropyBSz are ignored. When reseed is 1, the test also reseeds the + * temporary instance of the RNG with the seed buffer entropyB of size in + * bytes entropyBSz and then tests the RNG against the expected output of + * size in bytes outputSz. + * + * @param reseed + * the reseed flag. + * @param entropyA + * the entropyA buffer. + * @param entropyASz + * the entropyA length. + * @param entropyB + * the entropyB buffer. + * @param entropyBSz + * the entropyB length. + * @param output + * the output buffer. + * @param outputSz + * the output length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RNG_HealthTest_fips(int reseed, + ByteBuffer entropyA, long entropyASz, ByteBuffer entropyB, + long entropyBSz, ByteBuffer output, long outputSz); + + /** + * When reseed is 0, tests the output of a temporary instance of an RNG + * against the expected output of size in bytes outputSz using the seed + * buffer entropyA of size in bytes entropyASz, where entropyB and + * entropyBSz are ignored. When reseed is 1, the test also reseeds the + * temporary instance of the RNG with the seed buffer entropyB of size in + * bytes entropyBSz and then tests the RNG against the expected output of + * size in bytes outputSz. + * + * @param reseed + * the reseed flag. + * @param entropyA + * the entropyA buffer. + * @param entropyASz + * the entropyA length. + * @param entropyB + * the entropyB buffer. + * @param entropyBSz + * the entropyB length. + * @param output + * the output buffer. + * @param outputSz + * the output length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RNG_HealthTest_fips(int reseed, + byte[] entropyA, long entropyASz, byte[] entropyB, + long entropyBSz, byte[] output, long outputSz); + + /* + * wolfCrypt FIPS API - Digital signature and Key transport Services + */ + + /* RSA */ + + /** + * Initializes Rsa object for use with optional heap hint p. FreeRsaKey_fips + * must be called for resources deallocation. + * + * @param key + * the Rsa object. + * @param heap + * the (optional) heap. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int InitRsaKey_fips(Rsa key, ByteBuffer heap); + + /** + * Releases Rsa object's resources. + * + * @param key + * the Rsa object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int FreeRsaKey_fips(Rsa key); + + /** + * Performs Rsa Signing Operation. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param out + * the output buffer. + * @param outLen + * the output length. + * @param key + * the Rsa object. + * @param rng + * the random source for padding. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaSSL_Sign_fips(ByteBuffer in, long inLen, + ByteBuffer out, long outLen, Rsa key, Rng rng); + + /** + * Performs Rsa Signing Operation. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param out + * the output buffer. + * @param outLen + * the output length. + * @param key + * the Rsa object. + * @param rng + * the random source for padding. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaSSL_Sign_fips(byte[] in, long inLen, + byte[] out, long outLen, Rsa key, Rng rng); + + /** + * Performs Rsa Signature Verification. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param out + * the output buffer. + * @param outLen + * the output length. + * @param key + * the Rsa object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaSSL_Verify_fips(ByteBuffer in, long inLen, + ByteBuffer out, long outLen, Rsa key); + + /** + * Performs Rsa Signature Verification. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param out + * the output buffer. + * @param outLen + * the output length. + * @param key + * the Rsa object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaSSL_Verify_fips(byte[] in, long inLen, + byte[] out, long outLen, Rsa key); + + /** + * Retrieves Rsa Output Size. + * + * @param key + * the Rsa object. + * + * @return key output size {@literal >} 0 on success, {@literal <} 0 on + * error. + */ + public static native int RsaEncryptSize_fips(Rsa key); + + /** + * Decodes Rsa Private Key from buffer. + * + * @param input + * the input buffer. + * @param inOutIdx + * the key's starting index in the input. + * @param key + * the Rsa object. + * @param inSz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaPrivateKeyDecode_fips(ByteBuffer input, + long[] inOutIdx, Rsa key, long inSz); + + /** + * Decodes Rsa Private Key from buffer. + * + * @param input + * the input buffer. + * @param inOutIdx + * the key's starting index in the input. + * @param key + * the Rsa object. + * @param inSz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaPrivateKeyDecode_fips(byte[] input, + long[] inOutIdx, Rsa key, long inSz); + + /** + * Decodes Rsa Public Key from buffer. + * + * @param input + * the input buffer. + * @param inOutIdx + * the key's starting index in the input. + * @param key + * the Rsa object. + * @param inSz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaPublicKeyDecode_fips(ByteBuffer input, + long[] inOutIdx, Rsa key, long inSz); + + /** + * Decodes Rsa Public Key from buffer. + * + * @param input + * the input buffer. + * @param inOutIdx + * the key's starting index in the input. + * @param key + * the Rsa object. + * @param inSz + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaPublicKeyDecode_fips(byte[] input, + long[] inOutIdx, Rsa key, long inSz); + + /* + * wolfCrypt FIPS API - Message digest Service + */ + + /* SHA */ + + /** + * Initializes Sha object for use. + * + * @param sha + * the Sha object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int InitSha_fips(Sha sha); + + /** + * Updates Sha object with data. + * + * @param sha + * the Sha object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ShaUpdate_fips(Sha sha, ByteBuffer data, long len); + + /** + * Updates Sha object with data. + * + * @param sha + * the Sha object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ShaUpdate_fips(Sha sha, byte[] data, long len); + + /** + * Outputs Sha digest to hash. + * + * @param sha + * the Sha object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ShaFinal_fips(Sha sha, ByteBuffer hash); + + /** + * Outputs Sha digest to hash. + * + * @param sha + * the Sha object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ShaFinal_fips(Sha sha, byte[] hash); + + /* SHA256 */ + + /** + * Initializes Sha256 object for use. + * + * @param sha + * the Sha256 object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int InitSha256_fips(Sha256 sha); + + /** + * Updates Sha256 object with data. + * + * @param sha + * the Sha256 object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha256Update_fips(Sha256 sha, ByteBuffer data, + long len); + + /** + * Updates Sha256 object with data. + * + * @param sha + * the Sha256 object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha256Update_fips(Sha256 sha, byte[] data, + long len); + + /** + * Outputs Sha256 digest to hash. + * + * @param sha + * the Sha256 object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha256Final_fips(Sha256 sha, ByteBuffer hash); + + /** + * Outputs Sha256 digest to hash. + * + * @param sha + * the Sha256 object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha256Final_fips(Sha256 sha, byte[] hash); + + /* SHA384 */ + + /** + * Initializes Sha384 object for use. + * + * @param sha + * the Sha384 object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int InitSha384_fips(Sha384 sha); + + /** + * Updates Sha384 object with data. + * + * @param sha + * the Sha384 object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha384Update_fips(Sha384 sha, ByteBuffer data, + long len); + + /** + * Updates Sha384 object with data. + * + * @param sha + * the Sha384 object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha384Update_fips(Sha384 sha, byte[] data, + long len); + + /** + * Outputs Sha384 digest to hash. + * + * @param sha + * the Sha384 object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha384Final_fips(Sha384 sha, ByteBuffer hash); + + /** + * Outputs Sha384 digest to hash. + * + * @param sha + * the Sha384 object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha384Final_fips(Sha384 sha, byte[] hash); + + /* SHA512 */ + + /** + * Initializes Sha512 object for use. + * + * @param sha + * the Sha512 object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int InitSha512_fips(Sha512 sha); + + /** + * Updates Sha512 object with data. + * + * @param sha + * the Sha512 object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha512Update_fips(Sha512 sha, ByteBuffer data, + long len); + + /** + * Updates Sha512 object with data. + * + * @param sha + * the Sha512 object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha512Update_fips(Sha512 sha, byte[] data, + long len); + + /** + * Outputs Sha512 digest to hash. + * + * @param sha + * the Sha512 object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha512Final_fips(Sha512 sha, ByteBuffer hash); + + /** + * Outputs Sha512 digest to hash. + * + * @param sha + * the Sha512 object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Sha512Final_fips(Sha512 sha, byte[] hash); + + /* + * wolfCrypt FIPS API - Show status Service + */ + + /** + * @return The current status of the module. A return code of 0 means the + * module is in a state without errors. Any other return code is the + * specific error state of the module. + */ + public static native int wolfCrypt_GetStatus_fips(); + + /** + * Sets the fips module status. Only available if HAVE_FORCE_FIPS_FAILURE is + * defined on the native library. + * + * @param status + * the new status. + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int wolfCrypt_SetStatus_fips(int status); + + /* + * ### FIPS Allowed Security Methods ####################################### + */ + + /* + * wolfCrypt FIPS API - Key transport Service + */ + + /** + * Performs Rsa Public Encryption. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param out + * the output buffer. + * @param outLen + * the output length. + * @param key + * the Rsa object. + * @param rng + * the random source for padding. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaPublicEncrypt_fips(ByteBuffer in, long inLen, + ByteBuffer out, long outLen, Rsa key, Rng rng); + + /** + * Performs Rsa Public Encryption. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param out + * the output buffer. + * @param outLen + * the output length. + * @param key + * the Rsa object. + * @param rng + * the random source for padding. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaPublicEncrypt_fips(byte[] in, long inLen, + byte[] out, long outLen, Rsa key, Rng rng); + + /** + * Performs Rsa Private Decryption. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param out + * the output buffer. + * @param outLen + * the output length. + * @param key + * the Rsa object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaPrivateDecrypt_fips(ByteBuffer in, long inLen, + ByteBuffer out, long outLen, Rsa key); + + /** + * Performs Rsa Private Decryption. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param out + * the output buffer. + * @param outLen + * the output length. + * @param key + * the Rsa object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int RsaPrivateDecrypt_fips(byte[] in, long inLen, + byte[] out, long outLen, Rsa key); + + /* + * wolfCrypt FIPS API - Message digest MD5 Service + */ + + /** + * Initializes Md5 object for use. + * + * @param md5 + * the Md5 object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int InitMd5(Md5 md5); + + /** + * Updates Md5 object with data. + * + * @param md5 + * the Md5 object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Md5Update(Md5 md5, ByteBuffer data, long len); + + /** + * Updates Md5 object with data. + * + * @param md5 + * the Md5 object. + * @param data + * the input buffer. + * @param len + * the input length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Md5Update(Md5 md5, byte[] data, long len); + + /** + * Outputs Md5 digest to hash. + * + * @param md5 + * the Md5 object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Md5Final(Md5 md5, ByteBuffer hash); + + /** + * Outputs Md5 digest to hash. + * + * @param md5 + * the Md5 object. + * @param hash + * the output buffer. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int Md5Final(Md5 md5, byte[] hash); + + /* + * wolfCrypt FIPS API - Key agreement Service + */ + + /** + * Initializes Dh object for use. FreeDhKey must be called for resources + * deallocation. + * + * @param key + * the Dh object. + */ + public static native void InitDhKey(Dh key); + + /** + * Releases Dh object's resources. + * + * @param key + * the Dh object. + */ + public static native void FreeDhKey(Dh key); + + /** + * Generates the public part pub of size pubSz, private part priv of size + * privSz using rng for Dh key. + * + * @param key + * the Dh object. + * @param rng + * the random source. + * @param priv + * the private part buffer. + * @param privSz + * the private part length. + * @param pub + * the public part buffer. + * @param pubSz + * the the public part length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhGenerateKeyPair(Dh key, Rng rng, + ByteBuffer priv, long[] privSz, ByteBuffer pub, long[] pubSz); + + /** + * Generates the public part pub of size pubSz, private part priv of size + * privSz using rng for Dh key. + * + * @param key + * the Dh object. + * @param rng + * the random source. + * @param priv + * the private part buffer. + * @param privSz + * the private part length. + * @param pub + * the public part buffer. + * @param pubSz + * the the public part length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhGenerateKeyPair(Dh key, Rng rng, + byte[] priv, long[] privSz, byte[] pub, long[] pubSz); + + /** + * Creates the agreement agree of size agreeSz using Dh key private priv of + * size privSz and peer’s public key otherPub of size pubSz. + * + * @param key + * the Dh object. + * @param agree + * the agree buffer. + * @param agreeSz + * the agree length. + * @param priv + * the private part buffer. + * @param privSz + * the private part length. + * @param otherPub + * the peer's public part buffer. + * @param pubSz + * the the public part length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhAgree(Dh key, ByteBuffer agree, long[] agreeSz, + ByteBuffer priv, long privSz, ByteBuffer otherPub, long pubSz); + + /** + * Creates the agreement agree of size agreeSz using Dh key private priv of + * size privSz and peer’s public key otherPub of size pubSz. + * + * @param key + * the Dh object. + * @param agree + * the agree buffer. + * @param agreeSz + * the agree length. + * @param priv + * the private part buffer. + * @param privSz + * the private part length. + * @param otherPub + * the peer's public part buffer. + * @param pubSz + * the the public part length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhAgree(Dh key, byte[] agree, long[] agreeSz, + byte[] priv, long privSz, byte[] otherPub, long pubSz); + + /** + * Decodes the DER group parameters from buffer input starting at index + * inOutIdx of size inSz into Dh key. + * + * @param input + * the parameters buffer. + * @param inOutIdx + * the parameters' starting index. + * @param key + * the Dh object. + * @param inSz + * the parameters buffer length. (not from inOutIdx) + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhKeyDecode(ByteBuffer input, long[] inOutIdx, + Dh key, long inSz); + + /** + * Decodes the DER group parameters from buffer input starting at index + * inOutIdx of size inSz into Dh key. + * + * @param input + * the parameters buffer. + * @param inOutIdx + * the parameters' starting index. + * @param key + * the Dh object. + * @param inSz + * the parameters buffer length. (not from inOutIdx) + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhKeyDecode(byte[] input, long[] inOutIdx, + Dh key, long inSz); + + /** + * Sets the group parameters for the Dh key from the unsigned binary inputs + * p of size pSz and g of size gSz. + * + * @param key + * the Dh object. + * @param p + * the prime buffer. + * @param pSz + * the prime length. + * @param g + * the primitive root molulo p buffer. + * @param gSz + * the primitive root modulo p length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhSetKey(Dh key, ByteBuffer p, long pSz, + ByteBuffer g, long gSz); + + /** + * Sets the group parameters for the Dh key from the unsigned binary inputs + * p of size pSz and g of size gSz. + * + * @param key + * the Dh object. + * @param p + * the prime buffer. + * @param pSz + * the prime length. + * @param g + * the primitive root molulo p buffer. + * @param gSz + * the primitive root modulo p length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhSetKey(Dh key, byte[] p, long pSz, + byte[] g, long gSz); + + /** + * Loads the Dh group parameters. + * + * @param input + * the parameters buffer. + * @param inSz + * the parameters size. + * @param p + * the prime buffer. + * @param pInOutSz + * the prime length. + * @param g + * the primitive root molulo p buffer. + * @param gInOutSz + * the primitive root modulo p length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhParamsLoad(ByteBuffer input, long inSz, + ByteBuffer p, long[] pInOutSz, ByteBuffer g, long[] gInOutSz); + + /** + * Loads the Dh group parameters. + * + * @param input + * the parameters buffer. + * @param inSz + * the parameters size. + * @param p + * the prime buffer. + * @param pInOutSz + * the prime length. + * @param g + * the primitive root molulo p buffer. + * @param gInOutSz + * the primitive root modulo p length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int DhParamsLoad(byte[] input, long inSz, + byte[] p, long[] pInOutSz, byte[] g, long[] gInOutSz); + + /** + * Initializes Ecc object for use. ecc_free must be called for resources + * deallocation. + * + * @param key + * the Ecc object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ecc_init(Ecc key); + + /** + * Releases Ecc object's resources. + * + * @param key + * the Ecc object. + */ + public static native void ecc_free(Ecc key); + + /** + * Generates a new ecc key of size keysize using rng. + * + * @param rng + * the random source. + * @param keysize + * the key length. + * @param key + * the Ecc object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ecc_make_key(Rng rng, int keysize, Ecc key); + + /** + * Creates the shared secret out of size outlen using ecc private_key and + * the peer’s ecc public_key. + * + * @param private_key + * the Ecc object for the private key. + * @param public_key + * the Ecc object for the peer's public key. + * @param out + * the output buffer. + * @param outlen + * the output length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ecc_shared_secret(Ecc private_key, Ecc public_key, + ByteBuffer out, long[] outlen); + + /** + * Creates the shared secret out of size outlen using ecc private_key and + * the peer’s ecc public_key. + * + * @param private_key + * the Ecc object for the private key. + * @param public_key + * the Ecc object for the peer's public key. + * @param out + * the output buffer. + * @param outlen + * the output length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ecc_shared_secret(Ecc private_key, Ecc public_key, + byte[] out, long[] outlen); + + /** + * Imports the public ecc key from in of length inLen in x963 format. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param key + * the Ecc object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ecc_import_x963(ByteBuffer in, long inLen, + Ecc key); + + /** + * Imports the public ecc key from in of length inLen in x963 format. + * + * @param in + * the input buffer. + * @param inLen + * the input length. + * @param key + * the Ecc object. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ecc_import_x963(byte[] in, long inLen, + Ecc key); + + /** + * Exports the public ecc key into out of length outLen in x963 format. + * + * @param key + * the Ecc object. + * @param out + * the output buffer. + * @param outLen + * the output length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ecc_export_x963(Ecc key, ByteBuffer out, + long[] outLen); + + /** + * Exports the public ecc key into out of length outLen in x963 format. + * + * @param key + * the Ecc object. + * @param out + * the output buffer. + * @param outLen + * the output length. + * + * @return 0 on success, {@literal <} 0 on error. + */ + public static native int ecc_export_x963(Ecc key, byte[] out, + long[] outLen); +} diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Hmac.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Hmac.java new file mode 100644 index 0000000..14791b8 --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Hmac.java @@ -0,0 +1,214 @@ +/* Hmac.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import com.wolfssl.wolfcrypt.WolfCrypt; +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Hmac implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Hmac extends NativeStruct { + + private enum hashType { + typeMD5, typeSHA, typeSHA256, typeSHA384, typeSHA512, typeBLAKE2b; + } + + public static final int MD5 = getHashCode(hashType.typeMD5); + public static final int SHA = getHashCode(hashType.typeSHA); + public static final int SHA256 = getHashCode(hashType.typeSHA256); + public static final int SHA384 = getHashCode(hashType.typeSHA384); + public static final int SHA512 = getHashCode(hashType.typeSHA512); + public static final int BLAKE2b = getHashCode(hashType.typeBLAKE2b); + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + private int type = -1; + private byte[] key; + + public Hmac() { + } + + public Hmac(int type, byte[] key) { + setKey(type, key); + } + + private native void wc_HmacSetKey(int type, byte[] key); + + private native void wc_HmacUpdate(byte data); + + private native void wc_HmacUpdate(byte[] data, int offset, int length); + + private native void wc_HmacUpdate(ByteBuffer data, int offset, int length); + + private native byte[] wc_HmacFinal(); + + private native int wc_HmacSizeByType(int type); + + private native static int getCodeMd5(); + + private native static int getCodeSha(); + + private native static int getCodeSha256(); + + private native static int getCodeSha384(); + + private native static int getCodeSha512(); + + private native static int getCodeBlake2b(); + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + public void setKey(int type, byte[] key) { + wc_HmacSetKey(type, key); + this.type = type; + this.key = key; + + state = WolfCryptState.READY; + } + + public void reset() { + if (state == WolfCryptState.READY) { + setKey(type, key); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public void update(byte data) { + if (state == WolfCryptState.READY) { + wc_HmacUpdate(data); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public void update(byte[] data) { + if (state == WolfCryptState.READY) { + wc_HmacUpdate(data, 0, data.length); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public void update(byte[] data, int offset, int length) { + if (state == WolfCryptState.READY) { + wc_HmacUpdate(data, offset, length); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public void update(ByteBuffer data) { + if (state == WolfCryptState.READY) { + int offset = data.position(); + int length = data.remaining(); + + wc_HmacUpdate(data, offset, length); + + data.position(offset + length); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public byte[] doFinal() { + if (state == WolfCryptState.READY) { + return wc_HmacFinal(); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public byte[] doFinal(byte[] data) { + if (state == WolfCryptState.READY) { + update(data); + return wc_HmacFinal(); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public String getAlgorithm() { + if (state == WolfCryptState.READY) { + + if (type == MD5) { + return "HmacMD5"; + } + else if (type == SHA256) { + return "HmacSHA256"; + } + else if (type == SHA384) { + return "HmacSHA384"; + } + else if (type == SHA512) { + return "HmacSHA512"; + } + else if (type == BLAKE2b) { + return "HmacBLAKE2b"; + } else { + return ""; + } + + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + public int getMacLength() { + if (state == WolfCryptState.READY) { + return wc_HmacSizeByType(type); + } else { + throw new IllegalStateException( + "No available key to perform the opperation."); + } + } + + private static int getHashCode(hashType hash) { + switch (hash) { + case typeMD5: + return getCodeMd5(); + case typeSHA: + return getCodeSha(); + case typeSHA256: + return getCodeSha256(); + case typeSHA384: + return getCodeSha384(); + case typeSHA512: + return getCodeSha512(); + case typeBLAKE2b: + return getCodeBlake2b(); + default: + return WolfCrypt.FAILURE; + } + } +} diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Md5.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Md5.java new file mode 100644 index 0000000..78e9338 --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Md5.java @@ -0,0 +1,61 @@ +/* Md5.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Md5 implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Md5 extends MessageDigest { + + public static final int TYPE = 0; /* hash type unique */ + public static final int DIGEST_SIZE = 16; + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + protected native void native_init(); + + protected native void native_update(ByteBuffer data, int offset, int len); + + protected native void native_update(byte[] data, int offset, int len); + + protected native void native_final(ByteBuffer hash, int offset); + + protected native void native_final(byte[] hash); + + public Md5() { + init(); + } + + public Md5(byte[] data) { + init(); + update(data); + } + + public int digestSize() { + return DIGEST_SIZE; + } +} diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/MessageDigest.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/MessageDigest.java new file mode 100644 index 0000000..6e2aeaa --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/MessageDigest.java @@ -0,0 +1,142 @@ +/* MessageDigest.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +import javax.crypto.ShortBufferException; + +/** + * Common API for Message Digests. + * + * @author Moisés Guimarães + * @version 1.0, March 2017 + */ +public abstract class MessageDigest extends NativeStruct { + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + protected abstract void native_init(); + + protected abstract void native_update(ByteBuffer data, int offset, + int length); + + protected abstract void native_update(byte[] data, int offset, int length); + + protected abstract void native_final(ByteBuffer hash, int offset); + + protected abstract void native_final(byte[] hash); + + public abstract int digestSize(); + + public void init() { + native_init(); + state = WolfCryptState.READY; + } + + public void update(ByteBuffer data, int length) { + if (state == WolfCryptState.READY) { + length = Math.min(length, data.remaining()); + + native_update(data, data.position(), length); + data.position(data.position() + length); + } else { + throw new IllegalStateException( + "Object must be initialized before use"); + } + } + + public void update(ByteBuffer data) { + update(data, data.remaining()); + } + + public void update(byte[] data, int offset, int len) { + if (state == WolfCryptState.READY) { + if (offset >= data.length || offset < 0 || len < 0) + return; + + if (data.length - offset < len) + len = data.length - offset; + + native_update(data, offset, len); + } else { + throw new IllegalStateException( + "Object must be initialized before use"); + } + } + + public void update(byte[] data, int len) { + update(data, 0, len); + } + + public void update(byte[] data) { + update(data, 0, data.length); + } + + public void digest(ByteBuffer hash) throws ShortBufferException { + if (state == WolfCryptState.READY) { + if (hash.remaining() < digestSize()) + throw new ShortBufferException( + "Input buffer is too small for digest size"); + + native_final(hash, hash.position()); + hash.position(hash.position() + digestSize()); + } else { + throw new IllegalStateException( + "Object must be initialized before use"); + } + } + + public void digest(byte[] hash) throws ShortBufferException { + if (state == WolfCryptState.READY) { + if (hash.length < digestSize()) + throw new ShortBufferException( + "Input buffer is too small for digest size"); + + native_final(hash); + } else { + throw new IllegalStateException( + "Object must be initialized before use"); + } + } + + public byte[] digest() { + if (state == WolfCryptState.READY) { + byte[] hash = new byte[digestSize()]; + + native_final(hash); + + return hash; + } else { + throw new IllegalStateException( + "Object must be initialized before use"); + } + } + + @Override + public void releaseNativeStruct() { + + /* reset state first, then free */ + state = WolfCryptState.UNINITIALIZED; + setNativeStruct(NULL); + } +} diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Rng.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Rng.java new file mode 100644 index 0000000..7513257 --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Rng.java @@ -0,0 +1,93 @@ +/* Rng.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Rng implementation. + * + * @author Moisés Guimarães + * @version 1.0, March 2015 + */ +public class Rng extends NativeStruct { + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + + /* native wrappers called by public functions below */ + private native void initRng(); + + private native void freeRng(); + + private native void rngGenerateBlock(ByteBuffer buffer, int offset, + int length); + + private native void rngGenerateBlock(byte[] buffer, int offset, int length); + + @Override + public void releaseNativeStruct() { + free(); + + super.releaseNativeStruct(); + } + + public void init() { + if (state == WolfCryptState.UNINITIALIZED) { + initRng(); + state = WolfCryptState.INITIALIZED; + } + } + + public void free() { + if (state == WolfCryptState.INITIALIZED) { + freeRng(); + state = WolfCryptState.UNINITIALIZED; + } + } + + public void generateBlock(ByteBuffer buffer) { + init(); + + rngGenerateBlock(buffer, buffer.position(), buffer.remaining()); + buffer.position(buffer.position() + buffer.remaining()); + } + + public void generateBlock(byte[] buffer, int offset, int length) { + init(); + + rngGenerateBlock(buffer, offset, length); + } + + public void generateBlock(byte[] buffer) { + generateBlock(buffer, 0, buffer.length); + } + + public byte[] generateBlock(int length) { + byte[] buffer = new byte[length]; + + generateBlock(buffer, 0, length); + + return buffer; + } +} diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Rsa.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Rsa.java new file mode 100644 index 0000000..e6b7a0a --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Rsa.java @@ -0,0 +1,229 @@ +/* Rsa.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Rsa implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Rsa extends NativeStruct { + + private WolfCryptState state = WolfCryptState.UNINITIALIZED; + private boolean hasPrivateKey = false; + private Rng rng; + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + private native void wc_RsaPublicKeyDecodeRaw(ByteBuffer n, long nSize, + ByteBuffer e, long eSize); + + private native void wc_RsaPublicKeyDecodeRaw(byte[] n, long nSize, byte[] e, + long eSize); + + private native void RsaFlattenPublicKey(ByteBuffer n, ByteBuffer e); + + private native void RsaFlattenPublicKey(byte[] n, long[] nSize, byte[] e, + long[] eSize); + + private native void MakeRsaKey(int size, long e, Rng rng); + + private native void wc_InitRsaKey(); + + private native void wc_FreeRsaKey(); + + private native boolean wc_RsaSetRNG(Rng rng); + + private native void wc_RsaPrivateKeyDecode(byte[] key); + + private native void wc_RsaPrivateKeyDecodePKCS8(byte[] key); + + private native void wc_RsaPublicKeyDecode(byte[] key); + + private native int wc_RsaEncryptSize(); + + private native byte[] wc_RsaPublicEncrypt(byte[] data, Rng rng); + + private native byte[] wc_RsaPrivateDecrypt(byte[] data); + + private native byte[] wc_RsaSSL_Sign(byte[] data, Rng rng); + + private native byte[] wc_RsaSSL_Verify(byte[] data); + + public Rsa() { + /* Lazy init for Fips compatibility */ + } + + public Rsa(byte[] key) { + decodePrivateKey(key); + } + + public Rsa(byte[] n, byte[] e) { + decodeRawPublicKey(n, e); + } + + public void setRng(Rng rng) { + init(); + + if (wc_RsaSetRNG(rng)) + this.rng = rng; + } + + @Override + public void releaseNativeStruct() { + free(); + + super.releaseNativeStruct(); + } + + protected void init() { + if (state == WolfCryptState.UNINITIALIZED) { + wc_InitRsaKey(); + state = WolfCryptState.INITIALIZED; + } + } + + protected void willSetKey() { + init(); + + if (state != WolfCryptState.INITIALIZED) + throw new IllegalStateException("Object already has a key."); + } + + protected void willUseKey(boolean priv) { + if (priv && !hasPrivateKey) + throw new IllegalStateException( + "No available private key to perform the opperation."); + + if (state != WolfCryptState.READY) + throw new IllegalStateException( + "No available key to perform the opperation."); + } + + protected void free() { + if (state != WolfCryptState.UNINITIALIZED) { + wc_FreeRsaKey(); + state = WolfCryptState.UNINITIALIZED; + } + } + + public void makeKey(int size, long e, Rng rng) { + willSetKey(); + + MakeRsaKey(size, e, rng); + + state = WolfCryptState.READY; + hasPrivateKey = true; + } + + public void decodePublicKey(byte[] key) { + willSetKey(); + + wc_RsaPublicKeyDecode(key); + state = WolfCryptState.READY; + } + + public void decodePrivateKey(byte[] key) { + willSetKey(); + + wc_RsaPrivateKeyDecode(key); + state = WolfCryptState.READY; + hasPrivateKey = true; + } + + public void decodePrivateKeyPKCS8(byte[] key) { + willSetKey(); + + wc_RsaPrivateKeyDecodePKCS8(key); + + state = WolfCryptState.READY; + hasPrivateKey = true; + } + + public void decodeRawPublicKey(byte[] n, byte[] e) { + decodeRawPublicKey(n, n.length, e, e.length); + } + + public void decodeRawPublicKey(byte[] n, long nSize, byte[] e, long eSize) { + willSetKey(); + + wc_RsaPublicKeyDecodeRaw(n, nSize, e, eSize); + state = WolfCryptState.READY; + } + + public void decodeRawPublicKey(ByteBuffer n, ByteBuffer e) { + decodeRawPublicKey(n, n.limit(), e, e.limit()); + } + + public void decodeRawPublicKey(ByteBuffer n, long nSz, ByteBuffer e, + long eSz) { + willSetKey(); + + wc_RsaPublicKeyDecodeRaw(n, nSz, e, eSz); + state = WolfCryptState.READY; + } + + public void exportRawPublicKey(byte[] n, long[] nSz, byte[] e, long[] eSz) { + willUseKey(false); + + RsaFlattenPublicKey(n, nSz, e, eSz); + } + + public void exportRawPublicKey(ByteBuffer n, ByteBuffer e) { + willUseKey(false); + + RsaFlattenPublicKey(n, e); + } + + public int getEncryptSize() { + willUseKey(false); + + return wc_RsaEncryptSize(); + } + + public byte[] encrypt(byte[] plain, Rng rng) { + willUseKey(false); + + return wc_RsaPublicEncrypt(plain, rng); + } + + public byte[] decrypt(byte[] ciphertext) { + willUseKey(true); + + return wc_RsaPrivateDecrypt(ciphertext); + } + + public byte[] sign(byte[] data, Rng rng) { + willUseKey(true); + + return wc_RsaSSL_Sign(data, rng); + } + + public byte[] verify(byte[] signature) { + willUseKey(false); + + return wc_RsaSSL_Verify(signature); + } +} diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha.java new file mode 100644 index 0000000..f8d96bc --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha.java @@ -0,0 +1,61 @@ +/* Sha.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Sha implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Sha extends MessageDigest { + + public static final int TYPE = 1; /* hash type unique */ + public static final int DIGEST_SIZE = 20; + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + protected native void native_init(); + + protected native void native_update(ByteBuffer data, int offset, int len); + + protected native void native_update(byte[] data, int offset, int len); + + protected native void native_final(ByteBuffer hash, int offset); + + protected native void native_final(byte[] hash); + + public Sha() { + init(); + } + + public Sha(byte[] data) { + init(); + update(data); + } + + public int digestSize() { + return DIGEST_SIZE; + } +} diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha256.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha256.java new file mode 100644 index 0000000..1c5dafe --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha256.java @@ -0,0 +1,62 @@ +/* Sha256.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Sha256 implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Sha256 extends MessageDigest { + + public static final int TYPE = 2; /* hash type unique */ + public static final int DIGEST_SIZE = 32; + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + protected native void native_init(); + + protected native void native_update(ByteBuffer data, int offset, int len); + + protected native void native_update(byte[] data, int offset, int len); + + protected native void native_final(ByteBuffer hash, int offset); + + protected native void native_final(byte[] hash); + + public Sha256() { + init(); + } + + public Sha256(byte[] data) { + init(); + update(data); + } + + public int digestSize() { + return DIGEST_SIZE; + } +} + diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha384.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha384.java new file mode 100644 index 0000000..654c25b --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha384.java @@ -0,0 +1,62 @@ +/* Sha384.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Sha384 implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Sha384 extends MessageDigest { + + public static final int TYPE = 5; /* hash type unique */ + public static final int DIGEST_SIZE = 48; + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + protected native void native_init(); + + protected native void native_update(ByteBuffer data, int offset, int len); + + protected native void native_update(byte[] data, int offset, int len); + + protected native void native_final(ByteBuffer hash, int offset); + + protected native void native_final(byte[] hash); + + public Sha384() { + init(); + } + + public Sha384(byte[] data) { + init(); + update(data); + } + + public int digestSize() { + return DIGEST_SIZE; + } +} + diff --git a/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha512.java b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha512.java new file mode 100644 index 0000000..343d98c --- /dev/null +++ b/wolfssl-jni/src/main/java/com/wolfssl/wolfcrypt/Sha512.java @@ -0,0 +1,62 @@ +/* Sha512.java + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +package com.wolfssl.wolfcrypt; + +import java.nio.ByteBuffer; + +/** + * Wrapper for the native WolfCrypt Sha512 implementation. + * + * @author Moisés Guimarães + * @version 2.0, March 2017 + */ +public class Sha512 extends MessageDigest { + + public static final int TYPE = 4; /* hash type unique */ + public static final int DIGEST_SIZE = 64; + + protected native long mallocNativeStruct() throws OutOfMemoryError; + + protected native void native_init(); + + protected native void native_update(ByteBuffer data, int offset, int len); + + protected native void native_update(byte[] data, int offset, int len); + + protected native void native_final(ByteBuffer hash, int offset); + + protected native void native_final(byte[] hash); + + public Sha512() { + init(); + } + + public Sha512(byte[] data) { + init(); + update(data); + } + + public int digestSize() { + return DIGEST_SIZE; + } +} + diff --git a/wolfssl-jni/src/test/java/com/wolfssl/wolfcrypt/test/AesTest.java b/wolfssl-jni/src/test/java/com/wolfssl/wolfcrypt/test/AesTest.java index 232290f..25701af 100644 --- a/wolfssl-jni/src/test/java/com/wolfssl/wolfcrypt/test/AesTest.java +++ b/wolfssl-jni/src/test/java/com/wolfssl/wolfcrypt/test/AesTest.java @@ -54,7 +54,7 @@ public class AesTest { Assume.assumeNoException(e); } catch (UnsatisfiedLinkError e) { - System.out.println("Native code library failed to load.\n" + e.getError()); + System.out.println("Native code library failed to load.\n" + e.getMessage()); Assume.assumeNoException(e); } }