Skip to content

Commit

Permalink
JCE: add Signature implementation for SHA3-224withRSA, SHA3-256withRS…
Browse files Browse the repository at this point in the history 
…A, SHA3-384withRSA, SHA3-512withRSA, SHA3-224withECDSA, SHA3-256withECDSA, SHA3-384withECDSA, SHA3-512withECDSA
  • Loading branch information
@cconlon
cconlon committed Mar 5, 2025
1 parent 55a0ca0 commit 72a4f88
Show file tree
Hide file tree
Showing 4 changed files with 240 additions and 11 deletions.
8 changes: 8 additions & 0 deletions README_JCE.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,10 +125,18 @@ The JCE provider currently supports the following algorithms:
SHA256withRSA
SHA384withRSA
SHA512withRSA
SHA3-224withRSA
SHA3-256withRSA
SHA3-384withRSA
SHA3-512withRSA
SHA1withECDSA
SHA256withECDSA
SHA384withECDSA
SHA512withECDSA
SHA3-224withECDSA
SHA3-256withECDSA
SHA3-384withECDSA
SHA3-512withECDSA

KeyAgreement Class
DiffieHellman
Expand Down
19 changes: 19 additions & 0 deletions src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,25 @@ private void registerServices() {
put("Signature.SHA512withECDSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA512wECDSA");
}
if (FeatureDetect.Sha3Enabled()) {
put("Signature.SHA3-224withRSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_224wRSA");
put("Signature.SHA3-256withRSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_256wRSA");
put("Signature.SHA3-384withRSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_384wRSA");
put("Signature.SHA3-512withRSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_512wRSA");

put("Signature.SHA3-224withECDSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_224wECDSA");
put("Signature.SHA3-256withECDSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_256wECDSA");
put("Signature.SHA3-384withECDSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_384wECDSA");
put("Signature.SHA3-512withECDSA",
"com.wolfssl.provider.jce.WolfCryptSignature$wcSHA3_512wECDSA");
}

/* Mac */
if (FeatureDetect.HmacMd5Enabled()) {
Expand Down
202 changes: 199 additions & 3 deletions src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
import com.wolfssl.wolfcrypt.Sha256;
import com.wolfssl.wolfcrypt.Sha384;
import com.wolfssl.wolfcrypt.Sha512;
import com.wolfssl.wolfcrypt.Sha3;
import com.wolfssl.wolfcrypt.Rsa;
import com.wolfssl.wolfcrypt.Ecc;
import com.wolfssl.wolfcrypt.Rng;
Expand All @@ -62,7 +63,11 @@ enum DigestType {
WC_SHA1,
WC_SHA256,
WC_SHA384,
WC_SHA512
WC_SHA512,
WC_SHA3_224,
WC_SHA3_256,
WC_SHA3_384,
WC_SHA3_512
}

/* internal hash type sums */
Expand All @@ -71,6 +76,10 @@ enum DigestType {
private int SHA256h = 414;
private int SHA384h = 415;
private int SHA512h = 416;
private int SHA3_224h = 420;
private int SHA3_256h = 421;
private int SHA3_384h = 422;
private int SHA3_512h = 423;

/* internal key objects */
private Rsa rsa = null;
Expand All @@ -82,6 +91,7 @@ enum DigestType {
private Sha256 sha256 = null;
private Sha384 sha384 = null;
private Sha512 sha512 = null;
private Sha3 sha3 = null;

private KeyType keyType; /* active key type, from KeyType */
private DigestType digestType; /* active digest type, from DigestType */
Expand Down Expand Up @@ -145,6 +155,30 @@ private WolfCryptSignature(KeyType ktype, DigestType dtype)
this.internalHashSum = SHA512h;
break;

case WC_SHA3_224:
this.sha3 = new Sha3(Sha3.TYPE_SHA3_224);
this.digestSz = Sha3.DIGEST_SIZE_224;
this.internalHashSum = SHA3_224h;
break;

case WC_SHA3_256:
this.sha3 = new Sha3(Sha3.TYPE_SHA3_256);
this.digestSz = Sha3.DIGEST_SIZE_256;
this.internalHashSum = SHA3_256h;
break;

case WC_SHA3_384:
this.sha3 = new Sha3(Sha3.TYPE_SHA3_384);
this.digestSz = Sha3.DIGEST_SIZE_384;
this.internalHashSum = SHA3_384h;
break;

case WC_SHA3_512:
this.sha3 = new Sha3(Sha3.TYPE_SHA3_512);
this.digestSz = Sha3.DIGEST_SIZE_512;
this.internalHashSum = SHA3_512h;
break;

default:
throw new NoSuchAlgorithmException(
"Unsupported signature algorithm digest type");
Expand Down Expand Up @@ -266,6 +300,13 @@ protected synchronized void engineInitSign(PrivateKey privateKey)
case WC_SHA512:
this.sha512.init();
break;

case WC_SHA3_224:
case WC_SHA3_256:
case WC_SHA3_384:
case WC_SHA3_512:
this.sha3.init();
break;
}

log("init sign with PrivateKey");
Expand Down Expand Up @@ -332,6 +373,12 @@ protected synchronized void engineInitVerify(PublicKey publicKey)
case WC_SHA512:
this.sha512.init();
break;

case WC_SHA3_224:
case WC_SHA3_256:
case WC_SHA3_384:
case WC_SHA3_512:
this.sha3.init();
}

log("init verify with PublicKey");
Expand Down Expand Up @@ -377,8 +424,14 @@ protected synchronized byte[] engineSign() throws SignatureException {
case WC_SHA512:
this.sha512.digest(digest);
break;
}

case WC_SHA3_224:
case WC_SHA3_256:
case WC_SHA3_384:
case WC_SHA3_512:
this.sha3.digest(digest);
break;
}
} catch (ShortBufferException e) {
throw new SignatureException(e.getMessage());
}
Expand Down Expand Up @@ -463,6 +516,12 @@ protected synchronized void engineUpdate(byte[] b, int off, int len)
case WC_SHA512:
this.sha512.update(b, off, len);
break;

case WC_SHA3_224:
case WC_SHA3_256:
case WC_SHA3_384:
case WC_SHA3_512:
this.sha3.update(b, off, len);
}

log("update, offset: " + off + ", len: " + len);
Expand Down Expand Up @@ -501,6 +560,13 @@ protected synchronized boolean engineVerify(byte[] sigBytes)
case WC_SHA512:
this.sha512.digest(digest);
break;

case WC_SHA3_224:
case WC_SHA3_256:
case WC_SHA3_384:
case WC_SHA3_512:
this.sha3.digest(digest);
break;
}

} catch (ShortBufferException e) {
Expand Down Expand Up @@ -587,6 +653,14 @@ private String digestToString(DigestType type) {
return "SHA384";
case WC_SHA512:
return "SHA512";
case WC_SHA3_224:
return "SHA3-224";
case WC_SHA3_256:
return "SHA3-256";
case WC_SHA3_384:
return "SHA3-384";
case WC_SHA3_512:
return "SHA3-512";
default:
return "None";
}
Expand Down Expand Up @@ -617,6 +691,9 @@ protected synchronized void finalize() throws Throwable {
if (this.sha512 != null)
this.sha512.releaseNativeStruct();

if (this.sha3 != null)
this.sha3.releaseNativeStruct();

/* free native key objects */
if (this.rsa != null)
this.rsa.releaseNativeStruct();
Expand Down Expand Up @@ -713,6 +790,66 @@ public wcSHA512wRSA() throws NoSuchAlgorithmException {
}
}

/**
* wolfJCE SHA3-224wRSA signature class
*/
public static final class wcSHA3_224wRSA extends WolfCryptSignature {
/**
* Create new wcSHA3_224wRSA object
*
* @throws NoSuchAlgorithmException if signature type is not
* available in native wolfCrypt library
*/
public wcSHA3_224wRSA() throws NoSuchAlgorithmException {
super(KeyType.WC_RSA, DigestType.WC_SHA3_224);
}
}

/**
* wolfJCE SHA3-256wRSA signature class
*/
public static final class wcSHA3_256wRSA extends WolfCryptSignature {
/**
* Create new wcSHA3_256wRSA object
*
* @throws NoSuchAlgorithmException if signature type is not
* available in native wolfCrypt library
*/
public wcSHA3_256wRSA() throws NoSuchAlgorithmException {
super(KeyType.WC_RSA, DigestType.WC_SHA3_256);
}
}

/**
* wolfJCE SHA3-384wRSA signature class
*/
public static final class wcSHA3_384wRSA extends WolfCryptSignature {
/**
* Create new wcSHA3_384wRSA object
*
* @throws NoSuchAlgorithmException if signature type is not
* available in native wolfCrypt library
*/
public wcSHA3_384wRSA() throws NoSuchAlgorithmException {
super(KeyType.WC_RSA, DigestType.WC_SHA3_384);
}
}

/**
* wolfJCE SHA3-512wRSA signature class
*/
public static final class wcSHA3_512wRSA extends WolfCryptSignature {
/**
* Create new wcSHA3_512wRSA object
*
* @throws NoSuchAlgorithmException if signature type is not
* available in native wolfCrypt library
*/
public wcSHA3_512wRSA() throws NoSuchAlgorithmException {
super(KeyType.WC_RSA, DigestType.WC_SHA3_512);
}
}

/**
* wolfJCE SHA1wECDSA signature class
*/
Expand Down Expand Up @@ -772,5 +909,64 @@ public wcSHA512wECDSA() throws NoSuchAlgorithmException {
super(KeyType.WC_ECDSA, DigestType.WC_SHA512);
}
}
}

/**
* wolfJCE SHA3-224wECDSA signature class
*/
public static final class wcSHA3_224wECDSA extends WolfCryptSignature {
/**
* Create new wcSHA3_224wECDSA object
*
* @throws NoSuchAlgorithmException if signature type is not
* available in native wolfCrypt library
*/
public wcSHA3_224wECDSA() throws NoSuchAlgorithmException {
super(KeyType.WC_ECDSA, DigestType.WC_SHA3_224);
}
}

/**
* wolfJCE SHA3-256wECDSA signature class
*/
public static final class wcSHA3_256wECDSA extends WolfCryptSignature {
/**
* Create new wcSHA3_256wECDSA object
*
* @throws NoSuchAlgorithmException if signature type is not
* available in native wolfCrypt library
*/
public wcSHA3_256wECDSA() throws NoSuchAlgorithmException {
super(KeyType.WC_ECDSA, DigestType.WC_SHA3_256);
}
}

/**
* wolfJCE SHA3-384wECDSA signature class
*/
public static final class wcSHA3_384wECDSA extends WolfCryptSignature {
/**
* Create new wcSHA3_384wECDSA object
*
* @throws NoSuchAlgorithmException if signature type is not
* available in native wolfCrypt library
*/
public wcSHA3_384wECDSA() throws NoSuchAlgorithmException {
super(KeyType.WC_ECDSA, DigestType.WC_SHA3_384);
}
}

/**
* wolfJCE SHA3-512wECDSA signature class
*/
public static final class wcSHA3_512wECDSA extends WolfCryptSignature {
/**
* Create new wcSHA3_512wECDSA object
*
* @throws NoSuchAlgorithmException if signature type is not
* available in native wolfCrypt library
*/
public wcSHA3_512wECDSA() throws NoSuchAlgorithmException {
super(KeyType.WC_ECDSA, DigestType.WC_SHA3_512);
}
}
}
Loading

0 comments on commit 72a4f88

Please sign in to comment.