wolfSSL
diff --git a/‎Makefile‎
Lines changed: 2 additions & 2 deletions b/‎Makefile‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎java.sh‎
Lines changed: 15 additions & 2 deletions b/‎java.sh‎
Lines changed: 15 additions & 2 deletions
diff --git a/‎native/com_wolfssl_WolfSSL.c‎
Lines changed: 135 additions & 0 deletions b/‎native/com_wolfssl_WolfSSL.c‎
Lines changed: 135 additions & 0 deletions
diff --git a/‎native/com_wolfssl_WolfSSLCRL.c‎
Lines changed: 93 additions & 28 deletions b/‎native/com_wolfssl_WolfSSLCRL.c‎
Lines changed: 93 additions & 28 deletions
@@ -17,11 +17,11 @@ ifeq ($(LIBDIR),)
     LIBDIR=lib
 endif
 
-
 all: build
 
+.PHONY: build
 build: java.sh build.xml
-	@cflags=""; \
+		@cflags=""; \
 	if [ "$(ENABLE_PATCHES)" = "1" ]; then \
 		if [ -n "$(PATCH_DEFINES)" ]; then \
 			defines="$(PATCH_DEFINES)"; \
 
@@ -129,8 +129,21 @@ gcc -Wall -c $fpic $CFLAGS ./native/com_wolfssl_WolfSSLCRL.c -o ./native/com_wol
 gcc -Wall -c $fpic $CFLAGS ./native/com_wolfssl_WolfSSLX509Name.c -o ./native/com_wolfssl_WolfSSLX509Name.o $javaIncludes
 gcc -Wall -c $fpic $CFLAGS ./native/com_wolfssl_WolfSSLX509StoreCtx.c -o ./native/com_wolfssl_WolfSSLX509StoreCtx.o $javaIncludes
 gcc -Wall -c $fpic $CFLAGS ./native/com_wolfssl_WolfSSLNameConstraints.c -o ./native/com_wolfssl_WolfSSLNameConstraints.o $javaIncludes
-gcc -Wall $javaLibs $CFLAGS -o ./lib/$jniLibName ./native/com_wolfssl_WolfSSL.o ./native/com_wolfssl_WolfSSLSession.o ./native/com_wolfssl_WolfSSLContext.o ./native/com_wolfssl_WolfCryptRSA.o ./native/com_wolfssl_WolfCryptECC.o ./native/com_wolfssl_WolfCryptEccKey.o ./native/com_wolfssl_WolfSSLCertManager.o ./native/com_wolfssl_WolfSSLCertRequest.o ./native/com_wolfssl_WolfSSLCertificate.o ./native/com_wolfssl_WolfSSLX509Name.o ./native/com_wolfssl_WolfSSLX509StoreCtx.o ./native/com_wolfssl_WolfSSLNameConstraints.o -L$WOLFSSL_INSTALL_DIR/lib -L$WOLFSSL_INSTALL_DIR/lib64 -l$WOLFSSL_LIBNAME
-gcc -Wall $javaLibs $CFLAGS -o ./lib/$jniLibName ./native/com_wolfssl_WolfSSL.o ./native/com_wolfssl_WolfSSLSession.o ./native/com_wolfssl_WolfSSLContext.o ./native/com_wolfssl_WolfCryptRSA.o ./native/com_wolfssl_WolfCryptECC.o ./native/com_wolfssl_WolfCryptEccKey.o ./native/com_wolfssl_WolfSSLCertManager.o ./native/com_wolfssl_WolfSSLCertRequest.o ./native/com_wolfssl_WolfSSLCertificate.o ./native/com_wolfssl_WolfSSLCRL.o ./native/com_wolfssl_WolfSSLX509Name.o ./native/com_wolfssl_WolfSSLX509StoreCtx.o -L$WOLFSSL_INSTALL_DIR/lib -L$WOLFSSL_INSTALL_DIR/lib64 -l$WOLFSSL_LIBNAME
+gcc -Wall $javaLibs $CFLAGS -o ./lib/$jniLibName \
+    ./native/com_wolfssl_WolfSSL.o \
+    ./native/com_wolfssl_WolfSSLSession.o \
+    ./native/com_wolfssl_WolfSSLContext.o \
+    ./native/com_wolfssl_WolfCryptRSA.o \
+    ./native/com_wolfssl_WolfCryptECC.o \
+    ./native/com_wolfssl_WolfCryptEccKey.o \
+    ./native/com_wolfssl_WolfSSLCertManager.o \
+    ./native/com_wolfssl_WolfSSLCertRequest.o \
+    ./native/com_wolfssl_WolfSSLCertificate.o \
+    ./native/com_wolfssl_WolfSSLCRL.o \
+    ./native/com_wolfssl_WolfSSLX509Name.o \
+    ./native/com_wolfssl_WolfSSLX509StoreCtx.o \
+    ./native/com_wolfssl_WolfSSLNameConstraints.o \
+    -L$WOLFSSL_INSTALL_DIR/lib -L$WOLFSSL_INSTALL_DIR/lib64 -l$WOLFSSL_LIBNAME
 if [ $? != 0 ]; then
     echo "Error creating native JNI library"
     exit 1
 
@@ -21,6 +21,7 @@
 
 #include <stdio.h>
 #include <stdint.h>
+#include <stdlib.h>
 #ifdef WOLFSSL_USER_SETTINGS
     #include <wolfssl/wolfcrypt/settings.h>
 #else
@@ -74,6 +75,135 @@ jmethodID g_verifyCallbackMethodId = NULL;
 static jobject g_fipsCbIfaceObj;
 #endif
 
+typedef struct WolfSSLJniObjMap {
+    WOLFSSL* ssl;
+    void* obj;
+    struct WolfSSLJniObjMap* next;
+} WolfSSLJniObjMap;
+
+static WolfSSLJniObjMap* g_jniObjMap = NULL;
+static wolfSSL_Mutex g_jniObjMapLock;
+static int g_jniObjMapLockInit = 0;
+
+static void wolfSSL_jni_objmap_cleanup(void)
+{
+    WolfSSLJniObjMap* cur;
+    WolfSSLJniObjMap* next;
+
+    if (!g_jniObjMapLockInit) {
+        g_jniObjMap = NULL;
+        return;
+    }
+
+    if (wc_LockMutex(&g_jniObjMapLock) == 0) {
+        cur = g_jniObjMap;
+        g_jniObjMap = NULL;
+        wc_UnLockMutex(&g_jniObjMapLock);
+    }
+    else {
+        cur = g_jniObjMap;
+        g_jniObjMap = NULL;
+    }
+
+    while (cur != NULL) {
+        next = cur->next;
+        free(cur);
+        cur = next;
+    }
+
+    wc_FreeMutex(&g_jniObjMapLock);
+    g_jniObjMapLockInit = 0;
+}
+
+int wolfSSL_jni_set_jobject(WOLFSSL* ssl, void* objPtr)
+{
+#ifdef WOLFSSL_JNI
+    return wolfSSL_set_jobject(ssl, objPtr);
+#else
+    WolfSSLJniObjMap* cur;
+    WolfSSLJniObjMap* prev = NULL;
+    WolfSSLJniObjMap* node;
+
+    if (ssl == NULL) {
+        return BAD_FUNC_ARG;
+    }
+    if (!g_jniObjMapLockInit) {
+        return SSL_FAILURE;
+    }
+    if (wc_LockMutex(&g_jniObjMapLock) != 0) {
+        return SSL_FAILURE;
+    }
+
+    cur = g_jniObjMap;
+    while (cur != NULL && cur->ssl != ssl) {
+        prev = cur;
+        cur = cur->next;
+    }
+
+    if (objPtr == NULL) {
+        if (cur != NULL) {
+            if (prev != NULL) {
+                prev->next = cur->next;
+            }
+            else {
+                g_jniObjMap = cur->next;
+            }
+            free(cur);
+        }
+        wc_UnLockMutex(&g_jniObjMapLock);
+        return SSL_SUCCESS;
+    }
+
+    if (cur != NULL) {
+        cur->obj = objPtr;
+        wc_UnLockMutex(&g_jniObjMapLock);
+        return SSL_SUCCESS;
+    }
+
+    node = (WolfSSLJniObjMap*)malloc(sizeof(WolfSSLJniObjMap));
+    if (node == NULL) {
+        wc_UnLockMutex(&g_jniObjMapLock);
+        return MEMORY_E;
+    }
+    node->ssl = ssl;
+    node->obj = objPtr;
+    node->next = g_jniObjMap;
+    g_jniObjMap = node;
+
+    wc_UnLockMutex(&g_jniObjMapLock);
+    return SSL_SUCCESS;
+#endif
+}
+
+void* wolfSSL_jni_get_jobject(WOLFSSL* ssl)
+{
+#ifdef WOLFSSL_JNI
+    return wolfSSL_get_jobject(ssl);
+#else
+    WolfSSLJniObjMap* cur;
+    void* obj = NULL;
+
+    if (ssl == NULL || !g_jniObjMapLockInit) {
+        return NULL;
+    }
+    if (wc_LockMutex(&g_jniObjMapLock) != 0) {
+        return NULL;
+    }
+
+    cur = g_jniObjMap;
+    while (cur != NULL) {
+        if (cur->ssl == ssl) {
+            obj = cur->obj;
+            break;
+        }
+        cur = cur->next;
+    }
+
+    wc_UnLockMutex(&g_jniObjMapLock);
+    return obj;
+#endif
+}
+
 /* custom native fn prototypes */
 void NativeLoggingCallback(const int logLevel, const char *const logMessage);
 
@@ -89,6 +219,10 @@ JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM* vm, void* reserved)
 
     /* store JavaVM */
     g_vm = vm;
+    if (wc_InitMutex(&g_jniObjMapLock) != 0) {
+        return JNI_ERR;
+    }
+    g_jniObjMapLockInit = 1;
 
     /* get JNIEnv from JavaVM */
     if ((*vm)->GetEnv(vm, (void**)&env, JNI_VERSION_1_6) != JNI_OK) {
@@ -235,6 +369,7 @@ JNIEXPORT void JNICALL JNI_OnUnload(JavaVM* vm, void* reserved)
     g_bufferArrayMethodId = NULL;
     g_bufferSetPositionMethodId = NULL;
     g_verifyCallbackMethodId = NULL;
+    wolfSSL_jni_objmap_cleanup();
 }
 
 /**
 
@@ -248,11 +248,14 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1add_1revoked
 {
 #if defined(WOLFSSL_JNI_CRL_GEN_ENABLED)
     WOLFSSL_X509_CRL* crl = (WOLFSSL_X509_CRL*)(uintptr_t)crlPtr;
+    WOLFSSL_X509_REVOKED revoked;
+    WOLFSSL_ASN1_INTEGER* serialInt = NULL;
     byte* serialBuf = NULL;
-    byte* dateBuf = NULL;
     int serialSz = 0;
     int ret = WOLFSSL_SUCCESS;
     (void)jcl;
+    (void)revDate;
+    (void)dateFmt;
 
     if (jenv == NULL || crl == NULL || serial == NULL) {
         return WOLFSSL_FAILURE;
@@ -264,24 +267,24 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1add_1revoked
         ret = WOLFSSL_FAILURE;
     }
     else {
-        if (revDate != NULL) {
-            dateBuf = (byte*)(*jenv)->GetByteArrayElements(jenv, revDate, NULL);
-            if (dateBuf == NULL) {
-                ret = WOLFSSL_FAILURE;
-            }
+        serialInt = wolfSSL_ASN1_INTEGER_new();
+        if (serialInt == NULL) {
+            ret = MEMORY_E;
         }
-        if (ret != WOLFSSL_FAILURE) {
-            ret = wolfSSL_X509_CRL_add_revoked(crl, serialBuf, serialSz,
-                dateBuf, (unsigned char)dateFmt);
-        }
-        if (dateBuf != NULL) {
-            (*jenv)->ReleaseByteArrayElements(jenv, revDate, (jbyte*)dateBuf,
-                JNI_ABORT);
+        else {
+            serialInt->data = (unsigned char*)serialBuf;
+            serialInt->dataMax = (unsigned int)serialSz;
+            serialInt->length = serialSz;
+            serialInt->isDynamic = 0;
+            serialInt->type = 0;
+            revoked.serialNumber = serialInt;
+            ret = wolfSSL_X509_CRL_add_revoked(crl, &revoked);
         }
     }
 
     (*jenv)->ReleaseByteArrayElements(jenv, serial, (jbyte*)serialBuf,
         JNI_ABORT);
+    wolfSSL_ASN1_INTEGER_free(serialInt);
 
     return ret;
 #else
@@ -302,10 +305,11 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1add_1revoked_1cert
 #if defined(WOLFSSL_JNI_CRL_GEN_ENABLED)
     WOLFSSL_X509_CRL* crl = (WOLFSSL_X509_CRL*)(uintptr_t)crlPtr;
     byte* certBuf = NULL;
-    byte* dateBuf = NULL;
     int certSz = 0;
     int ret = WOLFSSL_SUCCESS;
     (void)jcl;
+    (void)revDate;
+    (void)dateFmt;
 
     if (jenv == NULL || crl == NULL || certDer == NULL) {
         return WOLFSSL_FAILURE;
@@ -317,20 +321,7 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1add_1revoked_1cert
         ret = WOLFSSL_FAILURE;
     }
     else {
-        if (revDate != NULL) {
-            dateBuf = (byte*)(*jenv)->GetByteArrayElements(jenv, revDate, NULL);
-            if (dateBuf == NULL) {
-                ret = WOLFSSL_FAILURE;
-            }
-        }
-        if (ret != WOLFSSL_FAILURE) {
-            ret = wolfSSL_X509_CRL_add_revoked_cert(crl, certBuf, certSz,
-                dateBuf, (unsigned char)dateFmt);
-        }
-        if (dateBuf != NULL) {
-            (*jenv)->ReleaseByteArrayElements(jenv, revDate, (jbyte*)dateBuf,
-                JNI_ABORT);
-        }
+        ret = wolfSSL_X509_CRL_add_revoked_cert(crl, certBuf, certSz);
     }
 
     (*jenv)->ReleaseByteArrayElements(jenv, certDer, (jbyte*)certBuf,
@@ -416,6 +407,7 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1sign
                 }
                 else {
                     XMEMSET(derBuf, 0, derSz);
+                    ret = WOLFSSL_SUCCESS;
                 }
             }
             /* convert PEM to DER */
@@ -424,6 +416,9 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1sign
                 if (ret <= 0 || ret != derSz) {
                     ret = WOLFSSL_FAILURE;
                 }
+                else {
+                    ret = WOLFSSL_SUCCESS;
+                }
             }
         }
     }
@@ -778,3 +773,73 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1get_1pem
     return NULL;
 #endif
 }
+
+JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1get_1signature
+  (JNIEnv* jenv, jclass jcl, jlong crlPtr)
+{
+#if defined(WOLFSSL_JNI_CRL_GEN_ENABLED)
+    WOLFSSL_X509_CRL* crl = (WOLFSSL_X509_CRL*)(uintptr_t)crlPtr;
+    int sigSz = 0;
+    unsigned char* sigBuf = NULL;
+    jbyteArray sigArr = NULL;
+    jclass excClass = NULL;
+    (void)jcl;
+
+    if (jenv == NULL || crl == NULL) {
+        return NULL;
+    }
+
+    if (wolfSSL_X509_CRL_get_signature(crl, NULL, &sigSz) != WOLFSSL_SUCCESS ||
+        sigSz <= 0) {
+        return NULL;
+    }
+
+    sigArr = (*jenv)->NewByteArray(jenv, sigSz);
+    if (sigArr == NULL) {
+        (*jenv)->ThrowNew(jenv, jcl,
+            "Failed to create byte array in native X509_CRL_get_signature");
+        return NULL;
+    }
+
+    sigBuf = (unsigned char*)XMALLOC(sigSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sigBuf == NULL) {
+        (*jenv)->DeleteLocalRef(jenv, sigArr);
+        return NULL;
+    }
+
+    if (wolfSSL_X509_CRL_get_signature(crl, sigBuf, &sigSz)
+        != WOLFSSL_SUCCESS) {
+        (*jenv)->DeleteLocalRef(jenv, sigArr);
+        XFREE(sigBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return NULL;
+    }
+
+    excClass = (*jenv)->FindClass(jenv, "com/wolfssl/WolfSSLJNIException");
+    if ((*jenv)->ExceptionOccurred(jenv)) {
+        (*jenv)->ExceptionDescribe(jenv);
+        (*jenv)->ExceptionClear(jenv);
+        (*jenv)->DeleteLocalRef(jenv, sigArr);
+        XFREE(sigBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return NULL;
+    }
+
+    (*jenv)->SetByteArrayRegion(jenv, sigArr, 0, sigSz,
+        (const jbyte*)sigBuf);
+    XFREE(sigBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if ((*jenv)->ExceptionOccurred(jenv)) {
+        (*jenv)->ExceptionDescribe(jenv);
+        (*jenv)->ExceptionClear(jenv);
+        (*jenv)->DeleteLocalRef(jenv, sigArr);
+        (*jenv)->ThrowNew(jenv, excClass,
+            "Failed to set byte region in native X509_CRL_get_signature");
+        return NULL;
+    }
+
+    return sigArr;
+#else
+    (void)jenv;
+    (void)jcl;
+    (void)crlPtr;
+    return NULL;
+#endif
+}