diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/AESFastEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/AESFastEngine.java index 11e1bce84c..abb8ba8cb7 100644 --- a/core/src/main/java/org/bouncycastle/crypto/engines/AESFastEngine.java +++ b/core/src/main/java/org/bouncycastle/crypto/engines/AESFastEngine.java @@ -26,9 +26,11 @@ * the contents of the first * * The slowest version uses no static tables at all and computes the values in each round + *

*

- * This file contains the fast version with 8Kbytes of static tables for round precomputation - * + * This file contains the fast version with 8Kbytes of static tables for round precomputation. + *

+ * @deprecated unfortunately this class is has a few side channel issues. In an environment where encryption/decryption may be closely observed it should not be used. */ public class AESFastEngine implements BlockCipher diff --git a/prov/src/main/java/org/bouncycastle/jcajce/provider/drbg/DRBG.java b/prov/src/main/java/org/bouncycastle/jcajce/provider/drbg/DRBG.java index 8fb98ca6c9..41db206872 100644 --- a/prov/src/main/java/org/bouncycastle/jcajce/provider/drbg/DRBG.java +++ b/prov/src/main/java/org/bouncycastle/jcajce/provider/drbg/DRBG.java @@ -1,6 +1,5 @@ package org.bouncycastle.jcajce.provider.drbg; -import java.lang.reflect.Constructor; import java.security.SecureRandom; import java.security.SecureRandomSpi; @@ -22,22 +21,19 @@ public static class Default extends SecureRandomSpi { private SecureRandom random = new SP800SecureRandomBuilder(secureRandom, true) - .setPersonalizationString(generateDefaultPersonalizationString()) + .setPersonalizationString(generateDefaultPersonalizationString(secureRandom)) .buildHash(new SHA512Digest(), secureRandom.generateSeed(32), true); - @Override protected void engineSetSeed(byte[] bytes) { random.setSeed(bytes); } - @Override protected void engineNextBytes(byte[] bytes) { random.nextBytes(bytes); } - @Override protected byte[] engineGenerateSeed(int numBytes) { return secureRandom.generateSeed(numBytes); @@ -48,22 +44,19 @@ public static class NonceAndIV extends SecureRandomSpi { private SecureRandom random = new SP800SecureRandomBuilder(secureRandom, true) - .setPersonalizationString(generateNonceIVPersonalizationString()) + .setPersonalizationString(generateNonceIVPersonalizationString(secureRandom)) .buildHash(new SHA512Digest(), secureRandom.generateSeed(32), false); - @Override protected void engineSetSeed(byte[] bytes) { random.setSeed(bytes); } - @Override protected void engineNextBytes(byte[] bytes) { random.nextBytes(bytes); } - @Override protected byte[] engineGenerateSeed(int numBytes) { return secureRandom.generateSeed(numBytes); @@ -84,78 +77,15 @@ public void configure(ConfigurableProvider provider) } } - private static byte[] generateDefaultPersonalizationString() + private static byte[] generateDefaultPersonalizationString(SecureRandom random) { - return Arrays.concatenate(Strings.toByteArray("Default"), Strings.toUTF8ByteArray(getVIMID()), + return Arrays.concatenate(Strings.toByteArray("Default"), random.generateSeed(16), Pack.longToBigEndian(Thread.currentThread().getId()), Pack.longToBigEndian(System.currentTimeMillis())); } - private static byte[] generateNonceIVPersonalizationString() + private static byte[] generateNonceIVPersonalizationString(SecureRandom random) { - return Arrays.concatenate(Strings.toByteArray("Default"), Strings.toUTF8ByteArray(getVIMID()), + return Arrays.concatenate(Strings.toByteArray("Nonce"), random.generateSeed(16), Pack.longToLittleEndian(Thread.currentThread().getId()), Pack.longToLittleEndian(System.currentTimeMillis())); } - - private static final Constructor vimIDConstructor; - - static - { - Class vimIDClass = lookup("java.rmi.dgc.VMID"); - if (vimIDClass != null) - { - vimIDConstructor = findConstructor(vimIDClass); - } - else - { - vimIDConstructor = null; - } - } - - private static Class lookup(String className) - { - try - { - Class def = DRBG.class.getClassLoader().loadClass(className); - - return def; - } - catch (Exception e) - { - return null; - } - } - - private static Constructor findConstructor(Class clazz) - { - try - { - return clazz.getConstructor(); - } - catch (Exception e) - { - return null; - } - } - - static String getVIMID() - { - if (vimIDConstructor != null) - { - Object vimID = null; - try - { - vimID = vimIDConstructor.newInstance(); - } - catch (Exception i) - { - // might happen, fall through if it does - } - if (vimID != null) - { - return vimID.toString(); - } - } - - return "No VIM ID"; // TODO: maybe there is a system property we can use here. - } } diff --git a/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java index 4b0b7f983c..2bdde9939b 100644 --- a/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java +++ b/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java @@ -184,7 +184,7 @@ public int doFinal(byte[] out, int outOff) } catch (InvalidCipherTextException e) { - throw new IllegalStateException("exception on doFinal()", e); + throw new IllegalStateException("exception on doFinal(): " + e.toString()); } }