Fenrir fixes

native/com_wolfssl_WolfCryptECC.c

@@ -73,17 +73,16 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfCryptECC_doVerify
                 (unsigned int)hashSz, &tmpResult, &myKey);
         if (ret != 0) {
             printf("wc_ecc_verify_hash failed, ret = %d\n", ret);
-            wc_ecc_free(&myKey);
-            return -1;
         }
     } else {
         printf("wc_ecc_import_x963 failed, ret = %d\n", ret);
-        return -1;
     }
 
     wc_ecc_free(&myKey);
 
-    (*jenv)->SetIntArrayRegion(jenv, result, 0, 1, &tmpResult);
+    if (ret == 0) {
+        (*jenv)->SetIntArrayRegion(jenv, result, 0, 1, &tmpResult);
+    }
 
     (void)jcl;
     return ret;
@@ -140,17 +139,18 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfCryptECC_doSign
                 &rng, &myKey);
         if (ret != 0) {
             printf("wc_ecc_sign_hash failed, ret = %d\n", ret);
-            wc_ecc_free(&myKey);
-            return -1;
         }
     } else {
         printf("wc_EccPrivateKeyDecode failed, ret = %d\n", ret);
-        return -1;
     }
 
     wc_ecc_free(&myKey);
+    wc_FreeRng(&rng);
 
-    (*jenv)->SetLongArrayRegion(jenv, outSz, 0, 1, (jlong*)&tmpOut);
+    if (ret == 0) {
+        tmp = (jlong)tmpOut;
+        (*jenv)->SetLongArrayRegion(jenv, outSz, 0, 1, &tmp);
+    }
 
     (void)jcl;
     return ret;

native/com_wolfssl_WolfCryptRSA.c

@@ -92,6 +92,7 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfCryptRSA_doSign
     }
 
     wc_FreeRsaKey(&myKey);
+    wc_FreeRng(&rng);
 
     return ret;
 }
@@ -141,7 +142,6 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfCryptRSA_doVerify
                 (unsigned int)outSz, &myKey);
         if (ret < 0) {
             printf("wc_RsaSSL_Verify failed, ret = %d\n", ret);
-            return ret;
         }
     } else {
         printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret);
@@ -212,6 +212,7 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfCryptRSA_doEnc
     }
 
     wc_FreeRsaKey(&myKey);
+    wc_FreeRng(&rng);
 
     return ret;
 }
@@ -444,7 +445,6 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfCryptRSA_doDec
                 (unsigned int)outSz, &myKey);
         if (ret < 0) {
             printf("wc_RsaPrivateDecrypt failed, ret = %d\n", ret);
-            return ret;
         }
     } else {
         printf("wc_RsaPrivateKeyDecode failed, ret = %d\n", ret);

native/com_wolfssl_WolfSSLCRL.c

@@ -660,7 +660,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1get_1der
 
     derArr = (*jenv)->NewByteArray(jenv, sz);
     if (derArr == NULL) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_CRL_get_der");
         XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
         return NULL;
@@ -742,7 +742,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1get_1pem
 
     pemArr = (*jenv)->NewByteArray(jenv, pemSz);
     if (pemArr == NULL) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_CRL_get_pem");
         XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         return NULL;
@@ -801,7 +801,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCRL_X509_1CRL_1get_1signatu
 
     sigArr = (*jenv)->NewByteArray(jenv, sigSz);
     if (sigArr == NULL) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_CRL_get_signature");
         return NULL;
     }

native/com_wolfssl_WolfSSLCertManager.c

@@ -67,13 +67,30 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertManager_CertManagerLoadCA
         return (jint)BAD_FUNC_ARG;
     }
 
-    certFile = (*jenv)->GetStringUTFChars(jenv, f, 0);
-    certPath = (*jenv)->GetStringUTFChars(jenv, d, 0);
+    if (f != NULL) {
+        certFile = (*jenv)->GetStringUTFChars(jenv, f, 0);
+        if (certFile == NULL) {
+            return (jint)MEMORY_E;
+        }
+    }
+    if (d != NULL) {
+        certPath = (*jenv)->GetStringUTFChars(jenv, d, 0);
+        if (certPath == NULL) {
+            if (certFile != NULL) {
+                (*jenv)->ReleaseStringUTFChars(jenv, f, certFile);
+            }
+            return (jint)MEMORY_E;
+        }
+    }
 
     ret = wolfSSL_CertManagerLoadCA(cm, certFile, certPath);
 
-    (*jenv)->ReleaseStringUTFChars(jenv, f, certFile);
-    (*jenv)->ReleaseStringUTFChars(jenv, d, certPath);
+    if (certFile != NULL) {
+        (*jenv)->ReleaseStringUTFChars(jenv, f, certFile);
+    }
+    if (certPath != NULL) {
+        (*jenv)->ReleaseStringUTFChars(jenv, d, certPath);
+    }
 
     return (jint)ret;
 #else

native/com_wolfssl_WolfSSLCertRequest.c

@@ -340,7 +340,9 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertRequest_X509_1REQ_1sign
     }
     (*jenv)->ReleaseByteArrayElements(jenv, keyBytes, (jbyte*)keyBuf,
                                       JNI_ABORT);
-    (*jenv)->ReleaseStringUTFChars(jenv, digestAlg, mdName);
+    if (mdName != NULL) {
+        (*jenv)->ReleaseStringUTFChars(jenv, digestAlg, mdName);
+    }
 
     return (jint)ret;
 #else
@@ -484,7 +486,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertRequest_X509_1REQ_1get_
 
     derArr = (*jenv)->NewByteArray(jenv, sz);
     if (derArr == NULL) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_REQ_get_der");
         return NULL;
     }
@@ -567,7 +569,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertRequest_X509_1REQ_1get_
 
     pemArr = (*jenv)->NewByteArray(jenv, pemSz);
     if (pemArr == NULL) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_REQ_get_pem");
         XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         return NULL;

native/com_wolfssl_WolfSSLCertificate.c

@@ -970,7 +970,9 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1sign
     }
     (*jenv)->ReleaseByteArrayElements(jenv, fileBytes, (jbyte*)fileBuf,
                                       JNI_ABORT);
-    (*jenv)->ReleaseStringUTFChars(jenv, digestAlg, mdName);
+    if (mdName != NULL) {
+        (*jenv)->ReleaseStringUTFChars(jenv, digestAlg, mdName);
+    }
 
     return (jint)ret;
 #else
@@ -1085,6 +1087,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1der
     jbyteArray  derArr = NULL;
     jclass excClass = NULL;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
 
     if (jenv == NULL || x509 == NULL) {
         return NULL;
@@ -1097,7 +1100,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1der
 
     derArr = (*jenv)->NewByteArray(jenv, sz);
     if (derArr == NULL) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_get_der");
         return NULL;
     }
@@ -1133,6 +1136,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1pem
     jbyteArray pemArr = NULL;
     jclass excClass = NULL;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
 
     if (jenv == NULL || x509 == NULL) {
         return NULL;
@@ -1162,7 +1166,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1pem
 
     pemArr = (*jenv)->NewByteArray(jenv, pemSz);
     if (pemArr == NULL) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_get_pem");
         XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         return NULL;
@@ -1207,6 +1211,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1tbs
     const unsigned char* tbs;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
     jclass excClass = NULL;
+    (void)jcl;
 
     if (jenv == NULL || x509 == NULL) {
         return NULL;
@@ -1219,7 +1224,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1tbs
 
     tbsArr = (*jenv)->NewByteArray(jenv, sz);
     if (tbsArr == NULL) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_get_tbs");
         return NULL;
     }
@@ -1374,6 +1379,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1sign
     unsigned char* buf = NULL;
     jbyteArray ret = NULL;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
 
     if (jenv == NULL || x509 == NULL) {
         return NULL;
@@ -1385,7 +1391,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1sign
 
     ret = (*jenv)->NewByteArray(jenv, sz);
     if (!ret) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_get_signature");
         return NULL;
     }
@@ -1419,6 +1425,7 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1signatu
 {
     int type;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
 
     if (jenv == NULL || x509 == NULL) {
         return NULL;
@@ -1438,9 +1445,9 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1signatu
         case CTC_SHAwECDSA:
             return (*jenv)->NewStringUTF(jenv, "SHAwithECDSA");
         case CTC_SHA224wRSA:
-            return (*jenv)->NewStringUTF(jenv, "SHA244withRSA");
+            return (*jenv)->NewStringUTF(jenv, "SHA224withRSA");
         case CTC_SHA224wECDSA:
-            return (*jenv)->NewStringUTF(jenv, "SHA244withECDSA");
+            return (*jenv)->NewStringUTF(jenv, "SHA224withECDSA");
         case CTC_SHA256wRSA:
             return (*jenv)->NewStringUTF(jenv, "SHA256withRSA");
         case CTC_SHA256wECDSA:
@@ -1459,7 +1466,7 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1signatu
             return (*jenv)->NewStringUTF(jenv, "RSASSA-PSS");
 
         default:
-            (*jenv)->ThrowNew(jenv, jcl, "Unknown signature type");
+            throwWolfSSLJNIException(jenv, "Unknown signature type");
             return NULL;
     }
 }
@@ -1773,6 +1780,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1pubk
     unsigned char* buf;
     jbyteArray ret;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
 
     if (jenv == NULL || x509 == NULL) {
         return NULL;
@@ -1784,7 +1792,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1pubk
 
     ret = (*jenv)->NewByteArray(jenv, sz);
     if (!ret) {
-        (*jenv)->ThrowNew(jenv, jcl,
+        throwWolfSSLJNIException(jenv,
             "Failed to create byte array in native X509_get_signature");
         return NULL;
     }
@@ -1818,6 +1826,7 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1pubkey_
 {
     int type;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
 
     if (jenv == NULL || x509 == NULL) {
         return NULL;
@@ -1834,7 +1843,7 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1pubkey_
         case ED25519k:
             return (*jenv)->NewStringUTF(jenv, "EdDSA");
         default:
-            (*jenv)->ThrowNew(jenv, jcl, "Unknown public key type");
+            throwWolfSSLJNIException(jenv, "Unknown public key type");
             return NULL;
     }
 }
@@ -1944,6 +1953,7 @@ JNIEXPORT jbooleanArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1k
     jboolean values[9];
     unsigned short kuse;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
 
     if (jenv == NULL || x509 == NULL) {
         return NULL;
@@ -1953,7 +1963,7 @@ JNIEXPORT jbooleanArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1k
     if (kuse != 0) {
         ret = (*jenv)->NewBooleanArray(jenv, 9);
         if (!ret) {
-            (*jenv)->ThrowNew(jenv, jcl,
+            throwWolfSSLJNIException(jenv,
                 "Failed to create boolean array in native X509_get_key_usage");
             return NULL;
         }
@@ -1973,7 +1983,7 @@ JNIEXPORT jbooleanArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1k
             (*jenv)->ExceptionDescribe(jenv);
             (*jenv)->ExceptionClear(jenv);
             (*jenv)->DeleteLocalRef(jenv, ret);
-            (*jenv)->ThrowNew(jenv, jcl,
+            throwWolfSSLJNIException(jenv,
                     "Failed to set boolean region getting key usage");
             return NULL;
         }
@@ -2032,6 +2042,7 @@ static jobjectArray stackStringToArray(JNIEnv* jenv, jclass jcl,
     jclass stringClass = NULL;
     int count;
     int i;
+    (void)jcl;
 
     if (jenv == NULL || sk == NULL) {
         return NULL;
@@ -2063,7 +2074,7 @@ static jobjectArray stackStringToArray(JNIEnv* jenv, jclass jcl,
             (*jenv)->DeleteLocalRef(jenv, ret);
             (*jenv)->DeleteLocalRef(jenv, stringClass);
             wolfSSL_X509_email_free(sk);
-            (*jenv)->ThrowNew(jenv, jcl,
+            throwWolfSSLJNIException(jenv,
                 "Failed to create String in native AIA getter");
             return NULL;
         }
@@ -2076,7 +2087,7 @@ static jobjectArray stackStringToArray(JNIEnv* jenv, jclass jcl,
             (*jenv)->DeleteLocalRef(jenv, ret);
             (*jenv)->DeleteLocalRef(jenv, stringClass);
             wolfSSL_X509_email_free(sk);
-            (*jenv)->ThrowNew(jenv, jcl,
+            throwWolfSSLJNIException(jenv,
                 "Failed to set String[] element in native AIA getter");
             return NULL;
         }
@@ -2249,6 +2260,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1exte
     unsigned char* data = NULL;
     unsigned int sz = 0;
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)(uintptr_t)x509Ptr;
+    (void)jcl;
 
     if (jenv == NULL || oidIn == NULL || x509 == NULL) {
         return NULL;
@@ -2290,7 +2302,7 @@ JNIEXPORT jbyteArray JNICALL Java_com_wolfssl_WolfSSLCertificate_X509_1get_1exte
 
         ret = (*jenv)->NewByteArray(jenv, sz);
         if (!ret) {
-            (*jenv)->ThrowNew(jenv, jcl,
+            throwWolfSSLJNIException(jenv,
                 "Failed to create byte array in native X509_get_extension");
             return NULL;
         }