diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2CipherConstantTimeTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2CipherConstantTimeTest.java index 34c9cc07..9445c606 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2CipherConstantTimeTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2CipherConstantTimeTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -82,7 +82,7 @@ private static KeyPair keyPair(BigInteger priKeyValue) { @State(Scope.Thread) public static class CipherHolder { - @Param({"KonaCrypto", "BC"}) + @Param({"KonaCrypto", "KonaCrypto-Native", "BC"}) String provider; @Param({"Small", "Mid", "Big"}) diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2CipherPerfTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2CipherPerfTest.java index c465e165..12de4e86 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2CipherPerfTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2CipherPerfTest.java @@ -21,26 +21,13 @@ import com.tencent.kona.crypto.TestUtils; import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.openjdk.jmh.annotations.Benchmark; -import org.openjdk.jmh.annotations.BenchmarkMode; -import org.openjdk.jmh.annotations.Fork; -import org.openjdk.jmh.annotations.Level; -import org.openjdk.jmh.annotations.Measurement; -import org.openjdk.jmh.annotations.Mode; -import org.openjdk.jmh.annotations.OutputTimeUnit; -import org.openjdk.jmh.annotations.Scope; -import org.openjdk.jmh.annotations.Setup; -import org.openjdk.jmh.annotations.State; -import org.openjdk.jmh.annotations.Threads; -import org.openjdk.jmh.annotations.Warmup; +import org.openjdk.jmh.annotations.*; import javax.crypto.Cipher; import java.security.KeyPair; import java.security.Security; import java.util.concurrent.TimeUnit; -import static com.tencent.kona.crypto.TestUtils.PROVIDER; - /** * The JMH-based performance test for SM2 decryption. */ @@ -71,7 +58,19 @@ public static class EncrypterHolder { @Setup(Level.Trial) public void setup() throws Exception { - encrypter = Cipher.getInstance("SM2", PROVIDER); + encrypter = Cipher.getInstance("SM2", "KonaCrypto"); + encrypter.init(Cipher.ENCRYPT_MODE, KEY_PAIR.getPublic()); + } + } + + @State(Scope.Benchmark) + public static class EncrypterHolderNative { + + Cipher encrypter; + + @Setup(Level.Trial) + public void setup() throws Exception { + encrypter = Cipher.getInstance("SM2", "KonaCrypto-Native"); encrypter.init(Cipher.ENCRYPT_MODE, KEY_PAIR.getPublic()); } } @@ -97,12 +96,32 @@ public static class DecrypterHolder { @Setup(Level.Trial) public void setup() throws Exception { ciphertext = ciphertext(); - decrypter = Cipher.getInstance("SM2", PROVIDER); + decrypter = Cipher.getInstance("SM2", "KonaCrypto"); + decrypter.init(Cipher.DECRYPT_MODE, KEY_PAIR.getPrivate()); + } + + private byte[] ciphertext() throws Exception { + Cipher cipher = Cipher.getInstance("SM2", "KonaCrypto"); + cipher.init(Cipher.ENCRYPT_MODE, KEY_PAIR.getPublic()); + return cipher.doFinal(MESSAGE); + } + } + + @State(Scope.Benchmark) + public static class DecrypterHolderNative { + + byte[] ciphertext; + Cipher decrypter; + + @Setup(Level.Trial) + public void setup() throws Exception { + ciphertext = ciphertext(); + decrypter = Cipher.getInstance("SM2", "KonaCrypto-Native"); decrypter.init(Cipher.DECRYPT_MODE, KEY_PAIR.getPrivate()); } private byte[] ciphertext() throws Exception { - Cipher cipher = Cipher.getInstance("SM2", PROVIDER); + Cipher cipher = Cipher.getInstance("SM2", "KonaCrypto-Native"); cipher.init(Cipher.ENCRYPT_MODE, KEY_PAIR.getPublic()); return cipher.doFinal(MESSAGE); } @@ -133,6 +152,11 @@ public byte[] encrypt(EncrypterHolder holder) throws Exception { return holder.encrypter.doFinal(MESSAGE); } + @Benchmark + public byte[] encryptNative(EncrypterHolderNative holder) throws Exception { + return holder.encrypter.doFinal(MESSAGE); + } + @Benchmark public byte[] encryptBC(EncrypterHolderBC holder) throws Exception { return holder.encrypter.doFinal(MESSAGE); @@ -143,6 +167,11 @@ public byte[] decrypt(DecrypterHolder holder) throws Exception { return holder.decrypter.doFinal(holder.ciphertext); } + @Benchmark + public byte[] decryptNative(DecrypterHolderNative holder) throws Exception { + return holder.decrypter.doFinal(holder.ciphertext); + } + @Benchmark public byte[] decryptBC(DecrypterHolderBC holder) throws Exception { return holder.decrypter.doFinal(holder.ciphertext); diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2KeyAgreementPerfTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2KeyAgreementPerfTest.java index 007571d7..c9b0ba63 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2KeyAgreementPerfTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2KeyAgreementPerfTest.java @@ -56,7 +56,6 @@ import java.util.concurrent.TimeUnit; import static com.tencent.kona.crypto.CryptoUtils.toBytes; -import static com.tencent.kona.crypto.TestUtils.PROVIDER; import static com.tencent.kona.crypto.spec.SM2ParameterSpec.COFACTOR; import static com.tencent.kona.crypto.spec.SM2ParameterSpec.CURVE; import static com.tencent.kona.crypto.spec.SM2ParameterSpec.GENERATOR; @@ -113,7 +112,28 @@ public void setup() throws Exception { new SM2PublicKey(toBytes(PEER_PUB_KEY)), true, 16); - keyAgreement = KeyAgreement.getInstance("SM2", PROVIDER); + keyAgreement = KeyAgreement.getInstance("SM2", "KonaCrypto"); + keyAgreement.init( + new SM2PrivateKey(toBytes(TMP_PRI_KEY)), paramSpec); + } + } + + @State(Scope.Benchmark) + public static class KeyAgreementNativeHolder { + + KeyAgreement keyAgreement; + + @Setup(Level.Invocation) + public void setup() throws Exception { + SM2KeyAgreementParamSpec paramSpec = new SM2KeyAgreementParamSpec( + toBytes(ID), + new SM2PrivateKey(toBytes(PRI_KEY)), + new SM2PublicKey(toBytes(PUB_KEY)), + toBytes(PEER_ID), + new SM2PublicKey(toBytes(PEER_PUB_KEY)), + true, + 16); + keyAgreement = KeyAgreement.getInstance("SM2", "KonaCrypto-Native"); keyAgreement.init( new SM2PrivateKey(toBytes(TMP_PRI_KEY)), paramSpec); } @@ -173,6 +193,12 @@ public byte[] generateSecret(KeyAgreementHolder holder) throws InvalidKeyExcepti return holder.keyAgreement.generateSecret(); } + @Benchmark + public byte[] generateSecretNative(KeyAgreementNativeHolder holder) throws InvalidKeyException { + holder.keyAgreement.doPhase(new SM2PublicKey(toBytes(PEER_TMP_PUB_KEY)), true); + return holder.keyAgreement.generateSecret(); + } + @Benchmark public byte[] generateSecretBC(KeyAgreementHolderBC holder) { return holder.keyAgreement.calculateKey(128, holder.params); diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2KeyPairGenPerfTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2KeyPairGenPerfTest.java index 07bbea49..bf9a9bd3 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2KeyPairGenPerfTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2KeyPairGenPerfTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -39,8 +39,6 @@ import java.security.spec.ECGenParameterSpec; import java.util.concurrent.TimeUnit; -import static com.tencent.kona.crypto.TestUtils.PROVIDER; - /** * The JMH-based performance test for SM2 key pair generation. */ @@ -64,7 +62,18 @@ public static class KeyPairGenHolder { @Setup public void setup() throws Exception { - keyPairGenerator = KeyPairGenerator.getInstance("SM2", PROVIDER); + keyPairGenerator = KeyPairGenerator.getInstance("SM2", "KonaCrypto"); + } + } + + @State(Scope.Benchmark) + public static class KeyPairGenHolderNative { + + KeyPairGenerator keyPairGenerator; + + @Setup + public void setup() throws Exception { + keyPairGenerator = KeyPairGenerator.getInstance("SM2", "KonaCrypto-Native"); } } @@ -85,6 +94,11 @@ public KeyPair genKeyPair(KeyPairGenHolder holder) { return holder.keyPairGenerator.generateKeyPair(); } + @Benchmark + public KeyPair genKeyPairNative(KeyPairGenHolderNative holder) { + return holder.keyPairGenerator.generateKeyPair(); + } + @Benchmark public KeyPair genKeyPairBC(KeyPairGenHolderBC holder) { return holder.keyPairGenerator.generateKeyPair(); diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignatureConstantTimeTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignatureConstantTimeTest.java index 0fec02a8..adf2a4a6 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignatureConstantTimeTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignatureConstantTimeTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -89,7 +89,7 @@ private static KeyPair keyPair(BigInteger priKeyValue) { @State(Scope.Thread) public static class SignerHolder { - @Param({"KonaCrypto", "BC"}) + @Param({"KonaCrypto", "KonaCrypto-Native", "BC"}) String provider; @Param({"Small", "Mid", "Big"}) diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignaturePerfTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignaturePerfTest.java index 9458a6c2..c068288d 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignaturePerfTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignaturePerfTest.java @@ -43,7 +43,6 @@ import java.security.interfaces.ECPublicKey; import java.util.concurrent.TimeUnit; -import static com.tencent.kona.crypto.TestUtils.PROVIDER; import static com.tencent.kona.crypto.CryptoUtils.toBytes; /** @@ -77,7 +76,21 @@ public static class SignerHolder { @Setup(Level.Trial) public void setup() throws Exception { - signer = Signature.getInstance("SM2", PROVIDER); + signer = Signature.getInstance("SM2", "KonaCrypto"); + signer.setParameter(new SM2SignatureParameterSpec( + ID, (ECPublicKey) KEY_PAIR.getPublic())); + signer.initSign(KEY_PAIR.getPrivate()); + } + } + + @State(Scope.Benchmark) + public static class SignerHolderNative { + + Signature signer; + + @Setup(Level.Trial) + public void setup() throws Exception { + signer = Signature.getInstance("SM2", "KonaCrypto-Native"); signer.setParameter(new SM2SignatureParameterSpec( ID, (ECPublicKey) KEY_PAIR.getPublic())); signer.initSign(KEY_PAIR.getPrivate()); @@ -108,14 +121,40 @@ public static class VerifierHolder { public void setup() throws Exception { signature = signature(); - verifier = Signature.getInstance("SM2", PROVIDER); + verifier = Signature.getInstance("SM2", "KonaCrypto"); verifier.setParameter(new SM2SignatureParameterSpec( ID, (ECPublicKey) KEY_PAIR.getPublic())); verifier.initVerify(KEY_PAIR.getPublic()); } private byte[] signature() throws Exception { - Signature signer = Signature.getInstance("SM2", PROVIDER); + Signature signer = Signature.getInstance("SM2", "KonaCrypto"); + signer.setParameter(new SM2SignatureParameterSpec( + ID, (ECPublicKey) KEY_PAIR.getPublic())); + signer.initSign(KEY_PAIR.getPrivate()); + signer.update(MESSAGE); + return signer.sign(); + } + } + + @State(Scope.Benchmark) + public static class VerifierHolderNative { + + byte[] signature; + Signature verifier; + + @Setup(Level.Trial) + public void setup() throws Exception { + signature = signature(); + + verifier = Signature.getInstance("SM2", "KonaCrypto-Native"); + verifier.setParameter(new SM2SignatureParameterSpec( + ID, (ECPublicKey) KEY_PAIR.getPublic())); + verifier.initVerify(KEY_PAIR.getPublic()); + } + + private byte[] signature() throws Exception { + Signature signer = Signature.getInstance("SM2", "KonaCrypto-Native"); signer.setParameter(new SM2SignatureParameterSpec( ID, (ECPublicKey) KEY_PAIR.getPublic())); signer.initSign(KEY_PAIR.getPrivate()); @@ -155,6 +194,12 @@ public byte[] sign(SignerHolder holder) throws Exception { return holder.signer.sign(); } + @Benchmark + public byte[] signNative(SignerHolderNative holder) throws Exception { + holder.signer.update(MESSAGE); + return holder.signer.sign(); + } + @Benchmark public byte[] signBC(SignerHolderBC holder) throws Exception { holder.signer.update(MESSAGE); @@ -167,6 +212,12 @@ public boolean verify(VerifierHolder holder) throws Exception { return holder.verifier.verify(holder.signature); } + @Benchmark + public boolean verifyNative(VerifierHolderNative holder) throws Exception { + holder.verifier.update(MESSAGE); + return holder.verifier.verify(holder.signature); + } + @Benchmark public boolean verifyBC(VerifierHolderBC holder) throws Exception { holder.verifier.update(MESSAGE); diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM3HMacPerfTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM3HMacPerfTest.java index ccb2e50d..96d0a749 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM3HMacPerfTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM3HMacPerfTest.java @@ -41,7 +41,6 @@ import java.security.Security; import java.util.concurrent.TimeUnit; -import static com.tencent.kona.crypto.TestUtils.PROVIDER; import static com.tencent.kona.crypto.CryptoUtils.toBytes; /** @@ -71,7 +70,19 @@ public static class MacHolder { @Setup(Level.Trial) public void setup() throws Exception { - mac = Mac.getInstance("HmacSM3", PROVIDER); + mac = Mac.getInstance("HmacSM3", "KonaCrypto"); + mac.init(SECRET_KEY); + } + } + + @State(Scope.Benchmark) + public static class MacHolderNative { + + Mac mac; + + @Setup(Level.Trial) + public void setup() throws Exception { + mac = Mac.getInstance("HmacSM3", "KonaCrypto-Native"); mac.init(SECRET_KEY); } } @@ -93,6 +104,11 @@ public byte[] mac(MacHolder holder) throws Exception { return holder.mac.doFinal(MESSAGE); } + @Benchmark + public byte[] macNative(MacHolderNative holder) throws Exception { + return holder.mac.doFinal(MESSAGE); + } + @Benchmark public byte[] macBC(MacHolderBC holder) throws Exception { return holder.mac.doFinal(MESSAGE); diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM3MessageDigestPerfTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM3MessageDigestPerfTest.java index 9da1c75f..a20bbc64 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM3MessageDigestPerfTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM3MessageDigestPerfTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,8 +38,6 @@ import java.security.Security; import java.util.concurrent.TimeUnit; -import static com.tencent.kona.crypto.TestUtils.PROVIDER; - /** * The JMH-based performance test for SM3 message digest. */ @@ -65,7 +63,18 @@ public static class MessageDigestHolder { @Setup(Level.Trial) public void setup() throws Exception { - md = MessageDigest.getInstance("SM3", PROVIDER); + md = MessageDigest.getInstance("SM3", "KonaCrypto"); + } + } + + @State(Scope.Benchmark) + public static class MessageDigestHolderNative { + + MessageDigest md; + + @Setup(Level.Trial) + public void setup() throws Exception { + md = MessageDigest.getInstance("SM3", "KonaCrypto-Native"); } } @@ -85,6 +94,11 @@ public byte[] digest(MessageDigestHolder holder) { return holder.md.digest(MESSAGE); } + @Benchmark + public byte[] digestNative(MessageDigestHolderNative holder) { + return holder.md.digest(MESSAGE); + } + @Benchmark public byte[] digestBC(MessageDigestHolderBC holder) { return holder.md.digest(MESSAGE); diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4ConstantTimeTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4ConstantTimeTest.java index a2427b48..fb4057f8 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4ConstantTimeTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4ConstantTimeTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -69,7 +69,7 @@ public class SM4ConstantTimeTest { @State(Scope.Benchmark) public static class CipherHolder { - @Param({"KonaCrypto", "BC"}) + @Param({"KonaCrypto", "KonaCrypto-Native", "BC"}) String provider; @Param({"Small", "Mid", "Big"}) diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4DecrypterPerfTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4DecrypterPerfTest.java index 7fd79c96..89ce1f38 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4DecrypterPerfTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4DecrypterPerfTest.java @@ -44,7 +44,6 @@ import java.security.Security; import java.util.concurrent.TimeUnit; -import static com.tencent.kona.crypto.TestUtils.PROVIDER; import static com.tencent.kona.crypto.CryptoUtils.toBytes; /** @@ -96,50 +95,121 @@ public void setup() throws Exception { } private void setupCiphertexts() throws Exception { - Cipher cipher = Cipher.getInstance("SM4/CBC/PKCS7Padding", PROVIDER); + Cipher cipher = Cipher.getInstance("SM4/CBC/PKCS7Padding", "KonaCrypto"); cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); ciphertextCBCPadding = cipher.doFinal(MESSAGE); - cipher = Cipher.getInstance("SM4/CBC/NoPadding", PROVIDER); + cipher = Cipher.getInstance("SM4/CBC/NoPadding", "KonaCrypto"); cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); ciphertextCBCNoPadding = cipher.doFinal(MESSAGE); - cipher = Cipher.getInstance("SM4/ECB/NoPadding", PROVIDER); + cipher = Cipher.getInstance("SM4/ECB/NoPadding", "KonaCrypto"); cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY); ciphertextECBNoPadding = cipher.doFinal(MESSAGE); - cipher = Cipher.getInstance("SM4/CTR/NoPadding", PROVIDER); + cipher = Cipher.getInstance("SM4/CTR/NoPadding", "KonaCrypto"); cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); ciphertextCTRNoPadding = cipher.doFinal(MESSAGE); - cipher = Cipher.getInstance("SM4/GCM/NoPadding", PROVIDER); + cipher = Cipher.getInstance("SM4/GCM/NoPadding", "KonaCrypto"); cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY, GCM_PARAM_SPEC); ciphertextGCMNoPadding = cipher.doFinal(MESSAGE); } private void setupDecrypters() throws Exception { decrypterCBCPadding = Cipher.getInstance( - "SM4/CBC/PKCS7Padding", PROVIDER); + "SM4/CBC/PKCS7Padding", "KonaCrypto"); decrypterCBCPadding.init( Cipher.DECRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); decrypterCBCNoPadding = Cipher.getInstance( - "SM4/CBC/NoPadding", PROVIDER); + "SM4/CBC/NoPadding", "KonaCrypto"); decrypterCBCNoPadding.init( Cipher.DECRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); decrypterECBNoPadding = Cipher.getInstance( - "SM4/ECB/NoPadding", PROVIDER); + "SM4/ECB/NoPadding", "KonaCrypto"); decrypterECBNoPadding.init( Cipher.DECRYPT_MODE, SECRET_KEY); decrypterCTRNoPadding = Cipher.getInstance( - "SM4/CTR/NoPadding", PROVIDER); + "SM4/CTR/NoPadding", "KonaCrypto"); decrypterCTRNoPadding.init( Cipher.DECRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); decrypterGCMNoPadding = Cipher.getInstance( - "SM4/GCM/NoPadding", PROVIDER); + "SM4/GCM/NoPadding", "KonaCrypto"); + decrypterGCMNoPadding.init( + Cipher.DECRYPT_MODE, SECRET_KEY, GCM_PARAM_SPEC); + } + } + + @State(Scope.Benchmark) + public static class DecrypterHolderNative { + + byte[] ciphertextCBCPadding; + byte[] ciphertextCBCNoPadding; + byte[] ciphertextCTRNoPadding; + byte[] ciphertextECBNoPadding; + byte[] ciphertextGCMNoPadding; + + Cipher decrypterCBCPadding; + Cipher decrypterCBCNoPadding; + Cipher decrypterECBNoPadding; + Cipher decrypterCTRNoPadding; + Cipher decrypterGCMNoPadding; + + @Setup(Level.Invocation) + public void setup() throws Exception { + setupCiphertexts(); + setupDecrypters(); + } + + private void setupCiphertexts() throws Exception { + Cipher cipher = Cipher.getInstance("SM4/CBC/PKCS7Padding", "KonaCrypto-Native"); + cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + ciphertextCBCPadding = cipher.doFinal(MESSAGE); + + cipher = Cipher.getInstance("SM4/CBC/NoPadding", "KonaCrypto-Native"); + cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + ciphertextCBCNoPadding = cipher.doFinal(MESSAGE); + + cipher = Cipher.getInstance("SM4/ECB/NoPadding", "KonaCrypto-Native"); + cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY); + ciphertextECBNoPadding = cipher.doFinal(MESSAGE); + + cipher = Cipher.getInstance("SM4/CTR/NoPadding", "KonaCrypto-Native"); + cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + ciphertextCTRNoPadding = cipher.doFinal(MESSAGE); + + cipher = Cipher.getInstance("SM4/GCM/NoPadding", "KonaCrypto-Native"); + cipher.init(Cipher.ENCRYPT_MODE, SECRET_KEY, GCM_PARAM_SPEC); + ciphertextGCMNoPadding = cipher.doFinal(MESSAGE); + } + + private void setupDecrypters() throws Exception { + decrypterCBCPadding = Cipher.getInstance( + "SM4/CBC/PKCS7Padding", "KonaCrypto-Native"); + decrypterCBCPadding.init( + Cipher.DECRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + + decrypterCBCNoPadding = Cipher.getInstance( + "SM4/CBC/NoPadding", "KonaCrypto-Native"); + decrypterCBCNoPadding.init( + Cipher.DECRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + + decrypterECBNoPadding = Cipher.getInstance( + "SM4/ECB/NoPadding", "KonaCrypto-Native"); + decrypterECBNoPadding.init( + Cipher.DECRYPT_MODE, SECRET_KEY); + + decrypterCTRNoPadding = Cipher.getInstance( + "SM4/CTR/NoPadding", "KonaCrypto-Native"); + decrypterCTRNoPadding.init( + Cipher.DECRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + + decrypterGCMNoPadding = Cipher.getInstance( + "SM4/GCM/NoPadding", "KonaCrypto-Native"); decrypterGCMNoPadding.init( Cipher.DECRYPT_MODE, SECRET_KEY, GCM_PARAM_SPEC); } diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4EncrypterPerfTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4EncrypterPerfTest.java index 9a0071de..b1bbe29d 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4EncrypterPerfTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM4EncrypterPerfTest.java @@ -44,7 +44,6 @@ import java.security.Security; import java.util.concurrent.TimeUnit; -import static com.tencent.kona.crypto.TestUtils.PROVIDER; import static com.tencent.kona.crypto.CryptoUtils.toBytes; /** @@ -85,27 +84,64 @@ public static class EncrypterHolder { @Setup(Level.Invocation) public void setup() throws Exception { encrypterCBCPadding = Cipher.getInstance( - "SM4/CBC/PKCS7Padding", PROVIDER); + "SM4/CBC/PKCS7Padding", "KonaCrypto"); encrypterCBCPadding.init( Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); encrypterCBCNoPadding = Cipher.getInstance( - "SM4/CBC/NoPadding", PROVIDER); + "SM4/CBC/NoPadding", "KonaCrypto"); encrypterCBCNoPadding.init( Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); encrypterECBNoPadding = Cipher.getInstance( - "SM4/ECB/NoPadding", PROVIDER); + "SM4/ECB/NoPadding", "KonaCrypto"); encrypterECBNoPadding.init( Cipher.ENCRYPT_MODE, SECRET_KEY); encrypterCTRNoPadding = Cipher.getInstance( - "SM4/CTR/NoPadding", PROVIDER); + "SM4/CTR/NoPadding", "KonaCrypto"); encrypterCTRNoPadding.init( Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); encrypterGCMNoPadding = Cipher.getInstance( - "SM4/GCM/NoPadding", PROVIDER); + "SM4/GCM/NoPadding", "KonaCrypto"); + encrypterGCMNoPadding.init( + Cipher.ENCRYPT_MODE, SECRET_KEY, GCM_PARAM_SPEC); + } + } + + @State(Scope.Benchmark) + public static class EncrypterHolderNative { + Cipher encrypterCBCPadding; + Cipher encrypterCBCNoPadding; + Cipher encrypterECBNoPadding; + Cipher encrypterCTRNoPadding; + Cipher encrypterGCMNoPadding; + + @Setup(Level.Invocation) + public void setup() throws Exception { + encrypterCBCPadding = Cipher.getInstance( + "SM4/CBC/PKCS7Padding", "KonaCrypto-Native"); + encrypterCBCPadding.init( + Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + + encrypterCBCNoPadding = Cipher.getInstance( + "SM4/CBC/NoPadding", "KonaCrypto-Native"); + encrypterCBCNoPadding.init( + Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + + encrypterECBNoPadding = Cipher.getInstance( + "SM4/ECB/NoPadding", "KonaCrypto-Native"); + encrypterECBNoPadding.init( + Cipher.ENCRYPT_MODE, SECRET_KEY); + + encrypterCTRNoPadding = Cipher.getInstance( + "SM4/CTR/NoPadding", "KonaCrypto-Native"); + encrypterCTRNoPadding.init( + Cipher.ENCRYPT_MODE, SECRET_KEY, IV_PARAM_SPEC); + + encrypterGCMNoPadding = Cipher.getInstance( + "SM4/GCM/NoPadding", "KonaCrypto-Native"); encrypterGCMNoPadding.init( Cipher.ENCRYPT_MODE, SECRET_KEY, GCM_PARAM_SPEC); } diff --git a/kona-crypto/src/main/java/com/tencent/kona/crypto/CryptoInsts.java b/kona-crypto/src/main/java/com/tencent/kona/crypto/CryptoInsts.java index cb3420a3..2128c96a 100644 --- a/kona-crypto/src/main/java/com/tencent/kona/crypto/CryptoInsts.java +++ b/kona-crypto/src/main/java/com/tencent/kona/crypto/CryptoInsts.java @@ -33,7 +33,7 @@ public class CryptoInsts { - static final Provider PROV = CryptoUtils.useNativeCrypto() + public static final Provider PROV = CryptoUtils.useNativeCrypto() ? KonaCryptoNativeProvider.instance() : KonaCryptoProvider.instance(); diff --git a/kona-crypto/src/test/java/com/tencent/kona/crypto/KonaCryptoProviderTest.java b/kona-crypto/src/test/java/com/tencent/kona/crypto/KonaCryptoProviderTest.java index bf420694..6e4964ef 100644 --- a/kona-crypto/src/test/java/com/tencent/kona/crypto/KonaCryptoProviderTest.java +++ b/kona-crypto/src/test/java/com/tencent/kona/crypto/KonaCryptoProviderTest.java @@ -34,6 +34,6 @@ public static void setup() { @Test public void testAddProvider() { - Assertions.assertNotNull(Security.getProvider(KonaCryptoProvider.NAME)); + Assertions.assertNotNull(Security.getProvider(TestUtils.PROVIDER.getName())); } } diff --git a/kona-crypto/src/test/java/com/tencent/kona/crypto/TestUtils.java b/kona-crypto/src/test/java/com/tencent/kona/crypto/TestUtils.java index d45e9842..9a6922e1 100644 --- a/kona-crypto/src/test/java/com/tencent/kona/crypto/TestUtils.java +++ b/kona-crypto/src/test/java/com/tencent/kona/crypto/TestUtils.java @@ -45,7 +45,13 @@ public class TestUtils { public static final byte[] EMPTY = new byte[0]; public static void addProviders() { - Security.addProvider(new KonaCryptoProvider()); + if (PROVIDER instanceof KonaCryptoProvider) { + Security.addProvider(KonaCryptoProvider.instance()); + Security.addProvider(KonaCryptoNativeProvider.instance()); + } else { + Security.addProvider(KonaCryptoNativeProvider.instance()); + Security.addProvider(KonaCryptoProvider.instance()); + } } public static void repeatTaskParallelly(Callable task, int count) diff --git a/kona-pkix/src/test/java/com/tencent/kona/pkix/TestUtils.java b/kona-pkix/src/test/java/com/tencent/kona/pkix/TestUtils.java index 2d13006f..5064a82d 100644 --- a/kona-pkix/src/test/java/com/tencent/kona/pkix/TestUtils.java +++ b/kona-pkix/src/test/java/com/tencent/kona/pkix/TestUtils.java @@ -91,8 +91,8 @@ public class TestUtils { "--add-exports", "java.base/jdk.internal.access=ALL-UNNAMED"); public static void addProviders() { - Security.addProvider(new KonaCryptoProvider()); - Security.addProvider(new KonaPKIXProvider()); + Security.addProvider(CryptoInsts.PROV); + Security.addProvider(KonaPKIXProvider.instance()); } public static Path resFilePath(String resource) { diff --git a/kona-pkix/src/test/java/com/tencent/kona/pkix/demo/PKIDemo.java b/kona-pkix/src/test/java/com/tencent/kona/pkix/demo/PKIDemo.java index 39b97eec..ff08508c 100644 --- a/kona-pkix/src/test/java/com/tencent/kona/pkix/demo/PKIDemo.java +++ b/kona-pkix/src/test/java/com/tencent/kona/pkix/demo/PKIDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.pkix.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.pkix.TestUtils; import org.junit.jupiter.api.Test; @@ -287,7 +288,7 @@ private static X509Certificate loadCert(String certPEM) throws Exception { private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-pkix/src/test/java/com/tencent/kona/pkix/demo/SignatureDemo.java b/kona-pkix/src/test/java/com/tencent/kona/pkix/demo/SignatureDemo.java index 95bb68fa..67ebc53f 100644 --- a/kona-pkix/src/test/java/com/tencent/kona/pkix/demo/SignatureDemo.java +++ b/kona-pkix/src/test/java/com/tencent/kona/pkix/demo/SignatureDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.pkix.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.pkix.PKIXUtils; import com.tencent.kona.pkix.TestUtils; import org.junit.jupiter.api.Assertions; @@ -107,13 +108,13 @@ public static void setup() { @Test public void testSignature() throws Exception { PrivateKey privateKey = privateKey(KEY); - Signature signer = Signature.getInstance("SM3withSM2", "KonaCrypto"); + Signature signer = Signature.getInstance("SM3withSM2", CryptoInsts.PROV); signer.initSign(privateKey); signer.update(DATA); byte[] sign = signer.sign(); Certificate certificate = certificate(CERT); - Signature verifier = Signature.getInstance("SM3withSM2", "KonaCrypto"); + Signature verifier = Signature.getInstance("SM3withSM2", CryptoInsts.PROV); verifier.initVerify(certificate); verifier.update(DATA); boolean verified = verifier.verify(sign); @@ -126,7 +127,7 @@ private static PrivateKey privateKey(String pkcs8PEM) PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(removeBELines(pkcs8PEM))); KeyFactory keyFactory = KeyFactory.getInstance( - "EC", "KonaCrypto"); + "EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } @@ -147,13 +148,13 @@ private static Certificate certificate(String certPEM) @Test public void testSignatureWithCustomAPI() throws Exception { PrivateKey privateKey = PKIXUtils.getPrivateKey("EC", KEY); - Signature signer = Signature.getInstance("SM3withSM2", "KonaCrypto"); + Signature signer = Signature.getInstance("SM3withSM2", CryptoInsts.PROV); signer.initSign(privateKey); signer.update(DATA); byte[] sign = signer.sign(); Certificate certificate = PKIXUtils.getCertificate(CERT); - Signature verifier = Signature.getInstance("SM3withSM2", "KonaCrypto"); + Signature verifier = Signature.getInstance("SM3withSM2", CryptoInsts.PROV); verifier.initVerify(certificate); verifier.update(DATA); Assertions.assertTrue(verifier.verify(sign)); diff --git a/kona-pkix/src/test/java/com/tencent/kona/pkix/provider/KeyFactoryTest.java b/kona-pkix/src/test/java/com/tencent/kona/pkix/provider/KeyFactoryTest.java index b3505dfc..0a45a099 100644 --- a/kona-pkix/src/test/java/com/tencent/kona/pkix/provider/KeyFactoryTest.java +++ b/kona-pkix/src/test/java/com/tencent/kona/pkix/provider/KeyFactoryTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.pkix.provider; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.sun.security.x509.X509Key; import com.tencent.kona.pkix.TestUtils; import org.junit.jupiter.api.Assertions; @@ -55,7 +56,7 @@ public void testGetKeySpecs() throws Exception { X509Certificate x509Cert = TestUtils.certAsFile("ca-sm2sm2.crt"); PublicKey publicKey = x509Cert.getPublicKey(); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); ECPublicKeySpec publicKeySpec = keyFactory.getKeySpec( publicKey, ECPublicKeySpec.class); @@ -81,7 +82,7 @@ public void testGeneratePublicKey() throws Exception { X509Certificate x509Cert = TestUtils.certAsFile("ca-sm2sm2.crt"); ECPublicKey publicKey = (ECPublicKey) x509Cert.getPublicKey(); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); ECPublicKeySpec ecPublicKeySpec = keyFactory.getKeySpec( publicKey, ECPublicKeySpec.class); @@ -152,7 +153,7 @@ private void testGenerateRSAPrivateKey(RSAPrivateKey privateKey) private void testGenerateECPrivateKey(ECPrivateKey privateKey) throws Exception { - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); ECPrivateKeySpec ecPrivateKeySpec = keyFactory.getKeySpec( privateKey, ECPrivateKeySpec.class); diff --git a/kona-provider/src/test/java/com/tencent/kona/TestUtils.java b/kona-provider/src/test/java/com/tencent/kona/TestUtils.java index fb30c1e5..da7c9cf2 100644 --- a/kona-provider/src/test/java/com/tencent/kona/TestUtils.java +++ b/kona-provider/src/test/java/com/tencent/kona/TestUtils.java @@ -26,6 +26,6 @@ public class TestUtils { public static final String PROVIDER = KonaProvider.NAME; public static void addProviders() { - Security.addProvider(new KonaProvider()); + Security.addProvider(KonaProvider.instance()); } } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/TestUtils.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/TestUtils.java index 1f15e4cd..b4b4a4a3 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/TestUtils.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/TestUtils.java @@ -94,9 +94,9 @@ public static void enableDebug() { } public static void addProviders() { - Security.addProvider(new KonaCryptoProvider()); - Security.addProvider(new KonaPKIXProvider()); - Security.addProvider(new KonaSSLProvider()); + Security.addProvider(CryptoInsts.PROV); + Security.addProvider(KonaPKIXProvider.instance()); + Security.addProvider(KonaSSLProvider.instance()); } public static Path resFilePath(String resource) { diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithGRPCDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithGRPCDemo.java index 4f38a278..5074ee5f 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithGRPCDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithGRPCDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2023, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import io.grpc.Channel; @@ -345,7 +346,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithJettyDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithJettyDemo.java index 5e4a89c7..a0f63ed2 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithJettyDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithJettyDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import org.eclipse.jetty.client.HttpClient; @@ -364,7 +365,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithNettyDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithNettyDemo.java index 52ffb556..b0a1bc97 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithNettyDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithNettyDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import io.netty.bootstrap.Bootstrap; @@ -433,7 +434,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithTomcatDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithTomcatDemo.java index 49f37599..8a8bcb6b 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithTomcatDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithTomcatDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2023, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import org.apache.catalina.Context; @@ -392,7 +393,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithoutCertValidationDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithoutCertValidationDemo.java index ddea1f5a..77bc87e7 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithoutCertValidationDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLCPWithoutCertValidationDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import org.apache.http.client.methods.CloseableHttpResponse; @@ -328,7 +329,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithGRPCDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithGRPCDemo.java index bd358561..6514279c 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithGRPCDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithGRPCDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2023, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import io.grpc.Channel; @@ -277,7 +278,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithJettyDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithJettyDemo.java index 9d14ba7c..eff09e52 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithJettyDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithJettyDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import org.eclipse.jetty.client.HttpClient; @@ -297,7 +298,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithOkHttpDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithOkHttpDemo.java index 581af4a1..599dfa7d 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithOkHttpDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithOkHttpDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import okhttp3.ConnectionSpec; @@ -314,7 +315,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithTomcatDemo.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithTomcatDemo.java index 8952a080..ae463de9 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithTomcatDemo.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/demo/TLSWithTomcatDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2023, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.demo; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import com.tencent.kona.sun.security.x509.SMCertificate; import org.apache.catalina.Context; @@ -320,7 +321,7 @@ private static X509Certificate loadCert(String certPEM, String id) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/interop/Utilities.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/interop/Utilities.java index 2589dabd..97debac8 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/interop/Utilities.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/interop/Utilities.java @@ -23,6 +23,7 @@ package com.tencent.kona.ssl.interop; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.pkix.PKIXUtils; import com.tencent.kona.ssl.SSLInsts; @@ -211,7 +212,7 @@ public static KeyStore createKeyStore( // JDK uses different provider for EC and RSA. private static String cryptoProvider(String provider, Cert cert) { if (!"SUN".equalsIgnoreCase(provider)) { - return "KonaCrypto"; + return CryptoInsts.PROV.getName(); } if("RSA".equalsIgnoreCase(cert.keyAlgo.name)) { diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/peers/TLCPNettyClient.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/peers/TLCPNettyClient.java index ba4fef86..ea03184b 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/peers/TLCPNettyClient.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/peers/TLCPNettyClient.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.peers; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.crypto.KonaCryptoProvider; import com.tencent.kona.pkix.KonaPKIXProvider; import com.tencent.kona.ssl.KonaSSLProvider; @@ -245,7 +246,7 @@ private static X509Certificate loadCert(String certPEM) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/peers/TLCPNettyServer.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/peers/TLCPNettyServer.java index 05b3f809..57e515f8 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/peers/TLCPNettyServer.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/peers/TLCPNettyServer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,6 +19,7 @@ package com.tencent.kona.ssl.peers; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.crypto.KonaCryptoProvider; import com.tencent.kona.pkix.KonaPKIXProvider; import com.tencent.kona.ssl.KonaSSLProvider; @@ -244,7 +245,7 @@ private static X509Certificate loadCert(String certPEM) private static PrivateKey loadPrivateKey(String keyPEM) throws Exception { PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(keyPEM)); - KeyFactory keyFactory = KeyFactory.getInstance("EC", "KonaCrypto"); + KeyFactory keyFactory = KeyFactory.getInstance("EC", CryptoInsts.PROV); return keyFactory.generatePrivate(privateKeySpec); } diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/tlcp/SSLEngineTest.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/tlcp/SSLEngineTest.java index 7a4c4caa..45eba479 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/tlcp/SSLEngineTest.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/tlcp/SSLEngineTest.java @@ -26,6 +26,7 @@ package com.tencent.kona.ssl.tlcp; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; @@ -153,7 +154,7 @@ public static SSLContext createSSLContext( PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(endEntityCerts[i].privKeyStr)); KeyFactory kf = KeyFactory.getInstance( - endEntityCerts[i].keyAlgo, "KonaCrypto"); + endEntityCerts[i].keyAlgo, CryptoInsts.PROV); PrivateKey priKey = kf.generatePrivate(priKeySpec); // generate certificate chain diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/tlcp/SSLSocketTest.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/tlcp/SSLSocketTest.java index 88bf8c0a..d3a31927 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/tlcp/SSLSocketTest.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/tlcp/SSLSocketTest.java @@ -36,6 +36,7 @@ package com.tencent.kona.ssl.tlcp; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; @@ -439,7 +440,7 @@ public static SSLContext createSSLContext( PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(endEntityCerts[i].privKeyStr)); KeyFactory kf = KeyFactory.getInstance( - endEntityCerts[i].keyAlgo, "KonaCrypto"); + endEntityCerts[i].keyAlgo, CryptoInsts.PROV); PrivateKey priKey = kf.generatePrivate(priKeySpec); // generate certificate chain diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/tls/SSLSocketOnTLS12Test.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/tls/SSLSocketOnTLS12Test.java index 2f01ae4e..f6b42bef 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/tls/SSLSocketOnTLS12Test.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/tls/SSLSocketOnTLS12Test.java @@ -36,6 +36,7 @@ package com.tencent.kona.ssl.tls; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; @@ -438,7 +439,7 @@ public static SSLContext createSSLContext( PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(endEntityCerts[i].privKeyStr)); KeyFactory kf = KeyFactory.getInstance( - endEntityCerts[i].keyAlgo, "KonaCrypto"); + endEntityCerts[i].keyAlgo, CryptoInsts.PROV); PrivateKey priKey = kf.generatePrivate(priKeySpec); // generate certificate chain diff --git a/kona-ssl/src/test/java/com/tencent/kona/ssl/tls/SSLSocketOnTLS13Test.java b/kona-ssl/src/test/java/com/tencent/kona/ssl/tls/SSLSocketOnTLS13Test.java index 41739472..c4611d49 100644 --- a/kona-ssl/src/test/java/com/tencent/kona/ssl/tls/SSLSocketOnTLS13Test.java +++ b/kona-ssl/src/test/java/com/tencent/kona/ssl/tls/SSLSocketOnTLS13Test.java @@ -36,6 +36,7 @@ package com.tencent.kona.ssl.tls; +import com.tencent.kona.crypto.CryptoInsts; import com.tencent.kona.ssl.TestUtils; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; @@ -438,7 +439,7 @@ public static SSLContext createSSLContext( PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( Base64.getMimeDecoder().decode(endEntityCerts[i].privKeyStr)); KeyFactory kf = KeyFactory.getInstance( - endEntityCerts[i].keyAlgo, "KonaCrypto"); + endEntityCerts[i].keyAlgo, CryptoInsts.PROV); PrivateKey priKey = kf.generatePrivate(priKeySpec); // generate certificate chain