Skip to content

Commit

Permalink
JNI: add wolfSSL JNI Java level debugging, add wolfssljni.debug=true …
Browse files Browse the repository at this point in the history
…System property support
  • Loading branch information
cconlon committed Nov 21, 2024
1 parent fd51ab9 commit efe2459
Show file tree
Hide file tree
Showing 34 changed files with 1,993 additions and 430 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,7 @@ and what each enables.
| System Property | Default | To Enable | Description |
| --- | --- | --- | --- |
| wolfssl.debug | "false" | "true" | Enables native wolfSSL debug logging |
| wolfssljni.debug | "false" | "true" | Enables wolfJNI debug logging |
| wolfjsse.debug | "false" | "true | Enables wolfJSSE debug logging |
| wolfjsse.debugFormat | | "JSON" | Switches debug output format |
| wolfsslengine.debug | "false" | "true" | Enables SSLEngine debug logging |
Expand Down
1 change: 0 additions & 1 deletion examples/Client.java
Original file line number Diff line number Diff line change
Expand Up @@ -230,7 +230,6 @@ public void run(String[] args) {

/* init library */
WolfSSL sslLib = new WolfSSL();
sslLib.debuggingON();

/* set logging callback */
if (logCallback == 1) {
Expand Down
1 change: 0 additions & 1 deletion examples/Server.java
Original file line number Diff line number Diff line change
Expand Up @@ -217,7 +217,6 @@ public void run(String[] args) {

/* init library */
WolfSSL sslLib = new WolfSSL();
sslLib.debuggingON();

/* set logging callback */
if (logCallback == 1) {
Expand Down
2 changes: 1 addition & 1 deletion examples/provider/ClientJSSE.java
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;

import com.wolfssl.provider.jsse.WolfSSLDebug;
import com.wolfssl.WolfSSLDebug;
import com.wolfssl.provider.jsse.WolfSSLProvider;
import com.wolfssl.WolfSSL;
import java.security.PrivateKey;
Expand Down
2 changes: 1 addition & 1 deletion examples/provider/ServerJSSE.java
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
import javax.net.ssl.TrustManagerFactory;

import com.wolfssl.WolfSSLException;
import com.wolfssl.provider.jsse.WolfSSLDebug;
import com.wolfssl.WolfSSLDebug;
import com.wolfssl.provider.jsse.WolfSSLProvider;

public class ServerJSSE {
Expand Down
27 changes: 26 additions & 1 deletion src/java/com/wolfssl/WolfSSL.java
Original file line number Diff line number Diff line change
Expand Up @@ -568,7 +568,12 @@ public enum TLS_VERSION {
* initialize correctly
*/
public WolfSSL() throws WolfSSLException {
int ret = init();
int ret;

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, "initializing wolfSSL library");

ret = init();
if (ret != SSL_SUCCESS) {
throw new WolfSSLException("Failed to initialize wolfSSL library: "
+ ret);
Expand Down Expand Up @@ -663,6 +668,9 @@ public static void loadLibrary() throws UnsatisfiedLinkError {

int fipsLoaded = 0;

WolfSSLDebug.log(WolfSSL.class, WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, "loading native library: wolfssl");

String osName = System.getProperty("os.name");
if (osName != null && osName.toLowerCase().contains("win")) {
try {
Expand All @@ -680,6 +688,9 @@ public static void loadLibrary() throws UnsatisfiedLinkError {
}
}

WolfSSLDebug.log(WolfSSL.class, WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, "loading native library: wolfssljni");

/* Load wolfssljni library */
System.loadLibrary("wolfssljni");
}
Expand All @@ -695,6 +706,10 @@ public static void loadLibrary() throws UnsatisfiedLinkError {
* @throws UnsatisfiedLinkError if the library is not found.
*/
public static void loadLibrary(String libName) throws UnsatisfiedLinkError {

WolfSSLDebug.log(WolfSSL.class, WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, "loading native library by name: " + libName);

System.loadLibrary(libName);
}

Expand All @@ -716,6 +731,10 @@ public static void loadLibrary(String libName) throws UnsatisfiedLinkError {
*/
public static void loadLibraryAbsolute(String libPath)
throws UnsatisfiedLinkError {

WolfSSLDebug.log(WolfSSL.class, WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, "loading native library by path: " + libPath);

System.load(libPath);
}

Expand Down Expand Up @@ -1489,6 +1508,9 @@ public static String[] getCiphersAvailableIana(TLS_VERSION version) {
*/
public static int cryptoCbRegisterDevice(int devId) {

WolfSSLDebug.log(WolfSSL.class, WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, "registering crypto cb devId: " + devId);

return wc_CryptoCb_RegisterDevice(devId);
}

Expand All @@ -1500,6 +1522,9 @@ public static int cryptoCbRegisterDevice(int devId) {
*/
public static int cryptoCbUnRegisterDevice(int devId) {

WolfSSLDebug.log(WolfSSL.class, WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, "unregistering crypto cb devId: " + devId);

wc_CryptoCb_UnRegisterDevice(devId);

return 0;
Expand Down
31 changes: 31 additions & 0 deletions src/java/com/wolfssl/WolfSSLCertManager.java
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateEncodingException;
import com.wolfssl.WolfSSLDebug;
import com.wolfssl.WolfSSLException;

/**
Expand Down Expand Up @@ -61,11 +62,15 @@ static native int CertManagerVerifyBuffer(long cm, byte[] in, long sz,
* @throws WolfSSLException if unable to create new manager
*/
public WolfSSLCertManager() throws WolfSSLException {

cmPtr = CertManagerNew();
if (cmPtr == 0) {
throw new WolfSSLException("Failed to create WolfSSLCertManager");
}
this.active = true;

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, cmPtr, "creating new WolfSSLCertManager");
}

/**
Expand Down Expand Up @@ -99,6 +104,10 @@ public synchronized int CertManagerLoadCA(String f, String d)
confirmObjectIsActive();

synchronized (cmLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.cmPtr, "entered CertManagerLoadCA(" +
f + ", " + d + "");

return CertManagerLoadCA(this.cmPtr, f, d);
}
}
Expand All @@ -121,6 +130,11 @@ public synchronized int CertManagerLoadCABuffer(
confirmObjectIsActive();

synchronized (cmLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.cmPtr,
"entered CertManagerLoadCABuffer(sz: " + sz +
", format: " + format + "");

return CertManagerLoadCABuffer(this.cmPtr, in, sz, format);
}
}
Expand All @@ -142,6 +156,10 @@ public synchronized int CertManagerLoadCAKeyStore(KeyStore ks)

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.cmPtr,
"entered CertManagerLoadCAKeyStore(" + ks + ")");

if (ks == null) {
throw new WolfSSLException("Input KeyStore is null");
}
Expand Down Expand Up @@ -194,6 +212,10 @@ public synchronized int CertManagerUnloadCAs()
confirmObjectIsActive();

synchronized (cmLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.cmPtr,
"entered CertManagerUnloadCAs()");

return CertManagerUnloadCAs(this.cmPtr);
}
}
Expand All @@ -217,6 +239,11 @@ public synchronized int CertManagerVerifyBuffer(
confirmObjectIsActive();

synchronized (cmLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.cmPtr,
"entered CertManagerVerifyBuffer(sz: " + sz + ", format: " +
format + ")");

return CertManagerVerifyBuffer(this.cmPtr, in, sz, format);
}
}
Expand All @@ -228,12 +255,16 @@ public synchronized int CertManagerVerifyBuffer(
public synchronized void free() throws IllegalStateException {

synchronized (stateLock) {

if (this.active == false) {
/* already freed, just return */
return;
}

synchronized (cmLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.cmPtr, "entered free()");

/* free native resources */
CertManagerFree(this.cmPtr);

Expand Down
62 changes: 62 additions & 0 deletions src/java/com/wolfssl/WolfSSLCertRequest.java
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.ECPrivateKey;
import com.wolfssl.WolfSSLDebug;

/**
* WolfSSLCertRequest class, wraps native X509_REQ functionality.
Expand Down Expand Up @@ -86,6 +87,9 @@ public WolfSSLCertRequest() throws WolfSSLException {
throw new WolfSSLException("Failed to create WolfSSLCertRequest");
}

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, x509ReqPtr, "creating new WolfSSLCertRequest");

synchronized (stateLock) {
this.active = true;
}
Expand Down Expand Up @@ -128,6 +132,10 @@ public void setSubjectName(WolfSSLX509Name name)
confirmObjectIsActive();

synchronized (x509ReqLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr,
"entered setSubjectName(" + name + ")");

/* TODO somehow lock WolfSSLX509Name object while using pointer? */
ret = X509_REQ_set_subject_name(this.x509ReqPtr,
name.getNativeX509NamePtr());
Expand Down Expand Up @@ -164,6 +172,10 @@ public void addAttribute(int nid, byte[] value)

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr,
"entered addAttribute(nid: " + nid + ", byte[])");

if (nid != WolfSSL.NID_pkcs9_challengePassword &&
nid != WolfSSL.NID_serialNumber &&
nid != WolfSSL.NID_pkcs9_unstructuredName &&
Expand Down Expand Up @@ -212,6 +224,10 @@ public void setVersion(long version)
confirmObjectIsActive();

synchronized (x509ReqLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr,
"entered setVersion(" + version + ")");

ret = X509_REQ_set_version(this.x509ReqPtr, version);
}

Expand Down Expand Up @@ -246,6 +262,10 @@ public void setPublicKey(String filePath, int keyType, int format)

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr, "entered setPublicKey(" +
filePath + ", type: " + keyType + ", format: " + format + ")");

if (filePath == null || filePath.isEmpty()) {
throw new WolfSSLException("File path is null or empty");
}
Expand Down Expand Up @@ -289,6 +309,11 @@ public void setPublicKey(byte[] key, int keyType, int format)

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr,
"entered setPublicKey(byte[], type: " + keyType + ", format: " +
format + ")");

if (key == null || key.length == 0) {
throw new WolfSSLException("Key array is null or empty");
}
Expand Down Expand Up @@ -341,6 +366,10 @@ public void setPublicKey(PublicKey key)

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr,
"entered setPublicKey(" + key + ")");

if (key instanceof RSAPublicKey) {
keyType = WolfSSL.RSAk;
}
Expand Down Expand Up @@ -413,6 +442,10 @@ public void addExtension(int nid, String value, boolean isCritical)

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr, "entered addExtension(nid: " +
nid + ", value: " + value + ", isCritical: " + isCritical + ")");

if (nid != WolfSSL.NID_key_usage &&
nid != WolfSSL.NID_subject_alt_name &&
nid != WolfSSL.NID_ext_key_usage) {
Expand Down Expand Up @@ -469,6 +502,10 @@ public void addExtension(int nid, boolean value, boolean isCritical)

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr, "entered addExtension(nid: " +
nid + ", value: " + value + ", isCritical: " + isCritical + ")");

if (nid != WolfSSL.NID_basic_constraints) {
throw new WolfSSLException(
"Unsupported X509v3 extension NID: " + nid);
Expand Down Expand Up @@ -516,6 +553,11 @@ public void signRequest(String filePath, int keyType, int format,

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr, "entered signRequest(" +
filePath + ", keyType: " + keyType + ", format: " + format +
", digestAlg: " + digestAlg + ")");

if (filePath == null || filePath.isEmpty()) {
throw new WolfSSLException("File path is null or empty");
}
Expand Down Expand Up @@ -562,6 +604,11 @@ public void signRequest(byte[] key, int keyType, int format,

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr,
"entered signRequest(byte[], keyType: " + keyType + ", format: " +
format + ", digestAlg: " + digestAlg + ")");

if (key == null || key.length == 0) {
throw new WolfSSLException("Key array is null or empty");
}
Expand Down Expand Up @@ -618,6 +665,10 @@ public void signRequest(PrivateKey key, String digestAlg)

confirmObjectIsActive();

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr, "entered signRequest(key: " +
key + ", digestAlg: " + digestAlg + ")");

if (key == null) {
throw new WolfSSLException("Key object is null");
}
Expand Down Expand Up @@ -664,6 +715,9 @@ public byte[] getDer() throws IllegalStateException, WolfSSLJNIException {
confirmObjectIsActive();

synchronized (x509ReqLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr, "entered getDer()");

return X509_REQ_get_der(this.x509ReqPtr);
}
}
Expand All @@ -681,6 +735,9 @@ public byte[] getPem() throws IllegalStateException, WolfSSLJNIException {
confirmObjectIsActive();

synchronized (x509ReqLock) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr, "entered getPem()");

return X509_REQ_get_pem(this.x509ReqPtr);
}
}
Expand Down Expand Up @@ -715,12 +772,17 @@ public String toString() {
public synchronized void free() {

synchronized (stateLock) {

if (this.active == false) {
/* already freed, just return */
return;
}

synchronized (x509ReqLock) {

WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
WolfSSLDebug.INFO, this.x509ReqPtr, "entered free()");

/* free native resources */
X509_REQ_free(this.x509ReqPtr);

Expand Down
Loading

0 comments on commit efe2459

Please sign in to comment.