Refactor OpenJCEPlus to move native library use to backend

.gitignore

@@ -38,7 +38,7 @@
 .vscode
 
 # Dynamically generated header files produced by the build
-/src/main/native/com_ibm_crypto_plus_provider_ock_*.h
+/src/main/native/ock/com_ibm_crypto_plus_provider_ock_*.h
 
 # Files generated by tests.
 /0Test*.txt

buildNative.sh

@@ -51,7 +51,7 @@ if [ ${PLATFORM} == "ppc-aix64" ];
   then
   make=gmake
 fi
-cd src/main/native
+cd src/main/native/ock
 
 ${make} -f jgskit.mak clean
 ${make} -f jgskit.mak

buildNativeMac.sh

@@ -21,7 +21,7 @@ if [ -z "$GSKIT_HOME" ];
   exit;
 fi
 
-cd src/main/native
+cd src/main/native/ock
 
 make -f jgskit.mac.mak clean
 make -f jgskit.mac.mak

buildNativeWin64.bat

@@ -31,7 +31,7 @@ IF NOT DEFINED GSKIT_HOME (
 
 :: @call "%VCVARS_64_SCRIPT%"
 
-cd src/main/native
+cd src/main/native/ock
 
 @call nmake -nologo -f jgskit.win64.cygwin.mak clean
 @call nmake -nologo -f jgskit.win64.cygwin.mak

src/main/java/com/ibm/crypto/plus/provider/AESCCMCipher.java

@@ -8,8 +8,8 @@
 
 package com.ibm.crypto.plus.provider;
 
-import com.ibm.crypto.plus.provider.ock.CCMCipher;
-import com.ibm.crypto.plus.provider.ock.OCKContext;
+import com.ibm.crypto.plus.provider.base.CCMCipher;
+import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter;
 import ibm.security.internal.spec.CCMParameterSpec;
 import java.math.BigInteger;
 import java.nio.ByteBuffer;
@@ -37,7 +37,7 @@ public final class AESCCMCipher extends CipherSpi implements AESConstants, CCMCo
     String debPrefix = "AESCCMCipher ";
 
     private OpenJCEPlusProvider provider = null;
-    private OCKContext ockContext = null;
+    private boolean isFIPS = false;
     private boolean encrypting = true;
     private boolean initialized = false;
     private int tagLenInBytes = DEFAULT_AES_CCM_TAG_LENGTH / 8;
@@ -105,11 +105,7 @@ public AESCCMCipher(OpenJCEPlusProvider provider) {
         }
 
         this.provider = provider;
-        try {
-            ockContext = provider.getOCKContext();
-        } catch (Exception e) {
-            throw provider.providerException("Failed to initialize cipher context", e);
-        }
+        this.isFIPS = provider.isFIPS();
         buffer = new byte[AES_BLOCK_SIZE * 2];
     }
 
@@ -155,10 +151,10 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen)
             if (!encrypting) {
                 AEADBadTagException abte = new AEADBadTagException(
                         "Unable to perform engine doFinal; Possibly a bad tag or bad padding or illegalBlockSize");
-                provider.setOCKExceptionCause(abte, e);
+                NativeOCKAdapter.setOCKExceptionCause(abte, e);
                 throw abte;
             } else {
-                throw provider.providerException("unable to perform to engineDoFinal ", e);
+                throw NativeOCKAdapter.providerException("unable to perform to engineDoFinal ", e);
             }
         } catch (IllegalStateException ex) {
             requireReinit = true;
@@ -212,10 +208,10 @@ protected int engineDoFinal(ByteBuffer inputByteBuffer, ByteBuffer outputByteBuf
             if (!encrypting) {
                 AEADBadTagException abte = new AEADBadTagException(
                         "Uanble to perform engine doFinal; Possibly a bad tag or bad padding or illegalBlockSize");
-                provider.setOCKExceptionCause(abte, e);
+                NativeOCKAdapter.setOCKExceptionCause(abte, e);
                 throw abte;
             } else {
-                throw provider.providerException("unable to perform to engineDoFinal ", e);
+                throw NativeOCKAdapter.providerException("unable to perform to engineDoFinal ", e);
             }
         } catch (IllegalStateException ex) {
             requireReinit = true;
@@ -265,7 +261,7 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[]
                     newIV = null;
                 }
 
-                int ret = CCMCipher.doCCMFinal_Encrypt(ockContext, Key, IV, tagLenInBytes, input,
+                int ret = CCMCipher.doCCMFinal_Encrypt(isFIPS, Key, IV, tagLenInBytes, input,
                         inputOffset, inputLen, output, outputOffset, authData);
                 authData = null; // Before returning from doFinal(), restore AAD to uninitialized state
 
@@ -293,39 +289,39 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[]
                     throw new ShortBufferException("Output buffer too small");
                 }
 
-                int ret = CCMCipher.doCCMFinal_Decrypt(ockContext, Key, IV, tagLenInBytes, input,
+                int ret = CCMCipher.doCCMFinal_Decrypt(isFIPS, Key, IV, tagLenInBytes, input,
                         inputOffset, inputLen, output, outputOffset, authData);
                 authData = null; // Before returning from doFinal(), restore AAD to uninitialized state
                 return ret;
             }
         } catch (AEADBadTagException e) {
             AEADBadTagException abte = new AEADBadTagException(e.getMessage());
-            provider.setOCKExceptionCause(abte, e);
+            NativeOCKAdapter.setOCKExceptionCause(abte, e);
             requireReinit = true;
             throw abte;
         } catch (BadPaddingException ock_bpe) {
             BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage());
-            provider.setOCKExceptionCause(bpe, ock_bpe);
+            NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe);
             requireReinit = true;
             throw bpe;
         } catch (IllegalBlockSizeException ock_ibse) {
             IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage());
-            provider.setOCKExceptionCause(ibse, ock_ibse);
+            NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse);
             requireReinit = true;
             throw ibse;
         } catch (ShortBufferException ock_sbe) {
             ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage());
-            provider.setOCKExceptionCause(sbe, ock_sbe);
+            NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe);
             throw sbe;
-        } catch (com.ibm.crypto.plus.provider.ock.OCKException ock_excp) {
+        } catch (com.ibm.crypto.plus.provider.base.OCKException ock_excp) {
             requireReinit = true;
             AEADBadTagException tagexcp = new AEADBadTagException(ock_excp.getMessage());
-            provider.setOCKExceptionCause(tagexcp, ock_excp);
+            NativeOCKAdapter.setOCKExceptionCause(tagexcp, ock_excp);
             throw tagexcp;
 
         } catch (Exception e) {
             requireReinit = true;
-            throw provider.providerException("Failure in engineDoFinal", e);
+            throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e);
         }
     }
 
@@ -619,7 +615,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep
             this.buffered = 0;
             Arrays.fill(buffer, (byte) 0x0);
         } catch (Exception e) {
-            throw provider.providerException("Failed to init cipher", e);
+            throw NativeOCKAdapter.providerException("Failed to init cipher", e);
         }
     }
 
@@ -743,9 +739,7 @@ protected synchronized void finalize() throws Throwable {
         //final String methodName = "finalize";
         // OCKDebug.Msg (debPrefix, methodName, "finalize called");
         try {
-            if (ockContext != null) {
-                CCMCipher.doCCM_cleanup(ockContext);
-            }
+            CCMCipher.doCCM_cleanup(isFIPS);
             if (Key != null) {
                 Arrays.fill(Key, (byte) 0x00);
                 Key = null;

src/main/java/com/ibm/crypto/plus/provider/AESCipher.java

@@ -8,8 +8,9 @@
 
 package com.ibm.crypto.plus.provider;
 
-import com.ibm.crypto.plus.provider.ock.Padding;
-import com.ibm.crypto.plus.provider.ock.SymmetricCipher;
+import com.ibm.crypto.plus.provider.base.Padding;
+import com.ibm.crypto.plus.provider.base.SymmetricCipher;
+import com.ibm.crypto.plus.provider.ock.NativeOCKAdapter;
 import java.security.AlgorithmParameters;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
@@ -71,14 +72,14 @@ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen)
             }
         } catch (BadPaddingException ock_bpe) {
             BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage());
-            provider.setOCKExceptionCause(bpe, ock_bpe);
+            NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe);
             throw bpe;
         } catch (IllegalBlockSizeException ock_ibse) {
             IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage());
-            provider.setOCKExceptionCause(ibse, ock_ibse);
+            NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse);
             throw ibse;
         } catch (Exception e) {
-            throw provider.providerException("Failure in engineDoFinal", e);
+            throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e);
         }
     }
 
@@ -146,18 +147,18 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[]
             }
         } catch (BadPaddingException ock_bpe) {
             BadPaddingException bpe = new BadPaddingException(ock_bpe.getMessage());
-            provider.setOCKExceptionCause(bpe, ock_bpe);
+            NativeOCKAdapter.setOCKExceptionCause(bpe, ock_bpe);
             throw bpe;
         } catch (IllegalBlockSizeException ock_ibse) {
             IllegalBlockSizeException ibse = new IllegalBlockSizeException(ock_ibse.getMessage());
-            provider.setOCKExceptionCause(ibse, ock_ibse);
+            NativeOCKAdapter.setOCKExceptionCause(ibse, ock_ibse);
             throw ibse;
         } catch (ShortBufferException ock_sbe) {
             ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage());
-            provider.setOCKExceptionCause(sbe, ock_sbe);
+            NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe);
             throw sbe;
         } catch (Exception e) {
-            throw provider.providerException("Failure in engineDoFinal", e);
+            throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e);
         }
     }
 
@@ -193,7 +194,7 @@ protected int engineGetOutputSize(int inputLen) {
                 return symmetricCipher.getOutputSize(inputLen);
             }
         } catch (Exception e) {
-            throw provider.providerException("Unable to get output size", e);
+            throw NativeOCKAdapter.providerException("Unable to get output size", e);
         }
     }
 
@@ -298,7 +299,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep
 
         try {
             if ((symmetricCipher == null) || (symmetricCipher.getKeyLength() != rawKey.length)) {
-                symmetricCipher = SymmetricCipher.getInstanceAES(provider.getOCKContext(), mode,
+                symmetricCipher = SymmetricCipher.getInstanceAES(provider.isFIPS(), mode,
                         padding, rawKey.length);
                 // Check whether used algorithm is CBC and whether hardware supports is available
                 use_z_fast_command = symmetricCipher.getHardwareSupportStatus();
@@ -315,7 +316,7 @@ private void internalInit(int opmode, Key key, byte[] iv) throws InvalidKeyExcep
             this.encrypting = isEncrypt;
             this.initialized = true;
         } catch (Exception e) {
-            throw provider.providerException("Failed to init cipher", e);
+            throw NativeOCKAdapter.providerException("Failed to init cipher", e);
         }
     }
 
@@ -368,7 +369,7 @@ protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen) {
                 return output;
             }
         } catch (Exception e) {
-            throw provider.providerException("Failure in engineUpdate", e);
+            throw NativeOCKAdapter.providerException("Failure in engineUpdate", e);
         }
     }
 
@@ -464,10 +465,10 @@ protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] o
             }
         } catch (ShortBufferException ock_sbe) {
             ShortBufferException sbe = new ShortBufferException(ock_sbe.getMessage());
-            provider.setOCKExceptionCause(sbe, ock_sbe);
+            NativeOCKAdapter.setOCKExceptionCause(sbe, ock_sbe);
             throw sbe;
         } catch (Exception e) {
-            throw provider.providerException("Failure in engineDoFinal", e);
+            throw NativeOCKAdapter.providerException("Failure in engineDoFinal", e);
         }
     }