Skip to content

Commit 873ed6c

Browse files
padelsbachpadelsbach
committed
Add missing API, misc updates
1 parent f53a19b commit 873ed6c

8 files changed

Lines changed: 223 additions & 53 deletions

File tree

Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,11 @@ ifeq ($(LIBDIR),)
1717
LIBDIR=lib
1818
endif
1919

20-
2120
all: build
2221

22+
.PHONY: build
2323
build: java.sh build.xml
24-
@cflags=""; \
24+
@cflags=""; \
2525
if [ "$(ENABLE_PATCHES)" = "1" ]; then \
2626
if [ -n "$(PATCH_DEFINES)" ]; then \
2727
defines="$(PATCH_DEFINES)"; \

java.sh

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -129,8 +129,21 @@ gcc -Wall -c $fpic $CFLAGS ./native/com_wolfssl_WolfSSLCRL.c -o ./native/com_wol
129129
gcc -Wall -c $fpic $CFLAGS ./native/com_wolfssl_WolfSSLX509Name.c -o ./native/com_wolfssl_WolfSSLX509Name.o $javaIncludes
130130
gcc -Wall -c $fpic $CFLAGS ./native/com_wolfssl_WolfSSLX509StoreCtx.c -o ./native/com_wolfssl_WolfSSLX509StoreCtx.o $javaIncludes
131131
gcc -Wall -c $fpic $CFLAGS ./native/com_wolfssl_WolfSSLNameConstraints.c -o ./native/com_wolfssl_WolfSSLNameConstraints.o $javaIncludes
132-
gcc -Wall $javaLibs $CFLAGS -o ./lib/$jniLibName ./native/com_wolfssl_WolfSSL.o ./native/com_wolfssl_WolfSSLSession.o ./native/com_wolfssl_WolfSSLContext.o ./native/com_wolfssl_WolfCryptRSA.o ./native/com_wolfssl_WolfCryptECC.o ./native/com_wolfssl_WolfCryptEccKey.o ./native/com_wolfssl_WolfSSLCertManager.o ./native/com_wolfssl_WolfSSLCertRequest.o ./native/com_wolfssl_WolfSSLCertificate.o ./native/com_wolfssl_WolfSSLX509Name.o ./native/com_wolfssl_WolfSSLX509StoreCtx.o ./native/com_wolfssl_WolfSSLNameConstraints.o -L$WOLFSSL_INSTALL_DIR/lib -L$WOLFSSL_INSTALL_DIR/lib64 -l$WOLFSSL_LIBNAME
133-
gcc -Wall $javaLibs $CFLAGS -o ./lib/$jniLibName ./native/com_wolfssl_WolfSSL.o ./native/com_wolfssl_WolfSSLSession.o ./native/com_wolfssl_WolfSSLContext.o ./native/com_wolfssl_WolfCryptRSA.o ./native/com_wolfssl_WolfCryptECC.o ./native/com_wolfssl_WolfCryptEccKey.o ./native/com_wolfssl_WolfSSLCertManager.o ./native/com_wolfssl_WolfSSLCertRequest.o ./native/com_wolfssl_WolfSSLCertificate.o ./native/com_wolfssl_WolfSSLCRL.o ./native/com_wolfssl_WolfSSLX509Name.o ./native/com_wolfssl_WolfSSLX509StoreCtx.o -L$WOLFSSL_INSTALL_DIR/lib -L$WOLFSSL_INSTALL_DIR/lib64 -l$WOLFSSL_LIBNAME
132+
gcc -Wall $javaLibs $CFLAGS -o ./lib/$jniLibName \
133+
./native/com_wolfssl_WolfSSL.o \
134+
./native/com_wolfssl_WolfSSLSession.o \
135+
./native/com_wolfssl_WolfSSLContext.o \
136+
./native/com_wolfssl_WolfCryptRSA.o \
137+
./native/com_wolfssl_WolfCryptECC.o \
138+
./native/com_wolfssl_WolfCryptEccKey.o \
139+
./native/com_wolfssl_WolfSSLCertManager.o \
140+
./native/com_wolfssl_WolfSSLCertRequest.o \
141+
./native/com_wolfssl_WolfSSLCertificate.o \
142+
./native/com_wolfssl_WolfSSLCRL.o \
143+
./native/com_wolfssl_WolfSSLX509Name.o \
144+
./native/com_wolfssl_WolfSSLX509StoreCtx.o \
145+
./native/com_wolfssl_WolfSSLNameConstraints.o \
146+
-L$WOLFSSL_INSTALL_DIR/lib -L$WOLFSSL_INSTALL_DIR/lib64 -l$WOLFSSL_LIBNAME
134147
if [ $? != 0 ]; then
135148
echo "Error creating native JNI library"
136149
exit 1

native/com_wolfssl_WolfSSLCRL.c

Lines changed: 93 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -248,11 +248,14 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1add_1revoked
248248
{
249249
#if defined(WOLFSSL_JNI_CRL_GEN_ENABLED)
250250
WOLFSSL_X509_CRL* crl = (WOLFSSL_X509_CRL*)(uintptr_t)crlPtr;
251+
WOLFSSL_X509_REVOKED revoked;
252+
WOLFSSL_ASN1_INTEGER* serialInt = NULL;
251253
byte* serialBuf = NULL;
252-
byte* dateBuf = NULL;
253254
int serialSz = 0;
254255
int ret = WOLFSSL_SUCCESS;
255256
(void)jcl;
257+
(void)revDate;
258+
(void)dateFmt;
256259

257260
if (jenv == NULL || crl == NULL || serial == NULL) {
258261
return WOLFSSL_FAILURE;
@@ -264,24 +267,24 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1add_1revoked
264267
ret = WOLFSSL_FAILURE;
265268
}
266269
else {
267-
if (revDate != NULL) {
268-
dateBuf = (byte*)(*jenv)->GetByteArrayElements(jenv, revDate, NULL);
269-
if (dateBuf == NULL) {
270-
ret = WOLFSSL_FAILURE;
271-
}
270+
serialInt = wolfSSL_ASN1_INTEGER_new();
271+
if (serialInt == NULL) {
272+
ret = MEMORY_E;
272273
}
273-
if (ret != WOLFSSL_FAILURE) {
274-
ret = wolfSSL_X509_CRL_add_revoked(crl, serialBuf, serialSz,
275-
dateBuf, (unsigned char)dateFmt);
276-
}
277-
if (dateBuf != NULL) {
278-
(*jenv)->ReleaseByteArrayElements(jenv, revDate, (jbyte*)dateBuf,
279-
JNI_ABORT);
274+
else {
275+
serialInt->data = (unsigned char*)serialBuf;
276+
serialInt->dataMax = (unsigned int)serialSz;
277+
serialInt->length = serialSz;
278+
serialInt->isDynamic = 0;
279+
serialInt->type = 0;
280+
revoked.serialNumber = serialInt;
281+
ret = wolfSSL_X509_CRL_add_revoked(crl, &revoked);
280282
}
281283
}
282284

283285
(*jenv)->ReleaseByteArrayElements(jenv, serial, (jbyte*)serialBuf,
284286
JNI_ABORT);
287+
wolfSSL_ASN1_INTEGER_free(serialInt);
285288

286289
return ret;
287290
#else
@@ -302,10 +305,11 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1add_1revoked_1cert
302305
#if defined(WOLFSSL_JNI_CRL_GEN_ENABLED)
303306
WOLFSSL_X509_CRL* crl = (WOLFSSL_X509_CRL*)(uintptr_t)crlPtr;
304307
byte* certBuf = NULL;
305-
byte* dateBuf = NULL;
306308
int certSz = 0;
307309
int ret = WOLFSSL_SUCCESS;
308310
(void)jcl;
311+
(void)revDate;
312+
(void)dateFmt;
309313

310314
if (jenv == NULL || crl == NULL || certDer == NULL) {
311315
return WOLFSSL_FAILURE;
@@ -317,20 +321,7 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1add_1revoked_1cert
317321
ret = WOLFSSL_FAILURE;
318322
}
319323
else {
320-
if (revDate != NULL) {
321-
dateBuf = (byte*)(*jenv)->GetByteArrayElements(jenv, revDate, NULL);
322-
if (dateBuf == NULL) {
323-
ret = WOLFSSL_FAILURE;
324-
}
325-
}
326-
if (ret != WOLFSSL_FAILURE) {
327-
ret = wolfSSL_X509_CRL_add_revoked_cert(crl, certBuf, certSz,
328-
dateBuf, (unsigned char)dateFmt);
329-
}
330-
if (dateBuf != NULL) {
331-
(*jenv)->ReleaseByteArrayElements(jenv, revDate, (jbyte*)dateBuf,
332-
JNI_ABORT);
333-
}
324+
ret = wolfSSL_X509_CRL_add_revoked_cert(crl, certBuf, certSz);
334325
}
335326

336327
(*jenv)->ReleaseByteArrayElements(jenv, certDer, (jbyte*)certBuf,
@@ -416,6 +407,7 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1sign
416407
}
417408
else {
418409
XMEMSET(derBuf, 0, derSz);
410+
ret = WOLFSSL_SUCCESS;
419411
}
420412
}
421413
/* convert PEM to DER */
@@ -424,6 +416,9 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1sign
424416
if (ret <= 0 || ret != derSz) {
425417
ret = WOLFSSL_FAILURE;
426418
}
419+
else {
420+
ret = WOLFSSL_SUCCESS;
421+
}
427422
}
428423
}
429424
}
@@ -778,3 +773,73 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1get_1pem
778773
return NULL;
779774
#endif
780775
}
776+
777+
JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1get_1signature
778+
(JNIEnv* jenv, jclass jcl, jlong crlPtr)
779+
{
780+
#if defined(WOLFSSL_JNI_CRL_GEN_ENABLED)
781+
WOLFSSL_X509_CRL* crl = (WOLFSSL_X509_CRL*)(uintptr_t)crlPtr;
782+
int sigSz = 0;
783+
unsigned char* sigBuf = NULL;
784+
jbyteArray sigArr = NULL;
785+
jclass excClass = NULL;
786+
(void)jcl;
787+
788+
if (jenv == NULL || crl == NULL) {
789+
return NULL;
790+
}
791+
792+
if (wolfSSL_X509_CRL_get_signature(crl, NULL, &sigSz) != WOLFSSL_SUCCESS ||
793+
sigSz <= 0) {
794+
return NULL;
795+
}
796+
797+
sigArr = (*jenv)->NewByteArray(jenv, sigSz);
798+
if (sigArr == NULL) {
799+
(*jenv)->ThrowNew(jenv, jcl,
800+
"Failed to create byte array in native X509_CRL_get_signature");
801+
return NULL;
802+
}
803+
804+
sigBuf = (unsigned char*)XMALLOC(sigSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
805+
if (sigBuf == NULL) {
806+
(*jenv)->DeleteLocalRef(jenv, sigArr);
807+
return NULL;
808+
}
809+
810+
if (wolfSSL_X509_CRL_get_signature(crl, sigBuf, &sigSz)
811+
!= WOLFSSL_SUCCESS) {
812+
(*jenv)->DeleteLocalRef(jenv, sigArr);
813+
XFREE(sigBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
814+
return NULL;
815+
}
816+
817+
excClass = (*jenv)->FindClass(jenv, "com/wolfssl/WolfSSLJNIException");
818+
if ((*jenv)->ExceptionOccurred(jenv)) {
819+
(*jenv)->ExceptionDescribe(jenv);
820+
(*jenv)->ExceptionClear(jenv);
821+
(*jenv)->DeleteLocalRef(jenv, sigArr);
822+
XFREE(sigBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
823+
return NULL;
824+
}
825+
826+
(*jenv)->SetByteArrayRegion(jenv, sigArr, 0, sigSz,
827+
(const jbyte*)sigBuf);
828+
XFREE(sigBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
829+
if ((*jenv)->ExceptionOccurred(jenv)) {
830+
(*jenv)->ExceptionDescribe(jenv);
831+
(*jenv)->ExceptionClear(jenv);
832+
(*jenv)->DeleteLocalRef(jenv, sigArr);
833+
(*jenv)->ThrowNew(jenv, excClass,
834+
"Failed to set byte region in native X509_CRL_get_signature");
835+
return NULL;
836+
}
837+
838+
return sigArr;
839+
#else
840+
(void)jenv;
841+
(void)jcl;
842+
(void)crlPtr;
843+
return NULL;
844+
#endif
845+
}

native/com_wolfssl_WolfSSLCRL.h

Lines changed: 8 additions & 10 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

scripts/infer.sh

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ infer --fail-on-issue run -- javac \
3838
src/java/com/wolfssl/WolfSSLAltName.java \
3939
src/java/com/wolfssl/WolfSSLByteBufferIORecvCallback.java \
4040
src/java/com/wolfssl/WolfSSLByteBufferIOSendCallback.java \
41+
src/java/com/wolfssl/WolfSSLCRL.java \
4142
src/java/com/wolfssl/WolfSSLCertManager.java \
4243
src/java/com/wolfssl/WolfSSLCertRequest.java \
4344
src/java/com/wolfssl/WolfSSLCertificate.java \

src/java/com/wolfssl/WolfSSLCRL.java

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,7 @@ static native int X509_CRL_sign(long crl, int keyType, byte[] keyBytes,
8888
static native String X509_CRL_get_nextUpdate(long crl);
8989
static native byte[] X509_CRL_get_der(long crl);
9090
static native byte[] X509_CRL_get_pem(long crl);
91+
static native byte[] X509_CRL_get_signature(long crl);
9192

9293
private static final class Asn1TimeData {
9394
private final byte[] paddedData;
@@ -633,6 +634,25 @@ public Date getNextUpdate() {
633634
return null;
634635
}
635636

637+
/**
638+
* Get CRL signature bytes.
639+
*
640+
* @return signature byte array or null if not available.
641+
*
642+
* @throws IllegalStateException if WolfSSLCRL has been freed.
643+
*/
644+
public byte[] getSignature() {
645+
confirmObjectIsActive();
646+
647+
synchronized (crlLock) {
648+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
649+
WolfSSLDebug.INFO, this.crlPtr,
650+
() -> "entered getSignature()");
651+
652+
return X509_CRL_get_signature(this.crlPtr);
653+
}
654+
}
655+
636656
@Override
637657
public String toString() {
638658
byte[] crlText = null;

0 commit comments

Comments
 (0)