-
Notifications
You must be signed in to change notification settings - Fork 20
Expand file tree
/
Copy pathWolfCryptRandom.java
More file actions
185 lines (151 loc) · 5.24 KB
/
WolfCryptRandom.java
File metadata and controls
185 lines (151 loc) · 5.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
/* WolfCryptRandom.java
*
* Copyright (C) 2006-2026 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
package com.wolfssl.provider.jce;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.IOException;
import java.security.SecureRandomSpi;
import com.wolfssl.wolfcrypt.Rng;
/**
* wolfCrypt JCE RNG/SecureRandom wrapper
*/
public final class WolfCryptRandom extends SecureRandomSpi {
private static final long serialVersionUID = 1L;
/** Internal reference to wolfCrypt JNI RNG object.
* Marked as transient since this is not serializable. When class
* is reloaded, this object will be initialized back to null. */
private transient Rng rng = null;
/**
* Create new WolfCryptRandom object
*/
public WolfCryptRandom() {
checkRngInitialized();
log("initialized new object");
}
@Override
protected synchronized byte[] engineGenerateSeed(int numBytes)
throws IllegalArgumentException {
if (numBytes == 0) {
return new byte[0];
}
if (numBytes < 0) {
throw new IllegalArgumentException("numBytes must be non-negative");
}
if (numBytes > Rng.RNG_MAX_BLOCK_LEN) {
throw new IllegalArgumentException(
"numBytes too large. wolfCrypt max is " +
Rng.RNG_MAX_BLOCK_LEN);
}
checkRngInitialized();
return rng.generateBlock(numBytes);
}
@Override
protected synchronized void engineNextBytes(byte[] bytes) {
if (bytes == null) {
throw new NullPointerException("Input byte[] should not be null");
}
checkRngInitialized();
rng.generateBlock(bytes);
}
@Override
protected synchronized void engineSetSeed(byte[] seed) {
if (seed == null) {
throw new NullPointerException("Input seed[] should not be null");
}
/* wolfCrypt reseeds internally automatically */
log("setSeed() not supported by wolfJCE");
}
/**
* Initialize the RNG if needed (null). This handles cases where the object
* was created through deserialization, reflection, etc. and the
* constructor was not called.
*/
private void checkRngInitialized() {
if (this.rng == null) {
this.rng = new Rng();
this.rng.init();
}
}
private void log(String msg) {
WolfCryptDebug.log(getClass(), WolfCryptDebug.INFO, () -> msg);
}
@SuppressWarnings({"deprecation", "removal"})
@Override
protected synchronized void finalize() throws Throwable {
try {
if (this.rng != null) {
this.rng.free();
this.rng.releaseNativeStruct();
}
} finally {
super.finalize();
}
}
/**
* Called when object is being serialized.
*
* Since Rng class variable is transient, we want to free that memory
* before serializaing.
*
* @param out output stream written to during serialization of this object
*
* @throws IOException on error writing to ObjectOutputStream
*/
private synchronized void writeObject(ObjectOutputStream out)
throws IOException {
if (this.rng != null) {
this.rng.free();
this.rng.releaseNativeStruct();
this.rng = null;
}
out.defaultWriteObject();
}
/**
* Called when object is being deserialized.
*
* When loading back in, we want to instantiate the Rng class variable
* again.
*
* @param in input stream read during deserialization of this object
* @throws IOException on error reading from ObjectInputStream
* @throws ClassNotFoundException if object class not found
*/
private void readObject(ObjectInputStream in)
throws IOException, ClassNotFoundException {
in.defaultReadObject();
checkRngInitialized();
}
@Override
public String toString() {
/* Native wolfCrypt DRBG details:
* Hash_DRBG = DRBG implementation
* SHA-256 = hash function used in Hash_DRBG implementation
* 128 = security strength in bits
* reseed_only = NIST implementation default, prediction resistance
* not enabled for every generate call, only when explicitly
* reseeded.
*
* This output format matches other JCE providers, some callers
* may expect this format.
*/
return "Hash_DRBG,SHA-256,128,reseed_only";
}
}