JCE: remove HMAC-MD5 from wolfJCE provider if not available in underlying FIPS library
Chris Conlon
parent
e37699d2fa
commit
e6f3a9e823
|
|
@ -47,6 +47,14 @@ JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_FeatureDetect_Sha384Enable
|
||||||
JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_FeatureDetect_Sha512Enabled
|
JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_FeatureDetect_Sha512Enabled
|
||||||
(JNIEnv *, jclass);
|
(JNIEnv *, jclass);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Class: com_wolfssl_wolfcrypt_FeatureDetect
|
||||||
|
* Method: HmacMd5Enabled
|
||||||
|
* Signature: ()Z
|
||||||
|
*/
|
||||||
|
JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_FeatureDetect_HmacMd5Enabled
|
||||||
|
(JNIEnv *, jclass);
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
||||||
|
|
@ -25,6 +25,7 @@
|
||||||
#include <wolfssl/options.h>
|
#include <wolfssl/options.h>
|
||||||
#endif
|
#endif
|
||||||
#include <jni.h>
|
#include <jni.h>
|
||||||
|
#include <wolfssl/wolfcrypt/types.h>
|
||||||
#include <wolfcrypt_jni_debug.h>
|
#include <wolfcrypt_jni_debug.h>
|
||||||
|
|
||||||
JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_FeatureDetect_Md5Enabled
|
JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_FeatureDetect_Md5Enabled
|
||||||
|
|
@ -87,3 +88,15 @@ JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_FeatureDetect_Sha512Enable
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
JNIEXPORT jboolean JNICALL Java_com_wolfssl_wolfcrypt_FeatureDetect_HmacMd5Enabled
|
||||||
|
(JNIEnv* env, jclass jcl)
|
||||||
|
{
|
||||||
|
(void)env;
|
||||||
|
(void)jcl;
|
||||||
|
#if !defined(NO_HMAC) && !defined(NO_MD5) && FIPS_VERSION_LT(5,2)
|
||||||
|
return JNI_TRUE;
|
||||||
|
#else
|
||||||
|
return JNI_FALSE;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -97,7 +97,7 @@ public final class WolfCryptProvider extends Provider {
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Mac */
|
/* Mac */
|
||||||
if (FeatureDetect.Md5Enabled()) {
|
if (FeatureDetect.HmacMd5Enabled()) {
|
||||||
put("Mac.HmacMD5",
|
put("Mac.HmacMD5",
|
||||||
"com.wolfssl.provider.jce.WolfCryptMac$wcHmacMD5");
|
"com.wolfssl.provider.jce.WolfCryptMac$wcHmacMD5");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -62,6 +62,18 @@ public class FeatureDetect {
|
||||||
*/
|
*/
|
||||||
public static native boolean Sha512Enabled();
|
public static native boolean Sha512Enabled();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tests if HMAC-MD5 is compiled into the native wolfSSL library and
|
||||||
|
* available for use.
|
||||||
|
*
|
||||||
|
* For FIPS 140-3, even if MD5 is compiled into the
|
||||||
|
* library, HMAC-MD5 is not available and will throw BAD_FUNC_ARG.
|
||||||
|
* Use this helper to prevent people from calling it in the first place.
|
||||||
|
*
|
||||||
|
* @return true if enabled, otherwise false.
|
||||||
|
*/
|
||||||
|
public static native boolean HmacMd5Enabled();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Loads JNI library.
|
* Loads JNI library.
|
||||||
*
|
*
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue