Design review: JEP 273: DRBG-Based SecureRandom Implementations

Wang Weijun weijun.wang at oracle.com
Thu Nov 19 13:41:41 UTC 2015 

> On Nov 18, 2015, at 9:32 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
> 
> The getInstance methods can now take a SecureRandomParameterSpec object (rather than an AlgorithmParameterSpec). They should throw InvalidAlgorithmParameterException (not IllegalArgumentException) if the parameters are null or not the right type to be consistent with other Spi classes.
> 
> You will also need to add a protected (or public?) constructor to SecureRandomSpi that takes a SecureRandomParameterSpec parameter. CertStoreSpi is a good example to follow.

Cool. This is what a JCA engine should look like.

So I create a new method like this

public static SecureRandom getInstance(
        String algorithm, SecureRandomParameterSpec spec)
        throws NoSuchAlgorithmException, InvalidParameterSpecException {
    Instance instance = GetInstance.getInstance("SecureRandom",
            SecureRandomSpi.class, algorithm, spec);
    SecureRandomSpi spi = (SecureRandomSpi)instance.impl;
    SecureRandom r = new SecureRandom(spi, instance.provider, algorithm);
    return r;
}

However, I cannot get it working, and I found difficulties understanding the EngineDescription inner class inside Provider.java.

1. For each engine that can take an extra parameter (not provider) in getInstance(), it is always named XyzParameters, not an AlgorithmParameterSpec.

2. For each of these, if you have getInstance(alg, params), there is no getInstance(alg). Obviously, for SecureRandom we need to have both.

3. Not sure what EngineDescription.supportsParameter means. Seems only useful for those needing a key.

So, it seems I'll have to write the method like

public static SecureRandom getInstance(
        String algorithm, SecureRandomParameterSpec spec)
        throws NoSuchAlgorithmException, InvalidParameterSpecException {
    Instance instance = GetInstance.getInstance("SecureRandom",
            SecureRandomSpi.class, algorithm);
    SecureRandomSpi spi = (SecureRandomSpi)instance.iml;
    spi.engineConfigure(spec);
    SecureRandom r = new SecureRandom(spi, instance.provider, algorithm);
    return r;
}

which means although configure() is not in SecureRandom, it still must be in SecureRandomSpi, and there won't be a SecureRandomSpi constructor that takes a SecureRandomParameterSpec parameter.

Am I doing something wrong?

Thanks
Max

More information about the security-dev mailing list