From 097a707a12996cc43890adf1eb2c1dbf2e492824 Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Fri, 4 Nov 2022 12:32:46 -0600
Subject: [PATCH] wrap native wolfSSL_CertManagerUnloadCAs()

---
 native/com_wolfssl_WolfSSLCertManager.c      | 16 ++++++++++++++++
 native/com_wolfssl_WolfSSLCertManager.h      |  8 ++++++++
 src/java/com/wolfssl/WolfSSLCertManager.java | 14 ++++++++++++++
 3 files changed, 38 insertions(+)

diff --git a/native/com_wolfssl_WolfSSLCertManager.c b/native/com_wolfssl_WolfSSLCertManager.c
index 9a923f3..7b1af01 100644
--- a/native/com_wolfssl_WolfSSLCertManager.c
+++ b/native/com_wolfssl_WolfSSLCertManager.c
@@ -103,6 +103,22 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerLoadCABuff
     return (jint)ret;
 }
 
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerUnloadCAs
+  (JNIEnv* jenv, jclass jcl, jlong cmPtr)
+{
+    int ret = 0;
+    WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)(uintptr_t)cmPtr;
+    (void)jcl;
+
+    if (jenv == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ret = wolfSSL_CertManagerUnloadCAs(cm);
+
+    return (jint)ret;
+}
+
 JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerVerifyBuffer
   (JNIEnv* jenv, jclass jcl, jlong cmPtr, jbyteArray in, jlong sz, jint format)
 {
diff --git a/native/com_wolfssl_WolfSSLCertManager.h b/native/com_wolfssl_WolfSSLCertManager.h
index a09f8e1..4327d12 100644
--- a/native/com_wolfssl_WolfSSLCertManager.h
+++ b/native/com_wolfssl_WolfSSLCertManager.h
@@ -39,6 +39,14 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerLoadCA
 JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerLoadCABuffer
   (JNIEnv *, jclass, jlong, jbyteArray, jlong, jint);
 
+/*
+ * Class:     com_wolfssl_WolfSSLCertManager
+ * Method:    CertManagerUnloadCAs
+ * Signature: (J)I
+ */
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerUnloadCAs
+  (JNIEnv *, jclass, jlong);
+
 /*
  * Class:     com_wolfssl_WolfSSLCertManager
  * Method:    CertManagerVerifyBuffer
diff --git a/src/java/com/wolfssl/WolfSSLCertManager.java b/src/java/com/wolfssl/WolfSSLCertManager.java
index 682109c..b62eee9 100644
--- a/src/java/com/wolfssl/WolfSSLCertManager.java
+++ b/src/java/com/wolfssl/WolfSSLCertManager.java
@@ -45,6 +45,7 @@ public class WolfSSLCertManager {
     static native int CertManagerLoadCA(long cm, String f, String d);
     static native int CertManagerLoadCABuffer(long cm, byte[] in, long sz,
                                               int format);
+    static native int CertManagerUnloadCAs(long cm);
     static native int CertManagerVerifyBuffer(long cm, byte[] in, long sz,
                                               int format);
 
@@ -150,6 +151,19 @@ public class WolfSSLCertManager {
         }
     }
 
+    /**
+     * Unload any CAs that have been loaded into WolfSSLCertManager object.
+     *
+     * @return WolfSSL.SSL_SUCCESS on success, negative on error.
+     */
+    public int CertManagerUnloadCAs() {
+        if (this.active == false) {
+            throw new IllegalStateException("Object has been freed");
+        }
+
+        return CertManagerUnloadCAs(this.cmPtr);
+    }
+
     /**
      * Verify X.509 certificate held in byte array
      *