1 /*
2 * Copyright (c) 2009, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 #include <jni.h>
27 #include "jni_util.h"
28 #include "impl/ecc_impl.h"
29
30 #define ILLEGAL_STATE_EXCEPTION "java/lang/IllegalStateException"
31 #define INVALID_ALGORITHM_PARAMETER_EXCEPTION \
32 "java/security/InvalidAlgorithmParameterException"
33 #define INVALID_PARAMETER_EXCEPTION \
34 "java/security/InvalidParameterException"
35 #define KEY_EXCEPTION "java/security/KeyException"
36
37 extern "C" {
38
39 /*
40 * Declare library specific JNI_Onload entry if static build
41 */
42 DEF_STATIC_JNI_OnLoad
43
44 /*
45 * Throws an arbitrary Java exception.
46 */
47 void ThrowException(JNIEnv *env, const char *exceptionName)
48 {
49 jclass exceptionClazz = env->FindClass(exceptionName);
50 if (exceptionClazz != NULL) {
51 env->ThrowNew(exceptionClazz, NULL);
52 }
53 }
54
55 /*
56 * Deep free of the ECParams struct
57 */
58 void FreeECParams(ECParams *ecparams, jboolean freeStruct)
59 {
60 // Use B_FALSE to free the SECItem->data element, but not the SECItem itself
61 // Use B_TRUE to free both
62
63 SECITEM_FreeItem(&ecparams->fieldID.u.prime, B_FALSE);
64 SECITEM_FreeItem(&ecparams->curve.a, B_FALSE);
65 SECITEM_FreeItem(&ecparams->curve.b, B_FALSE);
66 SECITEM_FreeItem(&ecparams->curve.seed, B_FALSE);
67 SECITEM_FreeItem(&ecparams->base, B_FALSE);
68 SECITEM_FreeItem(&ecparams->order, B_FALSE);
69 SECITEM_FreeItem(&ecparams->DEREncoding, B_FALSE);
70 SECITEM_FreeItem(&ecparams->curveOID, B_FALSE);
71 if (freeStruct)
72 free(ecparams);
73 }
74
75 jbyteArray getEncodedBytes(JNIEnv *env, SECItem *hSECItem)
76 {
77 SECItem *s = (SECItem *)hSECItem;
78
79 jbyteArray jEncodedBytes = env->NewByteArray(s->len);
80 if (jEncodedBytes == NULL) {
81 return NULL;
82 }
83 // Copy bytes from a native SECItem buffer to Java byte array
84 env->SetByteArrayRegion(jEncodedBytes, 0, s->len, (jbyte *)s->data);
85 if (env->ExceptionCheck()) { // should never happen
86 return NULL;
87 }
88 return jEncodedBytes;
89 }
90
91 /*
92 * Class: sun_security_ec_ECKeyPairGenerator
93 * Method: isCurveSupported
94 * Signature: ([B)Z
95 */
96 JNIEXPORT jboolean
97 JNICALL Java_sun_security_ec_ECKeyPairGenerator_isCurveSupported
98 (JNIEnv *env, jclass clazz, jbyteArray encodedParams)
99 {
100 SECKEYECParams params_item;
101 ECParams *ecparams = NULL;
102 jboolean result = JNI_FALSE;
103
104 // The curve is supported if we can get parameters for it
105 params_item.len = env->GetArrayLength(encodedParams);
106 params_item.data =
107 (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
108 if (params_item.data == NULL) {
109 goto cleanup;
110 }
111
112 // Fill a new ECParams using the supplied OID
113 if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
114 /* bad curve OID */
115 goto cleanup;
116 }
117
118 // If we make it to here, then the curve is supported
119 result = JNI_TRUE;
120
121 cleanup:
122 {
123 if (params_item.data) {
124 env->ReleaseByteArrayElements(encodedParams,
125 (jbyte *) params_item.data, JNI_ABORT);
126 }
127 if (ecparams) {
128 FreeECParams(ecparams, true);
129 }
130 }
131
132 return result;
133 }
134
135 /*
136 * Class: sun_security_ec_ECKeyPairGenerator
137 * Method: generateECKeyPair
138 * Signature: (I[B[B)[[B
139 */
140 JNIEXPORT jobjectArray
141 JNICALL Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair
142 (JNIEnv *env, jclass clazz, jint keySize, jbyteArray encodedParams, jbyteArray seed)
143 {
144 ECPrivateKey *privKey = NULL; // contains both public and private values
145 ECParams *ecparams = NULL;
146 SECKEYECParams params_item;
147 jint jSeedLength;
148 jbyte* pSeedBuffer = NULL;
149 jobjectArray result = NULL;
150 jclass baCls = NULL;
151 jbyteArray jba;
152
153 // Initialize the ECParams struct
154 params_item.len = env->GetArrayLength(encodedParams);
155 params_item.data =
156 (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
157 if (params_item.data == NULL) {
158 goto cleanup;
159 }
160
161 // Fill a new ECParams using the supplied OID
162 if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
163 /* bad curve OID */
164 ThrowException(env, INVALID_ALGORITHM_PARAMETER_EXCEPTION);
165 goto cleanup;
166 }
167
168 // Copy seed from Java to native buffer
169 jSeedLength = env->GetArrayLength(seed);
170 pSeedBuffer = new jbyte[jSeedLength];
171 env->GetByteArrayRegion(seed, 0, jSeedLength, pSeedBuffer);
172
173 // Generate the new keypair (using the supplied seed)
174 if (EC_NewKey(ecparams, &privKey, (unsigned char *) pSeedBuffer,
175 jSeedLength, 0) != SECSuccess) {
176 ThrowException(env, KEY_EXCEPTION);
177 goto cleanup;
178 }
179
180 jboolean isCopy;
181 baCls = env->FindClass("[B");
182 if (baCls == NULL) {
183 goto cleanup;
184 }
185 result = env->NewObjectArray(2, baCls, NULL);
186 if (result == NULL) {
187 goto cleanup;
188 }
189 jba = getEncodedBytes(env, &(privKey->privateValue));
190 if (jba == NULL) {
191 result = NULL;
192 goto cleanup;
193 }
194 env->SetObjectArrayElement(result, 0, jba); // big integer
195 if (env->ExceptionCheck()) { // should never happen
196 result = NULL;
197 goto cleanup;
198 }
199
200 jba = getEncodedBytes(env, &(privKey->publicValue));
201 if (jba == NULL) {
202 result = NULL;
203 goto cleanup;
204 }
205 env->SetObjectArrayElement(result, 1, jba); // encoded ec point
206 if (env->ExceptionCheck()) { // should never happen
207 result = NULL;
208 goto cleanup;
209 }
210
211 cleanup:
212 {
213 if (params_item.data) {
214 env->ReleaseByteArrayElements(encodedParams,
215 (jbyte *) params_item.data, JNI_ABORT);
216 }
217 if (ecparams) {
218 FreeECParams(ecparams, true);
219 }
220 if (privKey) {
221 FreeECParams(&privKey->ecParams, false);
222 SECITEM_FreeItem(&privKey->version, B_FALSE);
223 SECITEM_FreeItem(&privKey->privateValue, B_FALSE);
224 SECITEM_FreeItem(&privKey->publicValue, B_FALSE);
225 free(privKey);
226 }
227
228 if (pSeedBuffer) {
229 delete [] pSeedBuffer;
230 }
231 }
232
233 return result;
234 }
235
236 /*
237 * Class: sun_security_ec_ECDSASignature
238 * Method: signDigest
239 * Signature: ([B[B[B[B)[B
240 */
241 JNIEXPORT jbyteArray
242 JNICALL Java_sun_security_ec_ECDSASignature_signDigest
243 (JNIEnv *env, jclass clazz, jbyteArray digest, jbyteArray privateKey, jbyteArray encodedParams, jbyteArray seed, jint timing)
244 {
245 jbyte* pDigestBuffer = NULL;
246 jint jDigestLength = env->GetArrayLength(digest);
247 jbyteArray jSignedDigest = NULL;
248
249 SECItem signature_item;
250 jbyte* pSignedDigestBuffer = NULL;
251 jbyteArray temp;
252
253 jint jSeedLength = env->GetArrayLength(seed);
254 jbyte* pSeedBuffer = NULL;
255
256 // Copy digest from Java to native buffer
257 pDigestBuffer = new jbyte[jDigestLength];
258 env->GetByteArrayRegion(digest, 0, jDigestLength, pDigestBuffer);
259 SECItem digest_item;
260 digest_item.data = (unsigned char *) pDigestBuffer;
261 digest_item.len = jDigestLength;
262
263 ECPrivateKey privKey;
264 privKey.privateValue.data = NULL;
265
266 // Initialize the ECParams struct
267 ECParams *ecparams = NULL;
268 SECKEYECParams params_item;
269 params_item.len = env->GetArrayLength(encodedParams);
270 params_item.data =
271 (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
272 if (params_item.data == NULL) {
273 goto cleanup;
274 }
275
276 // Fill a new ECParams using the supplied OID
277 if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
278 /* bad curve OID */
279 ThrowException(env, INVALID_ALGORITHM_PARAMETER_EXCEPTION);
280 goto cleanup;
281 }
282
283 // Extract private key data
284 privKey.ecParams = *ecparams; // struct assignment
285 privKey.privateValue.len = env->GetArrayLength(privateKey);
286 privKey.privateValue.data =
287 (unsigned char *) env->GetByteArrayElements(privateKey, 0);
288 if (privKey.privateValue.data == NULL) {
289 goto cleanup;
290 }
291
292 // Prepare a buffer for the signature (twice the key length)
293 pSignedDigestBuffer = new jbyte[ecparams->order.len * 2];
294 signature_item.data = (unsigned char *) pSignedDigestBuffer;
295 signature_item.len = ecparams->order.len * 2;
296
297 // Copy seed from Java to native buffer
298 pSeedBuffer = new jbyte[jSeedLength];
299 env->GetByteArrayRegion(seed, 0, jSeedLength, pSeedBuffer);
300
301 // Sign the digest (using the supplied seed)
302 if (ECDSA_SignDigest(&privKey, &signature_item, &digest_item,
303 (unsigned char *) pSeedBuffer, jSeedLength, 0, timing) != SECSuccess) {
304 ThrowException(env, KEY_EXCEPTION);
305 goto cleanup;
306 }
307
308 // Create new byte array
309 temp = env->NewByteArray(signature_item.len);
310 if (temp == NULL) {
311 goto cleanup;
312 }
313
314 // Copy data from native buffer
315 env->SetByteArrayRegion(temp, 0, signature_item.len, pSignedDigestBuffer);
316 jSignedDigest = temp;
317
318 cleanup:
319 {
320 if (params_item.data) {
321 env->ReleaseByteArrayElements(encodedParams,
322 (jbyte *) params_item.data, JNI_ABORT);
323 }
324 if (privKey.privateValue.data) {
325 env->ReleaseByteArrayElements(privateKey,
326 (jbyte *) privKey.privateValue.data, JNI_ABORT);
327 }
328 if (pDigestBuffer) {
329 delete [] pDigestBuffer;
330 }
331 if (pSignedDigestBuffer) {
332 delete [] pSignedDigestBuffer;
333 }
334 if (pSeedBuffer) {
335 delete [] pSeedBuffer;
336 }
337 if (ecparams) {
338 FreeECParams(ecparams, true);
339 }
340 }
341
342 return jSignedDigest;
343 }
344
345 /*
346 * Class: sun_security_ec_ECDSASignature
347 * Method: verifySignedDigest
348 * Signature: ([B[B[B[B)Z
349 */
350 JNIEXPORT jboolean
351 JNICALL Java_sun_security_ec_ECDSASignature_verifySignedDigest
352 (JNIEnv *env, jclass clazz, jbyteArray signedDigest, jbyteArray digest, jbyteArray publicKey, jbyteArray encodedParams)
353 {
354 jboolean isValid = false;
355
356 // Copy signedDigest from Java to native buffer
357 jbyte* pSignedDigestBuffer = NULL;
358 jint jSignedDigestLength = env->GetArrayLength(signedDigest);
359 pSignedDigestBuffer = new jbyte[jSignedDigestLength];
360 env->GetByteArrayRegion(signedDigest, 0, jSignedDigestLength,
361 pSignedDigestBuffer);
362 SECItem signature_item;
363 signature_item.data = (unsigned char *) pSignedDigestBuffer;
364 signature_item.len = jSignedDigestLength;
365
366 // Copy digest from Java to native buffer
367 jbyte* pDigestBuffer = NULL;
368 jint jDigestLength = env->GetArrayLength(digest);
369 pDigestBuffer = new jbyte[jDigestLength];
370 env->GetByteArrayRegion(digest, 0, jDigestLength, pDigestBuffer);
371 SECItem digest_item;
372 digest_item.data = (unsigned char *) pDigestBuffer;
373 digest_item.len = jDigestLength;
374
375 // Extract public key data
376 ECPublicKey pubKey;
377 pubKey.publicValue.data = NULL;
378 ECParams *ecparams = NULL;
379 SECKEYECParams params_item;
380
381 // Initialize the ECParams struct
382 params_item.len = env->GetArrayLength(encodedParams);
383 params_item.data =
384 (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
385 if (params_item.data == NULL) {
386 goto cleanup;
387 }
388
389 // Fill a new ECParams using the supplied OID
390 if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
391 /* bad curve OID */
392 ThrowException(env, INVALID_ALGORITHM_PARAMETER_EXCEPTION);
393 goto cleanup;
394 }
395 pubKey.ecParams = *ecparams; // struct assignment
396 pubKey.publicValue.len = env->GetArrayLength(publicKey);
397 pubKey.publicValue.data =
398 (unsigned char *) env->GetByteArrayElements(publicKey, 0);
399
400 if (ECDSA_VerifyDigest(&pubKey, &signature_item, &digest_item, 0)
401 != SECSuccess) {
402 goto cleanup;
403 }
404
405 isValid = true;
406
407 cleanup:
408 {
409 if (params_item.data)
410 env->ReleaseByteArrayElements(encodedParams,
411 (jbyte *) params_item.data, JNI_ABORT);
412
413 if (pubKey.publicValue.data)
414 env->ReleaseByteArrayElements(publicKey,
415 (jbyte *) pubKey.publicValue.data, JNI_ABORT);
416
417 if (ecparams)
418 FreeECParams(ecparams, true);
419
420 if (pSignedDigestBuffer)
421 delete [] pSignedDigestBuffer;
422
423 if (pDigestBuffer)
424 delete [] pDigestBuffer;
425 }
426
427 return isValid;
428 }
429
430 /*
431 * Class: sun_security_ec_ECDHKeyAgreement
432 * Method: deriveKey
433 * Signature: ([B[B[B)[B
434 */
435 JNIEXPORT jbyteArray
436 JNICALL Java_sun_security_ec_ECDHKeyAgreement_deriveKey
437 (JNIEnv *env, jclass clazz, jbyteArray privateKey, jbyteArray publicKey, jbyteArray encodedParams)
438 {
439 jbyteArray jSecret = NULL;
440 ECParams *ecparams = NULL;
441 SECItem privateValue_item;
442 privateValue_item.data = NULL;
443 SECItem publicValue_item;
444 publicValue_item.data = NULL;
445 SECKEYECParams params_item;
446 params_item.data = NULL;
447
448 // Extract private key value
449 privateValue_item.len = env->GetArrayLength(privateKey);
450 privateValue_item.data =
451 (unsigned char *) env->GetByteArrayElements(privateKey, 0);
452 if (privateValue_item.data == NULL) {
453 goto cleanup;
454 }
455
456 // Extract public key value
457 publicValue_item.len = env->GetArrayLength(publicKey);
458 publicValue_item.data =
459 (unsigned char *) env->GetByteArrayElements(publicKey, 0);
460 if (publicValue_item.data == NULL) {
461 goto cleanup;
462 }
463
464 // Initialize the ECParams struct
465 params_item.len = env->GetArrayLength(encodedParams);
466 params_item.data =
467 (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
468 if (params_item.data == NULL) {
469 goto cleanup;
470 }
471
472 // Fill a new ECParams using the supplied OID
473 if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
474 /* bad curve OID */
475 ThrowException(env, INVALID_ALGORITHM_PARAMETER_EXCEPTION);
476 goto cleanup;
477 }
478
479 // Prepare a buffer for the secret
480 SECItem secret_item;
481 secret_item.data = NULL;
482 secret_item.len = ecparams->order.len * 2;
483
484 if (ECDH_Derive(&publicValue_item, ecparams, &privateValue_item, B_FALSE,
485 &secret_item, 0) != SECSuccess) {
486 ThrowException(env, ILLEGAL_STATE_EXCEPTION);
487 goto cleanup;
488 }
489
490 // Create new byte array
491 jSecret = env->NewByteArray(secret_item.len);
492 if (jSecret == NULL) {
493 goto cleanup;
494 }
495
496 // Copy bytes from the SECItem buffer to a Java byte array
497 env->SetByteArrayRegion(jSecret, 0, secret_item.len,
498 (jbyte *)secret_item.data);
499
500 // Free the SECItem data buffer
501 SECITEM_FreeItem(&secret_item, B_FALSE);
502
503 cleanup:
504 {
505 if (privateValue_item.data)
506 env->ReleaseByteArrayElements(privateKey,
507 (jbyte *) privateValue_item.data, JNI_ABORT);
508
509 if (publicValue_item.data)
510 env->ReleaseByteArrayElements(publicKey,
511 (jbyte *) publicValue_item.data, JNI_ABORT);
512
513 if (params_item.data)
514 env->ReleaseByteArrayElements(encodedParams,
515 (jbyte *) params_item.data, JNI_ABORT);
516
517 if (ecparams)
518 FreeECParams(ecparams, true);
519 }
520
521 return jSecret;
522 }
523
524 } /* extern "C" */