diff --git a/README_JCE.md b/README_JCE.md index fcb65f7..89a9941 100644 --- a/README_JCE.md +++ b/README_JCE.md @@ -128,11 +128,19 @@ The JCE provider currently supports the following algorithms: SHA256withRSA SHA384withRSA SHA512withRSA + SHA3-224withRSA + SHA3-256withRSA + SHA3-384withRSA + SHA3-512withRSA SHA1withECDSA SHA224withECDSA SHA256withECDSA SHA384withECDSA SHA512withECDSA + SHA3-224withECDSA + SHA3-256withECDSA + SHA3-384withECDSA + SHA3-512withECDSA KeyAgreement Class DiffieHellman diff --git a/src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java b/src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java index a5553f7..1bb3e37 100644 --- a/src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java +++ b/src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java @@ -148,6 +148,25 @@ public final class WolfCryptProvider extends Provider { put("Signature.SHA512withECDSA", "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA512wECDSA"); } + if (FeatureDetect.Sha3Enabled()) { + put("Signature.SHA3-224withRSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_224wRSA"); + put("Signature.SHA3-256withRSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_256wRSA"); + put("Signature.SHA3-384withRSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_384wRSA"); + put("Signature.SHA3-512withRSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_512wRSA"); + + put("Signature.SHA3-224withECDSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_224wECDSA"); + put("Signature.SHA3-256withECDSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_256wECDSA"); + put("Signature.SHA3-384withECDSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_384wECDSA"); + put("Signature.SHA3-512withECDSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_512wECDSA"); + } /* Mac */ if (FeatureDetect.HmacMd5Enabled()) { diff --git a/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java b/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java index b557d4a..4973d21 100644 --- a/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java +++ b/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java @@ -43,6 +43,7 @@ import com.wolfssl.wolfcrypt.Sha224; import com.wolfssl.wolfcrypt.Sha256; import com.wolfssl.wolfcrypt.Sha384; import com.wolfssl.wolfcrypt.Sha512; +import com.wolfssl.wolfcrypt.Sha3; import com.wolfssl.wolfcrypt.Rsa; import com.wolfssl.wolfcrypt.Ecc; import com.wolfssl.wolfcrypt.Rng; @@ -64,7 +65,11 @@ public class WolfCryptSignature extends SignatureSpi { WC_SHA224, WC_SHA256, WC_SHA384, - WC_SHA512 + WC_SHA512, + WC_SHA3_224, + WC_SHA3_256, + WC_SHA3_384, + WC_SHA3_512 } /* internal hash type sums (asn.h) */ @@ -74,6 +79,10 @@ public class WolfCryptSignature extends SignatureSpi { private int SHA256h = 414; private int SHA384h = 415; private int SHA512h = 416; + private int SHA3_224h = 420; + private int SHA3_256h = 421; + private int SHA3_384h = 422; + private int SHA3_512h = 423; /* internal key objects */ private Rsa rsa = null; @@ -86,6 +95,7 @@ public class WolfCryptSignature extends SignatureSpi { private Sha256 sha256 = null; private Sha384 sha384 = null; private Sha512 sha512 = null; + private Sha3 sha3 = null; private KeyType keyType; /* active key type, from KeyType */ private DigestType digestType; /* active digest type, from DigestType */ @@ -155,6 +165,30 @@ public class WolfCryptSignature extends SignatureSpi { this.internalHashSum = SHA512h; break; + case WC_SHA3_224: + this.sha3 = new Sha3(Sha3.TYPE_SHA3_224); + this.digestSz = Sha3.DIGEST_SIZE_224; + this.internalHashSum = SHA3_224h; + break; + + case WC_SHA3_256: + this.sha3 = new Sha3(Sha3.TYPE_SHA3_256); + this.digestSz = Sha3.DIGEST_SIZE_256; + this.internalHashSum = SHA3_256h; + break; + + case WC_SHA3_384: + this.sha3 = new Sha3(Sha3.TYPE_SHA3_384); + this.digestSz = Sha3.DIGEST_SIZE_384; + this.internalHashSum = SHA3_384h; + break; + + case WC_SHA3_512: + this.sha3 = new Sha3(Sha3.TYPE_SHA3_512); + this.digestSz = Sha3.DIGEST_SIZE_512; + this.internalHashSum = SHA3_512h; + break; + default: throw new NoSuchAlgorithmException( "Unsupported signature algorithm digest type"); @@ -280,6 +314,13 @@ public class WolfCryptSignature extends SignatureSpi { case WC_SHA512: this.sha512.init(); break; + + case WC_SHA3_224: + case WC_SHA3_256: + case WC_SHA3_384: + case WC_SHA3_512: + this.sha3.init(); + break; } log("init sign with PrivateKey"); @@ -350,6 +391,12 @@ public class WolfCryptSignature extends SignatureSpi { case WC_SHA512: this.sha512.init(); break; + + case WC_SHA3_224: + case WC_SHA3_256: + case WC_SHA3_384: + case WC_SHA3_512: + this.sha3.init(); } log("init verify with PublicKey"); @@ -399,8 +446,14 @@ public class WolfCryptSignature extends SignatureSpi { case WC_SHA512: this.sha512.digest(digest); break; - } + case WC_SHA3_224: + case WC_SHA3_256: + case WC_SHA3_384: + case WC_SHA3_512: + this.sha3.digest(digest); + break; + } } catch (ShortBufferException e) { throw new SignatureException(e.getMessage()); } @@ -489,6 +542,12 @@ public class WolfCryptSignature extends SignatureSpi { case WC_SHA512: this.sha512.update(b, off, len); break; + + case WC_SHA3_224: + case WC_SHA3_256: + case WC_SHA3_384: + case WC_SHA3_512: + this.sha3.update(b, off, len); } log("update, offset: " + off + ", len: " + len); @@ -531,6 +590,13 @@ public class WolfCryptSignature extends SignatureSpi { case WC_SHA512: this.sha512.digest(digest); break; + + case WC_SHA3_224: + case WC_SHA3_256: + case WC_SHA3_384: + case WC_SHA3_512: + this.sha3.digest(digest); + break; } } catch (ShortBufferException e) { @@ -619,6 +685,14 @@ public class WolfCryptSignature extends SignatureSpi { return "SHA384"; case WC_SHA512: return "SHA512"; + case WC_SHA3_224: + return "SHA3-224"; + case WC_SHA3_256: + return "SHA3-256"; + case WC_SHA3_384: + return "SHA3-384"; + case WC_SHA3_512: + return "SHA3-512"; default: return "None"; } @@ -652,6 +726,9 @@ public class WolfCryptSignature extends SignatureSpi { if (this.sha512 != null) this.sha512.releaseNativeStruct(); + if (this.sha3 != null) + this.sha3.releaseNativeStruct(); + /* free native key objects */ if (this.rsa != null) this.rsa.releaseNativeStruct(); @@ -763,6 +840,66 @@ public class WolfCryptSignature extends SignatureSpi { } } + /** + * wolfJCE SHA3-224wRSA signature class + */ + public static final class wcSHA3_224wRSA extends WolfCryptSignature { + /** + * Create new wcSHA3_224wRSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA3_224wRSA() throws NoSuchAlgorithmException { + super(KeyType.WC_RSA, DigestType.WC_SHA3_224); + } + } + + /** + * wolfJCE SHA3-256wRSA signature class + */ + public static final class wcSHA3_256wRSA extends WolfCryptSignature { + /** + * Create new wcSHA3_256wRSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA3_256wRSA() throws NoSuchAlgorithmException { + super(KeyType.WC_RSA, DigestType.WC_SHA3_256); + } + } + + /** + * wolfJCE SHA3-384wRSA signature class + */ + public static final class wcSHA3_384wRSA extends WolfCryptSignature { + /** + * Create new wcSHA3_384wRSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA3_384wRSA() throws NoSuchAlgorithmException { + super(KeyType.WC_RSA, DigestType.WC_SHA3_384); + } + } + + /** + * wolfJCE SHA3-512wRSA signature class + */ + public static final class wcSHA3_512wRSA extends WolfCryptSignature { + /** + * Create new wcSHA3_512wRSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA3_512wRSA() throws NoSuchAlgorithmException { + super(KeyType.WC_RSA, DigestType.WC_SHA3_512); + } + } + /** * wolfJCE SHA1wECDSA signature class */ @@ -837,5 +974,64 @@ public class WolfCryptSignature extends SignatureSpi { super(KeyType.WC_ECDSA, DigestType.WC_SHA512); } } -} + /** + * wolfJCE SHA3-224wECDSA signature class + */ + public static final class wcSHA3_224wECDSA extends WolfCryptSignature { + /** + * Create new wcSHA3_224wECDSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA3_224wECDSA() throws NoSuchAlgorithmException { + super(KeyType.WC_ECDSA, DigestType.WC_SHA3_224); + } + } + + /** + * wolfJCE SHA3-256wECDSA signature class + */ + public static final class wcSHA3_256wECDSA extends WolfCryptSignature { + /** + * Create new wcSHA3_256wECDSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA3_256wECDSA() throws NoSuchAlgorithmException { + super(KeyType.WC_ECDSA, DigestType.WC_SHA3_256); + } + } + + /** + * wolfJCE SHA3-384wECDSA signature class + */ + public static final class wcSHA3_384wECDSA extends WolfCryptSignature { + /** + * Create new wcSHA3_384wECDSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA3_384wECDSA() throws NoSuchAlgorithmException { + super(KeyType.WC_ECDSA, DigestType.WC_SHA3_384); + } + } + + /** + * wolfJCE SHA3-512wECDSA signature class + */ + public static final class wcSHA3_512wECDSA extends WolfCryptSignature { + /** + * Create new wcSHA3_512wECDSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA3_512wECDSA() throws NoSuchAlgorithmException { + super(KeyType.WC_ECDSA, DigestType.WC_SHA3_512); + } + } +} diff --git a/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java b/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java index f4df715..2108d04 100644 --- a/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java +++ b/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java @@ -62,11 +62,19 @@ public class WolfCryptSignatureTest { "SHA256withRSA", "SHA384withRSA", "SHA512withRSA", + "SHA3-224withRSA", + "SHA3-256withRSA", + "SHA3-384withRSA", + "SHA3-512withRSA", "SHA1withECDSA", "SHA224withECDSA", "SHA256withECDSA", "SHA384withECDSA", - "SHA512withECDSA" + "SHA512withECDSA", + "SHA3-224withECDSA", + "SHA3-256withECDSA", + "SHA3-384withECDSA", + "SHA3-512withECDSA" }; private static ArrayList enabledAlgos =