diff --git a/.gitignore b/.gitignore index 4b90b3941..18b2a0b9e 100644 --- a/.gitignore +++ b/.gitignore @@ -38,7 +38,7 @@ .vscode # Dynamically generated header files produced by the build -/src/main/native/com_ibm_crypto_plus_provider_ock_*.h +/src/main/native/ock/com_ibm_crypto_plus_provider_ock_*.h # Files generated by tests. /0Test*.txt diff --git a/buildNative.sh b/buildNative.sh index 20978ffe3..b1aab8a5f 100755 --- a/buildNative.sh +++ b/buildNative.sh @@ -51,7 +51,7 @@ if [ ${PLATFORM} == "ppc-aix64" ]; then make=gmake fi -cd src/main/native +cd src/main/native/ock ${make} -f jgskit.mak clean ${make} -f jgskit.mak diff --git a/buildNativeMac.sh b/buildNativeMac.sh index 054882b06..f279ac6f5 100755 --- a/buildNativeMac.sh +++ b/buildNativeMac.sh @@ -21,7 +21,7 @@ if [ -z "$GSKIT_HOME" ]; exit; fi -cd src/main/native +cd src/main/native/ock make -f jgskit.mac.mak clean make -f jgskit.mac.mak \ No newline at end of file diff --git a/buildNativeWin64.bat b/buildNativeWin64.bat index 6dfa2c328..f37a40a05 100755 --- a/buildNativeWin64.bat +++ b/buildNativeWin64.bat @@ -31,7 +31,7 @@ IF NOT DEFINED GSKIT_HOME ( :: @call "%VCVARS_64_SCRIPT%" -cd src/main/native +cd src/main/native/ock @call nmake -nologo -f jgskit.win64.cygwin.mak clean @call nmake -nologo -f jgskit.win64.cygwin.mak diff --git a/src/main/java/com/ibm/crypto/plus/provider/AESCCMCipher.java b/src/main/java/com/ibm/crypto/plus/provider/AESCCMCipher.java index 3e187950a..252c19e68 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/AESCCMCipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/AESCCMCipher.java @@ -8,8 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.CCMCipher; -import com.ibm.crypto.plus.provider.ock.OCKContext; +import com.ibm.crypto.plus.provider.base.CCMCipher; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import ibm.security.internal.spec.CCMParameterSpec; import java.math.BigInteger; import java.nio.ByteBuffer; @@ -37,7 +37,7 @@ public final class AESCCMCipher extends CipherSpi implements AESConstants, CCMCo String debPrefix = "AESCCMCipher "; private OpenJCEPlusProvider provider = null; - private OCKContext ockContext = null; + private boolean isFIPS = false; private boolean encrypting = true; private boolean initialized = false; private int tagLenInBytes = DEFAULT_AES_CCM_TAG_LENGTH / 8; @@ -105,11 +105,7 @@ public AESCCMCipher(OpenJCEPlusProvider provider) { } this.provider = provider; - try { - ockContext = provider.getOCKContext(); - } catch (Exception e) { - throw provider.providerException("Failed to initialize cipher context", e); - } + this.isFIPS = provider.isFIPS(); buffer = new byte[AES_BLOCK_SIZE * 2]; } @@ -155,10 +151,10 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) if (!encrypting) { AEADBadTagException abte = new AEADBadTagException( "Unable to perform engine doFinal; Possibly a bad tag or bad padding or illegalBlockSize"); - provider.setOCKExceptionCause(abte, e); + NativeOCKAdapter.setOCKExceptionCause(abte, e); throw abte; } else { - throw provider.providerException("unable to perform to engineDoFinal ", e); + throw NativeOCKAdapter.providerException("unable to perform to engineDoFinal ", e); } } catch (IllegalStateException ex) { requireReinit = true; @@ -212,10 +208,10 @@ protected int engineDoFinal(ByteBuffer inputByteBuffer, ByteBuffer outputByteBuf if (!encrypting) { AEADBadTagException abte = new AEADBadTagException( "Uanble to perform engine doFinal; Possibly a bad tag or bad padding or illegalBlockSize"); - provider.setOCKExceptionCause(abte, e); + NativeOCKAdapter.setOCKExceptionCause(abte, e); throw abte; } else { - throw provider.providerException("unable to perform to engineDoFinal ", e); + throw NativeOCKAdapter.providerException("unable to perform to engineDoFinal ", e); } } catch (IllegalStateException ex) { requireReinit = true; @@ -265,7 +261,7 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] newIV = null; } - int ret = CCMCipher.doCCMFinal_Encrypt(ockContext, Key, IV, tagLenInBytes, input, + int ret = CCMCipher.doCCMFinal_Encrypt(isFIPS, Key, IV, tagLenInBytes, input, inputOffset, inputLen, output, outputOffset, authData); authData = null; // Before returning from doFinal(), restore AAD to uninitialized state @@ -293,39 +289,39 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] throw new ShortBufferException("Output buffer too small"); } - int ret = CCMCipher.doCCMFinal_Decrypt(ockContext, Key, IV, tagLenInBytes, input, + int ret = CCMCipher.doCCMFinal_Decrypt(isFIPS, Key, IV, tagLenInBytes, input, inputOffset, inputLen, output, outputOffset, authData); authData = null; // Before returning from doFinal(), restore AAD to uninitialized state return ret; } } catch (AEADBadTagException e) { AEADBadTagException abte = new AEADBadTagException(e.getMessage()); - provider.setOCKExceptionCause(abte, e); + NativeOCKAdapter.setOCKExceptionCause(abte, e); requireReinit = true; throw abte; } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); requireReinit = true; throw bpe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); requireReinit = true; throw ibse; } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; - } catch (com.ibm.crypto.plus.provider.ock.OCKException ock_excp) { + } catch (com.ibm.crypto.plus.provider.base.OCKException ock_excp) { requireReinit = true; AEADBadTagException tagexcp = new AEADBadTagException(ock_excp.getMessage()); - provider.setOCKExceptionCause(tagexcp, ock_excp); + NativeOCKAdapter.setOCKExceptionCause(tagexcp, ock_excp); throw tagexcp; } catch (Exception e) { requireReinit = true; - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -619,7 +615,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep this.buffered = 0; Arrays.fill(buffer, (byte) 0x0); } catch (Exception e) { - throw provider.providerException("Failed to init cipher", e); + throw NativeOCKAdapter.providerException("Failed to init cipher", e); } } @@ -743,9 +739,7 @@ protected synchronized void finalize() throws Throwable { //final String methodName = "finalize"; // OCKDebug.Msg (debPrefix, methodName, "finalize called"); try { - if (ockContext != null) { - CCMCipher.doCCM_cleanup(ockContext); - } + CCMCipher.doCCM_cleanup(isFIPS); if (Key != null) { Arrays.fill(Key, (byte) 0x00); Key = null; diff --git a/src/main/java/com/ibm/crypto/plus/provider/AESCipher.java b/src/main/java/com/ibm/crypto/plus/provider/AESCipher.java index ccb734efd..f8b4870b8 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/AESCipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/AESCipher.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.Padding; -import com.ibm.crypto.plus.provider.ock.SymmetricCipher; +import com.ibm.crypto.plus.provider.base.Padding; +import com.ibm.crypto.plus.provider.base.SymmetricCipher; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -71,14 +72,14 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) } } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -146,18 +147,18 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] } } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -193,7 +194,7 @@ protected int engineGetOutputSize(int inputLen) { return symmetricCipher.getOutputSize(inputLen); } } catch (Exception e) { - throw provider.providerException("Unable to get output size", e); + throw NativeOCKAdapter.providerException("Unable to get output size", e); } } @@ -298,7 +299,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep try { if ((symmetricCipher == null) || (symmetricCipher.getKeyLength() != rawKey.length)) { - symmetricCipher = SymmetricCipher.getInstanceAES(provider.getOCKContext(), mode, + symmetricCipher = SymmetricCipher.getInstanceAES(provider.isFIPS(), mode, padding, rawKey.length); // Check whether used algorithm is CBC and whether hardware supports is available use_z_fast_command = symmetricCipher.getHardwareSupportStatus(); @@ -315,7 +316,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep this.encrypting = isEncrypt; this.initialized = true; } catch (Exception e) { - throw provider.providerException("Failed to init cipher", e); + throw NativeOCKAdapter.providerException("Failed to init cipher", e); } } @@ -368,7 +369,7 @@ protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen) { return output; } } catch (Exception e) { - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } } @@ -464,10 +465,10 @@ protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] o } } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/AESGCMCipher.java b/src/main/java/com/ibm/crypto/plus/provider/AESGCMCipher.java index 2801c5033..819a76839 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/AESGCMCipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/AESGCMCipher.java @@ -8,9 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.GCMCipher; -import com.ibm.crypto.plus.provider.ock.OCKContext; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.GCMCipher; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.math.BigInteger; import java.nio.ByteBuffer; import java.security.AlgorithmParameters; @@ -38,7 +38,7 @@ public final class AESGCMCipher extends CipherSpi implements AESConstants, GCMCo private OpenJCEPlusProvider provider = null; - private OCKContext ockContext = null; + private boolean isFIPS; private boolean encrypting = true; private boolean initialized = false; private int tagLenInBytes = DEFAULT_TAG_LENGTH / 8; @@ -143,9 +143,9 @@ public AESGCMCipher(OpenJCEPlusProvider provider) { this.provider = provider; try { - ockContext = provider.getOCKContext(); + this.isFIPS = provider.isFIPS(); } catch (Exception e) { - throw provider.providerException("Failed to initialize cipher context", e); + throw NativeOCKAdapter.providerException("Failed to initialize cipher context", e); } buffer = new byte[AES_BLOCK_SIZE * 2]; } @@ -193,12 +193,12 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) AEADBadTagException abte = new AEADBadTagException( "Unable to perform engine doFinal; " + "Possibly a bad tag or bad padding or illegalBlockSize"); - provider.setOCKExceptionCause(abte, e); + NativeOCKAdapter.setOCKExceptionCause(abte, e); resetVars(true); throw abte; } else { resetVars(true); - throw provider + throw NativeOCKAdapter .providerException("unable to perform to engineDoFinal encrypting ", e); } } @@ -244,10 +244,10 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) "Unable to perform engine doFinal; " + "Possibly a bad tag or bad padding or illegalBlockSize"); - provider.setOCKExceptionCause(abte, e); + NativeOCKAdapter.setOCKExceptionCause(abte, e); throw abte; } else { - throw provider.providerException("unable to perform to engineDoFinal ", e); + throw NativeOCKAdapter.providerException("unable to perform to engineDoFinal ", e); } } catch (IllegalStateException ex) { resetVars(true); @@ -299,7 +299,7 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] if (!encrypting) { AEADBadTagException abte = new AEADBadTagException(e.getMessage()); - provider.setOCKExceptionCause(abte, e); + NativeOCKAdapter.setOCKExceptionCause(abte, e); // OCKDebug.Msg (debPrefix, methodName, "Ret from engineDoFinal: "); resetVars(true); throw abte; @@ -336,7 +336,7 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] } } - int ret = GCMCipher.doGCMFinal_Encrypt(ockContext, Key, IV, tagLenInBytes, input, + int ret = GCMCipher.doGCMFinal_Encrypt(this.isFIPS, Key, IV, tagLenInBytes, input, inputOffset, inputLen, output, outputOffset, authData); authData = null; // Before returning from doFinal(), restore AAD to uninitialized state @@ -359,7 +359,7 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] throw new ShortBufferException("Output buffer too small"); } - int ret = GCMCipher.doGCMFinal_Decrypt(ockContext, Key, IV, tagLenInBytes, input, + int ret = GCMCipher.doGCMFinal_Decrypt(this.isFIPS, Key, IV, tagLenInBytes, input, inputOffset, inputLen, output, outputOffset, authData); authData = null; // Before returning from doFinal(), restore AAD to uninitialized state return ret; @@ -367,31 +367,31 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] } catch (AEADBadTagException e) { resetVars(true); AEADBadTagException abte = new AEADBadTagException(e.getMessage()); - provider.setOCKExceptionCause(abte, e); + NativeOCKAdapter.setOCKExceptionCause(abte, e); throw abte; } catch (BadPaddingException ock_bpe) { resetVars(true); BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { resetVars(true); IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (ShortBufferException ock_sbe) { sbeInLastFinalEncrypt = encrypting; ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; - } catch (com.ibm.crypto.plus.provider.ock.OCKException ock_excp) { + } catch (com.ibm.crypto.plus.provider.base.OCKException ock_excp) { resetVars(true); AEADBadTagException tagexcp = new AEADBadTagException(ock_excp.getMessage()); - provider.setOCKExceptionCause(tagexcp, ock_excp); + NativeOCKAdapter.setOCKExceptionCause(tagexcp, ock_excp); throw tagexcp; } catch (Exception e) { resetVars(true); - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } @@ -539,7 +539,7 @@ protected int engineGetOutputSize(int inputLen) { try { return GCMCipher.getOutputSize(totalLen, encrypting, tagLenInBytes); } catch (Exception e) { - throw provider.providerException("Unable to get output size", e); + throw NativeOCKAdapter.providerException("Unable to get output size", e); } } @@ -758,7 +758,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep } catch (Exception e) { resetVars(false); - throw provider.providerException("Failed to init cipher", e); + throw NativeOCKAdapter.providerException("Failed to init cipher", e); } } @@ -866,7 +866,7 @@ protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen) { updateBytes = doUpdate(input, inputOffset, inputLen, firstUpdate); } catch (IllegalBlockSizeException | BadPaddingException e) { - throw this.provider.providerException("Unable to perform update", e); + throw NativeOCKAdapter.providerException("Unable to perform update", e); } updateCalled = true; return updateBytes; @@ -892,11 +892,11 @@ protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] o retcode = doUpdate(input, inputOffset, inputLen, output, outputOffset, firstUpdate); } catch (IllegalBlockSizeException e) { - throw this.provider + throw NativeOCKAdapter .providerException("Unable to perform update IllegalBlockSize exception", e); } catch (BadPaddingException e) { - throw this.provider.providerException("Unable to perform update BadPadding exception", + throw NativeOCKAdapter.providerException("Unable to perform update BadPadding exception", e); } updateCalled = true; @@ -939,7 +939,7 @@ protected byte[] doUpdate(byte[] input, int inputOffset, int inputLen, boolean f * handles user provided output buffers */ resetVars(true); - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } } @@ -992,7 +992,7 @@ protected int doUpdate(byte[] input, int inputOffset, int inputLen, byte[] outpu if (firstUpdate) { if (!encrypting) { // OCKDebug.Msg(debPrefix, methodName, "Calling do_GCM_InitForUpdateDecrypt"); - outLen = GCMCipher.do_GCM_InitForUpdateDecrypt(ockContext, Key, IV, + outLen = GCMCipher.do_GCM_InitForUpdateDecrypt(this.isFIPS, Key, IV, tagLenInBytes, buffer, 0, len, output, outputOffset, authData); // OCKDebug.Msg(debPrefix, methodName, "returning ret from // InitForUpdateDecrypt=" + outLen); @@ -1010,7 +1010,7 @@ protected int doUpdate(byte[] input, int inputOffset, int inputLen, byte[] outpu } } // OCKDebug.Msg(debPrefix, methodName, "Calling do_GCM_InitForUpdateEncrypt"); - outLen = GCMCipher.do_GCM_InitForUpdateEncrypt(ockContext, Key, IV, + outLen = GCMCipher.do_GCM_InitForUpdateEncrypt(this.isFIPS, Key, IV, tagLenInBytes, buffer, 0, len, output, outputOffset, authData); // OCKDebug.Msg(debPrefix, methodName, "returning ret from // InitForUpdateEncrypt=" + outLen); @@ -1046,7 +1046,7 @@ protected int doUpdate(byte[] input, int inputOffset, int inputLen, byte[] outpu // OCKDebug.Msg(debPrefix, methodName, "Checks all passed Calling // GCMCipher.do_GCM_UpdateDecrypt"); - outLen = GCMCipher.do_GCM_UpdForUpdateDecrypt(ockContext, Key, IV, + outLen = GCMCipher.do_GCM_UpdForUpdateDecrypt(this.isFIPS, Key, IV, tagLenInBytes, buffer, 0, len, output, outputOffset, authData); // OCKDebug.Msg(debPrefix, methodName, "returning ret from @@ -1058,7 +1058,7 @@ protected int doUpdate(byte[] input, int inputOffset, int inputLen, byte[] outpu // OCKDebug.Msg(debPrefix, methodName, "Encrypting"); // OCKDebug.Msg(debPrefix, methodName, "FirstUpdate generateIV"); - outLen = GCMCipher.do_GCM_UpdForUpdateEncrypt(ockContext, Key, IV, + outLen = GCMCipher.do_GCM_UpdForUpdateEncrypt(this.isFIPS, Key, IV, tagLenInBytes, buffer, 0, len, output, outputOffset, authData); // OCKDebug.Msg(debPrefix, methodName, "returning ret from // GCMCipher.do_GCM_UpdForUpdateEncrypt=" + outLen); @@ -1091,13 +1091,13 @@ protected int doUpdate(byte[] input, int inputOffset, int inputLen, byte[] outpu // process 'buffer'. When finished we can null out 'buffer' // Only necessary to null out if buffer holds data for encryption if (!encrypting) { - outLen = GCMCipher.do_GCM_UpdForUpdateDecrypt(ockContext, Key, IV, + outLen = GCMCipher.do_GCM_UpdForUpdateDecrypt(this.isFIPS, Key, IV, tagLenInBytes, buffer, 0, buffered, output, outputOffset, authData); // outLen = cipher.decrypt(buffer, 0, buffered, output, outputOffset); } // decrypting else { - outLen = GCMCipher.do_GCM_UpdForUpdateEncrypt(ockContext, Key, IV, + outLen = GCMCipher.do_GCM_UpdForUpdateEncrypt(this.isFIPS, Key, IV, tagLenInBytes, buffer, 0, buffered, output, outputOffset, authData); // outLen = cipher.encrypt(buffer, 0, buffered, output, outputOffset); @@ -1112,7 +1112,7 @@ protected int doUpdate(byte[] input, int inputOffset, int inputLen, byte[] outpu // OCKDebug.Msg(debPrefix, methodName, "still has input to process"); if (!encrypting) { - outLen += GCMCipher.do_GCM_UpdForUpdateDecrypt(ockContext, Key, IV, + outLen += GCMCipher.do_GCM_UpdForUpdateDecrypt(this.isFIPS, Key, IV, tagLenInBytes, input, inputOffset, inputConsumed, output, outputOffset, authData); // outLen += cipher.decrypt(input, inputOffset, inputConsumed, @@ -1120,7 +1120,7 @@ protected int doUpdate(byte[] input, int inputOffset, int inputLen, byte[] outpu } else { - outLen += GCMCipher.do_GCM_UpdForUpdateEncrypt(ockContext, Key, IV, + outLen += GCMCipher.do_GCM_UpdForUpdateEncrypt(this.isFIPS, Key, IV, tagLenInBytes, input, inputOffset, inputConsumed, output, outputOffset, authData); @@ -1135,36 +1135,36 @@ protected int doUpdate(byte[] input, int inputOffset, int inputLen, byte[] outpu } catch (IllegalStateException ock_illse) { sbeInLastUpdateEncrypt = false; IllegalStateException illse = new IllegalStateException(ock_illse.getMessage()); - provider.setOCKExceptionCause(illse, ock_illse); + NativeOCKAdapter.setOCKExceptionCause(illse, ock_illse); throw illse; } catch (AEADBadTagException e) { sbeInLastUpdateEncrypt = false; AEADBadTagException abte = new AEADBadTagException(e.getMessage()); - provider.setOCKExceptionCause(abte, e); + NativeOCKAdapter.setOCKExceptionCause(abte, e); throw abte; } catch (BadPaddingException ock_bpe) { sbeInLastUpdateEncrypt = false; BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { sbeInLastUpdateEncrypt = false; IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (ShortBufferException ock_sbe) { sbeInLastUpdateEncrypt = encrypting; ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; - } catch (com.ibm.crypto.plus.provider.ock.OCKException ock_excp) { + } catch (com.ibm.crypto.plus.provider.base.OCKException ock_excp) { sbeInLastUpdateEncrypt = false; AEADBadTagException tagexcp = new AEADBadTagException(ock_excp.getMessage()); - provider.setOCKExceptionCause(tagexcp, ock_excp); + NativeOCKAdapter.setOCKExceptionCause(tagexcp, ock_excp); throw tagexcp; } catch (Exception e) { sbeInLastUpdateEncrypt = false; - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } // Store remaining input into 'buffer' again @@ -1275,13 +1275,13 @@ private int finalNoPadding(byte[] in, int inOfs, byte[] out, int outOfs, int len int outLen = 0; if (!encrypting) { - outLen = GCMCipher.do_GCM_FinalForUpdateDecrypt(ockContext, Key, IV, tagLenInBytes, in, + outLen = GCMCipher.do_GCM_FinalForUpdateDecrypt(this.isFIPS, Key, IV, tagLenInBytes, in, inOfs, len, out, outOfs, authData); // OCKDebug.Msg(debPrefix, methodName, "outLen from // GCMCipher.do_GCM_FinalForUpdateDecrypt=" + outLen); } else { - outLen = GCMCipher.do_GCM_FinalForUpdateEncrypt(ockContext, Key, IV, tagLenInBytes, in, + outLen = GCMCipher.do_GCM_FinalForUpdateEncrypt(this.isFIPS, Key, IV, tagLenInBytes, in, inOfs, len, out, outOfs, authData); // OCKDebug.Msg(debPrefix, methodName, "outLen from // GCMCipher.do_GCM_FinalForUpdateEncrypt=" + outLen); diff --git a/src/main/java/com/ibm/crypto/plus/provider/AESKeyWrapCipher.java b/src/main/java/com/ibm/crypto/plus/provider/AESKeyWrapCipher.java index aab443514..14acbe066 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/AESKeyWrapCipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/AESKeyWrapCipher.java @@ -8,8 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.AESKeyWrap; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.AESKeyWrap; +import com.ibm.crypto.plus.provider.base.OCKException; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -260,11 +260,11 @@ private void internalInit(int opmode, Key key) throws InvalidKeyException { } try { - this.cipher = new AESKeyWrap(provider.getOCKContext(), rawKey, setPadding); + this.cipher = new AESKeyWrap(provider.isFIPS(), rawKey, setPadding); } catch (Exception e) { throw new InvalidKeyException("OCKC context null or bad key.", e); } - this.initialized = true; + this.initialized = true; } @Override diff --git a/src/main/java/com/ibm/crypto/plus/provider/ChaCha20Cipher.java b/src/main/java/com/ibm/crypto/plus/provider/ChaCha20Cipher.java index 741ffe6e3..a2ee30c3c 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ChaCha20Cipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ChaCha20Cipher.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.Padding; -import com.ibm.crypto.plus.provider.ock.SymmetricCipher; +import com.ibm.crypto.plus.provider.base.Padding; +import com.ibm.crypto.plus.provider.base.SymmetricCipher; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.nio.ByteBuffer; import java.nio.ByteOrder; import java.security.AlgorithmParameters; @@ -68,14 +69,14 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) } } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } finally { resetVars(); } @@ -93,19 +94,18 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] return ret; } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { - IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } finally { resetVars(); } @@ -234,7 +234,7 @@ private void internalInit(int opmode, Key newKey, byte[] newNonceBytes, int newC try { if (symmetricCipher == null) { - symmetricCipher = SymmetricCipher.getInstanceChaCha20(provider.getOCKContext(), + symmetricCipher = SymmetricCipher.getInstanceChaCha20(provider.isFIPS(), padding); } @@ -250,7 +250,8 @@ private void internalInit(int opmode, Key newKey, byte[] newNonceBytes, int newC this.ivBytes = newIvBytes; this.initialized = true; } catch (Exception e) { - throw provider.providerException("Failed to init cipher", e); + this.initialized = false; + throw NativeOCKAdapter.providerException("Failed to init cipher", e); } } @@ -318,7 +319,7 @@ protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen) { return output; } } catch (Exception e) { - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } } @@ -332,10 +333,10 @@ protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] o return symmetricCipher.update(input, inputOffset, inputLen, output, outputOffset); } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (Exception e) { - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ChaCha20Poly1305Cipher.java b/src/main/java/com/ibm/crypto/plus/provider/ChaCha20Poly1305Cipher.java index 0f07f5990..e4a98c5f3 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ChaCha20Poly1305Cipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ChaCha20Poly1305Cipher.java @@ -8,9 +8,10 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.OCKException; -import com.ibm.crypto.plus.provider.ock.Padding; -import com.ibm.crypto.plus.provider.ock.Poly1305Cipher; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.base.Padding; +import com.ibm.crypto.plus.provider.base.Poly1305Cipher; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.nio.ByteBuffer; import java.security.AlgorithmParameters; @@ -82,24 +83,25 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) } } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (IllegalArgumentException ock_iae) { IllegalArgumentException iae = new IllegalArgumentException(ock_iae.getMessage()); - provider.setOCKExceptionCause(iae, ock_iae); + NativeOCKAdapter.setOCKExceptionCause(iae, ock_iae); throw iae; } catch (OCKException ockException) { if (!encrypting) { throw new AEADBadTagException("Tag mismatch"); } else { - throw provider.providerException("Failure in engineDoFinal", ockException); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", ockException); } } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + resetVars(); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } finally { resetVars(); } @@ -121,28 +123,28 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] return retvalue; } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (IllegalArgumentException ock_iae) { IllegalArgumentException iae = new IllegalArgumentException(ock_iae.getMessage()); - provider.setOCKExceptionCause(iae, ock_iae); + NativeOCKAdapter.setOCKExceptionCause(iae, ock_iae); throw iae; } catch (OCKException ockException) { if (!encrypting) { throw new AEADBadTagException("Tag mismatch"); } else { - throw provider.providerException("Failure in engineDoFinal", ockException); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", ockException); } } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } finally { resetVars(); } @@ -179,7 +181,7 @@ protected int engineGetOutputSize(int inputLen) { try { return poly1305Cipher.getOutputSize(inputLen, encrypting, Poly1305_TAG_SIZE); } catch (Exception e) { - throw provider.providerException("Unable to get output size", e); + throw NativeOCKAdapter.providerException("Unable to get output size", e); } } @@ -330,7 +332,7 @@ private void internalInit(int opmode, Key newKey, byte[] newNonceBytes) try { if (poly1305Cipher == null) { - poly1305Cipher = Poly1305Cipher.getInstance(provider.getOCKContext(), + poly1305Cipher = Poly1305Cipher.getInstance(provider.isFIPS(), OCK_CHACHA20_POLY1305, padding); } @@ -343,7 +345,7 @@ private void internalInit(int opmode, Key newKey, byte[] newNonceBytes) this.nonceBytes = newNonceBytes; this.initialized = true; } catch (Exception e) { - throw provider.providerException("Failed to init cipher", e); + throw NativeOCKAdapter.providerException("Failed to init cipher", e); } } @@ -418,7 +420,7 @@ protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen) { return output; } } catch (Exception e) { - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } } @@ -437,10 +439,10 @@ protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] o return retvalue; } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (Exception e) { - throw provider.providerException("Failure in engineDoUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineDoUpdate", e); } } @@ -462,7 +464,7 @@ protected void engineUpdateAAD(byte[] src, int offset, int len) { poly1305Cipher.update(authData, 0, authData.length, null, 0); this.aadDone = true; } catch (Exception e) { - throw provider.providerException("Failure in engineUpdateAAD", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdateAAD", e); } } @@ -483,7 +485,7 @@ protected void engineUpdateAAD(ByteBuffer src) { poly1305Cipher.update(authData, 0, authData.length, null, 0); this.aadDone = true; } catch (Exception e) { - throw provider.providerException("Failure in engineUpdateAAD", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdateAAD", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DESedeCipher.java b/src/main/java/com/ibm/crypto/plus/provider/DESedeCipher.java index e87ee02d2..b4c11c8c1 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DESedeCipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DESedeCipher.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.Padding; -import com.ibm.crypto.plus.provider.ock.SymmetricCipher; +import com.ibm.crypto.plus.provider.base.Padding; +import com.ibm.crypto.plus.provider.base.SymmetricCipher; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -68,14 +69,14 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) } } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -89,18 +90,18 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] return symmetricCipher.doFinal(input, inputOffset, inputLen, output, outputOffset); } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -132,7 +133,7 @@ protected int engineGetOutputSize(int inputLen) { try { return symmetricCipher.getOutputSize(inputLen); } catch (Exception e) { - throw provider.providerException("Unable to get output size", e); + throw NativeOCKAdapter.providerException("Unable to get output size", e); } } @@ -244,7 +245,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep try { if (symmetricCipher == null) { - symmetricCipher = SymmetricCipher.getInstanceDESede(provider.getOCKContext(), mode, + symmetricCipher = SymmetricCipher.getInstanceDESede(provider.isFIPS(), mode, padding); } @@ -258,7 +259,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep this.encrypting = isEncrypt; this.initialized = true; } catch (Exception e) { - throw provider.providerException("Failed to init cipher", e); + throw NativeOCKAdapter.providerException("Failed to init cipher", e); } } @@ -306,7 +307,7 @@ protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen) { return output; } } catch (Exception e) { - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } } @@ -319,10 +320,10 @@ protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] o return symmetricCipher.update(input, inputOffset, inputLen, output, outputOffset); } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DHKeyAgreement.java b/src/main/java/com/ibm/crypto/plus/provider/DHKeyAgreement.java index f89d25b86..9c806624b 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DHKeyAgreement.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DHKeyAgreement.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DHKey; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.DHKey; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidAlgorithmParameterException; @@ -148,7 +149,7 @@ protected byte[] engineGenerateSecret() throws IllegalStateException { } synchronized (locker1) { synchronized (locker2) { - secret = DHKey.computeDHSecret(provider.getOCKContext(), + secret = DHKey.computeDHSecret(provider.isFIPS(), ockDHKeyPub.getDHKeyId(), ockDHKeyPriv.getDHKeyId()); } } @@ -156,7 +157,7 @@ protected byte[] engineGenerateSecret() throws IllegalStateException { throw new IllegalStateException(ise.getMessage()); } catch (OCKException e) { IllegalStateException ise = new IllegalStateException(e.getMessage()); - provider.setOCKExceptionCause(ise, e); + NativeOCKAdapter.setOCKExceptionCause(ise, e); throw ise; } @@ -184,7 +185,7 @@ protected byte[] engineGenerateSecret() throws IllegalStateException { // ignore the leading sign byte System.arraycopy(secret, 1, result, 0, expectedLen); } else { - throw provider.providerException("Failed to generate secret", + throw NativeOCKAdapter.providerException("Failed to generate secret", new OCKException("secret is out-of-range")); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DHKeyPairGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/DHKeyPairGenerator.java index 9f33c417e..8c94b4ba1 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DHKeyPairGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DHKeyPairGenerator.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DHKey; +import com.ibm.crypto.plus.provider.base.DHKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.AlgorithmParameterGenerator; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; @@ -138,19 +139,19 @@ public KeyPair generateKeyPair() { AlgorithmParameters algParams = algParmGen.generateParameters(); this.params = algParams.getParameterSpec(DHParameterSpec.class); - dhKey = DHKey.generateKeyPair(provider.getOCKContext(), algParams.getEncoded()); + dhKey = DHKey.generateKeyPair(provider.isFIPS(), algParams.getEncoded()); } else { AlgorithmParameters algParams = AlgorithmParameters.getInstance("DH", provider); algParams.init(params); - dhKey = DHKey.generateKeyPair(provider.getOCKContext(), algParams.getEncoded()); + dhKey = DHKey.generateKeyPair(provider.isFIPS(), algParams.getEncoded()); } javax.crypto.interfaces.DHPrivateKey privKey = new DHPrivateKey(provider, dhKey); javax.crypto.interfaces.DHPublicKey pubKey = new DHPublicKey(provider, dhKey); return new KeyPair(pubKey, privKey); } catch (Exception e) { - throw provider.providerException("Failure in generateKeyPair", e); + throw NativeOCKAdapter.providerException("Failure in generateKeyPair", e); } } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DHParameterGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/DHParameterGenerator.java index 07b1e14c4..133b7c20f 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DHParameterGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DHParameterGenerator.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DHKey; +import com.ibm.crypto.plus.provider.base.DHKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.math.BigInteger; import java.security.AlgorithmParameterGeneratorSpi; import java.security.AlgorithmParameters; @@ -250,7 +251,7 @@ protected AlgorithmParameters engineGenerateParameters() { } if (keysize > 0) { - byte[] encodedParams = DHKey.generateParameters(provider.getOCKContext(), + byte[] encodedParams = DHKey.generateParameters(provider.isFIPS(), this.keysize); algParams.init(encodedParams); return algParams; @@ -260,7 +261,7 @@ protected AlgorithmParameters engineGenerateParameters() { } } catch (Exception e) { - throw provider.providerException("Failure in generateGenerateParameters", e); + throw NativeOCKAdapter.providerException("Failure in generateGenerateParameters", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DHPrivateKey.java b/src/main/java/com/ibm/crypto/plus/provider/DHPrivateKey.java index 4d117b9d6..c09b102e3 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DHPrivateKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DHPrivateKey.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DHKey; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.DHKey; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; @@ -92,7 +93,7 @@ private void initDHPrivateKey(OpenJCEPlusProvider provider, BigInteger x, DHPara try { this.key = new DerValue(DerValue.tag_Integer, this.x.toByteArray()).toByteArray(); this.encodedKey = getEncoded(); - this.dhKey = DHKey.createPrivateKey(provider.getOCKContext(), encodedKey); + this.dhKey = DHKey.createPrivateKey(provider.isFIPS(), encodedKey); } catch (OCKException e) { throw new InvalidKeyException("Failure in DHPrivateKey"); } @@ -108,7 +109,7 @@ private void initDHPrivateKey(OpenJCEPlusProvider provider, BigInteger x, DHPara this.dhKey = dhKey; } catch (Exception exception) { - throw provider.providerException("Failure in DHPrivateKey", exception); + throw NativeOCKAdapter.providerException("Failure in DHPrivateKey", exception); } } @@ -120,7 +121,7 @@ private void initDHPrivateKey(OpenJCEPlusProvider provider, BigInteger x, DHPara convertOCKPrivateKeyBytes(encoded); buildOCKPrivateKeyBytes(); - this.dhKey = DHKey.createPrivateKey(provider.getOCKContext(), + this.dhKey = DHKey.createPrivateKey(provider.isFIPS(), encoded /*privateKeyBytes*/); } catch (Exception e) { throw new InvalidKeyException("Failure in DHPrivateKey"); @@ -348,7 +349,7 @@ public DHParameterSpec getParams() { try { return this.dhParams.engineGetParameterSpec(DHParameterSpec.class); } catch (InvalidParameterSpecException e) { - throw provider.providerException("Failure in DHPrivateKey", e); + throw NativeOCKAdapter.providerException("Failure in DHPrivateKey", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DHPublicKey.java b/src/main/java/com/ibm/crypto/plus/provider/DHPublicKey.java index 7b1e80a45..fa4110b30 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DHPublicKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DHPublicKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DHKey; +import com.ibm.crypto.plus.provider.base.DHKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; @@ -100,7 +101,7 @@ public DHPublicKey(OpenJCEPlusProvider provider, DHKey dhKey) { this.dhKey = dhKey; parseKeyBits(); } catch (Exception exception) { - throw provider.providerException("Failure in DHPublicKey", exception); + throw NativeOCKAdapter.providerException("Failure in DHPublicKey", exception); } } @@ -119,7 +120,7 @@ public DHPublicKey(OpenJCEPlusProvider provider, byte[] encoded) throws InvalidK // System.out.println ("In DHPublicKey(Provider, byte[] encoded publicKeyBytes" // + ECUtils.bytesToHex(publicKeyBytes)); - this.dhKey = DHKey.createPublicKey(provider.getOCKContext(), + this.dhKey = DHKey.createPublicKey(provider.isFIPS(), /* publicKeyBytes */ this.encodedKey); // System.err.println("Afte OCK: " + ECUtils.bytesToHex(this.key)); @@ -127,7 +128,7 @@ public DHPublicKey(OpenJCEPlusProvider provider, byte[] encoded) throws InvalidK } catch (IOException ioex) { throw new InvalidKeyException("Invalid key format"); } catch (Exception e) { - throw provider.providerException("Failure in DHPublicKey", e); + throw NativeOCKAdapter.providerException("Failure in DHPublicKey", e); } } @@ -262,7 +263,7 @@ public DHParameterSpec getParams() { try { return this.dhParams.engineGetParameterSpec(DHParameterSpec.class); } catch (InvalidParameterSpecException e) { - throw provider.providerException("Failure in DHPublicKey", e); + throw NativeOCKAdapter.providerException("Failure in DHPublicKey", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DSAKeyPairGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/DSAKeyPairGenerator.java index 0483846eb..51e7ab945 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DSAKeyPairGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DSAKeyPairGenerator.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DSAKey; +import com.ibm.crypto.plus.provider.base.DSAKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.AlgorithmParameterGenerator; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; @@ -145,19 +146,19 @@ public KeyPair generateKeyPair() { AlgorithmParameters algParams = algParmGen.generateParameters(); this.params = algParams.getParameterSpec(DSAParameterSpec.class); - dsaKey = DSAKey.generateKeyPair(provider.getOCKContext(), algParams.getEncoded()); + dsaKey = DSAKey.generateKeyPair(provider.isFIPS(), algParams.getEncoded()); } else { AlgorithmParameters algParams = AlgorithmParameters.getInstance("DSA", provider); algParams.init(params); - dsaKey = DSAKey.generateKeyPair(provider.getOCKContext(), algParams.getEncoded()); + dsaKey = DSAKey.generateKeyPair(provider.isFIPS(), algParams.getEncoded()); } java.security.interfaces.DSAPrivateKey privKey = new DSAPrivateKey(provider, dsaKey); java.security.interfaces.DSAPublicKey pubKey = new DSAPublicKey(provider, dsaKey); return new KeyPair(pubKey, privKey); } catch (Exception e) { - throw provider.providerException("Failure in generateKeyPair", e); + throw NativeOCKAdapter.providerException("Failure in generateKeyPair", e); } } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DSAParameterGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/DSAParameterGenerator.java index 29884c90a..072d24c85 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DSAParameterGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DSAParameterGenerator.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DSAKey; +import com.ibm.crypto.plus.provider.base.DSAKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.math.BigInteger; import java.security.AlgorithmParameterGeneratorSpi; import java.security.AlgorithmParameters; @@ -138,7 +139,7 @@ protected AlgorithmParameters engineGenerateParameters() { } if (keysize > 0) { - byte[] encodedParams = DSAKey.generateParameters(provider.getOCKContext(), + byte[] encodedParams = DSAKey.generateParameters(provider.isFIPS(), this.keysize); algParams.init(encodedParams); } else { @@ -146,7 +147,7 @@ protected AlgorithmParameters engineGenerateParameters() { } return algParams; } catch (Exception e) { - throw provider.providerException("Failure in generateGenerateParameters", e); + throw NativeOCKAdapter.providerException("Failure in generateGenerateParameters", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DSAPrivateKey.java b/src/main/java/com/ibm/crypto/plus/provider/DSAPrivateKey.java index ac8572994..b61889de8 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DSAPrivateKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DSAPrivateKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DSAKey; +import com.ibm.crypto.plus.provider.base.DSAKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.io.Serializable; import java.math.BigInteger; @@ -64,11 +65,11 @@ final class DSAPrivateKey extends PKCS8Key try { byte[] privateKeyBytes = buildOCKPrivateKeyBytes(); - this.dsaKey = DSAKey.createPrivateKey(provider.getOCKContext(), privateKeyBytes); + this.dsaKey = DSAKey.createPrivateKey(provider.isFIPS(), privateKeyBytes); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create DSA private key", exception); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -86,11 +87,11 @@ final class DSAPrivateKey extends PKCS8Key try { parseKeyBits(); byte[] privateKeyBytes = buildOCKPrivateKeyBytes(); - this.dsaKey = DSAKey.createPrivateKey(provider.getOCKContext(), privateKeyBytes); + this.dsaKey = DSAKey.createPrivateKey(provider.isFIPS(), privateKeyBytes); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create DSA private key", exception); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -106,7 +107,7 @@ final class DSAPrivateKey extends PKCS8Key } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create DSA private key", exception); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DSAPublicKey.java b/src/main/java/com/ibm/crypto/plus/provider/DSAPublicKey.java index b9991e4d0..58cee6fc3 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DSAPublicKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DSAPublicKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.DSAKey; +import com.ibm.crypto.plus.provider.base.DSAKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.io.Serializable; import java.math.BigInteger; @@ -66,10 +67,10 @@ final class DSAPublicKey extends X509Key try { byte[] publicKeyBytes = buildOCKPublicKeyBytes(); - this.dsaKey = DSAKey.createPublicKey(provider.getOCKContext(), publicKeyBytes); + this.dsaKey = DSAKey.createPublicKey(provider.isFIPS(), publicKeyBytes); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create DSA public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -87,10 +88,10 @@ final class DSAPublicKey extends X509Key try { byte[] publicKeyBytes = buildOCKPublicKeyBytes(); - this.dsaKey = DSAKey.createPublicKey(provider.getOCKContext(), publicKeyBytes); + this.dsaKey = DSAKey.createPublicKey(provider.isFIPS(), publicKeyBytes); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create DSA public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -108,7 +109,7 @@ final class DSAPublicKey extends X509Key } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create DSA public key", exception); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DSASignature.java b/src/main/java/com/ibm/crypto/plus/provider/DSASignature.java index 63073383b..752ae9d90 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DSASignature.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DSASignature.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.Signature; +import com.ibm.crypto.plus.provider.base.Signature; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.EOFException; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; @@ -28,9 +29,9 @@ abstract class DSASignature extends SignatureSpi { DSASignature(OpenJCEPlusProvider provider, String ockDigestAlgo) { try { this.provider = provider; - this.signature = Signature.getInstance(provider.getOCKContext(), ockDigestAlgo); + this.signature = Signature.getInstance(provider.isFIPS(), ockDigestAlgo); } catch (Exception e) { - throw provider.providerException("Failed to initialize DSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize DSA signature", e); } } @@ -44,7 +45,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { this.signature.initialize(dsaPublic.getOCKKey(), false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } } @@ -56,12 +57,12 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException DSAPrivateKey dsaPrivate = (DSAPrivateKey) DSAKeyFactory.toDSAKey(provider, privateKey); if (provider.isFIPS()) { - throw provider.providerException("DSA signing not supported in FIPS", null); + throw NativeOCKAdapter.providerException("DSA signing not supported in FIPS", null); } try { this.signature.initialize(dsaPrivate.getOCKKey(), false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } } @@ -77,7 +78,7 @@ protected void engineUpdate(byte[] b, int off, int len) throws SignatureExceptio this.signature.update(b, off, len); } catch (Exception e) { SignatureException se = new SignatureException("Failure in engineUpdate"); - provider.setOCKExceptionCause(se, e); + NativeOCKAdapter.setOCKExceptionCause(se, e); throw se; } } @@ -88,7 +89,7 @@ protected byte[] engineSign() throws SignatureException { return this.signature.sign(); } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DSASignatureNONE.java b/src/main/java/com/ibm/crypto/plus/provider/DSASignatureNONE.java index 440782324..9f514ce64 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DSASignatureNONE.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DSASignatureNONE.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.SignatureDSANONE; +import com.ibm.crypto.plus.provider.base.SignatureDSANONE; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.InvalidKeyException; import java.security.InvalidParameterException; import java.security.PrivateKey; @@ -26,9 +27,9 @@ public final class DSASignatureNONE extends SignatureSpi { public DSASignatureNONE(OpenJCEPlusProvider provider) { try { this.provider = provider; - this.signature = SignatureDSANONE.getInstance(provider.getOCKContext()); + this.signature = SignatureDSANONE.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize DSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize DSA signature", e); } } @@ -39,7 +40,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { this.signature.initialize(dsaPublic.getOCKKey()); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } this.ofs = 0; @@ -52,7 +53,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException try { this.signature.initialize(dsaPrivate.getOCKKey()); } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } this.ofs = 0; @@ -90,7 +91,7 @@ protected byte[] engineSign() throws SignatureException { return signature; } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/DatawithECDSA.java b/src/main/java/com/ibm/crypto/plus/provider/DatawithECDSA.java index 2e052d133..f3b0bfa5c 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/DatawithECDSA.java +++ b/src/main/java/com/ibm/crypto/plus/provider/DatawithECDSA.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.ECKey; +import com.ibm.crypto.plus.provider.base.ECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidKeyException; @@ -96,7 +97,7 @@ protected byte[] engineSign() throws SignatureException { + maxDigestLength); } - byte[] signature = ECKey.signDatawithECDSA(provider.getOCKContext(), this.data, + byte[] signature = ECKey.signDatawithECDSA(provider.isFIPS(), this.data, this.dataSize, this.ecKey); // System.out.println ("signature " + data.length + " dataSize =" + @@ -128,7 +129,7 @@ protected byte[] engineSign() throws SignatureException { } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data", e); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } @@ -161,7 +162,7 @@ protected void engineUpdate(byte[] buffer, int offset, int length) throws Signat @Override protected boolean engineVerify(byte[] sigBytes) throws SignatureException { try { - return ECKey.verifyDatawithECDSA(provider.getOCKContext(), this.data, this.dataSize, + return ECKey.verifyDatawithECDSA(provider.isFIPS(), this.data, this.dataSize, sigBytes, sigBytes.length, this.ecKey); } catch (Exception e) { // return false rather than throwing exception diff --git a/src/main/java/com/ibm/crypto/plus/provider/ECDHKeyAgreement.java b/src/main/java/com/ibm/crypto/plus/provider/ECDHKeyAgreement.java index b8f48cb99..54e4f1147 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ECDHKeyAgreement.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ECDHKeyAgreement.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.ECKey; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.ECKey; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.math.BigInteger; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -186,14 +187,14 @@ protected byte[] engineGenerateSecret() throws IllegalStateException { } synchronized (locker1) { synchronized (locker2) { - secret = ECKey.computeECDHSecret(provider.getOCKContext(), + secret = ECKey.computeECDHSecret(provider.isFIPS(), ockEcKeyPub.getEcKeyId(), ockEcKeyPriv.getEcKeyId()); } } } catch (OCKException e) { throw new IllegalStateException(e.getMessage()); } catch (Exception e) { - throw provider.providerException("Failed to generate secret", e); + throw NativeOCKAdapter.providerException("Failed to generate secret", e); } // ); diff --git a/src/main/java/com/ibm/crypto/plus/provider/ECDSASignature.java b/src/main/java/com/ibm/crypto/plus/provider/ECDSASignature.java index 9e818888e..4253f4630 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ECDSASignature.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ECDSASignature.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.Signature; +import com.ibm.crypto.plus.provider.base.Signature; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -33,9 +34,9 @@ abstract class ECDSASignature extends SignatureSpi { ECDSASignature(OpenJCEPlusProvider provider, String ockDigestAlgo) { try { this.provider = provider; - this.signature = Signature.getInstance(provider.getOCKContext(), ockDigestAlgo); + this.signature = Signature.getInstance(provider.isFIPS(), ockDigestAlgo); } catch (Exception e) { - throw provider.providerException("Failed to initialize ECDSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize ECDSA signature", e); } } @@ -46,7 +47,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { this.signature.initialize(this.publicKey.getOCKKey(), false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } } @@ -72,7 +73,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException try { this.signature.initialize(this.privateKey.getOCKKey(), false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } } @@ -88,7 +89,7 @@ protected void engineUpdate(byte[] b, int off, int len) throws SignatureExceptio this.signature.update(b, off, len); } catch (Exception e) { SignatureException signatureException = new SignatureException(e.getMessage()); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } @@ -99,7 +100,7 @@ protected byte[] engineSign() throws SignatureException { return this.signature.sign(); } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ECKeyPairGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/ECKeyPairGenerator.java index e974b5e58..71965bedc 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ECKeyPairGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ECKeyPairGenerator.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.ECKey; +import com.ibm.crypto.plus.provider.base.ECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidParameterException; import java.security.KeyPair; @@ -83,7 +84,7 @@ public void initialize(AlgorithmParameterSpec params, SecureRandom random) if (provider.isFIPS()) { if (!ECNamedCurve.isFIPS(this.oid.toString())) { - throw provider.providerException("Curve not supported in FIPS", null); + throw NativeOCKAdapter.providerException("Curve not supported in FIPS", null); } } @@ -108,7 +109,7 @@ public KeyPair generateKeyPair() { try { if (this.oid != null) { - ecKey = ECKey.generateKeyPair(provider.getOCKContext(), this.oid.toString(), + ecKey = ECKey.generateKeyPair(provider.isFIPS(), this.oid.toString(), cryptoRandom); } else if (this.ecSpec != null) { @@ -116,18 +117,18 @@ public KeyPair generateKeyPair() { // System.out.println ("generting key pair from a custom // specification encodedParameters=" + // ECUtils.bytesToHex(encodedCustomCurveParameters)); - ecKey = ECKey.generateKeyPair(provider.getOCKContext(), + ecKey = ECKey.generateKeyPair(provider.isFIPS(), encodedCustomCurveParameters, cryptoRandom); } else if (this.keysize > 0 && (ecSpec == null)) { - ecKey = ECKey.generateKeyPair(provider.getOCKContext(), this.keysize, cryptoRandom); + ecKey = ECKey.generateKeyPair(provider.isFIPS(), this.keysize, cryptoRandom); } java.security.interfaces.ECPrivateKey privKey = new ECPrivateKey(provider, ecKey); java.security.interfaces.ECPublicKey pubKey = new ECPublicKey(provider, ecKey); return new KeyPair(pubKey, privKey); } catch (Exception e) { - throw provider.providerException("Failure in generateKeyPair", e); + throw NativeOCKAdapter.providerException("Failure in generateKeyPair", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ECParameterGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/ECParameterGenerator.java index 8b81f0e33..f92bd98fc 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ECParameterGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ECParameterGenerator.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.ECKey; +import com.ibm.crypto.plus.provider.base.ECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.AlgorithmParameterGeneratorSpi; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; @@ -58,7 +59,7 @@ protected AlgorithmParameters engineGenerateParameters() { if (keysize > 0) { algParams = AlgorithmParameters.getInstance("EC", provider); - byte[] encodedParams = ECKey.generateParameters(provider.getOCKContext(), + byte[] encodedParams = ECKey.generateParameters(provider.isFIPS(), this.keysize); algParams.init(encodedParams); return algParams; @@ -66,7 +67,7 @@ protected AlgorithmParameters engineGenerateParameters() { if (algParamSpec instanceof ECGenParameterSpec) { algParams = AlgorithmParameters.getInstance("EC", provider); String curveName = ((ECGenParameterSpec) algParamSpec).getName(); - byte[] encodedParams = ECKey.generateParameters(provider.getOCKContext(), + byte[] encodedParams = ECKey.generateParameters(provider.isFIPS(), curveName); algParams.init(encodedParams); return algParams; @@ -75,7 +76,7 @@ protected AlgorithmParameters engineGenerateParameters() { } } catch (Exception e) { - throw provider.providerException("Failure in generateGenerateParameters", e); + throw NativeOCKAdapter.providerException("Failure in generateGenerateParameters", e); } return algParams; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ECPrivateKey.java b/src/main/java/com/ibm/crypto/plus/provider/ECPrivateKey.java index 7954ac7b9..f965dc55d 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ECPrivateKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ECPrivateKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.ECKey; +import com.ibm.crypto.plus.provider.base.ECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.math.BigInteger; import java.security.AlgorithmParameters; @@ -123,7 +124,7 @@ final class ECPrivateKey extends PKCS8Key implements java.security.interfaces.EC // + // ECUtils.bytesToHex(privateKeyBytes)); byte[] paramBytes = ECParameters.encodeECParameters(this.params); - this.ecKey = ECKey.createPrivateKey(provider.getOCKContext(), privateKeyBytes, + this.ecKey = ECKey.createPrivateKey(provider.isFIPS(), privateKeyBytes, paramBytes); // System.out.println("ECPrivateKey(s, paramSpec) This.eckey private // bytes=" @@ -133,7 +134,7 @@ final class ECPrivateKey extends PKCS8Key implements java.security.interfaces.EC // + ECUtils.bytesToHex(ecKey.getPublicKeyBytes())); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create EC private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } @@ -169,7 +170,7 @@ final class ECPrivateKey extends PKCS8Key implements java.security.interfaces.EC // + // ECUtils.bytesToHex(privateKeyBytes)); byte[] paramBytes = ECParameters.encodeECParameters(params); - this.ecKey = ECKey.createPrivateKey(provider.getOCKContext(), privateKeyBytes, + this.ecKey = ECKey.createPrivateKey(provider.isFIPS(), privateKeyBytes, paramBytes); // System.out.println("ECPrivateKey(bytes[] encoded) This.eckey // private bytes=" @@ -179,7 +180,7 @@ final class ECPrivateKey extends PKCS8Key implements java.security.interfaces.EC // + ECUtils.bytesToHex(ecKey.getPublicKeyBytes())); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create EC private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -203,7 +204,7 @@ final class ECPrivateKey extends PKCS8Key implements java.security.interfaces.EC parseKeyBits(); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create EC private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } finally { if (algidOut != null) { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ECPublicKey.java b/src/main/java/com/ibm/crypto/plus/provider/ECPublicKey.java index c23df87a6..13822378d 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ECPublicKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ECPublicKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.ECKey; +import com.ibm.crypto.plus.provider.base.ECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.security.AlgorithmParameters; import java.security.InvalidKeyException; @@ -65,11 +66,11 @@ final class ECPublicKey extends X509Key // publicKeyBytes.length); // this.ecKey = ECKey.createPublicKey(IBMJCEPlus.getOCKContext(), w, // ecParams); - this.ecKey = ECKey.createPublicKey(provider.getOCKContext(), publicKeyBytes, + this.ecKey = ECKey.createPublicKey(provider.isFIPS(), publicKeyBytes, parameterBytes); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create EC public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -89,11 +90,11 @@ final class ECPublicKey extends X509Key byte[] publicKeyBytes = buildOCKPublicKeyBytes(); byte[] parameterBytes = ECParameters.encodeECParameters(this.params); // System.out.println ("Calling ECKey createPublicKey"); - this.ecKey = ECKey.createPublicKey(provider.getOCKContext(), publicKeyBytes, + this.ecKey = ECKey.createPublicKey(provider.isFIPS(), publicKeyBytes, parameterBytes); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create EC public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -117,7 +118,7 @@ final class ECPublicKey extends X509Key } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create EC public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } finally { if (algidOut != null) { diff --git a/src/main/java/com/ibm/crypto/plus/provider/EdDSAKeyPairGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/EdDSAKeyPairGenerator.java index 12353f1c5..f94a1e8aa 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/EdDSAKeyPairGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/EdDSAKeyPairGenerator.java @@ -9,7 +9,8 @@ package com.ibm.crypto.plus.provider; import com.ibm.crypto.plus.provider.CurveUtil.CURVE; -import com.ibm.crypto.plus.provider.ock.XECKey; +import com.ibm.crypto.plus.provider.base.XECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidParameterException; import java.security.KeyPair; @@ -101,14 +102,14 @@ public void initialize(AlgorithmParameterSpec params) public KeyPair generateKeyPair() { try { int keySize = CurveUtil.getCurveSize(curve); - XECKey xecKey = XECKey.generateKeyPair(provider.getOCKContext(), + XECKey xecKey = XECKey.generateKeyPair(provider.isFIPS(), this.curve.ordinal(), keySize); EdDSAPublicKeyImpl pubKey = new EdDSAPublicKeyImpl(provider, xecKey, this.curve); EdDSAPrivateKeyImpl privKey = new EdDSAPrivateKeyImpl(provider, xecKey); return new KeyPair(pubKey, privKey); } catch (Exception e) { - throw provider.providerException("Failure in generateKeyPair", e); + throw NativeOCKAdapter.providerException("Failure in generateKeyPair", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/EdDSAPrivateKeyImpl.java b/src/main/java/com/ibm/crypto/plus/provider/EdDSAPrivateKeyImpl.java index 915491a8c..7b214a129 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/EdDSAPrivateKeyImpl.java +++ b/src/main/java/com/ibm/crypto/plus/provider/EdDSAPrivateKeyImpl.java @@ -9,7 +9,8 @@ package com.ibm.crypto.plus.provider; import com.ibm.crypto.plus.provider.CurveUtil.CURVE; -import com.ibm.crypto.plus.provider.ock.XECKey; +import com.ibm.crypto.plus.provider.base.XECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidAlgorithmParameterException; @@ -94,19 +95,19 @@ private void setFieldsFromXeckey() throws Exception { if (this.privKeyMaterial == null) { int keySize = CurveUtil.getCurveSize(curve); - this.xecKey = XECKey.generateKeyPair(provider.getOCKContext(), + this.xecKey = XECKey.generateKeyPair(provider.isFIPS(), this.curve.ordinal(), keySize); } else { this.algid = CurveUtil.getAlgId(this.curve); byte[] der = buildOCKPrivateKeyBytes(); int encodingSize = CurveUtil.getDEREncodingSize(curve); - this.xecKey = XECKey.createPrivateKey(provider.getOCKContext(), der, + this.xecKey = XECKey.createPrivateKey(provider.isFIPS(), der, encodingSize); } } catch (Exception exception) { InvalidParameterException ike = new InvalidParameterException( "Failed to create XEC private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } checkLength(this.curve); @@ -122,12 +123,12 @@ private void setFieldsFromXeckey() throws Exception { checkLength(this.curve); int encodingSize = CurveUtil.getDEREncodingSize(curve); - this.xecKey = XECKey.createPrivateKey(provider.getOCKContext(), alteredEncoded, + this.xecKey = XECKey.createPrivateKey(provider.isFIPS(), alteredEncoded, encodingSize); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create XEC private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/EdDSAPublicKeyImpl.java b/src/main/java/com/ibm/crypto/plus/provider/EdDSAPublicKeyImpl.java index 0de0cd0a8..6186218c5 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/EdDSAPublicKeyImpl.java +++ b/src/main/java/com/ibm/crypto/plus/provider/EdDSAPublicKeyImpl.java @@ -9,7 +9,8 @@ package com.ibm.crypto.plus.provider; import com.ibm.crypto.plus.provider.CurveUtil.CURVE; -import com.ibm.crypto.plus.provider.ock.XECKey; +import com.ibm.crypto.plus.provider.base.XECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidAlgorithmParameterException; @@ -75,7 +76,7 @@ private void setFieldsFromXeckey() throws Exception { setFieldsFromXeckey(); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create XEC public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } @@ -114,11 +115,11 @@ private void setFieldsFromXeckey() throws Exception { byte[] der = buildOCKPublicKeyBytes(); byte[] alteredEncoded = alterEncodedPublicKey(der); // Alters encoded to fit GSKit, and sets params - this.xecKey = XECKey.createPublicKey(provider.getOCKContext(), alteredEncoded); + this.xecKey = XECKey.createPublicKey(provider.isFIPS(), alteredEncoded); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create EdDSA public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } @@ -147,11 +148,11 @@ private void setFieldsFromXeckey() throws Exception { this.point = new EdECPoint(xOdd, y); byte[] der = buildOCKPublicKeyBytes(); - this.xecKey = XECKey.createPublicKey(provider.getOCKContext(), der); + this.xecKey = XECKey.createPublicKey(provider.isFIPS(), der); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create EdDSA public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } checkLength(this.curve); diff --git a/src/main/java/com/ibm/crypto/plus/provider/EdDSASignature.java b/src/main/java/com/ibm/crypto/plus/provider/EdDSASignature.java index 12d42eda2..0ffaa34ff 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/EdDSASignature.java +++ b/src/main/java/com/ibm/crypto/plus/provider/EdDSASignature.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.SignatureEdDSA; +import com.ibm.crypto.plus.provider.base.SignatureEdDSA; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.ByteArrayOutputStream; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; @@ -33,18 +34,18 @@ abstract class EdDSASignature extends SignatureSpi { EdDSASignature(OpenJCEPlusProvider provider) { try { this.provider = provider; - this.signature = SignatureEdDSA.getInstance(provider.getOCKContext()); + this.signature = SignatureEdDSA.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize EdDSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize EdDSA signature", e); } } EdDSASignature(OpenJCEPlusProvider provider, String Alg) { try { this.provider = provider; - this.signature = SignatureEdDSA.getInstance(provider.getOCKContext()); + this.signature = SignatureEdDSA.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize EdDSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize EdDSA signature", e); } this.alg = Alg; // Added to know difference between ed25519 and ed448 } @@ -119,7 +120,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException try { this.signature.initialize(edDSAPrivate.getOCKKey()); } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } // Set to sign mode and reset message this.privateKeyInit = true; @@ -143,7 +144,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { this.signature.initialize(edDSAPublic.getOCKKey()); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } // Set to verify mode and reset message @@ -164,7 +165,7 @@ protected byte[] engineSign() throws SignatureException { return this.signature.sign(dataBytes); } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/HASHDRBG.java b/src/main/java/com/ibm/crypto/plus/provider/HASHDRBG.java index 6f3d57792..f6b2b28c6 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/HASHDRBG.java +++ b/src/main/java/com/ibm/crypto/plus/provider/HASHDRBG.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.BasicRandom; -import com.ibm.crypto.plus.provider.ock.ExtendedRandom; +import com.ibm.crypto.plus.provider.base.BasicRandom; +import com.ibm.crypto.plus.provider.base.ExtendedRandom; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.SecureRandomSpi; abstract class HASHDRBG extends SecureRandomSpi { @@ -31,11 +32,11 @@ protected HASHDRBG(OpenJCEPlusProvider provider, String ockRandomAlgo) { this.provider = provider; this.providerContext = provider.getProviderContext(); this.randomAlgo = ockRandomAlgo; - basicRandom = BasicRandom.getInstance(provider.getOCKContext()); + basicRandom = BasicRandom.getInstance(provider.isFIPS()); try { - extendedRandom = ExtendedRandom.getInstance(provider.getOCKContext(), ockRandomAlgo); + extendedRandom = ExtendedRandom.getInstance(provider.isFIPS(), ockRandomAlgo); } catch (Exception e) { - throw provider.providerException("Failed to get HASHDRBG algorithm", e); + throw NativeOCKAdapter.providerException("Failed to get HASHDRBG algorithm", e); } } @@ -44,7 +45,7 @@ protected void engineSetSeed(byte[] seed) { try { extendedRandom.setSeed(seed); } catch (Exception e) { - throw provider.providerException("Failed to set seed", e); + throw NativeOCKAdapter.providerException("Failed to set seed", e); } } @@ -56,7 +57,7 @@ protected void engineNextBytes(byte[] bytes) { try { extendedRandom.nextBytes(bytes); } catch (Exception e) { - throw provider.providerException("Failed to get next bytes", e); + throw NativeOCKAdapter.providerException("Failed to get next bytes", e); } } @@ -65,7 +66,7 @@ protected byte[] engineGenerateSeed(int numBytes) { try { return basicRandom.generateSeed(numBytes); } catch (Exception e) { - throw provider.providerException("Failed to generate seed", e); + throw NativeOCKAdapter.providerException("Failed to generate seed", e); } } @@ -86,12 +87,12 @@ private void readObject(java.io.ObjectInputStream s) //System.out.println("Restoring SecureRandom for " + randomAlgo + " from provider " + provider.getName()); // Recreate OCK object per tag [SERIALIZATION] in DesignNotes.txt - basicRandom = BasicRandom.getInstance(provider.getOCKContext()); + basicRandom = BasicRandom.getInstance(provider.isFIPS()); try { // Recreate OCK object per tag [SERIALIZATION] in DesignNotes.txt - extendedRandom = ExtendedRandom.getInstance(provider.getOCKContext(), randomAlgo); + extendedRandom = ExtendedRandom.getInstance(provider.isFIPS(), randomAlgo); } catch (Exception e) { - throw provider.providerException("Failed to get HASHDRBG algorithm", e); + throw NativeOCKAdapter.providerException("Failed to get HASHDRBG algorithm", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/HKDFGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/HKDFGenerator.java index 4cbaf0ae9..c9f6b3668 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/HKDFGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/HKDFGenerator.java @@ -8,8 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.HKDF; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.HKDF; +import com.ibm.crypto.plus.provider.base.OCKException; import ibm.security.internal.spec.HKDFExpandParameterSpec; import ibm.security.internal.spec.HKDFExtractParameterSpec; import ibm.security.internal.spec.HKDFParameterSpec; @@ -53,7 +53,7 @@ public HKDFGenerator(OpenJCEPlusProvider provider, String digestAlgorithm) this.provider = provider; this.digestAlgorithm = digestAlgorithm; try { - hkdfObj = HKDF.getInstance(this.provider.getOCKContext(), this.digestAlgorithm); + hkdfObj = HKDF.getInstance(this.provider.isFIPS(), this.digestAlgorithm); hkdfLen = hkdfObj.getMacLength(); } catch (Exception ex) { throw new NoSuchAlgorithmException("cannot initialize hkdf"); diff --git a/src/main/java/com/ibm/crypto/plus/provider/HKDFKeyDerivation.java b/src/main/java/com/ibm/crypto/plus/provider/HKDFKeyDerivation.java index 579030948..25c90403f 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/HKDFKeyDerivation.java +++ b/src/main/java/com/ibm/crypto/plus/provider/HKDFKeyDerivation.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.HKDF; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.HKDF; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.ByteArrayOutputStream; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -81,12 +82,12 @@ private HKDFKeyDerivation(OpenJCEPlusProvider provider, SupportedHmac supportedH this.digestAlgName = supportedHmac.digestAlg; this.hmacLen = supportedHmac.hmacLen; try { - hkdfObj = HKDF.getInstance(this.provider.getOCKContext(), this.digestAlgName); + hkdfObj = HKDF.getInstance(this.provider.isFIPS(), this.digestAlgName); if (hkdfObj.getMacLength() != this.hmacLen) { throw new ProviderException("Mismatch between expected and OCK provided HMAC length"); } } catch (Exception ex) { - throw provider.providerException("Cannot initialize hkdf", ex); + throw NativeOCKAdapter.providerException("Cannot initialize hkdf", ex); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/HmacCore.java b/src/main/java/com/ibm/crypto/plus/provider/HmacCore.java index 3d1a0bf21..bab2d0b82 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/HmacCore.java +++ b/src/main/java/com/ibm/crypto/plus/provider/HmacCore.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.HMAC; +import com.ibm.crypto.plus.provider.base.HMAC; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.Key; @@ -30,9 +31,9 @@ abstract class HmacCore extends MacSpi { try { this.provider = provider; - this.hmac = HMAC.getInstance(provider.getOCKContext(), ockDigestAlgo); + this.hmac = HMAC.getInstance(provider.isFIPS(), ockDigestAlgo); } catch (Exception e) { - throw provider.providerException("Failure in HmacCore", e); + throw NativeOCKAdapter.providerException("Failure in HmacCore", e); } } @@ -41,7 +42,7 @@ protected byte[] engineDoFinal() { try { return hmac.doFinal(); } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -50,7 +51,7 @@ protected int engineGetMacLength() { try { return hmac.getMacLength(); } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -73,7 +74,7 @@ protected void engineInit(Key key, AlgorithmParameterSpec params) try { hmac.initialize(secret); } catch (Exception e) { - throw provider.providerException("Failure in engineInit", e); + throw NativeOCKAdapter.providerException("Failure in engineInit", e); } finally { Arrays.fill(secret, (byte) 0x00); } @@ -84,7 +85,7 @@ protected void engineReset() { try { hmac.reset(); } catch (Exception e) { - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -100,7 +101,7 @@ protected void engineUpdate(byte[] input, int offset, int length) { try { this.hmac.update(input, offset, length); } catch (Exception e) { - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java b/src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java index cb8859fdd..0d4ccae20 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java +++ b/src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java @@ -8,8 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.OCKException; -import com.ibm.crypto.plus.provider.ock.OJPKEM; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.base.OJPKEM; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.PrivateKey; @@ -98,8 +98,7 @@ public KEM.Encapsulated engineEncapsulate(int from, int to, String algorithm) { } try { - OJPKEM.KEM_encapsulate(provider.getOCKContext(), - ((PQCPublicKey) publicKey).getPQCKey().getPKeyId(), encapsulation, secret); + OJPKEM.KEM_encapsulate(provider.isFIPS(), ((PQCPublicKey) publicKey).getPQCKey().getPKeyId(), encapsulation, secret); } catch (OCKException e) { throw new ProviderException("OCK Exception: ", e); } @@ -161,8 +160,7 @@ public SecretKey engineDecapsulate(byte[] cipherText, int from, int to, String a throw new NullPointerException(); } try { - secret = OJPKEM.KEM_decapsulate(provider.getOCKContext(), - ((PQCPrivateKey) this.privateKey).getPQCKey().getPKeyId(), cipherText); + secret = OJPKEM.KEM_decapsulate(provider.isFIPS(), ((PQCPrivateKey) this.privateKey).getPQCKey().getPKeyId(), cipherText); } catch (OCKException e) { throw new DecapsulateException("Decapsulation Error: ", e); diff --git a/src/main/java/com/ibm/crypto/plus/provider/MessageDigest.java b/src/main/java/com/ibm/crypto/plus/provider/MessageDigest.java index a18c4bb8e..91a7c4cfe 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/MessageDigest.java +++ b/src/main/java/com/ibm/crypto/plus/provider/MessageDigest.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.Digest; +import com.ibm.crypto.plus.provider.base.Digest; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.MessageDigestSpi; abstract class MessageDigest extends MessageDigestSpi implements Cloneable { @@ -19,9 +20,9 @@ abstract class MessageDigest extends MessageDigestSpi implements Cloneable { MessageDigest(OpenJCEPlusProvider provider, String ockDigestAlgo) { try { this.provider = provider; - this.digest = Digest.getInstance(provider.getOCKContext(), ockDigestAlgo); + this.digest = Digest.getInstance(provider.isFIPS(), ockDigestAlgo); } catch (Exception e) { - throw provider.providerException("Failure in MessageDigest", e); + throw NativeOCKAdapter.providerException("Failure in MessageDigest", e); } } @@ -43,7 +44,7 @@ protected void engineUpdate(byte[] input, int offset, int length) { try { this.digest.update(input, offset, length); } catch (Exception e) { - throw provider.providerException("Failure in engineUpdate", e); + throw NativeOCKAdapter.providerException("Failure in engineUpdate", e); } } @@ -52,7 +53,7 @@ protected byte[] engineDigest() { try { return this.digest.digest(); } catch (Exception e) { - throw provider.providerException("Failure in engineDigest", e); + throw NativeOCKAdapter.providerException("Failure in engineDigest", e); } } @@ -61,7 +62,7 @@ protected int engineGetDigestLength() { try { return this.digest.getDigestLength(); } catch (Exception e) { - throw provider.providerException("Failure in engineGetDigestLength", e); + throw NativeOCKAdapter.providerException("Failure in engineGetDigestLength", e); } } @@ -102,7 +103,7 @@ protected void engineReset() { try { this.digest.reset(); } catch (Exception e) { - throw provider.providerException("Failure in engineReset", e); + throw NativeOCKAdapter.providerException("Failure in engineReset", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlus.java b/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlus.java index 150c569e6..96ad437be 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlus.java +++ b/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlus.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.OCKContext; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.NativeInterface; +import com.ibm.crypto.plus.provider.base.NativeInterfaceFactory; +import com.ibm.crypto.plus.provider.base.OCKContext; import java.lang.reflect.Constructor; import java.security.InvalidParameterException; import java.security.Key; @@ -82,14 +83,6 @@ public OpenJCEPlus() { } final OpenJCEPlusProvider jce = this; - - // Do java OCK initialization which includes loading native code - // Don't do this in the static initializer because it might - // be necessary for an applet running in a browser to grant - // access rights beforehand. - if (!ockInitialized) { - initializeContext(); - } registerAlgorithms(jce); if (instance == null) { @@ -97,11 +90,12 @@ public OpenJCEPlus() { } if (debug != null) { + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(false); debug.println("OpenJCEPlus Build-Level: " + getDebugDate(this.getClass().getName())); - debug.println("OpenJCEPlus library build date: " + OCKContext.getLibraryBuildDate()); + debug.println("OpenJCEPlus library build date: " + nativeImpl.getLibraryBuildDate()); try { - debug.println("OpenJCEPlus dependent library version: " + ockContext.getOCKVersion()); - debug.println("OpenJCEPlus dependent library path: " + ockContext.getOCKInstallPath()); + debug.println("OpenJCEPlus dependent library version: " + nativeImpl.getLibraryVersion()); + debug.println("OpenJCEPlus dependent library path: " + nativeImpl.getLibraryInstallPath()); } catch (Throwable t) { t.printStackTrace(System.out); } @@ -1137,93 +1131,9 @@ java.security.SecureRandom getSecureRandom(java.security.SecureRandom userSecure } } - // Initialize OCK context(s) - // - private synchronized void initializeContext() { - // Leave this duplicate check in here. If two threads are both trying - // to instantiate an OpenJCEPlus provider at the same time, we need to - // ensure that the initialization only happens one time. We have - // made the method synchronizaed to ensure only one thread can execute - // the method at a time. - // - if (ockInitialized) { - return; - } - - try { - boolean useFIPSMode = false; - - ockContext = OCKContext.createContext(useFIPSMode); - ockInitialized = true; - } catch (OCKException e) { - throw providerException("Failed to initialize OpenJCEPlus provider", e); - } catch (Throwable t) { - ProviderException exceptionToThrow = providerException( - "Failed to initialize OpenJCEPlus provider", t); - - if (exceptionToThrow.getCause() == null) { - // We are not including the full stack trace back to the point - // of origin. - // Try and obtain the message for the underlying cause of the - // exception - // - // If an ExceptionInInitializerError or NoClassDefFoundError is - // thrown, we want to get the message from the cause of that - // exception. - // - if ((t instanceof java.lang.ExceptionInInitializerError) - || (t instanceof java.lang.NoClassDefFoundError)) { - Throwable cause = t.getCause(); - if (cause != null) { - t = cause; - } - } - - // In the case that the JNI library could not be loaded. - // - String message = t.getMessage(); - if ((message != null) && (message.length() > 0)) { - // We want to see the message for the underlying cause even - // if not showing the stack trace all the way back to the - // point of origin. - // - exceptionToThrow.initCause(new ProviderException(t.getMessage())); - } - } - - if (debug != null) { - exceptionToThrow.printStackTrace(System.out); - } - - throw exceptionToThrow; - } - } - - // Get OCK context for crypto operations - // - OCKContext getOCKContext() { - // May need to initialize OCK here in the case that a serialized - // OpenJCEPlus object, such as a HASHDRBG SecureRandom, is being - // deserialized in a JVM that has not instantiated the OpenJCEPlus - // provider yet. - // - if (!ockInitialized) { - initializeContext(); - } - - return ockContext; - } - - ProviderException providerException(String message, Throwable ockException) { - ProviderException providerException = new ProviderException(message, ockException); - setOCKExceptionCause(providerException, ockException); - return providerException; - } - - void setOCKExceptionCause(Exception exception, Throwable ockException) { - if (debug != null) { - exception.initCause(ockException); - } + @Override + boolean isFIPS() { + return false; } // Get the date from the ImplementationVersion in the manifest file diff --git a/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlusFIPS.java b/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlusFIPS.java index acb630e07..1f965ad63 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlusFIPS.java +++ b/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlusFIPS.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.OCKContext; -import com.ibm.crypto.plus.provider.ock.OCKException; +import com.ibm.crypto.plus.provider.base.NativeInterface; +import com.ibm.crypto.plus.provider.base.NativeInterfaceFactory; +import com.ibm.crypto.plus.provider.base.OCKContext; import java.lang.reflect.Constructor; import java.security.InvalidParameterException; import java.security.Key; @@ -116,13 +117,6 @@ public OpenJCEPlusFIPS() { final OpenJCEPlusProvider jce = this; - // Do java OCK initialization which includes loading native code - // Don't do this in the static initializer because it might - // be necessary for an applet running in a browser to grant - // access rights beforehand. - if (!ockInitialized) { - initializeContext(); - } registerAlgorithms(jce); if (instance == null) { @@ -130,11 +124,12 @@ public OpenJCEPlusFIPS() { } if (debug != null) { + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(true); debug.println("OpenJCEPlusFIPS Build-Level: " + getDebugDate(this.getClass().getName())); - debug.println("OpenJCEPlusFIPS library build date: " + OCKContext.getLibraryBuildDate()); + debug.println("OpenJCEPlusFIPS library build date: " + nativeImpl.getLibraryBuildDate()); try { - debug.println("OpenJCEPlusFIPS dependent library version: " + ockContext.getOCKVersion()); - debug.println("OpenJCEPlusFIPS dependent library path: " + ockContext.getOCKInstallPath()); + debug.println("OpenJCEPlusFIPS dependent library version: " + nativeImpl.getLibraryVersion()); + debug.println("OpenJCEPlusFIPS dependent library path: " + nativeImpl.getLibraryInstallPath()); } catch (Throwable t) { t.printStackTrace(System.out); } @@ -846,101 +841,9 @@ java.security.SecureRandom getSecureRandom(java.security.SecureRandom userSecure } } - // Initialize OCK context(s) - // - private synchronized void initializeContext() { - // Leave this duplicate check in here. If two threads are both trying - // to instantiate an OpenJCEPlusFIPS provider at the same time, we need - // to ensure that the initialization only happens one time. We have - // made the method synchronizaed to ensure only one thread can execute - // the method at a time. - // - if (ockInitialized) { - return; - } - - try { - boolean useFIPSMode = true; - if (!isFIPSCertifiedPlatform) { - if (printFipsDeveloperModeWarning) { - System.out.println("WARNING: OpenJCEPlusFIPS is about to load non FIPS 140-3 library!"); - } - if (debug != null) { - debug.println("WARNING: OpenJCEPlusFIPS is about to load non FIPS 140-3 library!"); - } - useFIPSMode = false; - } - - ockContext = OCKContext.createContext(useFIPSMode); - ockInitialized = true; - } catch (OCKException e) { - throw providerException("Failed to initialize OpenJCEPlusFIPS provider", e); - } catch (Throwable t) { - ProviderException exceptionToThrow = providerException( - "Failed to initialize OpenJCEPlusFIPS provider", t); - - if (exceptionToThrow.getCause() == null) { - // We are not including the full stack trace back to the point - // of origin. Try and obtain the message for the underlying - // cause of the exception. - // - // If an ExceptionInInitializerError or NoClassDefFoundError is - // thrown, we want to get the message from the cause of that - // exception. - // - if ((t instanceof java.lang.ExceptionInInitializerError) - || (t instanceof java.lang.NoClassDefFoundError)) { - Throwable cause = t.getCause(); - if (cause != null) { - t = cause; - } - } - - // In the case that the JNI library could not be loaded. - // - String message = t.getMessage(); - if ((message != null) && (message.length() > 0)) { - // We want to see the message for the underlying cause even - // if not showing the stack trace all the way back to the - // point of origin. - // - exceptionToThrow.initCause(new ProviderException(t.getMessage())); - } - } - - if (debug != null) { - exceptionToThrow.printStackTrace(System.out); - } - - throw exceptionToThrow; - } - } - - // Get OCK context for crypto operations - // - OCKContext getOCKContext() { - // May need to initialize OCK here in the case that a serialized - // OpenJCEPlus object, such as a HASHDRBG SecureRandom, is being - // deserialized in a JVM that has not instantiated the - // OpenJCEPlusFIPS provider yet. - // - if (!ockInitialized) { - initializeContext(); - } - - return ockContext; - } - - ProviderException providerException(String message, Throwable ockException) { - ProviderException providerException = new ProviderException(message, ockException); - setOCKExceptionCause(providerException, ockException); - return providerException; - } - - void setOCKExceptionCause(Exception exception, Throwable ockException) { - if (debug != null) { - exception.initCause(ockException); - } + @Override + boolean isFIPS() { + return true; } // Get the date from the ImplementationVersion in the manifest file diff --git a/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlusProvider.java b/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlusProvider.java index 0805f984c..d842923b5 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlusProvider.java +++ b/src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlusProvider.java @@ -8,9 +8,6 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.OCKContext; -import java.security.ProviderException; - // Internal interface for OpenJCEPlus and OpenJCEPlus implementation classes. // Implemented as an abstract class rather than an interface so that // methods can be package protected, as interfaces have only public methods. @@ -47,13 +44,6 @@ private static final synchronized boolean doSelfVerification(Object c) { return true; } - // Get OCK context for crypto operations - // - abstract OCKContext getOCKContext(); - - // Get the context associated with the provider. The context is used in - // serialization to be able to keep track of the associated provider. - // abstract ProviderContext getProviderContext(); // Get SecureRandom to use for crypto operations. If in FIPS mode, returns a @@ -66,17 +56,11 @@ abstract java.security.SecureRandom getSecureRandom( // Return whether the provider is FIPS. If the provider is using an OCK // context in FIPS mode then it is FIPS. // - boolean isFIPS() { - return getOCKContext().isFIPS(); - } + abstract boolean isFIPS(); // Return the Java version. // String getJavaVersionStr() { return JAVA_VER; } - - abstract ProviderException providerException(String message, Throwable ockException); - - abstract void setOCKExceptionCause(Exception exception, Throwable ockException); } diff --git a/src/main/java/com/ibm/crypto/plus/provider/PBKDF2KeyImpl.java b/src/main/java/com/ibm/crypto/plus/provider/PBKDF2KeyImpl.java index e9b0577b5..7441ac5bb 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/PBKDF2KeyImpl.java +++ b/src/main/java/com/ibm/crypto/plus/provider/PBKDF2KeyImpl.java @@ -8,8 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.OCKException; -import com.ibm.crypto.plus.provider.ock.PBKDF; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.base.PBKDF; import java.io.IOException; import java.io.InvalidObjectException; import java.io.ObjectInputStream; @@ -118,7 +118,7 @@ private static byte[] getPasswordBytes(char[] passwd) { // Convert key length to bytes and derive key using OCKC. try { - this.key = PBKDF.PBKDF2derive(provider.getOCKContext(), this.prfAlgorithm, + this.key = PBKDF.PBKDF2derive(provider.isFIPS(), this.prfAlgorithm, passwdBytes, salt, iterCount, keyLength / 8); } catch (OCKException e) { throw new InvalidKeySpecException( diff --git a/src/main/java/com/ibm/crypto/plus/provider/PQCKeyPairGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/PQCKeyPairGenerator.java index 2f411f799..3313b0c7c 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/PQCKeyPairGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/PQCKeyPairGenerator.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.PQCKey; +import com.ibm.crypto.plus.provider.base.PQCKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidParameterException; import java.security.KeyPair; @@ -52,16 +53,17 @@ public void initialize(int keysize, SecureRandom random) { @Override public KeyPair generateKeyPair() { try { - PQCKey mlkemKey = PQCKey.generateKeyPair(provider.getOCKContext(), mlkemAlg); + //System.out.println("Generating KeyPair for " + mlkemAlg); + PQCKey mlkemKey = PQCKey.generateKeyPair(provider.isFIPS(), mlkemAlg); byte[] privKeyBytes = mlkemKey.getPrivateKeyBytes(); - PQCPrivateKey privKey = new PQCPrivateKey(provider, PQCKey.createPrivateKey(provider.getOCKContext(), - mlkemAlg, privKeyBytes)); + PQCPrivateKey privKey = new PQCPrivateKey(provider, PQCKey.createPrivateKey(provider.isFIPS(), + mlkemAlg, privKeyBytes)); byte[] pubKeyBytes = mlkemKey.getPublicKeyBytes(); - PQCPublicKey pubKey = new PQCPublicKey(provider, PQCKey.createPublicKey(provider.getOCKContext(), - mlkemAlg, pubKeyBytes)); + PQCPublicKey pubKey = new PQCPublicKey(provider, PQCKey.createPublicKey(provider.isFIPS(), + mlkemAlg, pubKeyBytes)); return new KeyPair(pubKey, privKey); } catch (Exception e) { - throw provider.providerException("Failure in generateKeyPair - " +e.getCause(), e); + throw NativeOCKAdapter.providerException("Failure in generateKeyPair - " +e.getCause(), e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/PQCPrivateKey.java b/src/main/java/com/ibm/crypto/plus/provider/PQCPrivateKey.java index acfbe3c74..3cb4365fd 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/PQCPrivateKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/PQCPrivateKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.PQCKey; +import com.ibm.crypto.plus.provider.base.PQCKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.security.InvalidKeyException; import java.util.Arrays; @@ -59,8 +60,9 @@ final class PQCPrivateKey extends PKCS8Key { try { try { pkOct = new DerValue(DerValue.tag_OctetString, key); - this.pqcKey = PQCKey.createPrivateKey(provider.getOCKContext(), - this.name, pkOct.toByteArray()); + + this.pqcKey = PQCKey.createPrivateKey(provider.isFIPS(), + this.name, pkOct.toByteArray()); this.privKeyMaterial = pkOct.toByteArray(); } finally { pkOct.clear(); @@ -97,7 +99,7 @@ final class PQCPrivateKey extends PKCS8Key { this.name = PQCKnownOIDs.findMatch(pqcKey.getAlgorithm()).stdName(); this.algid = new AlgorithmId(PQCAlgorithmId.getOID(name)); } catch (Exception exception) { - throw provider.providerException("Failure in PQCPrivateKey" + exception.getMessage(), exception); + throw NativeOCKAdapter.providerException("Failure in PQCPrivateKey" + exception.getMessage(), exception); } } @@ -124,8 +126,8 @@ final class PQCPrivateKey extends PKCS8Key { } } try { - this.pqcKey = PQCKey.createPrivateKey(provider.getOCKContext(), - this.name, this.privKeyMaterial); + this.pqcKey = PQCKey.createPrivateKey(provider.isFIPS(), + this.name, this.privKeyMaterial); } catch (Exception e) { throw new InvalidKeyException("Invalid key " + e.getMessage(), e); } diff --git a/src/main/java/com/ibm/crypto/plus/provider/PQCPublicKey.java b/src/main/java/com/ibm/crypto/plus/provider/PQCPublicKey.java index 80f85eaba..e55e8114e 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/PQCPublicKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/PQCPublicKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.PQCKey; +import com.ibm.crypto.plus.provider.base.PQCKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.security.InvalidKeyException; import javax.security.auth.DestroyFailedException; @@ -49,10 +50,10 @@ final class PQCPublicKey extends X509Key byte[] b = tmp.toByteArray(); tmp.close(); - this.pqcKey = PQCKey.createPublicKey(provider.getOCKContext(), algName, b); + this.pqcKey = PQCKey.createPublicKey(provider.isFIPS(), algName, b); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -70,7 +71,7 @@ final class PQCPublicKey extends X509Key this.pqcKey = pqcKey; } catch (Exception exception) { - throw provider.providerException("Failure in PublicKey + "+ exception.getMessage(), exception); + throw NativeOCKAdapter.providerException("Failure in PublicKey + "+ exception.getMessage(), exception); } } @@ -86,9 +87,10 @@ final class PQCPublicKey extends X509Key byte[] b = tmp.toByteArray(); tmp.close(); - this.pqcKey = PQCKey.createPublicKey(provider.getOCKContext(), name, b); + this.pqcKey = PQCKey.createPublicKey(provider.isFIPS(), name, b); + } catch (Exception e) { - throw provider.providerException("Failure in PublicKey -"+e.getMessage(), e); + throw NativeOCKAdapter.providerException("Failure in PublicKey -"+e.getMessage(), e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/PQCSignatureImpl.java b/src/main/java/com/ibm/crypto/plus/provider/PQCSignatureImpl.java index 20a67d21c..cbc52c616 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/PQCSignatureImpl.java +++ b/src/main/java/com/ibm/crypto/plus/provider/PQCSignatureImpl.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.PQCSignature; +import com.ibm.crypto.plus.provider.base.PQCSignature; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.ByteArrayOutputStream; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; @@ -34,18 +35,18 @@ abstract class PQCSignatureImpl extends SignatureSpi { PQCSignatureImpl(OpenJCEPlusProvider provider) { try { this.provider = provider; - this.signature = PQCSignature.getInstance(provider.getOCKContext()); + this.signature = PQCSignature.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize EdDSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize EdDSA signature", e); } } PQCSignatureImpl(OpenJCEPlusProvider provider, String Alg) { try { this.provider = provider; - this.signature = PQCSignature.getInstance(provider.getOCKContext()); + this.signature = PQCSignature.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize EdDSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize EdDSA signature", e); } this.alg = Alg; // Added to know difference between algorithms. } @@ -94,7 +95,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException try { this.signature.initialize(keyPrivate.getPQCKey()); } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } // Set to sign mode and reset message. this.privateKeyInit = true; @@ -117,7 +118,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { this.signature.initialize(keyPublic.getPQCKey()); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } // Set to verify mode and reset message. @@ -139,7 +140,7 @@ protected byte[] engineSign() throws SignatureException { return sign; } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSA.java b/src/main/java/com/ibm/crypto/plus/provider/RSA.java index dbd84e9ff..bc5f32f82 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSA.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSA.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.RSACipher; -import com.ibm.crypto.plus.provider.ock.RSAPadding; +import com.ibm.crypto.plus.provider.base.RSACipher; +import com.ibm.crypto.plus.provider.base.RSAPadding; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.nio.ByteBuffer; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; @@ -62,9 +63,9 @@ public RSA(OpenJCEPlusProvider provider) { this.provider = provider; try { - this.rsaCipher = RSACipher.getInstance(provider.getOCKContext()); + this.rsaCipher = RSACipher.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize RSA cipher", e); + throw NativeOCKAdapter.providerException("Failed to initialize RSA cipher", e); } } @@ -85,7 +86,7 @@ protected byte[] engineDoFinal(byte[] input, int inOffset, int inLen) return output; } } catch (ShortBufferException sbe) { - throw provider.providerException("Failure in engineDoFinal", sbe); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", sbe); } } @@ -145,20 +146,20 @@ && msgLength > oaepInputLimit()) { return outLen; } catch (ShortBufferException ock_sbe) { ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage()); - provider.setOCKExceptionCause(sbe, ock_sbe); + NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe); throw sbe; } catch (IllegalBlockSizeException ock_ibse) { IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage()); - provider.setOCKExceptionCause(ibse, ock_ibse); + NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse); throw ibse; } catch (BadPaddingException ock_bpe) { BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage()); - provider.setOCKExceptionCause(bpe, ock_bpe); + NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe); throw bpe; } catch (Exception e) { // Unsure of msg length behavior on failure. e.g. do we set it to 0? // do we clear the buffer? - throw provider.providerException("Failure in engineDoFinal", e); + throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e); } } @@ -188,7 +189,7 @@ protected int engineGetOutputSize(int inputLen) { try { return this.rsaCipher.getOutputSize(); } catch (Exception e) { - throw provider.providerException("Failure in engineGetOutputSize", e); + throw NativeOCKAdapter.providerException("Failure in engineGetOutputSize", e); } } @@ -293,7 +294,7 @@ private void internalInit(int opmode, Key key, AlgorithmParameterSpec params) rsaCipher.initialize(rsaPub.getOCKKey(), false); this.keyType = Cipher.PUBLIC_KEY; } catch (Exception e) { - throw provider.providerException("Failure in internalInit", e); + throw NativeOCKAdapter.providerException("Failure in internalInit", e); } } else if (key instanceof java.security.interfaces.RSAPrivateCrtKey) { if (doTypeChecking) { @@ -306,7 +307,7 @@ private void internalInit(int opmode, Key key, AlgorithmParameterSpec params) rsaCipher.initialize(rsaPriv.getOCKKey(), false); this.keyType = Cipher.PRIVATE_KEY; } catch (Exception e) { - throw provider.providerException("Failure in internalInit", e); + throw NativeOCKAdapter.providerException("Failure in internalInit", e); } } else if (key instanceof java.security.interfaces.RSAPrivateKey) { if (doTypeChecking) { @@ -319,7 +320,7 @@ private void internalInit(int opmode, Key key, AlgorithmParameterSpec params) rsaCipher.initialize(rsaPriv.getOCKKey(), true); this.keyType = Cipher.PRIVATE_KEY; } catch (Exception e) { - throw provider.providerException("Failure in internalInit", e); + throw NativeOCKAdapter.providerException("Failure in internalInit", e); } } else { throw new InvalidKeyException("key type not supported"); @@ -330,7 +331,7 @@ private void internalInit(int opmode, Key key, AlgorithmParameterSpec params) this.msgLength = 0; this.initialized = true; } catch (Exception e) { - throw provider.providerException("Failure in internalInit", e); + throw NativeOCKAdapter.providerException("Failure in internalInit", e); } if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE) { @@ -456,7 +457,7 @@ private int oaepInputLimit() throws Exception { int digestLength = 20; // sha-1 digest length return rsaCipher.getOutputSize() - (2 * digestLength) - 2; } catch (Exception e) { - throw provider.providerException("Unable to get input limit", e); + throw NativeOCKAdapter.providerException("Unable to get input limit", e); } } @@ -464,7 +465,7 @@ private int pkcs1InputLimit() throws Exception { try { return rsaCipher.getOutputSize() - 11; } catch (Exception e) { - throw provider.providerException("Unable to get input limit", e); + throw NativeOCKAdapter.providerException("Unable to get input limit", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSAKeyPairGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/RSAKeyPairGenerator.java index 50c848396..088ae9beb 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSAKeyPairGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSAKeyPairGenerator.java @@ -9,7 +9,8 @@ package com.ibm.crypto.plus.provider; import com.ibm.crypto.plus.provider.RSAUtil.KeyType; -import com.ibm.crypto.plus.provider.ock.RSAKey; +import com.ibm.crypto.plus.provider.base.RSAKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.math.BigInteger; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -116,13 +117,13 @@ public void initialize(AlgorithmParameterSpec params, SecureRandom random) @Override public KeyPair generateKeyPair() { try { - RSAKey rsaKey = RSAKey.generateKeyPair(provider.getOCKContext(), this.keysize, + RSAKey rsaKey = RSAKey.generateKeyPair(provider.isFIPS(), this.keysize, this.publicExponent); java.security.interfaces.RSAPrivateKey privKey = new RSAPrivateCrtKey(rsaId, provider, rsaKey); java.security.interfaces.RSAPublicKey pubKey = new RSAPublicKey(rsaId, provider, rsaKey); return new KeyPair(pubKey, privKey); } catch (Exception e) { - throw provider.providerException("Failure in generateKeyPair", e); + throw NativeOCKAdapter.providerException("Failure in generateKeyPair", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSAPSSSignature.java b/src/main/java/com/ibm/crypto/plus/provider/RSAPSSSignature.java index b428089b7..a94beb061 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSAPSSSignature.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSAPSSSignature.java @@ -8,8 +8,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.SignatureRSAPSS; -import com.ibm.crypto.plus.provider.ock.SignatureRSAPSS.InitOp; +import com.ibm.crypto.plus.provider.base.SignatureRSAPSS; +import com.ibm.crypto.plus.provider.base.SignatureRSAPSS.InitOp; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.AlgorithmParameters; import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; @@ -90,9 +91,9 @@ public RSAPSSSignature(OpenJCEPlusProvider provider, PSSParameterSpec pssParamet || pssParameterSpec.getDigestAlgorithm().equalsIgnoreCase("SHA-1") || pssParameterSpec.getDigestAlgorithm().equalsIgnoreCase("SHA")) && (provider.isFIPS())) { - throw provider.providerException("SHA1 not supported by FIPS.", null); + throw NativeOCKAdapter.providerException("SHA1 not supported by FIPS.", null); } - this.signature = SignatureRSAPSS.getInstance(provider.getOCKContext(), + this.signature = SignatureRSAPSS.getInstance(provider.isFIPS(), pssParameterSpec.getDigestAlgorithm(), pssParameterSpec.getSaltLength(), pssParameterSpec.getTrailerField(), pssParameterSpec.getMGFAlgorithm(), mgf1ParamSpec.getDigestAlgorithm()); @@ -100,7 +101,7 @@ public RSAPSSSignature(OpenJCEPlusProvider provider, PSSParameterSpec pssParamet } catch (InvalidAlgorithmParameterException e) { throw new ProviderException(e); } catch (Exception e) { - throw provider.providerException("Failed to initialize RSAPSS signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize RSAPSS signature", e); } } @@ -122,7 +123,7 @@ public RSAPSSSignature(OpenJCEPlusProvider provider, String ockDigestAlgo) { switch (ockDigestAlgo) { case "SHA-1": if (provider.isFIPS()) { - throw provider.providerException("SHA1 not supported by FIPS.", null); + throw NativeOCKAdapter.providerException("SHA1 not supported by FIPS.", null); } pssParameterSpec = new PSSParameterSpec(ockDigestAlgo, "MGF1", MGF1ParameterSpec.SHA1, 20, 1); @@ -164,7 +165,7 @@ public RSAPSSSignature(OpenJCEPlusProvider provider, String ockDigestAlgo) { } MGF1ParameterSpec mgf1ParamSpec = (MGF1ParameterSpec) pssParameterSpec .getMGFParameters(); - this.signature = SignatureRSAPSS.getInstance(provider.getOCKContext(), ockDigestAlgo, + this.signature = SignatureRSAPSS.getInstance(provider.isFIPS(), ockDigestAlgo, pssParameterSpec.getSaltLength(), pssParameterSpec.getTrailerField(), pssParameterSpec.getMGFAlgorithm(), mgf1ParamSpec.getDigestAlgorithm()); //System.out.println("In get Instance " + this.signature); @@ -173,7 +174,7 @@ public RSAPSSSignature(OpenJCEPlusProvider provider, String ockDigestAlgo) { } catch (InvalidAlgorithmParameterException e) { throw new ProviderException(e); } catch (Exception e) { - throw provider.providerException("Failed to initialize RSAPSS signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize RSAPSS signature", e); } } @@ -231,7 +232,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException true); } } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } this.privateKey = (java.security.interfaces.RSAPrivateKey) rsaPrivate; this.publicKey = null; @@ -277,7 +278,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { this.signature.initialize(rsaPublic.getOCKKey(), InitOp.INITVERIFY, false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } this.publicKey = rsaPublic; @@ -297,7 +298,7 @@ protected void engineUpdate(byte[] b, int off, int len) throws SignatureExceptio this.signature.update(b, off, len); } catch (Exception e) { SignatureException se = new SignatureException("Failure in engineUpdate"); - provider.setOCKExceptionCause(se, e); + NativeOCKAdapter.setOCKExceptionCause(se, e); throw se; } } @@ -308,7 +309,7 @@ protected byte[] engineSign() throws SignatureException { return this.signature.signFinal(); } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSAPrivateCrtKey.java b/src/main/java/com/ibm/crypto/plus/provider/RSAPrivateCrtKey.java index f4873ea1d..d047a0ac1 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSAPrivateCrtKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSAPrivateCrtKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.RSAKey; +import com.ibm.crypto.plus.provider.base.RSAKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.io.Serializable; import java.math.BigInteger; @@ -112,10 +113,10 @@ public void rsaPrivateCrtKey(AlgorithmId algId, OpenJCEPlusProvider provider, Bi } try { - this.rsaKey = RSAKey.createPrivateKey(provider.getOCKContext(), this.privKeyMaterial); + this.rsaKey = RSAKey.createPrivateKey(provider.isFIPS(), this.privKeyMaterial); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -130,17 +131,17 @@ public RSAPrivateCrtKey(OpenJCEPlusProvider provider, byte[] encoded) } catch (IOException e) { InvalidKeyException ike = new InvalidKeyException( "Failed to parse key bits of encoded key"); - provider.setOCKExceptionCause(ike, e); + NativeOCKAdapter.setOCKExceptionCause(ike, e); throw ike; } RSAKeyFactory.checkRSAProviderKeyLengths(provider, modulus.bitLength(), publicExponent); try { - this.rsaKey = RSAKey.createPrivateKey(provider.getOCKContext(), this.privKeyMaterial); + this.rsaKey = RSAKey.createPrivateKey(provider.isFIPS(), this.privKeyMaterial); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -167,7 +168,7 @@ public void rsaPrivateCrtKey(AlgorithmId algId, OpenJCEPlusProvider provider, RS parseKeyBits(); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSAPrivateKey.java b/src/main/java/com/ibm/crypto/plus/provider/RSAPrivateKey.java index 1605ba8c3..da4e6a56e 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSAPrivateKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSAPrivateKey.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.RSAKey; +import com.ibm.crypto.plus.provider.base.RSAKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.io.Serializable; import java.math.BigInteger; @@ -70,10 +71,10 @@ public RSAPrivateKey(AlgorithmId algId, OpenJCEPlusProvider provider, BigInteger } try { - this.rsaKey = RSAKey.createPrivateKey(provider.getOCKContext(), this.privKeyMaterial); + this.rsaKey = RSAKey.createPrivateKey(provider.isFIPS(), this.privKeyMaterial); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -86,17 +87,17 @@ public RSAPrivateKey(OpenJCEPlusProvider provider, byte[] encoded) throws Invali } catch (IOException e) { InvalidKeyException ike = new InvalidKeyException( "Failed to parse key bits of encoded key"); - provider.setOCKExceptionCause(ike, e); + NativeOCKAdapter.setOCKExceptionCause(ike, e); throw ike; } RSAKeyFactory.checkRSAProviderKeyLengths(provider, modulus.bitLength(), null); try { - this.rsaKey = RSAKey.createPrivateKey(provider.getOCKContext(), this.privKeyMaterial); + this.rsaKey = RSAKey.createPrivateKey(provider.isFIPS(), this.privKeyMaterial); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -125,7 +126,7 @@ public void rsaPrivateKey(AlgorithmId algId, OpenJCEPlusProvider provider, RSAKe parseKeyBits(); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSAPublicKey.java b/src/main/java/com/ibm/crypto/plus/provider/RSAPublicKey.java index 54fae0681..cd127802e 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSAPublicKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSAPublicKey.java @@ -9,7 +9,8 @@ package com.ibm.crypto.plus.provider; import com.ibm.crypto.plus.provider.RSAUtil.KeyType; -import com.ibm.crypto.plus.provider.ock.RSAKey; +import com.ibm.crypto.plus.provider.base.RSAKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidKeyException; @@ -73,10 +74,10 @@ public void rsaPublicKey(AlgorithmId algId, OpenJCEPlusProvider provider, BigInt } try { - this.rsaKey = RSAKey.createPublicKey(provider.getOCKContext(), getKey().toByteArray()); + this.rsaKey = RSAKey.createPublicKey(provider.isFIPS(), getKey().toByteArray()); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -91,10 +92,10 @@ public RSAPublicKey(OpenJCEPlusProvider provider, byte[] encoded) throws Invalid checkExponentRange(); try { - this.rsaKey = RSAKey.createPublicKey(provider.getOCKContext(), getKey().toByteArray()); + this.rsaKey = RSAKey.createPublicKey(provider.isFIPS(), getKey().toByteArray()); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } try { @@ -151,7 +152,7 @@ public void rsaPublicKey(AlgorithmId algId, OpenJCEPlusProvider provider, RSAKey parseKeyBits(); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create RSA public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSASignature.java b/src/main/java/com/ibm/crypto/plus/provider/RSASignature.java index 5fbf28dc7..f3f699d5a 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSASignature.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSASignature.java @@ -9,7 +9,8 @@ package com.ibm.crypto.plus.provider; import com.ibm.crypto.plus.provider.RSAUtil.KeyType; -import com.ibm.crypto.plus.provider.ock.Signature; +import com.ibm.crypto.plus.provider.base.Signature; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -35,9 +36,9 @@ abstract class RSASignature extends SignatureSpi { try { this.provider = provider; this.ockDigestAlgo = ockDigestAlgo; - this.signature = Signature.getInstance(provider.getOCKContext(), ockDigestAlgo); + this.signature = Signature.getInstance(provider.isFIPS(), ockDigestAlgo); } catch (Exception e) { - throw provider.providerException("Failed to initialize RSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize RSA signature", e); } } @@ -86,7 +87,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { this.signature.initialize(rsaPublic.getOCKKey(), false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } } @@ -153,7 +154,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException this.signature.initialize(((RSAPrivateKey) rsaPrivate).getOCKKey(), true); } } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } } @@ -169,7 +170,7 @@ protected void engineUpdate(byte[] b, int off, int len) throws SignatureExceptio this.signature.update(b, off, len); } catch (Exception e) { SignatureException se = new SignatureException("Failure in engineUpdate"); - provider.setOCKExceptionCause(se, e); + NativeOCKAdapter.setOCKExceptionCause(se, e); throw se; } } @@ -200,7 +201,7 @@ protected byte[] engineSign() throws SignatureException { return this.signature.sign(); } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSASignatureNONE.java b/src/main/java/com/ibm/crypto/plus/provider/RSASignatureNONE.java index a8a461820..d2844717d 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSASignatureNONE.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSASignatureNONE.java @@ -23,8 +23,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.RSACipher; -import com.ibm.crypto.plus.provider.ock.RSAPadding; +import com.ibm.crypto.plus.provider.base.RSACipher; +import com.ibm.crypto.plus.provider.base.RSAPadding; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.ByteArrayOutputStream; import java.security.InvalidKeyException; import java.security.InvalidParameterException; @@ -65,9 +66,9 @@ public final class RSASignatureNONE extends SignatureSpi { public RSASignatureNONE(OpenJCEPlusProvider provider) { try { this.provider = provider; - this.rsaCipher = RSACipher.getInstance(provider.getOCKContext()); + this.rsaCipher = RSACipher.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize RSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize RSA signature", e); } } @@ -95,7 +96,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { rsaCipher.initialize(rsaPublic.getOCKKey(), false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } if (data == null) { @@ -138,7 +139,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException this.rsaCipher.initialize(((RSAPrivateKey) rsaPrivate).getOCKKey(), true); } } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } if (data == null) { @@ -175,7 +176,7 @@ protected byte[] engineSign() throws SignatureException { } } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSASignatureSSL.java b/src/main/java/com/ibm/crypto/plus/provider/RSASignatureSSL.java index b8ad3ee64..1363e3248 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSASignatureSSL.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSASignatureSSL.java @@ -30,8 +30,9 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.RSACipher; -import com.ibm.crypto.plus.provider.ock.RSAPadding; +import com.ibm.crypto.plus.provider.base.RSACipher; +import com.ibm.crypto.plus.provider.base.RSAPadding; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.ByteArrayOutputStream; import java.security.InvalidKeyException; import java.security.InvalidParameterException; @@ -65,9 +66,9 @@ public final class RSASignatureSSL extends SignatureSpi { public RSASignatureSSL(OpenJCEPlusProvider provider) { try { this.provider = provider; - this.rsaCipher = RSACipher.getInstance(provider.getOCKContext()); + this.rsaCipher = RSACipher.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize RSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize RSA signature", e); } } @@ -95,7 +96,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { rsaCipher.initialize(rsaPublic.getOCKKey(), false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } if (data == null) { @@ -139,7 +140,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException this.rsaCipher.initialize(((RSAPrivateKey) rsaPrivate).getOCKKey(), true); } } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } if (data == null) { @@ -177,7 +178,7 @@ protected byte[] engineSign() throws SignatureException { } } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/RSASignatureSSL_I2.java b/src/main/java/com/ibm/crypto/plus/provider/RSASignatureSSL_I2.java index c3af2a11b..95699e3cc 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/RSASignatureSSL_I2.java +++ b/src/main/java/com/ibm/crypto/plus/provider/RSASignatureSSL_I2.java @@ -30,7 +30,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.SignatureRSASSL; +import com.ibm.crypto.plus.provider.base.SignatureRSASSL; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.ByteArrayOutputStream; import java.security.InvalidKeyException; import java.security.InvalidParameterException; @@ -67,9 +68,9 @@ public final class RSASignatureSSL_I2 extends SignatureSpi { public RSASignatureSSL_I2(OpenJCEPlusProvider provider) { try { this.provider = provider; - this.signature = SignatureRSASSL.getInstance(provider.getOCKContext()); + this.signature = SignatureRSASSL.getInstance(provider.isFIPS()); } catch (Exception e) { - throw provider.providerException("Failed to initialize RSA signature", e); + throw NativeOCKAdapter.providerException("Failed to initialize RSA signature", e); } } @@ -97,7 +98,7 @@ protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException try { this.signature.initialize(rsaPublic.getOCKKey(), false); } catch (Exception e) { - throw provider.providerException("Failure in engineInitVerify", e); + throw NativeOCKAdapter.providerException("Failure in engineInitVerify", e); } if (data == null) { @@ -140,7 +141,7 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException this.signature.initialize(((RSAPrivateKey) rsaPrivate).getOCKKey(), true); } } catch (Exception e) { - throw provider.providerException("Failure in engineInitSign", e); + throw NativeOCKAdapter.providerException("Failure in engineInitSign", e); } if (data == null) { @@ -170,7 +171,7 @@ protected byte[] engineSign() throws SignatureException { return signature; } catch (Exception e) { SignatureException signatureException = new SignatureException("Could not sign data"); - provider.setOCKExceptionCause(signatureException, e); + NativeOCKAdapter.setOCKExceptionCause(signatureException, e); throw signatureException; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/XDHKeyAgreement.java b/src/main/java/com/ibm/crypto/plus/provider/XDHKeyAgreement.java index 87836737f..b36b19f41 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/XDHKeyAgreement.java +++ b/src/main/java/com/ibm/crypto/plus/provider/XDHKeyAgreement.java @@ -8,10 +8,9 @@ package com.ibm.crypto.plus.provider; - import com.ibm.crypto.plus.provider.CurveUtil.CURVE; -import com.ibm.crypto.plus.provider.ock.OCKException; -import com.ibm.crypto.plus.provider.ock.XECKey; +import com.ibm.crypto.plus.provider.base.OCKException; +import com.ibm.crypto.plus.provider.base.XECKey; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.Key; @@ -108,7 +107,7 @@ protected Key engineDoPhase(Key key, boolean lastPhase) } else { secrectBufferSize = 0; // Let OCK decide the size } - this.secret = XECKey.computeECDHSecret(provider.getOCKContext(), genCtx, + this.secret = XECKey.computeECDHSecret(provider.isFIPS(), genCtx, ockXecKeyPub.getPKeyId(), ockXecKeyPriv.getPKeyId(), secrectBufferSize); } catch (OCKException e) { //Validate the secret value for a small order point condition. diff --git a/src/main/java/com/ibm/crypto/plus/provider/XDHKeyPairGenerator.java b/src/main/java/com/ibm/crypto/plus/provider/XDHKeyPairGenerator.java index 5c36c4238..f30758a35 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/XDHKeyPairGenerator.java +++ b/src/main/java/com/ibm/crypto/plus/provider/XDHKeyPairGenerator.java @@ -8,7 +8,8 @@ package com.ibm.crypto.plus.provider; -import com.ibm.crypto.plus.provider.ock.XECKey; +import com.ibm.crypto.plus.provider.base.XECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidParameterException; import java.security.KeyPair; @@ -61,7 +62,7 @@ private void initXDHKeyPairGenerator(OpenJCEPlusProvider provider, NamedParamete this.alg = params.getName(); } } catch (InvalidAlgorithmParameterException e) { - throw provider.providerException("Failure in XDHKeyPairGenerator: ", e); + throw NativeOCKAdapter.providerException("Failure in XDHKeyPairGenerator: ", e); } } @@ -126,12 +127,12 @@ private void initializeImpl(NamedParameterSpec params) throws InvalidAlgorithmPa public KeyPair generateKeyPair() { try { int keySize = CurveUtil.getCurveSize(serviceCurve); - XECKey xecKey = XECKey.generateKeyPair(provider.getOCKContext(), this.serviceCurve.ordinal(), keySize); + XECKey xecKey = XECKey.generateKeyPair(provider.isFIPS(), this.serviceCurve.ordinal(), keySize); XDHPrivateKeyImpl privKey = new XDHPrivateKeyImpl(provider, xecKey); XDHPublicKeyImpl pubKey = new XDHPublicKeyImpl(provider, xecKey, this.serviceCurve); return new KeyPair(pubKey, privKey); } catch (Exception e) { - throw provider.providerException("Failure in generateKeyPair", e); + throw NativeOCKAdapter.providerException("Failure in generateKeyPair", e); } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/XDHPrivateKeyImpl.java b/src/main/java/com/ibm/crypto/plus/provider/XDHPrivateKeyImpl.java index 75652170b..24e38ecbd 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/XDHPrivateKeyImpl.java +++ b/src/main/java/com/ibm/crypto/plus/provider/XDHPrivateKeyImpl.java @@ -9,7 +9,8 @@ package com.ibm.crypto.plus.provider; import com.ibm.crypto.plus.provider.CurveUtil.CURVE; -import com.ibm.crypto.plus.provider.ock.XECKey; +import com.ibm.crypto.plus.provider.base.XECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.io.OutputStream; import java.io.Serializable; @@ -97,11 +98,11 @@ public XDHPrivateKeyImpl(OpenJCEPlusProvider provider, byte[] encoded) byte[] alteredEncoded = processEncodedPrivateKey(encoded); // Sets params, key, and algid, and alters encoded // to fit with GSKit and sets params int curveSize = CurveUtil.getCurveSize(curve); - this.xecKey = XECKey.createPrivateKey(provider.getOCKContext(), alteredEncoded, curveSize); + this.xecKey = XECKey.createPrivateKey(provider.isFIPS(), alteredEncoded, curveSize); this.scalar = Optional.of(k); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create XEC private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -143,18 +144,18 @@ public XDHPrivateKeyImpl(OpenJCEPlusProvider provider, AlgorithmParameterSpec pa try { if (k == null) { int keySize = CurveUtil.getCurveSize(curve); - this.xecKey = XECKey.generateKeyPair(provider.getOCKContext(), this.curve.ordinal(), keySize); + this.xecKey = XECKey.generateKeyPair(provider.isFIPS(), this.curve.ordinal(), keySize); } else { this.algid = CurveUtil.getAlgId(this.params.getName()); byte[] der = buildOCKPrivateKeyBytes(); int encodingSize = CurveUtil.getDEREncodingSize(curve); - this.xecKey = XECKey.createPrivateKey(provider.getOCKContext(), der, encodingSize); + this.xecKey = XECKey.createPrivateKey(provider.isFIPS(), der, encodingSize); } setPKCS8KeyByte(k); } catch (Exception exception) { InvalidParameterException ike = new InvalidParameterException( "Failed to create XEC private key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } @@ -463,7 +464,7 @@ public void encode(OutputStream os) throws IOException { setFieldsFromXeckey(); } catch (Exception exception) { IOException ike = new IOException("Failed in setFieldsFromXeckey"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/XDHPublicKeyImpl.java b/src/main/java/com/ibm/crypto/plus/provider/XDHPublicKeyImpl.java index 4dcc17a41..570d1d47f 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/XDHPublicKeyImpl.java +++ b/src/main/java/com/ibm/crypto/plus/provider/XDHPublicKeyImpl.java @@ -9,7 +9,8 @@ package com.ibm.crypto.plus.provider; import com.ibm.crypto.plus.provider.CurveUtil.CURVE; -import com.ibm.crypto.plus.provider.ock.XECKey; +import com.ibm.crypto.plus.provider.base.XECKey; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter; import java.io.IOException; import java.io.Serializable; import java.math.BigInteger; @@ -90,7 +91,7 @@ public XDHPublicKeyImpl(OpenJCEPlusProvider provider, XECKey xecKey, setFieldsFromXeckey(); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create XEC public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -129,10 +130,10 @@ public XDHPublicKeyImpl(OpenJCEPlusProvider provider, byte[] encoded) this.u = new BigInteger(1, reverseKey); // u is the public key reversed byte[] alteredEncoded = alterEncodedPublicKey(encoded); // Alters encoded to fit GSKit, and sets params - this.xecKey = XECKey.createPublicKey(provider.getOCKContext(), alteredEncoded); + this.xecKey = XECKey.createPublicKey(provider.isFIPS(), alteredEncoded); } catch (Exception exception) { InvalidKeyException ike = new InvalidKeyException("Failed to create XEC public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } @@ -173,7 +174,7 @@ public XDHPublicKeyImpl(OpenJCEPlusProvider provider, AlgorithmParameterSpec par try { if (u == null) { int keySize = CurveUtil.getCurveSize(curve); - this.xecKey = XECKey.generateKeyPair(provider.getOCKContext(), curve.ordinal(), keySize); + this.xecKey = XECKey.generateKeyPair(provider.isFIPS(), curve.ordinal(), keySize); setFieldsFromXeckey(); } else { @@ -207,14 +208,14 @@ public XDHPublicKeyImpl(OpenJCEPlusProvider provider, AlgorithmParameterSpec par byte[] der = buildICCPublicKeyBytes(); checkKeySize(); - this.xecKey = XECKey.createPublicKey(provider.getOCKContext(), der); + this.xecKey = XECKey.createPublicKey(provider.isFIPS(), der); } } catch (InvalidKeyException ex) { throw ex; } catch (Exception exception) { InvalidParameterException ike = new InvalidParameterException( "Failed to create XEC public key"); - provider.setOCKExceptionCause(ike, exception); + NativeOCKAdapter.setOCKExceptionCause(ike, exception); throw ike; } } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/AESKeyWrap.java b/src/main/java/com/ibm/crypto/plus/provider/base/AESKeyWrap.java similarity index 78% rename from src/main/java/com/ibm/crypto/plus/provider/ock/AESKeyWrap.java rename to src/main/java/com/ibm/crypto/plus/provider/base/AESKeyWrap.java index 4e090527e..67b25d52b 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/AESKeyWrap.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/AESKeyWrap.java @@ -6,22 +6,22 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.Arrays; public final class AESKeyWrap { - private OCKContext ockContext; + private boolean isFIPS; private byte[] key = null; private boolean padding = false; - public AESKeyWrap(OCKContext ockContext, byte[] key, boolean padding) + public AESKeyWrap(boolean isFIPS, byte[] key, boolean padding) throws OCKException { - if (ockContext == null || key == null) { + if (key == null) { throw new OCKException("Invalid input data"); } - this.ockContext = ockContext; + this.isFIPS = isFIPS; this.key = key; this.padding = padding; } @@ -39,7 +39,8 @@ public byte[] wrap(byte[] data, int start, int length) throws OCKException { } try { - output = NativeInterface.CIPHER_KeyWraporUnwrap(this.ockContext.getId(), inData, this.key, type); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + output = nativeImpl.CIPHER_KeyWraporUnwrap(inData, this.key, type); } catch (Exception e) { throw new OCKException("Failed to wrap data" + e.getMessage()); } finally { @@ -62,7 +63,8 @@ public byte[] unwrap(byte[] data, int start, int length) throws OCKException { } try { - output = NativeInterface.CIPHER_KeyWraporUnwrap(this.ockContext.getId(), inData, this.key, type); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + output = nativeImpl.CIPHER_KeyWraporUnwrap(inData, this.key, type); } catch (Exception e) { throw new OCKException("Failed to unwrap data"+ e.getMessage()); } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/AsymmetricKey.java b/src/main/java/com/ibm/crypto/plus/provider/base/AsymmetricKey.java similarity index 91% rename from src/main/java/com/ibm/crypto/plus/provider/ock/AsymmetricKey.java rename to src/main/java/com/ibm/crypto/plus/provider/base/AsymmetricKey.java index 46ceef1ef..d046c3212 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/AsymmetricKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/AsymmetricKey.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; public interface AsymmetricKey { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/BasicRandom.java b/src/main/java/com/ibm/crypto/plus/provider/base/BasicRandom.java similarity index 63% rename from src/main/java/com/ibm/crypto/plus/provider/ock/BasicRandom.java rename to src/main/java/com/ibm/crypto/plus/provider/base/BasicRandom.java index 92a539e9d..0dac0464e 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/BasicRandom.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/BasicRandom.java @@ -6,21 +6,17 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; public final class BasicRandom { + private NativeInterface nativeImpl; - OCKContext ockContext; - - public static BasicRandom getInstance(OCKContext ockContext) { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - return new BasicRandom(ockContext); + public static BasicRandom getInstance(boolean isFIPS) { + return new BasicRandom(isFIPS); } - private BasicRandom(OCKContext ockContext) { - this.ockContext = ockContext; + private BasicRandom(boolean isFIPS) { + this.nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); } public void nextBytes(byte[] bytes) throws OCKException { @@ -29,7 +25,7 @@ public void nextBytes(byte[] bytes) throws OCKException { } if (bytes.length > 0) { - NativeInterface.RAND_nextBytes(ockContext.getId(), bytes); + this.nativeImpl.RAND_nextBytes(bytes); } } @@ -39,7 +35,7 @@ public void setSeed(byte[] seed) throws OCKException { } if (seed.length > 0) { - NativeInterface.RAND_setSeed(ockContext.getId(), seed); + this.nativeImpl.RAND_setSeed(seed); } } @@ -50,7 +46,7 @@ public byte[] generateSeed(int numBytes) throws OCKException { byte[] seed = new byte[numBytes]; if (numBytes > 0) { - NativeInterface.RAND_generateSeed(ockContext.getId(), seed); + this.nativeImpl.RAND_generateSeed(seed); } return seed; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/ByteArrayOutputDelay.java b/src/main/java/com/ibm/crypto/plus/provider/base/ByteArrayOutputDelay.java similarity index 98% rename from src/main/java/com/ibm/crypto/plus/provider/ock/ByteArrayOutputDelay.java rename to src/main/java/com/ibm/crypto/plus/provider/base/ByteArrayOutputDelay.java index 9071f7418..9c145e26b 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/ByteArrayOutputDelay.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/ByteArrayOutputDelay.java @@ -5,7 +5,7 @@ * under the terms provided by IBM in the LICENSE file that accompanied * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.io.ByteArrayOutputStream; import java.io.IOException; diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/CCMCipher.java b/src/main/java/com/ibm/crypto/plus/provider/base/CCMCipher.java similarity index 94% rename from src/main/java/com/ibm/crypto/plus/provider/ock/CCMCipher.java rename to src/main/java/com/ibm/crypto/plus/provider/base/CCMCipher.java index 7320f7eac..152a1bee9 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/CCMCipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/CCMCipher.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.nio.ByteBuffer; import java.util.Arrays; @@ -99,7 +99,7 @@ protected FastJNIBuffer initialValue() { // it is not synchronized since there are no shared OCK data structures used in the OCK call // except ICC_CTX which is thread safe - public static int doCCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] iv, int tagLen, + public static int doCCMFinal_Decrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException, AEADBadTagException { @@ -189,9 +189,11 @@ public static int doCCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] i int aadLen = authenticationData.length; + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + if (CCMHardwareFunctionPtr == 0) { - CCMHardwareFunctionPtr = NativeInterface - .do_CCM_checkHardwareCCMSupport(ockContext.getId()); + CCMHardwareFunctionPtr = nativeImpl + .do_CCM_checkHardwareCCMSupport(); } if (iv.length + key.length + aadLen <= FastJNIParameterBufferSize && !disableCCMAcceleration @@ -211,7 +213,7 @@ public static int doCCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] i FastJNIBuffer inputBuffer = CCMCipher.inputBuffer.get(); inputBuffer.put(0, input, inputOffset, inputLen); parameters.put(iv.length + aadLen, key, 0, key.length); - rc = NativeInterface.do_CCM_decryptFastJNI(ockContext.getId(), key.length, + rc = nativeImpl.do_CCM_decryptFastJNI(key.length, iv.length, inputLen, output.length, aadLen, tagLen, parameters.pointer(), inputBuffer.pointer(), outputBuffer.pointer()); @@ -234,7 +236,7 @@ public static int doCCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] i // Create tempOutput byte[] tempOutput = new byte[len + outputOffset]; // len from call to getOutputSizeLegacy() above - rc = NativeInterface.do_CCM_decrypt(ockContext.getId(), iv, iv.length, key, key.length, + rc = nativeImpl.do_CCM_decrypt(iv, iv.length, key, key.length, authenticationData, aadLen, tempInput, inputLen, tempOutput, tempOutput.length, tagLen); @@ -253,7 +255,7 @@ public static int doCCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] i // it is not synchronized since there are no shared OCK data structures used in the OCK call // except ICC_CTX which is thread safe - public static int doCCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] iv, int tagLen, + public static int doCCMFinal_Encrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException { @@ -331,9 +333,10 @@ public static int doCCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] i int aadLen = authenticationData.length; + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); if (CCMHardwareFunctionPtr == 0) - CCMHardwareFunctionPtr = NativeInterface - .do_CCM_checkHardwareCCMSupport(ockContext.getId()); + CCMHardwareFunctionPtr = nativeImpl + .do_CCM_checkHardwareCCMSupport(); if (iv.length + key.length + aadLen + tagLen <= FastJNIParameterBufferSize && (inputLen <= FastJNIInputBufferSize || CCMHardwareFunctionPtr != -1)) { @@ -353,7 +356,7 @@ public static int doCCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] i FastJNIBuffer inputBuffer = CCMCipher.inputBuffer.get(); inputBuffer.put(0, input, inputOffset, inputLen); parameters.put(ivLen + aadLen, key, 0, keyLen); - rc = NativeInterface.do_CCM_encryptFastJNI(ockContext.getId(), keyLen, ivLen, + rc = nativeImpl.do_CCM_encryptFastJNI(keyLen, ivLen, inputLen, output.length, aadLen, tagLen, parameters.pointer(), inputBuffer.pointer(), outputBuffer.pointer()); @@ -374,7 +377,7 @@ public static int doCCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] i // Create tempOutput byte[] tempOutput = new byte[len + outputOffset]; // len from call to getOutputSizeLegacy() above - rc = NativeInterface.do_CCM_encrypt(ockContext.getId(), iv, iv.length, key, key.length, + rc = nativeImpl.do_CCM_encrypt(iv, iv.length, key, key.length, authenticationData, aadLen, tempInput, tempInput.length, tempOutput, tempOutput.length, tagLen); @@ -438,10 +441,8 @@ private static int getOutputSize(int inputLen, boolean encrypting, int tLen, } - public static void doCCM_cleanup(OCKContext ockContext) throws OCKException { - if (ockContext != null) { - NativeInterface.do_CCM_delete(ockContext.getId()); - } + public static void doCCM_cleanup(boolean isFIPS) throws OCKException { + NativeInterfaceFactory.getImpl(isFIPS).do_CCM_delete(); } @@ -489,12 +490,13 @@ static int useHardwareCCM(boolean isEncrypt, int inputLen, int ivLen, int keyLen putLongtoByteArray(inputLen * 8, addedParams, TPCLOffset); // Add TPCL parameters.put(paramBlockOffset, addedParams, 0, addedParams.length); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(false); if (isEncrypt) { // encrypt - rc = NativeInterface.do_CCM_encryptFastJNI_WithHardwareSupport(keyLen, ivLen, 0, + rc = nativeImpl.do_CCM_encryptFastJNI_WithHardwareSupport(keyLen, ivLen, 0, inputLen, 0, aadLen, tagLen, parameters.pointer(), input, inputOffset, output, outputOffset); } else { // decrypt - rc = NativeInterface.do_CCM_decryptFastJNI_WithHardwareSupport(keyLen, ivLen, 0, + rc = nativeImpl.do_CCM_decryptFastJNI_WithHardwareSupport(keyLen, ivLen, 0, inputLen, 0, aadLen, tagLen, parameters.pointer(), input, inputOffset, output, outputOffset); if (rc == -1) diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/DHKey.java b/src/main/java/com/ibm/crypto/plus/provider/base/DHKey.java similarity index 69% rename from src/main/java/com/ibm/crypto/plus/provider/ock/DHKey.java rename to src/main/java/com/ibm/crypto/plus/provider/base/DHKey.java index e9feecf00..fd6e2117c 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/DHKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/DHKey.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.Arrays; @@ -17,7 +17,7 @@ public final class DHKey implements AsymmetricKey { // static final byte[] unobtainedKeyBytes = new byte[0]; - private OCKContext ockContext; + private boolean isFIPS; private long dhKeyId = 0; private long pkeyId = 0; @@ -28,76 +28,62 @@ public final class DHKey implements AsymmetricKey { private static final String badIdMsg1 = "Public or Private Key Identifier is not valid"; private static final String debPrefix = "DHKey"; - public static DHKey generateKeyPair(OCKContext ockContext, byte[] parameters) + public static DHKey generateKeyPair(boolean isFIPS, byte[] parameters) throws OCKException { //final String methodName = "generateKeyPair(byte[]) "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (parameters == null || parameters.length == 0) { throw new IllegalArgumentException("DH parameters are null/empty"); } - long dhKeyId = NativeInterface.DHKEY_generate(ockContext.getId(), parameters); - return new DHKey(ockContext, dhKeyId, parameters.clone(), unobtainedKeyBytes, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long dhKeyId = nativeImpl.DHKEY_generate(parameters); + return new DHKey(isFIPS, dhKeyId, parameters.clone(), unobtainedKeyBytes, unobtainedKeyBytes); } - public static DHKey generateKeyPair(OCKContext ockContext, int numBits) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - + public static DHKey generateKeyPair(boolean isFIPS, int numBits) throws OCKException { if (numBits < 0) { throw new IllegalArgumentException("key length is invalid"); } - long dhKeyId = NativeInterface.DHKEY_generate(ockContext.getId(), numBits); - return new DHKey(ockContext, dhKeyId, null, unobtainedKeyBytes, unobtainedKeyBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long dhKeyId = nativeImpl.DHKEY_generate(numBits); + return new DHKey(isFIPS, dhKeyId, null, unobtainedKeyBytes, unobtainedKeyBytes); } - public static byte[] generateParameters(OCKContext ockContext, int numBits) { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - + public static byte[] generateParameters(boolean isFIPS, int numBits) { if (numBits < 0) { throw new IllegalArgumentException("key length is invalid"); } - return NativeInterface.DHKEY_generateParameters(ockContext.getId(), numBits); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + return nativeImpl.DHKEY_generateParameters(numBits); } - public static DHKey createPrivateKey(OCKContext ockContext, byte[] privateKeyBytes) + public static DHKey createPrivateKey(boolean isFIPS, byte[] privateKeyBytes) throws OCKException { //final String methodName = "DHKey createPrivateKey (byte[]) "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - if (privateKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } - long dhKeyId = NativeInterface.DHKEY_createPrivateKey(ockContext.getId(), privateKeyBytes); - return new DHKey(ockContext, dhKeyId, null, privateKeyBytes.clone(), null); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long dhKeyId = nativeImpl.DHKEY_createPrivateKey(privateKeyBytes); + return new DHKey(isFIPS, dhKeyId, null, privateKeyBytes.clone(), null); } - public static DHKey createPublicKey(OCKContext ockContext, byte[] publicKeyBytes) + public static DHKey createPublicKey(boolean isFIPS, byte[] publicKeyBytes) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - if (publicKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } - long dhKeyId = NativeInterface.DHKEY_createPublicKey(ockContext.getId(), publicKeyBytes); - return new DHKey(ockContext, dhKeyId, null, null, publicKeyBytes.clone()); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long dhKeyId = nativeImpl.DHKEY_createPublicKey(publicKeyBytes); + return new DHKey(isFIPS, dhKeyId, null, null, publicKeyBytes.clone()); } - private DHKey(OCKContext ockContext, long dhKeyId, byte[] parameters, byte[] privateKeyBytes, + private DHKey(boolean isFIPS, long dhKeyId, byte[] parameters, byte[] privateKeyBytes, byte[] publicKeyBytes) { - this.ockContext = ockContext; + this.isFIPS = isFIPS; this.dhKeyId = dhKeyId; this.pkeyId = 0; this.parameters = parameters; @@ -156,13 +142,9 @@ public byte[] getPublicKeyBytes() throws OCKException { // pointers are not concurrently used by another DH operation. This is needed as the method // DHKey.computeDHSecret is not synchronized and not thread safe. // The method DHKey.computeDHSecret should NOT be synchronized for performance as that would create a global lock. - public static byte[] computeDHSecret(OCKContext ockContext, long pubKeyId, long privKeyId) + public static byte[] computeDHSecret(boolean isFIPS, long pubKeyId, long privKeyId) throws OCKException { //final String methodName = "computeDHSecret"; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - if (pubKeyId == 0) { throw new IllegalArgumentException("The public key parameter is not valid"); } @@ -175,8 +157,8 @@ public static byte[] computeDHSecret(OCKContext ockContext, long pubKeyId, long if (!validId(pubKeyId) || !validId(privKeyId)) { throw new OCKException(badIdMsg1); } - byte[] sharedSecretBytes = NativeInterface.DHKEY_computeDHSecret(ockContext.getId(), - pubKeyId, privKeyId); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + byte[] sharedSecretBytes = nativeImpl.DHKEY_computeDHSecret(pubKeyId, privKeyId); return sharedSecretBytes; } @@ -188,7 +170,8 @@ private synchronized void obtainPKeyId() throws OCKException { if (!validId(dhKeyId)) { throw new OCKException(badIdMsg); } - this.pkeyId = NativeInterface.DHKEY_createPKey(ockContext.getId(), dhKeyId); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + this.pkeyId = nativeImpl.DHKEY_createPKey(dhKeyId); } } @@ -200,8 +183,8 @@ private synchronized void obtainPrivateKeyBytes() throws OCKException { if (!validId(dhKeyId)) { throw new OCKException(badIdMsg); } - this.privateKeyBytes = NativeInterface.DHKEY_getPrivateKeyBytes(ockContext.getId(), - dhKeyId); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + this.privateKeyBytes = nativeImpl.DHKEY_getPrivateKeyBytes(dhKeyId); } } @@ -210,8 +193,8 @@ private synchronized void obtainPublicKeyBytes() throws OCKException { // to getPublicKeyBytes at the same time, we only want to call the // native code one time. if (publicKeyBytes == unobtainedKeyBytes) { - this.publicKeyBytes = NativeInterface.DHKEY_getPublicKeyBytes(ockContext.getId(), - dhKeyId); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + this.publicKeyBytes = nativeImpl.DHKEY_getPublicKeyBytes(dhKeyId); } } @@ -223,7 +206,8 @@ private synchronized void obtainParameters() throws OCKException { if (!validId(dhKeyId)) { throw new OCKException(badIdMsg); } - this.parameters = NativeInterface.DHKEY_getParameters(ockContext.getId(), dhKeyId); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + this.parameters = nativeImpl.DHKEY_getParameters(dhKeyId); } } @@ -235,13 +219,14 @@ protected synchronized void finalize() throws Throwable { Arrays.fill(privateKeyBytes, (byte) 0x00); } + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); if (dhKeyId != 0) { - NativeInterface.DHKEY_delete(ockContext.getId(), dhKeyId); + nativeImpl.DHKEY_delete(dhKeyId); dhKeyId = 0; } if (pkeyId != 0) { - NativeInterface.PKEY_delete(ockContext.getId(), pkeyId); + nativeImpl.PKEY_delete(pkeyId); pkeyId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/DSAKey.java b/src/main/java/com/ibm/crypto/plus/provider/base/DSAKey.java similarity index 74% rename from src/main/java/com/ibm/crypto/plus/provider/ock/DSAKey.java rename to src/main/java/com/ibm/crypto/plus/provider/base/DSAKey.java index 8b93fb854..396a36f33 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/DSAKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/DSAKey.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.Arrays; @@ -17,7 +17,8 @@ public final class DSAKey implements AsymmetricKey { // static final byte[] unobtainedKeyBytes = new byte[0]; - private OCKContext ockContext; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long dsaKeyId; private long pkeyId; private byte[] parameters; @@ -26,105 +27,94 @@ public final class DSAKey implements AsymmetricKey { private static final String badIdMsg = "DSA Key Identifier is not valid"; private final static String debPrefix = "DSAKey"; - public static DSAKey generateKeyPair(OCKContext ockContext, int numBits) throws OCKException { + public static DSAKey generateKeyPair(boolean isFIPS, int numBits) throws OCKException { //final String methodName = "generateKeyPair(numBits) "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - if (numBits < 0) { throw new IllegalArgumentException("key length is invalid"); } - long dsaKeyId = NativeInterface.DSAKEY_generate(ockContext.getId(), numBits); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long dsaKeyId = nativeImpl.DSAKEY_generate(numBits); if (!validId(dsaKeyId)) { throw new OCKException(badIdMsg); } //OCKDebug.Msg (debPrefix, methodName, "dsaKeyId=" + dsaKeyId); - return new DSAKey(ockContext, dsaKeyId, null, unobtainedKeyBytes, unobtainedKeyBytes); + return new DSAKey(isFIPS, dsaKeyId, null, unobtainedKeyBytes, unobtainedKeyBytes); } - public static byte[] generateParameters(OCKContext ockContext, int numBits) + public static byte[] generateParameters(boolean isFIPS, int numBits) throws OCKException { //final String methodName = "generateParameters(numBits) "; byte[] paramBytes = null; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (numBits < 0) { throw new IllegalArgumentException("key length is invalid"); } //OCKDebug.Msg (debPrefix, methodName, "numBits=" + numBits); - paramBytes = NativeInterface.DSAKEY_generateParameters(ockContext.getId(), numBits); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + paramBytes = nativeImpl.DSAKEY_generateParameters(numBits); if (paramBytes == null) { throw new OCKException("The generated DSA parameter bytes are incorrect."); } return paramBytes; } - public static DSAKey generateKeyPair(OCKContext ockContext, byte[] parameters) + public static DSAKey generateKeyPair(boolean isFIPS, byte[] parameters) throws OCKException { //final String methodName = "generateKeyPair"; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (parameters == null || parameters.length == 0) { throw new IllegalArgumentException("DSA parameters are null/empty"); } - long dsaKeyId = NativeInterface.DSAKEY_generate(ockContext.getId(), parameters); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long dsaKeyId = nativeImpl.DSAKEY_generate(parameters); //OCKDebug.Msg (debPrefix, methodName, "dsaKeyId=" + dsaKeyId); if (!validId(dsaKeyId)) { throw new OCKException(badIdMsg); } - return new DSAKey(ockContext, dsaKeyId, parameters.clone(), unobtainedKeyBytes, + return new DSAKey(isFIPS, dsaKeyId, parameters.clone(), unobtainedKeyBytes, unobtainedKeyBytes); } - public static DSAKey createPrivateKey(OCKContext ockContext, byte[] privateKeyBytes) + public static DSAKey createPrivateKey(boolean isFIPS, byte[] privateKeyBytes) throws OCKException { //final String methodName = "createPrivateKey "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (privateKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } - long dsaKeyId = NativeInterface.DSAKEY_createPrivateKey(ockContext.getId(), - privateKeyBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long dsaKeyId = nativeImpl.DSAKEY_createPrivateKey(privateKeyBytes); //OCKDebug.Msg (debPrefix, methodName, "dsakKeyId=" + dsaKeyId); if (!validId(dsaKeyId)) { throw new OCKException(badIdMsg); } - return new DSAKey(ockContext, dsaKeyId, null, privateKeyBytes.clone(), null); + return new DSAKey(isFIPS, dsaKeyId, null, privateKeyBytes.clone(), null); } - public static DSAKey createPublicKey(OCKContext ockContext, byte[] publicKeyBytes) + public static DSAKey createPublicKey(boolean isFIPS, byte[] publicKeyBytes) throws OCKException { //final String methodName = "createPublicKey"; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (publicKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } - long dsaKeyId = NativeInterface.DSAKEY_createPublicKey(ockContext.getId(), publicKeyBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long dsaKeyId = nativeImpl.DSAKEY_createPublicKey(publicKeyBytes); if (!validId(dsaKeyId)) { throw new OCKException(badIdMsg); } //OCKDebug.Msg (debPrefix, methodName, "dsakKeyId=" + dsaKeyId); - return new DSAKey(ockContext, dsaKeyId, null, null, publicKeyBytes.clone()); + return new DSAKey(isFIPS, dsaKeyId, null, null, publicKeyBytes.clone()); } - private DSAKey(OCKContext ockContext, long dsaKeyId, byte[] parameters, byte[] privateKeyBytes, + private DSAKey(boolean isFIPS, long dsaKeyId, byte[] parameters, byte[] privateKeyBytes, byte[] publicKeyBytes) { - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); this.dsaKeyId = dsaKeyId; this.pkeyId = 0; this.parameters = parameters; @@ -192,7 +182,7 @@ private synchronized void obtainPKeyId() throws OCKException { if (!validId(dsaKeyId)) { throw new OCKException(badIdMsg); } - this.pkeyId = NativeInterface.DSAKEY_createPKey(ockContext.getId(), dsaKeyId); + this.pkeyId = this.nativeImpl.DSAKEY_createPKey(dsaKeyId); if (!validId(pkeyId)) { throw new OCKException(badIdMsg); } @@ -210,7 +200,7 @@ private synchronized void obtainParameters() throws OCKException { if (!validId(dsaKeyId)) { throw new OCKException(badIdMsg); } - this.parameters = NativeInterface.DSAKEY_getParameters(ockContext.getId(), dsaKeyId); + this.parameters = this.nativeImpl.DSAKEY_getParameters(dsaKeyId); } } @@ -224,8 +214,7 @@ private synchronized void obtainPrivateKeyBytes() throws OCKException { if (!validId(dsaKeyId)) { throw new OCKException(badIdMsg); } - this.privateKeyBytes = NativeInterface.DSAKEY_getPrivateKeyBytes(ockContext.getId(), - dsaKeyId); + this.privateKeyBytes = this.nativeImpl.DSAKEY_getPrivateKeyBytes(dsaKeyId); } } @@ -239,8 +228,7 @@ private synchronized void obtainPublicKeyBytes() throws OCKException { if (!validId(dsaKeyId)) { throw new OCKException(badIdMsg); } - this.publicKeyBytes = NativeInterface.DSAKEY_getPublicKeyBytes(ockContext.getId(), - dsaKeyId); + this.publicKeyBytes = this.nativeImpl.DSAKEY_getPublicKeyBytes(dsaKeyId); } } @@ -254,12 +242,12 @@ protected synchronized void finalize() throws Throwable { } if (dsaKeyId != 0) { - NativeInterface.DSAKEY_delete(ockContext.getId(), dsaKeyId); + this.nativeImpl.DSAKEY_delete(dsaKeyId); dsaKeyId = 0; } if (pkeyId != 0) { - NativeInterface.PKEY_delete(ockContext.getId(), pkeyId); + this.nativeImpl.PKEY_delete(pkeyId); pkeyId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/Digest.java b/src/main/java/com/ibm/crypto/plus/provider/base/Digest.java similarity index 87% rename from src/main/java/com/ibm/crypto/plus/provider/ock/Digest.java rename to src/main/java/com/ibm/crypto/plus/provider/base/Digest.java index 938b99ccf..45bf5f25f 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/Digest.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/Digest.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.concurrent.ConcurrentLinkedQueue; import java.util.stream.Collectors; @@ -112,15 +112,13 @@ void getContext() throws OCKException { // Algorithm is not SHA* if (this.algIndx == -2) { - this.digestId = NativeInterface.DIGEST_create(this.ockContext.getId(), - this.digestAlgo); + this.digestId = nativeImpl.DIGEST_create(this.digestAlgo); } else { Long context = contexts[this.algIndx].poll(); if (context == null) { // Create new context - this.digestId = NativeInterface - .DIGEST_create(this.ockContext.getId(), this.digestAlgo); + this.digestId = nativeImpl.DIGEST_create(this.digestAlgo); this.contextFromQueue = (runtimeContextNum[this.algIndx] < numContexts); if (runtimeContextNum[this.algIndx] < numContexts) { runtimeContextNum[this.algIndx]++; @@ -142,8 +140,7 @@ void releaseContext() throws OCKException { // not SHA* algorithm if (this.algIndx == -2) { if (validId(this.digestId)) { - NativeInterface.DIGEST_delete(this.ockContext.getId(), - this.digestId); + nativeImpl.DIGEST_delete(this.digestId); this.digestId = 0; } } else { @@ -156,8 +153,7 @@ void releaseContext() throws OCKException { } else { // delete context if (validId(this.digestId)) { - NativeInterface.DIGEST_delete(this.ockContext.getId(), - this.digestId); + nativeImpl.DIGEST_delete(this.digestId); this.digestId = 0; } } @@ -169,7 +165,8 @@ void releaseContext() throws OCKException { * =========================================================================== */ - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private int digestLength = 0; private final String badIdMsg = "Digest Identifier is not valid"; private static final String debPrefix = "DIGEST"; @@ -178,21 +175,18 @@ void releaseContext() throws OCKException { private long digestId = 0; - public static Digest getInstance(OCKContext ockContext, String digestAlgo) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - + public static Digest getInstance(boolean isFIPS, String digestAlgo) throws OCKException { if (digestAlgo == null || digestAlgo.isEmpty()) { throw new IllegalArgumentException("digestAlgo is null/empty"); } - return new Digest(ockContext, digestAlgo); + return new Digest(isFIPS, digestAlgo); } - private Digest(OCKContext ockContext, String digestAlgo) throws OCKException { + private Digest(boolean isFIPS, String digestAlgo) throws OCKException { //final String methodName = "Digest(String)"; - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); this.digestAlgo = digestAlgo; getContext(); //OCKDebug.Msg(debPrefix, methodName, "digestAlgo :" + digestAlgo); @@ -233,8 +227,7 @@ public synchronized void update(byte[] input, int offset, int length) throws OCK throw new OCKException(badIdMsg); } - errorCode = NativeInterface.DIGEST_update(this.ockContext.getId(), - this.digestId, input, offset, length); + errorCode = this.nativeImpl.DIGEST_update(this.digestId, input, offset, length); if (errorCode < 0) { throwOCKException(errorCode); } @@ -255,8 +248,7 @@ public synchronized byte[] digest() throws OCKException { int digestLength = getDigestLength(); byte[] digestBytes = new byte[digestLength]; - errorCode = NativeInterface.DIGEST_digest_and_reset(this.ockContext.getId(), - this.digestId, digestBytes); + errorCode = this.nativeImpl.DIGEST_digest_and_reset(this.digestId, digestBytes); if (errorCode < 0) { throwOCKException(errorCode); } @@ -293,7 +285,7 @@ public synchronized void reset() throws OCKException { throw new OCKException(badIdMsg); } if (this.needsReinit) { - NativeInterface.DIGEST_reset(this.ockContext.getId(), this.digestId); + this.nativeImpl.DIGEST_reset(this.digestId); } this.needsReinit = false; } @@ -311,8 +303,7 @@ private synchronized void obtainDigestLength() throws OCKException { if (!validId(this.digestId)) { throw new OCKException(badIdMsg); } - this.digestLength = NativeInterface.DIGEST_size(this.ockContext.getId(), - this.digestId); + this.digestLength = this.nativeImpl.DIGEST_size(this.digestId); } } } @@ -349,14 +340,14 @@ public synchronized Object clone() throws CloneNotSupportedException { copy.algIndx = this.algIndx; copy.digestAlgo = new String(this.digestAlgo); copy.needsReinit = this.needsReinit; - copy.ockContext = this.ockContext; + copy.isFIPS = this.isFIPS; + copy.nativeImpl = NativeInterfaceFactory.getImpl(copy.isFIPS); copy.contextFromQueue = false; // Allocate a new context for the digestId and copy all state information from our // original context into the copy. try { - copy.digestId = NativeInterface.DIGEST_copy( - this.ockContext.getId(), getId()); + copy.digestId = copy.nativeImpl.DIGEST_copy(getId()); if (0 == copy.digestId) { throw new CloneNotSupportedException("Copy of native digest context failed."); } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/ECKey.java b/src/main/java/com/ibm/crypto/plus/provider/base/ECKey.java similarity index 73% rename from src/main/java/com/ibm/crypto/plus/provider/ock/ECKey.java rename to src/main/java/com/ibm/crypto/plus/provider/base/ECKey.java index 5e63b4359..9042759cb 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/ECKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/ECKey.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.math.BigInteger; import java.security.SecureRandom; @@ -23,7 +23,8 @@ public final class ECKey implements AsymmetricKey { // static final byte[] unobtainedKeyBytes = new byte[0]; - private OCKContext ockContext; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long ecKeyId = 0; private long pkeyId = 0; private static final String badIdMsg = "EC Key Identifier is not valid"; @@ -65,10 +66,11 @@ public final class ECKey implements AsymmetricKey { private static final String debPrefix = "ECKey"; - private ECKey(OCKContext ockContext, long ecKeyId, byte[] parameterBytes, + private ECKey(boolean isFIPS, long ecKeyId, byte[] parameterBytes, byte[] privateKeyBytes, byte[] publicKeyBytes) { //final String methodName = "ECKey(long, byte[], byte[], byte[]) "; - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); this.ecKeyId = ecKeyId; this.pkeyId = 0; this.parameterBytes = parameterBytes; @@ -80,9 +82,9 @@ private ECKey(OCKContext ockContext, long ecKeyId, byte[] parameterBytes, } /* Custom Curve */ - private ECKey(OCKContext ockContext, long ecKeyId, ECParameterSpec ecSpec, BigInteger s, + private ECKey(boolean isFIPS, long ecKeyId, ECParameterSpec ecSpec, BigInteger s, BigInteger pubKeyAffineX, BigInteger pubKeyAffineY) { - this.ockContext = ockContext; + this.isFIPS = isFIPS; this.ecKeyId = ecKeyId; this.pkeyId = 0; @@ -99,106 +101,85 @@ private ECKey(OCKContext ockContext, long ecKeyId, ECParameterSpec ecSpec, BigIn // Note that the caller of this method must ensure the pointer ecKeyId is not used // concurrently by suitable locking. - protected static byte[] getParametersBytes(OCKContext ockContext, long ecKeyId) + protected static byte[] getParametersBytes(boolean isFIPS, long ecKeyId) throws OCKException { - return (NativeInterface.ECKEY_getParameters(ockContext.getId(), ecKeyId)); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + return nativeImpl.ECKEY_getParameters(ecKeyId); } - public static ECKey generateKeyPair(OCKContext ockContext, int size, SecureRandom random) + public static ECKey generateKeyPair(boolean isFIPS, int size, SecureRandom random) throws OCKException { //final String methodName = "generateKeyPair "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (size < 0) { throw new IllegalArgumentException("The key length parameter is invalid"); } - long ecKeyId; - try { - ecKeyId = NativeInterface.ECKEY_generate(ockContext.getId(), size); - } catch (OCKException oe){ - if (oe.getMessage().contains("Incorrect key size") && allowIncorrectKeysizes) { - // If the flag is set and an incorrect key size was provided, default to 256. - ecKeyId = NativeInterface.ECKEY_generate(ockContext.getId(), 256); - } else { - throw oe; - } - } - + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long ecKeyId = nativeImpl.ECKEY_generate(size); if (!validId(ecKeyId)) { throw new OCKException(badIdMsg); } - byte[] parameterBytes = getParametersBytes(ockContext, ecKeyId); + byte[] parameterBytes = getParametersBytes(isFIPS, ecKeyId); //OCKDebug.Msg (debPrefix, methodName, "size=" + size + " ecKeyId=" + ecKeyId + " parameterBytes :", parameterBytes); - return new ECKey(ockContext, ecKeyId, parameterBytes, unobtainedKeyBytes, + return new ECKey(isFIPS, ecKeyId, parameterBytes, unobtainedKeyBytes, unobtainedKeyBytes); } - public static ECKey generateKeyPair(OCKContext ockContext, String soid, SecureRandom random) + public static ECKey generateKeyPair(boolean isFIPS, String soid, SecureRandom random) throws OCKException { //final String methodName = "generateKeyPair(String, SecureRandom) "; - if (ockContext == null) { - throw new IllegalArgumentException("The context parameter is null"); - } if ((soid == null) || (soid.equals("") == true)) { throw new IllegalArgumentException("The String Object Identifier parameter is invalid"); } - long ecKeyId = NativeInterface.ECKEY_generate(ockContext.getId(), soid); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long ecKeyId = nativeImpl.ECKEY_generate(soid); if (!validId(ecKeyId)) { throw new OCKException(badIdMsg); } - byte[] parameterBytes = getParametersBytes(ockContext, ecKeyId); + byte[] parameterBytes = getParametersBytes(isFIPS, ecKeyId); //OCKDebug.Msg (debPrefix, methodName, "soid :" + soid + " ecKeyId :" + ecKeyId + "parameterBytes :", parameterBytes); - return new ECKey(ockContext, ecKeyId, parameterBytes, unobtainedKeyBytes, + return new ECKey(isFIPS, ecKeyId, parameterBytes, unobtainedKeyBytes, unobtainedKeyBytes); } - public static ECKey generateKeyPair(OCKContext ockContext, byte[] parameterBytes, + public static ECKey generateKeyPair(boolean isFIPS, byte[] parameterBytes, SecureRandom random) throws OCKException { //final String methodName = "generateKeyPair(byte[], SecureRandom) "; - if (ockContext == null) { - throw new IllegalArgumentException("The context parameter is null"); - } if (parameterBytes == null) { throw new IllegalArgumentException("The parameter bytes is null"); } //OCKDebug.Msg (debPrefix, methodName, "paramBytes.length :" + parameterBytes.length, parameterBytes); - long ecKeyId = NativeInterface.ECKEY_generate(ockContext.getId(), parameterBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long ecKeyId = nativeImpl.ECKEY_generate(parameterBytes); //OCKDebug.Msg (debPrefix, methodName, "ecKeyId :" + ecKeyId); - return new ECKey(ockContext, ecKeyId, parameterBytes, unobtainedKeyBytes, + return new ECKey(isFIPS, ecKeyId, parameterBytes, unobtainedKeyBytes, unobtainedKeyBytes); } - public static byte[] generateParameters(OCKContext ockContext, int size) throws OCKException { + public static byte[] generateParameters(boolean isFIPS, int size) throws OCKException { //final String methodName = "generateParameters (int) "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (size < 0) { throw new IllegalArgumentException("key length is invalid"); } //OCKDebug.Msg (debPrefix, methodName, "size :" + size); - return NativeInterface.ECKEY_generateParameters(ockContext.getId(), size); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + return nativeImpl.ECKEY_generateParameters(size); } - public static byte[] generateParameters(OCKContext ockContext, String soid) + public static byte[] generateParameters(boolean isFIPS, String soid) throws OCKException { //final String methodName = "generateParameters(soid) "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (soid == null || soid.equals("")) { throw new IllegalArgumentException( @@ -206,7 +187,8 @@ public static byte[] generateParameters(OCKContext ockContext, String soid) } //OCKDebug.Msg (debPrefix, methodName, "soid :" + soid); - byte[] generatedParams = NativeInterface.ECKEY_generateParameters(ockContext.getId(), soid); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + byte[] generatedParams = nativeImpl.ECKEY_generateParameters(soid); //OCKDebug.Msg (debPrefix, methodName, "generatedParams :", generatedParams); return generatedParams; } @@ -272,7 +254,7 @@ private synchronized void obtainPKeyId() throws OCKException { if (!validId(ecKeyId)) { throw new OCKException(badIdMsg); } - this.pkeyId = NativeInterface.ECKEY_createPKey(ockContext.getId(), ecKeyId); + this.pkeyId = this.nativeImpl.ECKEY_createPKey(ecKeyId); } } @@ -285,7 +267,7 @@ private synchronized void obtainParameters() throws OCKException { if (!validId(ecKeyId)) { throw new OCKException(badIdMsg); } - this.parameterBytes = NativeInterface.ECKEY_getParameters(ockContext.getId(), ecKeyId); + this.parameterBytes = this.nativeImpl.ECKEY_getParameters(ecKeyId); } } @@ -298,8 +280,7 @@ private synchronized void obtainPrivateKeyBytes() throws OCKException { if (!validId(ecKeyId)) { throw new OCKException(badIdMsg); } - this.privateKeyBytes = NativeInterface.ECKEY_getPrivateKeyBytes(ockContext.getId(), - ecKeyId); + this.privateKeyBytes = this.nativeImpl.ECKEY_getPrivateKeyBytes(ecKeyId); } } @@ -313,8 +294,7 @@ private synchronized void obtainPublicKeyBytes() throws OCKException { if (!validId(ecKeyId)) { throw new OCKException(badIdMsg); } - this.publicKeyBytes = NativeInterface.ECKEY_getPublicKeyBytes(ockContext.getId(), - ecKeyId); + this.publicKeyBytes = this.nativeImpl.ECKEY_getPublicKeyBytes(ecKeyId); } } @@ -328,12 +308,12 @@ protected synchronized void finalize() throws Throwable { } if (ecKeyId != 0) { - NativeInterface.ECKEY_delete(ockContext.getId(), ecKeyId); + this.nativeImpl.ECKEY_delete(ecKeyId); ecKeyId = 0; } if (pkeyId != 0) { - NativeInterface.PKEY_delete(ockContext.getId(), pkeyId); + this.nativeImpl.PKEY_delete(pkeyId); pkeyId = 0; } } finally { @@ -343,40 +323,34 @@ protected synchronized void finalize() throws Throwable { // The underlying native function used in this method does not use any native pointer // that is shared across threads. Hence, it does not require any locks - public static ECKey createPrivateKey(OCKContext ockContext, byte[] privateKeyBytes, + public static ECKey createPrivateKey(boolean isFIPS, byte[] privateKeyBytes, byte[] paramBytes) throws OCKException { //final String methodName = "createPrivateKey"; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (privateKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } //OCKDebug.Msg (debPrefix, methodName, "privateKeyBytes :", privateKeyBytes ); - long ecKeyId = NativeInterface.ECKEY_createPrivateKey(ockContext.getId(), privateKeyBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long ecKeyId = nativeImpl.ECKEY_createPrivateKey(privateKeyBytes); //OCKDebug.Msg (debPrefix, methodName, "ecPrivateKeyId :" + ecKeyId); if (!validId(ecKeyId)) { throw new OCKException(badIdMsg); } - byte[] publicKeyBytes = NativeInterface.ECKEY_getPublicKeyBytes(ockContext.getId(), - ecKeyId); + byte[] publicKeyBytes = nativeImpl.ECKEY_getPublicKeyBytes(ecKeyId); //OCKDebug.Msg (debPrefix, methodName, "publicKeyBytes :", publicKeyBytes); - return new ECKey(ockContext, ecKeyId, paramBytes, privateKeyBytes.clone(), publicKeyBytes); + return new ECKey(isFIPS, ecKeyId, paramBytes, privateKeyBytes.clone(), publicKeyBytes); } // There is a lock on ecPrivateKey to ensure that the underlying native pointer is not concurrently // used by another ECDSA operation. This is needed as the method // ECKEY.signDatawithECDSA is not synchronized and not thread safe. // The method ECKey.signDatawithECDSA should NOT be synchronized for performance as that would create a global lock. - public static byte[] signDatawithECDSA(OCKContext ockContext, byte[] digestBytes, + public static byte[] signDatawithECDSA(boolean isFIPS, byte[] digestBytes, int digestBytesLen, ECKey ecPrivateKey) throws OCKException { //final String methodName = "signDatawithECDSA"; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (digestBytes == null || digestBytesLen < 1) { throw new IllegalArgumentException("digest bytes is null"); @@ -395,8 +369,9 @@ public static byte[] signDatawithECDSA(OCKContext ockContext, byte[] digestBytes byte[] signedBytes; synchronized (ecPrivateKey) { //OCKDebug.Msg (debPrefix, methodName, "digestBytesLen :" + digestBytesLen + " digestActualBytes :", digestActualBytes); - signedBytes = NativeInterface.ECKEY_signDatawithECDSA(ockContext.getId(), - digestActualBytes, digestBytesLen, ecPrivateKey.getEcKeyId()); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + signedBytes = nativeImpl.ECKEY_signDatawithECDSA(digestActualBytes, + digestBytesLen, ecPrivateKey.getEcKeyId()); } //OCKDebug.Msg (debPrefix, methodName, " signedBytes :" + signedBytes); return signedBytes; @@ -406,14 +381,11 @@ public static byte[] signDatawithECDSA(OCKContext ockContext, byte[] digestBytes // pointers are not concurrently used by another ECDSA operation. This is needed as the method // ECKey.verifyDatawithECDSA is not synchronized and not thread safe. // The method ECKey.verifyDatawithECDSA should NOT be synchronized for performance as that would create a global lock. - public static boolean verifyDatawithECDSA(OCKContext ockContext, byte[] digestBytes, + public static boolean verifyDatawithECDSA(boolean isFIPS, byte[] digestBytes, int digestBytesLen, byte[] sigBytes, int sigBytesLen, ECKey ecPublicKey) throws OCKException { //final String methodName = "verifyDatawithECDSA"; boolean verified = false; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (digestBytes == null || digestBytesLen < 1) { throw new IllegalArgumentException("digest bytes are null"); @@ -444,7 +416,8 @@ public static boolean verifyDatawithECDSA(OCKContext ockContext, byte[] digestBy //OCKDebug.Msg (debPrefix, methodName, "diestBytesLen : " + digestBytesLen + " digestAcutalBytes : ", digestActualBytes); //OCKDebug.Msg (debPrefix, methodName, " sigActualBytes : ", sigActualBytes); synchronized (ecPublicKey) { - verified = NativeInterface.ECKEY_verifyDatawithECDSA(ockContext.getId(), + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + verified = nativeImpl.ECKEY_verifyDatawithECDSA( digestActualBytes, digestBytesLen, sigActualBytes, sigBytesLen, ecPublicKey.getEcKeyId()); } @@ -452,34 +425,29 @@ public static boolean verifyDatawithECDSA(OCKContext ockContext, byte[] digestBy return verified; } - public static ECKey createPublicKey(OCKContext ockContext, byte[] publicKeyBytes, + public static ECKey createPublicKey(boolean isFIPS, byte[] publicKeyBytes, byte[] parameterBytes) throws OCKException { //final String methodName = "createPublicKey"; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (publicKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } //OCKDebug.Msg (debPrefix, methodName, "publicKeyBytes :", publicKeyBytes); //OCKDebug.Msg (debPrefix, methodName, "parameterBytes :", parameterBytes); - long ecKeyId = NativeInterface.ECKEY_createPublicKey(ockContext.getId(), publicKeyBytes, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long ecKeyId = nativeImpl.ECKEY_createPublicKey(publicKeyBytes, parameterBytes); //OCKDebug.Msg (debPrefix, methodName, "ecKeyId :" + ecKeyId); - return new ECKey(ockContext, ecKeyId, null, null, publicKeyBytes.clone()); + return new ECKey(isFIPS, ecKeyId, null, null, publicKeyBytes.clone()); } // There is a double lock on pubEcKeyId and privEcKeyId to ensure that the underlying native // pointers are not concurrently used by another ECDH operation. This is needed as the method // ECKey.computeDHSecret is not synchronized and not thread safe. // The method ECKey.computeDHSecret should NOT be synchronized for performance as that would create a global lock. - public static byte[] computeECDHSecret(OCKContext ockContext, long pubEcKeyId, long privEcKeyId) + public static byte[] computeECDHSecret(boolean isFIPS, long pubEcKeyId, long privEcKeyId) throws OCKException { //final String methodName = "computeECDHSecret "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (pubEcKeyId == 0) { throw new IllegalArgumentException("The public key parameter is not valid"); @@ -489,8 +457,8 @@ public static byte[] computeECDHSecret(OCKContext ockContext, long pubEcKeyId, l throw new IllegalArgumentException("The private key parameter is not valid"); } - byte[] sharedSecretBytes = NativeInterface.ECKEY_computeECDHSecret(ockContext.getId(), - pubEcKeyId, privEcKeyId); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + byte[] sharedSecretBytes = nativeImpl.ECKEY_computeECDHSecret(pubEcKeyId, privEcKeyId); //OCKDebug.Msg (debPrefix, methodName, "pubEcKeyId :" + pubEcKeyId + " privEcKeyId :" + privEcKeyId + " sharedSecretBytes :", sharedSecretBytes); return sharedSecretBytes; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/ExtendedRandom.java b/src/main/java/com/ibm/crypto/plus/provider/base/ExtendedRandom.java similarity index 59% rename from src/main/java/com/ibm/crypto/plus/provider/ock/ExtendedRandom.java rename to src/main/java/com/ibm/crypto/plus/provider/base/ExtendedRandom.java index 3636fbc57..c84c8f22e 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/ExtendedRandom.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/ExtendedRandom.java @@ -6,29 +6,28 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; public final class ExtendedRandom { - OCKContext ockContext; + private boolean isFIPS; + private NativeInterface nativeImpl = null; long ockPRNGContextId; - public static ExtendedRandom getInstance(OCKContext ockContext, String algName) + public static ExtendedRandom getInstance(boolean isFIPS, String algName) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if ((algName == null) || algName.isEmpty()) { throw new IllegalArgumentException("algName is null/empty"); } - return new ExtendedRandom(ockContext, algName); + return new ExtendedRandom(isFIPS, algName); } - private ExtendedRandom(OCKContext ockContext, String algName) throws OCKException { - this.ockContext = ockContext; - this.ockPRNGContextId = NativeInterface.EXTRAND_create(ockContext.getId(), algName); + private ExtendedRandom(boolean isFIPS, String algName) throws OCKException { + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + this.ockPRNGContextId = this.nativeImpl.EXTRAND_create(algName); } public synchronized void nextBytes(byte[] bytes) throws OCKException { @@ -37,7 +36,7 @@ public synchronized void nextBytes(byte[] bytes) throws OCKException { } if (bytes.length > 0) { - NativeInterface.EXTRAND_nextBytes(ockContext.getId(), ockPRNGContextId, bytes); + this.nativeImpl.EXTRAND_nextBytes(ockPRNGContextId, bytes); } } @@ -47,7 +46,7 @@ public synchronized void setSeed(byte[] seed) throws OCKException { } if (seed.length > 0) { - NativeInterface.EXTRAND_setSeed(ockContext.getId(), ockPRNGContextId, seed); + this.nativeImpl.EXTRAND_setSeed(ockPRNGContextId, seed); } } @@ -55,7 +54,7 @@ public synchronized void setSeed(byte[] seed) throws OCKException { protected synchronized void finalize() throws Throwable { try { if (ockPRNGContextId != 0) { - NativeInterface.EXTRAND_delete(ockContext.getId(), ockPRNGContextId); + this.nativeImpl.EXTRAND_delete(ockPRNGContextId); ockPRNGContextId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/FastJNIBuffer.java b/src/main/java/com/ibm/crypto/plus/provider/base/FastJNIBuffer.java similarity index 90% rename from src/main/java/com/ibm/crypto/plus/provider/ock/FastJNIBuffer.java rename to src/main/java/com/ibm/crypto/plus/provider/base/FastJNIBuffer.java index bf56a17be..8edffad71 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/FastJNIBuffer.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/FastJNIBuffer.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.nio.ByteBuffer; @@ -27,7 +27,7 @@ public long pointer() { public static FastJNIBuffer create(int capacity) { FastJNIBuffer b = new FastJNIBuffer(capacity); - b.pointer = NativeInterface.getByteBufferPointer(b.byteBuffer); + b.pointer = NativeInterfaceFactory.getImpl(false).getByteBufferPointer(b.byteBuffer); b.capacity = capacity; return b; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/GCMCipher.java b/src/main/java/com/ibm/crypto/plus/provider/base/GCMCipher.java similarity index 92% rename from src/main/java/com/ibm/crypto/plus/provider/ock/GCMCipher.java rename to src/main/java/com/ibm/crypto/plus/provider/base/GCMCipher.java index 0a9b713f4..7e808283d 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/GCMCipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/GCMCipher.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.nio.ByteBuffer; import java.util.Arrays; @@ -107,7 +107,7 @@ protected FastJNIBuffer initialValue() { // it is not synchronized since there are no shared OCK data structures used in the OCK call // except ICC_CTX which is thread safe - public static int doGCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] iv, int tagLen, + public static int doGCMFinal_Decrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException, AEADBadTagException { @@ -181,11 +181,12 @@ public static int doGCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] i int aadLen = authenticationData.length; - long gcmCtx = getGCMContext(false, key.length, ockContext); + long gcmCtx = getGCMContext(false, key.length, isFIPS); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); if (GCMHardwareFunctionPtr == 0) - GCMHardwareFunctionPtr = NativeInterface - .do_GCM_checkHardwareGCMSupport(ockContext.getId()); + GCMHardwareFunctionPtr = nativeImpl + .do_GCM_checkHardwareGCMSupport(); if (iv.length + key.length + aadLen <= FastJNIParameterBufferSize && !disableGCMAcceleration @@ -204,7 +205,7 @@ public static int doGCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] i inputBuffer.put(0, input, inputOffset, inputLen); parameters.put(iv.length + aadLen, key, 0, key.length); - rc = NativeInterface.do_GCM_decryptFastJNI(ockContext.getId(), gcmCtx, + rc = nativeImpl.do_GCM_decryptFastJNI(gcmCtx, key.length, iv.length, 0, inputLen - tagLen, 0, aadLen, tagLen, parameters.pointer(), inputBuffer.pointer(), outputBuffer.pointer()); // Copy Output + Tag out of native data buffer @@ -216,7 +217,7 @@ public static int doGCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] i throw new OCKException(ErrorCodes.get(rc)); } } else { - rc = NativeInterface.do_GCM_decrypt(ockContext.getId(), gcmCtx, key, key.length, iv, + rc = nativeImpl.do_GCM_decrypt(gcmCtx, key, key.length, iv, iv.length, input, inputOffset, inputLen - tagLen, output, outputOffset, authenticationData, aadLen, tagLen); if (rc != 0) { @@ -228,7 +229,7 @@ public static int doGCMFinal_Decrypt(OCKContext ockContext, byte[] key, byte[] i // it is not synchronized since there are no shared OCK data structures used in the OCK call // except ICC_CTX which is thread safe - public static int doGCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] iv, int tagLen, + public static int doGCMFinal_Encrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException { @@ -306,11 +307,12 @@ public static int doGCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] i int aadLen = authenticationData.length; - long gcmCtx = getGCMContext(true, key.length, ockContext); + long gcmCtx = getGCMContext(true, key.length, isFIPS); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); if (GCMHardwareFunctionPtr == 0) - GCMHardwareFunctionPtr = NativeInterface - .do_GCM_checkHardwareGCMSupport(ockContext.getId()); + GCMHardwareFunctionPtr = nativeImpl + .do_GCM_checkHardwareGCMSupport(); if (iv.length + key.length + aadLen + tagLen <= FastJNIParameterBufferSize && (inputLen <= FastJNIInputBufferSize || GCMHardwareFunctionPtr != -1)) { FastJNIBuffer parameters = GCMCipher.parameterBuffer.get(); @@ -325,7 +327,7 @@ public static int doGCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] i FastJNIBuffer inputBuffer = GCMCipher.inputBuffer.get(); inputBuffer.put(0, input, inputOffset, inputLen); parameters.put(ivLen + aadLen, key, 0, keyLen); - rc = NativeInterface.do_GCM_encryptFastJNI(ockContext.getId(), gcmCtx, keyLen, + rc = nativeImpl.do_GCM_encryptFastJNI(gcmCtx, keyLen, ivLen, 0, inputLen, 0, aadLen, tagLen, parameters.pointer(), inputBuffer.pointer(), outputBuffer.pointer()); // Copy Output + Tag out of native data buffer @@ -343,7 +345,7 @@ public static int doGCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] i //OCKDebug.Msg (debPrefix, methodName, "key.length :" + key.length + " iv.length :" + iv.length + " inputOffset :" + inputOffset); //OCKDebug.Msg (debPrefix, methodName," inputLen :" + inputLen + " aadLen :" + aadLen + " tagLen " + tagLen); - rc = NativeInterface.do_GCM_encrypt(ockContext.getId(), gcmCtx, key, key.length, iv, + rc = nativeImpl.do_GCM_encrypt(gcmCtx, key, key.length, iv, iv.length, input, inputOffset, inputLen, output, outputOffset, authenticationData, aadLen, tag, tagLen); System.arraycopy(tag, 0, output, outputOffset + inputLen, tagLen); @@ -356,7 +358,7 @@ public static int doGCMFinal_Encrypt(OCKContext ockContext, byte[] key, byte[] i return outLen; } - public static int do_GCM_FinalForUpdateDecrypt(OCKContext ockContext, byte[] key, byte[] iv, + public static int do_GCM_FinalForUpdateDecrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, @@ -413,7 +415,7 @@ public static int do_GCM_FinalForUpdateDecrypt(OCKContext ockContext, byte[] key int aadLen = authenticationData.length; - long gcmCtx = getGCMContext(false, key.length, ockContext); + long gcmCtx = getGCMContext(false, key.length, isFIPS); //OCKDebug.Msg(debPrefix,methodName, "gcmCtx = " + gcmCtx ); //OCKDebug.Msg (debPrefix, methodName, "key.length :" + key.length + " iv.length :" + iv.length + " inputOffset :" + inputOffset); @@ -421,7 +423,8 @@ public static int do_GCM_FinalForUpdateDecrypt(OCKContext ockContext, byte[] key //OCKDebug.Msg (debPrefix, methodName, "length of output :" + output.length + " outputOffset :" + outputOffset); //OCKDebug.Msg (debPrefix, methodName, "before calling do_GCM_FinalForUpdateDecrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); - rc = NativeInterface.do_GCM_FinalForUpdateDecrypt(ockContext.getId(), gcmCtx, input, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + rc = nativeImpl.do_GCM_FinalForUpdateDecrypt(gcmCtx, input, inputOffset, inputLen, output, outputOffset, output.length, authenticationData, aadLen, tagLen); @@ -436,7 +439,7 @@ public static int do_GCM_FinalForUpdateDecrypt(OCKContext ockContext, byte[] key } - public static int do_GCM_InitForUpdateDecrypt(OCKContext ockContext, byte[] key, byte[] iv, + public static int do_GCM_InitForUpdateDecrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, @@ -484,7 +487,7 @@ public static int do_GCM_InitForUpdateDecrypt(OCKContext ockContext, byte[] key, int aadLen = authenticationData.length; - long gcmCtx = getGCMContext(false, key.length, ockContext); + long gcmCtx = getGCMContext(false, key.length, isFIPS); //OCKDebug.Msg(debPrefix,methodName, "gcmCtx = " + gcmCtx ); //To-Do - replace false with actual logic @@ -493,7 +496,8 @@ public static int do_GCM_InitForUpdateDecrypt(OCKContext ockContext, byte[] key, //OCKDebug.Msg (debPrefix, methodName, " inputLen :" + inputLen + " aadLen :" + aadLen + " tagLen :" + tagLen); //OCKDebug.Msg (debPrefix, methodName, "outputOffset :" + String.valueOf(outputOffset)); //OCKDebug.Msg (debPrefix, methodName, "before calling do_GCM_UpdateDecrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); - rc = NativeInterface.do_GCM_InitForUpdateDecrypt(ockContext.getId(), gcmCtx, key, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + rc = nativeImpl.do_GCM_InitForUpdateDecrypt(gcmCtx, key, key.length, iv, iv.length, authenticationData, aadLen); //OCKDebug.Msg (debPrefix, methodName, "After calling do_GCM_InitForUpdateDecrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); @@ -505,7 +509,7 @@ public static int do_GCM_InitForUpdateDecrypt(OCKContext ockContext, byte[] key, return len; } - public static /*synchronized*/ int do_GCM_UpdForUpdateDecrypt(OCKContext ockContext, byte[] key, + public static /*synchronized*/ int do_GCM_UpdForUpdateDecrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, @@ -558,7 +562,7 @@ public static int do_GCM_InitForUpdateDecrypt(OCKContext ockContext, byte[] key, //int aadLen = authenticationData.length; - long gcmCtx = getGCMContext(false, key.length, ockContext); + long gcmCtx = getGCMContext(false, key.length, isFIPS); //OCKDebug.Msg(debPrefix,methodName, "gcmCtx = " + gcmCtx ); @@ -566,7 +570,8 @@ public static int do_GCM_InitForUpdateDecrypt(OCKContext ockContext, byte[] key, //OCKDebug.Msg (debPrefix, methodName, " inputLen :" + inputLen + " tagLen :" + tagLen); //OCKDebug.Msg (debPrefix, methodName, "outputOffset :" + String.valueOf(outputOffset)); //OCKDebug.Msg (debPrefix, methodName, "before calling do_GCM_UpdForUpdateDecrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); - rc = NativeInterface.do_GCM_UpdForUpdateDecrypt(ockContext.getId(), gcmCtx, input, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + rc = nativeImpl.do_GCM_UpdForUpdateDecrypt(gcmCtx, input, inputOffset, inputLen, //inputLen-tagLen, output, outputOffset); // //OCKDebug.Msg (debPrefix, methodName, "rc =" + rc + " After calling do_GCM_UpdForUpdateDecrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); @@ -579,7 +584,7 @@ public static int do_GCM_InitForUpdateDecrypt(OCKContext ockContext, byte[] key, return len; } - public static int do_GCM_FinalForUpdateEncrypt(OCKContext ockContext, byte[] key, byte[] iv, + public static int do_GCM_FinalForUpdateEncrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException { @@ -658,7 +663,7 @@ public static int do_GCM_FinalForUpdateEncrypt(OCKContext ockContext, byte[] key int aadLen = authenticationData.length; - long gcmCtx = getGCMContext(true, key.length, ockContext); + long gcmCtx = getGCMContext(true, key.length, isFIPS); //OCKDebug.Msg (debPrefix, methodName, "gcmCtx :" + String.valueOf(gcmCtx)); @@ -667,7 +672,8 @@ public static int do_GCM_FinalForUpdateEncrypt(OCKContext ockContext, byte[] key //OCKDebug.Msg (debPrefix, methodName, "key.length :" + key.length + " iv.length :" + iv.length + " inputOffset :" + inputOffset); //OCKDebug.Msg (debPrefix, methodName, " inputLen :" + inputLen + " aadLen :" + aadLen + " tagLen " + tagLen); //OCKDebug.Msg (debPrefix, methodName, "before calling do_GCM_FinalForUpdateEncrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue()) + " input[]=", input); - rc = NativeInterface.do_GCM_FinalForUpdateEncrypt(ockContext.getId(), gcmCtx, key, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + rc = nativeImpl.do_GCM_FinalForUpdateEncrypt(gcmCtx, key, key.length, iv, iv.length, input, inputOffset, inputLen, output, outputOffset, authenticationData, aadLen, tag, tagLen); @@ -688,7 +694,7 @@ public static int do_GCM_FinalForUpdateEncrypt(OCKContext ockContext, byte[] key // it is not synchronized since there are no shared OCK data structures used in the OCK call // except ICC_CTX which is thread safe - public static int do_GCM_UpdForUpdateEncrypt(OCKContext ockContext, byte[] key, byte[] iv, + public static int do_GCM_UpdForUpdateEncrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException { @@ -751,14 +757,15 @@ public static int do_GCM_UpdForUpdateEncrypt(OCKContext ockContext, byte[] key, // int aadLen = authenticationData.length; - long gcmCtx = getGCMContext(true, key.length, ockContext); + long gcmCtx = getGCMContext(true, key.length, isFIPS); //OCKDebug.Msg(debPrefix, methodName, " gcmCtx " + gcmCtx); //To-Do and implement actual logic //OCKDebug.Msg (debPrefix, methodName, "key.length :" + key.length + " iv.length :" + iv.length + " inputOffset :" + inputOffset); //OCKDebug.Msg (debPrefix, methodName, "calling native interface: inputLen :" + inputLen + " tagLen " + tagLen); //OCKDebug.Msg (debPrefix, methodName, "before calling do_GCM_UpdForUpdateEncrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); - rc = NativeInterface.do_GCM_UpdForUpdateEncrypt(ockContext.getId(), gcmCtx, input, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + rc = nativeImpl.do_GCM_UpdForUpdateEncrypt(gcmCtx, input, inputOffset, inputLen, output, outputOffset); //OCKDebug.Msg (debPrefix, methodName, "After calling do_GCM_UpdForUpdateEncrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); //OCKDebug.Msg(debPrefix, methodName, "back from Native interface=" + rc); @@ -775,7 +782,7 @@ public static int do_GCM_UpdForUpdateEncrypt(OCKContext ockContext, byte[] key, // it is not synchronized since there are no shared OCK data structures used in the OCK call // except ICC_CTX which is thread safe - public static int do_GCM_InitForUpdateEncrypt(OCKContext ockContext, byte[] key, byte[] iv, + public static int do_GCM_InitForUpdateEncrypt(boolean isFIPS, byte[] key, byte[] iv, int tagLen, byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset, byte[] aad) throws OCKException, IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException { @@ -828,13 +835,14 @@ public static int do_GCM_InitForUpdateEncrypt(OCKContext ockContext, byte[] key, int aadLen = authenticationData.length; - long gcmCtx = getGCMContext(true, key.length, ockContext); + long gcmCtx = getGCMContext(true, key.length, isFIPS); //OCKDebug.Msg(debPrefix, methodName, " gcmCtx " + gcmCtx); //OCKDebug.Msg (debPrefix, methodName, "key.length :" + key.length + " iv.length :" + iv.length + " inputOffset :" + inputOffset); //OCKDebug.Msg (debPrefix, methodName, "calling native interface: inputLen :" + inputLen + " aadLen :" + aadLen + " tagLen " + tagLen); //OCKDebug.Msg (debPrefix, methodName, "before calling do_GCM_InitForUpdateEncrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); - rc = NativeInterface.do_GCM_InitForUpdateEncrypt(ockContext.getId(), gcmCtx, key, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + rc = nativeImpl.do_GCM_InitForUpdateEncrypt(gcmCtx, key, key.length, iv, iv.length, authenticationData, aadLen); //OCKDebug.Msg (debPrefix, methodName, "After calling do_GCM_InitForUpdateEncrypt gcmUpdateOutlen =" + String.valueOf(gcmUpdateOutlen.getValue())); //OCKDebug.Msg(debPrefix, methodName, "back from Native interface=" + rc); @@ -850,13 +858,13 @@ public static int do_GCM_InitForUpdateEncrypt(OCKContext ockContext, byte[] key, } - private static long getGCMContext(boolean encrypting, int keyLength, OCKContext ockContext) + private static long getGCMContext(boolean encrypting, int keyLength, boolean isFIPS) throws OCKException { //// if it is indicated that Java based TLS storage of GCM contexts should be used //// we fetch the TLS copy of the gcm context. if uninitialized, create a new one if (useJavaTLS) { GCMContextPointer gcmCtx = null; - int keyLength_ = keyLength + ((ockContext.isFIPS()) ? 1 : 0); + int keyLength_ = keyLength + ((isFIPS) ? 1 : 0); ThreadLocal gcmCtxBuffer = null; switch (keyLength_) { case 16: @@ -877,10 +885,12 @@ private static long getGCMContext(boolean encrypting, int keyLength, OCKContext case 33: gcmCtxBuffer = (encrypting) ? gcmContextBufferE32FIPS : gcmContextBufferD32FIPS; break; + default: + throw new OCKException("Improper key length when trying to get GCM context"); } gcmCtx = gcmCtxBuffer.get(); if (gcmCtx == null) { - gcmCtx = new GCMContextPointer(ockContext.getId()); + gcmCtx = new GCMContextPointer(isFIPS); gcmCtxBuffer.set(gcmCtx); } return gcmCtx.getCtx(); @@ -934,10 +944,9 @@ private static int getOutputSize(int inputLen, boolean encrypting, int tLen, return totalLen; } - public static void doGCM_cleanup(OCKContext ockContext) throws OCKException { - if (ockContext != null) { - NativeInterface.do_GCM_delete(ockContext.getId()); - } + public static void doGCM_cleanup(boolean isFIPS) throws OCKException { + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + nativeImpl.do_GCM_delete(); } @@ -984,12 +993,13 @@ static int useHardwareGCM(boolean isEncrypt, int inputLen, int ivLen, int keyLen putLongtoByteArray(inputLen * 8, addedParams, TPCLOffset); // Add TPCL parameters.put(paramBlockOffset, addedParams, 0, addedParams.length); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(false); if (isEncrypt) { // encrypt - rc = NativeInterface.do_GCM_encryptFastJNI_WithHardwareSupport(keyLen, ivLen, 0, + rc = nativeImpl.do_GCM_encryptFastJNI_WithHardwareSupport(keyLen, ivLen, 0, inputLen, 0, aadLen, tagLen, parameters.pointer(), input, inputOffset, output, outputOffset); } else { // decrypt - rc = NativeInterface.do_GCM_decryptFastJNI_WithHardwareSupport(keyLen, ivLen, 0, + rc = nativeImpl.do_GCM_decryptFastJNI_WithHardwareSupport(keyLen, ivLen, 0, inputLen, 0, aadLen, tagLen, parameters.pointer(), input, inputOffset, output, outputOffset); if (rc == -1) @@ -1023,18 +1033,20 @@ public static byte[] intToBytes(int x) { static class GCMContextPointer { long gcmCtx = 0; - long ockContext = 0; + boolean isFIPS; + NativeInterface nativeImpl = null; - GCMContextPointer(long ockContext) throws OCKException { - this.gcmCtx = NativeInterface.create_GCM_context(ockContext); - this.ockContext = ockContext; + GCMContextPointer(boolean isFIPS) throws OCKException { + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); + this.gcmCtx = this.nativeImpl.create_GCM_context(); } @Override protected synchronized void finalize() throws Throwable { try { if (gcmCtx != 0) { - NativeInterface.free_GCM_ctx(ockContext, gcmCtx); + this.nativeImpl.free_GCM_ctx(gcmCtx); gcmCtx = 0; } } finally { @@ -1049,7 +1061,7 @@ long getCtx() { public static boolean gcmUpdateSupported() { boolean supported = false; - String osName = NativeInterface.getOsName(); + String osName = System.getProperty("os.name"); if (osName.startsWith("Windows")) { supported = true; diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/HKDF.java b/src/main/java/com/ibm/crypto/plus/provider/base/HKDF.java similarity index 79% rename from src/main/java/com/ibm/crypto/plus/provider/ock/HKDF.java rename to src/main/java/com/ibm/crypto/plus/provider/base/HKDF.java index 72fb5f0a0..2cb7f676a 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/HKDF.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/HKDF.java @@ -6,13 +6,14 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.Arrays; public final class HKDF { - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long hkdfId = 0; String debPrefix = ""; @@ -24,17 +25,15 @@ public final class HKDF { private final String badIdMsg = "HKDF Identifier is not valid"; - public static HKDF getInstance(OCKContext ockContext, String digestAlgo) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - return new HKDF(ockContext, digestAlgo); + public static HKDF getInstance(boolean isFIPS, String digestAlgo) throws OCKException { + return new HKDF(isFIPS, digestAlgo); } - private HKDF(OCKContext ockContext, String digestAlgo) throws OCKException { - //final String methodName = "HKDF (ockContext, String)"; - this.ockContext = ockContext; - this.hkdfId = NativeInterface.HKDF_create(ockContext.getId(), digestAlgo); + private HKDF(boolean isFIPS, String digestAlgo) throws OCKException { + //final String methodName = "HKDF (isFIPS, String)"; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + this.hkdfId = this.nativeImpl.HKDF_create(digestAlgo); //OCKDebug.Msg (debPrefix, methodName, "this.hkdfId :" + this.hkdfId ); } @@ -45,7 +44,7 @@ public synchronized byte[] extract(byte[] salt, long saltLen, byte[] inKey, long //OCKDebug.Msg (debPrefix, methodName, "this.hkdfId :" + this.hkdfId ); //OCKDebug.Msg (debPrefix, methodName, "saltLen:" + saltLen ); //OCKDebug.Msg (debPrefix, methodName, "inpKeyLen:" + inpKeyLen + " inKey.lenth=" + inKey.length); - byte[] extractedBytes = NativeInterface.HKDF_extract(ockContext.getId(), hkdfId, salt, + byte[] extractedBytes = this.nativeImpl.HKDF_extract(hkdfId, salt, (long) (salt.length), inKey, inpKeyLen); return extractedBytes; @@ -56,7 +55,7 @@ public synchronized byte[] expand(byte[] prkBytes, long prkLen, byte[] info, lon //final String methodName = "HKDF expand (byte[] prkBytes, long prkLen, \r\n" // + " byte[] info, long infoLen, long okmLen)"; //OCKDebug.Msg (debPrefix, methodName, "this.hkdfId :" + this.hkdfId ); - byte[] expandedBytes = NativeInterface.HKDF_expand(ockContext.getId(), hkdfId, prkBytes, + byte[] expandedBytes = this.nativeImpl.HKDF_expand(hkdfId, prkBytes, (long) (prkBytes.length), info, (long) (info.length), okmLen); return expandedBytes; @@ -68,7 +67,7 @@ public synchronized byte[] derive(byte[] salt, long saltLen, byte[] inKey, long //OCKDebug.Msg (debPrefix, methodName, "this.hkdfId :" + this.hkdfId ); //OCKDebug.Msg (debPrefix, methodName, "saltLen:" + saltLen ); //OCKDebug.Msg (debPrefix, methodName, "inpKeyLen:" + inpKeyLen + " inKey.lenth=" + inKey.length); - byte[] generateBytes = NativeInterface.HKDF_derive(ockContext.getId(), hkdfId, salt, + byte[] generateBytes = this.nativeImpl.HKDF_derive(hkdfId, salt, (long) (salt.length), inKey, inpKeyLen, info, (long) (info.length), okmLen); return generateBytes; @@ -100,7 +99,7 @@ private synchronized void obtainMacLength() throws OCKException { if (!validId(hkdfId)) { throw new OCKException(badIdMsg); } - this.macLength = NativeInterface.HKDF_size(ockContext.getId(), hkdfId); + this.macLength = this.nativeImpl.HKDF_size(hkdfId); } } @@ -110,7 +109,7 @@ protected synchronized void finalize() throws Throwable { //OCKDebug.Msg (debPrefix, methodName, "hkdfId :" + hkdfId + " hmacId : " + hmacId ); try { if (hkdfId != 0) { - NativeInterface.HKDF_delete(ockContext.getId(), hkdfId); + this.nativeImpl.HKDF_delete(hkdfId); hkdfId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/HMAC.java b/src/main/java/com/ibm/crypto/plus/provider/base/HMAC.java similarity index 85% rename from src/main/java/com/ibm/crypto/plus/provider/ock/HMAC.java rename to src/main/java/com/ibm/crypto/plus/provider/base/HMAC.java index 8910d6a8a..5597b51d2 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/HMAC.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/HMAC.java @@ -6,13 +6,14 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.Arrays; public final class HMAC { - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long hmacId = 0; private boolean needsReinit = false; private byte[] reinitKey = null; @@ -20,12 +21,8 @@ public final class HMAC { private final String badIdMsg = "HMAC Identifier is not valid"; private static final String debPrefix = "HAMC"; - public static HMAC getInstance(OCKContext ockContext, String digestAlgo) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - - return new HMAC(ockContext, digestAlgo); + public static HMAC getInstance(boolean isFIPS, String digestAlgo) throws OCKException { + return new HMAC(isFIPS, digestAlgo); } static void throwOCKException(int errorCode) throws OCKException { @@ -41,10 +38,11 @@ static void throwOCKException(int errorCode) throws OCKException { } } - private HMAC(OCKContext ockContext, String digestAlgo) throws OCKException { + private HMAC(boolean isFIPS, String digestAlgo) throws OCKException { //final String methodName = "HMAC (String)"; - this.ockContext = ockContext; - this.hmacId = NativeInterface.HMAC_create(ockContext.getId(), digestAlgo); + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + this.hmacId = this.nativeImpl.HMAC_create(digestAlgo); //OCKDebug.Msg (debPrefix, methodName, "this.hmacId :" + this.hmacId + " digestAlgo :" + digestAlgo); } @@ -95,7 +93,7 @@ public synchronized void update(byte[] input, int inputOffset, int inputLen) if (!validId(hmacId)) { throw new OCKException(badIdMsg); } - int result = NativeInterface.HMAC_update(ockContext.getId(), hmacId, reinitKey, + int result = this.nativeImpl.HMAC_update(hmacId, reinitKey, reinitKey.length, input, inputOffset, inputLen, needsReinit); if (result < 0) { throwOCKException(result); @@ -115,7 +113,7 @@ public synchronized byte[] doFinal() throws OCKException { } obtainMacLength(); byte[] hmac = new byte[macLength]; - int result = NativeInterface.HMAC_doFinal(ockContext.getId(), hmacId, reinitKey, + int result = this.nativeImpl.HMAC_doFinal(hmacId, reinitKey, reinitKey.length, hmac, needsReinit); if (result < 0) { throwOCKException(result); @@ -140,7 +138,7 @@ private synchronized void obtainMacLength() throws OCKException { if (!validId(hmacId)) { throw new OCKException(badIdMsg); } - this.macLength = NativeInterface.HMAC_size(ockContext.getId(), hmacId); + this.macLength = this.nativeImpl.HMAC_size(hmacId); } } @@ -150,7 +148,7 @@ protected synchronized void finalize() throws Throwable { //OCKDebug.Msg (debPrefix, methodName, "hamcId :" + hmacId + " reinitKey :" + reinitKey); try { if (hmacId != 0) { - NativeInterface.HMAC_delete(ockContext.getId(), hmacId); + this.nativeImpl.HMAC_delete(hmacId); hmacId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/IOScheme.java b/src/main/java/com/ibm/crypto/plus/provider/base/IOScheme.java similarity index 97% rename from src/main/java/com/ibm/crypto/plus/provider/ock/IOScheme.java rename to src/main/java/com/ibm/crypto/plus/provider/base/IOScheme.java index 60dc74f0c..77f5a8147 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/IOScheme.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/IOScheme.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.nio.ByteBuffer; diff --git a/src/main/java/com/ibm/crypto/plus/provider/base/NativeInterface.java b/src/main/java/com/ibm/crypto/plus/provider/base/NativeInterface.java new file mode 100644 index 000000000..d416cc1e4 --- /dev/null +++ b/src/main/java/com/ibm/crypto/plus/provider/base/NativeInterface.java @@ -0,0 +1,626 @@ +/* + * Copyright IBM Corp. 2023, 2025 + * + * This code is free software; you can redistribute it and/or modify it + * under the terms provided by IBM in the LICENSE file that accompanied + * this code, including the "Classpath" Exception described therein. + */ + +package com.ibm.crypto.plus.provider.base; + +import java.nio.ByteBuffer; +import java.security.ProviderException; + +public interface NativeInterface { + public String getLibraryVersion() throws OCKException; + + public String getLibraryInstallPath() throws OCKException; + + void validateLibraryLocation() throws ProviderException, OCKException; + + void validateLibraryVersion() throws ProviderException, OCKException; + + // ========================================================================= + // General functions + // ========================================================================= + + public String getLibraryBuildDate(); + + // ========================================================================= + // Static stub functions + // ========================================================================= + + public long initializeOCK(boolean isFIPS) throws OCKException; + + public String CTX_getValue(int valueId) throws OCKException; + + public long getByteBufferPointer(ByteBuffer b); + + // ========================================================================= + // Basic random number generator functions + // ========================================================================= + + public void RAND_nextBytes(byte[] buffer) throws OCKException; + + public void RAND_setSeed(byte[] seed) throws OCKException; + + public void RAND_generateSeed(byte[] seed) throws OCKException; + + // ========================================================================= + // Extended random number generator functions + // ========================================================================= + + public long EXTRAND_create(String algName) throws OCKException; + + public void EXTRAND_nextBytes(long ockPRNGContextId, + byte[] buffer) throws OCKException; + + public void EXTRAND_setSeed(long ockPRNGContextId, byte[] seed) + throws OCKException; + + public void EXTRAND_delete(long ockPRNGContextId) + throws OCKException; + + // ========================================================================= + // Cipher functions + // ========================================================================= + + public long CIPHER_create(String cipher) throws OCKException; + + public void CIPHER_init(long ockCipherId, int isEncrypt, + int paddingId, byte[] key, byte[] iv) throws OCKException; + + public void CIPHER_clean(long ockCipherId) throws OCKException; + + public void CIPHER_setPadding(long ockCipherId, int paddingId) + throws OCKException; + + public int CIPHER_getBlockSize(long ockCipherId); + + public int CIPHER_getKeyLength(long ockCipherId); + + public int CIPHER_getIVLength(long ockCipherId); + + public int CIPHER_getOID(long ockCipherId); + + public int CIPHER_encryptUpdate(long ockCipherId, + byte[] plaintext, int plaintextOffset, int plaintextLen, byte[] ciphertext, + int ciphertextOffset, boolean needsReinit) throws OCKException; + + public int CIPHER_decryptUpdate(long ockCipherId, + byte[] ciphertext, int cipherOffset, int cipherLen, byte[] plaintext, + int plaintextOffset, boolean needsReinit) throws OCKException; + + public int CIPHER_encryptFinal(long ockCipherId, byte[] input, + int inOffset, int inLen, byte[] ciphertext, int ciphertextOffset, boolean needsReinit) + throws OCKException; + + public int CIPHER_decryptFinal(long ockCipherId, + byte[] ciphertext, int cipherOffset, int cipherLen, byte[] plaintext, + int plaintextOffset, boolean needsReinit) throws OCKException; + + public long checkHardwareSupport(); + + public void CIPHER_delete(long ockCipherId) + throws OCKException; + + public byte[] CIPHER_KeyWraporUnwrap(byte[] key, byte[] KEK, int type) + throws OCKException; + + public int z_kmc_native(byte[] input, int inputOffset, byte[] output, + int outputOffset, long paramPointer, int inputLength, int mode); + + // ========================================================================= + // Poly1305 Cipher functions + // ========================================================================= + + public long POLY1305CIPHER_create(String cipher) + throws OCKException; + + public void POLY1305CIPHER_init(long ockCipherId, + int isEncrypt, byte[] key, byte[] iv) throws OCKException; + + public void POLY1305CIPHER_clean(long ockCipherId) + throws OCKException; + + public void POLY1305CIPHER_setPadding(long ockCipherId, + int paddingId) throws OCKException; + + public int POLY1305CIPHER_getBlockSize(long ockCipherId); + + public int POLY1305CIPHER_getKeyLength(long ockCipherId); + + public int POLY1305CIPHER_getIVLength(long ockCipherId); + + public int POLY1305CIPHER_getOID(long ockCipherId); + + public int POLY1305CIPHER_encryptUpdate(long ockCipherId, + byte[] plaintext, int plaintextOffset, int plaintextLen, byte[] ciphertext, + int ciphertextOffset) throws OCKException; + + public int POLY1305CIPHER_decryptUpdate(long ockCipherId, + byte[] ciphertext, int cipherOffset, int cipherLen, byte[] plaintext, + int plaintextOffset) throws OCKException; + + public int POLY1305CIPHER_encryptFinal(long ockCipherId, + byte[] input, int inOffset, int inLen, byte[] ciphertext, int ciphertextOffset, + byte[] tag) throws OCKException; + + public int POLY1305CIPHER_decryptFinal(long ockCipherId, + byte[] ciphertext, int cipherOffset, int cipherLen, byte[] plaintext, + int plaintextOffset, byte[] tag) throws OCKException; + + public void POLY1305CIPHER_delete(long ockCipherId) + throws OCKException; + + // ========================================================================= + // GCM Cipher functions + // ========================================================================= + + public long do_GCM_checkHardwareGCMSupport(); + + public int do_GCM_encryptFastJNI_WithHardwareSupport(int keyLen, int ivLen, + int inOffset, int inLen, int ciphertextOffset, int aadLen, int tagLen, + long parameterBuffer, byte[] input, int inputOffset, byte[] output, int outputOffset) + throws OCKException; + + public int do_GCM_encryptFastJNI(long gcmCtx, int keyLen, + int ivLen, int inOffset, int inLen, int ciphertextOffset, int aadLen, int tagLen, + long parameterBuffer, long inputBuffer, long outputBuffer) throws OCKException; + + public int do_GCM_decryptFastJNI_WithHardwareSupport(int keyLen, int ivLen, + int inOffset, int inLen, int ciphertextOffset, int aadLen, int tagLen, + long parameterBuffer, byte[] input, int inputOffset, byte[] output, int outputOffset) + throws OCKException; + + public int do_GCM_decryptFastJNI(long gcmCtx, int keyLen, + int ivLen, int ciphertextOffset, int ciphertextLen, int plainOffset, int aadLen, + int tagLen, long parameterBuffer, long inputBuffer, long outputBuffer) + throws OCKException; + + public int do_GCM_encrypt(long gcmCtx, byte[] key, int keyLen, + byte[] iv, int ivLen, byte[] input, int inOffset, int inLen, byte[] ciphertext, + int ciphertextOffset, byte[] aad, int aadLen, byte[] tag, int tagLen) + throws OCKException; + + public int do_GCM_decrypt(long gcmCtx, byte[] key, int keyLen, + byte[] iv, int ivLen, byte[] ciphertext, int cipherOffset, int cipherLen, + byte[] plaintext, int plaintextOffset, byte[] aad, int aadLen, int tagLen) + throws OCKException; + + public int do_GCM_FinalForUpdateEncrypt(long gcmCtx, + byte[] key, int keyLen, byte[] iv, int ivLen, byte[] input, int inOffset, int inLen, + byte[] ciphertext, int ciphertextOffset, byte[] aad, int aadLen, byte[] tag, int tagLen) + throws OCKException; + + public int do_GCM_FinalForUpdateDecrypt(long gcmCtx, + /* byte[] key, int keyLen, + byte[] iv, int ivLen,*/ + byte[] ciphertext, int cipherOffset, int cipherLen, byte[] plaintext, + int plaintextOffset, int plaintextlen, byte[] aad, int aadLen, int tagLen) + throws OCKException; + + public int do_GCM_UpdForUpdateEncrypt(long gcmCtx, + byte[] input, int inOffset, int inLen, byte[] ciphertext, int ciphertextOffset) + throws OCKException; + + public int do_GCM_UpdForUpdateDecrypt(long gcmCtx, + byte[] ciphertext, int cipherOffset, int cipherLen, byte[] plaintext, + int plaintextOffset) throws OCKException; + + public int do_GCM_InitForUpdateEncrypt(long gcmCtx, byte[] key, + int keyLen, byte[] iv, int ivLen, byte[] aad, int aadLen) throws OCKException; + + public int do_GCM_InitForUpdateDecrypt(long gcmCtx, byte[] key, + int keyLen, byte[] iv, int ivLen, byte[] aad, int aadLen) throws OCKException; + + + public void do_GCM_delete() throws OCKException; + + public void free_GCM_ctx(long gcmContextId) + throws OCKException; + + //public int get_GCM_TLSEnabled() throws OCKException; + + public long create_GCM_context() throws OCKException; + + // ========================================================================= + // CCM Cipher functions + // ========================================================================= + + public long do_CCM_checkHardwareCCMSupport(); + + public int do_CCM_encryptFastJNI_WithHardwareSupport(int keyLen, int ivLen, + int inOffset, int inLen, int ciphertextOffset, int aadLen, int tagLen, + long parameterBuffer, byte[] input, int inputOffset, byte[] output, int outputOffset) + throws OCKException; + + public int do_CCM_encryptFastJNI(int keyLen, int ivLen, + int inLen, int ciphertextLen, int aadLen, int tagLen, long parameterBuffer, + long inputBuffer, long outputBuffer) throws OCKException; + + public int do_CCM_decryptFastJNI_WithHardwareSupport(int keyLen, int ivLen, + int inOffset, int inLen, int ciphertextOffset, int aadLen, int tagLen, + long parameterBuffer, byte[] input, int inputOffset, byte[] output, int outputOffset) + throws OCKException; + + public int do_CCM_decryptFastJNI(int keyLen, int ivLen, + int ciphertextLen, int plaintextLen, int aadLen, int tagLen, long parameterBuffer, + long inputBuffer, long outputBuffer) throws OCKException; + + public int do_CCM_encrypt(byte[] iv, int ivLen, byte[] key, + int keyLen, byte[] aad, int aadLen, byte[] input, int inLen, byte[] ciphertext, + int ciphertextLen, int tagLen) throws OCKException; + + public int do_CCM_decrypt(byte[] iv, int ivLen, byte[] key, + int keyLen, byte[] aad, int aadLen, byte[] ciphertext, int ciphertextLength, + byte[] plaintext, int plaintextLength, int tagLen) throws OCKException; + + public void do_CCM_delete() throws OCKException; + + // ========================================================================= + // RSA cipher functions + // ========================================================================= + + public int RSACIPHER_public_encrypt(long rsaKeyId, + int rsaPaddingId, byte[] plaintext, int plaintextOffset, int plaintextLen, + byte[] ciphertext, int ciphertextOffset) throws OCKException; + + public int RSACIPHER_private_encrypt(long rsaKeyId, + int rsaPaddingId, byte[] plaintext, int plaintextOffset, int plaintextLen, + byte[] ciphertext, int ciphertextOffset, boolean convertKey) throws OCKException; + + public int RSACIPHER_public_decrypt(long rsaKeyId, + int rsaPaddingId, byte[] ciphertext, int ciphertextOffset, int ciphertextLen, + byte[] plaintext, int plaintextOffset) throws OCKException; + + public int RSACIPHER_private_decrypt(long rsaKeyId, + int rsaPaddingId, byte[] ciphertext, int ciphertextOffset, int ciphertextLen, + byte[] plaintext, int plaintextOffset, boolean convertKey) throws OCKException; + + // ========================================================================= + // DH key functions + // ========================================================================= + + public long DHKEY_generate(int numBits) throws OCKException; + + public byte[] DHKEY_generateParameters(int numBits); + + public long DHKEY_generate(byte[] dhParameters) + throws OCKException; + + public long DHKEY_createPrivateKey(byte[] privateKeyBytes) + throws OCKException; + + public long DHKEY_createPublicKey(byte[] publicKeyBytes) + throws OCKException; + + public byte[] DHKEY_getParameters(long dhKeyId); + + public byte[] DHKEY_getPrivateKeyBytes(long dhKeyId) + throws OCKException; + + public byte[] DHKEY_getPublicKeyBytes(long dhKeyId) + throws OCKException; + + public long DHKEY_createPKey(long dhKeyId) throws OCKException; + + public byte[] DHKEY_computeDHSecret(long pubKeyId, + long privKeyId) throws OCKException; + + public void DHKEY_delete(long dhKeyId) throws OCKException; + + // ========================================================================= + // RSA key functions + // ========================================================================= + + public long RSAKEY_generate(int numBits, long e) + throws OCKException; + + public long RSAKEY_createPrivateKey(byte[] privateKeyBytes) + throws OCKException; + + public long RSAKEY_createPublicKey(byte[] publicKeyBytes) + throws OCKException; + + public byte[] RSAKEY_getPrivateKeyBytes(long rsaKeyId) + throws OCKException; + + public byte[] RSAKEY_getPublicKeyBytes(long rsaKeyId) + throws OCKException; + + public long RSAKEY_createPKey(long rsaKeyId) + throws OCKException; + + public int RSAKEY_size(long rsaKeyId); + + public void RSAKEY_delete(long rsaKeyId); + + // ========================================================================= + // DSA key functions + // ========================================================================= + + public long DSAKEY_generate(int numBits) throws OCKException; + + public byte[] DSAKEY_generateParameters(int numBits); + + public long DSAKEY_generate(byte[] dsaParameters) + throws OCKException; + + public long DSAKEY_createPrivateKey(byte[] privateKeyBytes) + throws OCKException; + + public long DSAKEY_createPublicKey(byte[] publicKeyBytes) + throws OCKException; + + public byte[] DSAKEY_getParameters(long dsaKeyId); + + public byte[] DSAKEY_getPrivateKeyBytes(long dsaKeyId) + throws OCKException; + + public byte[] DSAKEY_getPublicKeyBytes(long dsaKeyId) + throws OCKException; + + public long DSAKEY_createPKey(long dsaKeyId) + throws OCKException; + + public void DSAKEY_delete(long dsaKeyId) throws OCKException; + + // ========================================================================= + // PKey functions + // ========================================================================= + + public void PKEY_delete(long pkeyId) throws OCKException; + + // ========================================================================= + // Digest functions + // ========================================================================= + + public long DIGEST_create(String digestAlgo) + throws OCKException; + + public long DIGEST_copy(long digestId) + throws OCKException; + + public int DIGEST_update(long digestId, byte[] input, + int offset, int length) throws OCKException; + + public void DIGEST_updateFastJNI(long digestId, + long inputBuffer, int length) throws OCKException; + + public byte[] DIGEST_digest(long digestId) throws OCKException; + + public void DIGEST_digest_and_reset(long digestId, + long outputBuffer, int length) throws OCKException; + + public int DIGEST_digest_and_reset(long digestId, + byte[] output) throws OCKException; + + public int DIGEST_size(long digestId) throws OCKException; + + public void DIGEST_reset(long digestId) throws OCKException; + + public void DIGEST_delete(long digestId) throws OCKException; + + // ========================================================================= + // Signature functions (with digest) + // ========================================================================= + + public byte[] SIGNATURE_sign(long digestId, long pkeyId, + boolean convert) throws OCKException; + + public boolean SIGNATURE_verify(long digestId, long pkeyId, + byte[] sigBytes) throws OCKException; + + public byte[] SIGNATUREEdDSA_signOneShot(long pkeyId, + byte[] bytes) throws OCKException; + + public boolean SIGNATUREEdDSA_verifyOneShot(long pkeyId, + byte[] sigBytes, byte[] oneShot) throws OCKException; + + // ========================================================================= + // RSAPSSSignature functions + // ========================================================================= + + public int RSAPSS_signInit(long rsaPssId, long pkeyId, + int saltlen, boolean convert) throws OCKException; + + public int RSAPSS_verifyInit(long rsaPssId, long pkeyId, + int saltlen) throws OCKException; + + public int RSAPSS_getSigLen(long rsaPssId); + + public void RSAPSS_signFinal(long rsaPssId, byte[] signature, + int length) throws OCKException; + + public boolean RSAPSS_verifyFinal(long rsaPssId, + byte[] sigBytes, int length) throws OCKException; + + public long RSAPSS_createContext(String digestAlgo, + String mgf1SpecAlgo) throws OCKException; + + public void RSAPSS_releaseContext(long rsaPssId) + throws OCKException; + + public void RSAPSS_digestUpdate(long rsaPssId, byte[] input, + int offset, int length) throws OCKException; + + public void RSAPSS_reset(long digestId) throws OCKException; + + public void RSAPSS_resetDigest(long rsaPssId) + throws OCKException; + + // ========================================================================= + // DSA Signature functions (pre-hashed data) + // ========================================================================= + + public byte[] DSANONE_SIGNATURE_sign(byte[] digest, + long dsaKeyId) throws OCKException; + + public boolean DSANONE_SIGNATURE_verify(byte[] digest, + long dsaKeyId, byte[] sigBytes) throws OCKException; + + // ========================================================================= + // RSASSL Signature functions (pre-hashed data) + // ========================================================================= + + public byte[] RSASSL_SIGNATURE_sign(byte[] digest, + long rsaKeyId) throws OCKException; + + public boolean RSASSL_SIGNATURE_verify(byte[] digest, + long rsaKeyId, byte[] sigBytes, boolean convert) throws OCKException; + + // ========================================================================= + // HMAC functions + // ========================================================================= + + public long HMAC_create(String digestAlgo) throws OCKException; + + public int HMAC_update(long hmacId, byte[] key, int keyLength, + byte[] input, int inputOffset, int inputLength, boolean needInit) throws OCKException; + + public int HMAC_doFinal(long hmacId, byte[] key, int keyLength, + byte[] hmac, boolean needInit) throws OCKException; + + public int HMAC_size(long hmacId) throws OCKException; + + public void HMAC_delete(long hmacId) throws OCKException; + + // ========================================================================= + // EC key functions + // ========================================================================= + + public long ECKEY_generate(int numBits) throws OCKException; + + public long ECKEY_generate(String curveOid) + throws OCKException; + + public long XECKEY_generate(int option, long bufferPtr) + throws OCKException; + + public byte[] ECKEY_generateParameters(int numBits) + throws OCKException; + + public byte[] ECKEY_generateParameters(String curveOid) + throws OCKException; + + public long ECKEY_generate(byte[] ecParameters) + throws OCKException; + + public long ECKEY_createPrivateKey(byte[] privateKeyBytes) + throws OCKException; + + public long XECKEY_createPrivateKey(byte[] privateKeyBytes, + long bufferPtr) throws OCKException; + + public long ECKEY_createPublicKey(byte[] publicKeyBytes, + byte[] parameterBytes) throws OCKException; + + public long XECKEY_createPublicKey(byte[] publicKeyBytes) + throws OCKException; + + public byte[] ECKEY_getParameters(long ecKeyId); + + public byte[] ECKEY_getPrivateKeyBytes(long ecKeyId) + throws OCKException; + + public byte[] XECKEY_getPrivateKeyBytes(long xecKeyId) + throws OCKException; + + public byte[] ECKEY_getPublicKeyBytes(long ecKeyId) + throws OCKException; + + public byte[] XECKEY_getPublicKeyBytes(long xecKeyId) + throws OCKException; + + public long ECKEY_createPKey(long ecKeyId) throws OCKException; + + public void ECKEY_delete(long ecKeyId) throws OCKException; + + public void XECKEY_delete(long xecKeyId) throws OCKException; + + public long XDHKeyAgreement_init(long privId); + + public void XDHKeyAgreement_setPeer(long genCtx, long pubId); + + public byte[] ECKEY_computeECDHSecret(long pubEcKeyId, + long privEcKeyId) throws OCKException; + + public byte[] XECKEY_computeECDHSecret(long genCtx, + long pubEcKeyId, long privEcKeyId, int secrectBufferSize) throws OCKException; + + + public byte[] ECKEY_signDatawithECDSA(byte[] digestBytes, + int digestBytesLen, long ecPrivateKeyId) throws OCKException; + + public boolean ECKEY_verifyDatawithECDSA(byte[] digestBytes, + int digestBytesLen, byte[] sigBytes, int sigBytesLen, long ecPublicKeyId) + throws OCKException; + + + // ========================================================================= + // HKDF functions + // ========================================================================= + + public long HKDF_create(String digestAlgo) throws OCKException; + + public byte[] HKDF_extract(long hkdfId, byte[] saltBytes, + long saltLen, byte[] inKey, long inKeyLen) throws OCKException; + + public byte[] HKDF_expand(long hkdfId, byte[] prkBytes, + long prkBytesLen, byte[] info, long infoLen, long okmLen) throws OCKException; + + public byte[] HKDF_derive(long hkdfId, byte[] saltBytes, + long saltLen, byte[] inKey, long inKeyLen, byte[] info, long infoLen, long okmLen) + throws OCKException; + + public void HKDF_delete(long hkdfId) throws OCKException; + + public int HKDF_size(long hkdfId) throws OCKException; + + // ========================================================================= + // Password based key derivation functions ( PBKDF ) + // ========================================================================= + + public byte[] PBKDF2_derive(String hashAlgorithm, byte[] password, byte[] salt, + int iterations, int keyLength) throws OCKException; + + // ========================================================================= + // ML-KEY key functions + // ========================================================================= + + public long MLKEY_generate(String cipherName) + throws OCKException; + + public long MLKEY_createPrivateKey(String cipherName, byte[] privateKeyBytes) + throws OCKException; + + public long MLKEY_createPublicKey(String cipherName, byte[] publicKeyBytes) + throws OCKException; + + public byte[] MLKEY_getPrivateKeyBytes(long mlkeyId) + throws OCKException; + + public byte[] MLKEY_getPublicKeyBytes(long mlkeyId) + throws OCKException; + + public void MLKEY_delete(long mlkeyId); + + // ========================================================================= + // Key Encapsulation functions + // ========================================================================= + public void KEM_encapsulate(long ockPKeyId, byte[] wrappedKey, byte[] randomKey) + throws OCKException; + + public byte[] KEM_decapsulate(long ockPKeyId, byte[] wrappedKey) + throws OCKException; + + // ========================================================================= + // PQC Signture functions - for use with ML-DSA and ML-SLH + // ========================================================================= + public byte[] PQC_SIGNATURE_sign(long ockPKeyId, byte[] data) + throws OCKException; + + public boolean PQC_SIGNATURE_verify(long ockPKeyId, byte[] sigBytes, byte[] data) + throws OCKException; +} diff --git a/src/main/java/com/ibm/crypto/plus/provider/base/NativeInterfaceFactory.java b/src/main/java/com/ibm/crypto/plus/provider/base/NativeInterfaceFactory.java new file mode 100644 index 000000000..325c993e2 --- /dev/null +++ b/src/main/java/com/ibm/crypto/plus/provider/base/NativeInterfaceFactory.java @@ -0,0 +1,18 @@ +/* + * Copyright IBM Corp. 2025 + * + * This code is free software; you can redistribute it and/or modify it + * under the terms provided by IBM in the LICENSE file that accompanied + * this code, including the "Classpath" Exception described therein. + */ + +package com.ibm.crypto.plus.provider.base; + +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapterFIPS; +import com.ibm.crypto.plus.provider.ock.NativeOCKAdapterNonFIPS; + +public class NativeInterfaceFactory { + public static NativeInterface getImpl(boolean isFIPS) { + return isFIPS ? NativeOCKAdapterFIPS.getInstance() : NativeOCKAdapterNonFIPS.getInstance(); + } +} diff --git a/src/main/java/com/ibm/crypto/plus/provider/base/OCKContext.java b/src/main/java/com/ibm/crypto/plus/provider/base/OCKContext.java new file mode 100644 index 000000000..d4f4810f6 --- /dev/null +++ b/src/main/java/com/ibm/crypto/plus/provider/base/OCKContext.java @@ -0,0 +1,35 @@ +/* + * Copyright IBM Corp. 2023 + * + * This code is free software; you can redistribute it and/or modify it + * under the terms provided by IBM in the LICENSE file that accompanied + * this code, including the "Classpath" Exception described therein. + */ + +package com.ibm.crypto.plus.provider.base; + +public final class OCKContext { + private long ockContextId; + private boolean isFIPS; + + public static OCKContext createContext(long ockContextId, boolean isFIPS) throws OCKException { + return new OCKContext(ockContextId, isFIPS); + } + + private OCKContext(long ockContextId, boolean isFIPS) throws OCKException { + this.isFIPS = isFIPS; + this.ockContextId = ockContextId; + } + + public long getId() { + return ockContextId; + } + + public boolean isFIPS() { + return isFIPS; + } + + public String toString() { + return "OCKContext [isFIPS=" + isFIPS + ", id=" + ockContextId + "]"; + } +} diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/OCKDebug.java b/src/main/java/com/ibm/crypto/plus/provider/base/OCKDebug.java similarity index 98% rename from src/main/java/com/ibm/crypto/plus/provider/ock/OCKDebug.java rename to src/main/java/com/ibm/crypto/plus/provider/base/OCKDebug.java index d4c1ae079..ad7553025 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/OCKDebug.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/OCKDebug.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; public class OCKDebug { /** diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/OCKException.java b/src/main/java/com/ibm/crypto/plus/provider/base/OCKException.java similarity index 97% rename from src/main/java/com/ibm/crypto/plus/provider/ock/OCKException.java rename to src/main/java/com/ibm/crypto/plus/provider/base/OCKException.java index 165c3a265..45199c410 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/OCKException.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/OCKException.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.Hashtable; import java.util.Map; diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/OJPKEM.java b/src/main/java/com/ibm/crypto/plus/provider/base/OJPKEM.java similarity index 50% rename from src/main/java/com/ibm/crypto/plus/provider/ock/OJPKEM.java rename to src/main/java/com/ibm/crypto/plus/provider/base/OJPKEM.java index 54f163c97..f12aed643 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/OJPKEM.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/OJPKEM.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; public final class OJPKEM { /* @@ -14,16 +14,16 @@ public final class OJPKEM { * Key Encapsulation interface to OCK. */ - public static void KEM_encapsulate(OCKContext ockContext, long ockPKeyId, byte[] encapsulatedKey, + public static void KEM_encapsulate(boolean isFIPS, long ockPKeyId, byte[] encapsulatedKey, byte[] keyMaterial) throws OCKException { - NativeInterface.KEM_encapsulate(ockContext.getId(), ockPKeyId, encapsulatedKey, keyMaterial); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + nativeImpl.KEM_encapsulate(ockPKeyId, encapsulatedKey, keyMaterial); } - public static byte[] KEM_decapsulate(OCKContext ockContext, long ockPKeyId, byte[] encapsulatedKey) + public static byte[] KEM_decapsulate(boolean isFIPS, long ockPKeyId, byte[] encapsulatedKey) throws OCKException { - byte[] keyMaterial = - NativeInterface.KEM_decapsulate(ockContext.getId(), ockPKeyId, encapsulatedKey); - + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + byte[] keyMaterial = nativeImpl.KEM_decapsulate(ockPKeyId, encapsulatedKey); return keyMaterial; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/PBKDF.java b/src/main/java/com/ibm/crypto/plus/provider/base/PBKDF.java similarity index 89% rename from src/main/java/com/ibm/crypto/plus/provider/ock/PBKDF.java rename to src/main/java/com/ibm/crypto/plus/provider/base/PBKDF.java index dd19d7730..28aa00ba3 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/PBKDF.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/PBKDF.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; /** * Provides native implementations for password based key derivation related functions. @@ -26,7 +26,7 @@ public final class PBKDF { * @return An array of bytes representing the key that was derived. * @throws OCKException If input parameters are incorrect or an error occurs in OCKC deriving the key. */ - public static byte[] PBKDF2derive(OCKContext ockContext, String algorithmName, + public static byte[] PBKDF2derive(boolean isFIPS, String algorithmName, final byte[] password, byte[] salt, int iterations, int keyLength) throws OCKException { if ((!algorithmName.equalsIgnoreCase("HmacSHA512/224")) @@ -45,10 +45,6 @@ public static byte[] PBKDF2derive(OCKContext ockContext, String algorithmName, throw new OCKException("Key length is less then or equal to 0"); } - if (ockContext == null) { - throw new OCKException("Context is null"); - } - if (algorithmName == null || algorithmName.isEmpty()) { throw new OCKException("Hash algorithm is null or empty"); } @@ -65,7 +61,8 @@ public static byte[] PBKDF2derive(OCKContext ockContext, String algorithmName, throw new OCKException("Iterations is less then or equal to 0"); } - byte[] key = NativeInterface.PBKDF2_derive(ockContext.getId(), algorithmHashName, password, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + byte[] key = nativeImpl.PBKDF2_derive(algorithmHashName, password, salt, iterations, keyLength); if (null == key) { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/PQCKey.java b/src/main/java/com/ibm/crypto/plus/provider/base/PQCKey.java similarity index 71% rename from src/main/java/com/ibm/crypto/plus/provider/ock/PQCKey.java rename to src/main/java/com/ibm/crypto/plus/provider/base/PQCKey.java index cb89e4c22..dd47406da 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/PQCKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/PQCKey.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.Arrays; @@ -17,73 +17,67 @@ public final class PQCKey implements AsymmetricKey { // static final byte[] unobtainedKeyBytes = new byte[0]; - private OCKContext ockContext; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long pkeyId; - private String algName; + private String algName; private byte[] privateKeyBytes; private byte[] publicKeyBytes; private final static String badIdMsg = "Key Identifier is not valid"; - public static PQCKey generateKeyPair(OCKContext ockContext, String algName) + public static PQCKey generateKeyPair(boolean isFIPS, String algName) throws OCKException { long keyId = 0; // final String methodName = "generateKeyPair "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } try { String NoDashAlg = algName.replace('-', '_'); - keyId = NativeInterface.MLKEY_generate(ockContext.getId(), NoDashAlg); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + keyId = nativeImpl.MLKEY_generate(NoDashAlg); - if (keyId == 0) { + if (keyId == 0) { throw new OCKException("PQCKey.generateKeyPair: MLKEY_generate failed"); - } + } } catch (Exception e) { throw new OCKException("PQCKey.generateKeyPair: Exception " + e.getMessage(), e); } - return new PQCKey(ockContext, keyId, unobtainedKeyBytes, unobtainedKeyBytes, algName); + return new PQCKey(isFIPS, keyId, unobtainedKeyBytes, unobtainedKeyBytes, algName); } - public static PQCKey createPrivateKey(OCKContext ockContext, String algName, byte[] privateKeyBytes) + public static PQCKey createPrivateKey(boolean isFIPS, String algName, byte[] privateKeyBytes) throws OCKException { // final String methodName = "createPrivateKey "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (privateKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } long keyId = 0; String NoDashAlg = algName.replace('-', '_'); - keyId = NativeInterface.MLKEY_createPrivateKey(ockContext.getId(), NoDashAlg, - privateKeyBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + keyId = nativeImpl.MLKEY_createPrivateKey( NoDashAlg, privateKeyBytes); - return new PQCKey(ockContext, keyId, privateKeyBytes.clone(), null, algName); + return new PQCKey(isFIPS, keyId, privateKeyBytes.clone(), null, algName); } - public static PQCKey createPublicKey(OCKContext ockContext, String algName, byte[] publicKeyBytes) + public static PQCKey createPublicKey(boolean isFIPS, String algName, byte[] publicKeyBytes) throws OCKException { // final String methodName = "createPublicKey "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (publicKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } long keyId = 0; String NoDashAlg = algName.replace('-', '_'); - keyId = NativeInterface.MLKEY_createPublicKey(ockContext.getId(), NoDashAlg, - publicKeyBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + keyId = nativeImpl.MLKEY_createPublicKey(NoDashAlg, publicKeyBytes); // OCKDebug.Msg (debPrefix, methodName, "mlkemKeyId :" + mlkemKeyId); - return new PQCKey(ockContext, keyId, null, publicKeyBytes.clone(), algName); + return new PQCKey(isFIPS, keyId, null, publicKeyBytes.clone(), algName); } - private PQCKey(OCKContext ockContext, long keyId, byte[] privateKeyBytes, + private PQCKey(boolean isFIPS, long keyId, byte[] privateKeyBytes, byte[] publicKeyBytes, String algName) throws OCKException { - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); this.pkeyId = keyId; this.algName = algName; @@ -92,14 +86,12 @@ private PQCKey(OCKContext ockContext, long keyId, byte[] privateKeyBytes, } if (privateKeyBytes == unobtainedKeyBytes) { - this.privateKeyBytes = NativeInterface.MLKEY_getPrivateKeyBytes(ockContext.getId(), - keyId); + this.privateKeyBytes = nativeImpl.MLKEY_getPrivateKeyBytes(keyId); } else { this.privateKeyBytes = privateKeyBytes; } if (publicKeyBytes == unobtainedKeyBytes) { - this.publicKeyBytes = NativeInterface.MLKEY_getPublicKeyBytes(ockContext.getId(), - keyId); + this.publicKeyBytes = nativeImpl.MLKEY_getPublicKeyBytes(keyId); } else { this.publicKeyBytes = publicKeyBytes; } @@ -144,8 +136,7 @@ private synchronized void obtainPrivateKeyBytes() throws OCKException { } System.out.println("getPrivKeyBytes - pkeyId :" + pkeyId); - this.privateKeyBytes = NativeInterface.MLKEY_getPrivateKeyBytes(ockContext.getId(), - pkeyId); + this.privateKeyBytes = nativeImpl.MLKEY_getPrivateKeyBytes(pkeyId); } } @@ -158,8 +149,7 @@ private synchronized void obtainPublicKeyBytes() throws OCKException { if (!validId(pkeyId)) { throw new OCKException(badIdMsg); } - this.publicKeyBytes = NativeInterface.MLKEY_getPublicKeyBytes(ockContext.getId(), - pkeyId); + this.publicKeyBytes = nativeImpl.MLKEY_getPublicKeyBytes(pkeyId); } } @@ -174,7 +164,7 @@ protected synchronized void finalize() throws Throwable { } if (pkeyId != 0) { - NativeInterface.MLKEY_delete(ockContext.getId(), pkeyId); + nativeImpl.MLKEY_delete(pkeyId); pkeyId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/PQCSignature.java b/src/main/java/com/ibm/crypto/plus/provider/base/PQCSignature.java similarity index 76% rename from src/main/java/com/ibm/crypto/plus/provider/ock/PQCSignature.java rename to src/main/java/com/ibm/crypto/plus/provider/base/PQCSignature.java index b84e71511..d8049740f 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/PQCSignature.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/PQCSignature.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.security.InvalidKeyException; @@ -21,23 +21,21 @@ */ public final class PQCSignature { - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private AsymmetricKey key = null; private boolean initialized = false; - public static PQCSignature getInstance(OCKContext ockContext) + public static PQCSignature getInstance(boolean isFIPS) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("Context is null"); - } - return new PQCSignature(ockContext); + return new PQCSignature(isFIPS); } - private PQCSignature(OCKContext ockContext) throws OCKException { + private PQCSignature(boolean isFIPS) throws OCKException { //final String methodName = "Signature(String)"; - this.ockContext = ockContext; - //OCKDebug.Msg (debPrefix, methodName, "digestAlgo :" + digestAlgo); + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); } public void initialize(AsymmetricKey key) @@ -70,8 +68,7 @@ public synchronized byte[] sign(byte[] data) throws OCKException { throw new OCKException("No data to sign."); } - signature = NativeInterface.PQC_SIGNATURE_sign(this.ockContext.getId(), - this.key.getPKeyId(), data); + signature = nativeImpl.PQC_SIGNATURE_sign(this.key.getPKeyId(), data); //OCKDebug.Msg (debPrefix, "sign", "signature :" + signature); return signature; @@ -88,8 +85,7 @@ public synchronized boolean verify(byte[] sigBytes, byte[] data) throws OCKExcep } boolean verified = false; - verified = NativeInterface.PQC_SIGNATURE_verify(this.ockContext.getId(), - this.key.getPKeyId(), sigBytes, data); + verified = nativeImpl.PQC_SIGNATURE_verify(this.key.getPKeyId(), sigBytes, data); return verified; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/Padding.java b/src/main/java/com/ibm/crypto/plus/provider/base/Padding.java similarity index 95% rename from src/main/java/com/ibm/crypto/plus/provider/ock/Padding.java rename to src/main/java/com/ibm/crypto/plus/provider/base/Padding.java index c4c539677..fa1582af4 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/Padding.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/Padding.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; public final class Padding { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/Poly1305Cipher.java b/src/main/java/com/ibm/crypto/plus/provider/base/Poly1305Cipher.java similarity index 89% rename from src/main/java/com/ibm/crypto/plus/provider/ock/Poly1305Cipher.java rename to src/main/java/com/ibm/crypto/plus/provider/base/Poly1305Cipher.java index 931000251..e554d0787 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/Poly1305Cipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/Poly1305Cipher.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import com.ibm.crypto.plus.provider.Poly1305Constants; import java.io.ByteArrayOutputStream; @@ -17,7 +17,8 @@ public final class Poly1305Cipher implements Poly1305Constants { - private OCKContext ockContext; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long ockCipherId; private boolean isInitialized = false; private boolean encrypting = true; @@ -33,13 +34,8 @@ public final class Poly1305Cipher implements Poly1305Constants { private final static String badIdMsg = "Cipher Identifier is not valid"; - public static Poly1305Cipher getInstance(OCKContext ockContext, String cipherName, + public static Poly1305Cipher getInstance(boolean isFIPS, String cipherName, Padding padding) throws OCKException { - - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - if (cipherName == null || cipherName.isEmpty()) { throw new IllegalArgumentException("cipherName is null/empty"); } @@ -48,13 +44,14 @@ public static Poly1305Cipher getInstance(OCKContext ockContext, String cipherNam throw new IllegalArgumentException("padding is null"); } - return new Poly1305Cipher(ockContext, cipherName, padding); + return new Poly1305Cipher(isFIPS, cipherName, padding); } - private Poly1305Cipher(OCKContext ockContext, String cipherName, Padding padding) + private Poly1305Cipher(boolean isFIPS, String cipherName, Padding padding) throws OCKException { - this.ockContext = ockContext; - this.ockCipherId = NativeInterface.POLY1305CIPHER_create(ockContext.getId(), cipherName); + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); + this.ockCipherId = this.nativeImpl.POLY1305CIPHER_create(cipherName); this.padding = padding; } @@ -83,9 +80,8 @@ private void initCipher(boolean isEncrypt, byte[] key, byte[] iv) throws OCKExce if (ockCipherId == 0L) { throw new OCKException(badIdMsg); } - NativeInterface.POLY1305CIPHER_init(ockContext.getId(), ockCipherId, isEncrypt ? 1 : 0, key, - iv); - NativeInterface.POLY1305CIPHER_setPadding(ockContext.getId(), ockCipherId, padding.getId()); + this.nativeImpl.POLY1305CIPHER_init(ockCipherId, isEncrypt ? 1 : 0, key, iv); + this.nativeImpl.POLY1305CIPHER_setPadding(ockCipherId, padding.getId()); this.encrypting = isEncrypt ? true : false; this.bufferedCount = 0; @@ -124,8 +120,7 @@ public synchronized int getBlockSize() throws OCKException { if (ockCipherId == 0L) { throw new OCKException(badIdMsg); } - blockSize = NativeInterface.POLY1305CIPHER_getBlockSize(ockContext.getId(), - ockCipherId); + blockSize = this.nativeImpl.POLY1305CIPHER_getBlockSize(ockCipherId); } return blockSize; @@ -136,8 +131,7 @@ public synchronized int getKeyLength() throws OCKException { if (ockCipherId == 0L) { throw new OCKException(badIdMsg); } - keyLength = NativeInterface.POLY1305CIPHER_getKeyLength(ockContext.getId(), - ockCipherId); + keyLength = this.nativeImpl.POLY1305CIPHER_getKeyLength(ockCipherId); } return keyLength; @@ -148,7 +142,7 @@ public synchronized int getIVLength() throws OCKException { if (ockCipherId == 0L) { throw new OCKException(badIdMsg); } - ivLength = NativeInterface.POLY1305CIPHER_getIVLength(ockContext.getId(), ockCipherId); + ivLength = this.nativeImpl.POLY1305CIPHER_getIVLength(ockCipherId); } return ivLength; @@ -218,16 +212,16 @@ public synchronized int update(byte[] input, int inputOffset, int inputLen, byte throw new OCKException(badIdMsg); } if (encrypting) { - outLen = NativeInterface.POLY1305CIPHER_encryptUpdate(ockContext.getId(), + outLen = this.nativeImpl.POLY1305CIPHER_encryptUpdate( ockCipherId, input, inputOffset, inputLen, output, outputOffset); } else { if (null != output) { //NOT updateAAD call byte[] delayedInput = getDelayedInput(input, inputOffset, inputLen); - outLen = NativeInterface.POLY1305CIPHER_decryptUpdate(ockContext.getId(), + outLen = this.nativeImpl.POLY1305CIPHER_decryptUpdate( ockCipherId, delayedInput, 0, delayedInput.length, output, outputOffset); } else { - outLen = NativeInterface.POLY1305CIPHER_decryptUpdate(ockContext.getId(), + outLen = this.nativeImpl.POLY1305CIPHER_decryptUpdate( ockCipherId, input, inputOffset, inputLen, output, outputOffset); } } @@ -336,7 +330,7 @@ public synchronized int doFinal(byte[] input, int inputOffset, int inputLen, byt } if (encrypting) { // Cipher text length is same as plain text length... - outLen = NativeInterface.POLY1305CIPHER_encryptFinal(ockContext.getId(), + outLen = this.nativeImpl.POLY1305CIPHER_encryptFinal( ockCipherId, input, inputOffset, inputLen, output, outputOffset, tag); // Append tag to output... System.arraycopy(tag, 0, output, outLen + outputOffset, Poly1305_TAG_SIZE); @@ -350,11 +344,12 @@ public synchronized int doFinal(byte[] input, int inputOffset, int inputLen, byt System.arraycopy(input, 0, cipherText, 0, cipherTextLen); } // Output length is equal to total cipher text length including buffered text... - outLen = NativeInterface.POLY1305CIPHER_decryptFinal(ockContext.getId(), + outLen = this.nativeImpl.POLY1305CIPHER_decryptFinal( ockCipherId, cipherText, inputOffset, cipherTextLen, output, outputOffset, tag); } } catch (OCKException e) { + System.err.println("POLY1305CIPHER_decryptFinal error: " + OCKException.errorMessage(e.getCode())); if (e.getCode() == OCKException.GKR_DECRYPT_FINAL_BAD_PADDING_ERROR) { throw new BadPaddingException("Unexpected padding"); } else { @@ -378,7 +373,7 @@ public synchronized int doFinal(byte[] input, int inputOffset, int inputLen, byt protected synchronized void finalize() throws Throwable { try { if (ockCipherId != 0) { - NativeInterface.POLY1305CIPHER_delete(ockContext.getId(), ockCipherId); + this.nativeImpl.POLY1305CIPHER_delete(ockCipherId); ockCipherId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/RSACipher.java b/src/main/java/com/ibm/crypto/plus/provider/base/RSACipher.java similarity index 90% rename from src/main/java/com/ibm/crypto/plus/provider/ock/RSACipher.java rename to src/main/java/com/ibm/crypto/plus/provider/base/RSACipher.java index a2043ad6b..5bac52b8b 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/RSACipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/RSACipher.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.security.InvalidKeyException; import javax.crypto.BadPaddingException; @@ -39,21 +39,20 @@ Use ICC_RSA_PRivateKey_dup() to clone keys where this may be a problem. public final class RSACipher { - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private RSAKey rsaKey = null; private final String badIdMsg = "RSA Key Identifier is not valid"; private boolean convertKey = false; //Used to convert RSA Plain keys // private final String debPrefix = "RSACipher"; /* Adding DEBUG messes up encrypt/decrypt cases */ - public static RSACipher getInstance(OCKContext ockContext) { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - return new RSACipher(ockContext); + public static RSACipher getInstance(boolean isFIPS) { + return new RSACipher(isFIPS); } - private RSACipher(OCKContext ockContext) { - this.ockContext = ockContext; + private RSACipher(boolean isFIPS) { + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); } public void initialize(RSAKey key, boolean plainRSAKey) @@ -83,7 +82,7 @@ public synchronized int publicEncrypt(RSAPadding padding, byte[] input, int inOf if (!validId(this.rsaKey.getRSAKeyId())) { throw new OCKException(badIdMsg); } - return checkOutLen(NativeInterface.RSACIPHER_public_encrypt(this.ockContext.getId(), + return checkOutLen(this.nativeImpl.RSACIPHER_public_encrypt( this.rsaKey.getRSAKeyId(), padding.getId(), input, inOffset, inLen, output, outOffset)); } @@ -99,7 +98,7 @@ public synchronized int privateEncrypt(RSAPadding padding, byte[] input, int inO if (!validId(this.rsaKey.getRSAKeyId())) { throw new OCKException(badIdMsg); } - return checkOutLen(NativeInterface.RSACIPHER_private_encrypt(this.ockContext.getId(), + return checkOutLen(this.nativeImpl.RSACIPHER_private_encrypt( this.rsaKey.getRSAKeyId(), padding.getId(), input, inOffset, inLen, output, outOffset, convertKey)); } @@ -119,7 +118,7 @@ public synchronized int publicDecrypt(RSAPadding padding, byte[] input, int inOf if (!validId(this.rsaKey.getRSAKeyId())) { throw new OCKException(badIdMsg); } - return checkOutLen(NativeInterface.RSACIPHER_public_decrypt(this.ockContext.getId(), + return checkOutLen(this.nativeImpl.RSACIPHER_public_decrypt( this.rsaKey.getRSAKeyId(), padding.getId(), input, inOffset, inLen, output, outOffset)); } @@ -139,7 +138,7 @@ public synchronized int privateDecrypt(RSAPadding padding, byte[] input, int inO if (!validId(this.rsaKey.getRSAKeyId())) { throw new OCKException(badIdMsg); } - return checkOutLen(NativeInterface.RSACIPHER_private_decrypt(this.ockContext.getId(), + return checkOutLen(this.nativeImpl.RSACIPHER_private_decrypt( this.rsaKey.getRSAKeyId(), padding.getId(), input, inOffset, inLen, output, outOffset, convertKey)); } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/RSAKey.java b/src/main/java/com/ibm/crypto/plus/provider/base/RSAKey.java similarity index 75% rename from src/main/java/com/ibm/crypto/plus/provider/ock/RSAKey.java rename to src/main/java/com/ibm/crypto/plus/provider/base/RSAKey.java index cff3cec0d..25417ca2f 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/RSAKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/RSAKey.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.math.BigInteger; import java.util.Arrays; @@ -18,7 +18,8 @@ public final class RSAKey implements AsymmetricKey { // static final byte[] unobtainedKeyBytes = new byte[0]; - private OCKContext ockContext; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long rsaKeyId; private long pkeyId; private byte[] privateKeyBytes; @@ -27,58 +28,50 @@ public final class RSAKey implements AsymmetricKey { private final static String badIdMsg = "RSA Key Identifier is not valid"; private final static String debPrefix = "RSAKey"; - public static RSAKey generateKeyPair(OCKContext ockContext, int numBits, BigInteger e) + public static RSAKey generateKeyPair(boolean isFIPS, int numBits, BigInteger e) throws OCKException { //final String methodName = "generateKeyPair "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } if (numBits < 0) { throw new IllegalArgumentException("key length is invalid"); } - long rsaKeyId = NativeInterface.RSAKEY_generate(ockContext.getId(), numBits, e.longValue()); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long rsaKeyId = nativeImpl.RSAKEY_generate(numBits, e.longValue()); //OCKDebug.Msg (debPrefix, methodName, "numBits=" + numBits + " rsaKeyId=" + rsaKeyId); - return new RSAKey(ockContext, rsaKeyId, unobtainedKeyBytes, unobtainedKeyBytes); + return new RSAKey(isFIPS, rsaKeyId, unobtainedKeyBytes, unobtainedKeyBytes); } - public static RSAKey createPrivateKey(OCKContext ockContext, byte[] privateKeyBytes) + public static RSAKey createPrivateKey(boolean isFIPS, byte[] privateKeyBytes) throws OCKException { //final String methodName = "createPrivateKey "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - if (privateKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } - long rsaKeyId = NativeInterface.RSAKEY_createPrivateKey(ockContext.getId(), - privateKeyBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long rsaKeyId = nativeImpl.RSAKEY_createPrivateKey(privateKeyBytes); //OCKDebug.Msg (debPrefix, methodName, "rsaKeyId :" + rsaKeyId); - return new RSAKey(ockContext, rsaKeyId, privateKeyBytes.clone(), null); + return new RSAKey(isFIPS, rsaKeyId, privateKeyBytes.clone(), null); } - public static RSAKey createPublicKey(OCKContext ockContext, byte[] publicKeyBytes) + public static RSAKey createPublicKey(boolean isFIPS, byte[] publicKeyBytes) throws OCKException { //final String methodName = "createPublicKey "; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - if (publicKeyBytes == null) { throw new IllegalArgumentException("key bytes is null"); } - long rsaKeyId = NativeInterface.RSAKEY_createPublicKey(ockContext.getId(), publicKeyBytes); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long rsaKeyId = nativeImpl.RSAKEY_createPublicKey(publicKeyBytes); //OCKDebug.Msg (debPrefix, methodName, "rsaKeyId :" + rsaKeyId); - return new RSAKey(ockContext, rsaKeyId, null, publicKeyBytes.clone()); + return new RSAKey(isFIPS, rsaKeyId, null, publicKeyBytes.clone()); } - private RSAKey(OCKContext ockContext, long rsaKeyId, byte[] privateKeyBytes, + private RSAKey(boolean isFIPS, long rsaKeyId, byte[] privateKeyBytes, byte[] publicKeyBytes) { - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); this.rsaKeyId = rsaKeyId; this.pkeyId = 0; this.privateKeyBytes = privateKeyBytes; @@ -143,7 +136,7 @@ private synchronized void obtainPKeyId() throws OCKException { if (!validId(rsaKeyId)) { throw new OCKException(badIdMsg); } - this.pkeyId = NativeInterface.RSAKEY_createPKey(ockContext.getId(), rsaKeyId); + this.pkeyId = this.nativeImpl.RSAKEY_createPKey(rsaKeyId); } } @@ -156,8 +149,7 @@ private synchronized void obtainPrivateKeyBytes() throws OCKException { if (!validId(rsaKeyId)) { throw new OCKException(badIdMsg); } - this.privateKeyBytes = NativeInterface.RSAKEY_getPrivateKeyBytes(ockContext.getId(), - rsaKeyId); + this.privateKeyBytes = this.nativeImpl.RSAKEY_getPrivateKeyBytes(rsaKeyId); } } @@ -170,8 +162,7 @@ private synchronized void obtainPublicKeyBytes() throws OCKException { if (!validId(rsaKeyId)) { throw new OCKException(badIdMsg); } - this.publicKeyBytes = NativeInterface.RSAKEY_getPublicKeyBytes(ockContext.getId(), - rsaKeyId); + this.publicKeyBytes = this.nativeImpl.RSAKEY_getPublicKeyBytes(rsaKeyId); } } @@ -184,7 +175,7 @@ private synchronized void obtainKeySize() throws OCKException { if (!validId(rsaKeyId)) { throw new OCKException(badIdMsg); } - this.keySize = NativeInterface.RSAKEY_size(ockContext.getId(), rsaKeyId); + this.keySize = this.nativeImpl.RSAKEY_size(rsaKeyId); } } @@ -198,12 +189,12 @@ protected synchronized void finalize() throws Throwable { } if (rsaKeyId != 0) { - NativeInterface.RSAKEY_delete(ockContext.getId(), rsaKeyId); + this.nativeImpl.RSAKEY_delete(rsaKeyId); rsaKeyId = 0; } if (pkeyId != 0) { - NativeInterface.PKEY_delete(ockContext.getId(), pkeyId); + this.nativeImpl.PKEY_delete(pkeyId); pkeyId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/RSAPadding.java b/src/main/java/com/ibm/crypto/plus/provider/base/RSAPadding.java similarity index 96% rename from src/main/java/com/ibm/crypto/plus/provider/ock/RSAPadding.java rename to src/main/java/com/ibm/crypto/plus/provider/base/RSAPadding.java index 9197dad25..08b12c067 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/RSAPadding.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/RSAPadding.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; public final class RSAPadding { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/Signature.java b/src/main/java/com/ibm/crypto/plus/provider/base/Signature.java similarity index 84% rename from src/main/java/com/ibm/crypto/plus/provider/ock/Signature.java rename to src/main/java/com/ibm/crypto/plus/provider/base/Signature.java index ca5a1b595..0ba7b1160 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/Signature.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/Signature.java @@ -6,13 +6,14 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.security.InvalidKeyException; public final class Signature { - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private Digest digest = null; private AsymmetricKey key = null; private boolean initialized = false; @@ -20,19 +21,17 @@ public final class Signature { private final String badIdMsg = "Digest Identifier or PKey Identifier is not valid"; private final static String debPrefix = "SIGNATURE"; - public static Signature getInstance(OCKContext ockContext, String digestAlgo) + public static Signature getInstance(boolean isFIPS, String digestAlgo) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - return new Signature(ockContext, digestAlgo); + return new Signature(isFIPS, digestAlgo); } - private Signature(OCKContext ockContext, String digestAlgo) throws OCKException { + private Signature(boolean isFIPS, String digestAlgo) throws OCKException { //final String methodName = "Signature(String)"; - this.ockContext = ockContext; - this.digest = Digest.getInstance(ockContext, digestAlgo); + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); + this.digest = Digest.getInstance(isFIPS, digestAlgo); //OCKDebug.Msg (debPrefix, methodName, "digestAlgo :" + digestAlgo); } @@ -74,7 +73,7 @@ public synchronized byte[] sign() throws OCKException { byte[] signature = null; try { - signature = NativeInterface.SIGNATURE_sign(this.ockContext.getId(), digest.getId(), + signature = this.nativeImpl.SIGNATURE_sign(digest.getId(), this.key.getPKeyId(), this.convertKey); } finally { // Try to reset even if OCKException is thrown @@ -103,7 +102,7 @@ public synchronized boolean verify(byte[] sigBytes) throws OCKException { boolean verified = false; try { - verified = NativeInterface.SIGNATURE_verify(this.ockContext.getId(), digest.getId(), + verified = this.nativeImpl.SIGNATURE_verify(digest.getId(), this.key.getPKeyId(), sigBytes); } finally { // Try to reset even if OCKException is thrown diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/SignatureDSANONE.java b/src/main/java/com/ibm/crypto/plus/provider/base/SignatureDSANONE.java similarity index 82% rename from src/main/java/com/ibm/crypto/plus/provider/ock/SignatureDSANONE.java rename to src/main/java/com/ibm/crypto/plus/provider/base/SignatureDSANONE.java index 398796e6c..a8f69461b 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/SignatureDSANONE.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/SignatureDSANONE.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.security.InvalidKeyException; @@ -15,23 +15,21 @@ */ public final class SignatureDSANONE { - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private DSAKey key = null; private boolean initialized = false; private final static String debPrefix = "SignatureDSANONE"; private final static String badIdMsg = "DSA Key Identifier is not valid"; - public static SignatureDSANONE getInstance(OCKContext ockContext) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - - return new SignatureDSANONE(ockContext); + public static SignatureDSANONE getInstance(boolean isFIPS) throws OCKException { + return new SignatureDSANONE(isFIPS); } - private SignatureDSANONE(OCKContext ockContext) throws OCKException { - this.ockContext = ockContext; + private SignatureDSANONE(boolean isFIPS) throws OCKException { + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); } public void initialize(DSAKey key) throws InvalidKeyException, OCKException { @@ -59,7 +57,7 @@ public synchronized byte[] sign(byte[] digest) throws OCKException { if (!validId(this.key.getDSAKeyId())) { throw new OCKException(badIdMsg); } - byte[] signature = NativeInterface.DSANONE_SIGNATURE_sign(this.ockContext.getId(), digest, + byte[] signature = this.nativeImpl.DSANONE_SIGNATURE_sign(digest, this.key.getDSAKeyId()); //OCKDebug.Msg(debPrefix, methodName, "signature :", signature); return signature; @@ -85,7 +83,7 @@ public synchronized boolean verify(byte[] digest, byte[] sigBytes) throws OCKExc if (!validId(this.key.getDSAKeyId())) { throw new OCKException(badIdMsg); } - boolean verified = NativeInterface.DSANONE_SIGNATURE_verify(this.ockContext.getId(), digest, + boolean verified = this.nativeImpl.DSANONE_SIGNATURE_verify(digest, this.key.getDSAKeyId(), sigBytes); // if (!verified) { // OCKDebug.Msg (debPrefix, methodName, "Failed to verify signature."); diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/SignatureEdDSA.java b/src/main/java/com/ibm/crypto/plus/provider/base/SignatureEdDSA.java similarity index 78% rename from src/main/java/com/ibm/crypto/plus/provider/ock/SignatureEdDSA.java rename to src/main/java/com/ibm/crypto/plus/provider/base/SignatureEdDSA.java index 36344fdb2..c5498961b 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/SignatureEdDSA.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/SignatureEdDSA.java @@ -6,29 +6,28 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.security.InvalidKeyException; import java.security.SignatureException; public final class SignatureEdDSA { - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private AsymmetricKey key = null; private boolean initialized = false; private final String badIdMsg = "Digest Identifier or PKey Identifier is not valid"; private final static String debPrefix = "SIGNATURE"; - public static SignatureEdDSA getInstance(OCKContext ockContext) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - return new SignatureEdDSA(ockContext); + public static SignatureEdDSA getInstance(boolean isFIPS) throws OCKException { + return new SignatureEdDSA(isFIPS); } - private SignatureEdDSA(OCKContext ockContext) throws OCKException { + private SignatureEdDSA(boolean isFIPS) throws OCKException { //final String methodName = "SignatureEdDSA(String)"; - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); } public void initialize(AsymmetricKey key) throws InvalidKeyException, OCKException { @@ -49,7 +48,7 @@ public synchronized byte[] sign(byte[] oneShotData) throws OCKException, Signatu if (!validId(this.key.getPKeyId())) { throw new OCKException(badIdMsg); } - byte[] signature = NativeInterface.SIGNATUREEdDSA_signOneShot(this.ockContext.getId(), + byte[] signature = this.nativeImpl.SIGNATUREEdDSA_signOneShot( this.key.getPKeyId(), oneShotData); return signature; } @@ -67,7 +66,7 @@ public synchronized boolean verify(byte[] sigBytes, byte[] dataBytes) throws OCK if (this.key.getPKeyId() == 0L) { throw new OCKException(badIdMsg); } - boolean verified = NativeInterface.SIGNATUREEdDSA_verifyOneShot(this.ockContext.getId(), + boolean verified = this.nativeImpl.SIGNATUREEdDSA_verifyOneShot( this.key.getPKeyId(), sigBytes, dataBytes); return verified; } diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/SignatureRSAPSS.java b/src/main/java/com/ibm/crypto/plus/provider/base/SignatureRSAPSS.java similarity index 82% rename from src/main/java/com/ibm/crypto/plus/provider/ock/SignatureRSAPSS.java rename to src/main/java/com/ibm/crypto/plus/provider/base/SignatureRSAPSS.java index 0d3dfb360..7b785be3e 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/SignatureRSAPSS.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/SignatureRSAPSS.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -18,7 +18,8 @@ public enum InitOp { INITSIGN, INITVERIFY }; - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long rsaPssId = 0; private AsymmetricKey key = null; private boolean initialized = false; @@ -32,19 +33,17 @@ public enum InitOp { String digestAlgo = null; - public static SignatureRSAPSS getInstance(OCKContext ockContext, String digestAlgo, int saltlen, + public static SignatureRSAPSS getInstance(boolean isFIPS, String digestAlgo, int saltlen, int trailerField, String mgfAlgo, String mgf1SpecAlgo) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - return new SignatureRSAPSS(ockContext, digestAlgo, saltlen, trailerField, mgfAlgo, + return new SignatureRSAPSS(isFIPS, digestAlgo, saltlen, trailerField, mgfAlgo, mgf1SpecAlgo); } - private SignatureRSAPSS(OCKContext ockContext, String digestAlgo, int saltlen, int trailerField, + private SignatureRSAPSS(boolean isFIPS, String digestAlgo, int saltlen, int trailerField, String mgfAlgo, String mgf1SpecAlgo) throws OCKException { - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); this.saltlen = saltlen; this.trailerField = trailerField; this.mgfAlgo = mgfAlgo; @@ -57,7 +56,7 @@ public synchronized void setParameter(String digestAlgo, int saltlen, int traile try { if (rsaPssId != 0) { // release existing context before allocating a new one - NativeInterface.RSAPSS_releaseContext(ockContext.getId(), rsaPssId); + this.nativeImpl.RSAPSS_releaseContext(rsaPssId); rsaPssId = 0; } } catch (OCKException e) { @@ -148,15 +147,15 @@ private int configureParameter(String digestAlgo, int saltlen, int trailerField, int ret = 0; try { - this.rsaPssId = NativeInterface.RSAPSS_createContext(ockContext.getId(), digestAlgoOCK, + this.rsaPssId = this.nativeImpl.RSAPSS_createContext(digestAlgoOCK, mgf1SpecAlgoOCK); // If already initialized, re-init with new context and parameters if (this.initialized && this.rsaPssId != 0) { if (this.initOp == InitOp.INITSIGN) { - NativeInterface.RSAPSS_signInit(this.ockContext.getId(), rsaPssId, + this.nativeImpl.RSAPSS_signInit(rsaPssId, this.key.getPKeyId(), this.saltlen, this.convert); } else { - NativeInterface.RSAPSS_verifyInit(this.ockContext.getId(), rsaPssId, + this.nativeImpl.RSAPSS_verifyInit(rsaPssId, this.key.getPKeyId(), this.saltlen); } } @@ -169,7 +168,7 @@ private int configureParameter(String digestAlgo, int saltlen, int trailerField, public synchronized void update(byte[] input, int offset, int length) throws OCKException { - NativeInterface.RSAPSS_digestUpdate(this.ockContext.getId(), this.rsaPssId, input, offset, + this.nativeImpl.RSAPSS_digestUpdate(this.rsaPssId, input, offset, length); } @@ -191,10 +190,10 @@ public synchronized void initialize(AsymmetricKey key, InitOp initOp, boolean co this.convert = convert; if (rsaPssId != 0) { if (initOp == InitOp.INITSIGN) { - NativeInterface.RSAPSS_signInit(this.ockContext.getId(), rsaPssId, + this.nativeImpl.RSAPSS_signInit(rsaPssId, this.key.getPKeyId(), this.saltlen, convert); } else { - NativeInterface.RSAPSS_verifyInit(this.ockContext.getId(), rsaPssId, + this.nativeImpl.RSAPSS_verifyInit(rsaPssId, this.key.getPKeyId(), this.saltlen); } } else { @@ -211,14 +210,14 @@ public synchronized byte[] signFinal() throws OCKException { if (rsaPssId != 0) { byte[] signature = null; try { - signature = new byte[NativeInterface.RSAPSS_getSigLen(this.ockContext.getId(), + signature = new byte[this.nativeImpl.RSAPSS_getSigLen( this.rsaPssId)]; - NativeInterface.RSAPSS_signFinal(this.ockContext.getId(), this.rsaPssId, signature, + this.nativeImpl.RSAPSS_signFinal(this.rsaPssId, signature, signature.length); return signature; } catch (OCKException e) { // Try to reset if OCKException is thrown - NativeInterface.RSAPSS_resetDigest(this.ockContext.getId(), this.rsaPssId); + this.nativeImpl.RSAPSS_resetDigest(this.rsaPssId); throw e; } } else { @@ -240,11 +239,11 @@ public synchronized boolean verifyFinal(byte[] sigBytes) throws OCKException { if (rsaPssId != 0) { boolean verified = false; try { - verified = NativeInterface.RSAPSS_verifyFinal(this.ockContext.getId(), + verified = this.nativeImpl.RSAPSS_verifyFinal( this.rsaPssId, sigBytes, sigBytes.length); } catch (OCKException e) { // Try to reset if OCKException is thrown - NativeInterface.RSAPSS_resetDigest(this.ockContext.getId(), this.rsaPssId); + this.nativeImpl.RSAPSS_resetDigest(this.rsaPssId); throw e; } return verified; @@ -260,7 +259,7 @@ protected synchronized void finalize() throws Throwable { try { if (rsaPssId != 0) { - NativeInterface.RSAPSS_releaseContext(ockContext.getId(), rsaPssId); + this.nativeImpl.RSAPSS_releaseContext(rsaPssId); rsaPssId = 0; } } finally { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/SignatureRSASSL.java b/src/main/java/com/ibm/crypto/plus/provider/base/SignatureRSASSL.java similarity index 85% rename from src/main/java/com/ibm/crypto/plus/provider/ock/SignatureRSASSL.java rename to src/main/java/com/ibm/crypto/plus/provider/base/SignatureRSASSL.java index cdbdae790..e7de9e974 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/SignatureRSASSL.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/SignatureRSASSL.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.security.InvalidKeyException; @@ -29,23 +29,21 @@ */ public final class SignatureRSASSL { - private OCKContext ockContext = null; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private RSAKey key = null; private boolean convertKey = false; private boolean initialized = false; private static final String debPrefix = "SignatureRSASSL"; private final String badIdMsg = "RSA Key Identifier is not valid"; - public static SignatureRSASSL getInstance(OCKContext ockContext) throws OCKException { - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - - return new SignatureRSASSL(ockContext); + public static SignatureRSASSL getInstance(boolean isFIPS) throws OCKException { + return new SignatureRSASSL(isFIPS); } - private SignatureRSASSL(OCKContext ockContext) throws OCKException { - this.ockContext = ockContext; + private SignatureRSASSL(boolean isFIPS) throws OCKException { + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); } public void initialize(RSAKey key, boolean convert) throws InvalidKeyException, OCKException { @@ -74,7 +72,7 @@ public synchronized byte[] sign(byte[] digest) throws OCKException { if (!validId(this.key.getRSAKeyId())) { throw new OCKException(badIdMsg); } - byte[] signature = NativeInterface.RSASSL_SIGNATURE_sign(this.ockContext.getId(), digest, + byte[] signature = this.nativeImpl.RSASSL_SIGNATURE_sign(digest, this.key.getRSAKeyId()); //OCKDebug.Msg (debPrefix, methodName, "signature :", signature); return signature; @@ -98,7 +96,7 @@ public synchronized boolean verify(byte[] digest, byte[] sigBytes) throws OCKExc //OCKDebug.Msg(debPrefix, methodName, "RSAKeyId :" + this.key.getRSAKeyId() + " digest", digest); //OCKDebug.Msg(debPrefix, methodName, "sigBytes :", sigBytes); - boolean verified = NativeInterface.RSASSL_SIGNATURE_verify(this.ockContext.getId(), digest, + boolean verified = this.nativeImpl.RSASSL_SIGNATURE_verify(digest, this.key.getRSAKeyId(), sigBytes, convertKey); if (!validId(this.key.getRSAKeyId())) { throw new OCKException(badIdMsg); diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/SymmetricCipher.java b/src/main/java/com/ibm/crypto/plus/provider/base/SymmetricCipher.java similarity index 90% rename from src/main/java/com/ibm/crypto/plus/provider/ock/SymmetricCipher.java rename to src/main/java/com/ibm/crypto/plus/provider/base/SymmetricCipher.java index 4579ae50d..d9a82a0c6 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/SymmetricCipher.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/SymmetricCipher.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -19,7 +19,8 @@ public final class SymmetricCipher { - private OCKContext ockContext; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long ockCipherId; private boolean isInitialized = false; private boolean encrypting = true; @@ -53,38 +54,34 @@ public final class SymmetricCipher { //final String debPrefix = "SymmetricCipher"; - public static SymmetricCipher getInstanceChaCha20(OCKContext ockContext, Padding padding) + public static SymmetricCipher getInstanceChaCha20(boolean isFIPS, Padding padding) throws OCKException { String algName = "chacha20"; - return getInstance(ockContext, algName, padding); + return getInstance(isFIPS, algName, padding); } - public static SymmetricCipher getInstanceChaCha20Poly1305(OCKContext ockContext, + public static SymmetricCipher getInstanceChaCha20Poly1305(boolean isFIPS, Padding padding) throws OCKException { String algName = "chacha20-poly1305"; - return getInstance(ockContext, algName, padding); + return getInstance(isFIPS, algName, padding); } - public static SymmetricCipher getInstanceAES(OCKContext ockContext, String mode, + public static SymmetricCipher getInstanceAES(boolean isFIPS, String mode, Padding padding, int numKeyBytes) throws OCKException { String algName = "AES-" + Integer.toString(numKeyBytes * 8) + "-" + mode.toUpperCase(); - return getInstance(ockContext, algName, padding); + return getInstance(isFIPS, algName, padding); } - public static SymmetricCipher getInstanceDESede(OCKContext ockContext, String mode, + public static SymmetricCipher getInstanceDESede(boolean isFIPS, String mode, Padding padding) throws OCKException { String modeUpperCase = mode.toUpperCase(); String algName = modeUpperCase.equals("ECB") ? "DES-EDE3" : "DES-EDE3-" + modeUpperCase; - return getInstance(ockContext, algName, padding); + return getInstance(isFIPS, algName, padding); } - private static SymmetricCipher getInstance(OCKContext ockContext, String cipherName, + private static SymmetricCipher getInstance(boolean isFIPS, String cipherName, Padding padding) throws OCKException { //final String methodName = "getInstance"; - if (ockContext == null) { - throw new IllegalArgumentException("context is null"); - } - if (cipherName == null || cipherName.isEmpty()) { throw new IllegalArgumentException("cipherName is null/empty"); } @@ -94,7 +91,7 @@ private static SymmetricCipher getInstance(OCKContext ockContext, String cipherN } //OCKDebug.Msg(debPrefix, methodName, "cipherName :" + cipherName); - return new SymmetricCipher(ockContext, cipherName, padding); + return new SymmetricCipher(isFIPS, cipherName, padding); } static void throwOCKException(int errorCode) throws BadPaddingException, OCKException { @@ -114,24 +111,19 @@ static void throwOCKException(int errorCode) throws BadPaddingException, OCKExce } } - private SymmetricCipher(OCKContext ockContext, String cipherName, Padding padding) + private SymmetricCipher(boolean isFIPS, String cipherName, Padding padding) throws OCKException { // Check whether used algorithm is CBC and whether hardware supports - boolean isHardwareSupport = false; - if (hardwareEnabled.containsKey(ockContext)) - isHardwareSupport = hardwareEnabled.get(ockContext); - else { - hardwareFunctionPtr = checkHardwareSupport(ockContext.getId()); - isHardwareSupport = (hardwareFunctionPtr == 1) ? true : false; - hardwareEnabled.put(ockContext, isHardwareSupport); - } + boolean isHardwareSupport = !isFIPS && (checkHardwareSupport() == 1); + use_z_fast_command = "AES".equals(cipherName.substring(0, 3)) && "CBC".equals(cipherName.substring(cipherName.length() - 3)) && isHardwareSupport; - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); this.padding = padding; if (!use_z_fast_command) { - this.ockCipherId = NativeInterface.CIPHER_create(ockContext.getId(), cipherName); + this.ockCipherId = this.nativeImpl.CIPHER_create(cipherName); } } @@ -158,7 +150,7 @@ private void initCipher(boolean isEncrypt, byte[] key, byte[] iv) throws OCKExce if (ockCipherId == 0L) { throw new OCKException(badIdMsg); } - NativeInterface.CIPHER_init(ockContext.getId(), ockCipherId, isEncrypt ? 1 : 0, + this.nativeImpl.CIPHER_init(ockCipherId, isEncrypt ? 1 : 0, padding.getId(), key, iv); } @@ -227,7 +219,7 @@ else if (blockSize == 16) } // public synchronized void clean() throws OCKException { - // NativeInterface.CIPHER_clean(ockContext.getId(), ockCipherId); + // this.nativeImpl.CIPHER_clean(ockContext.getId(), ockCipherId); // this.bufferedCount = 0; // } public int getOutputSize(int inputLen) throws OCKException { @@ -296,7 +288,7 @@ public synchronized int getBlockSize() throws OCKException { if (!use_z_fast_command) { if (ockCipherId == 0L) throw new OCKException(badIdMsg); - blockSize = NativeInterface.CIPHER_getBlockSize(ockContext.getId(), ockCipherId); + blockSize = this.nativeImpl.CIPHER_getBlockSize(ockCipherId); } else { blockSize = 16; } @@ -310,7 +302,7 @@ public synchronized int getKeyLength() throws OCKException { if (ockCipherId == 0L) { throw new OCKException(badIdMsg); } - keyLength = NativeInterface.CIPHER_getKeyLength(ockContext.getId(), ockCipherId); + keyLength = this.nativeImpl.CIPHER_getKeyLength(ockCipherId); } else { keyLength = 16; } @@ -322,13 +314,13 @@ public synchronized int getIVLength() throws OCKException { if (ivLength == 0 && !use_z_fast_command) { if (ockCipherId == 0L) throw new OCKException(badIdMsg); - ivLength = NativeInterface.CIPHER_getIVLength(ockContext.getId(), ockCipherId); + ivLength = this.nativeImpl.CIPHER_getIVLength(ockCipherId); } return ivLength; } // public synchronized int getOID() { - // return NativeInterface.CIPHER_getOID(ockContext.getId(), ockCipherId); + // return this.nativeImpl.CIPHER_getOID(ockContext.getId(), ockCipherId); // } public synchronized int update(byte[] input, int inputOffset, int inputLen, byte[] output, @@ -390,10 +382,10 @@ public synchronized int update(byte[] input, int inputOffset, int inputLen, byte throw new OCKException(badIdMsg); } if (encrypting) { - outLen = NativeInterface.CIPHER_encryptUpdate(ockContext.getId(), ockCipherId, + outLen = this.nativeImpl.CIPHER_encryptUpdate(ockCipherId, input, inputOffset, inputLen, tmpBuf, 0, needsReinit); } else { - outLen = NativeInterface.CIPHER_decryptUpdate(ockContext.getId(), ockCipherId, + outLen = this.nativeImpl.CIPHER_decryptUpdate(ockCipherId, input, inputOffset, inputLen, tmpBuf, 0, needsReinit); } if (outLen < 0) { @@ -433,7 +425,7 @@ public synchronized int z_update(byte[] input, int inputOffset, int inputLen, by needsReinit = false; } - outLen = NativeInterface.z_kmc_native(input, inputOffset, output, outputOffset, + outLen = this.nativeImpl.z_kmc_native(input, inputOffset, output, outputOffset, paramPointer, inputLen, mode); return outLen; } @@ -522,10 +514,10 @@ public synchronized int doFinal(byte[] input, int inputOffset, int inputLen, byt throw new OCKException(badIdMsg); } if (encrypting) { - outLen = NativeInterface.CIPHER_encryptFinal(ockContext.getId(), ockCipherId, input, + outLen = this.nativeImpl.CIPHER_encryptFinal(ockCipherId, input, inputOffset, inputLen, tmpBuf, 0, needsReinit); } else { - outLen = NativeInterface.CIPHER_decryptFinal(ockContext.getId(), ockCipherId, input, + outLen = this.nativeImpl.CIPHER_decryptFinal(ockCipherId, input, inputOffset, inputLen, tmpBuf, 0, needsReinit); } if (outLen < 0) { @@ -578,7 +570,7 @@ public synchronized int z_doFinal(byte[] input, int inputOffset, int inputLen, b || (inputOffset + inputLen) > input.length)) throw new IllegalArgumentException("Input range is invalid"); - outLen = NativeInterface.z_kmc_native(input, inputOffset, output, outputOffset, + outLen = this.nativeImpl.z_kmc_native(input, inputOffset, output, outputOffset, paramPointer, inputLen, mode); // Need to reset the object such that it can be re-used. @@ -594,7 +586,7 @@ protected synchronized void finalize() throws Throwable { //OCKDebug.Msg(debPrefix, methodName, "ockCipherId :" + ockCipherId); if (!use_z_fast_command) { if (ockCipherId != 0) { - NativeInterface.CIPHER_delete(ockContext.getId(), ockCipherId); + this.nativeImpl.CIPHER_delete(ockCipherId); ockCipherId = 0; } } @@ -615,8 +607,8 @@ protected static boolean validId(long id) { return (id != 0L); } - private static long checkHardwareSupport(long ockId) { - return NativeInterface.checkHardwareSupport(ockId); + private static long checkHardwareSupport() { + return NativeInterfaceFactory.getImpl(false).checkHardwareSupport(); } public boolean getHardwareSupportStatus() { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/XECKey.java b/src/main/java/com/ibm/crypto/plus/provider/base/XECKey.java similarity index 73% rename from src/main/java/com/ibm/crypto/plus/provider/ock/XECKey.java rename to src/main/java/com/ibm/crypto/plus/provider/base/XECKey.java index bb5740052..b9e0b906c 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/XECKey.java +++ b/src/main/java/com/ibm/crypto/plus/provider/base/XECKey.java @@ -6,7 +6,7 @@ * this code, including the "Classpath" Exception described therein. */ -package com.ibm.crypto.plus.provider.ock; +package com.ibm.crypto.plus.provider.base; import java.util.Arrays; @@ -15,7 +15,8 @@ public final class XECKey implements AsymmetricKey { // private/public key bytes are available but not yet obtained. // static final byte[] unobtainedKeyBytes = new byte[0]; - private OCKContext ockContext; + private boolean isFIPS; + private NativeInterface nativeImpl = null; private long xecKeyId; private byte[] privateKeyBytes; private byte[] publicKeyBytes; @@ -30,25 +31,24 @@ protected FastJNIBuffer initialValue() { } }; - private XECKey(OCKContext ockContext, long xecKeyId, byte[] privateKeyBytes, + private XECKey(boolean isFIPS, long xecKeyId, byte[] privateKeyBytes, byte[] publicKeyBytes) { //final String methodName = "XECKey(long, byte[], byte[]) "; - this.ockContext = ockContext; + this.isFIPS = isFIPS; + this.nativeImpl = NativeInterfaceFactory.getImpl(this.isFIPS); this.xecKeyId = xecKeyId; this.privateKeyBytes = privateKeyBytes; this.publicKeyBytes = publicKeyBytes; } - public static XECKey generateKeyPair(OCKContext ockContext, int curveNum, int pub_size) + public static XECKey generateKeyPair(boolean isFIPS, int curveNum, int pub_size) throws OCKException { //final String methodName = "generateKeyPair(NamedParameterSpec.CURVE) "; - if (ockContext == null) - throw new IllegalArgumentException("The context parameter is null"); - FastJNIBuffer buffer = XECKey.buffer.get(); - long xecKeyId = NativeInterface.XECKEY_generate(ockContext.getId(), curveNum, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long xecKeyId = nativeImpl.XECKEY_generate(curveNum, buffer.pointer()); if (!validId(xecKeyId)) throw new OCKException(badIdMsg); @@ -56,19 +56,18 @@ public static XECKey generateKeyPair(OCKContext ockContext, int curveNum, int pu byte[] publicKeyBytes = new byte[pub_size]; buffer.get(0, publicKeyBytes, 0, pub_size); - return new XECKey(ockContext, xecKeyId, unobtainedKeyBytes, publicKeyBytes); + return new XECKey(isFIPS, xecKeyId, unobtainedKeyBytes, publicKeyBytes); } - public static byte[] computeECDHSecret(OCKContext ockContext, long genCtx, long pubId, + public static byte[] computeECDHSecret(boolean isFIPS, long genCtx, long pubId, long privId, int secrectBufferSize) throws OCKException { - if (ockContext == null) - throw new IllegalArgumentException("context is null"); if (pubId == 0) throw new IllegalArgumentException("The public key parameter is not valid"); if (privId == 0) throw new IllegalArgumentException("The private key parameter is not valid"); - byte[] sharedSecretBytes = NativeInterface.XECKEY_computeECDHSecret(ockContext.getId(), + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + byte[] sharedSecretBytes = nativeImpl.XECKEY_computeECDHSecret( genCtx, pubId, privId, secrectBufferSize); //OCKDebug.Msg (debPrefix, methodName, "pubId :" + pubId + " privId :" + privId + " sharedSecretBytes :", sharedSecretBytes); return sharedSecretBytes; @@ -88,8 +87,7 @@ private synchronized void obtainPrivateKeyBytes() throws OCKException { if (privateKeyBytes == unobtainedKeyBytes) { if (!validId(xecKeyId)) throw new OCKException(badIdMsg); - this.privateKeyBytes = NativeInterface.XECKEY_getPrivateKeyBytes(ockContext.getId(), - xecKeyId); // Returns DER encoded bytes + this.privateKeyBytes = this.nativeImpl.XECKEY_getPrivateKeyBytes(xecKeyId); // Returns DER encoded bytes } } @@ -121,7 +119,7 @@ protected synchronized void finalize() throws Throwable { } if (xecKeyId != 0) { - NativeInterface.XECKEY_delete(ockContext.getId(), xecKeyId); + this.nativeImpl.XECKEY_delete(xecKeyId); xecKeyId = 0; } } finally { @@ -129,17 +127,16 @@ protected synchronized void finalize() throws Throwable { } } - public synchronized static XECKey createPrivateKey(OCKContext ockContext, + public synchronized static XECKey createPrivateKey(boolean isFIPS, byte[] privateKeyBytes, int priv_size) throws OCKException { //final String methodName = "createPrivateKey"; - if (ockContext == null) - throw new IllegalArgumentException("context is null"); if (privateKeyBytes == null) throw new IllegalArgumentException("key bytes is null"); FastJNIBuffer buffer = XECKey.buffer.get(); - long xecKeyId = NativeInterface.XECKEY_createPrivateKey(ockContext.getId(), privateKeyBytes, + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long xecKeyId = nativeImpl.XECKEY_createPrivateKey(privateKeyBytes, buffer.pointer()); if (!validId(xecKeyId)) throw new OCKException(badIdMsg); @@ -148,19 +145,18 @@ public synchronized static XECKey createPrivateKey(OCKContext ockContext, byte[] publicKeyBytes = new byte[priv_size]; buffer.get(0, publicKeyBytes, 0, priv_size); - return new XECKey(ockContext, xecKeyId, privateKeyBytes.clone(), publicKeyBytes); + return new XECKey(isFIPS, xecKeyId, privateKeyBytes.clone(), publicKeyBytes); } - public static XECKey createPublicKey(OCKContext ockContext, byte[] publicKeyBytes) + public static XECKey createPublicKey(boolean isFIPS, byte[] publicKeyBytes) throws OCKException { //final String methodName = "createPublicKey"; - if (ockContext == null) - throw new IllegalArgumentException("context is null"); if (publicKeyBytes == null) throw new IllegalArgumentException("key bytes is null"); - long xecKeyId = NativeInterface.XECKEY_createPublicKey(ockContext.getId(), publicKeyBytes); - return new XECKey(ockContext, xecKeyId, null, publicKeyBytes.clone()); + NativeInterface nativeImpl = NativeInterfaceFactory.getImpl(isFIPS); + long xecKeyId = nativeImpl.XECKEY_createPublicKey(publicKeyBytes); + return new XECKey(isFIPS, xecKeyId, null, publicKeyBytes.clone()); } public String getAlgorithm() { diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapter.java b/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapter.java new file mode 100644 index 000000000..bf73a016e --- /dev/null +++ b/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapter.java @@ -0,0 +1,1235 @@ +/* + * Copyright IBM Corp. 2025 + * + * This code is free software; you can redistribute it and/or modify it + * under the terms provided by IBM in the LICENSE file that accompanied + * this code, including the "Classpath" Exception described therein. + */ + +package com.ibm.crypto.plus.provider.ock; + +import com.ibm.crypto.plus.provider.base.NativeInterface; +import com.ibm.crypto.plus.provider.base.OCKContext; +import com.ibm.crypto.plus.provider.base.OCKException; +import java.io.BufferedReader; +import java.io.File; +import java.io.FileReader; +import java.nio.ByteBuffer; +import java.security.ProviderException; +import sun.security.util.Debug; + +public abstract class NativeOCKAdapter implements NativeInterface { + // These code values must match those defined in Context.h. + // + private static final int VALUE_ID_FIPS_APPROVED_MODE = 0; + private static final int VALUE_OCK_INSTALL_PATH = 1; + private static final int VALUE_OCK_VERSION = 2; + + // User enabled debugging + private static Debug debug = Debug.getInstance("jceplus"); + + static final String unobtainedValue = new String(); + + // whether to validate OCK was loaded from JRE location + private static final boolean validateOCKLocation = true; + + // whether to validate OCK version of load library matches version in ICCSIG.txt + private static final boolean validateOCKVersion = false; + + private OCKContext ockContext = null; + private boolean ockInitialized = false; + private boolean useFIPSMode; + + private String ockVersion = unobtainedValue; + private String ockInstallPath = unobtainedValue; + + // The following is a special String instance to indicate that a + // value has not yet been obtained. We do this because some values + // may be null and we only want to query the value one time. + // + private static String libraryBuildDate = unobtainedValue; + + NativeOCKAdapter(boolean useFIPSMode) { + this.useFIPSMode = useFIPSMode; + initializeContext(); + } + // Initialize OCK context(s) + // + private synchronized void initializeContext() { + // Leave this duplicate check in here. If two threads are both trying + // to instantiate an OpenJCEPlus provider at the same time, we need to + // ensure that the initialization only happens one time. We have + // made the method synchronizaed to ensure only one thread can execute + // the method at a time. + // + if (ockInitialized) { + return; + } + + try { + long ockContextId = NativeOCKImplementation.initializeOCK(this.useFIPSMode); + this.ockContext = OCKContext.createContext(ockContextId, this.useFIPSMode); + getLibraryBuildDate(); + + if (validateOCKLocation) { + validateLibraryLocation(); + } + + if (validateOCKVersion) { + validateLibraryVersion(); + } + + this.ockInitialized = true; + } catch (OCKException e) { + throw providerException("Failed to initialize OpenJCEPlus provider", e); + } catch (Throwable t) { + ProviderException exceptionToThrow = providerException( + "Failed to initialize OpenJCEPlus provider", t); + + if (exceptionToThrow.getCause() == null) { + // We are not including the full stack trace back to the point + // of origin. + // Try and obtain the message for the underlying cause of the + // exception + // + // If an ExceptionInInitializerError or NoClassDefFoundError is + // thrown, we want to get the message from the cause of that + // exception. + // + if ((t instanceof java.lang.ExceptionInInitializerError) + || (t instanceof java.lang.NoClassDefFoundError)) { + Throwable cause = t.getCause(); + if (cause != null) { + t = cause; + } + } + + // In the case that the JNI library could not be loaded. + // + String message = t.getMessage(); + if ((message != null) && (message.length() > 0)) { + // We want to see the message for the underlying cause even + // if not showing the stack trace all the way back to the + // point of origin. + // + exceptionToThrow.initCause(new ProviderException(t.getMessage())); + } + } + + if (debug != null) { + exceptionToThrow.printStackTrace(System.out); + } + + throw exceptionToThrow; + } + } + + // Get OCK context for crypto operations + // + OCKContext getOCKContext() { + // May need to initialize OCK here in the case that a serialized + // OpenJCEPlus object, such as a HASHDRBG SecureRandom, is being + // deserialized in a JVM that has not instantiated the OpenJCEPlus + // provider yet. + // + if (!ockInitialized) { + initializeContext(); + } + + return ockContext; + } + + @Override + public String getLibraryVersion() throws OCKException { + if (ockVersion == unobtainedValue) { + obtainOCKVersion(); + } + return ockVersion; + } + + @Override + public String getLibraryInstallPath() throws OCKException { + if (ockInstallPath == unobtainedValue) { + obtainOCKInstallPath(); + } + return ockInstallPath; + } + + + private synchronized void obtainOCKVersion() throws OCKException { + // Leave this duplicate check in here. If two threads are both trying + // to get the value at the same time, we only want to call the native + // code one time. + // + if (ockVersion == unobtainedValue) { + ockVersion = CTX_getValue(VALUE_OCK_VERSION); + } + } + + private synchronized void obtainOCKInstallPath() throws OCKException { + // Leave this duplicate check in here. If two threads are both trying + // to get the value at the same time, we only want to call the native + // code one time. + // + if (ockInstallPath == unobtainedValue) { + ockInstallPath = CTX_getValue(VALUE_OCK_INSTALL_PATH); + } + } + + static public ProviderException providerException(String message, Throwable ockException) { + ProviderException providerException = new ProviderException(message, ockException); + setOCKExceptionCause(providerException, ockException); + return providerException; + } + + static public void setOCKExceptionCause(Exception exception, Throwable ockException) { + if (debug != null) { + exception.initCause(ockException); + } + } + + @Override + public void validateLibraryLocation() throws ProviderException, OCKException { + if (NativeOCKImplementation.requirePreloadOCK == false) { + // If we are not requiring OCK to be pre-loaded, then it does not need to be + // loaded from the JRE location + // + return; + } + + try { + // Check to make sure that the OCK install path is within the JRE + // + String ockLoadPath = new File(NativeOCKImplementation.getOCKLoadPath()).getCanonicalPath(); + String ockInstallPath = new File(getLibraryInstallPath()).getCanonicalPath(); + + if (debug != null) { + debug.println("dependent library load path : " + ockLoadPath); + debug.println("dependent library install path : " + ockInstallPath); + } + + if (ockInstallPath.startsWith(ockLoadPath) == false) { + String exceptionMessage = "Dependent library was loaded from an external location"; + + if (debug != null) { + exceptionMessage = "Dependent library was loaded from " + ockInstallPath; + } + + throw new ProviderException(exceptionMessage); + } + } catch (java.io.IOException e) { + throw new ProviderException("Failed to validate dependent library", e); + } + } + + @Override + public void validateLibraryVersion() throws ProviderException, OCKException { + if (NativeOCKImplementation.requirePreloadOCK == false) { + // If we are not requiring OCK to be pre-loaded, then it does not need to be + // a specific version + // + return; + } + + String expectedVersion = getExpectedLibraryVersion(); + String actualVersion = getLibraryVersion(); + + if (expectedVersion == null) { + throw new ProviderException( + "Could not not determine expected version of dependent library"); + } else if (expectedVersion.equals(actualVersion) == false) { + throw new ProviderException("Expected depdendent library version " + expectedVersion + + ", got " + actualVersion); + } + } + + private String getExpectedLibraryVersion() { + String ockLoadPath = NativeOCKImplementation.getOCKLoadPath(); + String ockSigFileName; + if (this.useFIPSMode) { + ockSigFileName = ockLoadPath + File.separator + "C" + File.separator + "icc" + + File.separator + "icclib" + File.separator + "ICCSIG.txt"; + } else { + ockSigFileName = ockLoadPath + File.separator + "N" + File.separator + "icc" + + File.separator + "icclib" + File.separator + "ICCSIG.txt"; + } + BufferedReader br = null; + try { + String line; + String versionMarker = "# ICC Version "; + br = new BufferedReader(new FileReader(ockSigFileName)); + while ((line = br.readLine()) != null) { + if (line.startsWith(versionMarker)) { + String version = line.substring(versionMarker.length()).trim(); + return version; + } + } + } catch (Exception e) { + } finally { + if (br != null) { + try { + br.close(); + } catch (Exception e) { + } + } + } + + return null; + } + + @Override + public String getLibraryBuildDate() { + if (libraryBuildDate == unobtainedValue) { + libraryBuildDate = NativeOCKImplementation.getLibraryBuildDate();; + } + return libraryBuildDate; + } + + @Override + public long initializeOCK(boolean isFIPS) throws OCKException { + return NativeOCKImplementation.initializeOCK(isFIPS); + } + + @Override + public String CTX_getValue(int valueId) throws OCKException { + return NativeOCKImplementation.CTX_getValue(ockContext.getId(), valueId); + } + + @Override + public long getByteBufferPointer(ByteBuffer b) { + return NativeOCKImplementation.getByteBufferPointer(b); + } + + @Override + public void RAND_nextBytes(byte[] buffer) throws OCKException { + NativeOCKImplementation.RAND_nextBytes(ockContext.getId(), buffer); + } + + @Override + public void RAND_setSeed(byte[] seed) throws OCKException { + NativeOCKImplementation.RAND_setSeed(ockContext.getId(), seed); + } + + @Override + public void RAND_generateSeed(byte[] seed) throws OCKException { + NativeOCKImplementation.RAND_generateSeed(ockContext.getId(), seed); + } + + @Override + public long EXTRAND_create(String algName) throws OCKException { + return NativeOCKImplementation.EXTRAND_create(ockContext.getId(), algName); + } + + @Override + public void EXTRAND_nextBytes(long ockPRNGContextId, byte[] buffer) throws OCKException { + NativeOCKImplementation.EXTRAND_nextBytes(ockContext.getId(), ockPRNGContextId, buffer); + } + + @Override + public void EXTRAND_setSeed(long ockPRNGContextId, byte[] seed) throws OCKException { + NativeOCKImplementation.EXTRAND_setSeed(ockContext.getId(), ockPRNGContextId, seed); + } + + @Override + public void EXTRAND_delete(long ockPRNGContextId) throws OCKException { + NativeOCKImplementation.EXTRAND_delete(ockContext.getId(), ockPRNGContextId); + } + + @Override + public long CIPHER_create(String cipher) throws OCKException { + return NativeOCKImplementation.CIPHER_create(ockContext.getId(), cipher); + } + + @Override + public void CIPHER_init(long ockCipherId, int isEncrypt, int paddingId, byte[] key, byte[] iv) throws OCKException { + NativeOCKImplementation.CIPHER_init(ockContext.getId(), ockCipherId, isEncrypt, paddingId, key, iv); + } + + @Override + public void CIPHER_clean(long ockCipherId) throws OCKException { + NativeOCKImplementation.CIPHER_clean(ockContext.getId(), ockCipherId); + } + + @Override + public void CIPHER_setPadding(long ockCipherId, int paddingId) throws OCKException { + NativeOCKImplementation.CIPHER_setPadding(ockContext.getId(), ockCipherId, paddingId); + } + + @Override + public int CIPHER_getBlockSize(long ockCipherId) { + return NativeOCKImplementation.CIPHER_getBlockSize(ockContext.getId(), ockCipherId); + } + + @Override + public int CIPHER_getKeyLength(long ockCipherId) { + return NativeOCKImplementation.CIPHER_getKeyLength(ockContext.getId(), ockCipherId); + } + + @Override + public int CIPHER_getIVLength(long ockCipherId) { + return NativeOCKImplementation.CIPHER_getIVLength(ockContext.getId(), ockCipherId); + } + + @Override + public int CIPHER_getOID(long ockCipherId) { + return NativeOCKImplementation.CIPHER_getOID(ockContext.getId(), ockCipherId); + } + + @Override + public int CIPHER_encryptUpdate(long ockCipherId, byte[] plaintext, int plaintextOffset, int plaintextLen, + byte[] ciphertext, int ciphertextOffset, boolean needsReinit) throws OCKException { + return NativeOCKImplementation.CIPHER_encryptUpdate(ockContext.getId(), ockCipherId, + plaintext, plaintextOffset, plaintextLen, ciphertext, ciphertextOffset, needsReinit); + } + + @Override + public int CIPHER_decryptUpdate(long ockCipherId, byte[] ciphertext, int cipherOffset, int cipherLen, + byte[] plaintext, int plaintextOffset, boolean needsReinit) throws OCKException { + return NativeOCKImplementation.CIPHER_decryptUpdate(ockContext.getId(), ockCipherId, + ciphertext, cipherOffset, cipherLen, plaintext, plaintextOffset, needsReinit); + } + + @Override + public int CIPHER_encryptFinal(long ockCipherId, byte[] input, int inOffset, int inLen, byte[] ciphertext, + int ciphertextOffset, boolean needsReinit) throws OCKException { + return NativeOCKImplementation.CIPHER_encryptFinal(ockContext.getId(), ockCipherId, + input, inOffset, inLen, ciphertext, ciphertextOffset, needsReinit); + } + + @Override + public int CIPHER_decryptFinal(long ockCipherId, byte[] ciphertext, int cipherOffset, int cipherLen, + byte[] plaintext, int plaintextOffset, boolean needsReinit) throws OCKException { + return NativeOCKImplementation.CIPHER_decryptFinal(ockContext.getId(), ockCipherId, + ciphertext, cipherOffset, cipherLen, plaintext, plaintextOffset, needsReinit); + } + + @Override + public long checkHardwareSupport() { + return NativeOCKImplementation.checkHardwareSupport(ockContext.getId()); + } + + @Override + public void CIPHER_delete(long ockCipherId) throws OCKException { + NativeOCKImplementation.CIPHER_delete(ockContext.getId(), ockCipherId); + } + + @Override + public byte[] CIPHER_KeyWraporUnwrap(byte[] key, byte[] KEK, int type) + throws OCKException { + return NativeOCKImplementation.CIPHER_KeyWraporUnwrap(ockContext.getId(), key, KEK, type); + } + + @Override + public int z_kmc_native(byte[] input, int inputOffset, byte[] output, int outputOffset, long paramPointer, + int inputLength, int mode) { + return NativeOCKImplementation.z_kmc_native(input, inputOffset, output, outputOffset, paramPointer, inputLength, mode); + } + + @Override + public long POLY1305CIPHER_create(String cipher) throws OCKException { + return NativeOCKImplementation.POLY1305CIPHER_create(ockContext.getId(), cipher); + } + + @Override + public void POLY1305CIPHER_init(long ockCipherId, int isEncrypt, byte[] key, byte[] iv) throws OCKException { + NativeOCKImplementation.POLY1305CIPHER_init(ockContext.getId(), ockCipherId, isEncrypt, key, iv); + } + + @Override + public void POLY1305CIPHER_clean(long ockCipherId) throws OCKException { + NativeOCKImplementation.POLY1305CIPHER_clean(ockContext.getId(), ockCipherId); + } + + @Override + public void POLY1305CIPHER_setPadding(long ockCipherId, int paddingId) throws OCKException { + NativeOCKImplementation.POLY1305CIPHER_setPadding(ockContext.getId(), ockCipherId, paddingId); + } + + @Override + public int POLY1305CIPHER_getBlockSize(long ockCipherId) { + return NativeOCKImplementation.POLY1305CIPHER_getBlockSize(ockContext.getId(), ockCipherId); + } + + @Override + public int POLY1305CIPHER_getKeyLength(long ockCipherId) { + return NativeOCKImplementation.POLY1305CIPHER_getKeyLength(ockContext.getId(), ockCipherId); + } + + @Override + public int POLY1305CIPHER_getIVLength(long ockCipherId) { + return NativeOCKImplementation.POLY1305CIPHER_getIVLength(ockContext.getId(), ockCipherId); + } + + @Override + public int POLY1305CIPHER_getOID(long ockCipherId) { + return NativeOCKImplementation.POLY1305CIPHER_getOID(ockContext.getId(), ockCipherId); + } + + @Override + public int POLY1305CIPHER_encryptUpdate(long ockCipherId, byte[] plaintext, int plaintextOffset, int plaintextLen, + byte[] ciphertext, int ciphertextOffset) throws OCKException { + return NativeOCKImplementation.POLY1305CIPHER_encryptUpdate(ockContext.getId(), ockCipherId, + plaintext, plaintextOffset, plaintextLen, ciphertext, ciphertextOffset); + } + + @Override + public int POLY1305CIPHER_decryptUpdate(long ockCipherId, byte[] ciphertext, int cipherOffset, int cipherLen, + byte[] plaintext, int plaintextOffset) throws OCKException { + return NativeOCKImplementation.POLY1305CIPHER_decryptUpdate(ockContext.getId(), ockCipherId, + ciphertext, cipherOffset, cipherLen, plaintext, plaintextOffset); + } + + @Override + public int POLY1305CIPHER_encryptFinal(long ockCipherId, byte[] input, int inOffset, int inLen, byte[] ciphertext, + int ciphertextOffset, byte[] tag) throws OCKException { + return NativeOCKImplementation.POLY1305CIPHER_encryptFinal(ockContext.getId(), ockCipherId, + input, inOffset, inLen, ciphertext, ciphertextOffset, tag); + } + + @Override + public int POLY1305CIPHER_decryptFinal(long ockCipherId, byte[] ciphertext, int cipherOffset, int cipherLen, + byte[] plaintext, int plaintextOffset, byte[] tag) throws OCKException { + return NativeOCKImplementation.POLY1305CIPHER_decryptFinal(ockContext.getId(), ockCipherId, + ciphertext, cipherOffset, cipherLen, plaintext, plaintextOffset, tag); + } + + @Override + public void POLY1305CIPHER_delete(long ockCipherId) throws OCKException { + NativeOCKImplementation.POLY1305CIPHER_delete(ockContext.getId(), ockCipherId); + } + + @Override + public long do_GCM_checkHardwareGCMSupport() { + return NativeOCKImplementation.do_GCM_checkHardwareGCMSupport(ockContext.getId()); + } + + @Override + public int do_GCM_encryptFastJNI_WithHardwareSupport(int keyLen, int ivLen, int inOffset, int inLen, + int ciphertextOffset, int aadLen, int tagLen, long parameterBuffer, byte[] input, int inputOffset, + byte[] output, int outputOffset) throws OCKException { + return NativeOCKImplementation.do_GCM_encryptFastJNI_WithHardwareSupport(keyLen, ivLen, + inOffset, inLen, ciphertextOffset, aadLen, tagLen, parameterBuffer, + input, inputOffset, output, outputOffset); + } + + @Override + public int do_GCM_encryptFastJNI(long gcmCtx, int keyLen, int ivLen, int inOffset, int inLen, int ciphertextOffset, + int aadLen, int tagLen, long parameterBuffer, long inputBuffer, long outputBuffer) throws OCKException { + return NativeOCKImplementation.do_GCM_encryptFastJNI(ockContext.getId(), gcmCtx, keyLen, ivLen, inOffset, inLen, + ciphertextOffset, aadLen, tagLen, parameterBuffer, inputBuffer, outputBuffer); + } + + @Override + public int do_GCM_decryptFastJNI_WithHardwareSupport(int keyLen, int ivLen, int inOffset, int inLen, + int ciphertextOffset, int aadLen, int tagLen, long parameterBuffer, byte[] input, int inputOffset, + byte[] output, int outputOffset) throws OCKException { + return NativeOCKImplementation.do_GCM_decryptFastJNI_WithHardwareSupport(keyLen, ivLen, inOffset, inLen, + ciphertextOffset, aadLen, tagLen, parameterBuffer, input, inputOffset, output, outputOffset); + } + + @Override + public int do_GCM_decryptFastJNI(long gcmCtx, int keyLen, int ivLen, int ciphertextOffset, int ciphertextLen, + int plainOffset, int aadLen, int tagLen, long parameterBuffer, long inputBuffer, long outputBuffer) + throws OCKException { + return NativeOCKImplementation.do_GCM_decryptFastJNI(ockContext.getId(), gcmCtx, keyLen, ivLen, + ciphertextOffset, ciphertextLen, plainOffset, aadLen, tagLen, parameterBuffer, inputBuffer, outputBuffer); + } + + @Override + public int do_GCM_encrypt(long gcmCtx, byte[] key, int keyLen, byte[] iv, int ivLen, byte[] input, int inOffset, + int inLen, byte[] ciphertext, int ciphertextOffset, byte[] aad, int aadLen, byte[] tag, int tagLen) + throws OCKException { + return NativeOCKImplementation.do_GCM_encrypt(ockContext.getId(), gcmCtx, key, keyLen, iv, ivLen, + input, inOffset, inLen, ciphertext, ciphertextOffset, aad, aadLen, tag, tagLen); + } + + @Override + public int do_GCM_decrypt(long gcmCtx, byte[] key, int keyLen, byte[] iv, int ivLen, byte[] ciphertext, + int cipherOffset, int cipherLen, byte[] plaintext, int plaintextOffset, byte[] aad, int aadLen, int tagLen) + throws OCKException { + return NativeOCKImplementation.do_GCM_decrypt(ockContext.getId(), gcmCtx, key, keyLen, iv, ivLen, + ciphertext, cipherOffset, cipherLen, plaintext, plaintextOffset, aad, aadLen, tagLen); + } + + @Override + public int do_GCM_FinalForUpdateEncrypt(long gcmCtx, byte[] key, int keyLen, byte[] iv, int ivLen, byte[] input, + int inOffset, int inLen, byte[] ciphertext, int ciphertextOffset, byte[] aad, int aadLen, byte[] tag, + int tagLen) throws OCKException { + return NativeOCKImplementation.do_GCM_FinalForUpdateEncrypt(ockContext.getId(), gcmCtx, key, keyLen, iv, ivLen, + input, inOffset, inLen, ciphertext, ciphertextOffset, aad, aadLen, tag, tagLen); + } + + @Override + public int do_GCM_FinalForUpdateDecrypt(long gcmCtx, byte[] ciphertext, int cipherOffset, int cipherLen, + byte[] plaintext, int plaintextOffset, int plaintextlen, byte[] aad, int aadLen, int tagLen) + throws OCKException { + return NativeOCKImplementation.do_GCM_FinalForUpdateDecrypt(ockContext.getId(), gcmCtx, + ciphertext, cipherOffset, cipherLen, plaintext, plaintextOffset, plaintextlen, aad, aadLen, tagLen); + } + + @Override + public int do_GCM_UpdForUpdateEncrypt(long gcmCtx, byte[] input, int inOffset, int inLen, byte[] ciphertext, + int ciphertextOffset) throws OCKException { + return NativeOCKImplementation.do_GCM_UpdForUpdateEncrypt(ockContext.getId(), gcmCtx, + input, inOffset, inLen, ciphertext, ciphertextOffset); + } + + @Override + public int do_GCM_UpdForUpdateDecrypt(long gcmCtx, byte[] ciphertext, int cipherOffset, int cipherLen, + byte[] plaintext, int plaintextOffset) throws OCKException { + return NativeOCKImplementation.do_GCM_UpdForUpdateDecrypt(ockContext.getId(), gcmCtx, + ciphertext, cipherOffset, cipherLen, plaintext, plaintextOffset); + } + + @Override + public int do_GCM_InitForUpdateEncrypt(long gcmCtx, byte[] key, int keyLen, byte[] iv, int ivLen, byte[] aad, + int aadLen) throws OCKException { + return NativeOCKImplementation.do_GCM_InitForUpdateEncrypt(ockContext.getId(), gcmCtx, + key, keyLen, iv, ivLen, aad, aadLen); + } + + @Override + public int do_GCM_InitForUpdateDecrypt(long gcmCtx, byte[] key, int keyLen, byte[] iv, int ivLen, byte[] aad, + int aadLen) throws OCKException { + return NativeOCKImplementation.do_GCM_InitForUpdateDecrypt(ockContext.getId(), gcmCtx, + key, keyLen, iv, ivLen, aad, aadLen); + } + + @Override + public void do_GCM_delete() throws OCKException { + NativeOCKImplementation.do_GCM_delete(ockContext.getId()); + } + + @Override + public void free_GCM_ctx(long gcmContextId) throws OCKException { + NativeOCKImplementation.free_GCM_ctx(ockContext.getId(), gcmContextId); + } + + @Override + public long create_GCM_context() throws OCKException { + return NativeOCKImplementation.create_GCM_context(ockContext.getId()); + } + + @Override + public long do_CCM_checkHardwareCCMSupport() { + return NativeOCKImplementation.do_CCM_checkHardwareCCMSupport(ockContext.getId()); + } + + @Override + public int do_CCM_encryptFastJNI_WithHardwareSupport(int keyLen, int ivLen, int inOffset, int inLen, + int ciphertextOffset, int aadLen, int tagLen, long parameterBuffer, byte[] input, int inputOffset, + byte[] output, int outputOffset) throws OCKException { + return NativeOCKImplementation.do_CCM_encryptFastJNI_WithHardwareSupport(keyLen, ivLen, inOffset, inLen, + ciphertextOffset, aadLen, tagLen, parameterBuffer, input, inputOffset, output, outputOffset); + } + + @Override + public int do_CCM_encryptFastJNI(int keyLen, int ivLen, int inLen, int ciphertextLen, int aadLen, int tagLen, + long parameterBuffer, long inputBuffer, long outputBuffer) throws OCKException { + return NativeOCKImplementation.do_CCM_encryptFastJNI(ockContext.getId(), keyLen, ivLen, inLen, + ciphertextLen, aadLen, tagLen, parameterBuffer, inputBuffer, outputBuffer); + } + + @Override + public int do_CCM_decryptFastJNI_WithHardwareSupport(int keyLen, int ivLen, int inOffset, int inLen, + int ciphertextOffset, int aadLen, int tagLen, long parameterBuffer, byte[] input, int inputOffset, + byte[] output, int outputOffset) throws OCKException { + return NativeOCKImplementation.do_CCM_decryptFastJNI_WithHardwareSupport(keyLen, ivLen, inOffset, inLen, + ciphertextOffset, aadLen, tagLen, parameterBuffer, input, inputOffset, output, outputOffset); + } + + @Override + public int do_CCM_decryptFastJNI(int keyLen, int ivLen, int ciphertextLen, int plaintextLen, int aadLen, int tagLen, + long parameterBuffer, long inputBuffer, long outputBuffer) throws OCKException { + return NativeOCKImplementation.do_CCM_decryptFastJNI(ockContext.getId(), keyLen, ivLen, ciphertextLen, + plaintextLen, aadLen, tagLen, parameterBuffer, inputBuffer, outputBuffer); + } + + @Override + public int do_CCM_encrypt(byte[] iv, int ivLen, byte[] key, int keyLen, byte[] aad, int aadLen, byte[] input, + int inLen, byte[] ciphertext, int ciphertextLen, int tagLen) throws OCKException { + return NativeOCKImplementation.do_CCM_encrypt(ockContext.getId(), iv, ivLen, key, keyLen, + aad, aadLen, input, inLen, ciphertext, ciphertextLen, tagLen); + } + + @Override + public int do_CCM_decrypt(byte[] iv, int ivLen, byte[] key, int keyLen, byte[] aad, int aadLen, byte[] ciphertext, + int ciphertextLength, byte[] plaintext, int plaintextLength, int tagLen) throws OCKException { + return NativeOCKImplementation.do_CCM_decrypt(ockContext.getId(), iv, ivLen, key, keyLen, + aad, aadLen, ciphertext, ciphertextLength, plaintext, plaintextLength, tagLen); + } + + @Override + public void do_CCM_delete() throws OCKException { + NativeOCKImplementation.do_CCM_delete(ockContext.getId()); + } + + @Override + public int RSACIPHER_public_encrypt(long rsaKeyId, int rsaPaddingId, byte[] plaintext, int plaintextOffset, + int plaintextLen, byte[] ciphertext, int ciphertextOffset) throws OCKException { + return NativeOCKImplementation.RSACIPHER_public_encrypt(ockContext.getId(), rsaKeyId, rsaPaddingId, + plaintext, plaintextOffset, plaintextLen, ciphertext, ciphertextOffset); + } + + @Override + public int RSACIPHER_private_encrypt(long rsaKeyId, int rsaPaddingId, byte[] plaintext, int plaintextOffset, + int plaintextLen, byte[] ciphertext, int ciphertextOffset, boolean convertKey) throws OCKException { + return NativeOCKImplementation.RSACIPHER_private_encrypt(ockContext.getId(), rsaKeyId, rsaPaddingId, + plaintext, plaintextOffset, plaintextLen, ciphertext, ciphertextOffset, convertKey); + } + + @Override + public int RSACIPHER_public_decrypt(long rsaKeyId, int rsaPaddingId, byte[] ciphertext, int ciphertextOffset, + int ciphertextLen, byte[] plaintext, int plaintextOffset) throws OCKException { + return NativeOCKImplementation.RSACIPHER_public_decrypt(ockContext.getId(), rsaKeyId, rsaPaddingId, + ciphertext, ciphertextOffset, ciphertextLen, plaintext, plaintextOffset); + } + + @Override + public int RSACIPHER_private_decrypt(long rsaKeyId, int rsaPaddingId, byte[] ciphertext, int ciphertextOffset, + int ciphertextLen, byte[] plaintext, int plaintextOffset, boolean convertKey) throws OCKException { + return NativeOCKImplementation.RSACIPHER_private_decrypt(ockContext.getId(), rsaKeyId, rsaPaddingId, + ciphertext, ciphertextOffset, ciphertextLen, plaintext, plaintextOffset, convertKey); + } + + @Override + public long DHKEY_generate(int numBits) throws OCKException { + return NativeOCKImplementation.DHKEY_generate(ockContext.getId(), numBits); + } + + @Override + public byte[] DHKEY_generateParameters(int numBits) { + return NativeOCKImplementation.DHKEY_generateParameters(ockContext.getId(), numBits); + } + + @Override + public long DHKEY_generate(byte[] dhParameters) throws OCKException { + return NativeOCKImplementation.DHKEY_generate(ockContext.getId(), dhParameters); + } + + @Override + public long DHKEY_createPrivateKey(byte[] privateKeyBytes) throws OCKException { + return NativeOCKImplementation.DHKEY_createPrivateKey(ockContext.getId(), privateKeyBytes); + } + + @Override + public long DHKEY_createPublicKey(byte[] publicKeyBytes) throws OCKException { + return NativeOCKImplementation.DHKEY_createPublicKey(ockContext.getId(), publicKeyBytes); + } + + @Override + public byte[] DHKEY_getParameters(long dhKeyId) { + return NativeOCKImplementation.DHKEY_getParameters(ockContext.getId(), dhKeyId); + } + + @Override + public byte[] DHKEY_getPrivateKeyBytes(long dhKeyId) throws OCKException { + return NativeOCKImplementation.DHKEY_getPrivateKeyBytes(ockContext.getId(), dhKeyId); + } + + @Override + public byte[] DHKEY_getPublicKeyBytes(long dhKeyId) throws OCKException { + return NativeOCKImplementation.DHKEY_getPublicKeyBytes(ockContext.getId(), dhKeyId); + } + + @Override + public long DHKEY_createPKey(long dhKeyId) throws OCKException { + return NativeOCKImplementation.DHKEY_createPKey(ockContext.getId(), dhKeyId); + } + + @Override + public byte[] DHKEY_computeDHSecret(long pubKeyId, long privKeyId) throws OCKException { + return NativeOCKImplementation.DHKEY_computeDHSecret(ockContext.getId(), pubKeyId, privKeyId); + } + + @Override + public void DHKEY_delete(long dhKeyId) throws OCKException { + NativeOCKImplementation.DHKEY_delete(ockContext.getId(), dhKeyId); + } + + @Override + public long RSAKEY_generate(int numBits, long e) throws OCKException { + return NativeOCKImplementation.RSAKEY_generate(ockContext.getId(), numBits, e); + } + + @Override + public long RSAKEY_createPrivateKey(byte[] privateKeyBytes) throws OCKException { + return NativeOCKImplementation.RSAKEY_createPrivateKey(ockContext.getId(), privateKeyBytes); + } + + @Override + public long RSAKEY_createPublicKey(byte[] publicKeyBytes) throws OCKException { + return NativeOCKImplementation.RSAKEY_createPublicKey(ockContext.getId(), publicKeyBytes); + } + + @Override + public byte[] RSAKEY_getPrivateKeyBytes(long rsaKeyId) throws OCKException { + return NativeOCKImplementation.RSAKEY_getPrivateKeyBytes(ockContext.getId(), rsaKeyId); + } + + @Override + public byte[] RSAKEY_getPublicKeyBytes(long rsaKeyId) throws OCKException { + return NativeOCKImplementation.RSAKEY_getPublicKeyBytes(ockContext.getId(), rsaKeyId); + } + + @Override + public long RSAKEY_createPKey(long rsaKeyId) throws OCKException { + return NativeOCKImplementation.RSAKEY_createPKey(ockContext.getId(), rsaKeyId); + } + + @Override + public int RSAKEY_size(long rsaKeyId) { + return NativeOCKImplementation.RSAKEY_size(ockContext.getId(), rsaKeyId); + } + + @Override + public void RSAKEY_delete(long rsaKeyId) { + NativeOCKImplementation.RSAKEY_delete(ockContext.getId(), rsaKeyId); + } + + @Override + public long DSAKEY_generate(int numBits) throws OCKException { + return NativeOCKImplementation.DSAKEY_generate(ockContext.getId(), numBits); + } + + @Override + public byte[] DSAKEY_generateParameters(int numBits) { + return NativeOCKImplementation.DSAKEY_generateParameters(ockContext.getId(), numBits); + } + + @Override + public long DSAKEY_generate(byte[] dsaParameters) throws OCKException { + return NativeOCKImplementation.DSAKEY_generate(ockContext.getId(), dsaParameters); + } + + @Override + public long DSAKEY_createPrivateKey(byte[] privateKeyBytes) throws OCKException { + return NativeOCKImplementation.DSAKEY_createPrivateKey(ockContext.getId(), privateKeyBytes); + } + + @Override + public long DSAKEY_createPublicKey(byte[] publicKeyBytes) throws OCKException { + return NativeOCKImplementation.DSAKEY_createPublicKey(ockContext.getId(), publicKeyBytes); + } + + @Override + public byte[] DSAKEY_getParameters(long dsaKeyId) { + return NativeOCKImplementation.DSAKEY_getParameters(ockContext.getId(), dsaKeyId); + } + + @Override + public byte[] DSAKEY_getPrivateKeyBytes(long dsaKeyId) throws OCKException { + return NativeOCKImplementation.DSAKEY_getPrivateKeyBytes(ockContext.getId(), dsaKeyId); + } + + @Override + public byte[] DSAKEY_getPublicKeyBytes(long dsaKeyId) throws OCKException { + return NativeOCKImplementation.DSAKEY_getPublicKeyBytes(ockContext.getId(), dsaKeyId); + } + + @Override + public long DSAKEY_createPKey(long dsaKeyId) throws OCKException { + return NativeOCKImplementation.DSAKEY_createPKey(ockContext.getId(), dsaKeyId); + } + + @Override + public void DSAKEY_delete(long dsaKeyId) throws OCKException { + NativeOCKImplementation.DSAKEY_delete(ockContext.getId(), dsaKeyId); + } + + @Override + public void PKEY_delete(long pkeyId) throws OCKException { + NativeOCKImplementation.PKEY_delete(ockContext.getId(), pkeyId); + } + + @Override + public long DIGEST_create(String digestAlgo) throws OCKException { + return NativeOCKImplementation.DIGEST_create(ockContext.getId(), digestAlgo); + } + + @Override + public long DIGEST_copy(long digestId) throws OCKException { + return NativeOCKImplementation.DIGEST_copy(ockContext.getId(), digestId); + } + + @Override + public int DIGEST_update(long digestId, byte[] input, int offset, int length) throws OCKException { + return NativeOCKImplementation.DIGEST_update(ockContext.getId(), digestId, input, offset, length); + } + + @Override + public void DIGEST_updateFastJNI(long digestId, long inputBuffer, int length) throws OCKException { + NativeOCKImplementation.DIGEST_updateFastJNI(ockContext.getId(), digestId, inputBuffer, length); + } + + @Override + public byte[] DIGEST_digest(long digestId) throws OCKException { + return NativeOCKImplementation.DIGEST_digest(ockContext.getId(), digestId); + } + + @Override + public void DIGEST_digest_and_reset(long digestId, long outputBuffer, int length) throws OCKException { + NativeOCKImplementation.DIGEST_digest_and_reset(ockContext.getId(), digestId, outputBuffer, length); + } + + @Override + public int DIGEST_digest_and_reset(long digestId, byte[] output) throws OCKException { + return NativeOCKImplementation.DIGEST_digest_and_reset(ockContext.getId(), digestId, output); + } + + @Override + public int DIGEST_size(long digestId) throws OCKException { + return NativeOCKImplementation.DIGEST_size(ockContext.getId(), digestId); + } + + @Override + public void DIGEST_reset(long digestId) throws OCKException { + NativeOCKImplementation.DIGEST_reset(ockContext.getId(), digestId); + } + + @Override + public void DIGEST_delete(long digestId) throws OCKException { + NativeOCKImplementation.DIGEST_delete(ockContext.getId(), digestId); + } + + @Override + public byte[] SIGNATURE_sign(long digestId, long pkeyId, boolean convert) throws OCKException { + return NativeOCKImplementation.SIGNATURE_sign(ockContext.getId(), digestId, pkeyId, convert); + } + + @Override + public boolean SIGNATURE_verify(long digestId, long pkeyId, byte[] sigBytes) throws OCKException { + return NativeOCKImplementation.SIGNATURE_verify(ockContext.getId(), digestId, pkeyId, sigBytes); + } + + @Override + public byte[] SIGNATUREEdDSA_signOneShot(long pkeyId, byte[] bytes) throws OCKException { + return NativeOCKImplementation.SIGNATUREEdDSA_signOneShot(ockContext.getId(), pkeyId, bytes); + } + + @Override + public boolean SIGNATUREEdDSA_verifyOneShot(long pkeyId, byte[] sigBytes, byte[] oneShot) throws OCKException { + return NativeOCKImplementation.SIGNATUREEdDSA_verifyOneShot(ockContext.getId(), pkeyId, sigBytes, oneShot); + } + + @Override + public int RSAPSS_signInit(long rsaPssId, long pkeyId, int saltlen, boolean convert) throws OCKException { + return NativeOCKImplementation.RSAPSS_signInit(ockContext.getId(), rsaPssId, pkeyId, saltlen, convert); + } + + @Override + public int RSAPSS_verifyInit(long rsaPssId, long pkeyId, int saltlen) throws OCKException { + return NativeOCKImplementation.RSAPSS_verifyInit(ockContext.getId(), rsaPssId, pkeyId, saltlen); + } + + @Override + public int RSAPSS_getSigLen(long rsaPssId) { + return NativeOCKImplementation.RSAPSS_getSigLen(ockContext.getId(), rsaPssId); + } + + @Override + public void RSAPSS_signFinal(long rsaPssId, byte[] signature, int length) throws OCKException { + NativeOCKImplementation.RSAPSS_signFinal(ockContext.getId(), rsaPssId, signature, length); + } + + @Override + public boolean RSAPSS_verifyFinal(long rsaPssId, byte[] sigBytes, int length) throws OCKException { + return NativeOCKImplementation.RSAPSS_verifyFinal(ockContext.getId(), rsaPssId, sigBytes, length); + } + + @Override + public long RSAPSS_createContext(String digestAlgo, String mgf1SpecAlgo) throws OCKException { + return NativeOCKImplementation.RSAPSS_createContext(ockContext.getId(), digestAlgo, mgf1SpecAlgo); + } + + @Override + public void RSAPSS_releaseContext(long rsaPssId) throws OCKException { + NativeOCKImplementation.RSAPSS_releaseContext(ockContext.getId(), rsaPssId); + } + + @Override + public void RSAPSS_digestUpdate(long rsaPssId, byte[] input, int offset, int length) throws OCKException { + NativeOCKImplementation.RSAPSS_digestUpdate(ockContext.getId(), rsaPssId, input, offset, length); + } + + @Override + public void RSAPSS_reset(long digestId) throws OCKException { + NativeOCKImplementation.RSAPSS_reset(ockContext.getId(), digestId); + } + + @Override + public void RSAPSS_resetDigest(long rsaPssId) throws OCKException { + NativeOCKImplementation.RSAPSS_resetDigest(ockContext.getId(), rsaPssId); + } + + @Override + public byte[] DSANONE_SIGNATURE_sign(byte[] digest, long dsaKeyId) throws OCKException { + return NativeOCKImplementation.DSANONE_SIGNATURE_sign(ockContext.getId(), digest, dsaKeyId); + } + + @Override + public boolean DSANONE_SIGNATURE_verify(byte[] digest, long dsaKeyId, byte[] sigBytes) throws OCKException { + return NativeOCKImplementation.DSANONE_SIGNATURE_verify(ockContext.getId(), digest, dsaKeyId, sigBytes); + } + + @Override + public byte[] RSASSL_SIGNATURE_sign(byte[] digest, long rsaKeyId) throws OCKException { + return NativeOCKImplementation.RSASSL_SIGNATURE_sign(ockContext.getId(), digest, rsaKeyId); + } + + @Override + public boolean RSASSL_SIGNATURE_verify(byte[] digest, long rsaKeyId, byte[] sigBytes, boolean convert) + throws OCKException { + return NativeOCKImplementation.RSASSL_SIGNATURE_verify(ockContext.getId(), digest, rsaKeyId, sigBytes, convert); + } + + @Override + public long HMAC_create(String digestAlgo) throws OCKException { + return NativeOCKImplementation.HMAC_create(ockContext.getId(), digestAlgo); + } + + @Override + public int HMAC_update(long hmacId, byte[] key, int keyLength, byte[] input, int inputOffset, int inputLength, + boolean needInit) throws OCKException { + return NativeOCKImplementation.HMAC_update(ockContext.getId(), hmacId, key, keyLength, + input, inputOffset, inputLength, needInit); + } + + @Override + public int HMAC_doFinal(long hmacId, byte[] key, int keyLength, byte[] hmac, boolean needInit) throws OCKException { + return NativeOCKImplementation.HMAC_doFinal(ockContext.getId(), hmacId, key, keyLength, hmac, needInit); + } + + @Override + public int HMAC_size(long hmacId) throws OCKException { + return NativeOCKImplementation.HMAC_size(ockContext.getId(), hmacId); + } + + @Override + public void HMAC_delete(long hmacId) throws OCKException { + NativeOCKImplementation.HMAC_delete(ockContext.getId(), hmacId); + } + + @Override + public long ECKEY_generate(int numBits) throws OCKException { + return NativeOCKImplementation.ECKEY_generate(ockContext.getId(), numBits); + } + + @Override + public long ECKEY_generate(String curveOid) throws OCKException { + return NativeOCKImplementation.ECKEY_generate(ockContext.getId(), curveOid); + } + + @Override + public long XECKEY_generate(int option, long bufferPtr) throws OCKException { + return NativeOCKImplementation.XECKEY_generate(ockContext.getId(), option, bufferPtr); + } + + @Override + public byte[] ECKEY_generateParameters(int numBits) throws OCKException { + return NativeOCKImplementation.ECKEY_generateParameters(ockContext.getId(), numBits); + } + + @Override + public byte[] ECKEY_generateParameters(String curveOid) throws OCKException { + return NativeOCKImplementation.ECKEY_generateParameters(ockContext.getId(), curveOid); + } + + @Override + public long ECKEY_generate(byte[] ecParameters) throws OCKException { + return NativeOCKImplementation.ECKEY_generate(ockContext.getId(), ecParameters); + } + + @Override + public long ECKEY_createPrivateKey(byte[] privateKeyBytes) throws OCKException { + return NativeOCKImplementation.ECKEY_createPrivateKey(ockContext.getId(), privateKeyBytes); + } + + @Override + public long XECKEY_createPrivateKey(byte[] privateKeyBytes, long bufferPtr) throws OCKException { + return NativeOCKImplementation.XECKEY_createPrivateKey(ockContext.getId(), privateKeyBytes, bufferPtr); + } + + @Override + public long ECKEY_createPublicKey(byte[] publicKeyBytes, byte[] parameterBytes) throws OCKException { + return NativeOCKImplementation.ECKEY_createPublicKey(ockContext.getId(), publicKeyBytes, parameterBytes); + } + + @Override + public long XECKEY_createPublicKey(byte[] publicKeyBytes) throws OCKException { + return NativeOCKImplementation.XECKEY_createPublicKey(ockContext.getId(), publicKeyBytes); + } + + @Override + public byte[] ECKEY_getParameters(long ecKeyId) { + return NativeOCKImplementation.ECKEY_getParameters(ockContext.getId(), ecKeyId); + } + + @Override + public byte[] ECKEY_getPrivateKeyBytes(long ecKeyId) throws OCKException { + return NativeOCKImplementation.ECKEY_getPrivateKeyBytes(ockContext.getId(), ecKeyId); + } + + @Override + public byte[] XECKEY_getPrivateKeyBytes(long xecKeyId) throws OCKException { + return NativeOCKImplementation.XECKEY_getPrivateKeyBytes(ockContext.getId(), xecKeyId); + } + + @Override + public byte[] ECKEY_getPublicKeyBytes(long ecKeyId) throws OCKException { + return NativeOCKImplementation.ECKEY_getPublicKeyBytes(ockContext.getId(), ecKeyId); + } + + @Override + public byte[] XECKEY_getPublicKeyBytes(long xecKeyId) throws OCKException { + return NativeOCKImplementation.XECKEY_getPublicKeyBytes(ockContext.getId(), xecKeyId); + } + + @Override + public long ECKEY_createPKey(long ecKeyId) throws OCKException { + return NativeOCKImplementation.ECKEY_createPKey(ockContext.getId(), ecKeyId); + } + + @Override + public void ECKEY_delete(long ecKeyId) throws OCKException { + NativeOCKImplementation.ECKEY_delete(ockContext.getId(), ecKeyId); + } + + @Override + public void XECKEY_delete(long xecKeyId) throws OCKException { + NativeOCKImplementation.XECKEY_delete(ockContext.getId(), xecKeyId); + } + + @Override + public long XDHKeyAgreement_init(long privId) { + return NativeOCKImplementation.XDHKeyAgreement_init(ockContext.getId(), privId); + } + + @Override + public void XDHKeyAgreement_setPeer(long genCtx, long pubId) { + NativeOCKImplementation.XDHKeyAgreement_setPeer(ockContext.getId(), genCtx, pubId); + } + + @Override + public byte[] ECKEY_computeECDHSecret(long pubEcKeyId, long privEcKeyId) throws OCKException { + return NativeOCKImplementation.ECKEY_computeECDHSecret(ockContext.getId(), pubEcKeyId, privEcKeyId); + } + + @Override + public byte[] XECKEY_computeECDHSecret(long genCtx, long pubEcKeyId, long privEcKeyId, int secrectBufferSize) + throws OCKException { + return NativeOCKImplementation.XECKEY_computeECDHSecret(ockContext.getId(), genCtx, pubEcKeyId, privEcKeyId, secrectBufferSize); + } + + @Override + public byte[] ECKEY_signDatawithECDSA(byte[] digestBytes, int digestBytesLen, long ecPrivateKeyId) + throws OCKException { + return NativeOCKImplementation.ECKEY_signDatawithECDSA(ockContext.getId(), digestBytes, digestBytesLen, ecPrivateKeyId); + } + + @Override + public boolean ECKEY_verifyDatawithECDSA(byte[] digestBytes, int digestBytesLen, byte[] sigBytes, int sigBytesLen, + long ecPublicKeyId) throws OCKException { + return NativeOCKImplementation.ECKEY_verifyDatawithECDSA(ockContext.getId(), digestBytes, digestBytesLen, + sigBytes, sigBytesLen, ecPublicKeyId); + } + + @Override + public long HKDF_create(String digestAlgo) throws OCKException { + return NativeOCKImplementation.HKDF_create(ockContext.getId(), digestAlgo); + } + + @Override + public byte[] HKDF_extract(long hkdfId, byte[] saltBytes, long saltLen, byte[] inKey, long inKeyLen) + throws OCKException { + return NativeOCKImplementation.HKDF_extract(ockContext.getId(), hkdfId, saltBytes, saltLen, inKey, inKeyLen); + } + + @Override + public byte[] HKDF_expand(long hkdfId, byte[] prkBytes, long prkBytesLen, byte[] info, long infoLen, long okmLen) + throws OCKException { + return NativeOCKImplementation.HKDF_expand(ockContext.getId(), hkdfId, prkBytes, prkBytesLen, info, infoLen, okmLen); + } + + @Override + public byte[] HKDF_derive(long hkdfId, byte[] saltBytes, long saltLen, byte[] inKey, long inKeyLen, byte[] info, + long infoLen, long okmLen) throws OCKException { + return NativeOCKImplementation.HKDF_derive(ockContext.getId(), hkdfId, + saltBytes, saltLen, inKey, inKeyLen, info, infoLen, okmLen); + } + + @Override + public void HKDF_delete(long hkdfId) throws OCKException { + NativeOCKImplementation.HKDF_delete(ockContext.getId(), hkdfId); + } + + @Override + public int HKDF_size(long hkdfId) throws OCKException { + return NativeOCKImplementation.HKDF_size(ockContext.getId(), hkdfId); + } + + @Override + public byte[] PBKDF2_derive(String hashAlgorithm, byte[] password, byte[] salt, int iterations, int keyLength) + throws OCKException { + return NativeOCKImplementation.PBKDF2_derive(ockContext.getId(), hashAlgorithm, password, salt, iterations, keyLength); + } + + @Override + public long MLKEY_generate(String cipherName) + throws OCKException { + return NativeOCKImplementation.MLKEY_generate(ockContext.getId(), cipherName); + } + + @Override + public long MLKEY_createPrivateKey(String cipherName, byte[] privateKeyBytes) + throws OCKException { + return NativeOCKImplementation.MLKEY_createPrivateKey(ockContext.getId(), cipherName, privateKeyBytes); + } + + @Override + public long MLKEY_createPublicKey(String cipherName, byte[] publicKeyBytes) + throws OCKException { + return NativeOCKImplementation.MLKEY_createPublicKey(ockContext.getId(), cipherName, publicKeyBytes); + } + + @Override + public byte[] MLKEY_getPrivateKeyBytes(long mlkeyId) + throws OCKException { + return NativeOCKImplementation.MLKEY_getPrivateKeyBytes(ockContext.getId(), mlkeyId); + } + + @Override + public byte[] MLKEY_getPublicKeyBytes(long mlkeyId) + throws OCKException { + return NativeOCKImplementation.MLKEY_getPublicKeyBytes(ockContext.getId(), mlkeyId); + } + + @Override + public void MLKEY_delete(long mlkeyId) { + NativeOCKImplementation.MLKEY_delete(ockContext.getId(), mlkeyId); + } + + @Override + public void KEM_encapsulate(long ockPKeyId, byte[] wrappedKey, byte[] randomKey) + throws OCKException { + NativeOCKImplementation.KEM_encapsulate(ockContext.getId(), ockPKeyId, wrappedKey, randomKey); + } + + @Override + public byte[] KEM_decapsulate(long ockPKeyId, byte[] wrappedKey) + throws OCKException { + return NativeOCKImplementation.KEM_decapsulate(ockContext.getId(), ockPKeyId, wrappedKey); + } + + @Override + public byte[] PQC_SIGNATURE_sign(long ockPKeyId, byte[] data) + throws OCKException { + return NativeOCKImplementation.PQC_SIGNATURE_sign(ockContext.getId(), ockPKeyId, data); + } + + @Override + public boolean PQC_SIGNATURE_verify(long ockPKeyId, byte[] sigBytes, byte[] data) + throws OCKException { + return NativeOCKImplementation.PQC_SIGNATURE_verify(ockContext.getId(), ockPKeyId, sigBytes, data); + } +} diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapterFIPS.java b/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapterFIPS.java new file mode 100644 index 000000000..6226d6996 --- /dev/null +++ b/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapterFIPS.java @@ -0,0 +1,81 @@ +/* + * Copyright IBM Corp. 2025 + * + * This code is free software; you can redistribute it and/or modify it + * under the terms provided by IBM in the LICENSE file that accompanied + * this code, including the "Classpath" Exception described therein. + */ + +package com.ibm.crypto.plus.provider.ock; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import sun.security.util.Debug; + +public class NativeOCKAdapterFIPS extends NativeOCKAdapter { + private static final boolean printFipsDeveloperModeWarning = Boolean.parseBoolean(System.getProperty("openjceplus.fips.devmodewarn", "true")); + + // User enabled debugging + private static final String DEBUG_VALUE = "jceplus"; + private static Debug debug = Debug.getInstance(DEBUG_VALUE); + + private static final boolean isFIPSCertifiedPlatform; + private static final Map> supportedPlatforms = new HashMap<>(); + private static final String osName; + private static final String osArch; + + static { + supportedPlatforms.put("Arch", List.of("amd64", "ppc64", "s390x")); + supportedPlatforms.put("OS", List.of("Linux", "AIX", "Windows")); + + osName = System.getProperty("os.name"); + osArch = System.getProperty("os.arch");; + + boolean isOsSupported, isArchSupported; + // Check whether the OpenJCEPlus FIPS is supported. + isOsSupported = false; + for (String os: supportedPlatforms.get("OS")) { + if (osName.contains(os)) { + isOsSupported = true; + break; + } + } + isArchSupported = false; + for (String arch: supportedPlatforms.get("Arch")) { + if (osArch.contains(arch)) { + isArchSupported = true; + break; + } + } + isFIPSCertifiedPlatform = isOsSupported && isArchSupported; + } + + private static volatile NativeOCKAdapterFIPS instance = null; + + private NativeOCKAdapterFIPS(boolean useFIPSMode) { + super(useFIPSMode); + } + + public static NativeOCKAdapterFIPS getInstance() { + if (instance == null) { + boolean useFIPSMode = checkFIPSMode(); + instance = new NativeOCKAdapterFIPS(useFIPSMode); + } + + return instance; + } + + private static boolean checkFIPSMode() { + if (!isFIPSCertifiedPlatform) { + if (printFipsDeveloperModeWarning) { + System.out.println("WARNING: OpenJCEPlusFIPS is about to load non FIPS 140-3 library!"); + } + if (debug != null) { + debug.println("WARNING: OpenJCEPlusFIPS is about to load non FIPS 140-3 library!"); + } + return false; + } + return true; + } +} diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapterNonFIPS.java b/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapterNonFIPS.java new file mode 100644 index 000000000..93ede005f --- /dev/null +++ b/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKAdapterNonFIPS.java @@ -0,0 +1,26 @@ +/* + * Copyright IBM Corp. 2025 + * + * This code is free software; you can redistribute it and/or modify it + * under the terms provided by IBM in the LICENSE file that accompanied + * this code, including the "Classpath" Exception described therein. + */ + +package com.ibm.crypto.plus.provider.ock; + +public class NativeOCKAdapterNonFIPS extends NativeOCKAdapter { + private static NativeOCKAdapterNonFIPS instance = null; + + private NativeOCKAdapterNonFIPS() { + super(false); + } + + public static NativeOCKAdapterNonFIPS getInstance() { + if (instance == null) { + instance = new NativeOCKAdapterNonFIPS(); + } + + return instance; + } + +} diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/NativeInterface.java b/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKImplementation.java similarity index 91% rename from src/main/java/com/ibm/crypto/plus/provider/ock/NativeInterface.java rename to src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKImplementation.java index c46f75eba..56ec04a49 100644 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/NativeInterface.java +++ b/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKImplementation.java @@ -8,14 +8,13 @@ package com.ibm.crypto.plus.provider.ock; -import java.io.BufferedReader; +import com.ibm.crypto.plus.provider.base.OCKException; import java.io.File; -import java.io.FileReader; import java.nio.ByteBuffer; import java.security.ProviderException; import sun.security.util.Debug; -final class NativeInterface { +final class NativeOCKImplementation { // User enabled debugging private static Debug debug = Debug.getInstance("jceplus"); @@ -29,7 +28,7 @@ final class NativeInterface { // If OCK is dynamically loaded, whether to require that OCK be // pre-loaded. // - private static boolean requirePreloadOCK = true; + static boolean requirePreloadOCK = true; // Default ock core library name // @@ -196,93 +195,6 @@ private static boolean loadIfExists(File libraryFile) { return false; } - static void validateLibraryLocation(OCKContext context) throws ProviderException, OCKException { - if (requirePreloadOCK == false) { - // If we are not requiring OCK to be pre-loaded, then it does not need to be - // loaded from the JRE location - // - return; - } - - try { - // Check to make sure that the OCK install path is within the JRE - // - String ockLoadPath = new File(getOCKLoadPath()).getCanonicalPath(); - String ockInstallPath = new File(context.getOCKInstallPath()).getCanonicalPath(); - - if (debug != null) { - debug.println("dependent library load path : " + ockLoadPath); - debug.println("dependent library install path : " + ockInstallPath); - } - - if (ockInstallPath.startsWith(ockLoadPath) == false) { - String exceptionMessage = "Dependent library was loaded from an external location"; - - if (debug != null) { - exceptionMessage = "Dependent library was loaded from " + ockInstallPath; - } - - throw new ProviderException(exceptionMessage); - } - } catch (java.io.IOException e) { - throw new ProviderException("Failed to validate dependent library", e); - } - } - - static void validateLibraryVersion(OCKContext context) throws ProviderException, OCKException { - if (requirePreloadOCK == false) { - // If we are not requiring OCK to be pre-loaded, then it does not need to be - // a specific version - // - return; - } - - String expectedVersion = getExpectedLibraryVersion(context); - String actualVersion = context.getOCKVersion(); - - if (expectedVersion == null) { - throw new ProviderException( - "Could not not determine expected version of dependent library"); - } else if (expectedVersion.equals(actualVersion) == false) { - throw new ProviderException("Expected depdendent library version " + expectedVersion - + ", got " + actualVersion); - } - } - - private static String getExpectedLibraryVersion(OCKContext context) { - String ockLoadPath = getOCKLoadPath(); - String ockSigFileName; - if (context.isFIPS()) { - ockSigFileName = ockLoadPath + File.separator + "C" + File.separator + "icc" - + File.separator + "icclib" + File.separator + "ICCSIG.txt"; - } else { - ockSigFileName = ockLoadPath + File.separator + "N" + File.separator + "icc" - + File.separator + "icclib" + File.separator + "ICCSIG.txt"; - } - BufferedReader br = null; - try { - String line; - String versionMarker = "# ICC Version "; - br = new BufferedReader(new FileReader(ockSigFileName)); - while ((line = br.readLine()) != null) { - if (line.startsWith(versionMarker)) { - String version = line.substring(versionMarker.length()).trim(); - return version; - } - } - } catch (Exception e) { - } finally { - if (br != null) { - try { - br.close(); - } catch (Exception e) { - } - } - } - - return null; - } - // ========================================================================= // General functions // ========================================================================= @@ -366,7 +278,7 @@ static public native int CIPHER_decryptFinal(long ockContextId, long ockCipherId static public native void CIPHER_delete(long ockContextId, long ockCipherId) throws OCKException; - + static public native byte[] CIPHER_KeyWraporUnwrap(long ockContextId, byte[] key, byte[] KEK, int type) throws OCKException; diff --git a/src/main/java/com/ibm/crypto/plus/provider/ock/OCKContext.java b/src/main/java/com/ibm/crypto/plus/provider/ock/OCKContext.java deleted file mode 100644 index 9906e3eb6..000000000 --- a/src/main/java/com/ibm/crypto/plus/provider/ock/OCKContext.java +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright IBM Corp. 2023 - * - * This code is free software; you can redistribute it and/or modify it - * under the terms provided by IBM in the LICENSE file that accompanied - * this code, including the "Classpath" Exception described therein. - */ - -package com.ibm.crypto.plus.provider.ock; - -public final class OCKContext { - // These code values must match those defined in Context.h. - // - private static final int VALUE_ID_FIPS_APPROVED_MODE = 0; - private static final int VALUE_OCK_INSTALL_PATH = 1; - private static final int VALUE_OCK_VERSION = 2; - - // The following is a special String instance to indicate that a - // value has not yet been obtained. We do this because some values - // may be null and we only want to query the value one time. - // - static final String unobtainedValue = new String(); - - // whether to validate OCK was loaded from JRE location - private static final boolean validateOCKLocation = true; - - // whether to validate OCK version of load library matches version in ICCSIG.txt - private static final boolean validateOCKVersion = false; - - private long ockContextId; - private boolean isFIPS; - private String ockVersion = unobtainedValue; - private String ockInstallPath = unobtainedValue; - - private static String libraryBuildDate = unobtainedValue; - - public static OCKContext createContext(boolean isFIPS) throws OCKException { - long ockContextId = NativeInterface.initializeOCK(isFIPS); - - OCKContext context = new OCKContext(ockContextId, isFIPS); - - if (validateOCKLocation) { - NativeInterface.validateLibraryLocation(context); - } - - if (validateOCKVersion) { - NativeInterface.validateLibraryVersion(context); - } - - return context; - } - - private OCKContext(long ockContextId, boolean isFIPS) { - this.ockContextId = ockContextId; - this.isFIPS = isFIPS; - } - - public long getId() { - return ockContextId; - } - - public boolean isFIPS() { - return isFIPS; - } - - public String getOCKVersion() throws OCKException { - if (ockVersion == unobtainedValue) { - obtainOCKVersion(); - } - return ockVersion; - } - - public String getOCKInstallPath() throws OCKException { - if (ockInstallPath == unobtainedValue) { - obtainOCKInstallPath(); - } - return ockInstallPath; - } - - public static String getLibraryBuildDate() { - if (libraryBuildDate == unobtainedValue) { - obtainLibraryBuildDate(); - } - return libraryBuildDate; - } - - private synchronized void obtainOCKVersion() throws OCKException { - // Leave this duplicate check in here. If two threads are both trying - // to get the value at the same time, we only want to call the native - // code one time. - // - if (ockVersion == unobtainedValue) { - ockVersion = getValue(VALUE_OCK_VERSION); - } - } - - private synchronized void obtainOCKInstallPath() throws OCKException { - // Leave this duplicate check in here. If two threads are both trying - // to get the value at the same time, we only want to call the native - // code one time. - // - if (ockInstallPath == unobtainedValue) { - ockInstallPath = getValue(VALUE_OCK_INSTALL_PATH); - } - } - - private synchronized static void obtainLibraryBuildDate() { - // Leave this duplicate check in here. If two threads are both trying - // to get the value at the same time, we only want to call the native - // code one time. - // - if (libraryBuildDate == unobtainedValue) { - libraryBuildDate = NativeInterface.getLibraryBuildDate(); - } - } - - private String getValue(int valueId) throws OCKException { - return NativeInterface.CTX_getValue(ockContextId, valueId); - } - - public String toString() { - return "OCKContext [isFIPS=" + isFIPS + ", id=" + ockContextId + "]"; - } -} diff --git a/src/main/native/AESKeyWrap.c b/src/main/native/ock/AESKeyWrap.c similarity index 94% rename from src/main/native/AESKeyWrap.c rename to src/main/native/ock/AESKeyWrap.c index f9c884b65..43243fcd0 100644 --- a/src/main/native/AESKeyWrap.c +++ b/src/main/native/ock/AESKeyWrap.c @@ -13,19 +13,19 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_KeyWraporUnwrap * Signature: (J[B[B[BI)V */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1KeyWraporUnwrap( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1KeyWraporUnwrap( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray input, jbyteArray KEK, jint type) { ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); diff --git a/src/main/native/BasicRandom.c b/src/main/native/ock/BasicRandom.c similarity index 83% rename from src/main/native/BasicRandom.c rename to src/main/native/ock/BasicRandom.c index 039dc5a3e..acdc6d6ae 100644 --- a/src/main/native/BasicRandom.c +++ b/src/main/native/ock/BasicRandom.c @@ -12,21 +12,21 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include "Context.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RAND_nextBytes * Signature: (J[B)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RAND_1nextBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RAND_1nextBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray bytes) { - static const char *functionName = "NativeInterface.RAND_nextbytes"; + static const char *functionName = "NativeOCKImplementation.RAND_nextbytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); unsigned char *bytesNative = NULL; @@ -64,14 +64,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RAND_1nextBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RAND_setSeed * Signature: (J[B)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RAND_1setSeed( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RAND_1setSeed( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray seed) { - static const char *functionName = "NativeInterface.RAND_setSeed"; + static const char *functionName = "NativeOCKImplementation.RAND_setSeed"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); unsigned char *seedNative = NULL; @@ -105,14 +105,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RAND_1setSeed( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RAND_generateSeed * Signature: (J[B)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RAND_1generateSeed( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RAND_1generateSeed( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray seed) { - static const char *functionName = "NativeInterface.RAND_generateSeed"; + static const char *functionName = "NativeOCKImplementation.RAND_generateSeed"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); unsigned char *seedNative = NULL; diff --git a/src/main/native/BuildDate.c b/src/main/native/ock/BuildDate.c similarity index 80% rename from src/main/native/BuildDate.c rename to src/main/native/ock/BuildDate.c index bb9aa3776..929560674 100644 --- a/src/main/native/BuildDate.c +++ b/src/main/native/ock/BuildDate.c @@ -11,19 +11,19 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: getLibraryBuildDate * Signature: ()Ljava/lang/String; */ JNIEXPORT jstring JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_getLibraryBuildDate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_getLibraryBuildDate( JNIEnv* env, jclass thisObj) { - static const char* functionName = "NativeInterface.getLibraryBuildDate"; + static const char* functionName = "NativeOCKImplementation.getLibraryBuildDate"; const char* buildDateString = NULL; jstring retValue = NULL; diff --git a/src/main/native/CCM.c b/src/main/native/ock/CCM.c similarity index 93% rename from src/main/native/CCM.c rename to src/main/native/ock/CCM.c index 19461cebb..1e0012fea 100644 --- a/src/main/native/CCM.c +++ b/src/main/native/ock/CCM.c @@ -15,7 +15,7 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Padding.h" #include "Utils.h" #include "zHardwareFunctions.h" @@ -186,7 +186,7 @@ int checkTagMismatch_CCM(char* input, int inputLen, char* parm_block, } /*============================================================================ - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: internal functions * Signature: */ @@ -196,7 +196,7 @@ int CCM_decrypt_core(JNIEnv* env, ICC_CTX* ockCtx, unsigned char* key, unsigned char* plaintext, unsigned long plaintextLen, unsigned char* aad, int aadLen, int tagLen) { int rc = ICC_OSSL_SUCCESS; - static const char* functionName = "NativeInterface.CCM_decrypt_core"; + static const char* functionName = "NativeOCKImplementation.CCM_decrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -224,11 +224,11 @@ int CCM_decrypt_core(JNIEnv* env, ICC_CTX* ockCtx, unsigned char* key, } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_CCM_decryptFastJNI_WithHardwareSupport */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1decryptFastJNI_1WithHardwareSupport( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1CCM_1decryptFastJNI_1WithHardwareSupport( JNIEnv* env, jclass unusedClass, jint keyLen, jint ivLen, jint ciphertextOffset, jint ciphertextLen, jint plaintextOffset, jint aadLen, jint tagLen, jlong parameterBuffer, jbyteArray inputJ, @@ -296,11 +296,11 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1decryptFastJNI_1W } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_CCM_decryptFastJNI */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1decryptFastJNI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1CCM_1decryptFastJNI( JNIEnv* env, jclass unusedClass, jlong ockContextId, jint keyLen, jint ivLen, jint ciphertextLen, jint plaintextLen, jint aadLen, jint tagLen, jlong parameterBuffer, jlong inputBuffer, jlong outputBuffer) { @@ -321,16 +321,16 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1decryptFastJNI( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_CCM_decrypt */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1decrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1CCM_1decrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jbyteArray iv, jint ivLen, jbyteArray key, jint keyLen, jbyteArray aad, jint aadLen, jbyteArray ciphertext, jint ciphertextLen, jbyteArray plaintext, jint plaintextLen, jint tagLen) { - static const char* functionName = "NativeInterface.do_CCM_decrypt"; + static const char* functionName = "NativeOCKImplementation.do_CCM_decrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* keyNative = NULL; unsigned char* ivNative = NULL; @@ -408,7 +408,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1decrypt( } /*============================================================================ - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: internal functions * Signature: */ @@ -418,7 +418,7 @@ int CCM_encrypt_core(JNIEnv* env, ICC_CTX* ockCtx, unsigned char* key, unsigned char* plainText, int plaintextLen, unsigned char* cipherText, unsigned long ciphertextLen) { int rc = ICC_OSSL_SUCCESS; - static const char* functionName = "NativeInterface.CCM_encrypt_core"; + static const char* functionName = "NativeOCKImplementation.CCM_encrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -451,12 +451,12 @@ int CCM_encrypt_core(JNIEnv* env, ICC_CTX* ockCtx, unsigned char* key, } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_CCM_checkHardwareCCMSupport */ FUNC* JCC_OS_helpers(ICC_CTX* ctx); JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1checkHardwareCCMSupport( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1CCM_1checkHardwareCCMSupport( JNIEnv* env, jclass unusedClass, jlong ockContextId) { ICC_CTX* ctx = (ICC_CTX*)((intptr_t)ockContextId); FUNC* funcPtr = ICC_OS_helpers(ctx); @@ -473,11 +473,11 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1checkHardwareCCMS } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_CCM_encryptFastJNI_WithHardwareSupport */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1encryptFastJNI_1WithHardwareSupport( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1CCM_1encryptFastJNI_1WithHardwareSupport( JNIEnv* env, jclass unusedClass, jint keyLen, jint ivLen, jint plaintextOffset, jint plaintextLen, jint ciphertextOffset, jint aadLen, jint tagLen, jlong parameterBuffer, jbyteArray inputJ, jint inputOffset, @@ -543,11 +543,11 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1encryptFastJNI_1W } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_CCM_encryptFastJNI */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1encryptFastJNI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1CCM_1encryptFastJNI( JNIEnv* env, jclass unusedClass, jlong ockContextId, jint keyLen, jint ivLen, jint plaintextLen, jint ciphertextLen, jint aadLen, jint tagLen, jlong parameterBuffer, jlong inputBuffer, jlong outputBuffer) { @@ -568,17 +568,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1encryptFastJNI( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_CCM_encrypt * Signature: (J[BI[BI[BII[BI[BI[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1CCM_1encrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1CCM_1encrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jbyteArray iv, jint ivLen, jbyteArray key, jint keyLen, jbyteArray aad, jint aadLen, jbyteArray plaintext, jint plaintextLen, jbyteArray ciphertext, jint ciphertextLen, jint tagLen) { - static const char* functionName = "NativeInterface.do_CCM_encrypt"; + static const char* functionName = "NativeOCKImplementation.do_CCM_encrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* keyNative = NULL; unsigned char* ivNative = NULL; diff --git a/src/main/native/Context.h b/src/main/native/ock/Context.h similarity index 100% rename from src/main/native/Context.h rename to src/main/native/ock/Context.h diff --git a/src/main/native/DHKey.c b/src/main/native/ock/DHKey.c similarity index 94% rename from src/main/native/DHKey.c rename to src/main/native/ock/DHKey.c index 8d08d8d34..f00d855fb 100644 --- a/src/main/native/DHKey.c +++ b/src/main/native/ock/DHKey.c @@ -14,20 +14,20 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_generate * Signature: (JI)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1generate__JI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1generate__JI( JNIEnv *env, jclass thisObj, jlong ockContextId, jint numBits) { - static const char *functionName = "NativeInterface.DHKEY_generate(size)"; + static const char *functionName = "NativeOCKImplementation.DHKEY_generate(size)"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = NULL; @@ -87,15 +87,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1generate__JI( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_generateParameters * Signature: (JI)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1generateParameters( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1generateParameters( JNIEnv *env, jclass thisObj, jlong ockContextId, jint numBits) { static const char *functionName = - "NativeInterface.DHKEY_generateParameters"; + "NativeOCKImplementation.DHKEY_generateParameters"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = NULL; @@ -210,14 +210,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1generateParameters( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_generate * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1generate__J_3B( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1generate__J_3B( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray parmBytes) { - static const char *functionName = "NativeInterface.DHKEY_generate(parms)"; + static const char *functionName = "NativeOCKImplementation.DHKEY_generate(parms)"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); unsigned char *parmBytesNative = NULL; @@ -335,15 +335,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1generate__J_3B( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_createPrivateKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1createPrivateKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1createPrivateKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray privateKeyBytes) { - static const char *functionName = "NativeInterface.DHKEY_createPrivateKey"; + static const char *functionName = "NativeOCKImplementation.DHKEY_createPrivateKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = NULL; @@ -439,15 +439,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1createPrivateKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_createPublicKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1createPublicKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1createPublicKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray publicKeyBytes) { - static const char *functionName = "NativeInterface.DHKEY_createPublicKey"; + static const char *functionName = "NativeOCKImplementation.DHKEY_createPublicKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = NULL; @@ -546,14 +546,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1createPublicKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_getParameters * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1getParameters( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1getParameters( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dhKeyId) { - static const char *functionName = "NativeInterface.DHKEY_getParameters"; + static const char *functionName = "NativeOCKImplementation.DHKEY_getParameters"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = (ICC_DH *)((intptr_t)dhKeyId); @@ -652,15 +652,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1getParameters( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_getPrivateKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1getPrivateKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1getPrivateKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dhKeyId) { static const char *functionName = - "NativeInterface.DHKEY_getPrivateKeyBytes"; + "NativeOCKImplementation.DHKEY_getPrivateKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = (ICC_DH *)((intptr_t)dhKeyId); @@ -779,14 +779,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1getPrivateKeyBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_getPublicKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1getPublicKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1getPublicKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dhKeyId) { - static const char *functionName = "NativeInterface.DHKEY_getPublicKeyBytes"; + static const char *functionName = "NativeOCKImplementation.DHKEY_getPublicKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = (ICC_DH *)((intptr_t)dhKeyId); @@ -904,14 +904,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1getPublicKeyBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_createPKey * Signature: (JJ)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1createPKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1createPKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dhKeyId) { - static const char *functionName = "NativeInterface.DHKEY_createPKey"; + static const char *functionName = "NativeOCKImplementation.DHKEY_createPKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = (ICC_DH *)((intptr_t)dhKeyId); @@ -975,15 +975,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1createPKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_computeDHSecret * Signature: (JJJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1computeDHSecret( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1computeDHSecret( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong pubKeyId, jlong privKeyId) { - static const char *functionName = "NativeInterface.DHKEY_computeDHSecret"; + static const char *functionName = "NativeOCKImplementation.DHKEY_computeDHSecret"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockPubDHKey = (ICC_DH *)((intptr_t)pubKeyId); @@ -1281,14 +1281,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1computeDHSecret( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DHKEY_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DHKEY_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DHKEY_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dhKeyId) { - static const char *functionName = "NativeInterface.DHKEY_delete"; + static const char *functionName = "NativeOCKImplementation.DHKEY_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DH *ockDH = (ICC_DH *)((intptr_t)dhKeyId); diff --git a/src/main/native/DSAKey.c b/src/main/native/ock/DSAKey.c similarity index 92% rename from src/main/native/DSAKey.c rename to src/main/native/ock/DSAKey.c index 3e5f703b1..59a05ff92 100644 --- a/src/main/native/DSAKey.c +++ b/src/main/native/ock/DSAKey.c @@ -13,19 +13,19 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_generate * Signature: (JI)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1generate__JI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1generate__JI( JNIEnv *env, jclass thisObj, jlong ockContextId, jint numBits) { - static const char *functionName = "NativeInterface.DSAKEY_generate(size)"; + static const char *functionName = "NativeOCKImplementation.DSAKEY_generate(size)"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = NULL; @@ -104,15 +104,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1generate__JI( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_generateParameters * Signature: (JI)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1generateParameters( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1generateParameters( JNIEnv *env, jclass thisObj, jlong ockContextId, jint numBits) { static const char *functionName = - "NativeInterface.DSAKEY_generateParameters"; + "NativeOCKImplementation.DSAKEY_generateParameters"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = NULL; @@ -245,14 +245,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1generateParameters //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_generate * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1generate__J_3B( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1generate__J_3B( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray parmBytes) { - static const char *functionName = "NativeInterface.DSAKEY_generate(parms)"; + static const char *functionName = "NativeOCKImplementation.DSAKEY_generate(parms)"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); unsigned char *parmBytesNative = NULL; @@ -358,15 +358,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1generate__J_3B( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_createPrivateKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1createPrivateKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1createPrivateKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray privateKeyBytes) { - static const char *functionName = "NativeInterface.DSAKEY_createPrivateKey"; + static const char *functionName = "NativeOCKImplementation.DSAKEY_createPrivateKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = NULL; @@ -438,15 +438,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1createPrivateKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_createPublicKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1createPublicKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1createPublicKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray publicKeyBytes) { - static const char *functionName = "NativeInterface.DSAKEY_createPublicKey"; + static const char *functionName = "NativeOCKImplementation.DSAKEY_createPublicKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = NULL; @@ -519,14 +519,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1createPublicKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_getParameters * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1getParameters( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1getParameters( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dsaKeyId) { - static const char *functionName = "NativeInterface.DSAKEY_getParameters"; + static const char *functionName = "NativeOCKImplementation.DSAKEY_getParameters"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = (ICC_DSA *)((intptr_t)dsaKeyId); @@ -627,15 +627,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1getParameters( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_getPrivateKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1getPrivateKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1getPrivateKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dsaKeyId) { static const char *functionName = - "NativeInterface.DSAKEY_getPrivateKeyBytes"; + "NativeOCKImplementation.DSAKEY_getPrivateKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = (ICC_DSA *)((intptr_t)dsaKeyId); @@ -743,15 +743,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1getPrivateKeyBytes //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_getPublicKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1getPublicKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1getPublicKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dsaKeyId) { static const char *functionName = - "NativeInterface.DSAKEY_getPublicKeyBytes"; + "NativeOCKImplementation.DSAKEY_getPublicKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = (ICC_DSA *)((intptr_t)dsaKeyId); @@ -859,14 +859,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1getPublicKeyBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_createPKey * Signature: (JJ)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1createPKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1createPKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dsaKeyId) { - static const char *functionName = "NativeInterface.DSAKEY_createPKey"; + static const char *functionName = "NativeOCKImplementation.DSAKEY_createPKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = (ICC_DSA *)((intptr_t)dsaKeyId); @@ -936,14 +936,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1createPKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSAKEY_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSAKEY_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSAKEY_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong dsaKeyId) { - static const char *functionName = "NativeInterface.DSAKEY_delete"; + static const char *functionName = "NativeOCKImplementation.DSAKEY_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = (ICC_DSA *)((intptr_t)dsaKeyId); diff --git a/src/main/native/Digest.c b/src/main/native/ock/Digest.c similarity index 90% rename from src/main/native/Digest.c rename to src/main/native/ock/Digest.c index a2d51f452..93e04fcd3 100644 --- a/src/main/native/Digest.c +++ b/src/main/native/ock/Digest.c @@ -13,21 +13,21 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include "Digest.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_create * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1create( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1create( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring digestAlgo) { - static const char *functionName = "NativeInterface.DIGEST_create"; + static const char *functionName = "NativeOCKImplementation.DIGEST_create"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)malloc(sizeof(OCKDigest)); @@ -152,14 +152,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1create( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_copy * Signature: (JJ)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1copy( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1copy( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId) { - static const char *functionName = "NativeInterface.DIGEST_copy"; + static const char *functionName = "NativeOCKImplementation.DIGEST_copy"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); @@ -243,14 +243,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1copy( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_update * Signature: (JJ[BII)V */ JNIEXPORT int DIGEST_update_internal(ICC_CTX *ockCtx, OCKDigest *ockDigest, unsigned char *dataNative, int dataLen) { int rc = ICC_OSSL_SUCCESS; - static const char *functionName = "NativeInterface.DIGEST_update"; + static const char *functionName = "NativeOCKImplementation.DIGEST_update"; if ((ockDigest == NULL) || (dataNative == NULL) || (dataLen < 0) || (ockDigest->mdCtx == NULL)) { if (debug) { @@ -266,10 +266,10 @@ JNIEXPORT int DIGEST_update_internal(ICC_CTX *ockCtx, OCKDigest *ockDigest, } JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1update( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1update( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId, jbyteArray data, jint offset, jint dataLen) { - static const char *functionName = "NativeInterface.DIGEST_update"; + static const char *functionName = "NativeOCKImplementation.DIGEST_update"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); @@ -339,15 +339,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1update( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_updateFastJNI * Signature: (JJJI)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1updateFastJNI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1updateFastJNI( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId, jlong dataBuffer, jint dataLen) { - static const char *functionName = "NativeInterface.DIGEST_updateFastJNI"; + static const char *functionName = "NativeOCKImplementation.DIGEST_updateFastJNI"; ICC_CTX *ockCtx = (ICC_CTX *)ockContextId; OCKDigest *ockDigest = (OCKDigest *)digestId; @@ -388,14 +388,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1updateFastJNI( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_digest * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1digest( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1digest( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId) { - static const char *functionName = "NativeInterface.DIGEST_digest"; + static const char *functionName = "NativeOCKImplementation.DIGEST_digest"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); @@ -494,15 +494,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1digest( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_digest_and_reset * Signature: (JJJI)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1digest_1and_1reset__JJJI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1digest_1and_1reset__JJJI( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId, jlong digestBytes, jint length) { - static const char *functionName = "NativeInterface.DIGEST_digest_and_reset"; + static const char *functionName = "NativeOCKImplementation.DIGEST_digest_and_reset"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); @@ -547,7 +547,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1digest_1and_1reset } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_digest_and_reset * Signature: (JJ[B)V */ @@ -555,7 +555,7 @@ JNIEXPORT int DIGEST_digest_and_reset_internal( ICC_CTX *ockCtx, OCKDigest *ockDigest, unsigned char *digestBytesNative) { int rc = ICC_OSSL_SUCCESS; static const char *functionName = - "NativeInterface.DIGEST_digest_and_reset_internal"; + "NativeOCKImplementation.DIGEST_digest_and_reset_internal"; if ((ockDigest == NULL) || (digestBytesNative == NULL)) { if (debug) { gslogFunctionExit(functionName); @@ -574,10 +574,10 @@ JNIEXPORT int DIGEST_digest_and_reset_internal( } JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1digest_1and_1reset__JJ_3B( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1digest_1and_1reset__JJ_3B( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId, jbyteArray digestBytes) { - static const char *functionName = "NativeInterface.DIGEST_digest_and_reset"; + static const char *functionName = "NativeOCKImplementation.DIGEST_digest_and_reset"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); @@ -625,14 +625,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1digest_1and_1reset //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_size * Signature: (JJ)V */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1size( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1size( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId) { - static const char *functionName = "NativeInterface.DIGEST_size"; + static const char *functionName = "NativeOCKImplementation.DIGEST_size"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); @@ -674,14 +674,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1size( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_reset * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1reset( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1reset( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId) { - static const char *functionName = "NativeInterface.DIGEST_reset"; + static const char *functionName = "NativeOCKImplementation.DIGEST_reset"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); @@ -726,14 +726,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1reset( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DIGEST_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DIGEST_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DIGEST_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId) { - static const char *functionName = "NativeInterface.DIGEST_delete"; + static const char *functionName = "NativeOCKImplementation.DIGEST_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); diff --git a/src/main/native/Digest.h b/src/main/native/ock/Digest.h similarity index 100% rename from src/main/native/Digest.h rename to src/main/native/ock/Digest.h diff --git a/src/main/native/ECKey.c b/src/main/native/ock/ECKey.c similarity index 94% rename from src/main/native/ECKey.c rename to src/main/native/ock/ECKey.c index 0aad4a56b..f7e27cd50 100644 --- a/src/main/native/ECKey.c +++ b/src/main/native/ock/ECKey.c @@ -12,7 +12,7 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include @@ -36,14 +36,14 @@ //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_generate * Signature: (JI)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generate__JI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1generate__JI( JNIEnv *env, jclass thisObj, jlong ockContextId, jint numBits) { - static const char *functionName = "NativeInterface.ECKEY_generate(size)"; + static const char *functionName = "NativeOCKImplementation.ECKEY_generate(size)"; #ifdef __MVS__ #pragma convert("ISO8859-1") #endif @@ -207,14 +207,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generate__JI( } //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_1generate__JLjava_lang_String_2 * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generate__JLjava_lang_String_2( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1generate__JLjava_lang_String_2( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring soid) { - static const char *functionName = "NativeInterface.ECKEY_generate(soid)"; + static const char *functionName = "NativeOCKImplementation.ECKEY_generate(soid)"; jlong ecKeyId = 0; int nid = 0; int rc = 0; @@ -455,12 +455,12 @@ char *getFFDHOption(int option) { //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: XECKEY_generate * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1generate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_XECKEY_1generate( JNIEnv *env, jclass thisObj, jlong ockContextId, jint option, jlong bufferPtr) { static const char *functionName = "XECKEY_generate"; @@ -545,15 +545,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1generate( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_1generateParameters__JI * Signature: (JI)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generateParameters__JI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1generateParameters__JI( JNIEnv *env, jclass thisObj, jlong ockContextId, jint numBits) { static const char *functionName = - "NativeInterface.ECKEY_1generateParameters"; + "NativeOCKImplementation.ECKEY_1generateParameters"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EC_KEY *ockECKey = NULL; @@ -736,12 +736,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generateParameters_ //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_1generateParameters__JLjava_lang_String_2 * Signature: (JLjava/lang/String;)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generateParameters__JLjava_lang_String_2( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1generateParameters__JLjava_lang_String_2( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring soid) { static const char *functionName = "ECKEY_1generateParameters__JLjava_lang_String_2"; @@ -928,15 +928,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generateParameters_ //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_generate * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generate__J_3B( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1generate__J_3B( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray parameterBytes) { - static const char *functionName = "NativeInterface.ECKEY_generate__J_3B"; + static const char *functionName = "NativeOCKImplementation.ECKEY_generate__J_3B"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); unsigned char *parameterBytesNative = NULL; @@ -1053,15 +1053,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1generate__J_3B( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_createPrivateKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1createPrivateKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1createPrivateKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray privateKeyBytes) { - static const char *functionName = "NativeInterface.ECKEY_createPrivateKey"; + static const char *functionName = "NativeOCKImplementation.ECKEY_createPrivateKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EC_KEY *ockECKey = NULL; @@ -1150,15 +1150,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1createPrivateKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: XECKEY_createPrivateKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1createPrivateKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_XECKEY_1createPrivateKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray privateKeyBytes, jlong bufferPtr) { - static const char *functionName = "NativeInterface.XECKEY_createPrivateKey"; + static const char *functionName = "NativeOCKImplementation.XECKEY_createPrivateKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockEVPKey = NULL; @@ -1240,15 +1240,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1createPrivateKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_createPublicKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1createPublicKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1createPublicKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray publicKeyBytes, jbyteArray parameterBytes) { - static const char *functionName = "NativeInterface.ECKEY_createPublicKey"; + static const char *functionName = "NativeOCKImplementation.ECKEY_createPublicKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EC_KEY *ockECKey = NULL; @@ -1374,15 +1374,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1createPublicKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: XECKEY_createPublicKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1createPublicKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_XECKEY_1createPublicKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray publicKeyBytes) { - static const char *functionName = "NativeInterface.XECKEY_createPublicKey"; + static const char *functionName = "NativeOCKImplementation.XECKEY_createPublicKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockEVPKey = NULL; @@ -1466,14 +1466,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1createPublicKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_getParameters * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1getParameters( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1getParameters( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ecKeyId) { - static const char *functionName = "NativeInterface.ECKEY_getParameters"; + static const char *functionName = "NativeOCKImplementation.ECKEY_getParameters"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EC_KEY *ockECKey = (ICC_EC_KEY *)((intptr_t)ecKeyId); @@ -1587,15 +1587,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1getParameters( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_getPrivateKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1getPrivateKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1getPrivateKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ecKeyId) { static const char *functionName = - "NativeInterface.ECKEY_getPrivateKeyBytes"; + "NativeOCKImplementation.ECKEY_getPrivateKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EC_KEY *ockECKey = (ICC_EC_KEY *)((intptr_t)ecKeyId); @@ -1702,15 +1702,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1getPrivateKeyBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: XECKEY_getPrivateKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1getPrivateKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_XECKEY_1getPrivateKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong xecKeyId) { static const char *functionName = - "NativeInterface.XECKEY_getPrivateKeyBytes"; + "NativeOCKImplementation.XECKEY_getPrivateKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockEVPKey = (ICC_EVP_PKEY *)((intptr_t)xecKeyId); @@ -1750,14 +1750,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1getPrivateKeyBytes //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_getPublicKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1getPublicKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1getPublicKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ecKeyId) { - static const char *functionName = "NativeInterface.ECKEY_getPublicKeyBytes"; + static const char *functionName = "NativeOCKImplementation.ECKEY_getPublicKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EC_KEY *ockECKey = (ICC_EC_KEY *)((intptr_t)ecKeyId); @@ -1861,13 +1861,13 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1getPublicKeyBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: XECKEY_getPublicKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1getPublicKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_XECKEY_1getPublicKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong xecKeyId) { ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockEVPKey = (ICC_EVP_PKEY *)xecKeyId; @@ -1912,14 +1912,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1getPublicKeyBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_createPKey * Signature: (JJ)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1createPKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1createPKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ecKeyId) { - static const char *functionName = "NativeInterface.ECKEY_createPKey"; + static const char *functionName = "NativeOCKImplementation.ECKEY_createPKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EC_KEY *ockECKey = (ICC_EC_KEY *)((intptr_t)ecKeyId); @@ -1985,14 +1985,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1createPKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ecKeyId) { - static const char *functionName = "NativeInterface.ECKEY_delete"; + static const char *functionName = "NativeOCKImplementation.ECKEY_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EC_KEY *ockECKey = (ICC_EC_KEY *)((intptr_t)ecKeyId); @@ -2018,14 +2018,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1delete( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: XECKEY_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_XECKEY_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong xecKeyId) { - static const char *functionName = "NativeInterface.XECKEY_delete"; + static const char *functionName = "NativeOCKImplementation.XECKEY_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockEVPKey = (ICC_EVP_PKEY *)((intptr_t)xecKeyId); @@ -2051,12 +2051,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1delete( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_computeECDHSecret * Signature: (JJJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1computeECDHSecret( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1computeECDHSecret( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong pubEcKeyId, jlong privEcKeyId) { static const char *functionName = @@ -2220,12 +2220,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1computeECDHSecret( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: XECKEY_computeECDHSecret * Signature: (JJJJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1computeECDHSecret( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_XECKEY_1computeECDHSecret( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong genCtx, jlong pubXecKeyId, jlong privXecKeyId, jint secretBufferSize) { static const char *functionName = @@ -2260,6 +2260,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1computeECDHSecret( ICC_EVP_PKEY_derive(ockCtx, gen_ctx, NULL, &secret_key_len); /* Get secret key size */ } + fprintf(stderr, "[DEBUG] XECKEY: secret key len: %lu\n", secret_key_len); secretBytes = (*env)->NewByteArray( env, secret_key_len); /* Create Java secret bytes array with size */ if (NULL == secretBytes) { @@ -2311,12 +2312,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_XECKEY_1computeECDHSecret( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_signDatawithECDSA * Signature: (J[BIJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1signDatawithECDSA( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1signDatawithECDSA( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray digestBytes, jint digestBytesLen, jlong privEcKeyId) { static const char *functionName = @@ -2491,12 +2492,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1signDatawithECDSA( return NULL; } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: ECKEY_verifyDatawithECDSA * Signature: (J[BI[BIJ)Z */ JNIEXPORT jboolean JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_ECKEY_1verifyDatawithECDSA( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_ECKEY_1verifyDatawithECDSA( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray digestBytes, jint digestBytesLen, jbyteArray sigBytes, jint sigBytesLen, jlong pubEcKeyId) diff --git a/src/main/native/ExceptionCodes.h b/src/main/native/ock/ExceptionCodes.h similarity index 100% rename from src/main/native/ExceptionCodes.h rename to src/main/native/ock/ExceptionCodes.h diff --git a/src/main/native/ExtendedRandom.c b/src/main/native/ock/ExtendedRandom.c similarity index 87% rename from src/main/native/ExtendedRandom.c rename to src/main/native/ock/ExtendedRandom.c index 1c58c9dbd..1d12076fb 100644 --- a/src/main/native/ExtendedRandom.c +++ b/src/main/native/ock/ExtendedRandom.c @@ -12,20 +12,20 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: EXTRAND_create * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_EXTRAND_1create( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_EXTRAND_1create( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring algName) { - static const char *functionName = "NativeInterface.EXTRAND_create"; + static const char *functionName = "NativeOCKImplementation.EXTRAND_create"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); const char *algNameChars = NULL; @@ -95,15 +95,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_EXTRAND_1create( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: EXTRAND_nextBytes * Signature: (JJ[B)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_EXTRAND_1nextBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_EXTRAND_1nextBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockPRNGContextId, jbyteArray bytes) { - static const char *functionName = "NativeInterface.EXTRAND_nextBytes"; + static const char *functionName = "NativeOCKImplementation.EXTRAND_nextBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_PRNG_CTX *ockPRNGCtx = (ICC_PRNG_CTX *)((intptr_t)ockPRNGContextId); @@ -151,15 +151,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_EXTRAND_1nextBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: EXTRAND_setSeed * Signature: (JJ[B)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_EXTRAND_1setSeed( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_EXTRAND_1setSeed( JNIEnv *env, jclass thisObj, jlong contextId, jlong ockPRNGContextId, jbyteArray seed) { - static const char *functionName = "NativeInterface.EXTRAND_setSeed"; + static const char *functionName = "NativeOCKImplementation.EXTRAND_setSeed"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)contextId); ICC_PRNG_CTX *ockPRNGCtx = (ICC_PRNG_CTX *)((intptr_t)ockPRNGContextId); @@ -206,14 +206,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_EXTRAND_1setSeed( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: EXTRAND_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_EXTRAND_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_EXTRAND_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockPRNGContextId) { - static const char *functionName = "NativeInterface.EXTRAND_delete"; + static const char *functionName = "NativeOCKImplementation.EXTRAND_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_PRNG_CTX *ockPRNGCtx = (ICC_PRNG_CTX *)((intptr_t)ockPRNGContextId); diff --git a/src/main/native/GCM.c b/src/main/native/ock/GCM.c similarity index 94% rename from src/main/native/GCM.c rename to src/main/native/ock/GCM.c index 97ffd2c19..287bdaebe 100644 --- a/src/main/native/GCM.c +++ b/src/main/native/ock/GCM.c @@ -15,7 +15,7 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Padding.h" #include "Utils.h" #include "zHardwareFunctions.h" @@ -130,7 +130,7 @@ ICC_AES_GCM_CTX* getOrfreeGCMContext(ICC_CTX* ockCtx, int keyLen) { /*============================================================================ * - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: GCM_InitForUpdateDecrypt_core * Signature: (JJ)V */ @@ -146,7 +146,7 @@ int GCM_InitForUpdateDecrypt_core(JNIEnv* env, ICC_CTX* ockCtx, int rc = ICC_OSSL_SUCCESS; static const char* functionName = - "NativeInterface.GCM_InitForUpdateDecrypt_core"; + "NativeOCKImplementation.GCM_InitForUpdateDecrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -247,7 +247,7 @@ int GCM_InitForUpdateDecrypt_core(JNIEnv* env, ICC_CTX* ockCtx, /*============================================================================ * - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: GCM_UpdForUpdateDecrypt_core * Signature: */ @@ -263,7 +263,7 @@ int GCM_UpdForUpdateDecrypt_core(JNIEnv* env, ICC_CTX* ockCtx, int rc = ICC_OSSL_SUCCESS; static const char* functionName = - "NativeInterface.GCM_UpdForUpdateDecrypt_core"; + "NativeOCKImplementation.GCM_UpdForUpdateDecrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -352,7 +352,7 @@ int GCM_UpdForUpdateDecrypt_core(JNIEnv* env, ICC_CTX* ockCtx, } /*============================================================================ - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: GCM_InitForUpdateEncrypt_core * Signature: */ @@ -371,7 +371,7 @@ int GCM_InitForUpdateEncrypt_core(JNIEnv* env, ICC_CTX* ockCtx, int rc = ICC_OSSL_SUCCESS; /* jboolean isCopy = 0; */ static const char* functionName = - "NativeInterface.GCM_InitForUpdateEncrypt_core"; + "NativeOCKImplementation.GCM_InitForUpdateEncrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -482,7 +482,7 @@ int GCM_InitForUpdateEncrypt_core(JNIEnv* env, ICC_CTX* ockCtx, } /*============================================================================ - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: GCM_UpdForUpdateEncrypt_core * Signature: */ @@ -498,7 +498,7 @@ int GCM_UpdForUpdateEncrypt_core(JNIEnv* env, ICC_CTX* ockCtx, int rc = ICC_OSSL_SUCCESS; /* jboolean isCopy = 0; */ static const char* functionName = - "NativeInterface.GCM_UpdForUpdateEncrypt_core"; + "NativeOCKImplementation.GCM_UpdForUpdateEncrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -590,7 +590,7 @@ int GCM_UpdForUpdateEncrypt_core(JNIEnv* env, ICC_CTX* ockCtx, } /*============================================================================ - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: GCM_FinalForUpdateDecrypt_core * Signature: */ @@ -606,7 +606,7 @@ int GCM_FinalForUpdateDecrypt_core(JNIEnv* env, ICC_CTX* ockCtx, long unsigned finalOutlen = 0; int rc = ICC_OSSL_SUCCESS; static const char* functionName = - "NativeInterface.GCM_FinalForUpdateDecrypt_core"; + "NativeOCKImplementation.GCM_FinalForUpdateDecrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -737,7 +737,7 @@ int GCM_FinalForUpdateDecrypt_core(JNIEnv* env, ICC_CTX* ockCtx, } /*============================================================================ - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: GCM_FinalForUpdateEncrypt_core * Signature: */ @@ -755,7 +755,7 @@ int GCM_FinalForUpdateEncrypt_core(JNIEnv* env, ICC_CTX* ockCtx, long unsigned finalOutlen = 0; int rc = ICC_OSSL_SUCCESS; static const char* functionName = - "NativeInterface.GCM_FinalForUpdateEncrypt_core"; + "NativeOCKImplementation.GCM_FinalForUpdateEncrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -1003,7 +1003,7 @@ int checkTagMismatch(char* input, int inputLen, char* parm_block, int tagOffset, } /*============================================================================ - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: GCM_decrypt_core * Signature: */ @@ -1017,7 +1017,7 @@ int GCM_decrypt_core(JNIEnv* env, ICC_CTX* ockCtx, ICC_AES_GCM_CTX* gcmCtx, long unsigned updateAADlen = 0; long unsigned finalOutlen = 0; int rc = ICC_OSSL_SUCCESS; - static const char* functionName = "NativeInterface.GCM_decrypt_core"; + static const char* functionName = "NativeOCKImplementation.GCM_decrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -1088,11 +1088,11 @@ int GCM_decrypt_core(JNIEnv* env, ICC_CTX* ockCtx, ICC_AES_GCM_CTX* gcmCtx, } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_decryptFastJNI_WithHardwareSupport * */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1decryptFastJNI_1WithHardwareSupport( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1decryptFastJNI_1WithHardwareSupport( JNIEnv* env, jclass unusedClass, jint keyLen, jint ivLen, jint ciphertextOffset, jint ciphertextLen, jint plaintextOffset, jint aadLen, jint tagLen, jlong parameterBuffer, jbyteArray inputJ, @@ -1160,11 +1160,11 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1decryptFastJNI_1W } /* - * * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * * Method: do_GCM_decryptFastJNI * */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1decryptFastJNI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1decryptFastJNI( JNIEnv* env, jclass unusedClass, jlong ockContextId, jlong gcmCtxId, jint keyLen, jint ivLen, jint ciphertextOffset, jint ciphertextLen, jint plaintextOffset, jint aadLen, jint tagLen, jlong parameterBuffer, @@ -1187,17 +1187,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1decryptFastJNI( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_decrypt * */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1decrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1decrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmCtxId, jbyteArray key, jint keyLen, jbyteArray iv, jint ivLen, jbyteArray ciphertext, jint ciphertextOffset, jint ciphertextLen, jbyteArray plaintext, jint plaintextOffset, jbyteArray aad, jint aadLen, jint tagLen) { - static const char* functionName = "NativeInterface.do_GCM_decrypt"; + static const char* functionName = "NativeOCKImplementation.do_GCM_decrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* keyNative = NULL; unsigned char* ivNative = NULL; @@ -1280,7 +1280,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1decrypt( } /*============================================================================ - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: GCM_encrypt_core * Signature: */ @@ -1300,7 +1300,7 @@ int GCM_encrypt_core(JNIEnv* env, ICC_CTX* ockCtx, ICC_AES_GCM_CTX* gcmCtx, unsigned long updateAADlen = 0; long unsigned finalOutlen = 0; int rc = ICC_OSSL_SUCCESS; - static const char* functionName = "NativeInterface.GCM_encrypt_core"; + static const char* functionName = "NativeOCKImplementation.GCM_encrypt_core"; if (debug) { gslogFunctionEntry(functionName); @@ -1418,12 +1418,12 @@ int GCM_encrypt_core(JNIEnv* env, ICC_CTX* ockCtx, ICC_AES_GCM_CTX* gcmCtx, } /* - * * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * * Method: do_GCM_checkHardwareGCMSupport * */ FUNC* JCC_OS_helpers(ICC_CTX* ctx); JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1checkHardwareGCMSupport( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1checkHardwareGCMSupport( JNIEnv* env, jclass unusedClass, jlong ockContextId) { ICC_CTX* ctx = (ICC_CTX*)((intptr_t)ockContextId); FUNC* funcPtr = ICC_OS_helpers(ctx); @@ -1440,11 +1440,11 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1checkHardwareGCMS } /* - * * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * * Method: do_GCM_encryptFastJNI_WithHardwareSupport * */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1encryptFastJNI_1WithHardwareSupport( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1encryptFastJNI_1WithHardwareSupport( JNIEnv* env, jclass unusedClass, jint keyLen, jint ivLen, jint plaintextOffset, jint plaintextLen, jint ciphertextOffset, jint aadLen, jint tagLen, jlong parameterBuffer, jbyteArray inputJ, jint inputOffset, @@ -1510,11 +1510,11 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1encryptFastJNI_1W } /* - * * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * * Method: do_GCM_encryptFastJNI * */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1encryptFastJNI( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1encryptFastJNI( JNIEnv* env, jclass unusedClass, jlong ockContextId, jlong gcmCtxId, jint keyLen, jint ivLen, jint plaintextOffset, jint plaintextLen, jint ciphertextOffset, jint aadLen, jint tagLen, jlong parameterBuffer, @@ -1538,18 +1538,18 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1encryptFastJNI( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_encrypt * Signature: (J[BI[BI[BII[BI[BI[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1encrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1encrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmCtxId, jbyteArray key, jint keyLen, jbyteArray iv, jint ivLen, jbyteArray plaintext, jint plaintextOffset, jint plaintextLen, jbyteArray ciphertext, jint ciphertextOffset, jbyteArray aad, jint aadLen, jbyteArray tag, jint tagLen) { - static const char* functionName = "NativeInterface.do_GCM_encrypt"; + static const char* functionName = "NativeOCKImplementation.do_GCM_encrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* keyNative = NULL; unsigned char* ivNative = NULL; @@ -1629,14 +1629,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1encrypt( } //============================================================================ ///* -// * Class: com_ibm_crypto_plus_provider_ock_NativeInterface +// * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation // * Method: do_GCM_delete // * Signature: (JJ)V // */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_GCM_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_GCM_1delete( JNIEnv* env, jclass thisObj, jlong ockContextId) { - static const char* functionName = "NativeInterface.do_GCM_delete"; + static const char* functionName = "NativeOCKImplementation.do_GCM_delete"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); if (debug) { gslogFunctionEntry(functionName); @@ -1660,9 +1660,9 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_GCM_1delete( * Return Value 1 = TLS Disabled */ // JNIEXPORT jint JNICALL -// Java_com_ibm_crypto_plus_provider_ock_NativeInterface_get_1GCM_1TLSEnabled +// Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_get_1GCM_1TLSEnabled // (JNIEnv *env, jclass thisObj) { -// static const char * functionName = "NativeInterface.get_GCM_TLSEnabled"; +// static const char * functionName = "NativeOCKImplementation.get_GCM_TLSEnabled"; // int ret = 1; // // if (debug) { @@ -1675,9 +1675,9 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_GCM_1delete( // } JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_create_1GCM_1context( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_create_1GCM_1context( JNIEnv* env, jclass thisObj, jlong ockContextId) { - static const char* functionName = "NativeInterface.create_GCM_context"; + static const char* functionName = "NativeOCKImplementation.create_GCM_context"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); ICC_AES_GCM_CTX* gcmCtx = NULL; @@ -1702,14 +1702,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_create_1GCM_1context( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: free_GCM_ctx * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_free_1GCM_1ctx( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_free_1GCM_1ctx( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmContextId) { - static const char* functionName = "NativeInterface.free_1GCM_1ctx"; + static const char* functionName = "NativeOCKImplementation.free_1GCM_1ctx"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); ICC_AES_GCM_CTX* gcmCtx = (ICC_AES_GCM_CTX*)((intptr_t)gcmContextId); if (debug) { @@ -1726,19 +1726,19 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_free_1GCM_1ctx( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_UpdForUpdateEncrypt * Signature: */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1UpdForUpdateEncrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1UpdForUpdateEncrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmCtxId, jbyteArray plaintext, jint plaintextOffset, jint plaintextLen, jbyteArray ciphertext, jint ciphertextOffset) { #if defined(AIX) || defined(WINDOWS) || defined(MAC) || defined(LINUX) || \ defined(__MVS__) static const char* functionName = - "NativeInterface.do_GCM_UpdForUpdateEncrypt"; + "NativeOCKImplementation.do_GCM_UpdForUpdateEncrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* plaintextNative = NULL; unsigned char* ciphertextNative = NULL; @@ -1827,12 +1827,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1UpdForUpdateEncry } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_FinalForUpdateEncrypt * Signature: */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1FinalForUpdateEncrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1FinalForUpdateEncrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmCtxId, jbyteArray key, jint keyLen, jbyteArray iv, jint ivLen, jbyteArray plaintext, jint plaintextOffset, jint plaintextLen, @@ -1841,7 +1841,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1FinalForUpdateEnc #if defined(AIX) || defined(WINDOWS) || defined(MAC) || defined(LINUX) || \ defined(__MVS__) static const char* functionName = - "NativeInterface.do_GCM_FinalUpdateEncrypt"; + "NativeOCKImplementation.do_GCM_FinalUpdateEncrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* keyNative = NULL; unsigned char* ivNative = NULL; @@ -1946,19 +1946,19 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1FinalForUpdateEnc #endif } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_UpdForUpdateDecrypt * Signature: */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1UpdForUpdateDecrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1UpdForUpdateDecrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmCtxId, jbyteArray ciphertext, jint ciphertextOffset, jint ciphertextLen, jbyteArray plaintext, jint plaintextOffset) { #if defined(AIX) || defined(WINDOWS) || defined(MAC) || defined(LINUX) || \ defined(__MVS__) static const char* functionName = - "NativeInterface.do_GCM_UpdForUpdateDecrypt"; + "NativeOCKImplementation.do_GCM_UpdForUpdateDecrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* plaintextNative = NULL; unsigned char* ciphertextNative = NULL; @@ -2036,19 +2036,19 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1UpdForUpdateDecry #endif } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_InitForUpdateDecrypt * Signature: */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1InitForUpdateDecrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1InitForUpdateDecrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmCtxId, jbyteArray key, jint keyLen, jbyteArray iv, jint ivLen, jbyteArray aad, jint aadLen) { #if defined(AIX) || defined(WINDOWS) || defined(MAC) || defined(LINUX) || \ defined(__MVS__) static const char* functionName = - "NativeInterface.do_GCM_InitForUpdateDecrypt"; + "NativeOCKImplementation.do_GCM_InitForUpdateDecrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* keyNative = NULL; unsigned char* ivNative = NULL; @@ -2140,12 +2140,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1InitForUpdateDecr #endif } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_FinalForUpdateDecrypt * Signature: */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1FinalForUpdateDecrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1FinalForUpdateDecrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmCtxId, jbyteArray ciphertext, jint ciphertextOffset, jint ciphertextLen, jbyteArray plaintext, jint plaintextOffset, jint plaintextLen, @@ -2153,7 +2153,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1FinalForUpdateDec #if defined(AIX) || defined(WINDOWS) || defined(MAC) || defined(LINUX) || \ defined(__MVS__) static const char* functionName = - "NativeInterface.do_GCM_FinalForUpdateDecrypt"; + "NativeOCKImplementation.do_GCM_FinalForUpdateDecrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* plaintextNative = NULL; unsigned char* ciphertextNative = NULL; @@ -2253,19 +2253,19 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1FinalForUpdateDec } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: do_GCM_InitForUpdateEncrypt * Signature: */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_do_1GCM_1InitForUpdateEncrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_do_1GCM_1InitForUpdateEncrypt( JNIEnv* env, jclass thisObj, jlong ockContextId, jlong gcmCtxId, jbyteArray key, jint keyLen, jbyteArray iv, jint ivLen, jbyteArray aad, jint aadLen) { #if defined(AIX) || defined(WINDOWS) || defined(MAC) || defined(LINUX) || \ defined(__MVS__) static const char* functionName = - "NativeInterface.do_GCM_InitForUpdateEncrypt"; + "NativeOCKImplementation.do_GCM_InitForUpdateEncrypt"; ICC_CTX* ockCtx = (ICC_CTX*)((intptr_t)ockContextId); unsigned char* keyNative = NULL; unsigned char* ivNative = NULL; diff --git a/src/main/native/HKDF.c b/src/main/native/ock/HKDF.c similarity index 94% rename from src/main/native/HKDF.c rename to src/main/native/ock/HKDF.c index 81392350c..e3a8f8646 100644 --- a/src/main/native/HKDF.c +++ b/src/main/native/ock/HKDF.c @@ -14,7 +14,7 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include @@ -25,14 +25,14 @@ typedef struct OCKHKDF { //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HKDF_create * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1create( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HKDF_1create( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring digestAlgo) { - static const char *functionName = "NativeInterface.HKDF_create"; + static const char *functionName = "NativeOCKImplementation.HKDF_create"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHKDF *ockHKDF = NULL; @@ -135,15 +135,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1create( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HKDF_extract * Signature: (JJ[BII)V */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1extract( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HKDF_1extract( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hkdfId, jbyteArray salt, jlong saltLenl, jbyteArray inKey, jlong inKeyLenl) { - static const char *functionName = "NativeInterface.HKDF_extract"; + static const char *functionName = "NativeOCKImplementation.HKDF_extract"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHKDF *ockHKDF = (OCKHKDF *)((intptr_t)hkdfId); @@ -292,16 +292,16 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1extract( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HKDF_expand * Signature: (JJ[BII)V */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1expand( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HKDF_1expand( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hkdfId, jbyteArray prk, jlong prkLenl, jbyteArray info, jlong infoLenl, jlong okmLenl) { - static const char *functionName = "NativeInterface.HKDF_expand"; + static const char *functionName = "NativeOCKImplementation.HKDF_expand"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHKDF *ockHKDF = (OCKHKDF *)((intptr_t)hkdfId); @@ -460,16 +460,16 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1expand( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HKDF_derive * Signature: (JJ[BII)V */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1derive( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HKDF_1derive( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hkdfId, jbyteArray salt, jlong saltLenl, jbyteArray inKey, jlong inKeyLenl, jbyteArray info, jlong infoLenl, jlong resKeyLenl) { - static const char *functionName = "NativeInterface.HKDF_1derive"; + static const char *functionName = "NativeOCKImplementation.HKDF_1derive"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHKDF *ockHKDF = (OCKHKDF *)((intptr_t)hkdfId); @@ -655,14 +655,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1derive( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HKDF_size * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1size( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HKDF_1size( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hkdfId) { - static const char *functionName = "NativeInterface.Hkdf_size"; + static const char *functionName = "NativeOCKImplementation.Hkdf_size"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHKDF *ockHKDF = (OCKHKDF *)((intptr_t)hkdfId); @@ -704,14 +704,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1size( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HKDF_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HKDF_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HKDF_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hkdfId) { - static const char *functionName = "NativeInterface.HKDF_delete"; + static const char *functionName = "NativeOCKImplementation.HKDF_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHKDF *ockHKDF = (OCKHKDF *)((intptr_t)hkdfId); diff --git a/src/main/native/HMAC.c b/src/main/native/ock/HMAC.c similarity index 91% rename from src/main/native/HMAC.c rename to src/main/native/ock/HMAC.c index b6aa5c6da..9fdb18600 100644 --- a/src/main/native/HMAC.c +++ b/src/main/native/ock/HMAC.c @@ -19,7 +19,7 @@ #define bool _Bool #endif -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include @@ -32,14 +32,14 @@ typedef struct OCKHMAC { } OCKHMAC; /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HMAC_create * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1create( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HMAC_1create( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring digestAlgo) { - static const char *functionName = "NativeInterface.HMAC_create"; + static const char *functionName = "NativeOCKImplementation.HMAC_create"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHMAC *ockHMAC = (OCKHMAC *)malloc(sizeof(OCKHMAC)); @@ -139,7 +139,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1create( int HMAC_init_internal(ICC_CTX *ockCtx, OCKHMAC *ockHMAC, unsigned char *keyNative, int keySize) { int rc = ICC_OSSL_SUCCESS; - static const char *functionName = "NativeInterface.HMAC_init_internal"; + static const char *functionName = "NativeOCKImplementation.HMAC_init_internal"; if (debug) { gslogFunctionEntry(functionName); @@ -197,7 +197,7 @@ int HMAC_init_internal(ICC_CTX *ockCtx, OCKHMAC *ockHMAC, */ int HMAC_init(JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hmacId, jbyteArray key, jint keySize) { - static const char *functionName = "NativeInterface.HMAC_init"; + static const char *functionName = "NativeOCKImplementation.HMAC_init"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHMAC *ockHMAC = (OCKHMAC *)((intptr_t)hmacId); @@ -257,7 +257,7 @@ JNIEXPORT int HMAC_update_internal(ICC_CTX *ockCtx, OCKHMAC *ockHMAC, bool needInit) { int result = HMAC_INTERNAL_SUCCESS; int rc = ICC_OSSL_SUCCESS; - static const char *functionName = "NativeInterface.HAMC_update_internal"; + static const char *functionName = "NativeOCKImplementation.HAMC_update_internal"; if (debug) { gslogFunctionEntry(functionName); @@ -322,16 +322,16 @@ JNIEXPORT int HMAC_update_internal(ICC_CTX *ockCtx, OCKHMAC *ockHMAC, } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HMAC_update * Signature: (JJ[BII)V */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1update( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HMAC_1update( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hmacId, jbyteArray key, jint keyLength, jbyteArray input, jint inputOffset, jint inputLen, jboolean needInit) { - static const char *functionName = "NativeInterface.HMAC_update"; + static const char *functionName = "NativeOCKImplementation.HMAC_update"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHMAC *ockHMAC = (OCKHMAC *)((intptr_t)hmacId); @@ -395,7 +395,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1update( JNIEXPORT int HMAC_doFinal_internal(ICC_CTX *ockCtx, OCKHMAC *ockHMAC, unsigned char *keyNative, int keySize, unsigned char *hmac, bool needInit) { - static const char *functionName = "NativeInterface.HMAC_doFinal_internal"; + static const char *functionName = "NativeOCKImplementation.HMAC_doFinal_internal"; unsigned int hmacLen = 0; int rc = ICC_OSSL_SUCCESS; @@ -442,15 +442,15 @@ JNIEXPORT int HMAC_doFinal_internal(ICC_CTX *ockCtx, OCKHMAC *ockHMAC, return result; } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HMAC_doFinal * Signature: (JJ)[B */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1doFinal( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HMAC_1doFinal( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hmacId, jbyteArray key, jint keyLength, jbyteArray hmac, jboolean needInit) { - static const char *functionName = "NativeInterface.HMAC_doFinal"; + static const char *functionName = "NativeOCKImplementation.HMAC_doFinal"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHMAC *ockHMAC = (OCKHMAC *)((intptr_t)hmacId); @@ -518,14 +518,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1doFinal( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HMAC_size * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1size( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HMAC_1size( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hmacId) { - static const char *functionName = "NativeInterface.HMAC_size"; + static const char *functionName = "NativeOCKImplementation.HMAC_size"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHMAC *ockHMAC = (OCKHMAC *)((intptr_t)hmacId); @@ -569,14 +569,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1size( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: HMAC_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_HMAC_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_HMAC_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong hmacId) { - static const char *functionName = "NativeInterface.HMAC_delete"; + static const char *functionName = "NativeOCKImplementation.HMAC_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKHMAC *ockHMAC = (OCKHMAC *)((intptr_t)hmacId); diff --git a/src/main/native/KEM.c b/src/main/native/ock/KEM.c similarity index 95% rename from src/main/native/KEM.c rename to src/main/native/ock/KEM.c index acda69388..1c51e7bba 100644 --- a/src/main/native/KEM.c +++ b/src/main/native/ock/KEM.c @@ -13,19 +13,19 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: KEM_encapsulate * Signature: (JJ[B[B)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_KEM_1encapsulate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_KEM_1encapsulate( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockPKeyId, jbyteArray wrappedKey, jbyteArray randomKey) { @@ -109,12 +109,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_KEM_1encapsulate( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: KEM_decapsulate * Signature: (JJ[B)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_KEM_1decapsulate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_KEM_1decapsulate( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockPKeyId, jbyteArray wrappedKey) { diff --git a/src/main/native/MLKey.c b/src/main/native/ock/MLKey.c similarity index 95% rename from src/main/native/MLKey.c rename to src/main/native/ock/MLKey.c index a0d84c1cb..dd90578d7 100644 --- a/src/main/native/MLKey.c +++ b/src/main/native/ock/MLKey.c @@ -17,18 +17,18 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: MLKEY_generate * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1generate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_MLKEY_1generate( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring cipherName) { static const char *functionName = "NativeInterface.MLKEY_generate"; @@ -349,13 +349,13 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1generate( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: MLKEY_createPrivateKey * Returns: pointer to Octet encapsulated key * Signature: (JLjava/lang/String;[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1createPrivateKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_MLKEY_1createPrivateKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring cipherName, jbyteArray privateKeyBytes) { ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); @@ -432,13 +432,13 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1createPrivateKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: MLKEY_createPublicKey * Return: BitString encapsulated key * Signature: (JLjava/lang/String;[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1createPublicKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_MLKEY_1createPublicKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring cipherName, jbyteArray publicKeyBytes) { ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); @@ -503,13 +503,13 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1createPublicKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: MLKEY_getPrivateKeyBytes * Return: RAW key - This may change in the future. * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1getPrivateKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_MLKEY_1getPrivateKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong mlkeyId) { ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockKey = (ICC_EVP_PKEY *)((intptr_t)mlkeyId); @@ -595,13 +595,13 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1getPrivateKeyBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: MLKEY_getPublicKeyBytes * Return: RAW key * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1getPublicKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_MLKEY_1getPublicKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong mlkeyId) { ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockKey = (ICC_EVP_PKEY *)((intptr_t)mlkeyId); @@ -659,12 +659,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1getPublicKeyBytes( //============================================================================ /* NOTE: - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: MLKEY_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_MLKEY_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_MLKEY_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong mlkeyId) { ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockKey = (ICC_EVP_PKEY *)((intptr_t)mlkeyId); diff --git a/src/main/native/PBKDF.c b/src/main/native/ock/PBKDF.c similarity index 94% rename from src/main/native/PBKDF.c rename to src/main/native/ock/PBKDF.c index f7d8a2c6a..b41c86f15 100644 --- a/src/main/native/PBKDF.c +++ b/src/main/native/ock/PBKDF.c @@ -14,20 +14,20 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: PBKDF2_derive */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_PBKDF2_1derive( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_PBKDF2_1derive( JNIEnv *env, jclass thisObj, jlong contextId, jstring hashAlgorithm, jbyteArray password, jbyteArray salt, jint iterations, jint keyLength) { - static const char *functionName = "NativeInterface.PBKDF2_derive"; + static const char *functionName = "NativeOCKImplementation.PBKDF2_derive"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)contextId); const char *hashAlgorithmChars = NULL; unsigned char *saltNative = NULL; diff --git a/src/main/native/PKey.c b/src/main/native/ock/PKey.c similarity index 79% rename from src/main/native/PKey.c rename to src/main/native/ock/PKey.c index ea9b9aac0..efa67fffb 100644 --- a/src/main/native/PKey.c +++ b/src/main/native/ock/PKey.c @@ -13,20 +13,20 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: PKEY_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_PKEY_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_PKEY_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong pkeyId) { - static const char *functionName = "NativeInterface.PKEY_delete"; + static const char *functionName = "NativeOCKImplementation.PKEY_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_EVP_PKEY *ockPKey = (ICC_EVP_PKEY *)((intptr_t)pkeyId); diff --git a/src/main/native/Padding.h b/src/main/native/ock/Padding.h similarity index 100% rename from src/main/native/Padding.h rename to src/main/native/ock/Padding.h diff --git a/src/main/native/Poly1305Cipher.c b/src/main/native/ock/Poly1305Cipher.c similarity index 90% rename from src/main/native/Poly1305Cipher.c rename to src/main/native/ock/Poly1305Cipher.c index 1d2105554..5daad1851 100644 --- a/src/main/native/Poly1305Cipher.c +++ b/src/main/native/ock/Poly1305Cipher.c @@ -13,7 +13,7 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Padding.h" #include "Utils.h" #include "ExceptionCodes.h" @@ -26,14 +26,14 @@ typedef struct OCKCipher { //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_create * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1create( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1create( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring cipherName) { - static const char *functionName = "NativeInterface.POLY1305CIPHER_create"; + static const char *functionName = "NativeOCKImplementation.POLY1305CIPHER_create"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = NULL; @@ -108,15 +108,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1create( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_init * Signature: (JJZ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1init( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1init( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jint isEncrypt, jbyteArray key, jbyteArray iv) { - static const char *functionName = "NativeInterface.POLY1305CIPHER_init"; + static const char *functionName = "NativeOCKImplementation.POLY1305CIPHER_init"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -175,14 +175,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1init( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_clean * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1clean( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1clean( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.POLY1305CIPHER_clean"; + static const char *functionName = "NativeOCKImplementation.POLY1305CIPHER_clean"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -211,16 +211,16 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1clean( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_setPadding * Signature: (JJZ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1setPadding( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1setPadding( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jint paddingId) { static const char *functionName = - "NativeInterface.POLY1305CIPHER_setPadding"; + "NativeOCKImplementation.POLY1305CIPHER_setPadding"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -274,15 +274,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1setPadding //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_getBlockSize * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1getBlockSize( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1getBlockSize( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { static const char *functionName = - "NativeInterface.POLY1305CIPHER_getBlockSize"; + "NativeOCKImplementation.POLY1305CIPHER_getBlockSize"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -304,15 +304,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1getBlockSi //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_getKeyLength * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1getKeyLength( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1getKeyLength( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { static const char *functionName = - "NativeInterface.POLY1305CIPHER_getKeyLength"; + "NativeOCKImplementation.POLY1305CIPHER_getKeyLength"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -334,15 +334,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1getKeyLeng //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_getIVLength * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1getIVLength( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1getIVLength( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { static const char *functionName = - "NativeInterface.POLY1305CIPHER_getIVLength"; + "NativeOCKImplementation.POLY1305CIPHER_getIVLength"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -364,14 +364,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1getIVLengt //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_getOID * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1getOID( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1getOID( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.POLY1305CIPHER_getOID"; + static const char *functionName = "NativeOCKImplementation.POLY1305CIPHER_getOID"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -393,17 +393,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1getOID( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_encryptUpdate * Signature: (JJI[B[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1encryptUpdate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1encryptUpdate( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jbyteArray plaintext, jint plaintextOffset, jint plaintextLen, jbyteArray ciphertext, jint ciphertextOffset) { static const char *functionName = - "NativeInterface.POLY1305CIPHER_encryptUpdate"; + "NativeOCKImplementation.POLY1305CIPHER_encryptUpdate"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -498,17 +498,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1encryptUpd //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_encryptFinal * Signature: (JJI[B[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1encryptFinal( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1encryptFinal( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jbyteArray plaintext, jint plaintextOffset, jint plaintextLen, jbyteArray ciphertext, jint ciphertextOffset, jbyteArray tag) { static const char *functionName = - "NativeInterface.POLY1305CIPHER_encryptFinal"; + "NativeOCKImplementation.POLY1305CIPHER_encryptFinal"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -643,17 +643,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1encryptFin //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_decryptUpdate * Signature: (JJI[B[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1decryptUpdate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1decryptUpdate( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jbyteArray ciphertext, jint ciphertextOffset, jint ciphertextLen, jbyteArray plaintext, jint plaintextOffset) { static const char *functionName = - "NativeInterface.POLY1305CIPHER_decryptUpdate"; + "NativeOCKImplementation.POLY1305CIPHER_decryptUpdate"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -744,17 +744,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1decryptUpd //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_decryptFinal * Signature: (JJI[B[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1decryptFinal( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1decryptFinal( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jbyteArray ciphertext, jint ciphertextOffset, jint ciphertextLen, jbyteArray plaintext, jint plaintextOffset, jbyteArray tag) { static const char *functionName = - "NativeInterface.POLY1305CIPHER_decryptFinal"; + "NativeOCKImplementation.POLY1305CIPHER_decryptFinal"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -871,15 +871,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1decryptFin errCode = ICC_ERR_peek_last_error(ockCtx); errStr = ICC_ERR_reason_error_string(ockCtx, errCode); exceptionMsg = "ICC_EVP_DecryptFinal failed!\n"; - +/* #ifdef DEBUG_CIPHER_DATA - if (debug) { + if (debug) {*/ gslogMessage("errCode: %ul", errCode); gslogMessage("errStr: %s", errStr); gslogMessage("exceptionMsg: %s", exceptionMsg); - } +/* } #endif - +*/ if (errStr == NULL) { exceptionCode = GKR_UNSPECIFIED; } @@ -928,14 +928,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1decryptFin //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: POLY1305CIPHER_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_POLY1305CIPHER_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_POLY1305CIPHER_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.POLY1305CIPHER_delete"; + static const char *functionName = "NativeOCKImplementation.POLY1305CIPHER_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); diff --git a/src/main/native/RSA.c b/src/main/native/ock/RSA.c similarity index 93% rename from src/main/native/RSA.c rename to src/main/native/ock/RSA.c index 2ce908ebe..e014cd6a2 100644 --- a/src/main/native/RSA.c +++ b/src/main/native/ock/RSA.c @@ -12,7 +12,7 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include "RSAPadding.h" #include @@ -20,16 +20,16 @@ static int rsaPaddingMap(int rsaPaddingId); /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSACIPHER_public_encrypt * Signature: (JJI[BII[BI)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSACIPHER_1public_1encrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSACIPHER_1public_1encrypt( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId, jint rsaPaddingId, jbyteArray plaintext, jint plaintextOff, jint plaintextLen, jbyteArray ciphertext, jint ciphertextOff) { - static const char *functionName = "NativeInterface.RSA_public_encrypt"; + static const char *functionName = "NativeOCKImplementation.RSA_public_encrypt"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); @@ -124,17 +124,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSACIPHER_1public_1encrypt } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSACIPHER_private_encrypt * Signature: (JJI[BII[BI)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSACIPHER_1private_1encrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSACIPHER_1private_1encrypt( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId, jint rsaPaddingId, jbyteArray plaintext, jint plaintextOff, jint plaintextLen, jbyteArray ciphertext, jint ciphertextOff, jboolean convertKey) { - static const char *functionName = "NativeInterface.RSA_private_encrypt"; + static const char *functionName = "NativeOCKImplementation.RSA_private_encrypt"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); @@ -231,16 +231,16 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSACIPHER_1private_1encryp } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSACIPHER_public_decrypt * Signature: (JJI[BII[BI)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSACIPHER_1public_1decrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSACIPHER_1public_1decrypt( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId, jint rsaPaddingId, jbyteArray ciphertext, jint ciphertextOff, jint ciphertextLen, jbyteArray plaintext, jint plaintextOff) { - static const char *functionName = "NativeInterface.RSA_public_decrypt"; + static const char *functionName = "NativeOCKImplementation.RSA_public_decrypt"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); @@ -331,17 +331,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSACIPHER_1public_1decrypt } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSACIPHER_private_decrypt * Signature: (JJI[BII[BI)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSACIPHER_1private_1decrypt( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSACIPHER_1private_1decrypt( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId, jint rsaPaddingId, jbyteArray ciphertext, jint ciphertextOff, jint ciphertextLen, jbyteArray plaintext, jint plaintextOff, jboolean convertKey) { - static const char *functionName = "NativeInterface.RSA_private_decrypt"; + static const char *functionName = "NativeOCKImplementation.RSA_private_decrypt"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); diff --git a/src/main/native/RSAKey.c b/src/main/native/ock/RSAKey.c similarity index 91% rename from src/main/native/RSAKey.c rename to src/main/native/ock/RSAKey.c index 72fc4b709..5313d64c2 100644 --- a/src/main/native/RSAKey.c +++ b/src/main/native/ock/RSAKey.c @@ -13,20 +13,20 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAKEY_generate * Signature: (JI)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1generate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAKEY_1generate( JNIEnv *env, jclass thisObj, jlong ockContextId, jint numBits, jlong e) { - static const char *functionName = "NativeInterface.RSAKEY_generate"; + static const char *functionName = "NativeOCKImplementation.RSAKEY_generate"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = NULL; @@ -63,15 +63,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1generate( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAKEY_createPrivateKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1createPrivateKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAKEY_1createPrivateKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray privateKeyBytes) { - static const char *functionName = "NativeInterface.RSAKEY_createPrivateKey"; + static const char *functionName = "NativeOCKImplementation.RSAKEY_createPrivateKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = NULL; @@ -185,15 +185,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1createPrivateKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAKEY_createPublicKey * Signature: (J[B)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1createPublicKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAKEY_1createPublicKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray publicKeyBytes) { - static const char *functionName = "NativeInterface.RSAKEY_createPublicKey"; + static const char *functionName = "NativeOCKImplementation.RSAKEY_createPublicKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = NULL; @@ -306,15 +306,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1createPublicKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAKEY_getPrivateKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1getPrivateKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAKEY_1getPrivateKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId) { static const char *functionName = - "NativeInterface.RSAKEY_getPrivateKeyBytes"; + "NativeOCKImplementation.RSAKEY_getPrivateKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); @@ -415,15 +415,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1getPrivateKeyBytes //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAKEY_getPublicKeyBytes * Signature: (JJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1getPublicKeyBytes( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAKEY_1getPublicKeyBytes( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId) { static const char *functionName = - "NativeInterface.RSAKEY_getPublicKeyBytes"; + "NativeOCKImplementation.RSAKEY_getPublicKeyBytes"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); @@ -524,14 +524,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1getPublicKeyBytes( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAKEY_createPKey * Signature: (JJ)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1createPKey( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAKEY_1createPKey( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId) { - static const char *functionName = "NativeInterface.RSAKEY_createPKey"; + static const char *functionName = "NativeOCKImplementation.RSAKEY_createPKey"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); @@ -604,14 +604,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1createPKey( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAKEY_size * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1size( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAKEY_1size( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId) { - static const char *functionName = "NativeInterface.RSAKEY_size"; + static const char *functionName = "NativeOCKImplementation.RSAKEY_size"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); @@ -650,14 +650,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1size( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAKEY_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAKEY_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAKEY_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaKeyId) { - static const char *functionName = "NativeInterface.RSAKEY_delete"; + static const char *functionName = "NativeOCKImplementation.RSAKEY_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); diff --git a/src/main/native/RSAPadding.h b/src/main/native/ock/RSAPadding.h similarity index 100% rename from src/main/native/RSAPadding.h rename to src/main/native/ock/RSAPadding.h diff --git a/src/main/native/RsaPss.c b/src/main/native/ock/RsaPss.c similarity index 90% rename from src/main/native/RsaPss.c rename to src/main/native/ock/RsaPss.c index b341913c6..54fc8fc9e 100644 --- a/src/main/native/RsaPss.c +++ b/src/main/native/ock/RsaPss.c @@ -14,21 +14,21 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include "RsaPss.h" #include /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_signInit * DigestSignature: (JJJ)[B */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1signInit( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1signInit( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockRsaPssId, jlong ockPKeyId, jint saltlen, jboolean convert) { - static const char *functionName = "NativeInterface.RSAPSS_signInit"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_signInit"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)((intptr_t)ockRsaPssId); @@ -133,15 +133,15 @@ sig_len = modulus/4; rv = ICC_EVP_DigestSignFinal(ctx,md_ctx,sig_buf,&sig_len);*/ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_verifyInit * DigestSignature: (JJJ)[B */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1verifyInit( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1verifyInit( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockRsaPssId, jlong ockPKeyId, jint saltlen) { - static const char *functionName = "NativeInterface.RSAPSS_verifyInit"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_verifyInit"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)((intptr_t)ockRsaPssId); @@ -217,14 +217,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1verifyInit( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_getSigLen * DigestSignature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1getSigLen( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1getSigLen( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockRsaPssId) { - /*static const char * functionName = "NativeInterface.RSAPSS_getSigLen";*/ + /*static const char * functionName = "NativeOCKImplementation.RSAPSS_getSigLen";*/ ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)((intptr_t)ockRsaPssId); @@ -246,15 +246,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1getSigLen( return outLen; } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_signFinal * DigestSignature: (JJJ[BI)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1signFinal( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1signFinal( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockRsaPssId, jbyteArray signature, jint length) { - static const char *functionName = "NativeInterface.RSAPSS_signFinal"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_signFinal"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)((intptr_t)ockRsaPssId); @@ -339,15 +339,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1signFinal( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_verifyFinal * Signature: (JJJ)Z */ JNIEXPORT jboolean JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1verifyFinal( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1verifyFinal( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockRsaPssId, jbyteArray sigBytes, jint size) { - static const char *functionName = "NativeInterface.RSAPSS_verifyFinal"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_verifyFinal"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)((intptr_t)ockRsaPssId); @@ -423,15 +423,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1verifyFinal( } //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_digestUpdate * Signature: (JJ[BII)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1digestUpdate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1digestUpdate( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong rsaPssId, jbyteArray data, jint offset, jint dataLen) { - static const char *functionName = "NativeInterface.RSAPSS_digestUpdate"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_digestUpdate"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)((intptr_t)rsaPssId); @@ -559,16 +559,16 @@ OCKDigest *allocateDigest(JNIEnv *env, ICC_CTX *ockCtx, jstring digestAlgo) { } //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_createContext * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1createContext( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1createContext( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring digestAlgo, jstring mgf1SpecAlgo) { - static const char *functionName = "NativeInterface.RSAPSS_createContext"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_createContext"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)malloc(sizeof(OCKRsaPss)); @@ -601,15 +601,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1createContext( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_releaseContext * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1releaseContext( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1releaseContext( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockRsaPssId) { - static const char *functionName = "NativeInterface.RSAPSS_releaseContext"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_releaseContext"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)((intptr_t)ockRsaPssId); @@ -650,14 +650,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1releaseContext( //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_reset * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1reset( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1reset( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong digestId) { - static const char *functionName = "NativeInterface.RSAPSS_reset"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_reset"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)digestId); @@ -701,15 +701,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1reset( } //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSAPSS_resetDigest * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSAPSS_1resetDigest( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSAPSS_1resetDigest( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockRsaPssId) { - static const char *functionName = "NativeInterface.RSAPSS_resetDigest"; + static const char *functionName = "NativeOCKImplementation.RSAPSS_resetDigest"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKRsaPss *ockRsaPss = (OCKRsaPss *)((intptr_t)ockRsaPssId); diff --git a/src/main/native/RsaPss.h b/src/main/native/ock/RsaPss.h similarity index 100% rename from src/main/native/RsaPss.h rename to src/main/native/ock/RsaPss.h diff --git a/src/main/native/Signature.c b/src/main/native/ock/Signature.c similarity index 94% rename from src/main/native/Signature.c rename to src/main/native/ock/Signature.c index e0503493d..915c76944 100644 --- a/src/main/native/Signature.c +++ b/src/main/native/ock/Signature.c @@ -14,21 +14,21 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include "Digest.h" #include /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: SIGNATURE_sign * Signature: (JJJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_SIGNATURE_1sign( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_SIGNATURE_1sign( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong iccMDId, jlong ockPKeyId, jboolean convert) { - static const char *functionName = "NativeInterface.SIGNATURE_sign"; + static const char *functionName = "NativeOCKImplementation.SIGNATURE_sign"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)iccMDId); @@ -174,15 +174,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_SIGNATURE_1sign( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: SIGNATURE_verify * Signature: (JJJ)Z */ JNIEXPORT jboolean JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_SIGNATURE_1verify( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_SIGNATURE_1verify( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong iccMDId, jlong ockPKeyId, jbyteArray sigBytes) { - static const char *functionName = "NativeInterface.SIGNATURE_verify"; + static const char *functionName = "NativeOCKImplementation.SIGNATURE_verify"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKDigest *ockDigest = (OCKDigest *)((intptr_t)iccMDId); diff --git a/src/main/native/SignatureDSANONE.c b/src/main/native/ock/SignatureDSANONE.c similarity index 94% rename from src/main/native/SignatureDSANONE.c rename to src/main/native/ock/SignatureDSANONE.c index 842ec061e..2171415b5 100644 --- a/src/main/native/SignatureDSANONE.c +++ b/src/main/native/ock/SignatureDSANONE.c @@ -14,20 +14,20 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSANONE_SIGNATURE_sign * Signature: (J[BJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSANONE_1SIGNATURE_1sign( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSANONE_1SIGNATURE_1sign( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray digest, jlong dsaKeyId) { - static const char *functionName = "NativeInterface.DSANONE_SIGNATURE_sign"; + static const char *functionName = "NativeOCKImplementation.DSANONE_SIGNATURE_sign"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = (ICC_DSA *)((intptr_t)dsaKeyId); @@ -178,16 +178,16 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSANONE_1SIGNATURE_1sign( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: DSANONE_SIGNATURE_verify * Signature: (J[BJ[B)Z */ JNIEXPORT jboolean JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_DSANONE_1SIGNATURE_1verify( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_DSANONE_1SIGNATURE_1verify( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray digest, jlong dsaKeyId, jbyteArray sigBytes) { static const char *functionName = - "NativeInterface.DSANONE_SIGNATURE_verify"; + "NativeOCKImplementation.DSANONE_SIGNATURE_verify"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_DSA *ockDSA = (ICC_DSA *)((intptr_t)dsaKeyId); diff --git a/src/main/native/SignatureEdDSA.c b/src/main/native/ock/SignatureEdDSA.c similarity index 96% rename from src/main/native/SignatureEdDSA.c rename to src/main/native/ock/SignatureEdDSA.c index 389b81470..198495659 100644 --- a/src/main/native/SignatureEdDSA.c +++ b/src/main/native/ock/SignatureEdDSA.c @@ -14,17 +14,17 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: SIGNATUREEdDSA_signOneShot * DigestSignature: (JJJ[B)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_SIGNATUREEdDSA_1signOneShot( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_SIGNATUREEdDSA_1signOneShot( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockPKeyId, jbyteArray bytes) { static const char *functionName = "SIGNATUREEdDSA_signOneShot"; @@ -172,12 +172,12 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_SIGNATUREEdDSA_1signOneSho } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: SIGNATUREEdDSA_verifyOneShot * Signature: (JJ[B[B)Z */ JNIEXPORT jboolean JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_SIGNATUREEdDSA_1verifyOneShot( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_SIGNATUREEdDSA_1verifyOneShot( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockPKeyId, jbyteArray sigBytes, jbyteArray oneShotBytes) { static const char *functionName = "SIGNATUREEdDSA_verifyOneShot"; diff --git a/src/main/native/SignaturePQC.c b/src/main/native/ock/SignaturePQC.c similarity index 94% rename from src/main/native/SignaturePQC.c rename to src/main/native/ock/SignaturePQC.c index 983a0e7ed..713e5cf79 100644 --- a/src/main/native/SignaturePQC.c +++ b/src/main/native/ock/SignaturePQC.c @@ -13,17 +13,17 @@ #include #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: PQC_SIGNATURE_sign * Signature: (JJ[B)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_PQC_1SIGNATURE_1sign( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_PQC_1SIGNATURE_1sign( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockPKeyId, jbyteArray data) { @@ -137,12 +137,17 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_PQC_1SIGNATURE_1sign( } /* +<<<<<<< HEAD * Class: com_ibm_crypto_plus_provider_ock_NativeInterface * Method: PQC_SIGNATURE_verify +======= + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation + * Method: SIGNATURE_verify +>>>>>>> cc63a8a (Update new PQC algorithms 5) * Signature: (JJ[B[B)Z */ JNIEXPORT jboolean JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_PQC_1SIGNATURE_1verify( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_PQC_1SIGNATURE_1verify( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockPKeyId, jbyteArray sigBytes, jbyteArray data) { diff --git a/src/main/native/SignatureRSASSL.c b/src/main/native/ock/SignatureRSASSL.c similarity index 95% rename from src/main/native/SignatureRSASSL.c rename to src/main/native/ock/SignatureRSASSL.c index 9179d35a0..9866fb9bf 100644 --- a/src/main/native/SignatureRSASSL.c +++ b/src/main/native/ock/SignatureRSASSL.c @@ -14,7 +14,7 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include @@ -32,15 +32,15 @@ //------------------------------------------------------------------------------ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSASSL_SIGNATURE_sign * Signature: (J[BJ)[B */ JNIEXPORT jbyteArray JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSASSL_1SIGNATURE_1sign( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSASSL_1SIGNATURE_1sign( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray digest, jlong rsaKeyId) { - static const char *functionName = "NativeInterface.RSASSL_SIGNATURE_sign"; + static const char *functionName = "NativeOCKImplementation.RSASSL_SIGNATURE_sign"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); @@ -201,15 +201,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSASSL_1SIGNATURE_1sign( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: RSASSL_SIGNATURE_verify * Signature: (J[BJ[B)Z */ JNIEXPORT jboolean JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_RSASSL_1SIGNATURE_1verify( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_RSASSL_1SIGNATURE_1verify( JNIEnv *env, jclass thisObj, jlong ockContextId, jbyteArray digest, jlong rsaKeyId, jbyteArray sigBytes, jboolean convert) { - static const char *functionName = "NativeInterface.RSASSL_SIGNATURE_verify"; + static const char *functionName = "NativeOCKImplementation.RSASSL_SIGNATURE_verify"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_RSA *ockRSA = (ICC_RSA *)((intptr_t)rsaKeyId); diff --git a/src/main/native/StaticStub.c b/src/main/native/ock/StaticStub.c similarity index 89% rename from src/main/native/StaticStub.c rename to src/main/native/ock/StaticStub.c index ef6560a77..f4c8f0214 100644 --- a/src/main/native/StaticStub.c +++ b/src/main/native/ock/StaticStub.c @@ -12,7 +12,7 @@ #include #include -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Utils.h" #include "ExceptionCodes.h" #include "Context.h" @@ -20,14 +20,14 @@ //============================================================================ /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: initializeOCK * Signature: (Z)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_initializeOCK( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_initializeOCK( JNIEnv *env, jclass thisObj, jboolean isFIPS) { - static const char *functionName = "NativeInterface.initializeOCK"; + static const char *functionName = "NativeOCKImplementation.initializeOCK"; ICC_CTX *ockCtx = NULL; int retcode = ICC_OK; @@ -133,14 +133,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_initializeOCK( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CTX_getValue * Signature: (JI)Ljava/lang/String; */ JNIEXPORT jstring JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CTX_1getValue( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CTX_1getValue( JNIEnv *env, jclass thisObj, jlong ockContextId, jint valueId) { - static const char *functionName = "NativeInterface.CTX_getValue"; + static const char *functionName = "NativeOCKImplementation.CTX_getValue"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); ICC_VALUE_IDS_ENUM iccValueId = 0; @@ -191,7 +191,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CTX_1getValue( } JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_getByteBufferPointer( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_getByteBufferPointer( JNIEnv *env, jclass unusedclass, jobject obj) { return (jlong)((intptr_t)(*env)->GetDirectBufferAddress(env, obj)); } diff --git a/src/main/native/SymmetricCipher.c b/src/main/native/ock/SymmetricCipher.c similarity index 90% rename from src/main/native/SymmetricCipher.c rename to src/main/native/ock/SymmetricCipher.c index 10ab64958..4debf70fc 100644 --- a/src/main/native/SymmetricCipher.c +++ b/src/main/native/ock/SymmetricCipher.c @@ -19,7 +19,7 @@ #define bool _Bool #endif -#include "com_ibm_crypto_plus_provider_ock_NativeInterface.h" +#include "com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h" #include "Padding.h" #include "Utils.h" #include "ExceptionCodes.h" @@ -38,14 +38,14 @@ typedef struct OCKCipher { KMC_FuncPtr KMC; // z_kmc_native function pointer /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_create * Signature: (JLjava/lang/String;)J */ JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1create( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1create( JNIEnv *env, jclass thisObj, jlong ockContextId, jstring cipherName) { - static const char *functionName = "NativeInterface.CIPHER_create"; + static const char *functionName = "NativeOCKImplementation.CIPHER_create"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = NULL; @@ -151,15 +151,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1create( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_init * Signature: (JJZ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1init( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1init( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jint isEncrypt, jint paddingId, jbyteArray key, jbyteArray iv) { - static const char *functionName = "NativeInterface.CIPHER_init"; + static const char *functionName = "NativeOCKImplementation.CIPHER_init"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -261,15 +261,15 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1init( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_setPadding * Signature: (JJZ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1setPadding( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1setPadding( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jint paddingId) { - static const char *functionName = "NativeInterface.CIPHER_setPadding"; + static const char *functionName = "NativeOCKImplementation.CIPHER_setPadding"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -316,14 +316,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1setPadding( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_clean * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1clean( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1clean( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.CIPHER_clean"; + static const char *functionName = "NativeOCKImplementation.CIPHER_clean"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -351,14 +351,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1clean( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_getBlockSize * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1getBlockSize( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1getBlockSize( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.CIPHER_getBlockSize"; + static const char *functionName = "NativeOCKImplementation.CIPHER_getBlockSize"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -379,14 +379,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1getBlockSize( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_getKeyLength * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1getKeyLength( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1getKeyLength( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.CIPHER_getKeyLength"; + static const char *functionName = "NativeOCKImplementation.CIPHER_getKeyLength"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -407,14 +407,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1getKeyLength( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_getIVLength * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1getIVLength( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1getIVLength( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.CIPHER_getIVLength"; + static const char *functionName = "NativeOCKImplementation.CIPHER_getIVLength"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -435,14 +435,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1getIVLength( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_getOID * Signature: (JJ)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1getOID( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1getOID( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.CIPHER_getOID"; + static const char *functionName = "NativeOCKImplementation.CIPHER_getOID"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -462,7 +462,7 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1getOID( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: z_kmc_native */ JNIEXPORT int CIPHER_zKMC_internal(unsigned char *input, unsigned char *output, @@ -476,7 +476,7 @@ JNIEXPORT int CIPHER_zKMC_internal(unsigned char *input, unsigned char *output, } JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_z_1kmc_1native( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_z_1kmc_1native( JNIEnv *env, jclass clazz, jbyteArray input, jint inputOffset, jbyteArray output, jint outputOffset, jlong paramPointer, jint inputLength, jint mode) { @@ -548,16 +548,16 @@ JNIEXPORT int CIPHER_encryptUpdate_internal( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_encryptUpdate * Signature: (JJI[B[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1encryptUpdate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1encryptUpdate( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jbyteArray plaintext, jint plaintextOffset, jint plaintextLen, jbyteArray ciphertext, jint ciphertextOffset, jboolean needsReinit) { - static const char *functionName = "NativeInterface.CIPHER_encryptUpdate"; + static const char *functionName = "NativeOCKImplementation.CIPHER_encryptUpdate"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -687,16 +687,16 @@ JNIEXPORT int CIPHER_encryptFinal_internal( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_encryptFinal * Signature: (JJI[B[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1encryptFinal( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1encryptFinal( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jbyteArray plaintext, jint plaintextOffset, jint plaintextLen, jbyteArray ciphertext, jint ciphertextOffset, jboolean needsReinit) { - static const char *functionName = "NativeInterface.CIPHER_encryptFinal"; + static const char *functionName = "NativeOCKImplementation.CIPHER_encryptFinal"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -794,16 +794,16 @@ JNIEXPORT int CIPHER_decryptUpdate_internal( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_decryptUpdate * Signature: (JJI[B[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1decryptUpdate( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1decryptUpdate( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jbyteArray ciphertext, jint ciphertextOffset, jint ciphertextLen, jbyteArray plaintext, jint plaintextOffset, jboolean needsReinit) { - static const char *functionName = "NativeInterface.CIPHER_decryptUpdate"; + static const char *functionName = "NativeOCKImplementation.CIPHER_decryptUpdate"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -933,16 +933,16 @@ JNIEXPORT int CIPHER_decryptFinal_internal( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_decryptFinal * Signature: (JJI[B[B)I */ JNIEXPORT jint JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1decryptFinal( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1decryptFinal( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId, jbyteArray ciphertext, jint ciphertextOffset, jint ciphertextLen, jbyteArray plaintext, jint plaintextOffset, jboolean needsReinit) { - static const char *functionName = "NativeInterface.CIPHER_decryptFinal"; + static const char *functionName = "NativeOCKImplementation.CIPHER_decryptFinal"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); @@ -1002,18 +1002,18 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1decryptFinal( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: checkHardwareSupport * Signature: (JJI[B[B)I */ FUNC *JCC_OS_helpers(ICC_CTX *ctx); JNIEXPORT jlong JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_checkHardwareSupport( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_checkHardwareSupport( JNIEnv *env, jclass thisObj, jlong ockContextId) { int rv = 0; ICC_CTX *ctx = (ICC_CTX *)((intptr_t)ockContextId); - static const char *functionName = "NativeInterface.checkHardwareSupport"; + static const char *functionName = "NativeOCKImplementation.checkHardwareSupport"; FUNC *funcPtr = ICC_OS_helpers(ctx); @@ -1101,14 +1101,14 @@ Java_com_ibm_crypto_plus_provider_ock_NativeInterface_checkHardwareSupport( } /* - * Class: com_ibm_crypto_plus_provider_ock_NativeInterface + * Class: com_ibm_crypto_plus_provider_ock_NativeOCKImplementation * Method: CIPHER_delete * Signature: (JJ)V */ JNIEXPORT void JNICALL -Java_com_ibm_crypto_plus_provider_ock_NativeInterface_CIPHER_1delete( +Java_com_ibm_crypto_plus_provider_ock_NativeOCKImplementation_CIPHER_1delete( JNIEnv *env, jclass thisObj, jlong ockContextId, jlong ockCipherId) { - static const char *functionName = "NativeInterface.CIPHER_delete"; + static const char *functionName = "NativeOCKImplementation.CIPHER_delete"; ICC_CTX *ockCtx = (ICC_CTX *)((intptr_t)ockContextId); OCKCipher *ockCipher = (OCKCipher *)((intptr_t)ockCipherId); diff --git a/src/main/native/Utils.c b/src/main/native/ock/Utils.c similarity index 98% rename from src/main/native/Utils.c rename to src/main/native/ock/Utils.c index 37c90860f..36338c7ff 100644 --- a/src/main/native/Utils.c +++ b/src/main/native/ock/Utils.c @@ -150,7 +150,7 @@ void ockCheckStatus(ICC_CTX *ctx) { // // void throwOCKException(JNIEnv *env, int code, const char *msg) { -#define EXCEPTION_CLASS "com/ibm/crypto/plus/provider/ock/OCKException" +#define EXCEPTION_CLASS "com/ibm/crypto/plus/provider/base/OCKException" static const char *exceptionClass = EXCEPTION_CLASS; #ifdef __MVS__ #pragma convert("ISO8859-1") diff --git a/src/main/native/Utils.h b/src/main/native/ock/Utils.h similarity index 100% rename from src/main/native/Utils.h rename to src/main/native/ock/Utils.h diff --git a/src/main/native/closed_Utils_c.h b/src/main/native/ock/closed_Utils_c.h similarity index 100% rename from src/main/native/closed_Utils_c.h rename to src/main/native/ock/closed_Utils_c.h diff --git a/src/main/native/jgskit.mac.mak b/src/main/native/ock/jgskit.mac.mak similarity index 91% rename from src/main/native/jgskit.mac.mak rename to src/main/native/ock/jgskit.mac.mak index 84b5046b1..261ab1d4d 100644 --- a/src/main/native/jgskit.mac.mak +++ b/src/main/native/ock/jgskit.mac.mak @@ -7,7 +7,7 @@ # this code, including the "Classpath" Exception described therein. ############################################################################### -TOPDIR=../../.. +TOPDIR=../../../.. CFLAGS= -fPIC -DMAC -Werror -pedantic -Wall -fstack-protector LDFLAGS= -shared -m64 -DMAC @@ -31,7 +31,7 @@ endif BUILDTOP = ${TOPDIR}/target HOSTOUT = ${BUILDTOP}/jgskit-${PLATFORM} -OPENJCEPLUS_HEADER_FILES ?= ${TOPDIR}/src/main/native +OPENJCEPLUS_HEADER_FILES ?= ${TOPDIR}/src/main/native/ock JAVACLASSDIR=${BUILDTOP}/classes OBJS = \ @@ -101,16 +101,16 @@ headers : --add-exports java.base/sun.security.util=openjceplus \ --add-exports java.base/sun.security.util=ALL-UNNAMED \ -d ${JAVACLASSDIR} \ - -h ${TOPDIR}/src/main/native/ \ - ${TOPDIR}/src/main/java/com/ibm/crypto/plus/provider/ock/FastJNIBuffer.java \ - ${TOPDIR}/src/main/java/com/ibm/crypto/plus/provider/ock/NativeInterface.java + -h ${TOPDIR}/src/main/native/ock/ \ + ${TOPDIR}/src/main/java/com/ibm/crypto/plus/provider/base/FastJNIBuffer.java \ + ${TOPDIR}/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKImplementation.java endif # ! EXTERNAL_HEADERS clean : rm -f ${HOSTOUT}/*.o rm -f ${HOSTOUT}/*.dylib - rm -f com_ibm_crypto_plus_provider_ock_FastJNIBuffer.h - rm -f com_ibm_crypto_plus_provider_ock_NativeInterface.h + rm -f com_ibm_crypto_plus_provider_base_FastJNIBuffer.h + rm -f com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h .PHONY : all headers clean FORCE diff --git a/src/main/native/jgskit.mak b/src/main/native/ock/jgskit.mak similarity index 93% rename from src/main/native/jgskit.mak rename to src/main/native/ock/jgskit.mak index 9b4854872..3b43cab88 100644 --- a/src/main/native/jgskit.mak +++ b/src/main/native/ock/jgskit.mak @@ -7,7 +7,7 @@ # this code, including the "Classpath" Exception described therein. ############################################################################### -TOPDIR=../../.. +TOPDIR=../../../.. PLAT=x86 CC=gcc @@ -72,7 +72,7 @@ endif BUILDTOP = ${TOPDIR}/target HOSTOUT = ${BUILDTOP}/jgskit-${PLAT}-64 -OPENJCEPLUS_HEADER_FILES ?= ${TOPDIR}/src/main/native +OPENJCEPLUS_HEADER_FILES ?= ${TOPDIR}/src/main/native/ock JAVACLASSDIR=${BUILDTOP}/classes OBJS = \ @@ -149,16 +149,16 @@ headers : --add-exports java.base/sun.security.util=openjceplus \ --add-exports java.base/sun.security.util=ALL-UNNAMED \ -d ${JAVACLASSDIR} \ - -h ${TOPDIR}/src/main/native/ \ - ${TOPDIR}/src/main/java/com/ibm/crypto/plus/provider/ock/FastJNIBuffer.java \ - ${TOPDIR}/src/main/java/com/ibm/crypto/plus/provider/ock/NativeInterface.java + -h ${TOPDIR}/src/main/native/ock/ \ + ${TOPDIR}/src/main/java/com/ibm/crypto/plus/provider/base/FastJNIBuffer.java \ + ${TOPDIR}/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKImplementation.java endif # ! EXTERNAL_HEADERS clean : rm -f ${HOSTOUT}/*.o rm -f ${HOSTOUT}/*.so - rm -f com_ibm_crypto_plus_provider_ock_FastJNIBuffer.h - rm -f com_ibm_crypto_plus_provider_ock_NativeInterface.h + rm -f com_ibm_crypto_plus_provider_base_FastJNIBuffer.h + rm -f com_ibm_crypto_plus_provider_ock_NativeOCKImplementation.h .PHONY : all headers clean FORCE diff --git a/src/main/native/jgskit.win64.cygwin.mak b/src/main/native/ock/jgskit.win64.cygwin.mak similarity index 95% rename from src/main/native/jgskit.win64.cygwin.mak rename to src/main/native/ock/jgskit.win64.cygwin.mak index 95fa39721..b213374e0 100644 --- a/src/main/native/jgskit.win64.cygwin.mak +++ b/src/main/native/ock/jgskit.win64.cygwin.mak @@ -7,7 +7,7 @@ # this code, including the "Classpath" Exception described therein. ############################################################################### -TOPDIR = $(MAKEDIR)\..\..\.. +TOPDIR = $(MAKEDIR)\..\..\..\.. PLAT = win CFLAGS= -nologo -DWINDOWS @@ -97,9 +97,9 @@ headers : --add-exports java.base/sun.security.util=openjceplus \ --add-exports java.base/sun.security.util=ALL-UNNAMED \ -d $(JAVACLASSDIR) \ - -h $(TOPDIR)\src\main\native\ \ - $(TOPDIR)\src\main\java\com\ibm\crypto\plus\provider\ock\FastJNIBuffer.java \ - $(TOPDIR)\src\main\java\com\ibm\crypto\plus\provider\ock\NativeInterface.java + -h $(TOPDIR)\src\main\native\ock\ \ + $(TOPDIR)\src\main\java\com\ibm\crypto\plus\provider\base\FastJNIBuffer.java \ + $(TOPDIR)\src\main\java\com\ibm\crypto\plus\provider\ock\NativeOCKImplementation.java clean : -@del $(HOSTOUT)\*.obj diff --git a/src/main/native/jgskit.win64.mak b/src/main/native/ock/jgskit.win64.mak similarity index 94% rename from src/main/native/jgskit.win64.mak rename to src/main/native/ock/jgskit.win64.mak index 08ba43f29..8c96a30c1 100644 --- a/src/main/native/jgskit.win64.mak +++ b/src/main/native/ock/jgskit.win64.mak @@ -7,7 +7,7 @@ # this code, including the "Classpath" Exception described therein. ############################################################################### -TOPDIR = $(MAKEDIR)../../.. +TOPDIR = $(MAKEDIR)../../../.. PLAT = win CFLAGS= -nologo -DWINDOWS @@ -22,7 +22,7 @@ CFLAGS= -nologo -DWINDOWS BUILDTOP = $(TOPDIR)/target/build$(PLAT) HOSTOUT = $(BUILDTOP)/host64 -OPENJCEPLUS_HEADER_FILES ?= $(TOPDIR)/src/main/native +OPENJCEPLUS_HEADER_FILES ?= $(TOPDIR)/src/main/native/ock JAVACLASSDIR = $(TOPDIR)/target/classes OBJS= \ @@ -97,9 +97,9 @@ headers : --add-exports java.base/sun.security.util=openjceplus \ --add-exports java.base/sun.security.util=ALL-UNNAMED \ -d $(JAVACLASSDIR) \ - -h $(TOPDIR)/src/main/native/ \ - $(TOPDIR)/src/main/java/com/ibm/crypto/plus/provider/ock/FastJNIBuffer.java \ - $(TOPDIR)/src/main/java/com/ibm/crypto/plus/provider/ock/NativeInterface.java + -h $(TOPDIR)/src/main/native/ock/ \ + $(TOPDIR)/src/main/java/com/ibm/crypto/plus/provider/base/FastJNIBuffer.java \ + $(TOPDIR)/src/main/java/com/ibm/crypto/plus/provider/ock/NativeOCKImplementation.java endif # ! EXTERNAL_HEADERS diff --git a/src/main/native/jgskit_resource.rc b/src/main/native/ock/jgskit_resource.rc similarity index 100% rename from src/main/native/jgskit_resource.rc rename to src/main/native/ock/jgskit_resource.rc diff --git a/src/main/native/zHardwareFunctions.h b/src/main/native/ock/zHardwareFunctions.h similarity index 100% rename from src/main/native/zHardwareFunctions.h rename to src/main/native/ock/zHardwareFunctions.h diff --git a/src/test/java/ibm/jceplus/junit/base/BaseByteArrayOutputDelayTest.java b/src/test/java/ibm/jceplus/junit/base/BaseByteArrayOutputDelayTest.java index b33382dce..ce16a13dc 100644 --- a/src/test/java/ibm/jceplus/junit/base/BaseByteArrayOutputDelayTest.java +++ b/src/test/java/ibm/jceplus/junit/base/BaseByteArrayOutputDelayTest.java @@ -7,7 +7,7 @@ */ package ibm.jceplus.junit.base; -import com.ibm.crypto.plus.provider.ock.ByteArrayOutputDelay; +import com.ibm.crypto.plus.provider.base.ByteArrayOutputDelay; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.lang.reflect.Method;