diff options
| -rw-r--r-- | .github/workflows/build.yml | 17 | ||||
| -rw-r--r-- | .gitmodules | 3 | ||||
| -rw-r--r-- | README.md | 24 | ||||
| m--------- | ext/wolfcrypt-jni | 0 | ||||
| -rw-r--r-- | ext/wolfcrypt-jni.jar | bin | 83453 -> 98431 bytes | |||
| -rw-r--r-- | standalone/build.gradle.kts | 17 | ||||
| -rw-r--r-- | standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java | 10 | ||||
| -rw-r--r-- | standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java | 5 |
8 files changed, 63 insertions, 13 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8b7ca52..d3e45cf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -114,36 +114,51 @@ jobs: echo "BORINGSSL_VERSION=$(git submodule status ext/boringssl | cut -f2 -d' ')" >> $GITHUB_ENV echo "LIBRESSL_VERSION=$(git submodule status ext/libressl | cut -f2 -d' ')" >> $GITHUB_ENV echo "IPPCP_VERSION=$(git submodule status ext/ipp-crypto | cut -f2 -d' ')" >> $GITHUB_ENV + echo "WOLFCRYPT_VERSION=$(git submodule status ext/wolfcrypt-jni | cut -f2 -d' ')" >> $GITHUB_ENV + echo "WOLFSSL_VERSION=$(dpkg -s libwolfssl-dev | grep 'Version' | cut -f2 -d' ')" >> $GITHUB_ENV - name: Cache libs uses: actions/cache@v4 id: cache-libs with: - key: libs-${{ env.BORINGSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.IPPCP_VERSION }} + key: libs-${{ env.BORINGSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.IPPCP_VERSION }}-${{ env.WOLFCRYPT_VERSION }}-${{ env.WOLFSSL_VERSION }} path: | ext/boringssl/build/crypto/libcrypto.so ext/libressl/build/crypto/libcrypto.so ext/ipp-crypto/build/.build/RELEASE/lib/libippcp.so + ext/wolfcrypt-jni/lib/wolfcrypt-jni.jar + ext/wolfcrypt-jni/lib/libwolfcryptjni.so - name: Build libs if: steps.cache-libs.outputs.cache-hit != 'true' run: | + # ------------ Build BoringSSL ------------ cd ext/boringssl cmake -DBUILD_SHARED_LIBS=1 -Bbuild cd build make -j4 crypto cd ../../.. + # ------------ Build LibreSSL ------------ cd ext/libressl ./autogen.sh cmake -DBUILD_SHARED_LIBS=ON -Bbuild cd build make -j4 crypto cd ../../.. + # ------------ Build IPP-crypto ------------ cd ext/ipp-crypto CC=clang CXX=clang++ cmake CMakeLists.txt -Bbuild -DARCH=intel64 cd build make -j4 cd ../../.. + # ------------ Build wolfcrypt-jni ------------ + cd ext/wolfcrypt-jni + mkdir junit + wget -P junit/ https://repo1.maven.org/maven2/junit/junit/4.13.2/junit-4.13.2.jar + wget -P junit/ https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar + make -j4 -f makefile.linux + env JUNIT_HOME=junit/ ant build-jce-release + cd ../../.. - name: Build standalone run: | diff --git a/.gitmodules b/.gitmodules index 603e4d9..54819aa 100644 --- a/.gitmodules +++ b/.gitmodules @@ -16,3 +16,6 @@ [submodule "ext/ipp-crypto"] path = ext/ipp-crypto url = https://github.com/intel/ipp-crypto +[submodule "ext/wolfcrypt-jni"] + path = ext/wolfcrypt-jni + url = https://github.com/wolfSSL/wolfcrypt-jni @@ -308,7 +308,7 @@ For more information on ECC libraries see [LIBS](docs/LIBS.md). ### Setup ```shell -./gradlew :standalone:libs # To build the native library shims. (Necessary +./gradlew :standalone:libs # To build the native library shims. ./gradlew :standalone:uberJar # To build the standalone tool (jar) -> "standalone/build/libs/ECTesterStandalone.jar" ``` Simply doing the above should build everything necessary to test libraries via the standalone app, @@ -356,9 +356,9 @@ g++ -fPIC -shared -O2 -o botan_provider.so -Wl,-rpath,'$ORIGIN/lib' botan.o cpp_ g++ -fPIC -shared -O2 -o cryptopp_provider.so -Wl,-rpath,'$ORIGIN/lib' cryptopp.o cpp_utils.o -L. -L/usr/local/lib -lcryptopp -l:lib_timing.so ``` -BoringSSL, LibreSSL and ipp-crypto are included as git submodules. Make sure you run: `git submodule update --init --recursive` +BoringSSL, LibreSSL, ipp-crypto and partially wolfCrypt are included as git submodules. Make sure you run: `git submodule update --init --recursive` after checking out the ECTester repository to initialize them. To build BoringSSL do: -``` +```shell cd ext/boringssl cmake -GNinja -Bbuild -DBUILD_SHARED_LIBS=1 cd build @@ -366,7 +366,7 @@ ninja ``` To build LibreSSL do: -``` +```shell cd ext/libressl ./autogen.sh cmake -GNinja -Bbuild -DBUILD_SHARED_LIBS=1 @@ -376,13 +376,27 @@ ninja To build ipp-crypto do: (Make sure you have the necessary [build requirements](https://github.com/intel/ipp-crypto/blob/develop/BUILD.md)) -``` +```shell cd ext/ipp-crypto CC=clang CXX=clang++ cmake CMakeLists.txt -GNinja -Bbuild -DARCH=intel64 # Does not work with GCC 12+ cd build ninja ``` +To build wolfCrypt-JNI do: +(You need to have wolfSSL installed and ready for development) +```shell +cd ext/wolfcrypt-jni +mkdir junit +wget -P junit/ https://repo1.maven.org/maven2/junit/junit/4.13.2/junit-4.13.2.jar +wget -P junit/ https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar +make -f makefile.linux +env JUNIT_HOME=junit/ ant build-jce-release +``` +The produced `lib/wolfcrypt-jni.jar` will be automatically included into the standalone JAR when building `standalone:uberJar`. +However, the produced `lib/libwolfcryptjni.so` native library will not be automatically loaded. You thus need to include it +on `LD_LIBRARY_PATH`. + #### Java diff --git a/ext/wolfcrypt-jni b/ext/wolfcrypt-jni new file mode 160000 +Subproject 0497ee767c994775beda2f2091009593961e5c7 diff --git a/ext/wolfcrypt-jni.jar b/ext/wolfcrypt-jni.jar Binary files differindex 890ae14..be579ee 100644 --- a/ext/wolfcrypt-jni.jar +++ b/ext/wolfcrypt-jni.jar diff --git a/standalone/build.gradle.kts b/standalone/build.gradle.kts index 1c9c485..8fe4bff 100644 --- a/standalone/build.gradle.kts +++ b/standalone/build.gradle.kts @@ -11,7 +11,12 @@ repositories { } dependencies { - implementation(files("$rootDir/ext/wolfcrypt-jni.jar")) + // Fallback to bundled wolfcrypt-jni if the submodule one is not built. + if (file("$rootDir/ext/wolfcrypt-jni/lib/wolfcrypt-jni.jar").exists()) { + implementation(files("$rootDir/ext/wolfcrypt-jni/lib/wolfcrypt-jni.jar")) + } else { + implementation(files("$rootDir/ext/wolfcrypt-jni.jar")) + } implementation(project(":common")) testImplementation(platform("org.junit:junit-bom:5.10.2")) @@ -32,10 +37,12 @@ application { tasks.named<Test>("test") { useJUnitPlatform() -} - -tasks.test { - finalizedBy(tasks.jacocoTestReport) // report is always generated after tests run + // Report is always generated after tests run + finalizedBy(tasks.jacocoTestReport) + // Add wolfcrypt JNI lib path to LD_LIBRARY_PATH (as our native library loading does not handle it) + environment( + "LD_LIBRARY_PATH", "$rootDir/ext/wolfcrypt-jni/lib/:" + System.getenv("LD_LIBRARY_PATH") + ) } tasks.jacocoTestReport { diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java index b58eb91..ff592d1 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java @@ -12,6 +12,16 @@ public class WolfCryptLib extends ProviderECLibrary { } @Override + public boolean initialize() { + try { + System.loadLibrary("wolfcryptjni"); + return super.initialize(); + } catch (UnsatisfiedLinkError ule) { + return false; + } + } + + @Override public Set<String> getCurves() { return new HashSet<>(); } diff --git a/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java b/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java index c095ea5..6714e56 100644 --- a/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java +++ b/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java @@ -53,8 +53,9 @@ public class AppTests { @SuppressWarnings("JUnitMalformedDeclaration") @ParameterizedTest - // TODO: Add "wolfCrypt" to the list - @ValueSource(strings = {"Bouncy", "Sun", "libtomcrypt", "Botan", "Crypto++", "OpenSSL 3", "BoringSSL", "libgcrypt", "mbedTLS", "2021" /* IPPCP */, "Nettle", "LibreSSL"}) + // TODO: @ExpectedToFail does not work with parameterized tests: https://github.com/junit-pioneer/junit-pioneer/issues/762 + @ExpectedToFail + @ValueSource(strings = {"Bouncy", "Sun", "libtomcrypt", "Botan", "Crypto++", "OpenSSL 3", "BoringSSL", "libgcrypt", "mbedTLS", "2021" /* IPPCP */, "Nettle", "LibreSSL", "wolfCrypt"}) @StdIo() public void defaultSuite(String libName, StdOut out, StdErr err) { String[] args = new String[]{"test", "default", libName}; |