wolfSSL
diff --git a/‎native/com_wolfssl_WolfSSL.c‎
Lines changed: 52 additions & 0 deletions b/‎native/com_wolfssl_WolfSSL.c‎
Lines changed: 52 additions & 0 deletions
diff --git a/‎native/com_wolfssl_WolfSSL.h‎
Lines changed: 46 additions & 0 deletions b/‎native/com_wolfssl_WolfSSL.h‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎native/com_wolfssl_WolfSSLCertificate.c‎
Lines changed: 249 additions & 0 deletions b/‎native/com_wolfssl_WolfSSLCertificate.c‎
Lines changed: 249 additions & 0 deletions
@@ -545,6 +545,58 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSL_getNID_1dnQualifier
     return NID_dnQualifier;
 }
 
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSL_getNID_1subject_1key_1identifier
+  (JNIEnv* jenv, jclass jcl)
+{
+    (void)jenv;
+    (void)jcl;
+
+#ifdef WOLFSSL_CERT_EXT
+    return NID_subject_key_identifier;
+#else
+    return 0;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSL_getNID_1authority_1key_1identifier
+  (JNIEnv* jenv, jclass jcl)
+{
+    (void)jenv;
+    (void)jcl;
+
+#ifdef WOLFSSL_CERT_EXT
+    return NID_authority_key_identifier;
+#else
+    return 0;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSL_getNID_1crl_1distribution_1points
+  (JNIEnv* jenv, jclass jcl)
+{
+    (void)jenv;
+    (void)jcl;
+
+#ifdef WOLFSSL_CERT_EXT
+    return NID_crl_distribution_points;
+#else
+    return 0;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSL_getNID_1netscape_1cert_1type
+  (JNIEnv* jenv, jclass jcl)
+{
+    (void)jenv;
+    (void)jcl;
+
+#ifndef IGNORE_NETSCAPE_CERT_TYPE
+    return NID_netscape_cert_type;
+#else
+    return 0;
+#endif
+}
+
 /* functions to return BulkCipherAlgorithm enum values from ./wolfssl/ssl.h  */
 JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSL_getBulkCipherAlgorithmEnumNULL
   (JNIEnv* jenv, jclass jcl)
 
@@ -31,6 +31,7 @@
 #include <wolfssl/ssl.h>
 #include <wolfssl/wolfcrypt/asn.h>
 #include <wolfssl/wolfcrypt/asn_public.h>
+#include <wolfssl/wolfcrypt/hash.h>  /* for wc_ShaHash */
 #include <wolfssl/openssl/evp.h>    /* for EVP_PKEY functions */
 #include <wolfssl/openssl/x509v3.h> /* for WOLFSSL_X509_EXTENSION */
 #include <wolfssl/error-ssl.h>
@@ -1937,3 +1938,251 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1next_1a
 #endif
 }
 
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1set_1subject_1key_1id_1from_1pubkey
+  (JNIEnv* jenv, jclass jcl, jlong x509Ptr)
+{
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS) && \
+    (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
+    defined(WOLFSSL_CERT_EXT) && !defined(NO_SHA)
+    WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
+
+    if (jenv == NULL || x509 == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+
+    return wolfSSL_X509_set_subject_key_id_ex(x509);
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)x509Ptr;
+    return (jint)NOT_COMPILED_IN;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1set_1subject_1key_1id
+  (JNIEnv* jenv, jclass jcl, jlong x509Ptr, jbyteArray skidBytes)
+{
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS) && \
+    (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
+    defined(WOLFSSL_CERT_EXT)
+    WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    byte* skid = NULL;
+    int skidSz = 0;
+    int ret;
+    (void)jcl;
+
+    if (jenv == NULL || x509 == NULL || skidBytes == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+
+    skid = (byte*)(*jenv)->GetByteArrayElements(jenv, skidBytes, NULL);
+    skidSz = (*jenv)->GetArrayLength(jenv, skidBytes);
+
+    if (skid == NULL || skidSz == 0) {
+        return WOLFSSL_FAILURE;
+    }
+
+    ret = wolfSSL_X509_set_subject_key_id(x509, skid, skidSz);
+
+    (*jenv)->ReleaseByteArrayElements(jenv, skidBytes, (jbyte*)skid, JNI_ABORT);
+
+    return ret;
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)x509Ptr;
+    (void)skidBytes;
+    return (jint)NOT_COMPILED_IN;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1set_1auth_1key_1id_1from_1cert
+  (JNIEnv* jenv, jclass jcl, jlong x509Ptr, jbyteArray issuerDerBytes)
+{
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS) && \
+    (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
+    defined(WOLFSSL_CERT_EXT) && !defined(NO_SHA)
+    WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    WOLFSSL_X509* issuerX509 = NULL;
+    byte* issuerDer = NULL;
+    int issuerDerSz = 0;
+    int ret = WOLFSSL_SUCCESS;
+    (void)jcl;
+
+    if (jenv == NULL || x509 == NULL || issuerDerBytes == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+
+    issuerDer = (byte*)(*jenv)->GetByteArrayElements(jenv, issuerDerBytes, NULL);
+    issuerDerSz = (*jenv)->GetArrayLength(jenv, issuerDerBytes);
+
+    if (issuerDer == NULL || issuerDerSz == 0) {
+        ret = WOLFSSL_FAILURE;
+    }
+
+    /* Parse issuer certificate */
+    if (ret == WOLFSSL_SUCCESS) {
+        issuerX509 = wolfSSL_X509_load_certificate_buffer(issuerDer,
+                        issuerDerSz, SSL_FILETYPE_ASN1);
+        if (issuerX509 == NULL) {
+            ret = WOLFSSL_FAILURE;
+        }
+    }
+
+    /* Use wolfSSL API to set AKID from issuer */
+    if (ret == WOLFSSL_SUCCESS) {
+        ret = wolfSSL_X509_set_authority_key_id_ex(x509, issuerX509);
+    }
+
+    if (issuerX509 != NULL) {
+        wolfSSL_X509_free(issuerX509);
+    }
+
+    (*jenv)->ReleaseByteArrayElements(jenv, issuerDerBytes,
+                                      (jbyte*)issuerDer, JNI_ABORT);
+
+    return ret;
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)x509Ptr;
+    (void)issuerDerBytes;
+    return (jint)NOT_COMPILED_IN;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1set_1auth_1key_1id
+  (JNIEnv* jenv, jclass jcl, jlong x509Ptr, jbyteArray akidBytes)
+{
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS) && \
+    (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
+    defined(WOLFSSL_CERT_EXT)
+    WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    byte* akid = NULL;
+    int akidSz = 0;
+    int ret;
+    (void)jcl;
+
+    if (jenv == NULL || x509 == NULL || akidBytes == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+
+    akid = (byte*)(*jenv)->GetByteArrayElements(jenv, akidBytes, NULL);
+    akidSz = (*jenv)->GetArrayLength(jenv, akidBytes);
+
+    if (akid == NULL || akidSz == 0) {
+        return WOLFSSL_FAILURE;
+    }
+
+    ret = wolfSSL_X509_set_authority_key_id(x509, akid, akidSz);
+
+    (*jenv)->ReleaseByteArrayElements(jenv, akidBytes, (jbyte*)akid, JNI_ABORT);
+
+    return ret;
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)x509Ptr;
+    (void)akidBytes;
+    return (jint)NOT_COMPILED_IN;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1set_1ns_1cert_1type
+  (JNIEnv* jenv, jclass jcl, jlong x509Ptr, jint nsCertType)
+{
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS) && \
+    (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
+    !defined(IGNORE_NETSCAPE_CERT_TYPE)
+    WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jenv;
+    (void)jcl;
+
+    if (x509 == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+
+    return wolfSSL_X509_set_ns_cert_type(x509, (int)nsCertType);
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)x509Ptr;
+    (void)nsCertType;
+    return (jint)NOT_COMPILED_IN;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1add_1crl_1dist_1point
+  (JNIEnv* jenv, jclass jcl, jlong x509Ptr, jstring uriStr, jboolean isCritical)
+{
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS) && \
+    (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
+    defined(WOLFSSL_CERT_EXT)
+    WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    const char* uri = NULL;
+    int ret;
+    (void)jcl;
+
+    if (jenv == NULL || x509 == NULL || uriStr == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+
+    uri = (*jenv)->GetStringUTFChars(jenv, uriStr, 0);
+    if (uri == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+
+    ret = wolfSSL_X509_CRL_add_dist_point(x509, uri, isCritical ? 1 : 0);
+
+    (*jenv)->ReleaseStringUTFChars(jenv, uriStr, uri);
+
+    return ret;
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)x509Ptr;
+    (void)uriStr;
+    (void)isCritical;
+    return (jint)NOT_COMPILED_IN;
+#endif
+}
+
+JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1set_1crl_1info
+  (JNIEnv* jenv, jclass jcl, jlong x509Ptr, jbyteArray crlInfoDerBytes)
+{
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS) && \
+    (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
+    defined(WOLFSSL_CERT_EXT)
+    WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    byte* crlInfo = NULL;
+    int crlInfoSz = 0;
+    int ret;
+    (void)jcl;
+
+    if (jenv == NULL || x509 == NULL || crlInfoDerBytes == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+
+    crlInfo = (byte*)(*jenv)->GetByteArrayElements(jenv, crlInfoDerBytes, NULL);
+    crlInfoSz = (*jenv)->GetArrayLength(jenv, crlInfoDerBytes);
+
+    if (crlInfo == NULL || crlInfoSz == 0) {
+        return WOLFSSL_FAILURE;
+    }
+
+    ret = wolfSSL_X509_CRL_set_dist_points(x509, crlInfo, crlInfoSz);
+
+    (*jenv)->ReleaseByteArrayElements(jenv, crlInfoDerBytes,
+                                      (jbyte*)crlInfo, JNI_ABORT);
+
+    return ret;
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)x509Ptr;
+    (void)crlInfoDerBytes;
+    return (jint)NOT_COMPILED_IN;
+#endif
+}
+