From 186be0fa9c59645fa89cff995b8a06208f15849a Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 3 Feb 2023 16:25:59 -0700 Subject: [PATCH] Android Studio: add sample config and instructions for wolfSSL FIPS Ready with wolfSSL JNI/JSSE --- .gitignore | 1 - android/README.md | 84 +++++++- .../wolfssljni-ndk-gradle/app/CMakeLists.txt | 194 ++++++++++++++---- .../app/src/main/cpp/NativeHelper.c | 6 + .../app/src/main/res/layout/activity_main.xml | 55 ++--- .../app/src/main/res/values/strings.xml | 4 + android/wolfssljni-ndk-gradle/wolfssl | 2 +- android/wolfssljni-ndk-gradle/wolfssljni | 2 +- 8 files changed, 269 insertions(+), 79 deletions(-) diff --git a/.gitignore b/.gitignore index d6b55809..28b22109 100644 --- a/.gitignore +++ b/.gitignore @@ -24,7 +24,6 @@ *.i*86 *.x86_64 *.hex -*app # IDE Temp Files **/*.swp diff --git a/android/README.md b/android/README.md index 5e2b621b..23bb461a 100644 --- a/android/README.md +++ b/android/README.md @@ -38,22 +38,29 @@ wolfCrypt JNI/JCE + wolfSSL bundle on the Emulator: 1) Change directories into the android/wolfssljni-ndk-gradle directory +``` +$ cd android/wolfssljni-ndk-gradle +``` + 2) Checkout wolfssl and wolfssljni git submodules +``` +$ git submodule init +$ git submodule update +``` + 3) Create stub options.h (when using GitHub repo for wolfSSL) -4) Open "wolfssljni-ndk-gradle" project in Android Studio and build project - ``` -$ cd android/wolfssljni-ndk-gradle -$ git submodule init -$ git submodule update $ cp ./wolfssl/wolfssl/options.h.in ./wolfssl/wolfssl/options.h ``` +4) Open "wolfssljni-ndk-gradle" project in Android Studio and build project + wolfSSL stable releases, available from the wolfSSL download page, contain -, but the GitHub development branch for wolfSSL does not. -This is why options.h.in needs to be copied to options.h above. +``, but wolfSSL cloned from GitHub does not. +This is why `options.h.in` needs to be copied to `options.h` above for a GitHub +cloned repository. If you would like to update the git submodules for wolfssl and wolfssljni to the most current development HEAD, use the following submodule update command @@ -82,6 +89,69 @@ while the emulator is running and issuing: $ adb logcat ``` +### wolfSSL JNI/JSSE Sample App with wolfSSL FIPS Ready Package + +The wolfSSL JNI/JSSE Android Studio gradle sample application can be used +along with the wolfSSL FIPS Ready package, in place of a normal/standard +wolfSSL distribution. To use the `wolfssljni-ndk-gradle` sample app with +wolfSSL FIPS Ready use the following steps. + +For more information about wolfSSL FIPS Ready, see the +[wolfSSL Website](https://www.wolfssl.com/license/fips/). + +1) Download a GPLv3-licensed wolfSSL FIPS Ready package from the + [wolfSSL Download Page](https://www.wolfssl.com/download/). + +2) Move the archive under the `wolfssljni-ndk-gradle` app directory, extract, + and rename to `wolfssl`: + +``` +$ cd wolfssl-examples/android/wolfssljni-ndk-gradle +$ mv /path/to/wolfssl-X.X.X-gplv3-fips-ready.zip ./ +$ unzip wolfssl-X.X.X-gplv3-fips-ready.zip +$ mv wolfssl-X.X.X-gplv3-fips-ready wolfssl +``` + +3) Edit the following `CMakeLists.txt` file and change `WOLFSSL_PKG_TYPE` to + `fipsready`: + +``` +wolfssl-examples/android/wolfssljni-ndk-gradle/app/CMakeLists.txt +``` + +The `WOLFSSL_PKG_TYPE` selection should look like: + +``` +set(WOLFSSL_PKG_TYPE "fipsready") +``` + +4) Compile and Install the application on a device or in an emulator + +5) Run the "WOLFCRYPT TEST" selection to run the wolfCrypt test application. +You will need to monitor the adb logcat output to see the expected +in-core integrity hash. wolfSSL FIPS Ready does an in-core integrity check +using HMAC-SHA256 over the object files within the FIPS Ready boundary. The +calculated HMAC at runtime is compared to an expected HMAC. If the values do +not match, access is not allowed into the wolfCrypt library. + +Upon first compilation, or if settings change and the library is recompiled, +the expected verifyCore[] needs to be updated. To do this: + +a) Copy the expected hash from the "adb logcat" output: + +``` +D/[WOLFCRYPT]: in my Fips callback, ok = 0, err = -203 +D/[WOLFCRYPT]: message = In Core Integrity check FIPS error +D/[WOLFCRYPT]: hash = C4EAF104446F5B6918B266A5D65223C8E7ADED2CC41D547ED0C855A50858DE82 +D/[WOLFCRYPT]: In core integrity hash check failure, copy above hash +D/[WOLFCRYPT]: into verifyCore[] in fips_test.c and rebuild +``` + +b) Open `app/wolfssl/wolfcrypt/src/fips_test.c` and copy the hash into the + `verifyCore[]` array and save the file. + +c) Re-compile the application again, and re-run the wolfCrypt test. + ### Sample Application Functionality #### Native wolfCrypt Test Application diff --git a/android/wolfssljni-ndk-gradle/app/CMakeLists.txt b/android/wolfssljni-ndk-gradle/app/CMakeLists.txt index bf64c6af..0b1580c0 100644 --- a/android/wolfssljni-ndk-gradle/app/CMakeLists.txt +++ b/android/wolfssljni-ndk-gradle/app/CMakeLists.txt @@ -11,62 +11,113 @@ project("wolfssljni-ndk-gradle" C ASM) set(wolfssljni_DIR ${CMAKE_SOURCE_DIR}/../wolfssljni) set(wolfssl_DIR ${CMAKE_SOURCE_DIR}/../wolfssl) -# Math library selection, used to switch on below. Should be one of: +# ------------------------- wolfSSL Normal vs. FIPS Ready Selection -------------------------------- +# Select if wolfSSL is normal ("normal") or FIPS Ready ("fipsready") +# wolfSSL FIPS Ready is available for download on the wolfssl.com download page. For more +# information on wolfSSL FIPS Ready see: https://www.wolfssl.com/license/fips/ +# +# FIPS Ready requires different preprocessor flags, files, and a specific file ordering +# as set up below. +set(WOLFSSL_PKG_TYPE "normal") + +# -------------------------------- Math Library Selection ------------------------------------------ +# wolfCrypt math library selection, used to switch on below. Should be one of: # fastmath # spmath set(WOLFSSL_MATH_LIB "spmath") +# --------------------------------- Include Directories -------------------------------------------- # Add header directories to include paths include_directories( ${wolfssl_DIR} ${wolfssljni_DIR}/native ) -# Add TLS sources to TLS_SOURCES list and remove files that are included inline by other files -aux_source_directory(${wolfssl_DIR}/src TLS_SOURCES) -list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/bio.c) -list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/conf.c) -list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/pk.c) -list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/x509.c) -list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/x509_str.c) +# ------------------------------- Preprocessor Defines --------------------------------------------- -# Add crypto sources to CRYPTO_SOURCES list and remove files that are included inline by other files -aux_source_directory(${wolfssl_DIR}/wolfcrypt/src CRYPTO_SOURCES) -list(REMOVE_ITEM CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/evp.c) -list(REMOVE_ITEM CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/misc.c) +if ("${WOLFSSL_PKG_TYPE}" MATCHES "normal") + # Add preprocessor defines to CFLAGS, these match those placed into + # wolfssl/options.h by configure if using: "./configure --enable-jni". + # This list may be configurable depending on use case and desired optimizations. + add_definitions(-DWC_RSA_BLINDING -DWOLFSSL_SHA224 -DWOLFSSL_SHA384 + -DWOLFSSL_SHA512 -DHAVE_HKDF -DNO_DSA -DHAVE_ECC + -DECC_SHAMIR -DWC_RSA_PSS -DWOLFSSL_BASE64_ENCODE + -DWOLFSSL_SHA3 -DHAVE_POLY1305 -DHAVE_CHACHA -DHAVE_HASHDRBG + -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES -DHAVE_FFDHE_2048 + -DWOLFSSL_TLS13 -DHAVE_EXTENDED_MASTER -DWOLFSSL_JNI + -DHAVE_EX_DATA -DWOLFSSL_DTLS -DOPENSSL_EXTRA -DOPENSSL_ALL + -DHAVE_CRL -DHAVE_OCSP -DHAVE_CRL_MONITOR + -DPERSIST_SESSION_CACHE -DPERSIST_CERT_CACHE -DATOMIC_USER + -DHAVE_PK_CALLBACKS -DWOLFSSL_CERT_EXT -DWOLFSSL_CERT_GEN + -DHAVE_SNI -DHAVE_ALPN -DNO_RC4 -DHAVE_ENCRYPT_THEN_MAC + -DNO_MD4 -DWOLFSSL_ENCRYPTED_KEYS -DHAVE_DH_DEFAULT_PARAMS + -DNO_ERROR_QUEUE -DWOLFSSL_EITHER_SIDE -DWC_RSA_NO_PADDING + -DWC_RSA_PSS -DWOLFSSL_PSS_LONG_SALT -DWOLFSSL_TICKET_HAVE_ID + -DWOLFSSL_ERROR_CODE_OPENSSL -DWOLFSSL_ALWAYS_VERIFY_CB + -DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS + -DHAVE_EXT_CACHE -DWOLFSSL_FORCE_CACHE_ON_TICKET + -DWOLFSSL_AKID_NAME -DHAVE_CTS -DNO_DES3 -DGCM_TABLE_4BIT + -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT + -DHAVE_AESGCM -DSIZEOF_LONG=4 -DSIZEOF_LONG_LONG=8 -# Add preprocessor defines to CFLAGS, these match those placed into -# wolfssl/options.h by configure if using: "./configure --enable-jni". -# This list may be configurable depending on use case and desired optimizations. -add_definitions(-DWC_RSA_BLINDING -DWOLFSSL_SHA224 -DWOLFSSL_SHA384 - -DWOLFSSL_SHA512 -DHAVE_HKDF -DNO_DSA -DHAVE_ECC - -DECC_SHAMIR -DWC_RSA_PSS -DWOLFSSL_BASE64_ENCODE - -DWOLFSSL_SHA3 -DHAVE_POLY1305 -DHAVE_CHACHA -DHAVE_HASHDRBG - -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES -DHAVE_FFDHE_2048 - -DWOLFSSL_TLS13 -DHAVE_EXTENDED_MASTER -DWOLFSSL_JNI - -DHAVE_EX_DATA -DWOLFSSL_DTLS -DOPENSSL_EXTRA -DOPENSSL_ALL - -DHAVE_CRL -DHAVE_OCSP -DHAVE_CRL_MONITOR - -DPERSIST_SESSION_CACHE -DPERSIST_CERT_CACHE -DATOMIC_USER - -DHAVE_PK_CALLBACKS -DWOLFSSL_CERT_EXT -DWOLFSSL_CERT_GEN - -DHAVE_SNI -DHAVE_ALPN -DNO_RC4 -DHAVE_ENCRYPT_THEN_MAC - -DNO_MD4 -DWOLFSSL_ENCRYPTED_KEYS -DHAVE_DH_DEFAULT_PARAMS - -DNO_ERROR_QUEUE -DWOLFSSL_EITHER_SIDE -DWC_RSA_NO_PADDING - -DWC_RSA_PSS -DWOLFSSL_PSS_LONG_SALT -DWOLFSSL_TICKET_HAVE_ID - -DWOLFSSL_ERROR_CODE_OPENSSL -DWOLFSSL_ALWAYS_VERIFY_CB - -DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS - -DHAVE_EXT_CACHE -DWOLFSSL_FORCE_CACHE_ON_TICKET - -DWOLFSSL_AKID_NAME -DHAVE_CTS -DNO_DES3 -DGCM_TABLE_4BIT - -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT - -DHAVE_AESGCM -DSIZEOF_LONG=4 -DSIZEOF_LONG_LONG=8 + # Defines added for wolfCrypt test and benchmark only, may not be needed for your + # own application. + -DUSE_CERT_BUFFERS_2048 -DUSE_CERT_BUFFERS_256 -DNO_WRITE_TEMP_FILES + -DNO_FILESYSTEM -DNO_MAIN_DRIVER - # Defines added for wolfCrypt test and benchmark only, may not be needed for your - # own application. - -DUSE_CERT_BUFFERS_2048 -DUSE_CERT_BUFFERS_256 -DNO_WRITE_TEMP_FILES - -DNO_FILESYSTEM -DNO_MAIN_DRIVER + # Defines added for debugging. These can be removed if debug logging is not needed + # and will increase performance and reduce library footprint size if removed. + -DEBUG_WOLFSSL) - # Defines added for debugging. These can be removed if debug logging is not needed - # and will increase performance and reduce library footprint size if removed. - -DEBUG_WOLFSSL) +elseif("${WOLFSSL_PKG_TYPE}" MATCHES "fipsready") + # Add preprocessor defines to CFLAGS, these match those placed into + # wolfssl/options.h by configure if using: "./configure" on a Unix/Linux platform. The options + # below have been chosen to match a FIPS Ready build, and are based on the example + # user_settings.h file located here: + # https://github.com/wolfSSL/wolfssl/blob/master/examples/configs/user_settings_fipsv5.h + # This list may be configurable depending on use case and desired optimizations, being careful + # not to break FIPS compatibility if targeting FIPS proper in the future. + add_definitions(-DHAVE_FIPS -DHAVE_FIPS_VERSION=5 -DHAVE_FIPS_VERSION_MINOR=3 + -DHAVE_HASHDRBG -DHAVE_THREAD_LS -DHAVE_REPRODUCIBLE_BUILD + -DFP_MAX_BITS=16384 -DSP_INT_BITS=8192 -DWOLFSSL_PUBLIC_MP + -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING + -DWC_RNG_SEED_CB -DWOLFSSL_VALIDATE_ECC_IMPORT -DWOLFSSL_VALIDATE_ECC_KEYGEN + -DWOLFSSL_VALIDATE_FFC_IMPORT + -DWOLFSSL_TLS13 -DHAVE_TLS_EXTENSIONS -DHAVE_ENCRYPT_THEN_MAC + -DHAVE_SUPPORTED_CURVES -DHAVE_EXTENDED_MASTER -DHAVE_ONE_TIME_AUTH + -DHAVE_SECURE_RENEGOTIATION -DHAVE_SERVER_RENEGOTIATION_INFO -DHAVE_SESSION_TICKET + -DWOLFSSL_USE_ALIGN -DWOLFSSL_BASE64_ENCODE -DHAVE_CRL + -DHAVE_EXT_CACHE -DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_ALWAYS_VERIFY_CB + -DWOLFSSL_DH_EXTRA -DWOLFSSL_WOLFSSH -DOPENSSL_EXTRA -DOPENSSL_ALL + -DHAVE_FFDHE_Q -DHAVE_FFDHE_2048 -DHAVE_FFDHE_3072 -DHAVE_FFDHE_4096 + -DHAVE_FFDHE_6144 -DHAVE_FFDHE_8192 -DHAVE_DH_DEFAULT_PARAMS -DHAVE_PUBLIC_FFDHE + -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR -DHAVE_ECC_CDH -DECC_USER_CURVES + -DHAVE_ECC256 -DHAVE_ECC384 -DHAVE_ECC521 -DWOLFSSL_ECDSA_SET_K + -DWC_RSA_PSS -DWOLFSSL_KEY_GEN -DWC_RSA_NO_PADDING + -DWOLFSSL_AES_COUNTER -DHAVE_AESCCM -DHAVE_AES_ECB -DWOLFSSL_AES_DIRECT + -DWOLFSSL_AES_OFB -DHAVE_AESGCM -DGCM_TABLE_4BIT -DWOLFSSL_CMAC + -DWOLFSSL_SHA224 -DWOLFSSL_SHA512 -DWOLFSSL_SHA384 -DWOLFSSL_NO_SHAKE256 + -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256 -DWOLFSSL_SHA3 -DHAVE_HKDF + -DNO_OLD_TLS -DNO_PSK -DNO_DO178 + -DNO_RC4 -DNO_MD4 -DNO_MD5 -DNO_DES3 -DNO_DSA -DNO_RABBIT + + -DWOLFSSL_JNI -DHAVE_EX_DATA -DHAVE_OCSP -DHAVE_CRL_MONITOR + -DWOLFSSL_CERT_EXT -DWOLFSSL_CERT_GEN -DHAVE_SNI -DHAVE_ALPN + -DWOLFSSL_ENCRYPTED_KEYS -DNO_ERROR_QUEUE -DWOLFSSL_EITHER_SIDE + -DWOLFSSL_PSS_LONG_SALT -DWOLFSSL_TICKET_HAVE_ID + -DWOLFSSL_ERROR_CODE_OPENSSL -DWOLFSSL_EXTRA_ALERTS + -DWOLFSSL_FORCE_CACHE_ON_TICKET -DWOLFSSL_AKID_NAME -DHAVE_CTS + -DKEEP_PEER_CERT -DSESSION_CERTS + -DSIZEOF_LONG=4 -DSIZEOF_LONG_LONG=8 + + # Enable below options for wolfSSL debug logging + #-DDEBUG_WOLFSSL -DWOLFSSL_ANDROID_DEBUG + + # Below options are added only for wolfCrypt test and benchmark applications. + # These can be left off / removed when integrating into a real-world application. + -DNO_FILESYSTEM -DUSE_CERT_BUFFERS_2048 -DUSE_CERT_BUFFERS_256 + -DNO_WRITE_TEMP_FILES -DNO_MAIN_DRIVER) +endif() if ("$WOLFSSL_MATH_LIB" MATCHES "fastmath") # Use fastmath library @@ -93,6 +144,65 @@ elseif("${WOLFSSL_MATH_LIB}" MATCHES "spmath") endif() endif() +# --------------------------- wolfSSL and wolfCrypt Source Files ----------------------------------- +# Add TLS sources to TLS_SOURCES list and remove files that are included inline by other files +aux_source_directory(${wolfssl_DIR}/src TLS_SOURCES) +list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/bio.c) +list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/conf.c) +list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/pk.c) +list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/ssl_misc.c) +list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/x509.c) +list(REMOVE_ITEM TLS_SOURCES ${wolfssl_DIR}/src/x509_str.c) + +if ("${WOLFSSL_PKG_TYPE}" MATCHES "normal") + # Add crypto sources to CRYPTO_SOURCES, remove files that are included inline by other files + aux_source_directory(${wolfssl_DIR}/wolfcrypt/src CRYPTO_SOURCES) + list(REMOVE_ITEM CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/evp.c) + list(REMOVE_ITEM CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/misc.c) + +elseif("${WOLFSSL_PKG_TYPE}" MATCHES "fipsready") + # FIPS Ready needs to explicitly order files for in-core integrity check to work properly. + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wolfcrypt_first.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/hmac.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/random.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha256.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/kdf.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/rsa.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/ecc.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/aes.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha512.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha3.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/dh.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/cmac.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/fips.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/fips_test.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wolfcrypt_last.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/hash.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/cpuid.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/logging.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wc_port.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/error.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wc_encrypt.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/signature.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_arm32.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_arm64.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_armthumb.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_c32.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_c64.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_cortexm.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_dsp32.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_int.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_x86_64.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wolfmath.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/memory.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/asn.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/coding.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/pwdbased.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/pkcs12.c) + list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/tfm.c) +endif() + # wolfSSL will be compiled as a SHARED library add_library(wolfssl SHARED ${CRYPTO_SOURCES} diff --git a/android/wolfssljni-ndk-gradle/app/src/main/cpp/NativeHelper.c b/android/wolfssljni-ndk-gradle/app/src/main/cpp/NativeHelper.c index 48cfbb54..336b5b94 100644 --- a/android/wolfssljni-ndk-gradle/app/src/main/cpp/NativeHelper.c +++ b/android/wolfssljni-ndk-gradle/app/src/main/cpp/NativeHelper.c @@ -29,6 +29,9 @@ Java_com_wolfssl_wolfssljni_1ndk_1gradle_MainActivity_testWolfCrypt(JNIEnv *env, int ret; ret = wolfCrypt_Init(); +#ifdef WC_RNG_SEED_CB + wc_SetSeed_Cb(wc_GenerateSeed); +#endif if (ret == 0) { ret = wolfcrypt_test(NULL); } @@ -42,6 +45,9 @@ Java_com_wolfssl_wolfssljni_1ndk_1gradle_MainActivity_benchWolfCrypt(JNIEnv *env int ret = 0; ret = wolfCrypt_Init(); +#ifdef WC_RNG_SEED_CB + wc_SetSeed_Cb(wc_GenerateSeed); +#endif if (ret == 0) { ret = benchmark_test(NULL); } diff --git a/android/wolfssljni-ndk-gradle/app/src/main/res/layout/activity_main.xml b/android/wolfssljni-ndk-gradle/app/src/main/res/layout/activity_main.xml index 6d7a888a..85346c42 100644 --- a/android/wolfssljni-ndk-gradle/app/src/main/res/layout/activity_main.xml +++ b/android/wolfssljni-ndk-gradle/app/src/main/res/layout/activity_main.xml @@ -17,38 +17,39 @@ android:layout_height="532dp" android:layout_marginTop="10dp" /> - + + + android:text="@string/select_operation_to_run" + android:textAppearance="@style/TextAppearance.AppCompat.Body2" /> -