JCE: set default RSA KeyPairGenerator key size and params if not explicitly set

cconlon · cconlon · commit 466f30494247 · 2025-09-09T12:13:22.000-06:00
diff --git a/src/main/java/com/wolfssl/provider/jce/WolfCryptKeyPairGenerator.java b/src/main/java/com/wolfssl/provider/jce/WolfCryptKeyPairGenerator.java
@@ -83,6 +83,20 @@ private WolfCryptKeyPairGenerator(KeyType type) {
 
         this.type = type;
 
+        /* Set default parameters for RSA key generation */
+        if (type == KeyType.WC_RSA) {
+            this.keysize = 2048;  /* Default RSA key size */
+            this.publicExponent = Rsa.getDefaultRsaExponent();
+
+            /* Initialize RNG for default key generation */
+            synchronized (rngLock) {
+                if (this.rng == null) {
+                    this.rng = new Rng();
+                    this.rng.init();
+                }
+            }
+        }
+
         if (WolfCryptDebug.DEBUG) {
             algString = typeToString(type);
         }
diff --git a/src/test/java/com/wolfssl/provider/jce/test/WolfCryptKeyPairGeneratorTest.java b/src/test/java/com/wolfssl/provider/jce/test/WolfCryptKeyPairGeneratorTest.java
@@ -49,6 +49,8 @@
 import java.security.spec.ECGenParameterSpec;
 import java.security.spec.X509EncodedKeySpec;
 import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
 
 import com.wolfssl.wolfcrypt.Rsa;
 import com.wolfssl.wolfcrypt.Ecc;
@@ -556,6 +558,40 @@ public void testKeyPairGeneratorDhMultipleKeyGen()
         assertNotNull(kp2);
     }
 
+    @Test
+    public void testKeyPairGeneratorRsaDefaultKeySize()
+        throws NoSuchProviderException, NoSuchAlgorithmException {
+
+        /* Test that RSA KeyPairGenerator works with default parameters
+         * without explicit initialization */
+        KeyPairGenerator kpg =
+            KeyPairGenerator.getInstance("RSA", "wolfJCE");
+
+        /* Generate key pair without calling initialize() first */
+        KeyPair kp = kpg.generateKeyPair();
+        assertNotNull(kp);
+        assertNotNull(kp.getPublic());
+        assertNotNull(kp.getPrivate());
+
+        /* Verify the generated key is RSA and has expected default size */
+        assertTrue(kp.getPublic() instanceof RSAPublicKey);
+        assertTrue(kp.getPrivate() instanceof RSAPrivateKey);
+
+        RSAPublicKey pubKey = (RSAPublicKey) kp.getPublic();
+        RSAPrivateKey privKey = (RSAPrivateKey) kp.getPrivate();
+
+        /* Default key size should be 2048 bits */
+        assertEquals("Default RSA key size should be 2048 bits",
+                     2048, pubKey.getModulus().bitLength());
+        assertEquals("Private key modulus should match public key",
+                     pubKey.getModulus(), privKey.getModulus());
+
+        /* Verify the default public exponent */
+        assertEquals("Default RSA public exponent should match wolfSSL default",
+                     BigInteger.valueOf(Rsa.getDefaultRsaExponent()),
+                     pubKey.getPublicExponent());
+    }
+
     @Test
     public void testKeyPairGeneratorRsassaPssKeyGeneration()
         throws NoSuchProviderException, NoSuchAlgorithmException,
