aws · WesleyRosenblum · Oct 23, 2019 · Oct 23, 2019
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except
+ * in compliance with the License. A copy of the License is located at
+ *
+ * http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.amazonaws.encryptionsdk.internal;
+
+import java.security.SecureRandom;
+
+public class RandomBytesGenerator {
+    private static final SecureRandom RND = new SecureRandom();
+
+    /* Some Providers (such as the FIPS certified Bouncy Castle) enforce a
+     * maximum number of bytes that may be requested from SecureRandom. If
+     * the requested len is larger than this value, the Secure Random will
+     * be called multiple times to achieve the requested total length. */
+    private static final int MAX_BYTES = 1 << 15;
+
+    /**
+     * Generates a byte array of random data of the given length.
+     *
+     * @param len The length of the byte array.
+     * @return The byte array.
+     */
+    public static byte[] generate(final int len) {
+        final byte[] result = new byte[len];
+        int bytesGenerated = 0;
+
+        while (bytesGenerated < len) {
+            final int requestSize = Math.min(MAX_BYTES, len - bytesGenerated);
+            final byte[] request = new byte[requestSize];
+            RND.nextBytes(request);
+            System.arraycopy(request, 0, result, bytesGenerated, requestSize);
+            bytesGenerated += requestSize;
+        }
+
+        return result;
+    }
+
+}
@@ -49,7 +49,12 @@ public class StaticMasterKey extends MasterKey<StaticMasterKey> {
     /**
      * Encryption algorithm for the master key-pair
      */
-    private static final String MASTER_KEY_ENCRYPTION_ALGORITHM = "RSA";
+    private static final String MASTER_KEY_ENCRYPTION_ALGORITHM = "RSA/ECB/PKCS1Padding";
+
+    /**
+     * Encryption algorithm for the KeyFactory
+     */
+    private static final String MASTER_KEY_ALGORITHM = "RSA";
 
     /**
      * Encryption algorithm for the randomly generated data key
@@ -95,7 +100,7 @@ public StaticMasterKey(@Nonnull final String keyId) {
         this.keyId_ = Objects.requireNonNull(keyId);
 
         try {
-            KeyFactory keyFactory = KeyFactory.getInstance(MASTER_KEY_ENCRYPTION_ALGORITHM);
+            KeyFactory keyFactory = KeyFactory.getInstance(MASTER_KEY_ALGORITHM);
             KeySpec publicKeySpec = new X509EncodedKeySpec(publicKey_v1);
             PublicKey pubKey = keyFactory.generatePublic(publicKeySpec);
             KeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKey_v1);