Merge pull request #724 from ibmruntimes/openj9

Merge "Revert to Java impl when non-default SecureRandom present
ibmruntimes · Dec 12, 2023 · 58b9f2a · 58b9f2a
2 parents 14ae923 + eb4eb89
commit 58b9f2a
Showing 1 changed file with 46 additions and 0 deletions.
diff --git a/closed/adds/jdk/src/share/classes/sun/security/ec/NativeECKeyPairGenerator.java b/closed/adds/jdk/src/share/classes/sun/security/ec/NativeECKeyPairGenerator.java
@@ -39,6 +39,7 @@
 import java.security.KeyPair;
 import java.security.KeyPairGeneratorSpi;
 import java.security.PrivateKey;
+import java.security.Provider;
 import java.security.ProviderException;
 import java.security.PublicKey;
 import java.security.SecureRandom;
@@ -56,6 +57,7 @@
 
 import sun.security.ec.point.*;
 import sun.security.jca.JCAUtil;
+import sun.security.provider.Sun;
 import sun.security.util.ECUtil;
 
 import static sun.security.ec.ECOperations.IntermediateValueException;
@@ -97,6 +99,28 @@ public NativeECKeyPairGenerator() {
 
  @Override
  public void initialize(int keySize, SecureRandom random) {
+ if (random == null) {
+ if (nativeCryptTrace) {
+ System.err.println("No SecureRandom implementation was provided during"
+ + " initialization. Using OpenSSL.");
+ }
+ } else if ((random.getProvider() instanceof Sun)
+ && ("NativePRNG".equals(random.getAlgorithm()) || "DRBG".equals(random.getAlgorithm()))
+ ) {
+ if (nativeCryptTrace) {
+ System.err.println("Default SecureRandom implementation was provided during"
+ + " initialization. Using OpenSSL.");
+ }
+ } else {
+ if (nativeCryptTrace) {
+ System.err.println("SecureRandom implementation was provided during"
+ + " initialization. Using Java implementation instead of OpenSSL.");
+ }
+ this.javaImplementation = new ECKeyPairGenerator();
+ this.javaImplementation.initialize(keySize, random);
+ return;
+ }
+
  if (keySize < KEY_SIZE_MIN) {
  throw new InvalidParameterException
  ("Key size must be at least " + KEY_SIZE_MIN + " bits");
@@ -125,6 +149,28 @@ public void initialize(int keySize, SecureRandom random) {
  @Override
  public void initialize(AlgorithmParameterSpec params, SecureRandom random)
  throws InvalidAlgorithmParameterException {
+ if (random == null) {
+ if (nativeCryptTrace) {
+ System.err.println("No SecureRandom implementation was provided during"
+ + " initialization. Using OpenSSL.");
+ }
+ } else if ((random.getProvider() instanceof Sun)
+ && ("NativePRNG".equals(random.getAlgorithm()) || "DRBG".equals(random.getAlgorithm()))
+ ) {
+ if (nativeCryptTrace) {
+ System.err.println("Default SecureRandom implementation was provided during"
+ + " initialization. Using OpenSSL.");
+ }
+ } else {
+ if (nativeCryptTrace) {
+ System.err.println("SecureRandom implementation was provided during"
+ + " initialization. Using Java implementation instead of OpenSSL.");
+ }
+ this.javaImplementation = new ECKeyPairGenerator();
+ this.javaImplementation.initialize(params, random);
+ return;
+ }
+
  ECParameterSpec ecSpec = null;
 
  if (params instanceof ECParameterSpec) {