diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 00000000..e76d844f --- /dev/null +++ b/.gitmodules @@ -0,0 +1,6 @@ +[submodule "android/wolfssljni-ndk-sample/wolfssl"] + path = android/wolfssljni-ndk-sample/wolfssl + url = https://github.com/wolfSSL/wolfssl.git +[submodule "android/wolfssljni-ndk-sample/wolfssljni"] + path = android/wolfssljni-ndk-sample/wolfssljni + url = https://github.com/wolfSSL/wolfssljni.git diff --git a/README.md b/README.md index d291445c..cd921eab 100644 --- a/README.md +++ b/README.md @@ -1,37 +1,45 @@ wolfSSL Example Applications ============================ -This repository contains example applications, written in C, which -demonstrate how to use the wolfSSL lightweight SSL/TLS library for secure +This repository contains example applications, written in C, which +demonstrate how to use the wolfSSL lightweight SSL/TLS library for secure communication. -Each directory represents a unique topic (SSL/TLS, DTLS, PSK, etc.) and +Each directory represents a unique topic (SSL/TLS, DTLS, PSK, etc.) and contains a Makefile as well as a simple tutorial on the given topic. ## Current Examples +#### android (Android NDK Examples) + +This directory contains examples that demonstrate using wolfSSL and wolfSSLJNI +on the Android platform, using the Android NDK toolchain. + +Please see the README.md in android/ for further usage and details. + #### clu (wolfSSL Command Line Utility) -This is a tool to provide command line access to wolfcrypt cryptographic libraries. -wolfSSL command line utility will allow users to encrypt or decrypt a user specified -file to any file name and extension. +This is a tool to provide command line access to wolfcrypt cryptographic +libraries. wolfSSL command line utility will allow users to encrypt or decrypt +a user specified file to any file name and extension. Please see the README.md in clu/ for further usage and details. ###### Unique feature to wolfSSL CLU -The decision to allow for unique file extensions was prompted by automated tools -available for brute forcing files. It will not provide extra security cryptographically -however it will force attackers to check the header information on every single brute -force attempt. This will provide further frustration and an extra step in any attempt -to brute force a file encrypted with our utility. +The decision to allow for unique file extensions was prompted by automated +tools available for brute forcing files. It will not provide extra security +cryptographically however it will force attackers to check the header +information on every single brute force attempt. This will provide further +frustration and an extra step in any attempt to brute force a file encrypted +with our utility. #### DTLS (Datagram TLS) -This directory contains examples of using DTLS, with client and server -examples demonstrating UDP, DTLS, non-blocking, session resumption, +This directory contains examples of using DTLS, with client and server +examples demonstrating UDP, DTLS, non-blocking, session resumption, and multi-threading. -When compiling wolfSSL for use with these examples, wolfSSL will need to be +When compiling wolfSSL for use with these examples, wolfSSL will need to be compiled with DTLS support: ``` @@ -48,11 +56,11 @@ make #### PSK (Pre-Shared Keys) -This directory contains examples of using PSK, with client and server examples -demonstrating TCP/IP, PSK, non-blocking, session resumption, and +This directory contains examples of using PSK, with client and server examples +demonstrating TCP/IP, PSK, non-blocking, session resumption, and multi-threading. -When compiling wolfSSL for use with these examples, wolfSSL will need to be +When compiling wolfSSL for use with these examples, wolfSSL will need to be compiled with PSK support: ``` @@ -69,8 +77,8 @@ make #### SSL/TLS -This directory contains examples of using SSL/TLS, with client and server -examples demonstrating TCP/IP, SSL/TLS, non-blocking, session resumption, and +This directory contains examples of using SSL/TLS, with client and server +examples demonstrating TCP/IP, SSL/TLS, non-blocking, session resumption, and multi-threading. Examples in this directory may be compiled using: @@ -82,12 +90,12 @@ make ## Notes -When necessary, examples will use the example certificates and keys located -in the ./certs directory. These certificates and keys have been pulled in from +When necessary, examples will use the example certificates and keys located +in the ./certs directory. These certificates and keys have been pulled in from the main wolfSSL repository. ## Support -Please contact wolfSSL at support@wolfssl.com with any questions, bug fixes, +Please contact wolfSSL at support@wolfssl.com with any questions, bug fixes, or suggested feature additions. diff --git a/android/README.md b/android/README.md new file mode 100644 index 00000000..87fe15ac --- /dev/null +++ b/android/README.md @@ -0,0 +1,104 @@ +# wolfSSL / wolfSSL JNI Android Examples + +This directory contains: + +wolfssljni-ndk-sample - Example project that demonstrates how to integrate +wolfSSL and wolfSSL JNI into an Android NDK application's Android.mk build +file. + +## Prerequisites for successful installation + +Prerequisites +In order to build the wolfCrypt JNI wrapper and wolfCAVP-Android application, +you need to: +* Install the `Android SDK` [link](http://developer.android.com/sdk/index.html) +* Install the `Android NDK` [link](https://developer.android.com/tools/sdk/ndk/index.html) + +Note that these instructions do not use the Android Studio IDE and environment. +This package has been developed and tested using the Android NDK and SDK +command line tools. + +After installing the Android SDK, run the `SDK Tools` app packaged with it and +install Android 4.4: + +``` +$ android +``` + +To set up an emulator and create an "Android Virtual Device (avd)" image, run: + +``` +$ android avd +``` + +## Compiling and Running the wolfssljni-ndk-sample + +After the development environment has been set up, follow these instructions +to compile and install the wolfCrypt JNI + wolfSSL bundle on +the Emulator: + +1) Change directories into the android/wolfssljni-ndk-sample directory +2) Checkout wolfssl and wolfssljni git submodules +3) Update Android project as shown below +4) Proceed to compile NDK and Java code as shown below + +``` +$ cd android/wolfssljni-ndk-sample +$ git submodule init +$ git submodule update +$ android update project -p . -s +$ ndk-build +$ ant debug +``` + +To install and run the application in an Android emulator, start the emulator: + +``` +$ emulator -avd +``` + +Where you can get a list of targets (including the one you created above), +using: + +``` +$ emulator -list-avds +``` + +then issue 'ant debug install' from the wolfssljni-ndk-sample directory to +install the apk into the emulator: + +``` +$ ant debug install +``` + +Logcat output from the emulator can be viewed by opening a new terminal window +while the emulator is running and issuing: + +``` +$ adb logcat +``` + +### Installing and Running wolfCAVP App on Device instead of Emulator + +Compiling, installing, and running the wolfssljni-ndk-sample application on a +real device, versus the Android Emulator is quite easy, and nearly identical +to running on the Emulator. + +To compile the application, follow the same steps as shown above. + +After compilation: + +1) Turn on the Android Device + +2) Go to "Settings -> Developer options" and verify that "USB Debugging" + is enabled (checked). + +3) Plug Android phone into development computer with USB cable + +4) Once the phone has been plugged into the development machine, the same + command line tools can be used to install apps, view the logcat, and + pull/push data from/to the device using "adb pull" and "adb push" + commands. This means you can follow the same steps to install the app + on the phone, as described above for the emulator - using + "adb debug install". + diff --git a/android/wolfssljni-ndk-sample/AndroidManifest.xml b/android/wolfssljni-ndk-sample/AndroidManifest.xml new file mode 100644 index 00000000..d27b8e09 --- /dev/null +++ b/android/wolfssljni-ndk-sample/AndroidManifest.xml @@ -0,0 +1,16 @@ + + + + + + + + + + + + diff --git a/android/wolfssljni-ndk-sample/ant.properties b/android/wolfssljni-ndk-sample/ant.properties new file mode 100644 index 00000000..c4e4bde3 --- /dev/null +++ b/android/wolfssljni-ndk-sample/ant.properties @@ -0,0 +1,18 @@ +# This file is used to override default values used by the Ant build system. +# +# This file must be checked into Version Control Systems, as it is +# integral to the build system of your project. + +# This file is only used by the Ant script. + +# You can use this to override default values such as +# 'source.dir' for the location of your java source folder and +# 'out.dir' for the location of your output folder. + +# You can also use it define how the release builds are signed by declaring +# the following properties: +# 'key.store' for the location of your keystore and +# 'key.alias' for the name of the key to use. +# The password will be asked during the build when you use the 'release' target. + +source.dir=src;wolfssl-jni-1.1/src/java; diff --git a/android/wolfssljni-ndk-sample/jni/Android.mk b/android/wolfssljni-ndk-sample/jni/Android.mk new file mode 100644 index 00000000..98b69dee --- /dev/null +++ b/android/wolfssljni-ndk-sample/jni/Android.mk @@ -0,0 +1,99 @@ +TOP_PATH := $(call my-dir)/.. + +# Build wolfSSL shared library +include $(CLEAR_VARS) +LOCAL_PATH := $(TOP_PATH)/wolfssl +LOCAL_MODULE := libwolfssl +LOCAL_EXPORT_C_INCLUDES := $(LOCAL_PATH) +LOCAL_C_INCLUDES := $(LOCAL_PATH) +LOCAL_CFLAGS := -DOPENSSL_EXTRA -DWOLFSSL_DTLS -D_POSIX_THREADS -DNDEBUG \ + -DPERSIST_SESSION_CACHE -DPERSIST_CERT_CACHE -DATOMIC_USER \ + -DHAVE_PK_CALLBACKS -DNO_DSA -DHAVE_ECC -DTFM_ECC256 \ + -DECC_SHAMIR -DNO_PSK -DNO_MD4 -DNO_HC128 -DNO_RABBIT \ + -DHAVE_OCSP -DHAVE_CRL \ + -Wall +LOCAL_SRC_FILES := src/crl.c \ + src/internal.c \ + src/io.c \ + src/keys.c \ + src/ocsp.c \ + src/sniffer.c \ + src/ssl.c \ + src/tls.c \ + wolfcrypt/src/aes.c \ + wolfcrypt/src/arc4.c \ + wolfcrypt/src/asm.c \ + wolfcrypt/src/asn.c \ + wolfcrypt/src/blake2b.c \ + wolfcrypt/src/camellia.c \ + wolfcrypt/src/chacha.c \ + wolfcrypt/src/chacha20_poly1305.c \ + wolfcrypt/src/coding.c \ + wolfcrypt/src/compress.c \ + wolfcrypt/src/curve25519.c \ + wolfcrypt/src/des3.c \ + wolfcrypt/src/dh.c \ + wolfcrypt/src/dsa.c \ + wolfcrypt/src/ecc.c \ + wolfcrypt/src/ecc_fp.c \ + wolfcrypt/src/ed25519.c \ + wolfcrypt/src/error.c \ + wolfcrypt/src/fe_low_mem.c \ + wolfcrypt/src/fe_operations.c \ + wolfcrypt/src/ge_low_mem.c \ + wolfcrypt/src/ge_operations.c \ + wolfcrypt/src/hash.c \ + wolfcrypt/src/hc128.c \ + wolfcrypt/src/hmac.c \ + wolfcrypt/src/integer.c \ + wolfcrypt/src/logging.c \ + wolfcrypt/src/md2.c \ + wolfcrypt/src/md4.c \ + wolfcrypt/src/md5.c \ + wolfcrypt/src/memory.c \ + wolfcrypt/src/misc.c \ + wolfcrypt/src/pkcs7.c \ + wolfcrypt/src/poly1305.c \ + wolfcrypt/src/pwdbased.c \ + wolfcrypt/src/rabbit.c \ + wolfcrypt/src/random.c \ + wolfcrypt/src/ripemd.c \ + wolfcrypt/src/rsa.c \ + wolfcrypt/src/sha.c \ + wolfcrypt/src/sha256.c \ + wolfcrypt/src/sha512.c \ + wolfcrypt/src/tfm.c \ + wolfcrypt/src/wc_port.c +include $(BUILD_SHARED_LIBRARY) + + +## Build wolfSSL JNI library +include $(CLEAR_VARS) +LOCAL_PATH := $(TOP_PATH)/wolfssljni +LOCAL_MODULE := libwolfssljni +LOCAL_EXPORT_C_INCLUDES := $(LOCAL_PATH)/native +LOCAL_C_INCLUDES := $(LOCAL_PATH)/native +LOCAL_SRC_FILES := native/com_wolfssl_WolfSSL.c \ + native/com_wolfssl_WolfSSLContext.c \ + native/com_wolfssl_WolfSSLSession.c \ + native/com_wolfssl_wolfcrypt_ECC.c \ + native/com_wolfssl_wolfcrypt_RSA.c +LOCAL_CFLAGS := -DOPENSSL_EXTRA -DWOLFSSL_DTLS -D_POSIX_THREADS -DNDEBUG \ + -DPERSIST_SESSION_CACHE -DPERSIST_CERT_CACHE -DATOMIC_USER \ + -DHAVE_PK_CALLBACKS -DNO_DSA -DHAVE_ECC -DTFM_ECC256 \ + -DECC_SHAMIR -DNO_PSK -DNO_MD4 -DNO_HC128 -DNO_RABBIT \ + -DHAVE_OCSP -DHAVE_CRL \ + -Wall -Os +LOCAL_SHARED_LIBRARIES := libwolfssl +include $(BUILD_SHARED_LIBRARY) + + +include $(CLEAR_VARS) +LOCAL_PATH := $(TOP_PATH)/jni +LOCAL_MODULE := libjnitest +LOCAL_C_INCLUDES := $(LOCAL_PATH) +LOCAL_SRC_FILES := jnitest.c +LOCAL_CFLAGS := -Wall +LOCAL_SHARED_LIBRARIES := libwolfssl +include $(BUILD_SHARED_LIBRARY) + diff --git a/android/wolfssljni-ndk-sample/jni/com_wolfssl_example_JNITest.h b/android/wolfssljni-ndk-sample/jni/com_wolfssl_example_JNITest.h new file mode 100644 index 00000000..cdb96b98 --- /dev/null +++ b/android/wolfssljni-ndk-sample/jni/com_wolfssl_example_JNITest.h @@ -0,0 +1,41 @@ +/* com_wolfssl_example_JNITest.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class com_wolfssl_example_JNITest */ + +#ifndef _Included_com_wolfssl_example_JNITest +#define _Included_com_wolfssl_example_JNITest +#ifdef __cplusplus +extern "C" { +#endif +/* + * Class: com_wolfssl_example_JNITest + * Method: getJniString + * Signature: ()Ljava/lang/String; + */ +JNIEXPORT jstring JNICALL Java_com_wolfssl_example_JNITest_getJniString + (JNIEnv *, jobject); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/android/wolfssljni-ndk-sample/jni/jnitest.c b/android/wolfssljni-ndk-sample/jni/jnitest.c new file mode 100644 index 00000000..50ca6b09 --- /dev/null +++ b/android/wolfssljni-ndk-sample/jni/jnitest.c @@ -0,0 +1,30 @@ +/* jnitest.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include +#include + +JNIEXPORT jstring JNICALL Java_com_wolfssl_example_JNITest_getJniString + (JNIEnv* jenv, jobject jobj) +{ + return (*jenv)->NewStringUTF(jenv, "Hello from native JNI"); +} + diff --git a/android/wolfssljni-ndk-sample/project.properties b/android/wolfssljni-ndk-sample/project.properties new file mode 100644 index 00000000..dd5b1178 --- /dev/null +++ b/android/wolfssljni-ndk-sample/project.properties @@ -0,0 +1,12 @@ +# This file is automatically generated by Android Tools. +# Do not modify this file -- YOUR CHANGES WILL BE ERASED! +# +# This file must be checked in Version Control Systems. +# +# To customize properties used by the Ant build system use, +# "build.properties", and override values to adapt the script to your +# project structure. + +# Project target. +target=android-19 + diff --git a/android/wolfssljni-ndk-sample/res/drawable-hdpi/icon.png b/android/wolfssljni-ndk-sample/res/drawable-hdpi/icon.png new file mode 100644 index 00000000..8074c4c5 Binary files /dev/null and b/android/wolfssljni-ndk-sample/res/drawable-hdpi/icon.png differ diff --git a/android/wolfssljni-ndk-sample/res/drawable-ldpi/icon.png b/android/wolfssljni-ndk-sample/res/drawable-ldpi/icon.png new file mode 100644 index 00000000..1095584e Binary files /dev/null and b/android/wolfssljni-ndk-sample/res/drawable-ldpi/icon.png differ diff --git a/android/wolfssljni-ndk-sample/res/drawable-mdpi/icon.png b/android/wolfssljni-ndk-sample/res/drawable-mdpi/icon.png new file mode 100644 index 00000000..a07c69fa Binary files /dev/null and b/android/wolfssljni-ndk-sample/res/drawable-mdpi/icon.png differ diff --git a/android/wolfssljni-ndk-sample/res/layout/main.xml b/android/wolfssljni-ndk-sample/res/layout/main.xml new file mode 100644 index 00000000..ed6b3fe7 --- /dev/null +++ b/android/wolfssljni-ndk-sample/res/layout/main.xml @@ -0,0 +1,13 @@ + + + + + diff --git a/android/wolfssljni-ndk-sample/res/values/strings.xml b/android/wolfssljni-ndk-sample/res/values/strings.xml new file mode 100644 index 00000000..bd226660 --- /dev/null +++ b/android/wolfssljni-ndk-sample/res/values/strings.xml @@ -0,0 +1,4 @@ + + + JNITest + diff --git a/android/wolfssljni-ndk-sample/src/com/wolfssl/example/JNITest.java b/android/wolfssljni-ndk-sample/src/com/wolfssl/example/JNITest.java new file mode 100644 index 00000000..c917494b --- /dev/null +++ b/android/wolfssljni-ndk-sample/src/com/wolfssl/example/JNITest.java @@ -0,0 +1,61 @@ +/* JNITest.java + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ +package com.wolfssl.example; + +import android.app.Activity; +import android.widget.TextView; +import android.os.Bundle; + +import com.wolfssl.WolfSSL; + +public class JNITest extends Activity +{ + /** Called when the activity is first created. */ + @Override + public void onCreate(Bundle savedInstanceState) + { + super.onCreate(savedInstanceState); + + /* create TextView and set contents */ + TextView tv = new TextView(this); + String jniString = getJniString(); + tv.setText(jniString); + setContentView(tv); + + try { + + /* initialize wolfSSL library, using JNI wrapper */ + WolfSSL sslLib = new WolfSSL(); + + } catch (Exception e) { + e.printStackTrace(); + } + } + + public native String getJniString(); + + static { + /* these must be loaded in the correct order of dependency */ + System.loadLibrary("wolfssl"); + System.loadLibrary("wolfssljni"); + System.loadLibrary("jnitest"); + } +} diff --git a/android/wolfssljni-ndk-sample/wolfssl b/android/wolfssljni-ndk-sample/wolfssl new file mode 160000 index 00000000..ea7f955b --- /dev/null +++ b/android/wolfssljni-ndk-sample/wolfssl @@ -0,0 +1 @@ +Subproject commit ea7f955bd44a5b607938c3fad095c3e27a853407 diff --git a/android/wolfssljni-ndk-sample/wolfssljni b/android/wolfssljni-ndk-sample/wolfssljni new file mode 160000 index 00000000..1cf5e24d --- /dev/null +++ b/android/wolfssljni-ndk-sample/wolfssljni @@ -0,0 +1 @@ +Subproject commit 1cf5e24da2871bf8b4332e1f7f2e634395141f8c