Add wolfJCE EC KeyFactory implementation#159
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR implements the EC KeyFactory (KeyFactory.getInstance('EC')) for wolfJCE, enabling conversion of EC keying material between various KeySpec formats using wolfCrypt rather than the SunEC provider. The change addresses compatibility issues when SunJCE is not available, as wolfJCE now provides its own complete EC KeyFactory implementation.
Key changes:
- Added new EC KeyFactory implementation with support for PKCS8EncodedKeySpec, X509EncodedKeySpec, ECPrivateKeySpec, and ECPublicKeySpec conversion
- Extended Ecc native wrapper with curve parameter management and raw key import/export functionality
- Added comprehensive test coverage for the new KeyFactory implementation
Reviewed Changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| src/main/java/com/wolfssl/provider/jce/WolfCryptECKeyFactory.java | Complete EC KeyFactory implementation handling key conversions between various formats |
| src/main/java/com/wolfssl/provider/jce/WolfCryptECPrivateKey.java | EC private key implementation supporting DER encoding and raw parameter extraction |
| src/main/java/com/wolfssl/provider/jce/WolfCryptECPublicKey.java | EC public key implementation supporting X.509 encoding and coordinate extraction |
| src/main/java/com/wolfssl/provider/jce/WolfCryptECParameterSpec.java | Enhanced EC parameter handling with curve name metadata and parameter validation |
| src/main/java/com/wolfssl/wolfcrypt/Ecc.java | Extended native interface with curve parameter access and raw key import/export |
| src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java | Registration of the new EC KeyFactory service |
| jni/jni_ecc.c | Native implementation for curve parameter extraction and raw key operations |
| src/test/java/com/wolfssl/provider/jce/test/WolfCryptECKeyFactoryTest.java | Comprehensive test suite for the EC KeyFactory implementation |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
cconlon
force-pushed
the
ecKeyFactory
branch
from
ba658f2 to
adc3e6c
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 13 out of 13 changed files in this pull request and generated 6 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
src/main/java/com/wolfssl/provider/jce/WolfCryptECKeyFactory.java
Outdated
Show resolved
Hide resolved
src/main/java/com/wolfssl/provider/jce/WolfCryptECKeyFactory.java
Outdated
Show resolved
Hide resolved
cconlon
force-pushed
the
ecKeyFactory
branch
2 times, most recently
from
e686189 to
644dfed
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 28 out of 28 changed files in this pull request and generated 4 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
cconlon
force-pushed
the
ecKeyFactory
branch
from
644dfed to
830ce22
Compare
2 participants
This PR adds our own implementation of EC KeyFactory (
KeyFactory.getInstance('EC')).We were previously using the EC KeyFactory from the SunEC provider, since the class itself was not doing any crypto proper just conversion of keying material. In running the OpenJDK SunJCE tests on top of wolfJCE, we observed some areas of the SunEC implementation that call down to SunJCE. For systems that have removed SunJCE, this is problematic and implementing our own version resolves the issue.
JUnit tests included for testing and regression.