Merge pull request #155 from cconlon/rsaKeyPairGenDefaultParams

rlm2002 · web-flow · commit 34d52b70fd4c · 2025-09-10T16:30:12.000-06:00
Default RSA KeyPairGenerator params, null AlgorithmParameters for non-PSS, RSA exponent sanitization
diff --git a/src/main/java/com/wolfssl/provider/jce/WolfCryptKeyPairGenerator.java b/src/main/java/com/wolfssl/provider/jce/WolfCryptKeyPairGenerator.java
@@ -83,6 +83,20 @@ private WolfCryptKeyPairGenerator(KeyType type) {
 
         this.type = type;
 
+        /* Set default parameters for RSA key generation */
+        if (type == KeyType.WC_RSA) {
+            this.keysize = 2048;  /* Default RSA key size */
+            this.publicExponent = Rsa.getDefaultRsaExponent();
+
+            /* Initialize RNG for default key generation */
+            synchronized (rngLock) {
+                if (this.rng == null) {
+                    this.rng = new Rng();
+                    this.rng.init();
+                }
+            }
+        }
+
         if (WolfCryptDebug.DEBUG) {
             algString = typeToString(type);
         }
@@ -142,8 +156,13 @@ public synchronized void initialize(AlgorithmParameterSpec params,
                 RSAKeyGenParameterSpec rsaSpec = (RSAKeyGenParameterSpec)params;
                 this.keysize = rsaSpec.getKeysize();
 
-                this.publicExponent =
-                    rsaSpec.getPublicExponent().longValue();
+                /* Exponent should be larger than 1 and odd */
+                long exp = rsaSpec.getPublicExponent().longValue();
+                if ((exp <= 1) || (exp % 2 == 0)) {
+                    throw new InvalidAlgorithmParameterException(
+                        "RSA public exponent must be positive and odd" );
+                }
+                this.publicExponent = exp;
 
                 /* Double check longValue() converted correctly. Some platforms
                  * do not have longValueExact() */
diff --git a/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java b/src/main/java/com/wolfssl/provider/jce/WolfCryptSignature.java
@@ -534,41 +534,50 @@ protected synchronized void engineSetParameter(
         AlgorithmParameterSpec params)
         throws InvalidAlgorithmParameterException {
 
-        if (this.paddingType != PaddingType.WC_RSA_PSS) {
-            throw new InvalidAlgorithmParameterException(
-                "Parameters only supported for RSA-PSS");
-        }
-
-        if (!(params instanceof PSSParameterSpec)) {
-            throw new InvalidAlgorithmParameterException(
-                "Only PSSParameterSpec supported");
-        }
+        /* For RSA-PSS signatures, parameters are required */
+        if (this.paddingType == PaddingType.WC_RSA_PSS) {
+            if (!(params instanceof PSSParameterSpec)) {
+                throw new InvalidAlgorithmParameterException(
+                    "Only PSSParameterSpec supported for RSA-PSS");
+            }
 
-        PSSParameterSpec pss = (PSSParameterSpec)params;
-        validatePSSParameters(pss);
-        this.pssParams = pss;
+            PSSParameterSpec pss = (PSSParameterSpec)params;
+            validatePSSParameters(pss);
+            this.pssParams = pss;
 
-        /* For RSASSA-PSS, (re)initialize digest based on parameters */
-        String hashAlg = pss.getDigestAlgorithm();
-        DigestType newDigestType = javaNameToDigestType(hashAlg);
+            /* For RSASSA-PSS, (re)initialize digest based on parameters */
+            String hashAlg = pss.getDigestAlgorithm();
+            DigestType newDigestType = javaNameToDigestType(hashAlg);
 
-        /* Check if digest type has changed or needs initialization */
-        if (this.digestType == null || this.digestType != newDigestType) {
-            this.digestType = newDigestType;
+            /* Check if digest type has changed or needs initialization */
+            if (this.digestType == null || this.digestType != newDigestType) {
+                this.digestType = newDigestType;
 
-            try {
-                /* (re)initialize with the new digest type */
-                init(this.keyType, this.digestType, this.paddingType);
+                try {
+                    /* (re)initialize with the new digest type */
+                    init(this.keyType, this.digestType, this.paddingType);
 
-                /* Initialize hash object for existing key if already set */
-                if ((this.rsa != null || this.ecc != null)) {
-                    initHashObject();
+                    /* Initialize hash object for existing key if already set */
+                    if ((this.rsa != null || this.ecc != null)) {
+                        initHashObject();
+                    }
+                } catch (NoSuchAlgorithmException e) {
+                    throw new InvalidAlgorithmParameterException(
+                        "Failed to initialize with digest: " + hashAlg, e);
                 }
-            } catch (NoSuchAlgorithmException e) {
-                throw new InvalidAlgorithmParameterException(
-                    "Failed to initialize with digest: " + hashAlg, e);
             }
+            return;
         }
+
+        /* For non-PSS signatures, allow null parameters (ignore) */
+        if (params == null) {
+            return;
+        }
+
+        /* For non-PSS signatures, reject any non-null parameters */
+        throw new InvalidAlgorithmParameterException(
+            "Parameters not supported for " +
+            keyTypeToString(this.keyType) + " with PKCS#1 v1.5 padding");
     }
 
     @Override
diff --git a/src/test/java/com/wolfssl/provider/jce/test/WolfCryptKeyPairGeneratorTest.java b/src/test/java/com/wolfssl/provider/jce/test/WolfCryptKeyPairGeneratorTest.java
@@ -49,6 +49,8 @@
 import java.security.spec.ECGenParameterSpec;
 import java.security.spec.X509EncodedKeySpec;
 import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
 
 import com.wolfssl.wolfcrypt.Rsa;
 import com.wolfssl.wolfcrypt.Ecc;
@@ -556,6 +558,40 @@ public void testKeyPairGeneratorDhMultipleKeyGen()
         assertNotNull(kp2);
     }
 
+    @Test
+    public void testKeyPairGeneratorRsaDefaultKeySize()
+        throws NoSuchProviderException, NoSuchAlgorithmException {
+
+        /* Test that RSA KeyPairGenerator works with default parameters
+         * without explicit initialization */
+        KeyPairGenerator kpg =
+            KeyPairGenerator.getInstance("RSA", "wolfJCE");
+
+        /* Generate key pair without calling initialize() first */
+        KeyPair kp = kpg.generateKeyPair();
+        assertNotNull(kp);
+        assertNotNull(kp.getPublic());
+        assertNotNull(kp.getPrivate());
+
+        /* Verify the generated key is RSA and has expected default size */
+        assertTrue(kp.getPublic() instanceof RSAPublicKey);
+        assertTrue(kp.getPrivate() instanceof RSAPrivateKey);
+
+        RSAPublicKey pubKey = (RSAPublicKey) kp.getPublic();
+        RSAPrivateKey privKey = (RSAPrivateKey) kp.getPrivate();
+
+        /* Default key size should be 2048 bits */
+        assertEquals("Default RSA key size should be 2048 bits",
+                     2048, pubKey.getModulus().bitLength());
+        assertEquals("Private key modulus should match public key",
+                     pubKey.getModulus(), privKey.getModulus());
+
+        /* Verify the default public exponent */
+        assertEquals("Default RSA public exponent should match wolfSSL default",
+                     BigInteger.valueOf(Rsa.getDefaultRsaExponent()),
+                     pubKey.getPublicExponent());
+    }
+
     @Test
     public void testKeyPairGeneratorRsassaPssKeyGeneration()
         throws NoSuchProviderException, NoSuchAlgorithmException,
@@ -596,5 +632,59 @@ public void testKeyPairGeneratorRsassaPssKeyGeneration()
             }
         }
     }
+
+    @Test
+    public void testKeyPairGenerationInvalidExponent()
+        throws NoSuchProviderException, NoSuchAlgorithmException,
+               InvalidAlgorithmParameterException {
+
+        if (testedRSAKeySizes.size() > 0) {
+
+            KeyPairGenerator kpg =
+                KeyPairGenerator.getInstance("RSA", "wolfJCE");
+
+            /* Negative exponent */
+            try {
+                RSAKeyGenParameterSpec rsaSpec =
+                    new RSAKeyGenParameterSpec(testedRSAKeySizes.get(0),
+                            BigInteger.valueOf(-1));
+                kpg.initialize(rsaSpec);
+                fail("KeyPairGenerator.initialize() should throw " +
+                     "InvalidAlgorithmParameterException when given " +
+                     "invalid negative RSA public exponent");
+
+            } catch (InvalidAlgorithmParameterException e) {
+                /* expected */
+            }
+
+            /* Zero exponent */
+            try {
+                RSAKeyGenParameterSpec rsaSpec =
+                    new RSAKeyGenParameterSpec(testedRSAKeySizes.get(0),
+                            BigInteger.valueOf(0));
+                kpg.initialize(rsaSpec);
+                fail("KeyPairGenerator.initialize() should throw " +
+                     "InvalidAlgorithmParameterException when given " +
+                     "invalid RSA public exponent of zero");
+
+            } catch (InvalidAlgorithmParameterException e) {
+                /* expected */
+            }
+
+            /* Even exponent */
+            try {
+                RSAKeyGenParameterSpec rsaSpec =
+                    new RSAKeyGenParameterSpec(testedRSAKeySizes.get(0),
+                            BigInteger.valueOf(4));
+                kpg.initialize(rsaSpec);
+                fail("KeyPairGenerator.initialize() should throw " +
+                     "InvalidAlgorithmParameterException when given " +
+                     "invalid even RSA public exponent");
+
+            } catch (InvalidAlgorithmParameterException e) {
+                /* expected */
+            }
+        }
+    }
 }
 
diff --git a/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java b/src/test/java/com/wolfssl/provider/jce/test/WolfCryptSignatureTest.java
@@ -1929,5 +1929,119 @@ private void testRsaPssZeroSalt()
 
         assertTrue("RSA-PSS verification failed with zero salt", verified);
     }
+
+    @Test
+    public void testNonPssSignatureNullParameters()
+        throws NoSuchProviderException, NoSuchAlgorithmException,
+               SignatureException, InvalidKeyException,
+               InvalidAlgorithmParameterException {
+
+        /* Test that non-PSS signatures accept null parameters */
+        String message = "Testing null parameters for non-PSS signatures";
+        byte[] messageBytes = message.getBytes();
+
+        for (String algo : enabledAlgos) {
+            if (algo.contains("PSS")) {
+                continue; /* Skip PSS algorithms */
+            }
+
+            /* Generate appropriate key pair */
+            KeyPair pair = generateKeyPair(algo, secureRandom);
+            assertNotNull("Key pair should not be null for " + algo, pair);
+
+            PrivateKey priv = pair.getPrivate();
+            PublicKey  pub  = pair.getPublic();
+
+            /* Create signature instances */
+            Signature signer = Signature.getInstance(algo, "wolfJCE");
+            Signature verifier = Signature.getInstance(algo, "wolfJCE");
+
+            assertNotNull("Signer should not be null for " + algo, signer);
+            assertNotNull("Verifier should not be null for " + algo, verifier);
+
+            /* Test setting null parameters - should not throw exception */
+            try {
+                signer.setParameter(null);
+                verifier.setParameter(null);
+            } catch (InvalidAlgorithmParameterException e) {
+                fail("Should not throw exception when setting null " +
+                    "parameters for non-PSS algorithm: " + algo +
+                    ". Error: " + e.getMessage());
+            }
+
+            /* Test that signature still works after setting null parameters */
+            signer.initSign(priv);
+            signer.update(messageBytes);
+            byte[] signature = signer.sign();
+
+            assertNotNull("Signature should not be null for " + algo +
+                " with null parameters", signature);
+            assertTrue("Signature should have non-zero length for " + algo +
+                " with null parameters", signature.length > 0);
+
+            /* Verify signature */
+            verifier.initVerify(pub);
+            verifier.update(messageBytes);
+            boolean verified = verifier.verify(signature);
+
+            assertTrue("Signature verification should succeed for " + algo +
+                " with null parameters", verified);
+        }
+    }
+
+    @Test
+    public void testNonPssSignatureRejectsNonNullParameters()
+        throws NoSuchProviderException, NoSuchAlgorithmException,
+               SignatureException, InvalidKeyException,
+               InvalidAlgorithmParameterException {
+
+        /* Test that non-PSS signatures reject non-null parameters */
+        for (String algo : enabledAlgos) {
+            if (algo.contains("PSS")) {
+                continue; /* Skip PSS algorithms */
+            }
+
+            /* Only test a algo subset to get coverage */
+            if (!algo.equals("SHA256withRSA") &&
+                !algo.equals("SHA256withECDSA")) {
+                continue;
+            }
+
+            /* Generate appropriate key pair */
+            KeyPair pair = generateKeyPair(algo, secureRandom);
+            assertNotNull("Key pair should not be null for " + algo, pair);
+
+            /* Create signature instance */
+            Signature signer = Signature.getInstance(algo, "wolfJCE");
+            assertNotNull("Signer should not be null for " + algo, signer);
+
+            /* Test setting PSS parameters on non-PSS algorithm should fail */
+            java.security.spec.PSSParameterSpec pssSpec =
+                new java.security.spec.PSSParameterSpec("SHA-256", "MGF1",
+                    java.security.spec.MGF1ParameterSpec.SHA256, 32, 1);
+
+            try {
+                signer.setParameter(pssSpec);
+                fail("Should have thrown InvalidAlgorithmParameterException " +
+                    "when setting PSS parameters on non-PSS algorithm: " +
+                    algo);
+            } catch (InvalidAlgorithmParameterException e) {
+                /* Expected */
+            }
+
+            /* Test setting some other non-null parameter object should fail */
+            java.security.spec.ECGenParameterSpec ecSpec =
+                new java.security.spec.ECGenParameterSpec("secp256r1");
+
+            try {
+                signer.setParameter(ecSpec);
+                fail("Should have thrown InvalidAlgorithmParameterException " +
+                    "when setting non-null parameters on non-PSS algorithm: " +
+                    algo);
+            } catch (InvalidAlgorithmParameterException e) {
+                /* Expected */
+            }
+        }
+    }
 }
 
