From 9e025b75ce89637f816b1fc2cb15bdf018ab9767 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Mon, 3 Mar 2025 14:00:27 -0700 Subject: [PATCH] JCE: add SHA224withRSA and SHA224withECDSA to Signature implementation --- README_JCE.md | 2 + .../provider/jce/WolfCryptProvider.java | 6 ++ .../provider/jce/WolfCryptSignature.java | 67 ++++++++++++++++++- .../jce/test/WolfCryptSignatureTest.java | 14 ++-- 4 files changed, 81 insertions(+), 8 deletions(-) diff --git a/README_JCE.md b/README_JCE.md index 3adba67..e80d05d 100644 --- a/README_JCE.md +++ b/README_JCE.md @@ -116,10 +116,12 @@ The JCE provider currently supports the following algorithms: Signature Class MD5withRSA SHA1withRSA + SHA224withRSA SHA256withRSA SHA384withRSA SHA512withRSA SHA1withECDSA + SHA224withECDSA SHA256withECDSA SHA384withECDSA SHA512withECDSA diff --git a/src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java b/src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java index 439e17a..a66f9ca 100644 --- a/src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java +++ b/src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java @@ -114,6 +114,12 @@ public final class WolfCryptProvider extends Provider { put("Signature.SHA1withECDSA", "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA1wECDSA"); } + if (FeatureDetect.Sha224Enabled()) { + put("Signature.SHA224withRSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA224wRSA"); + put("Signature.SHA224withECDSA", + "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA224wECDSA"); + } if (FeatureDetect.Sha256Enabled()) { put("Signature.SHA256withRSA", "com.wolfssl.provider.jce.WolfCryptSignature$wcSHA256wRSA"); diff --git a/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java b/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java index a246132..b557d4a 100644 --- a/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java +++ b/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java @@ -39,6 +39,7 @@ import javax.crypto.ShortBufferException; import com.wolfssl.wolfcrypt.Asn; import com.wolfssl.wolfcrypt.Md5; import com.wolfssl.wolfcrypt.Sha; +import com.wolfssl.wolfcrypt.Sha224; import com.wolfssl.wolfcrypt.Sha256; import com.wolfssl.wolfcrypt.Sha384; import com.wolfssl.wolfcrypt.Sha512; @@ -60,14 +61,16 @@ public class WolfCryptSignature extends SignatureSpi { enum DigestType { WC_MD5, WC_SHA1, + WC_SHA224, WC_SHA256, WC_SHA384, WC_SHA512 } - /* internal hash type sums */ + /* internal hash type sums (asn.h) */ private int MD5h = 649; private int SHAh = 88; + private int SHA224h = 417; private int SHA256h = 414; private int SHA384h = 415; private int SHA512h = 416; @@ -79,6 +82,7 @@ public class WolfCryptSignature extends SignatureSpi { /* internal hash objects */ private Md5 md5 = null; private Sha sha = null; + private Sha224 sha224 = null; private Sha256 sha256 = null; private Sha384 sha384 = null; private Sha512 sha512 = null; @@ -127,6 +131,12 @@ public class WolfCryptSignature extends SignatureSpi { this.internalHashSum = SHAh; break; + case WC_SHA224: + this.sha224 = new Sha224(); + this.digestSz = Sha224.DIGEST_SIZE; + this.internalHashSum = SHA224h; + break; + case WC_SHA256: this.sha256 = new Sha256(); this.digestSz = Sha256.DIGEST_SIZE; @@ -255,6 +265,10 @@ public class WolfCryptSignature extends SignatureSpi { this.sha.init(); break; + case WC_SHA224: + this.sha224.init(); + break; + case WC_SHA256: this.sha256.init(); break; @@ -321,6 +335,10 @@ public class WolfCryptSignature extends SignatureSpi { this.sha.init(); break; + case WC_SHA224: + this.sha224.init(); + break; + case WC_SHA256: this.sha256.init(); break; @@ -366,6 +384,10 @@ public class WolfCryptSignature extends SignatureSpi { this.sha.digest(digest); break; + case WC_SHA224: + this.sha224.digest(digest); + break; + case WC_SHA256: this.sha256.digest(digest); break; @@ -452,6 +474,10 @@ public class WolfCryptSignature extends SignatureSpi { this.sha.update(b, off, len); break; + case WC_SHA224: + this.sha224.update(b, off, len); + break; + case WC_SHA256: this.sha256.update(b, off, len); break; @@ -490,6 +516,10 @@ public class WolfCryptSignature extends SignatureSpi { this.sha.digest(digest); break; + case WC_SHA224: + this.sha224.digest(digest); + break; + case WC_SHA256: this.sha256.digest(digest); break; @@ -581,6 +611,8 @@ public class WolfCryptSignature extends SignatureSpi { return "MD5"; case WC_SHA1: return "SHA"; + case WC_SHA224: + return "SHA224"; case WC_SHA256: return "SHA256"; case WC_SHA384: @@ -608,6 +640,9 @@ public class WolfCryptSignature extends SignatureSpi { if (this.sha != null) this.sha.releaseNativeStruct(); + if (this.sha224 != null) + this.sha224.releaseNativeStruct(); + if (this.sha256 != null) this.sha256.releaseNativeStruct(); @@ -668,6 +703,21 @@ public class WolfCryptSignature extends SignatureSpi { } } + /** + * wolfJCE SHA224wRSA signature class + */ + public static final class wcSHA224wRSA extends WolfCryptSignature { + /** + * Create new wcSHA224wRSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA224wRSA() throws NoSuchAlgorithmException { + super(KeyType.WC_RSA, DigestType.WC_SHA224); + } + } + /** * wolfJCE SHA256wRSA signature class */ @@ -728,6 +778,21 @@ public class WolfCryptSignature extends SignatureSpi { } } + /** + * wolfJCE SHA224wECDSA signature class + */ + public static final class wcSHA224wECDSA extends WolfCryptSignature { + /** + * Create new wcSHA224wECDSA object + * + * @throws NoSuchAlgorithmException if signature type is not + * available in native wolfCrypt library + */ + public wcSHA224wECDSA() throws NoSuchAlgorithmException { + super(KeyType.WC_ECDSA, DigestType.WC_SHA224); + } + } + /** * wolfJCE SHA256wECDSA signature class */ diff --git a/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java b/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java index c4bd94f..f4df715 100644 --- a/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java +++ b/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java @@ -58,10 +58,12 @@ public class WolfCryptSignatureTest { private static String wolfJCEAlgos[] = { "SHA1withRSA", + "SHA224withRSA", "SHA256withRSA", "SHA384withRSA", "SHA512withRSA", "SHA1withECDSA", + "SHA224withECDSA", "SHA256withECDSA", "SHA384withECDSA", "SHA512withECDSA" @@ -84,8 +86,6 @@ public class WolfCryptSignatureTest { public static void testProviderInstallationAtRuntime() throws NoSuchProviderException { - Signature sig; - System.out.println("JCE WolfCryptSignature Class"); /* install wolfJCE provider at runtime */ @@ -98,7 +98,8 @@ public class WolfCryptSignatureTest { * compiled out */ for (int i = 0; i < wolfJCEAlgos.length; i++) { try { - sig = Signature.getInstance(wolfJCEAlgos[i], "wolfJCE"); + Signature sig = + Signature.getInstance(wolfJCEAlgos[i], "wolfJCE"); assertNotNull(sig); enabledAlgos.add(wolfJCEAlgos[i]); } catch (NoSuchAlgorithmException e) { @@ -111,17 +112,16 @@ public class WolfCryptSignatureTest { public void testGetSignatureFromProvider() throws NoSuchProviderException, NoSuchAlgorithmException { - Signature sig; - /* try to get all available options we expect to have */ for (int i = 0; i < enabledAlgos.size(); i++) { - sig = Signature.getInstance(enabledAlgos.get(i), "wolfJCE"); + Signature sig = + Signature.getInstance(enabledAlgos.get(i), "wolfJCE"); assertNotNull(sig); } /* asking for a bad algo should throw an exception */ try { - sig = Signature.getInstance("invalidalgo", "wolfJCE"); + Signature.getInstance("invalidalgo", "wolfJCE"); fail("Requesting an invalid algorithm from Signature " + "object should throw an exception"); } catch (NoSuchAlgorithmException e) { }