diff options
| author | Ján Jančár | 2024-03-28 15:45:21 +0100 |
|---|---|---|
| committer | GitHub | 2024-03-28 15:45:21 +0100 |
| commit | fb8ce97e06363637ccf0846c012e5e3c6bfa6f44 (patch) | |
| tree | c7582af73c6951de54725e1f8b8e32744dde3682 | |
| parent | 6945707a9b34acb275506bd89010b3d3e92c16c8 (diff) | |
| parent | 8e388999ceec941a8f26d3ee6ee7ece91c10ee0e (diff) | |
| download | ECTester-fb8ce97e06363637ccf0846c012e5e3c6bfa6f44.tar.gz ECTester-fb8ce97e06363637ccf0846c012e5e3c6bfa6f44.tar.zst ECTester-fb8ce97e06363637ccf0846c012e5e3c6bfa6f44.zip | |
Merge pull request #22 from crocs-muni/fix/libressl-build
Try to fix LibreSSL build.
25 files changed, 177 insertions, 804 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9948751..fe294ee 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -91,12 +91,15 @@ jobs: java: [ "11", "17", "21" ] env: # ffs: https://github.com/adoptium/adoptium-support/issues/485 !!! - LD_LIBRARY_PATH: "/usr/lib/x86_64-linux-gnu/" + # also, add the wolfcrypt JNI path + LD_LIBRARY_PATH: "/usr/lib/x86_64-linux-gnu/:${{github.workspace}}/ext/wolfcrypt-jni/lib/" name: Build standalone on Java ${{ matrix.java }} steps: - uses: actions/checkout@v4 with: submodules: recursive + fetch-tags: true + fetch-depth: -1 - name: Set up JDK uses: actions/setup-java@v4 @@ -110,22 +113,24 @@ jobs: - name: Setup libraries run: | sudo apt update - sudo apt install libmbedtls-dev libtomcrypt-dev libtommath-dev libssl-dev libcrypto++-dev libgcrypt20-dev nettle-dev libbotan-2-dev libwolfssl-dev nasm - echo "BORINGSSL_VERSION=$(git submodule status ext/boringssl | cut -f2 -d' ')" >> $GITHUB_ENV - echo "LIBRESSL_VERSION=$(git submodule status ext/libressl | cut -f2 -d' ')" >> $GITHUB_ENV - echo "IPPCP_VERSION=$(git submodule status ext/ipp-crypto | cut -f2 -d' ')" >> $GITHUB_ENV - echo "WOLFCRYPT_VERSION=$(git submodule status ext/wolfcrypt-jni | cut -f2 -d' ')" >> $GITHUB_ENV + sudo apt install libtomcrypt-dev libtommath-dev libssl-dev libcrypto++-dev libgcrypt20-dev nettle-dev libbotan-2-dev libwolfssl-dev nasm + echo "BORINGSSL_VERSION=$(git submodule status ext/boringssl | cut -f2 -d' ' | cut -c1-10)" >> $GITHUB_ENV + echo "LIBRESSL_VERSION=$(git submodule status ext/libressl | cut -f2 -d' ' | cut -c1-10)" >> $GITHUB_ENV + echo "IPPCP_VERSION=$(git submodule status ext/ipp-crypto | cut -f2 -d' ' | cut -c1-10)" >> $GITHUB_ENV + echo "MBEDTLS_VERSION=$(git submodule status ext/mbedtls | cut -f2 -d' ' | cut -c1-10)" >> $GITHUB_ENV + echo "WOLFCRYPT_VERSION=$(git submodule status ext/wolfcrypt-jni | cut -f2 -d' ' | cut -c1-10)" >> $GITHUB_ENV echo "WOLFSSL_VERSION=$(dpkg -s libwolfssl-dev | grep 'Version' | cut -f2 -d' ')" >> $GITHUB_ENV - name: Cache libs uses: actions/cache@v4 id: cache-libs with: - key: libs-${{ env.BORINGSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.IPPCP_VERSION }}-${{ env.WOLFCRYPT_VERSION }}-${{ env.WOLFSSL_VERSION }}-${{ matrix.java }} + key: libs-${{ env.BORINGSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.IPPCP_VERSION }}-${{ env.WOLFCRYPT_VERSION }}-${{ env.WOLFSSL_VERSION }}-${{ hashFiles('.github/workflows/build.yml') }}-${{ matrix.java }} path: | - ext/boringssl/build/crypto/libcrypto.so - ext/libressl/build/crypto/libcrypto.so - ext/ipp-crypto/build/.build/RELEASE/lib/libippcp.so + ext/boringssl/build/ + ext/libressl/build/ + ext/ipp-crypto/build/ + ext/mbedtls/build/ ext/wolfcrypt-jni/lib/wolfcrypt-jni.jar ext/wolfcrypt-jni/lib/libwolfcryptjni.so @@ -158,6 +163,15 @@ jobs: wget -P junit/ https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar make -j4 -f makefile.linux env JUNIT_HOME=junit/ ant build-jce-release + cd ../.. + # ------------ Build mbedTLS ------------ + cd ext/mbedtls + python -m venv virt + . virt/bin/activate + pip install -r scripts/basic.requirements.txt + cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On -Bbuild -G "Unix Makefiles" + cd build + make -j4 cd ../../.. - name: Build standalone diff --git a/.gitmodules b/.gitmodules index 54819aa..7fea751 100644 --- a/.gitmodules +++ b/.gitmodules @@ -19,3 +19,6 @@ [submodule "ext/wolfcrypt-jni"] path = ext/wolfcrypt-jni url = https://github.com/wolfSSL/wolfcrypt-jni +[submodule "ext/mbedtls"] + path = ext/mbedtls + url = https://github.com/Mbed-TLS/mbedtls.git @@ -47,7 +47,7 @@ git submodule update --init --recursive # To initialize submodules (JavaCa The applet comes in several flavors, targeting JavaCard `2.2.1`, `2.2.2` and `3.0.5`. The `2.2.2` and later flavors support extended length APDUs which are necessary for some commands to work properly. -The `:standalone:libs` task invokes a Makefile in `src/cz/crcs/ectester/standalone/libs/jni`, which tries to build the +The `:standalone:libs` task invokes a Makefile in `standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni`, which tries to build the C/C++ shim libraries required for ECTester to test the actual native cryptographic libraries from Java. The Makefile uses pkg-config to locate the libraries installed, thus if non-standard location of the tested libraries is used, the Makefile or your pkg-config needs some changes to work. @@ -298,7 +298,6 @@ Currently supported libraries include: - [Botan](https://botan.randombit.net/) - [Microsoft CNG](https://msdn.microsoft.com/en-us/library/windows/desktop/aa376210(v=vs.85).aspx) - [Intel Performance Primitives Crypto](https://github.com/intel/ipp-crypto) - - [MatrixSSL](https://github.com/matrixssl/matrixssl) - [MbedTLS](https://github.com/ARMmbed/mbedtls) - [Nettle](https://www.lysator.liu.se/~nisse/nettle/) - [LibreSSL](https://www.libressl.org/) @@ -312,7 +311,7 @@ For more information on ECC libraries see [LIBS](docs/LIBS.md). ./gradlew :standalone:uberJar # To build the standalone tool (jar) -> "standalone/build/libs/ECTesterStandalone.jar" ``` Simply doing the above should build everything necessary to test libraries via the standalone app, -(except the BoringSSL, LibreSSL, ipp-crypto and MatrixSSL libraries) +(except the BoringSSL, LibreSSL, ipp-crypto, mbedTLS, and wolfCrypt libraries) the sections below describe the details of how that works and what needs to be done if it doesn't. To see whether your build was successful, run: @@ -324,40 +323,48 @@ specifying `LD_LIBRARY_PATH` will help load it. Consulting the next sections sho #### Native -ECTester interfaces with native libraries by using custom shim libraries that expose the functionality via the [Java Native Interface](https://en.wikipedia.org/wiki/Java_Native_Interface), these can be found in the [src/cz/crcs/ectester/standalone/libs/jni](src/cz/crcs/ectester/standalone/libs/jni) directory along with a Makefile (Makefile.bat for Windows). The shim library will depend on the native library, and have a name like `boringssl_provider.so`, `botan_provider.so`, `cryptopp_provider.so` and `openssl_provider.so`. The Makefile has a target for every library that it supports that builds its shim, see the `help` target for more info. The Makefile is automatically ran when the `:standalone:libs` gradle task is triggered, so if all is setup correctly, you do not need to deal with the Makefile while building. +ECTester interfaces with native libraries by using custom shim libraries that expose the functionality via the [Java Native Interface](https://en.wikipedia.org/wiki/Java_Native_Interface), these can be found in the [standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni](standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni) directory along with a Makefile (Makefile.bat for Windows). The shim library will depend on the native library, and have a name like `boringssl_provider.so`, `botan_provider.so`, `cryptopp_provider.so` and `openssl_provider.so`. The Makefile has a target for every library that it supports that builds its shim, see the `help` target for more info. The Makefile is automatically ran when the `:standalone:libs` gradle task is triggered, so if all is setup correctly, you do not need to deal with the Makefile while building. There are two important environmental variables that should be set in your environment. First, you should set `JAVA_HOME` which should point to your JDK. The tooling uses `JAVA_HOME` to locate native Java library headers, like `jni.h`. Second, ECTester uses pkg-config to locate the native libraries, if your pkg-config files are in an unusual place the pkg-config command would not find them by default, you should set `PKG_CONFIG_PATH` to the directory containing the `*.pc` files. If pkg-config files are unavailable for the library you are trying to test, you will need to change the Makefile manually to apply the correct options to the commands (CFLAGS, include options, linker options...). Below you can see how a full build with all the libraries currently supported on Linux looks ``` -> cd src/cz/crcs/ectester/standalone/libs/jni +> cd standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni > make -cc -DLTM_DESC -I/usr/local/include -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c tomcrypt.c -cc -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c c_utils.c -cc -o lib_timing.so -shared -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -Wl,-soname,lib_timing.so c_timing.c -g++ -I/usr/include/botan-2 -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c botan.cpp -g++ -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c cpp_utils.cpp -g++ -I/usr/local/include -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c cryptopp.cpp -cc -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c openssl.c -cc -I../../../../../../../ext/boringssl/include/ -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c boringssl.c -cp ../../../../../../../ext/boringssl/build/crypto/libcrypto.so lib_boringssl.so -cc -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c gcrypt.c -cc -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c mbedtls.c -cc -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -c ippcp.c -cc -fPIC -I"/usr/lib/jvm/java-8-openjdk/include" -I"/usr/lib/jvm/java-8-openjdk/include/linux" -I. -O2 -Imatrixssl/ -c matrixssl.c -cc -fPIC -shared -O2 -o tomcrypt_provider.so -Wl,-rpath,'$ORIGIN/lib' tomcrypt.o c_utils.o -L. -ltommath -L/usr/local/lib -ltomcrypt -l:lib_timing.so -cc -fPIC -shared -O2 -o openssl_provider.so -Wl,-rpath,'$ORIGIN/lib' openssl.o c_utils.o -L. -lssl -lcrypto -l:lib_timing.so +cc -DLTM_DESC -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c tomcrypt.c +cc -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c c_utils.c +cc -o lib_timing.so -shared -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -Wl,-soname,lib_timing.so c_timing.c +cc -fPIC -shared -O2 -o tomcrypt_provider.so -Wl,-rpath,'$ORIGIN/lib' tomcrypt.o c_utils.o -L. -ltommath -ltomcrypt -l:lib_timing.so +g++ -I/usr/include/botan-2 -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c botan.cpp +g++ -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c cpp_utils.cpp +g++ -fPIC -shared -O2 -o botan_provider.so -Wl,-rpath,'$ORIGIN/lib' botan.o cpp_utils.o -L. -lbotan-2 -fstack-protector -m64 -pthread -l:lib_timing.so +g++ -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c cryptopp.cpp +g++ -fPIC -shared -O2 -o cryptopp_provider.so -Wl,-rpath,'$ORIGIN/lib' cryptopp.o cpp_utils.o -L. -lcryptopp -l:lib_timing.so +cc -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c openssl.c +cc -fPIC -shared -O2 -o openssl_provider.so -Wl,-rpath,'$ORIGIN/lib' openssl.o c_utils.o -L. -lssl -lcrypto -l:lib_timing.so +cc -I../../../../../../../../../../boringssl/include/ -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c boringssl.c +cp ../../../../../../../../../../boringssl/build/crypto/libcrypto.so lib_boringssl.so cc -fPIC -shared -O2 -o boringssl_provider.so -Wl,-rpath,'$ORIGIN/lib' boringssl.o c_utils.o -L. lib_boringssl.so -l:lib_timing.so -cc -fPIC -shared -O2 -o gcrypt_provider.so -Wl,-rpath,'$ORIGIN/lib' gcrypt.o c_utils.o -L. -lgcrypt -lgpg-error -l:lib_timing.so -cc -fPIC -shared -O2 -o mbedtls_provider.so -Wl,-rpath,'$ORIGIN/lib' mbedtls.o c_utils.o -L. -lmbedcrypto -l:lib_timing.so -cc -fPIC -shared -O2 -o ippcp_provider.so -Wl,-rpath,'$ORIGIN/lib' ippcp.o c_utils.o -L. -lippcp -l:lib_timing.so -cc -fPIC -shared -O2 -o matrixssl_provider.so -Wl,-rpath,'$ORIGIN/lib' -L. matrixssl.o c_utils.o libcrypt_s.a libcore_s.a -l:lib_timing.so -g++ -fPIC -shared -O2 -o botan_provider.so -Wl,-rpath,'$ORIGIN/lib' botan.o cpp_utils.o -L. -lbotan-2 -fstack-protector -m64 -pthread -l:lib_timing.so -g++ -fPIC -shared -O2 -o cryptopp_provider.so -Wl,-rpath,'$ORIGIN/lib' cryptopp.o cpp_utils.o -L. -L/usr/local/lib -lcryptopp -l:lib_timing.so +cc -I/usr/local/include -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c gcrypt.c +cc -fPIC -shared -O2 -o gcrypt_provider.so -Wl,-rpath,'$ORIGIN/lib' gcrypt.o c_utils.o -L. -L/usr/local/lib -lgcrypt -lgpg-error -l:lib_timing.so +cc -I../../../../../../../../../../ext/mbedtls/include/ -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c mbedtls.c +cp ../../../../../../../../../../ext/mbedtls/build/library/libmbedcrypto.so lib_mbedtls.so +cc -fPIC -shared -O2 -o mbedtls_provider.so -Wl,-rpath,'$ORIGIN/lib' mbedtls.o c_utils.o -L. lib_mbedtls.so -l:lib_timing.so +cc -I../../../../../../../../../../ipp-crypto/build/.build/RELEASE/include/ -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c ippcp.c +cp ../../../../../../../../../../ipp-crypto/build/.build/RELEASE/lib/libippcp.so lib_ippcp.so +cc -fPIC -shared -O2 -o ippcp_provider.so -Wl,-rpath,'$ORIGIN/lib' ippcp.o c_utils.o -L. lib_ippcp.so -l:lib_timing.so +cc -lhogweed -lgmp -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c nettle.c +cc -fPIC -shared -O2 -o nettle_provider.so -Wl,-rpath,'$ORIGIN/lib' nettle.o c_utils.o -L. -lnettle -l:lib_timing.so -lhogweed -lgmp +cc -I../../../../../../../../../../ext/libressl/include/ -fPIC -I"/usr/lib/jvm/java-21-openjdk/include" -I"/usr/lib/jvm/java-21-openjdk/include/linux" -I. -Wno-deprecated-declarations -O2 -c libressl.c +cp ../../../../../../../../../../ext/libressl/build/crypto/libcrypto.so lib_libressl.so +cc -fPIC -shared -O2 -o libressl_provider.so -Wl,-rpath,'$ORIGIN/lib' libressl.o c_utils.o -L. lib_libressl.so -l:lib_timing.so ``` -BoringSSL, LibreSSL, ipp-crypto and partially wolfCrypt are included as git submodules. Make sure you run: `git submodule update --init --recursive` -after checking out the ECTester repository to initialize them. To build BoringSSL do: +BoringSSL, LibreSSL, ipp-crypto, mbedTLS and partially wolfCrypt are included as git submodules. +Make sure you run: `git submodule update --init --recursive` +after checking out the ECTester repository to initialize them. + +To build BoringSSL do: ```shell cd ext/boringssl cmake -GNinja -Bbuild -DBUILD_SHARED_LIBS=1 @@ -383,6 +390,17 @@ cd build ninja ``` +To build mbedTLS do: +```shell +cd ext/mbedtls +python -m venv virt +. virt/bin/activate +pip install -r scripts/basic.requirements.txt +cmake -GNinja -Bbuild -DUSE_SHARED_MBEDTLS_LIBRARY=On +cd build +ninja +``` + To build wolfCrypt-JNI do: (You need to have wolfSSL installed and ready for development) ```shell @@ -397,19 +415,19 @@ The produced `lib/wolfcrypt-jni.jar` will be automatically included into the sta However, the produced `lib/libwolfcryptjni.so` native library will not be automatically loaded. You thus need to include it on `LD_LIBRARY_PATH`. +Consult the GitHub CI [build script](.github/workflows/build.yml) for an example that runs on Ubuntu 22.04. + #### Java OpenJDK JRE is required to test ECDH on Windows properly, as Oracle JRE requires the Java Cryptography Providers for certain classes (such as a [KeyAgreement](https://docs.oracle.com/javase/8/docs/api/javax/crypto/KeyAgreement.html)) to be signed by keys that are signed by their JCA Code Signing Authority. ECTester internally uses Java Cryptography Provider -API to expose and test native libraries. OpenJDK for Windows can be obtained from [ojdkbuild/ojdkbuild](https://github.com/ojdkbuild/ojdkbuild). +API to expose and test native libraries. Installing the Java Cryptography Extension Unlimited Strength policy files is necessary to do testing -with quite a lot of practical key sizes, they are available for download: +(for Java 8) with quite a lot of practical key sizes, they are available for download: - - [Java 6](http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html) - - [Java 7](http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html) - [Java 8](http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html) To install, place them in `${java.home}/jre/lib/security/`. @@ -419,39 +437,39 @@ To install, place them in `${java.home}/jre/lib/security/`. Snippet below shows how the `list-libs` command for well, listing currently supported libraries, behaves if all supported libraries are present (on Linux). ``` > java -jar ECTesterStandalone.jar list-libs - - Sun Elliptic Curve provider (EC, ECDSA, ECDH) - - Version: 1.800000 + - Sun Elliptic Curve provider + - Version: 21.000000 - Supports native timing: [] - KeyPairGenerators: EC - KeyAgreements: ECDH - - Signatures: NONEwithECDSA, ECDSA, SHA384withECDSA, SHA224withECDSA, SHA512withECDSA, SHA256withECDSA - - Curves: X9.62 c2tnb191v1, X9.62 c2tnb191v2, X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP160r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, secp112r1, secp112r2, secp128r1, secp128r2, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, sect113r1, sect113r2, sect131r1, sect131r2, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1 + - Signatures: SHA3-256withECDSA, NONEwithECDSA, ECDSA, SHA3-384withECDSA, SHA384withECDSA, SHA3-512withECDSA, SHA224withECDSA, SHA512withECDSA, SHA3-224withECDSA, SHA256withECDSA + - Curves: secp256r1, secp384r1, secp521r1 - - BouncyCastle Security Provider v1.58 - - Version: 1.580000 + - BouncyCastle Security Provider v1.77 + - Version: 1.770000 - Supports native timing: [] - - KeyPairGenerators: ECMQV, ECDSA, EC, ECDH, ECDHC - - KeyAgreements: ECCDHwithSHA384KDF, ECDHwithSHA256KDF, ECDHwithSHA384KDF, ECDHwithSHA1KDF, ECDHwithSHA224KDF, ECDH, ECDHC, ECDHwithSHA512KDF, ECCDHwithSHA1KDF, ECCDHwithSHA512KDF, ECCDHwithSHA224KDF, ECCDHwithSHA256KDF - - Signatures: SHA1withCVC-ECDSA, NONEwithECDSA, ECGOST3410, SHA256withECNR, ECGOST3410-2012-512, SHA512withECDDSA, GOST3411-2012-512withECGOST3410-2012-512, SHA3-512withECDSA, SHA384withPLAIN-ECDSA, SHA256withECDSA, SHA224withECDDSA, SHA256withECDDSA, ECDSA, SHA3-256withECDSA, SHA256withPLAIN-ECDSA, SHA224withECNR, SHA384withECDDSA, SHA512withECNR, SHA256withCVC-ECDSA, SHA1withECNR, ECDDSA, SHA1withPLAIN-ECDSA, GOST3411-2012-256withECGOST3410-2012-256, SHA384withCVC-ECDSA, SHA512withPLAIN-ECDSA, SHA224withCVC-ECDSA, SHA3-224withECDSA, SHA3-224withECDDSA, SHA224withPLAIN-ECDSA, SHA3-384withECDDSA, SHA384withECDSA, SHA3-384withECDSA, SHA3-512withECDDSA, SM3withSM2, GOST3411withECGOST3410, SHA224withECDSA, SHA512withECDSA, RIPEMD160withECDSA, ECGOST3410-2012-256, SHA512withCVC-ECDSA, RIPEMD160withPLAIN-ECDSA, SHA3-256withECDDSA - - Curves: B-163, B-233, B-283, B-409, B-571, FRP256v1, K-163, K-233, K-283, K-409, K-571, P-192, P-224, P-256, P-384, P-521, brainpoolp160r1, brainpoolp160t1, brainpoolp192r1, brainpoolp192t1, brainpoolp224r1, brainpoolp224t1, brainpoolp256r1, brainpoolp256t1, brainpoolp320r1, brainpoolp320t1, brainpoolp384r1, brainpoolp384t1, brainpoolp512r1, brainpoolp512t1, c2pnb163v1, c2pnb163v2, c2pnb163v3, c2pnb176w1, c2pnb208w1, c2pnb272w1, c2pnb304w1, c2pnb368w1, c2tnb191v1, c2tnb191v2, c2tnb191v3, c2tnb239v1, c2tnb239v2, c2tnb239v3, c2tnb359v1, c2tnb431r1, prime192v1, prime192v2, prime192v3, prime239v1, prime239v2, prime239v3, prime256v1, secp112r1, secp112r2, secp128r1, secp128r2, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, sect113r1, sect113r2, sect131r1, sect131r2, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, sm2p256v1, wapip192v1 + - KeyPairGenerators: ECDSA, ECMQV, EC, ECDH, ECDHC + - KeyAgreements: ECCDHwithSHA384KDF, ECDHwithSHA384KDF, ECDHwithSHA256KDF, ECDHwithSHA1KDF, ECDHwithSHA224KDF, ECDH, ECDHC, ECDHwithSHA512KDF, ECCDHwithSHA1KDF, ECCDHwithSHA512KDF, ECCDHwithSHA224KDF, ECCDHwithSHA256KDF + - Signatures: SHA1withCVC-ECDSA, NONEwithECDSA, ECGOST3410, SHA256withECNR, ECGOST3410-2012-512, SHA512withECDDSA, GOST3411-2012-512withECGOST3410-2012-512, SHA3-512withECDSA, SHA384withPLAIN-ECDSA, SHA256withECDSA, SHA256withECDDSA, SHA224withECDDSA, SHA3-256withECDSA, ECDSA, SHA256withPLAIN-ECDSA, SHA224withECNR, SHA384withECDDSA, SHA512withECNR, SHA256withCVC-ECDSA, SHA1withECNR, ECDDSA, SHA1withPLAIN-ECDSA, GOST3411-2012-256withECGOST3410-2012-256, SHA512withPLAIN-ECDSA, SHA384withCVC-ECDSA, SHA224withCVC-ECDSA, SHA3-224withECDSA, SHA3-224withECDDSA, SHA224withPLAIN-ECDSA, SHA3-384withECDDSA, SHA384withECDSA, SHA3-384withECDSA, SHA3-512withECDDSA, SM3withSM2, GOST3411withECGOST3410, ECGOST3410-2012-256, SHA224withECDSA, SHA512withECDSA, RIPEMD160withECDSA, SHA512withCVC-ECDSA, RIPEMD160withPLAIN-ECDSA, SHA3-256withECDDSA + - Curves: B-163, B-233, B-283, B-409, B-571, FRP256v1, GostR3410-2001-CryptoPro-A, GostR3410-2001-CryptoPro-B, GostR3410-2001-CryptoPro-C, GostR3410-2001-CryptoPro-XchA, GostR3410-2001-CryptoPro-XchB, K-163, K-233, K-283, K-409, K-571, P-192, P-224, P-256, P-384, P-521, Tc26-Gost-3410-12-256-paramSetA, Tc26-Gost-3410-12-512-paramSetA, Tc26-Gost-3410-12-512-paramSetB, Tc26-Gost-3410-12-512-paramSetC, brainpoolP160r1, brainpoolP160t1, brainpoolP192r1, brainpoolP192t1, brainpoolP224r1, brainpoolP224t1, brainpoolP256r1, brainpoolP256t1, brainpoolP320r1, brainpoolP320t1, brainpoolP384r1, brainpoolP384t1, brainpoolP512r1, brainpoolP512t1, c2pnb163v1, c2pnb163v2, c2pnb163v3, c2pnb176w1, c2pnb208w1, c2pnb272w1, c2pnb304w1, c2pnb368w1, c2tnb191v1, c2tnb191v2, c2tnb191v3, c2tnb239v1, c2tnb239v2, c2tnb239v3, c2tnb359v1, c2tnb431r1, prime192v1, prime192v2, prime192v3, prime239v1, prime239v2, prime239v3, prime256v1, secp112r1, secp112r2, secp128r1, secp128r2, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, sect113r1, sect113r2, sect131r1, sect131r2, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, sm2p256v1, wapi192v1, wapip192v1 - - libtomcrypt 1.18.1 - - Version: 1.180000 + - libtomcrypt 1.18.2 + - Version: 1.000000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - KeyPairGenerators: EC - KeyAgreements: ECDH - Signatures: NONEwithECDSA - Curves: ECC-192, ECC-224, ECC-256, ECC-384, ECC-521, SECP112R1, SECP128R1, SECP160R1 - - Botan 2.11.0 (release, dated 20190701, revision git:16a726c3ad10316bd8d37b6118a5cc52894e8e8f, distribution unspecified) - - Version: 2.110000 + - Botan 2.19.3 (release, dated 20221116, revision git:15dc32f12d05e99a267f0fc47d88b678b71b8b05, distribution unspecified) + - Version: 2.000000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - - KeyPairGenerators: ECGDSA, ECDSA, ECKCDSA, ECDH - - KeyAgreements: ECDHwithSHA256KDF, ECDHwithSHA384KDF, ECDHwithSHA1KDF, ECDHwithSHA224KDF, ECDH, ECDHwithSHA512KDF + - KeyPairGenerators: ECGDSA, ECKCDSA, ECDSA, ECDH + - KeyAgreements: ECDHwithSHA384KDF, ECDHwithSHA256KDF, ECDHwithSHA1KDF, ECDHwithSHA224KDF, ECDH, ECDHwithSHA512KDF - Signatures: NONEwithECDSA, NONEwithECKCDSA, SHA256withECKCDSA, SHA512withECGDSA, SHA256withECDSA, NONEwithECGDSA, ECKCDSA, ECDSA, SHA224withECKCDSA, SHA384withECKCDSA, SHA224withECGDSA, SHA384withECDSA, ECGDSA, SHA384withECGDSA, SHA224withECDSA, SHA512withECDSA, SHA512withECKCDSA - - Curves: brainpool160r1, brainpool192r1, brainpool224r1, brainpool256r1, brainpool320r1, brainpool384r1, brainpool512r1, frp256v1, gost_256A, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, sm2p256v1, x962_p192v2, x962_p192v3, x962_p239v1, x962_p239v2, x962_p239v3 + - Curves: brainpool160r1, brainpool192r1, brainpool224r1, brainpool256r1, brainpool320r1, brainpool384r1, brainpool512r1, frp256v1, gost_256A, gost_512A, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, sm2p256v1, x962_p192v2, x962_p192v3, x962_p239v1, x962_p239v2, x962_p239v3 - - Crypto++ 8.3.0 + - Crypto++ 8.9.0 - Version: 8.000000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - KeyPairGenerators: ECDSA, ECDH @@ -459,60 +477,67 @@ Snippet below shows how the `list-libs` command for well, listing currently supp - Signatures: ECDSA, SHA384withECDSA, SHA224withECDSA, SHA512withECDSA, SHA256withECDSA - Curves: 1.2.156.10197.1.301, 1.2.156.10197.1.301.3.1, 1.2.840.10045.3.1.1, 1.2.840.10045.3.1.7, 1.3.132.0.1, 1.3.132.0.10, 1.3.132.0.15, 1.3.132.0.16, 1.3.132.0.17, 1.3.132.0.2, 1.3.132.0.22, 1.3.132.0.23, 1.3.132.0.24, 1.3.132.0.25, 1.3.132.0.26, 1.3.132.0.27, 1.3.132.0.28, 1.3.132.0.29, 1.3.132.0.3, 1.3.132.0.30, 1.3.132.0.31, 1.3.132.0.32, 1.3.132.0.33, 1.3.132.0.34, 1.3.132.0.35, 1.3.132.0.36, 1.3.132.0.37, 1.3.132.0.38, 1.3.132.0.39, 1.3.132.0.4, 1.3.132.0.5, 1.3.132.0.6, 1.3.132.0.7, 1.3.132.0.8, 1.3.132.0.9, 1.3.36.3.3.2.8.1.1.1, 1.3.36.3.3.2.8.1.1.11, 1.3.36.3.3.2.8.1.1.13, 1.3.36.3.3.2.8.1.1.3, 1.3.36.3.3.2.8.1.1.5, 1.3.36.3.3.2.8.1.1.7, 1.3.36.3.3.2.8.1.1.9 - - OpenSSL 1.1.1c 28 May 2019 - - Version: 1.110000 + - OpenSSL 3.2.1 30 Jan 2024 + - Version: 3.200000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - KeyPairGenerators: EC - KeyAgreements: ECDH - Signatures: NONEwithECDSA - Curves: Oakley-EC2N-3, Oakley-EC2N-4, SM2, brainpoolP160r1, brainpoolP160t1, brainpoolP192r1, brainpoolP192t1, brainpoolP224r1, brainpoolP224t1, brainpoolP256r1, brainpoolP256t1, brainpoolP320r1, brainpoolP320t1, brainpoolP384r1, brainpoolP384t1, brainpoolP512r1, brainpoolP512t1, c2pnb163v1, c2pnb163v2, c2pnb163v3, c2pnb176v1, c2pnb208w1, c2pnb272w1, c2pnb304w1, c2pnb368w1, c2tnb191v1, c2tnb191v2, c2tnb191v3, c2tnb239v1, c2tnb239v2, c2tnb239v3, c2tnb359v1, c2tnb431r1, prime192v1, prime192v2, prime192v3, prime239v1, prime239v2, prime239v3, prime256v1, secp112r1, secp112r2, secp128r1, secp128r2, secp160k1, secp160r1, secp160r2, secp192k1, secp224k1, secp224r1, secp256k1, secp384r1, secp521r1, sect113r1, sect113r2, sect131r1, sect131r2, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, wap-wsg-idm-ecid-wtls1, wap-wsg-idm-ecid-wtls10, wap-wsg-idm-ecid-wtls11, wap-wsg-idm-ecid-wtls12, wap-wsg-idm-ecid-wtls3, wap-wsg-idm-ecid-wtls4, wap-wsg-idm-ecid-wtls5, wap-wsg-idm-ecid-wtls6, wap-wsg-idm-ecid-wtls7, wap-wsg-idm-ecid-wtls8, wap-wsg-idm-ecid-wtls9 - - OpenSSL 1.1.0 (compatible; BoringSSL) - - Version: 1.100000 + - OpenSSL 1.1.1 (compatible; BoringSSL) + - Version: 1.110000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - KeyPairGenerators: EC - KeyAgreements: ECDH - Signatures: NONEwithECDSA - Curves: prime256v1, secp224r1, secp384r1, secp521r1 - - libgcrypt 1.8.4 - - Version: 1.800000 + - libgcrypt 1.10.3-unknown + - Version: 1.000000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - KeyPairGenerators: EC - KeyAgreements: ECDH - Signatures: SHA224withECDDSA, SHA256withECDDSA, NONEwithECDSA, ECDSA, ECDDSA, SHA384withECDSA, SHA512withECDDSA, SHA224withECDSA, SHA512withECDSA, SHA384withECDDSA, SHA256withECDSA - - Curves: Curve25519, Ed25519, GOST2001-CryptoPro-A, GOST2001-CryptoPro-B, GOST2001-CryptoPro-C, GOST2001-test, GOST2012-tc26-A, GOST2012-tc26-B, GOST2012-test, NIST P-192, NIST P-224, NIST P-256, NIST P-384, NIST P-521, brainpoolP160r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, secp256k1 + - Curves: Curve25519, Ed25519, Ed448, GOST2001-CryptoPro-A, GOST2001-CryptoPro-B, GOST2001-CryptoPro-C, GOST2001-test, GOST2012-256-A, GOST2012-512-tc26-A, GOST2012-512-tc26-B, GOST2012-512-tc26-C, GOST2012-512-test, NIST P-192, NIST P-224, NIST P-256, NIST P-384, NIST P-521, X448, brainpoolP160r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, secp256k1, sm2p256v1 - wolfCrypt JCE Provider - - Version: 1.000000 + - Version: 1.500000 - Supports native timing: [] - - KeyPairGenerators: EC - KeyAgreements: ECDH - Signatures: ECDSA, SHA384withECDSA, SHA512withECDSA, SHA256withECDSA - - mbed TLS 2.16.0 + - Mbed TLS 3.5.2 - Version: 3.000000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - KeyPairGenerators: EC - KeyAgreements: ECDH - Signatures: NONEwithECDSA - - Curves: brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1 + - Curves: brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, x25519, x448 - - 2020.0.0 (-) - - Version: 2020.000000 + - 2021.7.0 (11.5 ) (-) + - Version: 2021.700000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - KeyPairGenerators: EC - KeyAgreements: ECDH - Signatures: NONEwithECDSA - Curves: secp112r1, secp112r2, secp128r1, secp128r2, secp160r1, secp160r2, secp192r1, secp224r1, secp256r1, secp384r1, secp521r1 - - MatrixSSL - - Version: 4.100000 + - Nettle + - Version: 3.900000 + - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] + - KeyPairGenerators: EC + - KeyAgreements: ECDH + - Signatures: NONEwithECDSA + - Curves: secp192r1, secp224r1, secp256r1, secp384r1, secp521r1 + + - LibreSSL 3.9.0 + - Version: 3.900000 - Supports native timing: [cputime-processor, cputime-thread, monotonic, monotonic-raw, rdtsc] - KeyPairGenerators: EC - KeyAgreements: ECDH - Signatures: NONEwithECDSA - - Curves: brainpoolP224r1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, secp192r1, secp224r1, secp256r1, secp384r1, secp521r1 + - Curves: FRP256v1, brainpoolP160r1, brainpoolP160t1, brainpoolP192r1, brainpoolP192t1, brainpoolP224r1, brainpoolP224t1, brainpoolP256r1, brainpoolP256t1, brainpoolP320r1, brainpoolP320t1, brainpoolP384r1, brainpoolP384t1, brainpoolP512r1, brainpoolP512t1, prime192v1, prime192v2, prime192v3, prime239v1, prime239v2, prime239v3, prime256v1, secp112r1, secp112r2, secp128r1, secp128r2, secp160k1, secp160r1, secp160r2, secp192k1, secp224k1, secp224r1, secp256k1, secp384r1, secp521r1, wap-wsg-idm-ecid-wtls12, wap-wsg-idm-ecid-wtls6, wap-wsg-idm-ecid-wtls7, wap-wsg-idm-ecid-wtls8, wap-wsg-idm-ecid-wtls9 ``` Snippet below demonstrates generation of 1000 (`-n`) keys on the named curve `secp256r1` (`-nc`) using the BouncyCastle library. diff --git a/applet/build.gradle.kts b/applet/build.gradle.kts index d5ef7f4..61071c2 100644 --- a/applet/build.gradle.kts +++ b/applet/build.gradle.kts @@ -48,7 +48,11 @@ dependencies { // Include plugin as it has bundled GP & other tools. // Alternative: include GP manually, but the included // version has to be compatible with the plugin. - runtimeOnly("com.klinec:gradle-javacard:1.8.0") + runtimeOnly("com.klinec:gradle-javacard:1.8.0") { + // Exclude old BouncyCastle (we have newer). + exclude(group = "org.bouncycastle", module="bcpkix-jdk15on") + } + runtimeOnly("org.bouncycastle:bcpkix-jdk18on:1.77") } java { diff --git a/docs/LIBS.md b/docs/LIBS.md index 7baec65..4f10dfe 100644 --- a/docs/LIBS.md +++ b/docs/LIBS.md @@ -108,11 +108,6 @@ ninja - Uses comb method for short Weierstrass curves, using (randomized) Jacobian coordinates. - <http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#doubling-dbl-1998-cmo-2> - Uses Montgomery ladder with xz coordinates for Montgomery curves. - - [MatrixSSL](https://github.com/matrixssl/matrixssl) - - C - - Only supports prime field curves. - - Uses 4 bit sliding window. - - Uses projective coordinates. - [Intel Performance Primitives](https://software.intel.com/en-us/ipp-crypto-reference-2019) - C - Only supports prime field curves. diff --git a/ext/libressl b/ext/libressl -Subproject 577970ab842f7e352048d45fe930ddd21f4190f +Subproject 69449e791b5e99408a686fa68c2e5745a950162 diff --git a/ext/mbedtls b/ext/mbedtls new file mode 160000 +Subproject 611f899c0c9d397baedfaec34ea0861ad254399 diff --git a/reader/build.gradle.kts b/reader/build.gradle.kts index ac32214..0e8de4e 100644 --- a/reader/build.gradle.kts +++ b/reader/build.gradle.kts @@ -61,6 +61,6 @@ tasks.register<Jar>("uberJar") { dependsOn(configurations.runtimeClasspath) from({ - configurations.runtimeClasspath.get().filter { it.name.endsWith("jar") }.map { zipTree(it).matching { exclude("META-INF/*.DSA", "META-INF/*.SF", "META-INF/*.RSA", "META-INF/versions/*/module-info.class") } } + configurations.runtimeClasspath.get().filter { it.name.endsWith("jar") }.map { zipTree(it).matching { exclude("META-INF/*.DSA", "META-INF/*.SF", "META-INF/*.RSA", "META-INF/versions/*/module-info.class", "apdu4j/*") } } }) }
\ No newline at end of file diff --git a/standalone/build.gradle.kts b/standalone/build.gradle.kts index d05480d..c3c4b9a 100644 --- a/standalone/build.gradle.kts +++ b/standalone/build.gradle.kts @@ -82,6 +82,9 @@ tasks.register<Jar>("uberJar") { manifest { attributes["Main-Class"] = application.mainClass + if (JavaVersion.current() > JavaVersion.VERSION_1_8) { + attributes["Add-Exports"] = "jdk.crypto.ec/sun.security.ec" + } } dependsOn(configurations.runtimeClasspath) diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java index cfdb964..53e9024 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java @@ -121,7 +121,6 @@ public class ECTesterStandalone { WolfCryptLib.class, MbedTLSLib.class, IppcpLib.class, - MatrixsslLib.class, NettleLib.class, LibresslLib.class}; for (Class<?> c : libClasses) { diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/MatrixsslLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/MatrixsslLib.java deleted file mode 100644 index fcc13ea..0000000 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/MatrixsslLib.java +++ /dev/null @@ -1,20 +0,0 @@ -package cz.crcs.ectester.standalone.libs; - -import java.security.Provider; -import java.util.Set; - -/** - * @author Jan Jancar johny@neuromancer.sk - */ -public class MatrixsslLib extends NativeECLibrary { - - public MatrixsslLib() { - super("matrixssl_provider"); - } - - @Override - native Provider createProvider(); - - @Override - public native Set<String> getCurves(); -} diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/MbedTLSLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/MbedTLSLib.java index ace10d7..5c0ad12 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/MbedTLSLib.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/MbedTLSLib.java @@ -9,7 +9,7 @@ import java.util.Set; public class MbedTLSLib extends NativeECLibrary { public MbedTLSLib() { - super("mbedtls_provider", "mbedcrypto"); + super("mbedtls_provider", "lib_mbedtls.so"); } @Override diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeECPrivateKey.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeECPrivateKey.java index 34f04e9..a788181 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeECPrivateKey.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeECPrivateKey.java @@ -120,13 +120,6 @@ public abstract class NativeECPrivateKey implements ECPrivateKey { } @SuppressWarnings("serial") - public static class Matrixssl extends Raw { - public Matrixssl(byte[] keyData, ECParameterSpec params) { - super(keyData, params); - } - } - - @SuppressWarnings("serial") public static class Libressl extends Raw { public Libressl(byte[] keyData, ECParameterSpec params) { super(keyData, params); diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeECPublicKey.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeECPublicKey.java index 16d903d..4761f11 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeECPublicKey.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeECPublicKey.java @@ -121,13 +121,6 @@ public abstract class NativeECPublicKey implements ECPublicKey { } @SuppressWarnings("serial") - public static class Matrixssl extends ANSIX962 { - public Matrixssl(byte[] keyData, ECParameterSpec params) { - super(keyData, params); - } - } - - @SuppressWarnings("serial") public static class Libressl extends ANSIX962 { public Libressl(byte[] keyData, ECParameterSpec params) { super(keyData, params); diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java index 938af73..894da27 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java @@ -354,26 +354,6 @@ public abstract class NativeKeyAgreementSpi extends KeyAgreementSpi { } } - public abstract static class Matrixssl extends SimpleKeyAgreementSpi { - private final String type; - - public Matrixssl(String type) { - this.type = type; - } - - @Override - native byte[] generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params); - - @Override - native SecretKey generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params, String algorithm); - } - - public static class MatrixsslECDH extends Matrixssl { - public MatrixsslECDH() { - super("ECDH"); - } - } - public abstract static class Libressl extends SimpleKeyAgreementSpi { private final String type; diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java index 4b5d652..0a9487f 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java @@ -293,25 +293,6 @@ public abstract class NativeKeyPairGeneratorSpi extends KeyPairGeneratorSpi { @Override native KeyPair generate(AlgorithmParameterSpec params, SecureRandom random); } - - public static class Matrixssl extends NativeKeyPairGeneratorSpi { - - public Matrixssl() { - initialize(256, new SecureRandom()); - } - - @Override - native boolean keysizeSupported(int keysize); - - @Override - native boolean paramsSupported(AlgorithmParameterSpec params); - - @Override - native KeyPair generate(int keysize, SecureRandom random); - - @Override - native KeyPair generate(AlgorithmParameterSpec params, SecureRandom random); - } public static class Libressl extends NativeKeyPairGeneratorSpi { diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeProvider.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeProvider.java index e036937..9ea1186 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeProvider.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeProvider.java @@ -125,17 +125,6 @@ public abstract class NativeProvider extends Provider { } @SuppressWarnings("serial") - public static class Matrixssl extends NativeProvider { - - public Matrixssl(String name, double version, String info) { - super(name, version, info); - } - - @Override - native void setup(); - } - - @SuppressWarnings("serial") public static class Libressl extends NativeProvider { public Libressl(String name, double version, String info) { diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeSignatureSpi.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeSignatureSpi.java index fd8d5ca..571a2ee 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeSignatureSpi.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeSignatureSpi.java @@ -505,27 +505,6 @@ public abstract class NativeSignatureSpi extends SignatureSpi { } } - public abstract static class Matrixssl extends SimpleSignatureSpi { - private final String type; - - public Matrixssl(String type) { - this.type = type; - } - - @Override - native byte[] sign(byte[] data, byte[] privkey, ECParameterSpec params); - - @Override - native boolean verify(byte[] signature, byte[] data, byte[] pubkey, ECParameterSpec params); - } - - public static class MatrixsslECDSAwithNONE extends Matrixssl { - - public MatrixsslECDSAwithNONE() { - super("NONEwithECDSA"); - } - } - public abstract static class Mscng extends ExtendedSignatureSpi { private final String type; diff --git a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/.gitignore b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/.gitignore index 777d8e0..5b1c500 100644 --- a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/.gitignore +++ b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/.gitignore @@ -1,6 +1,3 @@ -libcore_s.a -libcrypt_s.a -matrixssl/ *.o *.so diff --git a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/Makefile b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/Makefile index be7449c..1fa16c0 100644 --- a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/Makefile +++ b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/Makefile @@ -5,8 +5,8 @@ CC?=gcc CXX?=g++ LFLAGS+=-fPIC -shared -CFLAGS+=-fPIC -I"$(JNI_INCLUDEDIR)" -I"$(JNI_PLATFORMINCLUDEDIR)" -I. -CXXFLAGS+=-fPIC -I"$(JNI_INCLUDEDIR)" -I"$(JNI_PLATFORMINCLUDEDIR)" -I. +CFLAGS+=-fPIC -I"$(JNI_INCLUDEDIR)" -I"$(JNI_PLATFORMINCLUDEDIR)" -I. -Wno-deprecated-declarations +CXXFLAGS+=-fPIC -I"$(JNI_INCLUDEDIR)" -I"$(JNI_PLATFORMINCLUDEDIR)" -I. -Wno-deprecated-declarations DEBUG ?= 0 PROJECT_ROOT_PATH ?= ../../../../../../../../../.. @@ -59,7 +59,7 @@ JNI_PLATFORMINCLUDEDIR ?= $(JNI_INCLUDEDIR)/$(JNI_PLATFORM) ############################################################################### ## Targets. -all: tomcrypt botan cryptopp openssl boringssl gcrypt mbedtls ippcp matrixssl nettle libressl +all: tomcrypt botan cryptopp openssl boringssl gcrypt mbedtls ippcp nettle libressl # Common utils c_utils.o: c_utils.c @@ -142,11 +142,14 @@ cryptopp.o: cryptopp.cpp # mbedTLS shim mbedtls: mbedtls_provider.so -mbedtls_provider.so: mbedtls.o c_utils.o | lib_timing.so - $(CC) $(LFLAGS) -o $@ -Wl,-rpath,'$$ORIGIN/lib' $^ -L. -lmbedcrypto -l:lib_timing.so +lib_mbedtls.so: + cp $(PROJECT_ROOT_PATH)/ext/mbedtls/build/library/libmbedcrypto.so lib_mbedtls.so + +mbedtls_provider.so: mbedtls.o c_utils.o | lib_timing.so lib_mbedtls.so + $(CC) $(LFLAGS) -o $@ -Wl,-rpath,'$$ORIGIN/lib' $^ -L. lib_mbedtls.so -l:lib_timing.so mbedtls.o: mbedtls.c - $(CC) $(CFLAGS) -c $< + $(CC) -I$(PROJECT_ROOT_PATH)/ext/mbedtls/build/include/ $(CFLAGS) -c $< # Intel Performance Primitives crypto shim @@ -162,16 +165,6 @@ ippcp.o: ippcp.c $(CC) -I$(PROJECT_ROOT_PATH)/ext/ipp-crypto/build/.build/RELEASE/include/ $(CFLAGS) -c $< -# MatrixSSL shim -matrixssl: matrixssl_provider.so - -matrixssl_provider.so: matrixssl.o c_utils.o | lib_timing.so - $(CC) $(LFLAGS) -o $@ -Wl,-rpath,'$$ORIGIN/lib' -L. $^ libcrypt_s.a libcore_s.a -l:lib_timing.so - -matrixssl.o: matrixssl.c - $(CC) $(CFLAGS) -Imatrixssl/ -c $< - - # Nettle shim nettle: nettle_provider.so @@ -192,7 +185,7 @@ libressl_provider.so: libressl.o c_utils.o | lib_timing.so lib_libressl.so $(CC) $(LFLAGS) -o $@ -Wl,-rpath,'$$ORIGIN/lib' $^ -L. lib_libressl.so -l:lib_timing.so libressl.o: libressl.c - $(CC) -I$(PROJECT_ROOT_PATH)/ext/libressl/include/ $(CFLAGS) -c $< + $(CC) -I$(PROJECT_ROOT_PATH)/ext/libressl/build/include/ $(CFLAGS) -c $< help: @@ -206,7 +199,6 @@ help: @echo " - cryptopp" @echo " - mbedtls" @echo " - ippcp" - @echo " - matrixssl" @echo " - nettle" @echo " - libressl" @@ -215,4 +207,4 @@ clean: rm -rf *.o rm -rf *.so -.PHONY: all help clean openssl boringssl gcrypt tomcrypt botan cryptopp mbedtls ippcp matrixssl nettle libressl +.PHONY: all help clean openssl boringssl gcrypt tomcrypt botan cryptopp mbedtls ippcp nettle libressl diff --git a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/libressl.c b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/libressl.c index 2a1eaa7..be1b749 100644 --- a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/libressl.c +++ b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/libressl.c @@ -1,7 +1,6 @@ #include "native.h" #include <string.h> -#include <openssl/conf.h> #include <openssl/opensslv.h> #include <openssl/objects.h> #include <openssl/obj_mac.h> diff --git a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/matrixssl.c b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/matrixssl.c deleted file mode 100644 index 8324dd4..0000000 --- a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/matrixssl.c +++ /dev/null @@ -1,397 +0,0 @@ -#include "native.h" -#include <string.h> -#include <stdio.h> - -#include <cryptoApi.h> -#include <coreApi.h> - -#include "c_utils.h" -#include "c_timing.h" - -static jclass provider_class; - - -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_createProvider(JNIEnv *env, jobject this) { - /* Create the custom provider. */ - jclass local_provider_class = (*env)->FindClass(env, "cz/crcs/ectester/standalone/libs/jni/NativeProvider$Matrixssl"); - provider_class = (*env)->NewGlobalRef(env, local_provider_class); - - jmethodID init = (*env)->GetMethodID(env, local_provider_class, "<init>", "(Ljava/lang/String;DLjava/lang/String;)V"); - - jstring name = (*env)->NewStringUTF(env, "MatrixSSL"); - double version = 4.1; - - return (*env)->NewObject(env, provider_class, init, name, version, name); -} - -JNIEXPORT void JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeProvider_00024Matrixssl_setup(JNIEnv *env, jobject this) { - INIT_PROVIDER(env, provider_class); - - ADD_KPG(env, this, "EC", "Matrixssl"); - ADD_KA(env, this, "ECDH", "MatrixsslECDH"); - ADD_SIG(env, this, "NONEwithECDSA", "MatrixsslECDSAwithNONE"); - - psCoreOpen(PSCORE_CONFIG); - psOpenPrng(); - - init_classes(env, "Matrixssl"); -} - - -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_getCurves(JNIEnv *env, jobject this) { - jclass hash_set_class = (*env)->FindClass(env, "java/util/TreeSet"); - - jmethodID hash_set_ctr = (*env)->GetMethodID(env, hash_set_class, "<init>", "()V"); - jmethodID hash_set_add = (*env)->GetMethodID(env, hash_set_class, "add", "(Ljava/lang/Object;)Z"); - - jobject result = (*env)->NewObject(env, hash_set_class, hash_set_ctr); - size_t i = 0; - while (eccCurves[i].size > 0) { - jstring curve_name = (*env)->NewStringUTF(env, eccCurves[i].name); - (*env)->CallBooleanMethod(env, result, hash_set_add, curve_name); - i++; - } - return result; -} - -JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_keysizeSupported(JNIEnv *env, jobject this, jint keysize) { - size_t i = 0; - while (eccCurves[i].size > 0) { - if (eccCurves[i].size * 8 == keysize) { - return JNI_TRUE; - } - i++; - } - return JNI_FALSE; -} - -JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_paramsSupported(JNIEnv *env, jobject this, jobject params) { - if (params == NULL) { - return JNI_FALSE; - } - - if ((*env)->IsInstanceOf(env, params, ec_parameter_spec_class)) { - jmethodID get_curve = (*env)->GetMethodID(env, ec_parameter_spec_class, "getCurve", "()Ljava/security/spec/EllipticCurve;"); - jobject curve = (*env)->CallObjectMethod(env, params, get_curve); - - jmethodID get_field = (*env)->GetMethodID(env, elliptic_curve_class, "getField", "()Ljava/security/spec/ECField;"); - jobject field = (*env)->CallObjectMethod(env, curve, get_field); - if ((*env)->IsInstanceOf(env, field, f2m_field_class)) { - return JNI_FALSE; - } - return JNI_TRUE; - } else if ((*env)->IsInstanceOf(env, params, ecgen_parameter_spec_class)) { - jmethodID get_name = (*env)->GetMethodID(env, ecgen_parameter_spec_class, "getName", "()Ljava/lang/String;"); - jstring name = (*env)->CallObjectMethod(env, params, get_name); - const char *utf_name = (*env)->GetStringUTFChars(env, name, NULL); - size_t i = 0; - while (eccCurves[i].size > 0) { - if (strcasecmp(utf_name, eccCurves[i].name) == 0) { - (*env)->ReleaseStringUTFChars(env, name, utf_name); - return JNI_TRUE; - } - i++; - } - (*env)->ReleaseStringUTFChars(env, name, utf_name); - return JNI_FALSE; - } else { - return JNI_FALSE; - } -} - - -static jobject create_ec_param_spec(JNIEnv *env, const psEccCurve_t *curve) { - jmethodID biginteger_init = (*env)->GetMethodID(env, biginteger_class, "<init>", "(Ljava/lang/String;I)V"); - - jstring p_string = (*env)->NewStringUTF(env, curve->prime); - jobject p = (*env)->NewObject(env, biginteger_class, biginteger_init, p_string, (jint) 16); - - jmethodID fp_field_init = (*env)->GetMethodID(env, fp_field_class, "<init>", "(Ljava/math/BigInteger;)V"); - jobject field = (*env)->NewObject(env, fp_field_class, fp_field_init, p); - - jstring a_string = (*env)->NewStringUTF(env, curve->A); - jobject a = (*env)->NewObject(env, biginteger_class, biginteger_init, a_string, (jint) 16); - jstring b_string = (*env)->NewStringUTF(env, curve->B); - jobject b = (*env)->NewObject(env, biginteger_class, biginteger_init, b_string, (jint) 16); - - jmethodID elliptic_curve_init = (*env)->GetMethodID(env, elliptic_curve_class, "<init>", "(Ljava/security/spec/ECField;Ljava/math/BigInteger;Ljava/math/BigInteger;)V"); - jobject elliptic_curve = (*env)->NewObject(env, elliptic_curve_class, elliptic_curve_init, field, a, b); - - jstring gx_string = (*env)->NewStringUTF(env, curve->Gx); - jstring gy_string = (*env)->NewStringUTF(env, curve->Gy); - jobject gx = (*env)->NewObject(env, biginteger_class, biginteger_init, gx_string, (jint) 16); - jobject gy = (*env)->NewObject(env, biginteger_class, biginteger_init, gy_string, (jint) 16); - - jmethodID point_init = (*env)->GetMethodID(env, point_class, "<init>", "(Ljava/math/BigInteger;Ljava/math/BigInteger;)V"); - jobject g = (*env)->NewObject(env, point_class, point_init, gx, gy); - - jstring n_string = (*env)->NewStringUTF(env, curve->order); - jobject n = (*env)->NewObject(env, biginteger_class, biginteger_init, n_string, (jint) 16); - - jmethodID ec_parameter_spec_init = (*env)->GetMethodID(env, ec_parameter_spec_class, "<init>", "(Ljava/security/spec/EllipticCurve;Ljava/security/spec/ECPoint;Ljava/math/BigInteger;I)V"); - return (*env)->NewObject(env, ec_parameter_spec_class, ec_parameter_spec_init, elliptic_curve, g, n, (jint) 1); -} - -static psEccCurve_t *create_curve(JNIEnv *env, jobject params) { - psEccCurve_t *curve = calloc(sizeof(psEccCurve_t), 1); - - jmethodID get_curve = (*env)->GetMethodID(env, ec_parameter_spec_class, "getCurve", "()Ljava/security/spec/EllipticCurve;"); - jobject elliptic_curve = (*env)->CallObjectMethod(env, params, get_curve); - - jmethodID get_field = (*env)->GetMethodID(env, elliptic_curve_class, "getField", "()Ljava/security/spec/ECField;"); - jobject field = (*env)->CallObjectMethod(env, elliptic_curve, get_field); - - jmethodID get_bits = (*env)->GetMethodID(env, fp_field_class, "getFieldSize", "()I"); - jint bits = (*env)->CallIntMethod(env, field, get_bits); - jint bytes = (bits + 7) / 8; - curve->size = bytes; - - jmethodID get_p = (*env)->GetMethodID(env, fp_field_class, "getP", "()Ljava/math/BigInteger;"); - jobject p = (*env)->CallObjectMethod(env, field, get_p); - - jmethodID get_a = (*env)->GetMethodID(env, elliptic_curve_class, "getA", "()Ljava/math/BigInteger;"); - jobject a = (*env)->CallObjectMethod(env, elliptic_curve, get_a); - - jmethodID get_b = (*env)->GetMethodID(env, elliptic_curve_class, "getB", "()Ljava/math/BigInteger;"); - jobject b = (*env)->CallObjectMethod(env, elliptic_curve, get_b); - - jmethodID get_g = (*env)->GetMethodID(env, ec_parameter_spec_class, "getGenerator", "()Ljava/security/spec/ECPoint;"); - jobject g = (*env)->CallObjectMethod(env, params, get_g); - - jmethodID get_x = (*env)->GetMethodID(env, point_class, "getAffineX", "()Ljava/math/BigInteger;"); - jobject gx = (*env)->CallObjectMethod(env, g, get_x); - - jmethodID get_y = (*env)->GetMethodID(env, point_class, "getAffineY", "()Ljava/math/BigInteger;"); - jobject gy = (*env)->CallObjectMethod(env, g, get_y); - - jmethodID get_n = (*env)->GetMethodID(env, ec_parameter_spec_class, "getOrder", "()Ljava/math/BigInteger;"); - jobject n = (*env)->CallObjectMethod(env, params, get_n); - - //jmethodID get_h = (*env)->GetMethodID(env, ec_parameter_spec_class, "getCofactor", "()I"); - //jint h = (*env)->CallIntMethod(env, params, get_h); - - jmethodID get_bitlength = (*env)->GetMethodID(env, biginteger_class, "bitLength", "()I"); - jint ord_bits = (*env)->CallIntMethod(env, n, get_bitlength); - jint ord_bytes = (ord_bits + 7) / 8; - - curve->prime = biginteger_to_hex(env, p, bytes); - curve->A = biginteger_to_hex(env, a, bytes); - curve->B = biginteger_to_hex(env, b, bytes); - curve->Gx = biginteger_to_hex(env, gx, bytes); - curve->Gy = biginteger_to_hex(env, gy, bytes); - curve->order = biginteger_to_hex(env, n, ord_bytes); - return curve; -} - -static void free_curve(psEccCurve_t *curve) { - free((char *)curve->prime); - free((char *)curve->A); - free((char *)curve->B); - free((char *)curve->order); - free((char *)curve->Gx); - free((char *)curve->Gy); -} - -static jobject generate_from_curve(JNIEnv *env, const psEccCurve_t *curve) { - psEccKey_t *key; - int32_t err = psEccNewKey(NULL, &key, curve); - err = psEccInitKey(NULL, key, curve); - - native_timing_start(); - err = psEccGenKey(NULL, key, curve, NULL); - native_timing_stop(); - - if (err < 0) { - throw_new(env, "java/security/GeneralSecurityException", "Couldn't generate key."); - psEccClearKey(key); - psEccDeleteKey(&key); - return NULL; - } - - jbyteArray priv = (*env)->NewByteArray(env, pstm_unsigned_bin_size(&key->k)); - jbyte *priv_data = (*env)->GetByteArrayElements(env, priv, NULL); - pstm_to_unsigned_bin(NULL, &key->k, (unsigned char *) priv_data); - (*env)->ReleaseByteArrayElements(env, priv, priv_data, 0); - - jint xlen = pstm_unsigned_bin_size(&key->pubkey.x); - jint ylen = pstm_unsigned_bin_size(&key->pubkey.y); - jbyteArray pub = (*env)->NewByteArray(env, 1 + xlen + ylen); - jbyte *pub_data = (*env)->GetByteArrayElements(env, pub, NULL); - pub_data[0] = 0x04; - pstm_to_unsigned_bin(NULL, &key->pubkey.x, (unsigned char *) (pub_data + 1)); - pstm_to_unsigned_bin(NULL, &key->pubkey.y, (unsigned char *) (pub_data + 1 + xlen)); - (*env)->ReleaseByteArrayElements(env, pub, pub_data, 0); - - jobject ec_param_spec = create_ec_param_spec(env, curve); - - jobject ec_pub_param_spec = (*env)->NewLocalRef(env, ec_param_spec); - jmethodID ec_pub_init = (*env)->GetMethodID(env, pubkey_class, "<init>", "([BLjava/security/spec/ECParameterSpec;)V"); - jobject pubkey = (*env)->NewObject(env, pubkey_class, ec_pub_init, pub, ec_pub_param_spec); - - jobject ec_priv_param_spec = (*env)->NewLocalRef(env, ec_param_spec); - jmethodID ec_priv_init = (*env)->GetMethodID(env, privkey_class, "<init>", "([BLjava/security/spec/ECParameterSpec;)V"); - jobject privkey = (*env)->NewObject(env, privkey_class, ec_priv_init, priv, ec_priv_param_spec); - - jmethodID keypair_init = (*env)->GetMethodID(env, keypair_class, "<init>", "(Ljava/security/PublicKey;Ljava/security/PrivateKey;)V"); - - psEccDeleteKey(&key); - - return (*env)->NewObject(env, keypair_class, keypair_init, pubkey, privkey); -} - -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_generate__ILjava_security_SecureRandom_2(JNIEnv *env, jobject this, jint keysize, jobject random) { - size_t i = 0; - while (eccCurves[i].size > 0) { - if (eccCurves[i].size * 8 == keysize) { - return generate_from_curve(env, &eccCurves[i]); - } - i++; - } - return NULL; -} - -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_generate__Ljava_security_spec_AlgorithmParameterSpec_2Ljava_security_SecureRandom_2(JNIEnv *env, jobject this, jobject params, jobject random) { - if ((*env)->IsInstanceOf(env, params, ec_parameter_spec_class)) { - psEccCurve_t *curve = create_curve(env, params); - jobject result = generate_from_curve(env, curve); - free_curve(curve); - return result; - } else if ((*env)->IsInstanceOf(env, params, ecgen_parameter_spec_class)) { - jmethodID get_name = (*env)->GetMethodID(env, ecgen_parameter_spec_class, "getName", "()Ljava/lang/String;"); - jstring name = (*env)->CallObjectMethod(env, params, get_name); - const char* utf_name = (*env)->GetStringUTFChars(env, name, NULL); - size_t i = 0; - while (eccCurves[i].size > 0) { - if (strcasecmp(utf_name, eccCurves[i].name) == 0) { - break; - } - i++; - } - (*env)->ReleaseStringUTFChars(env, name, utf_name); - return generate_from_curve(env, &eccCurves[i]); - } else { - return NULL; - } -} - -static psEccKey_t *bytearray_to_privkey(JNIEnv *env, jbyteArray privkey, const psEccCurve_t *curve) { - psEccKey_t *result; - psEccNewKey(NULL, &result, curve); - psEccInitKey(NULL, result, curve); - - pstm_init_for_read_unsigned_bin(NULL, &result->k, curve->size); - jint len = (*env)->GetArrayLength(env, privkey); - jbyte *priv_data = (*env)->GetByteArrayElements(env, privkey, NULL); - pstm_read_unsigned_bin(&result->k, (unsigned char *) priv_data, len); - (*env)->ReleaseByteArrayElements(env, privkey, priv_data, JNI_ABORT); - result->type = PS_PRIVKEY; - - return result; -} - -static psEccKey_t *bytearray_to_pubkey(JNIEnv *env, jbyteArray pubkey, const psEccCurve_t *curve) { - psEccKey_t *result; - psEccNewKey(NULL, &result, curve); - psEccInitKey(NULL, result, curve); - - pstm_init_for_read_unsigned_bin(NULL, &result->pubkey.x, curve->size); - pstm_init_for_read_unsigned_bin(NULL, &result->pubkey.y, curve->size); - pstm_init_for_read_unsigned_bin(NULL, &result->pubkey.z, curve->size); - jbyte *pubkey_data = (*env)->GetByteArrayElements(env, pubkey, NULL); - pstm_read_unsigned_bin(&result->pubkey.x, (unsigned char *) (pubkey_data + 1), curve->size); - pstm_read_unsigned_bin(&result->pubkey.y, (unsigned char *) (pubkey_data + 1 + curve->size), curve->size); - (*env)->ReleaseByteArrayElements(env, pubkey, pubkey_data, JNI_ABORT); - pstm_set(&result->pubkey.z, 1); - result->type = PS_PUBKEY; - - return result; -} - -JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024Matrixssl_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2(JNIEnv *env, jobject this, jbyteArray pubkey, jbyteArray privkey, jobject params) { - psEccCurve_t *curve = create_curve(env, params); - - psEccKey_t *priv = bytearray_to_privkey(env, privkey, curve); - psEccKey_t *pub = bytearray_to_pubkey(env, pubkey, curve); - - jbyteArray result = (*env)->NewByteArray(env, curve->size); - jbyte *result_data = (*env)->GetByteArrayElements(env, result, NULL); - psSize_t outlen = curve->size; - - native_timing_start(); - int32_t err = psEccGenSharedSecret(NULL, priv, pub, (unsigned char *) result_data, &outlen, NULL); - native_timing_stop(); - (*env)->ReleaseByteArrayElements(env, result, result_data, 0); - - psEccDeleteKey(&priv); - psEccDeleteKey(&pub); - free_curve(curve); - - if (err < 0) { - throw_new(env, "java/security/GeneralSecurityException", "Couldn't derive secret."); - return NULL; - } - - return result; -} - -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024Matrixssl_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2Ljava_lang_String_2(JNIEnv *env, jobject this, jbyteArray pubkey, jbyteArray privkey, jobject params, jstring algorithm) { - throw_new(env, "java/lang/UnsupportedOperationException", "Not supported."); - return NULL; -} - -JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Matrixssl_sign(JNIEnv *env, jobject this, jbyteArray data, jbyteArray privkey, jobject params) { - psEccCurve_t *curve = create_curve(env, params); - - psEccKey_t *priv = bytearray_to_privkey(env, privkey, curve); - - psSize_t siglen = 512; - uint8_t sig[siglen]; - - jint data_len = (*env)->GetArrayLength(env, data); - jbyte *data_data = (*env)->GetByteArrayElements(env, data, NULL); - native_timing_start(); - int32_t err = psEccDsaSign(NULL, priv, (unsigned char *) data_data, data_len, sig, &siglen, 0, NULL); - native_timing_stop(); - - psEccDeleteKey(&priv); - free_curve(curve); - - if (err < 0) { - throw_new(env, "java/security/GeneralSecurityException", "Couldn't sign data."); - return NULL; - } - - jbyteArray result = (*env)->NewByteArray(env, siglen); - jbyte *result_data = (*env)->GetByteArrayElements(env, result, NULL); - memcpy(result_data, sig, siglen); - (*env)->ReleaseByteArrayElements(env, result, result_data, 0); - - return result; -} - -JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Matrixssl_verify(JNIEnv *env, jobject this, jbyteArray signature, jbyteArray data, jbyteArray pubkey, jobject params) { - psEccCurve_t *curve = create_curve(env, params); - psEccKey_t *pub = bytearray_to_pubkey(env, pubkey, curve); - - jint data_len = (*env)->GetArrayLength(env, data); - jint sig_len = (*env)->GetArrayLength(env, signature); - jbyte *data_data = (*env)->GetByteArrayElements(env, data, NULL); - jbyte *sig_data = (*env)->GetByteArrayElements(env, signature, NULL); - - int32_t result; - native_timing_start(); - int32_t err = psEccDsaVerify(NULL, pub, (unsigned char *) data_data, data_len, (unsigned char *) sig_data, sig_len, &result, NULL); - native_timing_stop(); - (*env)->ReleaseByteArrayElements(env, data, data_data, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, signature, sig_data, JNI_ABORT); - - free_curve(curve); - psEccDeleteKey(&pub); - - if (err < 0) { - throw_new(env, "java/security/GeneralSecurityException", "Couldn't verify signature."); - return JNI_FALSE; - } - - return result < 0 ? JNI_FALSE : JNI_TRUE; -}
\ No newline at end of file diff --git a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/mbedtls.c b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/mbedtls.c index d618de2..a21c7cc 100644 --- a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/mbedtls.c +++ b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/mbedtls.c @@ -1,5 +1,7 @@ #include "native.h" #include <string.h> +#include <stdio.h> +#include <stdlib.h> #include <mbedtls/ecdsa.h> #include <mbedtls/ecdh.h> @@ -7,7 +9,6 @@ #include <mbedtls/version.h> #include <mbedtls/entropy.h> #include <mbedtls/ctr_drbg.h> -#include <stdio.h> #include "c_utils.h" #include "c_timing.h" @@ -224,8 +225,7 @@ static jobject create_ec_param_spec(JNIEnv *env, const mbedtls_ecp_group *group) jclass ecutil_class = (*env)->FindClass(env, "cz/crcs/ectester/common/util/ECUtil"); jmethodID from_X962 = (*env)->GetStaticMethodID(env, ecutil_class, "fromX962", "([BLjava/security/spec/EllipticCurve;)Ljava/security/spec/ECPoint;"); - size_t point_len; - mbedtls_ecp_point_write_binary(group, &group->G, MBEDTLS_ECP_PF_UNCOMPRESSED, &point_len, NULL, 0); + size_t point_len = 2 * mbedtls_mpi_size(&group->P) + 1; jbyteArray g_bytes = (*env)->NewByteArray(env, (jint) point_len); jbyte *g_data = (*env)->GetByteArrayElements(env, g_bytes, NULL); mbedtls_ecp_point_write_binary(group, &group->G, MBEDTLS_ECP_PF_UNCOMPRESSED, &point_len, g_data, point_len); @@ -239,7 +239,7 @@ static jobject create_ec_param_spec(JNIEnv *env, const mbedtls_ecp_group *group) return (*env)->NewObject(env, ec_parameter_spec_class, ec_parameter_spec_init, elliptic_curve, g, n, h); } -static void create_curve(JNIEnv *env, jobject params, mbedtls_ecp_group *group) { +static int create_curve(JNIEnv *env, jobject params, mbedtls_ecp_group *group) { mbedtls_ecp_group_init(group); group->id = 0; @@ -270,13 +270,27 @@ static void create_curve(JNIEnv *env, jobject params, mbedtls_ecp_group *group) jbyteArray point_array = (jbyteArray) (*env)->CallStaticObjectMethod(env, ecutil_class, to_uncompressed, g, bitsize); jsize data_size = (*env)->GetArrayLength(env, point_array); jbyte *point_data = (*env)->GetByteArrayElements(env, point_array, NULL); - mbedtls_ecp_point_read_binary(group, &group->G, point_data, data_size); + // The mbedtls_ecp_point_read_binary function we use to setup the generator actually + // internally relies on the group generator already being set to a sane value. + // Thus we need to set it to the point at infinity first, only then can we load the + // correct generator. + int error = mbedtls_ecp_set_zero(&group->G); + if (error) { + throw_new_var(env, "java/security/GeneralSecurityException", err_to_string(error)); + return error; + } + error = mbedtls_ecp_point_read_binary(group, &group->G, point_data, data_size); (*env)->ReleaseByteArrayElements(env, point_array, point_data, JNI_ABORT); + if (error) { + throw_new_var(env, "java/security/GeneralSecurityException", err_to_string(error)); + return error; + } jmethodID get_n = (*env)->GetMethodID(env, ec_parameter_spec_class, "getOrder", "()Ljava/math/BigInteger;"); jobject n = (*env)->CallObjectMethod(env, params, get_n); mpi_from_biginteger(env, n, &group->N); group->pbits = group->nbits = mbedtls_mpi_bitlen(&group->P); + return 0; } static jobject generate_from_curve(JNIEnv *env, mbedtls_ecp_group *group) { @@ -368,7 +382,10 @@ JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPai JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024MbedTLS_generate__Ljava_security_spec_AlgorithmParameterSpec_2Ljava_security_SecureRandom_2(JNIEnv *env, jobject this, jobject params, jobject random) { if ((*env)->IsInstanceOf(env, params, ec_parameter_spec_class)) { mbedtls_ecp_group curve; - create_curve(env, params, &curve); + int error = create_curve(env, params, &curve); + if (error) { + return NULL; + } jobject result = generate_from_curve(env, &curve); mbedtls_ecp_group_free(&curve); return result; @@ -416,7 +433,10 @@ static void create_privkey(JNIEnv *env, jbyteArray privkey, mbedtls_mpi *priv) { JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024MbedTLS_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2(JNIEnv *env, jobject this, jbyteArray pubkey, jbyteArray privkey, jobject params) { mbedtls_ecp_group curve; - create_curve(env, params, &curve); + int error = create_curve(env, params, &curve); + if (error) { + return NULL; + } mbedtls_ecp_point pub; create_pubkey(env, pubkey, &curve, &pub); @@ -428,7 +448,7 @@ JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKey mbedtls_mpi_init(&result); native_timing_start(); - int error = mbedtls_ecdh_compute_shared(&curve, &result, &pub, &priv, ctr_drbg_wrapper, &ctr_drbg); + error = mbedtls_ecdh_compute_shared(&curve, &result, &pub, &priv, ctr_drbg_wrapper, &ctr_drbg); native_timing_stop(); if (error) { @@ -462,7 +482,10 @@ JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgr JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024MbedTLS_sign(JNIEnv *env, jobject this, jbyteArray data, jbyteArray privkey, jobject params) { mbedtls_ecp_group curve; - create_curve(env, params, &curve); + int error = create_curve(env, params, &curve); + if (error) { + return NULL; + } mbedtls_mpi priv; create_privkey(env, privkey, &priv); @@ -476,7 +499,7 @@ JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSig jbyte *data_data = (*env)->GetByteArrayElements(env, data, NULL); native_timing_start(); - int error = mbedtls_ecdsa_sign(&curve, &r, &s, &priv, (unsigned char *) data_data, data_size, ctr_drbg_wrapper, &ctr_drbg); + error = mbedtls_ecdsa_sign(&curve, &r, &s, &priv, (unsigned char *) data_data, data_size, ctr_drbg_wrapper, &ctr_drbg); native_timing_stop(); mbedtls_mpi_free(&priv); @@ -503,7 +526,10 @@ JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSig JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024MbedTLS_verify(JNIEnv *env, jobject this, jbyteArray signature, jbyteArray data, jbyteArray pubkey, jobject params) { mbedtls_ecp_group curve; - create_curve(env, params, &curve); + int error = create_curve(env, params, &curve); + if (error) { + return JNI_FALSE; + } mbedtls_ecp_point pub; create_pubkey(env, pubkey, &curve, &pub); @@ -532,7 +558,7 @@ JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSigna jbyte *data_data = (*env)->GetByteArrayElements(env, data, NULL); native_timing_start(); - int error = mbedtls_ecdsa_verify(&curve, (unsigned char *) data_data, data_size, &pub, &r, &s); + error = mbedtls_ecdsa_verify(&curve, (unsigned char *) data_data, data_size, &pub, &r, &s); native_timing_stop(); (*env)->ReleaseByteArrayElements(env, data, data_data, JNI_ABORT); diff --git a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/native.h b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/native.h index 8f5b521..dcaf57c 100644 --- a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/native.h +++ b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/native.h @@ -1680,187 +1680,6 @@ JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSigna } #endif #endif -/* Header for class cz_crcs_ectester_standalone_libs_MatrixsslLib */ - -#ifndef _Included_cz_crcs_ectester_standalone_libs_MatrixsslLib -#define _Included_cz_crcs_ectester_standalone_libs_MatrixsslLib -#ifdef __cplusplus -extern "C" { -#endif -/* - * Class: cz_crcs_ectester_standalone_libs_MatrixsslLib - * Method: createProvider - * Signature: ()Ljava/security/Provider; - */ -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_createProvider - (JNIEnv *, jobject); - -/* - * Class: cz_crcs_ectester_standalone_libs_MatrixsslLib - * Method: getCurves - * Signature: ()Ljava/util/Set; - */ -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_getCurves - (JNIEnv *, jobject); - -#ifdef __cplusplus -} -#endif -#endif -/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl */ - -#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl -#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl -#ifdef __cplusplus -extern "C" { -#endif -#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID -#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID 1421746759512286392LL -#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_MAX_ARRAY_SIZE -#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_MAX_ARRAY_SIZE 2147483639L -#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_KEYS -#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_KEYS 0L -#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_VALUES -#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_VALUES 1L -#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_ENTRIES -#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_ENTRIES 2L -#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID -#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID 4112578634029874840LL -#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID -#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID -4298000515446427739LL -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl - * Method: setup - * Signature: ()V - */ -JNIEXPORT void JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeProvider_00024Matrixssl_setup - (JNIEnv *, jobject); - -#ifdef __cplusplus -} -#endif -#endif -/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl */ - -#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl -#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl -#ifdef __cplusplus -extern "C" { -#endif -#undef cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl_DEFAULT_KEYSIZE -#define cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl_DEFAULT_KEYSIZE 256L -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl - * Method: keysizeSupported - * Signature: (I)Z - */ -JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_keysizeSupported - (JNIEnv *, jobject, jint); - -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl - * Method: paramsSupported - * Signature: (Ljava/security/spec/AlgorithmParameterSpec;)Z - */ -JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_paramsSupported - (JNIEnv *, jobject, jobject); - -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl - * Method: generate - * Signature: (ILjava/security/SecureRandom;)Ljava/security/KeyPair; - */ -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_generate__ILjava_security_SecureRandom_2 - (JNIEnv *, jobject, jint, jobject); - -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl - * Method: generate - * Signature: (Ljava/security/spec/AlgorithmParameterSpec;Ljava/security/SecureRandom;)Ljava/security/KeyPair; - */ -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_generate__Ljava_security_spec_AlgorithmParameterSpec_2Ljava_security_SecureRandom_2 - (JNIEnv *, jobject, jobject, jobject); - -#ifdef __cplusplus -} -#endif -#endif -/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeECPublicKey_Matrixssl */ - -#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeECPublicKey_Matrixssl -#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeECPublicKey_Matrixssl -#ifdef __cplusplus -extern "C" { -#endif -#ifdef __cplusplus -} -#endif -#endif -/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeECPrivateKey_Matrixssl */ - -#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeECPrivateKey_Matrixssl -#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeECPrivateKey_Matrixssl -#ifdef __cplusplus -extern "C" { -#endif -#ifdef __cplusplus -} -#endif -#endif -/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl */ - -#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl -#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl -#ifdef __cplusplus -extern "C" { -#endif -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl - * Method: generateSecret - * Signature: ([B[BLjava/security/spec/ECParameterSpec;)[B - */ -JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024Matrixssl_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2 - (JNIEnv *, jobject, jbyteArray, jbyteArray, jobject); - -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl - * Method: generateSecret - * Signature: ([B[BLjava/security/spec/ECParameterSpec;Ljava/lang/String;)Ljavax/crypto/SecretKey; - */ -JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024Matrixssl_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2Ljava_lang_String_2 - (JNIEnv *, jobject, jbyteArray, jbyteArray, jobject, jstring); - -#ifdef __cplusplus -} -#endif -#endif -/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl */ - -#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl -#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl -#ifdef __cplusplus -extern "C" { -#endif -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl - * Method: sign - * Signature: ([B[BLjava/security/spec/ECParameterSpec;)[B - */ -JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Matrixssl_sign - (JNIEnv *, jobject, jbyteArray, jbyteArray, jobject); - -/* - * Class: cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl - * Method: verify - * Signature: ([B[B[BLjava/security/spec/ECParameterSpec;)Z - */ -JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Matrixssl_verify - (JNIEnv *, jobject, jbyteArray, jbyteArray, jbyteArray, jobject); - -#ifdef __cplusplus -} -#endif -#endif /* Header for class cz_crcs_ectester_standalone_libs_LibresslLib */ #ifndef _Included_cz_crcs_ectester_standalone_libs_LibresslLib diff --git a/standalone/src/test/java/cz/crcs/ectester/standalone/LibTests.java b/standalone/src/test/java/cz/crcs/ectester/standalone/LibTests.java index 6e11ccd..48a5d89 100644 --- a/standalone/src/test/java/cz/crcs/ectester/standalone/LibTests.java +++ b/standalone/src/test/java/cz/crcs/ectester/standalone/LibTests.java @@ -28,7 +28,6 @@ public class LibTests { WolfCryptLib.class, MbedTLSLib.class, IppcpLib.class, - MatrixsslLib.class, NettleLib.class, LibresslLib.class}; for (Class<?> c : libClasses) { |