WolfSSL
/
wolfcrypt-jni
mirror of https://github.com/wolfSSL/wolfcrypt-jni.git
1
0
Fork 0
Code Issues Releases Wiki Activity

call wc_ecc_set_rng() when needed

pull/18/head
Chris Conlon 2020-08-26 10:09:14 -07:00
parent b796d4b0d8
commit b6277811e1
3 changed files with 40 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
jni/include/com_wolfssl_wolfcrypt_Ecc.h
View File

@ -60,10 +60,10 @@ JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1check_1key
/* /*
* Class: com_wolfssl_wolfcrypt_Ecc * Class: com_wolfssl_wolfcrypt_Ecc
* Method: wc_ecc_shared_secret * Method: wc_ecc_shared_secret
* Signature: (Lcom/wolfssl/wolfcrypt/Ecc;)[B * Signature: (Lcom/wolfssl/wolfcrypt/Ecc;Lcom/wolfssl/wolfcrypt/Rng;)[B
*/ */
JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1shared_1secret JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1shared_1secret
(JNIEnv *, jobject, jobject); (JNIEnv *, jobject, jobject, jobject);
/* /*
* Class: com_wolfssl_wolfcrypt_Ecc * Class: com_wolfssl_wolfcrypt_Ecc

19
jni/jni_ecc.c
View File

@ -595,12 +595,13 @@ Java_com_wolfssl_wolfcrypt_Ecc_wc_1EccPublicKeyToDer(
JNIEXPORT jbyteArray JNICALL JNIEXPORT jbyteArray JNICALL
Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1shared_1secret( Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1shared_1secret(
JNIEnv* env, jobject this, jobject pub_object) JNIEnv* env, jobject this, jobject pub_object, jobject rng_object)
{ {
jbyteArray result = NULL; jbyteArray result = NULL;
#ifdef HAVE_ECC_DHE #ifdef HAVE_ECC_DHE
int ret = 0; int ret = 0;
RNG* rng = NULL;
ecc_key* ecc = NULL; ecc_key* ecc = NULL;
ecc_key* pub = NULL; ecc_key* pub = NULL;
byte* output = NULL; byte* output = NULL;
@ -612,6 +613,12 @@ Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1shared_1secret(
return NULL; return NULL;
} }
rng = (RNG*) getNativeStruct(env, rng_object);
if ((*env)->ExceptionOccurred(env)) {
/* getNativeStruct may throw exception, prevent throwing another */
return NULL;
}
pub = (ecc_key*) getNativeStruct(env, pub_object); pub = (ecc_key*) getNativeStruct(env, pub_object);
if ((*env)->ExceptionOccurred(env)) { if ((*env)->ExceptionOccurred(env)) {
/* getNativeStruct may throw exception, prevent throwing another */ /* getNativeStruct may throw exception, prevent throwing another */
@ -626,6 +633,16 @@ Java_com_wolfssl_wolfcrypt_Ecc_wc_1ecc_1shared_1secret(
return result; return result;
} }
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
ret = wc_ecc_set_rng(ecc, rng);
if (ret != 0) {
XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER);
throwWolfCryptExceptionFromError(env, ret);
}
#endif
ret = (!ecc || !pub) ret = (!ecc || !pub)
? BAD_FUNC_ARG ? BAD_FUNC_ARG
: wc_ecc_shared_secret(ecc, pub, output, &outputSz); : wc_ecc_shared_secret(ecc, pub, output, &outputSz);

22
src/main/java/com/wolfssl/wolfcrypt/Ecc.java
View File

@ -26,6 +26,8 @@ import java.security.spec.EllipticCurve;
import java.security.spec.ECParameterSpec; import java.security.spec.ECParameterSpec;
import java.security.spec.ECFieldFp; import java.security.spec.ECFieldFp;
import com.wolfssl.wolfcrypt.Rng;
/** /**
* Wrapper for the native WolfCrypt ecc implementation. * Wrapper for the native WolfCrypt ecc implementation.
* *
@ -36,6 +38,9 @@ public class Ecc extends NativeStruct {
private WolfCryptState state = WolfCryptState.UNINITIALIZED; private WolfCryptState state = WolfCryptState.UNINITIALIZED;
/* used with native wc_ecc_set_rng() */
private Rng rng = null;
public Ecc() { public Ecc() {
init(); init();
} }
@ -59,7 +64,7 @@ public class Ecc extends NativeStruct {
private native void wc_ecc_check_key(); private native void wc_ecc_check_key();
private native byte[] wc_ecc_shared_secret(Ecc pubKey); private native byte[] wc_ecc_shared_secret(Ecc pubKey, Rng rng);
private native void wc_ecc_import_private(byte[] privKey, byte[] x963Key, private native void wc_ecc_import_private(byte[] privKey, byte[] x963Key,
String curveName); String curveName);
@ -95,6 +100,13 @@ public class Ecc extends NativeStruct {
protected void init() { protected void init() {
if (state == WolfCryptState.UNINITIALIZED) { if (state == WolfCryptState.UNINITIALIZED) {
wc_ecc_init(); wc_ecc_init();
/* used with native wc_ecc_set_rng() */
if (rng == null) {
rng = new Rng();
rng.init();
}
state = WolfCryptState.INITIALIZED; state = WolfCryptState.INITIALIZED;
} else { } else {
throw new IllegalStateException( throw new IllegalStateException(
@ -105,6 +117,12 @@ public class Ecc extends NativeStruct {
protected void free() { protected void free() {
if (state != WolfCryptState.UNINITIALIZED) { if (state != WolfCryptState.UNINITIALIZED) {
wc_ecc_free(); wc_ecc_free();
if (this.rng != null) {
rng.free();
rng.releaseNativeStruct();
}
state = WolfCryptState.UNINITIALIZED; state = WolfCryptState.UNINITIALIZED;
} }
} }
@ -220,7 +238,7 @@ public class Ecc extends NativeStruct {
public byte[] makeSharedSecret(Ecc pubKey) { public byte[] makeSharedSecret(Ecc pubKey) {
if (state == WolfCryptState.READY) { if (state == WolfCryptState.READY) {
return wc_ecc_shared_secret(pubKey); return wc_ecc_shared_secret(pubKey, this.rng);
} else { } else {
throw new IllegalStateException( throw new IllegalStateException(
"No available key to perform the opperation."); "No available key to perform the opperation.");