Skip to content

Commit 8c69699

Browse files
committed
JCE: throw correct IllegalArgumentException from WolfCryptRandom.engineGenerateSeed(), add HashDRBG aliases Hash_DRBG and DRBG
1 parent 3bf3309 commit 8c69699

File tree

7 files changed

+121
-10
lines changed

7 files changed

+121
-10
lines changed

README_JCE.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -99,7 +99,7 @@ The JCE provider currently supports the following algorithms:
9999

100100
SecureRandom Class
101101
DEFAULT (maps to HashDRBG)
102-
HashDRBG
102+
HashDRBG (aliased also as: Hash_DRBG, DRBG)
103103

104104
Cipher Class
105105
AES/CBC/NoPadding

jni/include/com_wolfssl_wolfcrypt_Rng.h

Lines changed: 8 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

jni/jni_rng.c

Lines changed: 25 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -132,12 +132,17 @@ JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_rngGenerateBlock__Ljava_ni
132132

133133
buffer = getDirectBufferAddress(env, buffer_buffer);
134134

135-
ret = (!rng || !buffer)
136-
? BAD_FUNC_ARG
137-
: wc_RNG_GenerateBlock(rng, buffer + position, size);
135+
if (rng == NULL || buffer == NULL) {
136+
ret = BAD_FUNC_ARG;
137+
}
138138

139-
if (ret != 0)
139+
if (ret == 0) {
140+
ret = wc_RNG_GenerateBlock(rng, buffer + position, size);
141+
}
142+
143+
if (ret != 0) {
140144
throwWolfCryptExceptionFromError(env, ret);
145+
}
141146

142147
LogStr("wc_RNG_GenerateBlock(rng=%p, buffer, size) = %d\n", rng, ret);
143148
LogStr("output[%u]: [%p]\n", (word32)size, buffer);
@@ -164,11 +169,17 @@ JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_rngGenerateBlock___3BII(
164169

165170
buffer = getByteArray(env, buffer_buffer);
166171

167-
ret = (!rng || !buffer)
168-
? BAD_FUNC_ARG
169-
: wc_RNG_GenerateBlock(rng, buffer + offset, length);
170-
if (ret != 0)
172+
if (rng == NULL || buffer == NULL) {
173+
ret = BAD_FUNC_ARG;
174+
}
175+
176+
if (ret == 0) {
177+
ret = wc_RNG_GenerateBlock(rng, buffer + offset, length);
178+
}
179+
180+
if (ret != 0) {
171181
throwWolfCryptExceptionFromError(env, ret);
182+
}
172183

173184
LogStr("wc_RNG_GenerateBlock(rng=%p, buffer, length) = %d\n", rng, ret);
174185
LogStr("output[%u]: [%p]\n", (word32)length, buffer);
@@ -180,3 +191,9 @@ JNIEXPORT void JNICALL Java_com_wolfssl_wolfcrypt_Rng_rngGenerateBlock___3BII(
180191
#endif
181192
}
182193

194+
JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_Rng_getRNG_1MAX_1BLOCK_1LEN
195+
(JNIEnv* env, jclass jcl)
196+
{
197+
return RNG_MAX_BLOCK_LEN;
198+
}
199+

src/main/java/com/wolfssl/provider/jce/WolfCryptProvider.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -117,6 +117,10 @@ private void registerServices() {
117117
"com.wolfssl.provider.jce.WolfCryptRandom");
118118
put("SecureRandom.HashDRBG",
119119
"com.wolfssl.provider.jce.WolfCryptRandom");
120+
put("SecureRandom.Hash_DRBG",
121+
"com.wolfssl.provider.jce.WolfCryptRandom");
122+
put("SecureRandom.DRBG",
123+
"com.wolfssl.provider.jce.WolfCryptRandom");
120124

121125
/* Signature */
122126
if (FeatureDetect.Md5Enabled()) {

src/main/java/com/wolfssl/provider/jce/WolfCryptRandom.java

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,18 @@ public WolfCryptRandom() {
5252
}
5353

5454
@Override
55-
protected synchronized byte[] engineGenerateSeed(int numBytes) {
55+
protected synchronized byte[] engineGenerateSeed(int numBytes)
56+
throws IllegalArgumentException {
57+
58+
if (numBytes < 0) {
59+
throw new IllegalArgumentException("numBytes must be non-negative");
60+
}
61+
62+
if (numBytes > Rng.RNG_MAX_BLOCK_LEN) {
63+
throw new IllegalArgumentException(
64+
"numBytes too large. wolfCrypt max is " +
65+
Rng.RNG_MAX_BLOCK_LEN);
66+
}
5667

5768
return rng.generateBlock(numBytes);
5869
}

src/main/java/com/wolfssl/wolfcrypt/Rng.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,10 @@
2828
*/
2929
public class Rng extends NativeStruct {
3030

31+
/* Maximum generate block length for wolfCrypt */
32+
public static int RNG_MAX_BLOCK_LEN =
33+
Rng.getRNG_MAX_BLOCK_LEN();
34+
3135
/**
3236
* Malloc native JNI Rng structure
3337
*
@@ -45,6 +49,7 @@ public class Rng extends NativeStruct {
4549
private native void rngGenerateBlock(ByteBuffer buffer, int offset,
4650
int length);
4751
private native void rngGenerateBlock(byte[] buffer, int offset, int length);
52+
private static native int getRNG_MAX_BLOCK_LEN();
4853

4954
/* Lock to prevent concurrent access to native WC_RNG */
5055
private final Object rngLock = new Object();

src/test/java/com/wolfssl/provider/jce/test/WolfCryptRandomTest.java

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,14 @@ public void testGetRandomFromProvider()
7979
/* DEFAULT */
8080
rand = SecureRandom.getInstance("DEFAULT", "wolfJCE");
8181
assertNotNull(rand);
82+
83+
/* Hash_DRBG alias */
84+
rand = SecureRandom.getInstance("Hash_DRBG", "wolfJCE");
85+
assertNotNull(rand);
86+
87+
/* DRBG alias */
88+
rand = SecureRandom.getInstance("DRBG", "wolfJCE");
89+
assertNotNull(rand);
8290
}
8391

8492
@Test
@@ -279,5 +287,63 @@ public void testSetSeed()
279287
rand.setSeed(seed);
280288
}
281289

290+
@Test
291+
public void testGenerateSeedWithNegativeArgument()
292+
throws NoSuchProviderException, NoSuchAlgorithmException {
293+
294+
SecureRandom rand = SecureRandom.getInstance("HashDRBG", "wolfJCE");
295+
296+
try {
297+
rand.generateSeed(-1);
298+
fail("Expected IllegalArgumentException for negative seed length");
299+
300+
} catch (IllegalArgumentException e) {
301+
/* Expected exception */
302+
}
303+
}
304+
305+
@Test
306+
public void testGenerateSeedWithTooLargeArgument()
307+
throws NoSuchProviderException, NoSuchAlgorithmException {
308+
309+
SecureRandom rand = SecureRandom.getInstance("HashDRBG", "wolfJCE");
310+
311+
/* Get the maximum block length from Rng class */
312+
int maxLen = com.wolfssl.wolfcrypt.Rng.RNG_MAX_BLOCK_LEN;
313+
314+
try {
315+
rand.generateSeed(maxLen + 1);
316+
fail("Expected IllegalArgumentException for too large length");
317+
} catch (IllegalArgumentException e) {
318+
/* Expected exception */
319+
}
320+
}
321+
322+
@Test
323+
public void testGenerateSeedWithValidMaxArgument()
324+
throws NoSuchProviderException, NoSuchAlgorithmException {
325+
326+
SecureRandom rand = SecureRandom.getInstance("HashDRBG", "wolfJCE");
327+
328+
/* Get the maximum block length from Rng class */
329+
int maxLen = com.wolfssl.wolfcrypt.Rng.RNG_MAX_BLOCK_LEN;
330+
331+
/* This should succeed */
332+
byte[] seed = rand.generateSeed(maxLen);
333+
assertNotNull(seed);
334+
assertEquals(maxLen, seed.length);
335+
}
336+
337+
@Test
338+
public void testGenerateSeedWithZeroArgument()
339+
throws NoSuchProviderException, NoSuchAlgorithmException {
340+
341+
SecureRandom rand = SecureRandom.getInstance("HashDRBG", "wolfJCE");
342+
343+
/* Zero length should be valid */
344+
byte[] seed = rand.generateSeed(0);
345+
assertNotNull(seed);
346+
assertEquals(0, seed.length);
347+
}
282348
}
283349

0 commit comments

Comments
 (0)