[CRYPTO-169] Add protection for the ExceptionInInitializerError scenario to the CryptoRandomFactory#getCryptoRandom(Properties) method
#258
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
LuciferYang
force-pushed
the
CRYPTO-169
branch
from
8543907 to
8d82c96
Compare
LuciferYang
force-pushed
the
CRYPTO-169
branch
from
8d82c96 to
e0fd653
Compare
Codecov Report
@@ Coverage Diff @@
## master #258 +/- ##
============================================
- Coverage 74.69% 74.66% -0.03%
Complexity 441 441
============================================
Files 38 38
Lines 1810 1816 +6
Branches 176 177 +1
============================================
+ Hits 1352 1356 +4
- Misses 348 349 +1
- Partials 110 111 +1
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
LuciferYang
force-pushed
the
CRYPTO-169
branch
from
9fb8fd2 to
5a38163
Compare
LuciferYang
commented
Oct 22, 2023
| @@ -141,4 +141,14 @@ public void testNull() { | |||
| assertThrows(NullPointerException.class, () -> CryptoRandomFactory.getCryptoRandom(null)); | |||
| } | |||
|
|
|||
| @Test | |||
| public void testExceptionInInitializerErrorRandom() throws GeneralSecurityException, IOException { | |||
There was a problem hiding this comment.
If there are no chagnes to CryptoRandomFactory.java, the new test case will fail:
java.lang.ExceptionInInitializerError
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Class.java:534)
at java.base/java.lang.Class.forName(Class.java:513)
at org.apache.commons.crypto.utils.ReflectionUtils.getClassByNameOrNull(ReflectionUtils.java:93)
at org.apache.commons.crypto.utils.ReflectionUtils.getClassByName(ReflectionUtils.java:64)
at org.apache.commons.crypto.random.CryptoRandomFactory.getCryptoRandom(CryptoRandomFactory.java:189)
at org.apache.commons.crypto.random.CryptoRandomFactoryTest.testExceptionInInitializerErrorRandom(CryptoRandomFactoryTest.java:150)
at java.base/java.lang.reflect.Method.invoke(Method.java:580)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
Caused by: java.lang.IllegalStateException: java.security.GeneralSecurityException: ExceptionInInitializerErrorRandom init failed
at org.apache.commons.crypto.random.ExceptionInInitializerErrorRandom.<clinit>(ExceptionInInitializerErrorRandom.java:28)
... 10 more
Caused by: java.security.GeneralSecurityException: ExceptionInInitializerErrorRandom init failed
at org.apache.commons.crypto.random.ExceptionInInitializerErrorRandom.check(ExceptionInInitializerErrorRandom.java:33)
at org.apache.commons.crypto.random.ExceptionInInitializerErrorRandom.<clinit>(ExceptionInInitializerErrorRandom.java:26)
... 10 more
LuciferYang
commented
Oct 22, 2023
| import java.io.IOException; | ||
| import java.security.GeneralSecurityException; | ||
|
|
||
| public class ExceptionInInitializerErrorRandom implements CryptoRandom { |
There was a problem hiding this comment.
This class is used to simulate scenarios where OpenSslCryptoRandom fails in the static code block checkNative() or !OpenSslCryptoRandomNative.nextRandBytes(new byte[1]) is false.
|
JIRA ticket: https://issues.apache.org/jira/browse/CRYPTO-169 |
|
Thanks @garydgregory ~ |
garydgregory
added a commit
that referenced
this pull request
Oct 22, 2023
…rio to the CryptoRandomFactory#getCryptoRandom(Properties) method #258
YW! 😄 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In version 1.2.0 of
commons-crypto, the static initialization code block ofo.a.c.crypto.random.OpenSslCryptoRandommay throw aGeneralSecurityExceptionwrapped byIllegalStateException, which ultimately gets wrapped intoj.l.ExceptionInInitializerErrorby Java's own mechanism.This results in behavior differences when running the statement
on platforms that do not support
OpenSslCryptoRandomcompared to when usingcommons-crypto1.1.0 (e.g. Apple Silicon)commons-crypto1.1.0After
OpenSslCryptoRandominitialization fails, it tries to initializeJavaCryptoRandom, andJavaCryptoRandomcan be successfully initialized and return results.commons-crypto1.2.0After
OpenSslCryptoRandominitialization fails, it throws anExceptionInInitializerError. Since theCryptoRandomFactory#getCryptoRandommethod does not catchExceptionInInitializerErrorand perform fault tolerance,ExceptionInInitializerErrorcontinues to be thrown upward, losing the opportunity to try to initializeJavaCryptoRandom.Therefore, this PR adds the catch and fault tolerance for
ExceptionInInitializerErrorin theCryptoRandomFactory#getCryptoRandommethod to keep it behaving similarly tocommons-crypto1.1.0.