RFR 8051408: JEP 273: DRBG-Based SecureRandom Implementations
Wang Weijun
weijun.wang at oracle.com
Tue Apr 5 13:35:47 UTC 2016
Thanks for the review. All comments accepted.
--Max
> On Apr 5, 2016, at 9:13 PM, Seán Coffey <sean.coffey at oracle.com> wrote:
>
> A few comments from supportability side of the table.
>
> =============
> sun/security/provider/AbstractDrbg.java
>
>> + if (dp.getStrength() > strength) {
>> + throw new IllegalArgumentException("strength too high");
>> + }
>> + if (result.length > maxNbLength) {
>> + throw new IllegalArgumentException("result too long");
>> + }
> Please print these bad strengths / results in the exception.
>
> Similar corrections are needed in the engineConfigure method :
>
>> 608 if (config.getStrength() > highestSecurity) {
>> 609 throw new IllegalArgumentException("strength too big");
>> 610 }
>> 611 if (config.getPersonalizationString() != null && config.getPersonalizationString().length > maxPsLength) {
>> 612 throw new IllegalArgumentException("ps too long");
>> 613 }
>
>> throw new IllegalArgumentException("unknown params type");
> can you print the type of params that was passed in ? (X 2 calls)
>
>
>> + if (dp.getAdditionalInput() != null && dp.getAdditionalInput().length > maxAiLength) {
>> + throw new IllegalArgumentException("ai too long");
> Please print ai value.
>
>
>> + // This SEI does not support pr
>> + throw new IllegalArgumentException();
> Cou you put your comment in the body of the IllegalArgumentException ?
>
> =============
> sun/security/provider/CtrDrbg.java
>
> + try {
> + aesLimit = Cipher.getMaxAllowedKeyLength("AES");
> + } catch (Exception e) {
> + // should not happen
> + throw new AssertionError("Cannot detect AES");
> + }
>
> Just to be safe, can you add e as Throwable variable for AssertionError ?
>
>
>> + if (input.length != seedLen) {
>> + // Should not happen
>> + throw new IllegalArgumentException("input must be of seedlen bytes");
>
> can you print the lengths expected ?
> =============
> sun/security/provider/DRBG.java
>
>> + if (strength < 0) {
>> + throw new IllegalArgumentException(
>> + "strength in drbg cannot be negative");
>> + }
> Let's print the value of the 'part' string in this exception.
>
> + } else {
> + throw new IllegalArgumentException("Unsupported params");
> + }
>
> can you print the type of params that were passed in ?
>
> + default:
> + throw new IllegalArgumentException("Unsupported mech");
> + }
>
> can yuo print the mech value encoutered ?
> =============
> sun/security/provider/HashDrbg.java
>
>> + } catch (DigestException e) {
>> + throw new AssertionError("will not happen");
>> + }
>
> Famous last words ;)
> Can you add e as Throwable cause to AssertionError ? (happens in two areas)
>
> Regards,
> Sean.
>
> On 05/04/2016 03:34, Wang Weijun wrote:
>> Updated webrev again at
>>
>> http://cr.openjdk.java.net/~weijun/8051408/webrev.09/
>> http://cr.openjdk.java.net/~weijun/8051408/webrev.09/spec
>> http://cr.openjdk.java.net/~weijun/8051408/webrev.09/specdiff
>>
>> The only change is that SecureRandomInstantiateParameters, SecureRandomNextBytesParameters and SecureRandomReseedParameters are removed and only a single SecureRandomParameters is added. There seems no reason to introduce 3 marker interfaces.
>>
>> Thanks
>> Max
More information about the security-dev
mailing list