Design review: JEP 273: DRBG-Based SecureRandom Implementations
Sean Mullan
sean.mullan at oracle.com
Thu Nov 19 17:11:04 UTC 2015
On 11/19/2015 08:41 AM, Wang Weijun wrote:
>
>> On Nov 18, 2015, at 9:32 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>
>> The getInstance methods can now take a SecureRandomParameterSpec object (rather than an AlgorithmParameterSpec). They should throw InvalidAlgorithmParameterException (not IllegalArgumentException) if the parameters are null or not the right type to be consistent with other Spi classes.
>>
>> You will also need to add a protected (or public?) constructor to SecureRandomSpi that takes a SecureRandomParameterSpec parameter. CertStoreSpi is a good example to follow.
>
> Cool. This is what a JCA engine should look like.
>
> So I create a new method like this
>
> public static SecureRandom getInstance(
> String algorithm, SecureRandomParameterSpec spec)
> throws NoSuchAlgorithmException, InvalidParameterSpecException {
> Instance instance = GetInstance.getInstance("SecureRandom",
> SecureRandomSpi.class, algorithm, spec);
> SecureRandomSpi spi = (SecureRandomSpi)instance.impl;
> SecureRandom r = new SecureRandom(spi, instance.provider, algorithm);
> return r;
> }
The above looks ok.
>
> However, I cannot get it working, and I found difficulties understanding the EngineDescription inner class inside Provider.java.
>
> 1. For each engine that can take an extra parameter (not provider) in getInstance(), it is always named XyzParameters, not an AlgorithmParameterSpec.
> 2. For each of these, if you have getInstance(alg, params), there is no getInstance(alg). Obviously, for SecureRandom we need to have both.
Right, this is the first case where we have both variants of getInstance.
> 3. Not sure what EngineDescription.supportsParameter means. Seems only useful for those needing a key.
>
> So, it seems I'll have to write the method like
>
> public static SecureRandom getInstance(
> String algorithm, SecureRandomParameterSpec spec)
> throws NoSuchAlgorithmException, InvalidParameterSpecException {
> Instance instance = GetInstance.getInstance("SecureRandom",
> SecureRandomSpi.class, algorithm);
> SecureRandomSpi spi = (SecureRandomSpi)instance.iml;
> spi.engineConfigure(spec);
> SecureRandom r = new SecureRandom(spi, instance.provider, algorithm);
> return r;
> }
>
> which means although configure() is not in SecureRandom, it still must be in SecureRandomSpi, and there won't be a SecureRandomSpi constructor that takes a SecureRandomParameterSpec parameter.
>
> Am I doing something wrong?
Just looking through the code, it looks like you can change
Provider.Service.newInstance() to call the appropriate constructor
depending on whether the constructorParameter is null or not. Can you
try that?
--Sean
More information about the security-dev
mailing list