Add JNI RSA-PSS sign/verify and RSA sign check PK callbacks#338
Merged
rlm2002 merged 2 commits intowolfSSL:masterfrom Feb 27, 2026
Merged
Add JNI RSA-PSS sign/verify and RSA sign check PK callbacks#338rlm2002 merged 2 commits intowolfSSL:masterfrom
rlm2002 merged 2 commits intowolfSSL:masterfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Adds RSA sign-check and RSA-PSS signing/verification PK callback support across the Java/JNI boundary, plus handshake-driven tests to exercise these callbacks during TLS handshakes.
Changes:
- Introduces new Java callback interfaces for RSA-PSS sign and verify (sign-check).
- Extends
WolfSSLContextand JNI bindings to register RSA sign-check and RSA-PSS PK callbacks. - Adds
WolfCryptRSAnative wrappers for RSA-PSS sign/verify and new socket-based handshake tests.
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| src/test/com/wolfssl/test/WolfSSLContextTest.java | Adds TLS 1.2/1.3 handshake tests that register RSA/RSA-PSS callbacks and assert invocation. |
| src/java/com/wolfssl/WolfSSLRsaPssVerifyCallback.java | New Java interface for RSA-PSS verification (used for sign-check callback registration). |
| src/java/com/wolfssl/WolfSSLRsaPssSignCallback.java | New Java interface for RSA-PSS signing callbacks. |
| src/java/com/wolfssl/WolfSSLContext.java | Adds internal callback dispatch + public setters and native hooks for RSA sign-check and RSA-PSS callbacks. |
| src/java/com/wolfssl/WolfCryptRSA.java | Adds native method declarations for RSA-PSS sign/verify wrappers. |
| scripts/infer.sh | Includes the new Java interface files in Infer’s javac invocation. |
| native/com_wolfssl_WolfSSLContext.h | Adds JNI declarations for RSA-PSS sign and RSA/RSA-PSS sign-check registration. |
| native/com_wolfssl_WolfSSLContext.c | Implements JNI registration and native-to-Java bridging for the new callbacks. |
| native/com_wolfssl_WolfCryptRSA.h | Adds JNI declarations for doPssSign/doPssVerify. |
| native/com_wolfssl_WolfCryptRSA.c | Implements RSA-PSS sign/verify wrappers using wolfCrypt APIs. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 11 out of 11 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
rlm2002
approved these changes
Feb 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds RSA-PSS sign and sign check (verify) PK callback support to the JNI layer, enabling applications to register custom RSA-PSS callbacks for TLS 1.3 handshakes.
WolfSSLRsaPssSignCallbackandWolfSSLRsaPssVerifyCallbackJava interfacesdoPssSign()anddoPssVerify()native wrappers inWolfCryptRSAfor use in example/test callback implementationsZD 21200