16 files changed, 776 insertions, 29 deletions

diff --git a/src/cz/crcs/ectester/standalone/libs/MatrixsslLib.java b/src/cz/crcs/ectester/standalone/libs/MatrixsslLib.java
new file mode 100644
index 0000000..93edd88
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/libs/MatrixsslLib.java
@@ -0,0 +1,29 @@
+package cz.crcs.ectester.standalone.libs;
+
+import java.security.Provider;
+import java.util.Set;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public class MatrixsslLib extends NativeECLibrary {
+
+    public MatrixsslLib() {
+        super("matrixssl_provider");
+    }
+
+    @Override
+    public native boolean supportsNativeTiming();
+
+    @Override
+    public native long getNativeTimingResolution();
+
+    @Override
+    public native long getLastNativeTiming();
+
+    @Override
+    native Provider createProvider();
+
+    @Override
+    public native Set<String> getCurves();
+}
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/.gitignore b/src/cz/crcs/ectester/standalone/libs/jni/.gitignore
new file mode 100644
index 0000000..dc3463f
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/libs/jni/.gitignore
@@ -0,0 +1,3 @@
+libcore_s.a
+libcrypt_s.a
+matrixssl/
\ No newline at end of file
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/Makefile b/src/cz/crcs/ectester/standalone/libs/jni/Makefile
index 8ae8dd4..f686b0e 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/Makefile
+++ b/src/cz/crcs/ectester/standalone/libs/jni/Makefile
@@ -58,7 +58,7 @@ JNI_PLATFORMINCLUDEDIR ?= $(JNI_INCLUDEDIR)/$(JNI_PLATFORM)
 ###############################################################################
 ## Targets.
 
-all: tomcrypt_provider.so botan_provider.so cryptopp_provider.so openssl_provider.so boringssl_provider.so gcrypt_provider.so mbedtls_provider.so ippcp_provider.so
+all: tomcrypt_provider.so botan_provider.so cryptopp_provider.so openssl_provider.so boringssl_provider.so gcrypt_provider.so mbedtls_provider.so ippcp_provider.so matrixssl_provider.so
 
 # Common utils
 c_utils.o: c_utils.c
@@ -135,6 +135,15 @@ ippcp_provider.so: ippcp.o c_utils.o c_timing.o
 ippcp.o: ippcp.c
 	$(CC) $(CFLAGS) -c $<
 
+
+# MatrixSSL shim
+matrixssl_provider.so: matrixssl.o c_utils.o c_timing.o
+	$(CC) $(LFLAGS) -o $@ -L. $^ libcrypt_s.a libcore_s.a
+
+matrixssl.o: matrixssl.c
+	$(CC) $(CFLAGS) -Imatrixssl/ -c $<
+
+
 help:
 	@echo "# This makefile builds the JNI shims necessary to test native libraries."
 	@echo "# Targets:"
@@ -146,6 +155,7 @@ help:
 	@echo "    - cryptopp_provider.so"
 	@echo "    - mbedtls_provider.so"
 	@echo "    - ippcp_provider.so"
+	@echo "    - matrixssl_provider.so"
 
 clean:
 	rm -rf *.o
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/NativeECPrivateKey.java b/src/cz/crcs/ectester/standalone/libs/jni/NativeECPrivateKey.java
index 9a22c0b..088f876 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/NativeECPrivateKey.java
+++ b/src/cz/crcs/ectester/standalone/libs/jni/NativeECPrivateKey.java
@@ -109,6 +109,12 @@ public abstract class NativeECPrivateKey implements ECPrivateKey {
         }
     }
 
+    public static class Matrixssl extends Raw {
+        public Matrixssl(byte[] keyData, ECParameterSpec params) {
+            super(keyData, params);
+        }
+    }
+
     public static class Mscng extends Raw {
         // 0 -> implicit (meta = curveName UTF16, header = full);
         // 1 -> explicit (meta = null, header = full);
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/NativeECPublicKey.java b/src/cz/crcs/ectester/standalone/libs/jni/NativeECPublicKey.java
index 8523be4..577de44 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/NativeECPublicKey.java
+++ b/src/cz/crcs/ectester/standalone/libs/jni/NativeECPublicKey.java
@@ -110,6 +110,12 @@ public abstract class NativeECPublicKey implements ECPublicKey {
         }
     }
 
+    public static class Matrixssl extends ANSIX962 {
+        public Matrixssl(byte[] keyData, ECParameterSpec params) {
+            super(keyData, params);
+        }
+    }
+
     public static class Mscng extends ANSIX962 {
         // 0 -> implicit (meta = curveName UTF16, header = full);
         // 1 -> explicit (meta = null, header = full);
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java b/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
index 662f32c..f5fdebf 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
+++ b/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
@@ -353,4 +353,24 @@ public abstract class NativeKeyAgreementSpi extends KeyAgreementSpi {
         }
     }
 
+    public abstract static class Matrixssl extends SimpleKeyAgreementSpi {
+        private String type;
+
+        public Matrixssl(String type) {
+            this.type = type;
+        }
+
+        @Override
+        native byte[] generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params);
+
+        @Override
+        native SecretKey generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params, String algorithm);
+    }
+
+    public static class MatrixsslECDH extends Matrixssl {
+        public MatrixsslECDH() {
+            super("ECDH");
+        }
+    }
+
 }
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java b/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java
index 98e6d10..963f871 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java
+++ b/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java
@@ -287,4 +287,23 @@ public abstract class NativeKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
         @Override
         native KeyPair generate(AlgorithmParameterSpec params, SecureRandom random);
     }
+
+    public static class Matrixssl extends NativeKeyPairGeneratorSpi {
+
+        public Matrixssl() {
+            initialize(256, new SecureRandom());
+        }
+
+        @Override
+        native boolean keysizeSupported(int keysize);
+
+        @Override
+        native boolean paramsSupported(AlgorithmParameterSpec params);
+
+        @Override
+        native KeyPair generate(int keysize, SecureRandom random);
+
+        @Override
+        native KeyPair generate(AlgorithmParameterSpec params, SecureRandom random);
+    }
 }
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/NativeProvider.java b/src/cz/crcs/ectester/standalone/libs/jni/NativeProvider.java
index f3e2937..979e347 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/NativeProvider.java
+++ b/src/cz/crcs/ectester/standalone/libs/jni/NativeProvider.java
@@ -113,4 +113,14 @@ public abstract class NativeProvider extends Provider {
         @Override
         native void setup();
     }
+
+    public static class Matrixssl extends NativeProvider {
+
+        public Matrixssl(String name, double version, String info) {
+            super(name, version, info);
+        }
+
+        @Override
+        native void setup();
+    }
 }
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/NativeSignatureSpi.java b/src/cz/crcs/ectester/standalone/libs/jni/NativeSignatureSpi.java
index 4db636e..81203d1 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/NativeSignatureSpi.java
+++ b/src/cz/crcs/ectester/standalone/libs/jni/NativeSignatureSpi.java
@@ -482,6 +482,27 @@ public abstract class NativeSignatureSpi extends SignatureSpi {
         }
     }
 
+    public abstract static class Matrixssl extends SimpleSignatureSpi {
+        private String type;
+
+        public Matrixssl(String type) {
+            this.type = type;
+        }
+
+        @Override
+        native byte[] sign(byte[] data, byte[] privkey, ECParameterSpec params);
+
+        @Override
+        native boolean verify(byte[] signature, byte[] data, byte[] pubkey, ECParameterSpec params);
+    }
+
+    public static class MatrixsslECDSAwithNONE extends Matrixssl {
+
+        public MatrixsslECDSAwithNONE() {
+            super("NONEwithECDSA");
+        }
+    }
+
     public abstract static class Mscng extends ExtendedSignatureSpi {
         private String type;
 
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/c_utils.c b/src/cz/crcs/ectester/standalone/libs/jni/c_utils.c
index ab221a9..a5bc14d 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/c_utils.c
+++ b/src/cz/crcs/ectester/standalone/libs/jni/c_utils.c
@@ -221,4 +221,24 @@ bool asn1_der_decode(JNIEnv *env, jbyteArray sig, jbyte **r_data, size_t *r_len,
     *s_len = s_length;
     *s_data = s_out;
     return true;
+}
+
+char *biginteger_to_hex(JNIEnv *env, jobject big, jint bytes) {
+    jmethodID to_string = (*env)->GetMethodID(env, biginteger_class, "toString", "(I)Ljava/lang/String;");
+    jstring big_string = (*env)->CallObjectMethod(env, big, to_string, (jint) 16);
+
+    jsize len = (*env)->GetStringUTFLength(env, big_string);
+    char raw_string[len];
+    (*env)->GetStringUTFRegion(env, big_string, 0, len, raw_string);
+
+    char *result = calloc(bytes, 2);
+    if (len >= bytes) {
+        return strncpy(result, raw_string, 2*bytes);
+    } else {
+        jsize diff = bytes - len;
+        for (jint i = 0; i < diff*2; ++i) {
+            result[i] = '0';
+        }
+        return strncpy(result + diff*2, raw_string, 2*bytes);
+    }
 }
\ No newline at end of file
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/c_utils.h b/src/cz/crcs/ectester/standalone/libs/jni/c_utils.h
index 82c3538..f2f3f2f 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/c_utils.h
+++ b/src/cz/crcs/ectester/standalone/libs/jni/c_utils.h
@@ -50,6 +50,11 @@ jbyteArray asn1_der_encode(JNIEnv *env, const jbyte *r, size_t r_len, const jbyt
 bool asn1_der_decode(JNIEnv *env, jbyteArray sig, jbyte **r_data, size_t *r_len, jbyte **s_data, size_t *s_len);
 
 /**
+ * Convert a BigInteger to an allocated hex string.
+ */
+char *biginteger_to_hex(JNIEnv *env, jobject big, jint bytes);
+
+/**
  * Some useful defines to init the provider.
  */
 #define INIT_PROVIDER(env, provider_class) jmethodID provider_put = (*env)->GetMethodID(env, provider_class, "put", "(Ljava/lang/Object;Ljava/lang/Object;)Ljava/lang/Object;")
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/ippcp.c b/src/cz/crcs/ectester/standalone/libs/jni/ippcp.c
index 2c5a747..fc27460 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/ippcp.c
+++ b/src/cz/crcs/ectester/standalone/libs/jni/ippcp.c
@@ -253,6 +253,10 @@ static IppsECCPState *create_curve(JNIEnv *env, jobject params, int *keysize) {
     jmethodID get_field = (*env)->GetMethodID(env, elliptic_curve_class, "getField", "()Ljava/security/spec/ECField;");
     jobject field = (*env)->CallObjectMethod(env, curve, get_field);
 
+	jmethodID get_bits = (*env)->GetMethodID(env, fp_field_class, "getFieldSize", "()I");
+    jint bits = (*env)->CallIntMethod(env, field, get_bits);
+    jint bytes = (bits + 7) / 8;
+
     jmethodID get_p = (*env)->GetMethodID(env, fp_field_class, "getP", "()Ljava/math/BigInteger;");
     jobject p = (*env)->CallObjectMethod(env, field, get_p);
 	IppsBigNumState *p_bn = biginteger_to_bn(env, p);
@@ -283,16 +287,14 @@ static IppsECCPState *create_curve(JNIEnv *env, jobject params, int *keysize) {
 	jmethodID get_h = (*env)->GetMethodID(env, ec_parameter_spec_class, "getCofactor", "()I");
 	jint h = (*env)->CallIntMethod(env, params, get_h);
 
-	jmethodID get_bitlength = (*env)->GetMethodID(env, biginteger_class, "bitLength", "()I");
-	jint prime_bits = (*env)->CallIntMethod(env, p, get_bitlength);
 	if (keysize) {
-		*keysize = prime_bits;
+		*keysize = bits;
 	}
 
 	int size;
-	ippsECCPGetSize(prime_bits, &size);
+	ippsECCPGetSize(bits, &size);
 	IppsECCPState *result = malloc(size);
-	ippsECCPInit(prime_bits, result);
+	ippsECCPInit(bits, result);
 	ippsECCPSet(p_bn, a_bn, b_bn, gx_bn, gy_bn, n_bn, h, result);
 
 	return result;
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/matrixssl.c b/src/cz/crcs/ectester/standalone/libs/jni/matrixssl.c
new file mode 100644
index 0000000..1e6936d
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/libs/jni/matrixssl.c
@@ -0,0 +1,410 @@
+#include "native.h"
+#include <string.h>
+#include <stdio.h>
+
+#include <cryptoApi.h>
+#include <coreApi.h>
+
+#include "c_utils.h"
+#include "c_timing.h"
+
+static jclass provider_class;
+
+
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_createProvider(JNIEnv *env, jobject this) {
+    /* Create the custom provider. */
+    jclass local_provider_class = (*env)->FindClass(env, "cz/crcs/ectester/standalone/libs/jni/NativeProvider$Matrixssl");
+    provider_class = (*env)->NewGlobalRef(env, local_provider_class);
+
+    jmethodID init = (*env)->GetMethodID(env, local_provider_class, "<init>", "(Ljava/lang/String;DLjava/lang/String;)V");
+
+    jstring name =  (*env)->NewStringUTF(env, "MatrixSSL");
+    double version = 4.1;
+
+    return (*env)->NewObject(env, provider_class, init, name, version, name);
+}
+
+JNIEXPORT void JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeProvider_00024Matrixssl_setup(JNIEnv *env, jobject this) {
+	INIT_PROVIDER(env, provider_class);
+
+	ADD_KPG(env, this, "EC", "Matrixssl");
+	ADD_KA(env, this, "ECDH", "MatrixsslECDH");
+	ADD_SIG(env, this, "NONEwithECDSA", "MatrixsslECDSAwithNONE");
+
+	psCoreOpen(PSCORE_CONFIG);
+	psOpenPrng();
+
+	init_classes(env, "Matrixssl");
+}
+
+
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_getCurves(JNIEnv *env, jobject this) {
+	jclass hash_set_class = (*env)->FindClass(env, "java/util/TreeSet");
+
+    jmethodID hash_set_ctr = (*env)->GetMethodID(env, hash_set_class, "<init>", "()V");
+    jmethodID hash_set_add = (*env)->GetMethodID(env, hash_set_class, "add", "(Ljava/lang/Object;)Z");
+
+    jobject result = (*env)->NewObject(env, hash_set_class, hash_set_ctr);
+	size_t i = 0;
+	while (eccCurves[i].size > 0) {
+		jstring curve_name = (*env)->NewStringUTF(env, eccCurves[i].name);
+		(*env)->CallBooleanMethod(env, result, hash_set_add, curve_name);
+		i++;
+	}
+	return result;
+}
+
+JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_keysizeSupported(JNIEnv *env, jobject this, jint keysize) {
+	size_t i = 0;
+	while (eccCurves[i].size > 0) {
+		if (eccCurves[i].size * 8 == keysize) {
+			return JNI_TRUE;
+		}
+		i++;
+	}
+	return JNI_FALSE;
+}
+
+JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_paramsSupported(JNIEnv *env, jobject this, jobject params) {
+	if (params == NULL) {
+		return JNI_FALSE;
+	}
+
+	if ((*env)->IsInstanceOf(env, params, ec_parameter_spec_class)) {
+        jmethodID get_curve = (*env)->GetMethodID(env, ec_parameter_spec_class, "getCurve", "()Ljava/security/spec/EllipticCurve;");
+        jobject curve = (*env)->CallObjectMethod(env, params, get_curve);
+
+        jmethodID get_field = (*env)->GetMethodID(env, elliptic_curve_class, "getField", "()Ljava/security/spec/ECField;");
+        jobject field = (*env)->CallObjectMethod(env, curve, get_field);
+        if ((*env)->IsInstanceOf(env, field, f2m_field_class)) {
+            return JNI_FALSE;
+        }
+        return JNI_TRUE;
+    } else if ((*env)->IsInstanceOf(env, params, ecgen_parameter_spec_class)) {
+        jmethodID get_name = (*env)->GetMethodID(env, ecgen_parameter_spec_class, "getName", "()Ljava/lang/String;");
+        jstring name = (*env)->CallObjectMethod(env, params, get_name);
+        const char *utf_name = (*env)->GetStringUTFChars(env, name, NULL);
+		size_t i = 0;
+		while (eccCurves[i].size > 0) {
+            if (strcasecmp(utf_name, eccCurves[i].name) == 0) {
+                (*env)->ReleaseStringUTFChars(env, name, utf_name);
+                return JNI_TRUE;
+            }
+			i++;
+        }
+        (*env)->ReleaseStringUTFChars(env, name, utf_name);
+        return JNI_FALSE;
+    } else {
+        return JNI_FALSE;
+    }
+}
+
+
+static jobject create_ec_param_spec(JNIEnv *env, const psEccCurve_t *curve) {
+	jmethodID biginteger_init = (*env)->GetMethodID(env, biginteger_class, "<init>", "(Ljava/lang/String;I)V");
+	
+	jstring p_string = (*env)->NewStringUTF(env, curve->prime);
+	jobject p = (*env)->NewObject(env, biginteger_class, biginteger_init, p_string, (jint) 16);
+
+	jmethodID fp_field_init = (*env)->GetMethodID(env, fp_field_class, "<init>", "(Ljava/math/BigInteger;)V");
+    jobject field = (*env)->NewObject(env, fp_field_class, fp_field_init, p);
+
+	jstring a_string = (*env)->NewStringUTF(env, curve->A);
+    jobject a = (*env)->NewObject(env, biginteger_class, biginteger_init, a_string, (jint) 16);
+	jstring b_string = (*env)->NewStringUTF(env, curve->B);
+    jobject b = (*env)->NewObject(env, biginteger_class, biginteger_init, b_string, (jint) 16);
+
+	jmethodID elliptic_curve_init = (*env)->GetMethodID(env, elliptic_curve_class, "<init>", "(Ljava/security/spec/ECField;Ljava/math/BigInteger;Ljava/math/BigInteger;)V");
+	jobject elliptic_curve = (*env)->NewObject(env, elliptic_curve_class, elliptic_curve_init, field, a, b);
+
+	jstring gx_string = (*env)->NewStringUTF(env, curve->Gx);
+    jstring gy_string = (*env)->NewStringUTF(env, curve->Gy);
+    jobject gx = (*env)->NewObject(env, biginteger_class, biginteger_init, gx_string, (jint) 16);
+    jobject gy = (*env)->NewObject(env, biginteger_class, biginteger_init, gy_string, (jint) 16);
+
+	jmethodID point_init = (*env)->GetMethodID(env, point_class, "<init>", "(Ljava/math/BigInteger;Ljava/math/BigInteger;)V");
+    jobject g = (*env)->NewObject(env, point_class, point_init, gx, gy);
+
+    jstring n_string = (*env)->NewStringUTF(env, curve->order);
+    jobject n = (*env)->NewObject(env, biginteger_class, biginteger_init, n_string, (jint) 16);
+
+    jmethodID ec_parameter_spec_init = (*env)->GetMethodID(env, ec_parameter_spec_class, "<init>", "(Ljava/security/spec/EllipticCurve;Ljava/security/spec/ECPoint;Ljava/math/BigInteger;I)V");
+    return (*env)->NewObject(env, ec_parameter_spec_class, ec_parameter_spec_init, elliptic_curve, g, n, (jint) 1);
+}
+
+static psEccCurve_t *create_curve(JNIEnv *env, jobject params) {
+	psEccCurve_t *curve = calloc(sizeof(psEccCurve_t), 1);
+
+	jmethodID get_curve = (*env)->GetMethodID(env, ec_parameter_spec_class, "getCurve", "()Ljava/security/spec/EllipticCurve;");
+    jobject elliptic_curve = (*env)->CallObjectMethod(env, params, get_curve);
+
+    jmethodID get_field = (*env)->GetMethodID(env, elliptic_curve_class, "getField", "()Ljava/security/spec/ECField;");
+    jobject field = (*env)->CallObjectMethod(env, elliptic_curve, get_field);
+
+    jmethodID get_bits = (*env)->GetMethodID(env, fp_field_class, "getFieldSize", "()I");
+    jint bits = (*env)->CallIntMethod(env, field, get_bits);
+    jint bytes = (bits + 7) / 8;
+	curve->size = bytes;
+
+	jmethodID get_p = (*env)->GetMethodID(env, fp_field_class, "getP", "()Ljava/math/BigInteger;");
+    jobject p = (*env)->CallObjectMethod(env, field, get_p);
+
+	jmethodID get_a = (*env)->GetMethodID(env, elliptic_curve_class, "getA", "()Ljava/math/BigInteger;");
+    jobject a = (*env)->CallObjectMethod(env, elliptic_curve, get_a);
+
+	jmethodID get_b = (*env)->GetMethodID(env, elliptic_curve_class, "getB", "()Ljava/math/BigInteger;");
+    jobject b = (*env)->CallObjectMethod(env, elliptic_curve, get_b);
+
+    jmethodID get_g = (*env)->GetMethodID(env, ec_parameter_spec_class, "getGenerator", "()Ljava/security/spec/ECPoint;");
+    jobject g = (*env)->CallObjectMethod(env, params, get_g);
+
+    jmethodID get_x = (*env)->GetMethodID(env, point_class, "getAffineX", "()Ljava/math/BigInteger;");
+    jobject gx = (*env)->CallObjectMethod(env, g, get_x);
+
+    jmethodID get_y = (*env)->GetMethodID(env, point_class, "getAffineY", "()Ljava/math/BigInteger;");
+    jobject gy = (*env)->CallObjectMethod(env, g, get_y);
+
+    jmethodID get_n = (*env)->GetMethodID(env, ec_parameter_spec_class, "getOrder", "()Ljava/math/BigInteger;");
+    jobject n = (*env)->CallObjectMethod(env, params, get_n);
+
+	jmethodID get_h = (*env)->GetMethodID(env, ec_parameter_spec_class, "getCofactor", "()I");
+	jint h = (*env)->CallIntMethod(env, params, get_h);
+
+	jmethodID get_bitlength = (*env)->GetMethodID(env, biginteger_class, "bitLength", "()I");
+	jint ord_bits = (*env)->CallIntMethod(env, n, get_bitlength);
+	jint ord_bytes = (ord_bits + 7) / 8;
+
+	curve->prime = biginteger_to_hex(env, p, bytes);
+	curve->A = biginteger_to_hex(env, a, bytes);
+	curve->B = biginteger_to_hex(env, b, bytes);
+	curve->Gx = biginteger_to_hex(env, gx, bytes);
+	curve->Gy = biginteger_to_hex(env, gy, bytes);
+	curve->order = biginteger_to_hex(env, n, ord_bytes);
+	return curve;
+}
+
+static void free_curve(psEccCurve_t *curve) {
+	free((char *)curve->prime);
+	free((char *)curve->A);
+	free((char *)curve->B);
+	free((char *)curve->order);
+	free((char *)curve->Gx);
+	free((char *)curve->Gy);
+}
+
+static jobject generate_from_curve(JNIEnv *env, const psEccCurve_t *curve) {
+	psEccKey_t *key;
+	int32_t err = psEccNewKey(NULL, &key, curve);
+	err = psEccInitKey(NULL, key, curve);
+
+	native_timing_start();
+	err = psEccGenKey(NULL, key, curve, NULL);
+	native_timing_stop();
+
+	if (err < 0) {
+		throw_new(env, "java/security/GeneralSecurityException", "Couldn't generate key.");
+		psEccClearKey(key);
+		psEccDeleteKey(&key);
+		return NULL;
+	}
+
+	jbyteArray priv = (*env)->NewByteArray(env, pstm_unsigned_bin_size(&key->k));
+	jbyte *priv_data = (*env)->GetByteArrayElements(env, priv, NULL);
+	pstm_to_unsigned_bin(NULL, &key->k, priv_data);
+	(*env)->ReleaseByteArrayElements(env, priv, priv_data, 0);
+
+	jint xlen = pstm_unsigned_bin_size(&key->pubkey.x);
+	jint ylen = pstm_unsigned_bin_size(&key->pubkey.y);
+	jbyteArray pub = (*env)->NewByteArray(env, 1 + xlen + ylen);
+	jbyte *pub_data = (*env)->GetByteArrayElements(env, pub, NULL);
+	pub_data[0] = 0x04;
+	pstm_to_unsigned_bin(NULL, &key->pubkey.x, pub_data + 1);
+	pstm_to_unsigned_bin(NULL, &key->pubkey.y, pub_data + 1 + xlen);
+	(*env)->ReleaseByteArrayElements(env, pub, pub_data, 0);
+	
+	jobject ec_param_spec = create_ec_param_spec(env, curve);
+
+    jobject ec_pub_param_spec = (*env)->NewLocalRef(env, ec_param_spec);
+    jmethodID ec_pub_init = (*env)->GetMethodID(env, pubkey_class, "<init>", "([BLjava/security/spec/ECParameterSpec;)V");
+    jobject pubkey = (*env)->NewObject(env, pubkey_class, ec_pub_init, pub, ec_pub_param_spec);
+
+	jobject ec_priv_param_spec = (*env)->NewLocalRef(env, ec_param_spec);
+    jmethodID ec_priv_init = (*env)->GetMethodID(env, privkey_class, "<init>", "([BLjava/security/spec/ECParameterSpec;)V");
+    jobject privkey = (*env)->NewObject(env, privkey_class, ec_priv_init, priv, ec_priv_param_spec);
+
+    jmethodID keypair_init = (*env)->GetMethodID(env, keypair_class, "<init>", "(Ljava/security/PublicKey;Ljava/security/PrivateKey;)V");
+
+	psEccDeleteKey(&key);
+
+    return (*env)->NewObject(env, keypair_class, keypair_init, pubkey, privkey);
+}
+
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_generate__ILjava_security_SecureRandom_2(JNIEnv *env, jobject this, jint keysize, jobject random) {
+	size_t i = 0;
+	while (eccCurves[i].size > 0) {
+		if (eccCurves[i].size * 8 == keysize) {
+			return generate_from_curve(env, &eccCurves[i]);
+		}
+		i++;
+	}
+	return NULL;
+}
+
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_generate__Ljava_security_spec_AlgorithmParameterSpec_2Ljava_security_SecureRandom_2(JNIEnv *env, jobject this, jobject params, jobject random) {
+    if ((*env)->IsInstanceOf(env, params, ec_parameter_spec_class)) {
+        psEccCurve_t *curve = create_curve(env, params);
+        jobject result = generate_from_curve(env, curve);
+        free_curve(curve);
+        return result;
+    } else if ((*env)->IsInstanceOf(env, params, ecgen_parameter_spec_class)) {
+		jmethodID get_name = (*env)->GetMethodID(env, ecgen_parameter_spec_class, "getName", "()Ljava/lang/String;");
+        jstring name = (*env)->CallObjectMethod(env, params, get_name);
+        const char* utf_name = (*env)->GetStringUTFChars(env, name, NULL);
+        size_t i = 0;
+		while (eccCurves[i].size > 0) {
+            if (strcasecmp(utf_name, eccCurves[i].name) == 0) {
+                break;
+            }
+            i++;
+        }
+        (*env)->ReleaseStringUTFChars(env, name, utf_name);
+        return generate_from_curve(env, &eccCurves[i]);
+	} else {
+		return NULL;
+	}
+}
+
+static psEccKey_t *bytearray_to_privkey(JNIEnv *env, jbyteArray privkey, const psEccCurve_t *curve) {
+	psEccKey_t *result;
+	psEccNewKey(NULL, &result, curve);
+	psEccInitKey(NULL, result, curve);
+
+	pstm_init_for_read_unsigned_bin(NULL, &result->k, curve->size);
+	jint len = (*env)->GetArrayLength(env, privkey);
+	jbyte *priv_data = (*env)->GetByteArrayElements(env, privkey, NULL);
+	pstm_read_unsigned_bin(&result->k, priv_data, len);
+	(*env)->ReleaseByteArrayElements(env, privkey, priv_data, JNI_ABORT);
+	result->type = PS_PRIVKEY;
+
+	return result;
+}
+
+static psEccKey_t *bytearray_to_pubkey(JNIEnv *env, jbyteArray pubkey, const psEccCurve_t *curve) {
+	psEccKey_t *result;
+	psEccNewKey(NULL, &result, curve);
+	psEccInitKey(NULL, result, curve);
+
+	pstm_init_for_read_unsigned_bin(NULL, &result->pubkey.x, curve->size);
+	pstm_init_for_read_unsigned_bin(NULL, &result->pubkey.y, curve->size);
+	pstm_init_for_read_unsigned_bin(NULL, &result->pubkey.z, curve->size);
+	jbyte *pubkey_data = (*env)->GetByteArrayElements(env, pubkey, NULL);
+	pstm_read_unsigned_bin(&result->pubkey.x, pubkey_data + 1, curve->size);
+	pstm_read_unsigned_bin(&result->pubkey.y, pubkey_data + 1 + curve->size, curve->size);
+	(*env)->ReleaseByteArrayElements(env, pubkey, pubkey_data, JNI_ABORT);
+	pstm_set(&result->pubkey.z, 1);
+	result->type = PS_PUBKEY;
+
+	return result;
+}
+
+JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024Matrixssl_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2(JNIEnv *env, jobject this, jbyteArray pubkey, jbyteArray privkey, jobject params) {
+	psEccCurve_t *curve = create_curve(env, params);
+
+	psEccKey_t *priv = bytearray_to_privkey(env, privkey, curve);
+	psEccKey_t *pub = bytearray_to_pubkey(env, pubkey, curve);
+
+	jbyteArray result = (*env)->NewByteArray(env, curve->size);
+	jbyte *result_data = (*env)->GetByteArrayElements(env, result, NULL);
+	psSize_t outlen = curve->size;
+
+	native_timing_start();
+	int32_t err = psEccGenSharedSecret(NULL, priv, pub, result_data, &outlen, NULL);
+	native_timing_stop();
+	(*env)->ReleaseByteArrayElements(env, result, result_data, 0);
+
+	psEccDeleteKey(&priv);
+	psEccDeleteKey(&pub);
+	free_curve(curve);
+
+	if (err < 0) {
+		throw_new(env, "java/security/GeneralSecurityException", "Couldn't derive secret.");
+		return NULL;
+	}
+
+	return result;
+}
+
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024Matrixssl_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2Ljava_lang_String_2(JNIEnv *env, jobject this, jbyteArray pubkey, jbyteArray privkey, jobject params, jstring algorithm) {
+    throw_new(env, "java/lang/UnsupportedOperationException", "Not supported.");
+    return NULL;
+}
+
+JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Matrixssl_sign(JNIEnv *env, jobject this, jbyteArray data, jbyteArray privkey, jobject params) {
+	psEccCurve_t *curve = create_curve(env, params);
+
+	psEccKey_t *priv = bytearray_to_privkey(env, privkey, curve);
+
+	psSize_t siglen = 512;
+	uint8_t sig[siglen];
+
+	jint data_len = (*env)->GetArrayLength(env, data);
+	jbyte *data_data = (*env)->GetByteArrayElements(env, data, NULL);
+	native_timing_start();
+	int32_t err = psEccDsaSign(NULL, priv, data_data, data_len, sig, &siglen, 0, NULL);
+	native_timing_stop();
+
+	psEccDeleteKey(&priv);
+	free_curve(curve);
+
+	if (err < 0) {
+		throw_new(env, "java/security/GeneralSecurityException", "Couldn't sign data.");
+		return NULL;
+	}
+
+	jbyteArray result = (*env)->NewByteArray(env, siglen);
+	jbyte *result_data = (*env)->GetByteArrayElements(env, result, NULL);
+	memcpy(result_data, sig, siglen);
+	(*env)->ReleaseByteArrayElements(env, result, result_data, 0);
+
+	return result;
+}
+
+JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Matrixssl_verify(JNIEnv *env, jobject this, jbyteArray signature, jbyteArray data, jbyteArray pubkey, jobject params) {
+	psEccCurve_t *curve = create_curve(env, params);
+	psEccKey_t *pub = bytearray_to_pubkey(env, pubkey, curve);
+
+	jint data_len = (*env)->GetArrayLength(env, data);
+	jint sig_len = (*env)->GetArrayLength(env, signature);
+	jbyte *data_data = (*env)->GetByteArrayElements(env, data, NULL);
+	jbyte *sig_data = (*env)->GetByteArrayElements(env, signature, NULL);
+
+	int32_t result;
+	native_timing_start();
+	int32_t err = psEccDsaVerify(NULL, pub, data_data, data_len, sig_data, sig_len, &result, NULL);
+	native_timing_stop();
+	(*env)->ReleaseByteArrayElements(env, data, data_data, JNI_ABORT);
+	(*env)->ReleaseByteArrayElements(env, signature, sig_data, JNI_ABORT);
+
+	free_curve(curve);
+	psEccDeleteKey(&pub);
+
+	if (err < 0) {
+		throw_new(env, "java/security/GeneralSecurityException", "Couldn't verify signature.");
+		return JNI_FALSE;
+	}
+
+	return result < 0 ? JNI_FALSE : JNI_TRUE;
+}
+
+
+JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_supportsNativeTiming(JNIEnv *env, jobject this) {
+    return native_timing_supported();
+}
+
+JNIEXPORT jlong JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_getNativeTimingResolution(JNIEnv *env, jobject this) {
+    return native_timing_resolution();
+}
+
+JNIEXPORT jlong JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_getLastNativeTiming(JNIEnv *env, jobject this) {
+    return native_timing_last();
+}
\ No newline at end of file
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/mbedtls.c b/src/cz/crcs/ectester/standalone/libs/jni/mbedtls.c
index bedf084..0239bdb 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/mbedtls.c
+++ b/src/cz/crcs/ectester/standalone/libs/jni/mbedtls.c
@@ -543,8 +543,6 @@ JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSigna
     return JNI_TRUE;
 }
 
-
-
 JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_MbedTLSLib_supportsNativeTiming(JNIEnv *env, jobject this) {
     return native_timing_supported();
 }
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/native.h b/src/cz/crcs/ectester/standalone/libs/jni/native.h
index 3cbc2d1..7540ce8 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/native.h
+++ b/src/cz/crcs/ectester/standalone/libs/jni/native.h
@@ -1845,3 +1845,208 @@ JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSigna
 }
 #endif
 #endif
+/* Header for class cz_crcs_ectester_standalone_libs_MatrixsslLib */
+
+#ifndef _Included_cz_crcs_ectester_standalone_libs_MatrixsslLib
+#define _Included_cz_crcs_ectester_standalone_libs_MatrixsslLib
+#ifdef __cplusplus
+extern "C" {
+#endif
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_MatrixsslLib
+ * Method:    supportsNativeTiming
+ * Signature: ()Z
+ */
+JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_supportsNativeTiming
+  (JNIEnv *, jobject);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_MatrixsslLib
+ * Method:    getNativeTimingResolution
+ * Signature: ()J
+ */
+JNIEXPORT jlong JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_getNativeTimingResolution
+  (JNIEnv *, jobject);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_MatrixsslLib
+ * Method:    getLastNativeTiming
+ * Signature: ()J
+ */
+JNIEXPORT jlong JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_getLastNativeTiming
+  (JNIEnv *, jobject);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_MatrixsslLib
+ * Method:    createProvider
+ * Signature: ()Ljava/security/Provider;
+ */
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_createProvider
+  (JNIEnv *, jobject);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_MatrixsslLib
+ * Method:    getCurves
+ * Signature: ()Ljava/util/Set;
+ */
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_MatrixsslLib_getCurves
+  (JNIEnv *, jobject);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl */
+
+#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl
+#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl
+#ifdef __cplusplus
+extern "C" {
+#endif
+#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID
+#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID 1421746759512286392LL
+#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_MAX_ARRAY_SIZE
+#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_MAX_ARRAY_SIZE 2147483639L
+#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_KEYS
+#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_KEYS 0L
+#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_VALUES
+#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_VALUES 1L
+#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_ENTRIES
+#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_ENTRIES 2L
+#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID
+#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID 4112578634029874840LL
+#undef cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID
+#define cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl_serialVersionUID -4298000515446427739LL
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeProvider_Matrixssl
+ * Method:    setup
+ * Signature: ()V
+ */
+JNIEXPORT void JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeProvider_00024Matrixssl_setup
+  (JNIEnv *, jobject);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl */
+
+#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl
+#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl
+#ifdef __cplusplus
+extern "C" {
+#endif
+#undef cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl_DEFAULT_KEYSIZE
+#define cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl_DEFAULT_KEYSIZE 256L
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl
+ * Method:    keysizeSupported
+ * Signature: (I)Z
+ */
+JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_keysizeSupported
+  (JNIEnv *, jobject, jint);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl
+ * Method:    paramsSupported
+ * Signature: (Ljava/security/spec/AlgorithmParameterSpec;)Z
+ */
+JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_paramsSupported
+  (JNIEnv *, jobject, jobject);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl
+ * Method:    generate
+ * Signature: (ILjava/security/SecureRandom;)Ljava/security/KeyPair;
+ */
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_generate__ILjava_security_SecureRandom_2
+  (JNIEnv *, jobject, jint, jobject);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_Matrixssl
+ * Method:    generate
+ * Signature: (Ljava/security/spec/AlgorithmParameterSpec;Ljava/security/SecureRandom;)Ljava/security/KeyPair;
+ */
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Matrixssl_generate__Ljava_security_spec_AlgorithmParameterSpec_2Ljava_security_SecureRandom_2
+  (JNIEnv *, jobject, jobject, jobject);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeECPublicKey_Matrixssl */
+
+#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeECPublicKey_Matrixssl
+#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeECPublicKey_Matrixssl
+#ifdef __cplusplus
+extern "C" {
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif
+/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeECPrivateKey_Matrixssl */
+
+#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeECPrivateKey_Matrixssl
+#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeECPrivateKey_Matrixssl
+#ifdef __cplusplus
+extern "C" {
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif
+/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl */
+
+#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl
+#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl
+#ifdef __cplusplus
+extern "C" {
+#endif
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl
+ * Method:    generateSecret
+ * Signature: ([B[BLjava/security/spec/ECParameterSpec;)[B
+ */
+JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024Matrixssl_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2
+  (JNIEnv *, jobject, jbyteArray, jbyteArray, jobject);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_Matrixssl
+ * Method:    generateSecret
+ * Signature: ([B[BLjava/security/spec/ECParameterSpec;Ljava/lang/String;)Ljavax/crypto/SecretKey;
+ */
+JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyAgreementSpi_00024Matrixssl_generateSecret___3B_3BLjava_security_spec_ECParameterSpec_2Ljava_lang_String_2
+  (JNIEnv *, jobject, jbyteArray, jbyteArray, jobject, jstring);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+/* Header for class cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl */
+
+#ifndef _Included_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl
+#define _Included_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl
+#ifdef __cplusplus
+extern "C" {
+#endif
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl
+ * Method:    sign
+ * Signature: ([B[BLjava/security/spec/ECParameterSpec;)[B
+ */
+JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Matrixssl_sign
+  (JNIEnv *, jobject, jbyteArray, jbyteArray, jobject);
+
+/*
+ * Class:     cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_Matrixssl
+ * Method:    verify
+ * Signature: ([B[B[BLjava/security/spec/ECParameterSpec;)Z
+ */
+JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Matrixssl_verify
+  (JNIEnv *, jobject, jbyteArray, jbyteArray, jbyteArray, jobject);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/src/cz/crcs/ectester/standalone/libs/jni/tomcrypt.c b/src/cz/crcs/ectester/standalone/libs/jni/tomcrypt.c
index 471190e..6789ba8 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/tomcrypt.c
+++ b/src/cz/crcs/ectester/standalone/libs/jni/tomcrypt.c
@@ -169,26 +169,6 @@ static jobject create_ec_param_spec(JNIEnv *env, const ltc_ecc_set_type *curve)
     return (*env)->NewObject(env, ec_parameter_spec_class, ec_parameter_spec_init, elliptic_curve, g, n, (jint) 1);
 }
 
-static char *biginteger_to_hex(JNIEnv *env, jobject big, jint bytes) {
-    jmethodID to_string = (*env)->GetMethodID(env, biginteger_class, "toString", "(I)Ljava/lang/String;");
-    jstring big_string = (*env)->CallObjectMethod(env, big, to_string, (jint) 16);
-
-    jsize len = (*env)->GetStringUTFLength(env, big_string);
-    char raw_string[len];
-    (*env)->GetStringUTFRegion(env, big_string, 0, len, raw_string);
-
-    char *result = calloc(bytes, 2);
-    if (len >= bytes) {
-        return strncpy(result, raw_string, 2*bytes);
-    } else {
-        jsize diff = bytes - len;
-        for (jint i = 0; i < diff*2; ++i) {
-            result[i] = '0';
-        }
-        return strncpy(result + diff*2, raw_string, 2*bytes);
-    }
-}
-
 static ltc_ecc_set_type* create_curve(JNIEnv *env, jobject params) {
     jmethodID get_curve = (*env)->GetMethodID(env, ec_parameter_spec_class, "getCurve", "()Ljava/security/spec/EllipticCurve;");
     jobject elliptic_curve = (*env)->CallObjectMethod(env, params, get_curve);
@@ -217,13 +197,16 @@ static ltc_ecc_set_type* create_curve(JNIEnv *env, jobject params) {
 
     jmethodID get_n = (*env)->GetMethodID(env, ec_parameter_spec_class, "getOrder", "()Ljava/math/BigInteger;");
     jobject n = (*env)->CallObjectMethod(env, params, get_n);
+	jmethodID get_bitlength = (*env)->GetMethodID(env, biginteger_class, "bitLength", "()I");
+	jint ord_bits = (*env)->CallIntMethod(env, n, get_bitlength);
+	jint ord_bytes = (ord_bits + 7) / 8; 
 
     ltc_ecc_set_type *curve = calloc(sizeof(ltc_ecc_set_type), 1);
     curve->size = bytes;
     curve->name = "";
     curve->prime = biginteger_to_hex(env, p, bytes);
     curve->B = biginteger_to_hex(env, b, bytes);
-    curve->order = biginteger_to_hex(env, n, bytes);
+    curve->order = biginteger_to_hex(env, n, ord_bytes);
     curve->Gx = biginteger_to_hex(env, gx, bytes);
     curve->Gy = biginteger_to_hex(env, gy, bytes);