Merge branch 'main' into readme-randomness-patch

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 2.5.0
+
+### Minor
+* [PR 397:](https://github.com/corretto/amazon-corretto-crypto-provider/pull/397) Support for Concatenation KDFs
+* [PR 399:](https://github.com/corretto/amazon-corretto-crypto-provider/pull/399) Support for Counter KDFs
+* [PR 394:](https://github.com/corretto/amazon-corretto-crypto-provider/pull/394) Support for Ed25519 DSA
+
 ## 2.4.1
 
 ### Patch

CMakeLists.txt

@@ -41,9 +41,15 @@ set(ENABLE_NATIVE_TEST_HOOKS NO CACHE BOOL "Enable debugging hooks in the RNG. D
 set(TEST_DATA_DIR ${PROJECT_SOURCE_DIR}/test-data/ CACHE STRING "Path to directory containing test data")
 set(ORIG_SRCROOT ${PROJECT_SOURCE_DIR} CACHE STRING "Path to root of original package")
 set(PROVIDER_VERSION_STRING "" CACHE STRING "X.Y.Z formatted version of the provider")
+set(EXPERIMENTAL_FIPS NO CACHE BOOL "Determines if this build is for FIPS mode with extra features from a non-FIPS branch of AWS-LC.")
 set(FIPS NO CACHE BOOL "Determine if this build is for FIPS mode")
 set(ALWAYS_ALLOW_EXTERNAL_LIB NO CACHE BOOL "Always permit tests to load ACCP shared objects from the library path")
 
+if (EXPERIMENTAL_FIPS)
+    set(FIPS ON)
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DEXPERIMENTAL_FIPS_BUILD")
+endif()
+
 if (USE_CLANG_TIDY)
     # https://releases.llvm.org/9.0.0/tools/clang/tools/extra/docs/clang-tidy/checks/list.html
     # https://clang.llvm.org/extra/clang-tidy/#suppressing-undesired-diagnostics
@@ -257,6 +263,7 @@ set(C_SRC
     csrc/buffer.cpp
     csrc/ec_gen.cpp
     csrc/ec_utils.cpp
+    csrc/ed_gen.cpp
     csrc/env.cpp
     csrc/hkdf.cpp
     csrc/hmac.cpp
@@ -283,8 +290,14 @@ if(FIPS)
     set(TEST_FIPS_PROPERTY "-DFIPS=true")
 else()
     set(TEST_FIPS_PROPERTY "-DFIPS=false")
+endif()
+
+# The source files under this guard should be removed and added to all builds, including FIPS,
+# once the corresponding algorithms are added to a FIPS branch of AWS-LC consumable by ACCP.
+if(EXPERIMENTAL_FIPS OR (NOT FIPS))
     set(C_SRC ${C_SRC}
-        csrc/concatenation_kdf.cpp)
+        csrc/concatenation_kdf.cpp
+        csrc/counter_kdf.cpp)
 endif()
 
 add_library(amazonCorrettoCryptoProvider SHARED ${C_SRC})
@@ -301,10 +314,8 @@ add_custom_command(
 add_custom_target(accp-jar-source DEPENDS ${ACCP_JAR_SOURCE})
 
 if(ENABLE_NATIVE_TEST_HOOKS)
-  add_executable(test_keyutils EXCLUDE_FROM_ALL
-        csrc/test_keyutils.cpp
-    )
-    link_with_openssl(test_keyutils)
+    add_executable(test_keyutils EXCLUDE_FROM_ALL csrc/test_keyutils.cpp)
+    # No need to link OpenSSL (AWS-LC)
     target_link_libraries(test_keyutils amazonCorrettoCryptoProvider)
 endif()
 
@@ -813,6 +824,18 @@ add_custom_target(check-install-via-properties-with-debug
 
     DEPENDS accp-jar tests-jar)
 
+add_custom_target(check-junit-edKeyFactory
+    COMMAND ${TEST_JAVA_EXECUTABLE}
+    -Dcom.amazon.corretto.crypto.provider.registerEdKeyFactory=true
+        ${TEST_RUNNER_ARGUMENTS}
+        --select-class=com.amazon.corretto.crypto.provider.test.EdDSATest
+        --select-class=com.amazon.corretto.crypto.provider.test.EvpKeyFactoryTest
+        --select-class=com.amazon.corretto.crypto.provider.test.EvpSignatureSpecificTest
+        --select-class=com.amazon.corretto.crypto.provider.test.EvpSignatureTest
+        --select-class=com.amazon.corretto.crypto.provider.test.KeyReuseThreadStormTest
+
+    DEPENDS accp-jar tests-jar)
+
 set(check_targets check-recursive-init
     check-install-via-properties
     check-install-via-properties-with-debug
@@ -821,7 +844,8 @@ set(check_targets check-recursive-init
     check-external-lib
     check-junit-AesLazy
     check-junit-AesEager
-    check-junit-DifferentTempDir)
+    check-junit-DifferentTempDir
+    check-junit-edKeyFactory)
 
 if(${CMAKE_SYSTEM_NAME} MATCHES "Linux")
   set(check_targets ${check_targets} check-with-jni-flag)

README.md

@@ -64,10 +64,12 @@ Signature algorithms:
 * SHA512withECDSA
 * SHA512withECDSAinP1363Format
 * RSASSA-PSS
+* ED25519 (JDK 15+)
 
 KeyPairGenerator:
 * EC
 * RSA
+* ED25519 (JDK 15+)
 
 KeyGenerator:
 * AES
@@ -85,20 +87,24 @@ SecretKeyFactory:
 * ConcatenationKdfWithSHA512 (not available in FIPS builds)
 * ConcatenationKdfWithHmacSHA256 (not available in FIPS builds)
 * ConcatenationKdfWithHmacSHA512 (not available in FIPS builds)
+* CounterKdfWithHmacSHA256 (not available in FIPS builds)
+* CounterKdfWithHmacSHA384 (not available in FIPS builds)
+* CounterKdfWithHmacSHA512 (not available in FIPS builds)
 
 SecureRandom:
 * ACCP's SecureRandom uses [AWS-LC's DRBG implementation](https://github.com/aws/aws-lc/blob/main/crypto/fipsmodule/rand/rand.c).
 
 KeyFactory:
 * EC
 * RSA
+* ED25519 (JDK 15+). Please refer to [system properties](https://github.com/corretto/amazon-corretto-crypto-provider#other-system-properties) for more information.
 
 AlgorithmParameters:
 * EC. Please refer to [system properties](https://github.com/corretto/amazon-corretto-crypto-provider#other-system-properties) for more information.
 
 
 # Notes on ACCP-FIPS
-ACCP-FIPS is a variation of ACCP which uses AWS-LC-FIPS 2.x as its cryptographic module. This version of AWS-LC-FIPS has completed FIPS validation testing by an accredited lab and has been submitted to NIST for certification. Refer to the [NIST Cryptographic Module Validation Program's Modules In Progress List](https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/Modules-In-Process-List) for the latest status of the AWS-LC Cryptographic Module. We will also update our release notes and documentation to reflect any changes in FIPS certification status. We provide ACCP-FIPS for experimentation and performance testing in the interim.
+ACCP-FIPS is a variation of ACCP which uses AWS-LC-FIPS 2.x as its cryptographic module. This version of AWS-LC-FIPS has FIPS certificate [4816](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4816).
 
 Version 2.3.0 is the first release of ACCP-FIPS. The Maven coordinates for
 ACCP-FIPS are the same as ACCP with one difference that ACCP-FIPS's
@@ -110,7 +116,7 @@ Notable differences between ACCP and ACCP-FIPS:
 * For details about the FIPS module of AWS-LC in FIPS mode, including the entropy sources used, see the [AWS-LC FIPS.md documentation](https://github.com/aws/aws-lc/blob/main/crypto/fipsmodule/FIPS.md).
 * In FIPS-mode, RSA keys are limited to 2048, 3072, or 4096 bits in size with public exponent F4.
 * Due to the fact that an older branch of AWS-LC is used in FIPS-mode, there will be performance differences between ACCP and ACCP-FIPS. We highly recommend performing detailed performance testing of your application if you choose to experiment with ACCP-FIPS.
-* Between versions 2.1.0 and 2.3.3 (inclusive), ACCP-FIPS did not register SecureRandom by default due to the performance of AWS-LC’s entropy source in FIPS-mode, with older versions of AWS-LC. Since version 2.4.0, ACCP-FIPS behaves as ACCP: it registers SecureRandom from AWS-LC by default.
+* Between versions 2.1.0 and 2.3.3 (inclusive), ACCP-FIPS does not register SecureRandom by default due to the performance of AWS-LC’s entropy source in FIPS-mode, with older versions of AWS-LC. Since version 2.4.0, ACCP-FIPS behaves as ACCP: it registers SecureRandom from AWS-LC by default. [A system property](https://github.com/corretto/amazon-corretto-crypto-provider#other-system-properties) is available to change the default behavior.
 
 ACCP-FIPS is only supported on the following platforms:
 
@@ -262,6 +268,10 @@ The FIPS builds use a different version of AWS-LC along with `FIPS=1` build flag
 AWS-LC will have FIPS certification. As a result, ACCP in FIPS mode only uses a version of AWS-LC
 that has FIPS certification or it will have in future.
 
+By providing `-DEXPERIMENTAL_FIPS=true` to `gradlew` you will cause the entire build to be for a "FIPS mode"
+build, and it uses the same version of AWS-LC as non-FIPS builds. This allows one to experiment with APIs
+and features in AWS-LC that have not yet made it into a FIPS branch/release of AWS-LC, but built in FIPS mode.
+
 When changing between FIPS and non-FIPS builds, be sure to do a full `clean` of your build environment.
 
 ##### All targets
@@ -376,6 +386,14 @@ Thus, these should all be set on the JVM command line using `-D`.
 * `com.amazon.corretto.crypto.provider.tmpdir`
    Allows one to set the temporary directory used by ACCP when loading native libraries.
    If this system property is not defined, the system property `java.io.tmpdir` is used.
+* `com.amazon.corretto.crypto.provider.registerEdKeyFactory`
+  Takes in `true` or `false` (defaults to `false`).
+  If `true` and JDK version is 15+, then ACCP will register its Ed25519 related KeyFactory classes.
+  The keys produced by ACCP's KeyFactory services for Ed25519 do not implement [EdECKey](https://docs.oracle.com/en/java/javase/17/docs//api/java.base/java/security/interfaces/EdECKey.html)
+  interface, and as a result, they cannot be used by other providers. Consider setting this property
+  to `true` if the keys are only used by other ACCP services AND they are not type cast to `EdECKey`.
+  It is worth noting that the key generated by KeyFactory service of SunEC can be used by ACCP services
+  such as Signature.
 
 # License
 This library is licensed under the Apache 2.0 license although portions of this

benchmarks/lib/src/jmh/java/com/amazon/corretto/crypto/provider/benchmarks/KeyGenEd.java

@@ -0,0 +1,33 @@
+// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+package com.amazon.corretto.crypto.provider.benchmarks;
+
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+
+import com.amazon.corretto.crypto.provider.AmazonCorrettoCryptoProvider;
+import org.openjdk.jmh.annotations.Benchmark;
+import org.openjdk.jmh.annotations.Param;
+import org.openjdk.jmh.annotations.Scope;
+import org.openjdk.jmh.annotations.Setup;
+import org.openjdk.jmh.annotations.State;
+
+@State(Scope.Benchmark)
+public class KeyGenEd {
+
+    @Param({AmazonCorrettoCryptoProvider.PROVIDER_NAME, "BC", "SunEC"})
+    public String provider;
+
+    private KeyPairGenerator kpg;
+
+    @Setup
+    public void setup() throws Exception {
+        BenchmarkUtils.setupProvider(provider);
+        kpg = KeyPairGenerator.getInstance("Ed25519", provider);
+    }
+
+    @Benchmark
+    public KeyPair generate() {
+        return kpg.generateKeyPair();
+    }
+}

benchmarks/lib/src/jmh/java/com/amazon/corretto/crypto/provider/benchmarks/SignatureBase.java

@@ -16,15 +16,18 @@ public class SignatureBase {
   protected byte[] signature;
 
   protected void setup(
-      String provider,
-      String keyAlg,
-      AlgorithmParameterSpec keyParams,
-      String sigAlg,
-      AlgorithmParameterSpec sigParams)
-      throws Exception {
+          String provider,
+          String keyAlg,
+          AlgorithmParameterSpec keyParams,
+          String sigAlg,
+          AlgorithmParameterSpec sigParams)
+          throws Exception {
     BenchmarkUtils.setupProvider(provider);
     final KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyAlg, provider);
-    kpg.initialize(keyParams);
+    // Ed25519 in ACCP doesn't currently support initialization
+    if (!keyAlg.equals("Ed25519")) {
+      kpg.initialize(keyParams);
+    }
     keyPair = kpg.generateKeyPair();
     signer = Signature.getInstance(sigAlg, provider);
     verifier = Signature.getInstance(sigAlg, provider);
@@ -38,7 +41,9 @@ protected void setup(
     signer.update(message);
     signature = signer.sign();
     verifier.update(message);
-    assert verifier.verify(signature);
+    if (!verifier.verify(signature)) {
+      throw new RuntimeException("Verification failed in setup.");
+    }
   }
 
   protected byte[] sign() throws Exception {
@@ -50,4 +55,4 @@ protected boolean verify() throws Exception {
     verifier.update(message);
     return verifier.verify(signature);
   }
-}
+}

benchmarks/lib/src/jmh/java/com/amazon/corretto/crypto/provider/benchmarks/SignatureEd.java

@@ -0,0 +1,33 @@
+// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+package com.amazon.corretto.crypto.provider.benchmarks;
+
+import com.amazon.corretto.crypto.provider.AmazonCorrettoCryptoProvider;
+import org.openjdk.jmh.annotations.Benchmark;
+import org.openjdk.jmh.annotations.Param;
+import org.openjdk.jmh.annotations.Scope;
+import org.openjdk.jmh.annotations.Setup;
+import org.openjdk.jmh.annotations.State;
+import org.openjdk.jmh.annotations.Fork;
+import org.openjdk.jmh.annotations.Threads;
+
+@State(Scope.Benchmark)
+public class SignatureEd extends SignatureBase {
+    @Param({AmazonCorrettoCryptoProvider.PROVIDER_NAME, "BC", "SunEC"})
+    public String provider;
+
+    @Setup
+    public void setup() throws Exception {
+        super.setup(provider, "Ed25519", null, "Ed25519", null);
+    }
+
+    @Benchmark
+    public byte[] sign() throws Exception {
+        return super.sign();
+    }
+
+    @Benchmark
+    public boolean verify() throws Exception {
+        return super.verify();
+    }
+}

build.gradle

@@ -13,12 +13,19 @@ plugins {
 }
 
 group = 'software.amazon.cryptools'
-version = '2.4.1'
-ext.isFips = Boolean.getBoolean('FIPS')
-if (ext.isFips) {
-    ext.awsLcGitVersionId = 'AWS-LC-FIPS-2.0.13'
+version = '2.5.0'
+ext.isExperimentalFips = Boolean.getBoolean('EXPERIMENTAL_FIPS')
+if (ext.isExperimentalFips) {
+    ext.isFips = true
 } else {
-    ext.awsLcGitVersionId = 'v1.33.0'
+    ext.isFips = Boolean.getBoolean('FIPS')
+}
+
+if (ext.isExperimentalFips || !ext.isFips) {
+    // Experimental FIPS uses the same AWS-LC version as non-FIPS builds.
+    ext.awsLcGitVersionId = 'v1.36.0'
+} else {
+    ext.awsLcGitVersionId = 'AWS-LC-FIPS-2.0.15'
 }
 
 // Check for user inputted git version ID.
@@ -239,9 +246,11 @@ task buildAwsLc {
                 args "-DCMAKE_INSTALL_PREFIX=${sharedObjectOutDir}"
                 args "-DCMAKE_VERBOSE_MAKEFILE:BOOL=ON"
 
+
                 if (isFips) {
                     args '-DFIPS=1'
                 }
+
                 args '.'
             }
         }
@@ -324,6 +333,9 @@ task executeCmake(type: Exec) {
     if (isFips) {
         args "-DFIPS=ON"
     }
+    if (isExperimentalFips) {
+        args '-DEXPERIMENTAL_FIPS=ON'
+    }
 
     if (prebuiltJar != null) {
        args '-DSIGNED_JAR=' + prebuiltJar
@@ -375,7 +387,7 @@ task build(overwrite:true) {
                 alias: jcecertAlias,
                 jar: "${buildDir}/cmake/AmazonCorrettoCryptoProvider.jar",
                 destDir: "${buildDir}/lib",
-                storepass: jcecertPassword,
+                storepass: "${System.env.KEYSTORE_PASSWORD}" ,
                 keystore: "${project.gradle.gradleUserHomeDir}/${jcecertJks}",
                 tsaurl: "http://timestamp.digicert.com"
             )
@@ -519,6 +531,9 @@ task coverage_cmake(type: Exec) {
     if (isFips) {
         args "-DFIPS=ON"
     }
+    if (isExperimentalFips) {
+        args '-DEXPERIMENTAL_FIPS=ON'
+    }
 
     if (System.properties['JAVA_HOME'] != null) {
         args '-DJAVA_HOME=' + System.properties['JAVA_HOME']
@@ -675,14 +690,14 @@ task fakePublish {
                 ant.signjar(
                     alias: jcecertAlias,
                     jar: "${destinationDir}/${newPrefix}-osx-x86_64.jar",
-                    storepass: jcecertPassword,
+                    storepass: "${System.env.KEYSTORE_PASSWORD}",
                     keystore: "${project.gradle.gradleUserHomeDir}/${jcecertJks}",
                     tsaurl: "http://timestamp.digicert.com"
                 )
                 ant.signjar(
                     alias: jcecertAlias,
                     jar: "${destinationDir}/${newPrefix}-osx-aarch_64.jar",
-                    storepass: jcecertPassword,
+                    storepass: "${System.env.KEYSTORE_PASSWORD}",
                     keystore: "${project.gradle.gradleUserHomeDir}/${jcecertJks}",
                     tsaurl: "http://timestamp.digicert.com"
                 )
@@ -691,14 +706,14 @@ task fakePublish {
             ant.signjar(
                 alias: jcecertAlias,
                 jar: "${destinationDir}/${newPrefix}-linux-aarch_64.jar",
-                storepass: jcecertPassword,
+                storepass: "${System.env.KEYSTORE_PASSWORD}" ,
                 keystore: "${project.gradle.gradleUserHomeDir}/${jcecertJks}",
                 tsaurl: "http://timestamp.digicert.com"
             )
             ant.signjar(
                 alias: jcecertAlias,
                 jar: "${destinationDir}/${newPrefix}-linux-x86_64.jar",
-                storepass: jcecertPassword,
+                storepass: "${System.env.KEYSTORE_PASSWORD}",
                 keystore: "${project.gradle.gradleUserHomeDir}/${jcecertJks}",
                 tsaurl: "http://timestamp.digicert.com"
             )
@@ -708,7 +723,7 @@ task fakePublish {
 
 }
 
-if (project.hasProperty('mavenUser') && project.hasProperty('jcecertAlias')) {
+if (project.hasProperty('jcecertAlias')) {
     publishing {
         publications {
             mavenJava(MavenPublication) {