1.1.2 릴리즈 개발 시작

.github/workflows/security-and-static-analysis.yml

@@ -2,9 +2,7 @@ name: Security & Static Analysis
 
 on:
   push:
-    branches: [ "master", "feature/*" ]
-  pull_request:
-    branches: [ "master", "feature/*" ]
+    branches: [ "feature/*" ]
   schedule:
     - cron: '30 1 * * 0' # 매주 일요일 01:30 정기검진
 

.gitignore

@@ -47,5 +47,5 @@ bin/
 .vscode/
 
 ### Mac OS ###
-.DS_Store
+.DS_*
 .temp.env

README.md

@@ -58,10 +58,11 @@ Java 측에서 네이티브와 상호 작용할 때, 단순히 JNI(Java Native I
 
 얽힘 라이브러리는 미래에 금융 및 보안 인프라 프로덕션에서 사용할 수 있도록 다음의 TODO를 명확히 하고자 합니다.
 
+- [ ] 폐쇄망 환경 유용한 사용을 위한 Local Hosted 웹 개발
 - [ ] TLS 통신 로직 추가
 - [ ] 복합 검증 작업 준비 및 수행
 - [ ] 커스텀 예외 최적화
-- [ ] JPMS 적용
+- [ ] JPMS 적용 (멀티모듈 내에서도 패키지 모듈화)
   - 안전한 캡슐화와 일관된 호출(또는 사용) 패턴이 완성되면 JPMS를 통해 캡슐화된 패키지를 모듈로서 관리하려고 합니다.
 - [ ] 외부 의존성 최소화
   - 이제 `1.1.0` 릴리즈부턴 `BouncyCastle` 의존성을 최소화하며, 끝내 제거하는 데 성공했습니다. 현재 코드 작성에 필요한 몇 가지 유용한 도구를 제공하는 의존성은 여전히 남아 있지만, 이들도 끝내 최소화될 예정입니다.

README_EN.md

@@ -20,7 +20,7 @@ All designs of EntanglementLib prioritize security for 'military security' and '
 
 EntanglementLib performs all security operations through [Rust-based native](https://github.com/Quant-Off/entlib-native). Native destroys all security weaknesses that can be triggered in the cleaning mechanism of the Garbage Collector (GC) due to `heap` memory allocation. It receives sensitive data from the Java side as `off-heap` to perform tasks, and immediately and safely erases the data of the pointer through the caller or callee pattern.
 
-When interacting with Native from the Java side, simply JNI (Java Native Interface) functions are not used. The core technology is the Linker, FFM API (Foreign Function & Memory API), which is an advanced native call function based on [JEP 389](https://openjdk.org/jeps/389) and [JEP 454](https://openjdk.org/jeps/454) improvements, and on the Native side, it is linked via FFI (Foreign Function Interface) through encapsulated logic.
+When interacting with Native from the Java side, simply JNI (Java Native Interface) nativeComponents are not used. The core technology is the Linker, FFM API (Foreign Function & Memory API), which is an advanced native call nativeComponent based on [JEP 389](https://openjdk.org/jeps/389) and [JEP 454](https://openjdk.org/jeps/454) improvements, and on the Native side, it is linked via FFI (Foreign Function Interface) through encapsulated logic.
 
 > [!TIP]
 > If you are curious about the background and overview of Native, please refer to [here](https://qu4nt.space/projects/entlib-native).
@@ -35,8 +35,8 @@ EntanglementLib is now a multi-module project. The role of each module is divide
 
 | Module          | Function                                                                                                                                  |
 |-----------------|-------------------------------------------------------------------------------------------------------------------------------------------|
-| `security`      | Core security module. Provides logic for interaction with Native and various security functions linked via FFI.                           |
-| `core`          | Provides utility functions managing exceptions, internationalization and asynchronous, chunk operations, strings, and data structures.    |
+| `security`      | Core security module. Provides logic for interaction with Native and various security nativeComponents linked via FFI.                           |
+| `core`          | Provides utility nativeComponents managing exceptions, internationalization and asynchronous, chunk operations, strings, and data structures.    |
 | `annotations`   | Includes annotations for easy code design and improving user's code understanding complexity.                                             |
 
 
@@ -46,7 +46,7 @@ Detailed technical specifications for EntanglementLib are being written.
 
 ## Benchmarking Records
 
-We are performing bridge benchmarking for various operations such as nanosecond delays occurring when calling Rust native functions using FFM API in EntanglementLib. This work is directly related to performance and security, and plays an important role in creating optimal code.
+We are performing bridge benchmarking for various operations such as nanosecond delays occurring when calling Rust native nativeComponents using FFM API in EntanglementLib. This work is directly related to performance and security, and plays an important role in creating optimal code.
 
 Many benchmarking tasks are scheduled in this alpha version. We plan to proceed with this work through JMH (Java Microbenchmark Harness), and we will organize it in a new document as soon as it is completed.
 
@@ -58,10 +58,11 @@ This project is currently `Alpha` version, and is still lacking a lot. We are al
 
 EntanglementLib wants to clarify the following TODOs so that it can be used in financial and security infrastructure production in the future.
 
+- [ ] Develop Local Hosted Web for useful use in closed network environments
 - [ ] Add TLS communication logic
 - [ ] Prepare and perform complex verification tasks
 - [ ] Custom Exception Optimization
-- [ ] Apply JPMS
+- [ ] Apply JPMS (Package modularization within multi-modules)
     - Once secure encapsulation and consistent call (or usage) patterns are completed, we intend to manage encapsulated packages as modules through JPMS.
 - [ ] Minimize external dependencies
     - Now, from the `1.1.0` release, we have minimized `BouncyCastle` dependencies and finally succeeded in removing them. Dependencies that provide some useful tools needed for current code writing still remain, but these will also be minimized eventually.
@@ -81,7 +82,7 @@ EntanglementLib wants to clarify the following TODOs so that it can be used in f
     - In `ChaCha20Poly1305`, `InternalFactory.getSafeRandom()` is used to generate nonce value `Nonce`. If `Nonce` is reused with the same key, the security of `ChaCha20Poly1305` collapses completely.
         - **Resolution**: This problem was also solved with the `entlib-native` native library. Now, `ChaCha20`-based `CSPRNG` is created on the `Rust` side, and used only on the `Rust` side. In other words, all cryptographic operations are now performed only by `Rust`!
 - [X] Writing Technical Specifications for Security Functions
-    - **Resolution**: Important security-related functions of EntanglementLib have been written in a [separate document](TECHNICAL.md).
+    - **Resolution**: Important security-related nativeComponents of EntanglementLib have been written in a [separate document](TECHNICAL.md).
 
 ## License
 

annotations/src/main/java/space/qu4nt/entanglementlib/annotations/CallerResponsibility.java

@@ -24,6 +24,6 @@
      *
      * @return 책임 전가 사유 또는 설명
      */
-    String value() default "";
+    String[] value() default "";
 
 }

annotations/src/main/java/space/qu4nt/entanglementlib/annotations/Only.java

@@ -0,0 +1,9 @@
+package space.qu4nt.entanglementlib.annotations;
+
+import java.lang.annotation.Documented;
+
+@Documented
+public @interface Only {
+
+    String value() default "";
+}

build.gradle.kts

@@ -14,7 +14,7 @@ val quantPublicDir = project.findProperty("quantPublicDir") as? String
 
 val lombokVersion = "org.projectlombok:lombok:1.18.42"
 
-val entLibVersion = "1.1.2-Alpha3"
+val entLibVersion = "1.1.2"
 
 allprojects {
     group = "{$commonGroupId}.entanglementlib"
@@ -45,9 +45,6 @@ subprojects {
         // Logging
         // https://mvnrepository.com/artifact/org.slf4j/slf4j-api
         implementation("org.slf4j:slf4j-api:2.0.17")
-        // bridger
-        // https://mvnrepository.com/artifact/org.slf4j/jul-to-slf4j
-        implementation("org.slf4j:jul-to-slf4j:2.0.17")
         // Logging Provider (Logback)
         // https://mvnrepository.com/artifact/ch.qos.logback/logback-classic
         implementation("ch.qos.logback:logback-classic:1.5.26")

core/build.gradle.kts

@@ -1,6 +1,7 @@
 dependencies {
     implementation(project(":annotations"))
 
+//    Q. T. Felix TODO: 암덩어리 jackson 제거
     // Jackson
     // https://mvnrepository.com/artifact/tools.jackson.core/jackson-databind
     implementation("tools.jackson.core:jackson-databind:3.0.2")

core/src/main/java/space/qu4nt/entanglementlib/core/exception/security/checked/ELIBSecurityUnsafeUsageException.java

@@ -0,0 +1,28 @@
+package space.qu4nt.entanglementlib.core.exception.security.checked;
+
+import java.io.Serial;
+
+public class ELIBSecurityUnsafeUsageException extends ELIBSecurityException {
+
+    @Serial
+    private static final long serialVersionUID = 1672793311305065673L;
+
+    public ELIBSecurityUnsafeUsageException() {
+    }
+
+    public ELIBSecurityUnsafeUsageException(String message) {
+        super(message);
+    }
+
+    public ELIBSecurityUnsafeUsageException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public ELIBSecurityUnsafeUsageException(Throwable cause) {
+        super(cause);
+    }
+
+    public ELIBSecurityUnsafeUsageException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
+        super(message, cause, enableSuppression, writableStackTrace);
+    }
+}

internal-shared-server/build.gradle.kts

@@ -0,0 +1,5 @@
+dependencies {
+    implementation(project(":core"))
+    implementation(project(":security"))
+    implementation(project(":annotations"))
+}

internal-shared-server/src/main/java/space/qu4nt/entanglementlib/iss/ISSRunner.java

@@ -0,0 +1,8 @@
+package space.qu4nt.entanglementlib.iss;
+
+final class ISSRunner {
+
+    static void main(String[] args) {
+
+    }
+}

native-benchmark/src/lib.rs

@@ -1,3 +1,4 @@
+#![cfg(target_arch = "x86_64")]
 use jni::sys::*;
 use std::arch::x86_64::{
     __m256i, _mm256_add_epi32, _mm256_and_si256, _mm256_cmpgt_epi32, _mm256_loadu_si256,

security/src/main/java/space/qu4nt/entanglementlib/security/EntanglementLibSecurityFacade.java

@@ -11,7 +11,7 @@ private EntanglementLibSecurityFacade() {
     }
 
     public static void initialize(@NotNull EntanglementLibSecurityConfig config) {
-        NativeLoader.loadNativeLibrary(config);
+        NativeLoader.loadNativeLibrary(config); // TODO: entlib-native 기본 로더 로직 추가
         HeuristicArenaFactory.setGlobalArenaMode(config.getArenaMode());
     }
 }

security/src/main/java/space/qu4nt/entanglementlib/security/communication/ExternalTLS.java

@@ -0,0 +1,6 @@
+package space.qu4nt.entanglementlib.security.communication;
+
+public class ExternalTLS {
+
+
+}

security/src/main/java/space/qu4nt/entanglementlib/security/crypto/ChaCha20.java

@@ -7,8 +7,8 @@
 import space.qu4nt.entanglementlib.security.data.InternalNativeBridge;
 import space.qu4nt.entanglementlib.security.data.SDCScopeContext;
 import space.qu4nt.entanglementlib.security.data.SensitiveDataContainer;
-import space.qu4nt.entanglementlib.security.entlibnative.EntLibNativeManager;
-import space.qu4nt.entanglementlib.security.entlibnative.Function;
+import space.qu4nt.entanglementlib.security.entlibnative.NativeLinker;
+import space.qu4nt.entanglementlib.security.entlibnative.NativeComponent;
 
 import java.lang.foreign.MemorySegment;
 
@@ -44,8 +44,8 @@ private ChaCha20() {
             }
 
             // Rust FFI 호출 (Callee-allocated Opaque Pointer 반환)
-            MemorySegment rustBufferPtr = (MemorySegment) EntLibNativeManager
-                    .call(Function.ChaCha20_Poly1305_Encrypt)
+            MemorySegment rustBufferPtr = (MemorySegment) NativeLinker
+                    .call(NativeComponent.ChaCha20_Poly1305_Encrypt)
                     .invokeExact(
                             InternalNativeBridge.unwrapMemorySegment(key), (long) InternalNativeBridge.unwrapMemorySegment(key).byteSize(),
                             InternalNativeBridge.unwrapMemorySegment(nonce), (long) InternalNativeBridge.unwrapMemorySegment(nonce).byteSize(),
@@ -57,7 +57,7 @@ private ChaCha20() {
                 throw new ELIBSecurityProcessException("ChaCha20 암호화 실패: 유효하지 않은 입력 길이");
             }
 
-            return EntLibNativeManager.transferNativeBufferBindToContext(
+            return NativeLinker.transferNativeBufferBindToContext(
                     context, rustBufferPtr
             );
         } catch (Throwable t) {
@@ -84,8 +84,8 @@ private ChaCha20() {
                 aadLen = InternalNativeBridge.unwrapMemorySegment(aad).byteSize();
             }
 
-            MemorySegment rustBufferPtr = (MemorySegment) EntLibNativeManager
-                    .call(Function.ChaCha20_Poly1305_Decrypt)
+            MemorySegment rustBufferPtr = (MemorySegment) NativeLinker
+                    .call(NativeComponent.ChaCha20_Poly1305_Decrypt)
                     .invokeExact(
                             InternalNativeBridge.unwrapMemorySegment(key), (long) InternalNativeBridge.unwrapMemorySegment(key).byteSize(),
                             InternalNativeBridge.unwrapMemorySegment(nonce), (long) InternalNativeBridge.unwrapMemorySegment(nonce).byteSize(),
@@ -98,7 +98,7 @@ private ChaCha20() {
                 throw new ELIBSecurityProcessException("ChaCha20 복호화 실패: 무결성 검증(MAC) 실패 또는 유효하지 않은 입력");
             }
 
-            return EntLibNativeManager.transferNativeBufferBindToContext(
+            return NativeLinker.transferNativeBufferBindToContext(
                     context, rustBufferPtr
             );
         } catch (Throwable t) {